debian/0000755000000000000000000000000012010612272007157 5ustar debian/control0000644000000000000000000000426711776647417010626 0ustar Source: w3af Section: net Priority: extra Maintainer: Luciano Bello Build-Depends: debhelper (>= 9), python-support Standards-Version: 3.9.3 Homepage: http://w3af.sourceforge.net/ XS-Python-Version: all Package: w3af Architecture: all XB-Python-Version: ${python:Versions} Depends: ${python:Depends}, ${misc:Depends}, w3af-console (>= ${binary:Version}), python-gtk2 (>= 2.12), graphviz, python-gtksourceview2 Description: framework to find and exploit web application vulnerabilities w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities. . This package provides a graphical user interface (GUI) for the framework. If you want a command-line application only, install w3af-console. . The framework has been called the "metasploit for the web", but it's actually much more than that, because it also discovers the web application vulnerabilities using black-box scanning techniques! . The w3af core and it's plugins are fully written in Python. The project has more than 130 plugins, which identify and exploit SQL injection, cross site scripting (XSS), remote file inclusion and more. Package: w3af-console Architecture: all XB-Python-Version: ${python:Versions} Depends: ${python:Depends}, ${misc:Depends}, python-simplejson, python-beautifulsoup, python-soappy, python-pypdf, python-openssl, python-pysqlite2, python-svn, python-chardet Conflicts: python-json Description: framework to find and exploit web application vulnerabilities (CLI only) w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities. . This package provides a command line interface (CLI) only. The graphical user interface (GUI) is provided by the package w3af. . The framework has been called the "metasploit for the web", but it's actually much more than that, because it also discovers the web application vulnerabilities using black-box scanning techniques! . The w3af core and it's plugins are fully written in Python. The project has more than 130 plugins, which identify and exploit SQL injection, cross site scripting (XSS), remote file inclusion and more. debian/w3af-console.manpages0000644000000000000000000000004611174204351013201 0ustar manpage/w3af.1 manpage/w3af_console.1 debian/copyright0000644000000000000000000001111711776647417011146 0ustar This package was debianized by Luciano Bello on Fri, 09 May 2008 18:57:10 -0300. It was downloaded from http://w3af.sourceforge.net/ Upstream Authors: Andres Riancho and team Copyright: Copyright © 2008 Andres Riancho License: This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License. This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this package; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA On Debian systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-2'. The Debian packaging is Copyright (C) 2008, Luciano Bello and is licensed under the GPL, see above. The following exceptions have a different copyright/license. They was modificated by Andres Riancho under the tems of each license conditions: sqlmap ------ Files: plugins/attack/db/* Copyright: © 2008 Daniele Bellucci © 2008 Bernardo Damele HomePage: http://sqlmap.sourceforge.net/ License: GPL-2 On Debian systems, the complete text of the GNU General Public License Version 2 can be found in `/usr/share/common-licenses/GPL-2'. halberd ------- Files: plugins/discovery/oHalberd/* Copyright: © 2008 Juan M. Bello Rivas HomePage: http://halberd.superadditive.com/ License: GPL-2 On Debian systems, the complete text of the GNU General Public License Version 2 can be found in `/usr/share/common-licenses/GPL-2'. hmap ---- Files: plugins/discovery/oHmap/* Copyright: © 2003 Dustin Lee HomePage: http://ujeni.murkyroc.com/hmap/ License: GPL-2 On Debian systems, the complete text of the GNU General Public License Version 2 can be found in `/usr/share/common-licenses/GPL-2'. xdot.py ------- Files: extlib/xdot/xdot.py Copyright: © 2008 Jose.R.Fonseca HomePage: http://code.google.com/p/jrfonseca/wiki/XDot License: GPL-3 On Debian systems, the complete text of the GNU General Public License Version 3 can be found in `/usr/share/common-licenses/GPL-3'. Natural Language Toolkit (nltk) ------------------------------- Files: extlib/nltk/* Copyright: © 2001-2009 NLTK Project HomePage: http://www.nltk.org License: GPL-2 or any later version On Debian systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-2'. GHDB ---- Files: plugins/discovery/ghdb/GHDB.xml Copyright: © 2006 Johnny Long HomePage: http://johnny.ihackstuff.com/xml/schema.xml (it's not online anymore) License: Public Domain xml-data-file-of-online-valid-phishes-from-phishtank ---------------------------------------------------- Files: plugins/discovery/phishtank/index.xml Copyright: © 2006 OpenDNS, LLC HomePage: http://www.phishtank.com/blog/2006/10/17/xml-data-file-of-online-valid-phishes-from-phishtank/ License: Creative Commons Attribution-ShareAlike 2.5 License DirBuster --------- Files: plugins/discovery/dir_bruter/common_dirs_small.db Copyright: © 2007 James Fisher HomePage: http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project License: Creative Commons Attribution-ShareAlike 3.0 License ntlmaps ------- Files: extlib/ntlm/* Copyright: © 2001 Dmitry A. Rozmanov HomePage: http://ntlmaps.sourceforge.net/ License: LGPL On Debian systems, the complete text of the GNU Lesser General Public License Version can be found in `/usr/share/common-licenses/LGPL-2'. gtkcodebuffer ------------- Files: extlib/gtkcodebuffer/* Copyright: © 2008 Hannes Matuschek HomePage: http://code.google.com/p/pygtkcodebuffer/ License: LGPL On Debian systems, the complete text of the GNU Lesser General Public License Version can be found in `/usr/share/common-licenses/LGPL-2'. urlgrabber ---------- Files: core/data/url/handlers/keepalive.py Copyright: © 2002-2006 Michael D. Stenner Ryan Tomayko HomePage: http://code.google.com/p/pygtkcodebuffer/ License: LGPL-2.1 On Debian systems, the complete text of the GNU Lesser General Public License Version can be found in `/usr/share/common-licenses/LGPL-2.1'. debian/source/0000755000000000000000000000000012010612272010457 5ustar debian/source/format0000644000000000000000000000001411776647417011720 0ustar 3.0 (quilt) debian/watch0000644000000000000000000000006711776647417010246 0ustar version=3 http://sf.net/w3af/w3af-(\d[\d.]+)\.tar\.bz2 debian/menu0000644000000000000000000000023511152327310010050 0ustar ?package(w3af):\ needs="X11" \ section="Applications/Network/Web Browsing" \ title="w3af" \ command="/usr/share/w3af/w3af_gui" \ icon="w3af.xpm" debian/compat0000644000000000000000000000000211776647417010410 0ustar 9 debian/rules0000755000000000000000000000276111776647417010300 0ustar #!/usr/bin/make -f # Sample debian/rules that uses debhelper. # GNU copyright 1997 to 1999 by Joey Hess. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 clean: dh_testdir dh_testroot rm -rf build-stamp configure-stamp dh_clean install: build dh_testdir dh_testroot dh_prep dh_installdirs cp debian/desktop debian/w3af/usr/share/applications/w3af.desktop cp debian/w3af.xpm debian/w3af/usr/share/pixmaps/ cp -r core locales plugins profiles extlib debian/w3af-console/usr/share/w3af/ cp w3af_console debian/w3af-console/usr/share/w3af/ cp w3af_gui debian/w3af/usr/share/w3af/ chmod +x debian/w3af-console/usr/share/w3af/w3af_console debian/w3af/usr/share/w3af/w3af_gui cp debian/w3af.sh debian/w3af-console/usr/bin/w3af cp debian/w3af_console.sh debian/w3af-console/usr/bin/w3af_console