Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
maurosoria
GitHub Repository: maurosoria/dirsearch
 Path: blob/master/lib/core/settings.py
896 views
1
# -*- coding: utf-8 -*-

2
#  This program is free software; you can redistribute it and/or modify

3
#  it under the terms of the GNU General Public License as published by

4
#  the Free Software Foundation; either version 2 of the License, or

5
#  (at your option) any later version.

6
#

7
#  This program is distributed in the hope that it will be useful,

8
#  but WITHOUT ANY WARRANTY; without even the implied warranty of

9
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

10
#  GNU General Public License for more details.

11
#

12
#  You should have received a copy of the GNU General Public License

13
#  along with this program; if not, write to the Free Software

14
#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

15
#  MA 02110-1301, USA.

16
#

17
#  Author: Mauro Soria

18


19
import os

20
import sys

21
import string

22
import time

23


24
from lib.utils.file import FileUtils

25


26
# Version format: <major version>.<minor version>.<revision>[.<month>]

27
VERSION = "0.4.3"

28


29
BANNER = f"""

30
  _|. _ _  _  _  _ _|_    v{VERSION}

31
 (_||| _) (/_(_|| (_| )

32
"""

33


34
COMMAND = " ".join(sys.argv)

35


36
START_TIME = time.strftime("%Y-%m-%d %H:%M:%S")

37


38
SCRIPT_PATH = FileUtils.parent(__file__, 3)

39


40
IS_WINDOWS = sys.platform in ("win32", "msys")

41


42
WORDLIST_CATEGORY_DIR = FileUtils.build_path(SCRIPT_PATH, "db", "categories")

43
WORDLIST_CATEGORIES = {

44
    "extensions": "extensions.txt",

45
    "conf": "conf.txt",

46
    "vcs": "vcs.txt",

47
    "backups": "backups.txt",

48
    "db": "db.txt",

49
    "logs": "logs.txt",

50
    "keys": "keys.txt",

51
    "web": "web.txt",

52
    "common": "common.txt",

53


54
    # PHP

55
    "php/laravel": "php/laravel.txt",

56
    "php/wordpress": "php/wordpress.txt",

57
    "php/codeigniter": "php/codeigniter.txt",

58
    "php/symfony": "php/symfony.txt",

59
    "php/yii": "php/yii.txt",

60
    "php/cakephp": "php/cakephp.txt",

61
    "php/joomla": "php/joomla.txt",

62
    "php/drupal": "php/drupal.txt",

63
    "php/magento": "php/magento.txt",

64


65
    # .NET

66
    "dotnet/aspx": "dotnet/aspx.txt",

67
    "dotnet/mvc": "dotnet/mvc.txt",

68
    "dotnet/core": "dotnet/core.txt",

69


70
    # ColdFusion

71
    "coldfusion": "coldfusion/coldfusion.txt",

72


73
    # Java

74
    "java/jsp": "java/jsp.txt",

75
    "java/jsf": "java/jsf.txt",

76
    "java/spring": "java/spring.txt",

77


78
    # Python

79
    "python/django": "python/django.txt",

80
    "python/flask": "python/flask.txt",

81
    "python/fastapi": "python/fastapi.txt",

82


83
    # Node

84
    "node/express": "node/express.txt",

85


86
    # Infra

87
    "infra/docker": "infra/docker.txt",

88
    "infra/k8s": "infra/k8s.txt",

89
    "infra/aws": "infra/aws.txt",

90
}

91


92
DEFAULT_ENCODING = "utf-8"

93


94
NEW_LINE = os.linesep

95


96
INVALID_CHARS_FOR_WINDOWS_FILENAME = ('"', "*", "<", ">", "?", "\\", "|", "/", ":")

97


98
INVALID_FILENAME_CHAR_REPLACEMENT = "_"

99


100
FILE_BASED_OUTPUT_FORMATS = ("simple", "plain", "json", "xml", "md", "csv", "html", "sqlite")

101


102
COMMON_EXTENSIONS = ("php", "jsp", "asp", "aspx", "do", "action", "cgi", "html", "htm", "js", "tar.gz")

103


104
MEDIA_EXTENSIONS = ("webm", "mkv", "avi", "ts", "mov", "qt", "amv", "mp4", "m4p", "m4v", "mp3", "swf", "mpg", "mpeg", "jpg", "jpeg", "pjpeg", "png", "woff", "svg", "webp", "bmp", "pdf", "wav", "vtt")

