Fix directory redirection (Issue #6)

Handle the verification of (is_directory_redirection) in the must_attack function

wapitiCore/attack/attack.py

@@ -318,6 +318,9 @@ async def must_attack(
             request: Request,  # pylint: disable=unused-argument
             response: Optional[Response] = None,  # pylint: disable=unused-argument
     ):
+        if response.is_directory_redirection:
+            return False
+
         return not self.finished
 
     @property

wapitiCore/attack/mod_backup.py

@@ -73,6 +73,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         page = request.path
         headers = response.headers
 
+        if response.is_directory_redirection:
+            return False
+
         if page in self.attacked_get:
             return False
 

wapitiCore/attack/mod_brute_login_form.py

@@ -118,6 +118,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if "Letm3in_" not in request.encoded_data + request.encoded_params:
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         # We may want to remove this but if not available fallback to target URL
         if not request.referer:
             return False

wapitiCore/attack/mod_cookieflags.py

@@ -44,6 +44,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if self.finished:
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         if request.method == "POST":
             return False
 

wapitiCore/attack/mod_csp.py

@@ -39,6 +39,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if self.finished:
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         if request.method == "POST":
             return False
 

wapitiCore/attack/mod_csrf.py

@@ -173,6 +173,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if request.method != "POST":
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         # JSON requests can only be sent using JS with same-origin policy in place
         # so, it is unlikely that a CSRF is possible. Let's filter those requests to prevent false positives
         if request.is_json:

wapitiCore/attack/mod_htaccess.py

@@ -45,6 +45,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if request.path in self.attacked_get:
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         return response.status in (401, 402, 403, 407)
 
     async def attack(self, request: Request, response: Optional[Response] = None):

wapitiCore/attack/mod_http_headers.py

@@ -106,6 +106,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if request.method == "POST":
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         if request.is_root and not request.parameters_count:
             return True
 

wapitiCore/attack/mod_https_redirect.py

@@ -38,6 +38,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if self.finished:
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         url = urlparse(request.url)
         if not test_port(url.hostname, url.port or 80, self.crawler_configuration.timeout):
             log_orange(f"Port {url.port or 80} appears to be closed on {url.hostname}")

wapitiCore/attack/mod_methods.py

@@ -83,6 +83,9 @@ async def query_method(self, path: str, method: str) -> Response:
         return await self.crawler.async_send(request)
 
     async def must_attack(self, request: Request, response: Optional[Response] = None):
+
+        if response.is_directory_redirection:
+            return False
         return request.path not in self.excluded_path
 
     async def attack(self, request: Request, response: Optional[Response] = None):

wapitiCore/attack/mod_network_device.py

@@ -18,6 +18,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if self.finished:
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         if request.method == "POST":
             return False
 

wapitiCore/attack/mod_nikto.py

@@ -106,6 +106,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if self.finished:
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         return request.url == await self.persister.get_root_url()
 
     async def is_false_positive(self, evil_request: Request, expected_status_codes: List[int]) -> bool:

wapitiCore/attack/mod_permanentxss.py

@@ -65,6 +65,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
             # Same goes for redirections
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         return True
 
     async def attack(self, request: Request, response: Optional[Response] = None):

wapitiCore/attack/mod_shellshock.py

@@ -58,6 +58,9 @@ def __init__(self, crawler, persister, attack_options, stop_event, crawler_confi
         }
 
     async def must_attack(self, request: Request, response: Optional[Response] = None):
+        if response.is_directory_redirection:
+            return False
+
         # We attempt to attach each script once whatever the method
         return request.path not in self.attacked_get
 

wapitiCore/attack/mod_ssl.py

@@ -354,6 +354,9 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         if request.scheme != "https":
             return False
 
+        if response.is_directory_redirection:
+            return False
+
         if request.hostname in self.tested_targets:
             return False
 

wapitiCore/attack/mod_takeover.py

@@ -207,6 +207,8 @@ async def must_attack(self, request: Request, response: Optional[Response] = Non
         except (TldDomainNotFound, TldBadUrl):
             # If the hostname part is an IP or is invalid we can't do subdomain enumeration obviously
             return False
+        if response.is_directory_redirection:
+            return False
 
         if root_domain in self.processed_domains:
             return False

wapitiCore/attack/mod_upload.py

@@ -114,6 +114,9 @@ def is_excluded(self, url: str):
         return False
 
     async def must_attack(self, request: Request, response: Optional[Response] = None):
+        if response.is_directory_redirection:
+            return False
+
         return request.is_multipart
 
     async def attack(self, request: Request, response: Optional[Response] = None):

wapitiCore/net/explorer.py

@@ -338,8 +338,6 @@ async def _async_analyze(self, request) -> Tuple[bool, List, Optional[Response]]
             await asyncio.sleep(0)
             resources = self.extract_links(response, request)
             # TODO: there's more situations where we would not want to attack the resource... must check this
-            if response.is_directory_redirection:
-                return False, resources, response
 
             return True, resources, response