About

This is the documentation for open source Scanner and Patcher Project.
Open Source Scanner and Patcher is a software which comes with a set of web vulnerability scanners and it provides patches for it. In this we are using powerful and specialized open source tools which enable us to carefully and thoroughly scan the given web application for a wide array of vulnerabilities. We have designed a solution where once a target web application has been entered in the program, the entire process can easily run without any need to monitor it. As for our patcher we have developed specific patches to patch vulnerabilities

Scanner

A web application scanner explores a web application by crawling through its web pages and examines it for security vulnerabilities, which involves generation of malicious inputs and evaluation of application's responses. The scanners are automated tools that scan web applications to look for security vulnerabilities. They test web applications for common security problems such as cross-site scripting (XSS), SQL injection, and cross-site request forgery (CSRF).
This scanner uses different tools like nmap, dnswalk, dnsrecon, dnsenum, dnsmap etc in order to scan ports, sites, hosts and network to find vulnerabilities like OpenSSL CCS Injection, Slowloris, Denial of Service, etc.

Patcher

A patch is a software update comprised code inserted (or patched) into the code of an executable program. Typically, a patch is installed into an existing software program. Patches are often temporary fixes between full releases of a software package.
Patches may do any of the following:

  1. Fix a software bug.
  2. Install new drivers.
  3. Address new security vulnerabilities.
  4. Address software stability issues.
  5. Upgrade the software.

Getting Started

Full Scanner

1. Working
2. How to use?
3. How to install?
4. List of Vulnerabilities it can scan.
5. List of tools use here.
6. Local File Inclusion(LFI).

Working

Phase-1

• User has to write:- "python3 web_scan.py (https or http) ://example.com".
• At first the program will note the initial time of running, then it will make a url with "www.example.com".
• After this step the system will check the internet connection using ping.
• Functionalities:-

-> § To navigate to helper menu write this command:- --help for update --update
-> § If user want to skip current scan/test:- CTRL+C
-> § To quit the scanner use:- CTRL+Z
-> § The program will tell the scanning time taken by the tool for a specific test.

Phase-2

• From here the main function of scanner will start:
The scanner will automatically select any tool to start scanning.
• Scanners that will be used and filename rotation (default: enabled (1))
• Command that is used to initiate the tool (with parameters and extra params) already given in code
• After founding vulnerability in web application scanner will classify vulnerability in specific format:-

-> § [Responses + Severity (c - critical | h - high | m - medium | l - low | i - informational) + Reference for Vulnerability Definition and Remediation]
-> § Here c or critical defines most vulnerability wheres l or low is for least vulnerable system

• Vulnerabilities
After this scanner will show results which includes:

-> § Response time
-> § Total time for scanning
-> § Class of vulnerability

• Remediation: Now, Scanner will tell about harmful effects of that specific type of vulnerability. Scanners tell about sources to know more about the vulnerabilities. (websites). After this step, the scanner suggests some remedies to overcome the vulnerabilities.

Phase-3

• Scanner will generate a proper report including:

-> § Total number of vulnerabilities scanned
-> § Total number of vulnerabilities skipped
-> § Total number of vulnerabilities detected
-> § Time taken for total scan
-> § Details about each and every vulnerability.

• Writing all scan files output into SA-Debug-ScanLog for debugging purposes under the same directory

• For Debugging Purposes, You can view the complete output generated by all the tools named SA-Debug-ScanLog.

How to use?

Use program as python3 web_scan.py (https or http)://example.com :-
--help
--update

How to install?

git clone https://github.com/Malwareman007/Open_Source_Web-Vulnerability-Scanner-and-Patcher.git

cd Open_Source_Web-Vulnerability-Scanner-and-Patcher/setup

python3 -m pip install --no-cache-dir -r requirements.txt

List of vulnerabilities it can scan.

1.	IPv6	12.	STUXNET	23.	Interesting Files
2.	POODLE	13.	Stress Tests	24.	Injectable Paths
3.	Firewall	14.	WebDAV	25.	Subdomains
4.	LOGJAM	15.	LFI, RFI or RCE.	26.	MS-SQL DB Service
5.	HEARTBLEED	16.	XSS, SQLi, BSQL	27.	ORACLE DB Service
6.	Wordpress, SiteMap/Robot.txt	17.	XSS Header not present	28.	RDP Server over UDP and TCP
7.	OpenSSL CCS Injection	18.	Shellshock Bug	29.	MySQL DB Service
8.	FREAK	19.	Leaks Internal IP	30.	SNMP Service
9.	Slowloris, Denial of Service	20.	HTTP PUT DEL Methods	31.	SMB Ports over TCP and UDP
10.	STUXNET	21.	Outdated	32.	IIS WebDAV
11.	Telnet Service	22.	CGI Directories	33.	X-XSS Protection

List of tools used here.

1.	Whatweb	9.	Davtest	17.	nikto
2.	Nmap	10.	Theharvester	18.	Whois
3.	Golismero	11.	Xsser	19.	Ibd
4.	Host	12.	Fierce	20.	Wapiti
5.	Wget	13.	Dnswalk	21.	Dnsmap
6.	Uniscan	14.	Dnsrecon	22.	Devtest
7.	Wafw00f	15.	dnsenum	23.	sslyze
8.	Drib	16.	Dmitry

"We have also worked on making separate programs which the user can utilize to scan for specific vulnerabilities but to make a complete scan for the list of vulnerabilities please utilize the full scanner."

Local File Inclusion(LFI).

Definition:

Local File Inclusion (LFI) allows an attacker to include files on a server through the web browser. This vulnerability exists when a web application includes a file without correctly sanitising the input, allowing an attacker to manipulate the input and inject path traversal characters and include other files from the web server. An LFI attack may lead to information disclosure, remote code execution, or even Cross-site Scripting (XSS). Typically, LFI occurs when an application uses the path to a file as input. If the application treats this input as trusted, a local file may be used in the include statement.

Local File Inclusion Scanner and Exploiter

Features

1. Scanner
2. Exploiter

Exploiter Attack Vectors:

1. /proc/self/environ
2. /var/log/auth.log
3. Apache Log Poisoning
4. php://input
5. Php Sessions and Cookies
6. Data Wrapper
7. SMTP Poisoning
8. All attacks in one

Installation

git clone https://github.com/Open_Source_Web-Vulnerability-Scanner-and-Patcher/

cd Lfi Scanner

pip3 install pyfiglet

pip3 install SimpleTelnetMail

Usage

python3 Lfi.py

Scanner & Patcher