105


106
EXCLUDE_OVERWRITE_EXTENSIONS = MEDIA_EXTENSIONS + ("axd", "cache", "coffee", "conf", "config", "css", "dll", "lock", "log", "key", "pub", "properties", "ini", "jar", "js", "json", "toml", "txt", "xml", "yaml", "yml")

107


108
CRAWL_ATTRIBUTES = ("action", "cite", "data", "formaction", "href", "longdesc", "poster", "src", "srcset", "xmlns")

109


110
CRAWL_TAGS = ("a", "area", "base", "blockquote", "button", "embed", "form", "frame", "frameset", "html", "iframe", "input", "ins", "noframes", "object", "q", "script", "source")

111


112
AUTHENTICATION_TYPES = ("basic", "digest", "bearer", "ntlm", "jwt")

113


114
PROXY_SCHEMES = ("http://", "https://", "socks5://", "socks5h://", "socks4://", "socks4a://")

115


116
STANDARD_PORTS = {"http": 80, "https": 443}

117


118
DEFAULT_TEST_PREFIXES = (".", ".ht")

119


120
DEFAULT_TEST_SUFFIXES = ("/", "~")

121


122
DEFAULT_TOR_PROXIES = ("socks5://127.0.0.1:9050", "socks5://127.0.0.1:9150")

123


124
DEFAULT_HEADERS = {

125
    "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",

126
    "accept": "*/*",

127
    "accept-encoding": "*",

128
    "keep-alive": "timeout=15, max=1000",

129
    "cache-control": "max-age=0",

130
}

131


132
def _get_default_session_dir() -> str:

133
    if getattr(sys, "frozen", False) or hasattr(sys, "_MEIPASS"):

134
        home_dir = os.path.expanduser("~")

135
        return FileUtils.build_path(home_dir, ".dirsearch", "sessions")

136
    return FileUtils.build_path(SCRIPT_PATH, "sessions")

137


138


139
DEFAULT_SESSION_DIR = _get_default_session_dir()

140
DEFAULT_SESSION_FILE = FileUtils.build_path(

141
    DEFAULT_SESSION_DIR,

142
    "{date}",

143
    "session_{datetime}",

144
)

145


146
REFLECTED_PATH_MARKER = "__REFLECTED_PATH__"

147


148
WILDCARD_TEST_POINT_MARKER = "__WILDCARD_POINT__"

149


150
EXTENSION_TAG = "%ext%"

151


152
EXTENSION_RECOGNITION_REGEX = r"\w+([.][a-zA-Z0-9]{2,5}){1,3}~?$"

153


154
QUERY_STRING_REGEX = r"^(\&?([^=& ]+)\=([^=& ]+)?){1,200}$"

155


156
READ_RESPONSE_ERROR_REGEX = r"(ChunkedEncodingError|StreamConsumedError|UnrewindableBodyError)"

157


158
URI_REGEX = r"^[a-z]{2,}:"

159


160
ROBOTS_TXT_REGEX = r"(?:Allow|Disallow): /(.*)"

161


162
UNKNOWN = "unknown"

163


164
TMP_PATH = "/tmp/dirsearch"

165


166
DUMMY_DOMAIN = "example.com"

167


168
DUMMY_URL = "https://example.com/"

169


170
DUMMY_WORD = "dummyasdf"

171


172
DB_CONNECTION_TIMEOUT = 45

173


174
SOCKET_TIMEOUT = 6

175


176
RATE_UPDATE_DELAY = 0.15

177


178
ITER_CHUNK_SIZE = 1024 * 1024

179


180
MAX_RESPONSE_SIZE = 80 * 1024 * 1024

181


182
TEST_PATH_LENGTH = 6

183


184
MAX_CONSECUTIVE_REQUEST_ERRORS = 75

185


186
# Signal handling settings for PyInstaller Linux builds

187
# Time window (seconds) for detecting rapid consecutive Ctrl+C presses

188
SIGINT_WINDOW_SECONDS = 0.8

189
# Number of rapid Ctrl+C presses required to force quit

190
SIGINT_FORCE_QUIT_THRESHOLD = 3

191


192
URL_SAFE_CHARS = string.punctuation

193


194
TEXT_CHARS = bytearray({7, 8, 9, 10, 12, 13, 27} | set(range(0x20, 0x100)) - {0x7F})

195


196