cp debian/w3af_gui.sh debian/w3af/usr/bin/w3af_gui mv debian/w3af-console/usr/share/w3af/core/ui/gtkUi debian/w3af/usr/share/w3af/core/ui/gtkUi mv debian/w3af-console/usr/share/w3af/extlib/xdot debian/w3af/usr/share/w3af/extlib/ build-arch: build build-indep: build # Build architecture-independent files here. binary-indep: install dh_testdir dh_testroot dh_pysupport dh_installman dh_installmenu dh_installdocs dh_installexamples dh_installchangelogs dh_compress dh_fixperms dh_installdeb dh_gencontrol dh_md5sums dh_builddeb # Build architecture-dependent files here. binary-arch: install binary: binary-indep binary-arch .PHONY: clean build binary-indep binary-arch install debian/desktop0000644000000000000000000000033012010605405010547 0ustar [Desktop Entry] Version=1.1svn5547 Type=Application Exec=/usr/share/w3af/w3af_gui Icon=w3af Terminal=false Name=w3af Comment=Web Application Attack and Audit Framework Categories=Network;Security; StartupNotify=true debian/w3af-console.examples0000644000000000000000000000001211174433747013232 0ustar scripts/* debian/w3af_console.sh0000644000000000000000000000015711570733275012121 0ustar #!/bin/sh if [ -r /usr/share/w3af/w3af_console ] ; then /usr/bin/python /usr/share/w3af/w3af_console $@ fi debian/w3af.xpm0000644000000000000000000000232011152330066010546 0ustar /* XPM */ static char * w3af_xpm[] = { "32 32 2 1", " c None", ". c #000000", " ", " ........ ", " .. ... ", " .. ", " .. .. ", " . . . ", " . . . ", " . .. . ", " .. ... . ", " . ... . ", " ......... . ", " . .......... . ", " . ................. ", " ... ........ . .", " ... ........ .", " .. ........ .", ". ... . ..... .", ". .. .... .", " .. . . .. .", " ... . .. .", " . ...... . . ", " . .... .. . ", " .... . . ", " . ", " . .. ", " .. ...... . ", " .. ... .. ", " ... .. . ", " .... . .. ", " ...... .. ", " ...... .... ", " ... "}; debian/changelog0000644000000000000000000000477712010606420011046 0ustar w3af (1.1svn5547-1) unstable; urgency=low * The Managua DebConf12 release! * New upstream release (closes: #669939) - Better error handling (closes: #675284) * Many improvements from Jari Aalto thanks! (closes: #669941): - Remove deprecated dpatch and upgrade to packaging format "3.0 quilt". - Update to Standards-Version to 3.9.3 and debhelper to 9. - Add build-arch and build-indep targets; use dh_prep in rules file. - Fix copyright-refers-to-symlink-license (Lintian). - Fix copyright-with-old-dh-make-debian-copyright (Lintian). - Fix debian-watch-file-is-missing (Lintian). * Removing patches already included by upstream: - 05_raise_exception_no_strings (closes: #585368) * Disabling auto-update: disable-auto-update.patch * Reimplementing pybloomfiltermmap with disk_set. -- Luciano Bello Mon, 09 Jul 2012 07:35:46 +0200 w3af (1.0.0-1) experimental; urgency=low * w3af-1.0 is stable! (closes: #614125) * Rise exceptions, no strings (closes: #585367). * Since nltk is not part of Debian, the wordnet plugin was disable. * netcat was removed too. -- Luciano Bello Tue, 31 May 2011 20:15:46 -0300 w3af (1.0-rc3svn3489-1) unstable; urgency=low [ Luciano Bello ] * New SVN export revision: 3489 * removed from the source - nltk (closes: #571004, #555346) - yalm * Licenses added to the copyright file: - dir_bruter/common_dirs_small.db: cc-by-sa 3.0 - extlib/ntlmaps: LGPL - extlib/gtkcodebuffer: LGPL - core/data/url/handlers/keepalive.py: LGPL-2.1 [ Bernd Zeimetz ] * Replace python-json by python-simplejson. (Closes: #571110, #580645) * Build for all Python versions and use the default Python version. -- Luciano Bello Wed, 12 May 2010 11:20:27 -0300 w3af (1.0~rc2svn3429-1) unstable; urgency=low * Now, only for python2.5. -- Luciano Bello Sat, 20 Mar 2010 13:54:58 -0300 w3af (1.0~rc2svn3180-1) unstable; urgency=low * No more dh_desktop. * Added the recommended README file for packages which depend on dpatch. * Ready for Python 2.6. (Closes: #534803) * Removed the empty paragraph at the end of the package description, which can be only spotted by Rhonda (Closes: #531026). -- Luciano Bello Sat, 14 Nov 2009 20:12:43 -0300 w3af (1.0~rc2svn2845-1) unstable; urgency=low * Initial release (Closes: #465120) -- Luciano Bello Tue, 28 Apr 2009 12:48:43 -0300 debian/w3af.dirs0000644000000000000000000000014211277626011010711 0ustar usr/share/pixmaps/ usr/share/applications/ usr/share/w3af/core/ui/ usr/share/w3af/extlib usr/bin/ debian/w3af_gui.sh0000644000000000000000000000014711372136542011234 0ustar #!/bin/sh if [ -r /usr/share/w3af/w3af_gui ] ; then /usr/bin/python /usr/share/w3af/w3af_gui $@ fi debian/w3af.sh0000644000000000000000000000026211372136542010366 0ustar #!/bin/sh if [ ! -z "$DISPLAY" -a -r /usr/share/w3af/w3af_gui ] ; then /usr/bin/python /usr/share/w3af/w3af_gui $@ else /usr/bin/python /usr/share/w3af/w3af_console $@ fi debian/patches/0000755000000000000000000000000012010612272010606 5ustar debian/patches/dependecies-a-la-debian.patch0000644000000000000000000000234111777717644016163 0ustar --- a/core/controllers/misc/dependencyCheck.py +++ b/core/controllers/misc/dependencyCheck.py @@ -44,24 +44,13 @@ elif major > 2: print 'It seems that you are running python 3k, please let us know if w3af works ok =)' sys.exit( 1 ) - + reasonForExit = False packages = [] packages_debian = [] packages_mac_ports = [] additional_information = [] - - if platform.system() != 'Windows': - try: - from pybloomfilter import BloomFilter as mmap_filter - except Exception, e: - msg = ' pybloomfiltermmap is a required dependency in *nix systems, please install from ' - msg += 'http://pypi.python.org/pypi/pybloomfiltermmap/0.2.0' - - additional_information.append(msg) - packages_debian.append('python2.6-dev') - reasonForExit = True - + # nltk raises a warning... which I want to ignore... # This is the original warning: # --- a/core/data/parsers/pdfParser.py +++ b/core/data/parsers/pdfParser.py @@ -25,8 +25,8 @@ from core.data.parsers.urlParser import url_object -import extlib.pyPdf.pyPdf as pyPdf - +import pyPdf as pyPdf + import StringIO import re debian/patches/disable-auto-update.patch0000644000000000000000000000766512000070320015465 0ustar --- a/core/controllers/auto_update/auto_update.py +++ b/core/controllers/auto_update/auto_update.py @@ -824,11 +824,11 @@ FREQ_WEEKLY = 'W' # [W]eekly FREQ_MONTHLY = 'M' # [M]onthly # DEFAULT VALUES - DEFAULTS = {'auto-update': 'true', 'frequency': 'D', + DEFAULTS = {'auto-update': 'false', 'frequency': 'D', 'last-update': 'None', 'last-rev': 0} def __init__(self): - + self._start_cfg_file = os.path.join(get_home_dir(), 'startup.conf') self._start_section = 'STARTUP_CONFIG' self._config = ConfigParser.ConfigParser() --- a/w3af_console +++ b/w3af_console @@ -47,17 +47,6 @@ -s or --script= Run script. - -n or --no-update - No update check will be made when starting. This option takes - precedence over the 'auto-update' setting in 'startup.conf' file. - - -f or --force-update - An update check will be made when starting. This option takes - precedence over the 'auto-update' setting in 'startup.conf' file. - - -r or --revision - Force to update to . - -p or --profile= Run with the selected @@ -72,8 +61,8 @@ def main(): try: - long_options = ['script=', 'help', 'version', 'test-all', 'no-update', - 'force-update', 'profile=', 'revision=', 'profile-run'] + long_options = ['script=', 'help', 'version', 'test-all', + 'profile=', 'profile-run'] opts, args = getopt.getopt(sys.argv[1:], "ehvts:nfpP:r:", long_options) except getopt.GetoptError, e: # print help information and exit: @@ -82,7 +71,7 @@ scriptFile = None forceProfile = None profile = None - doupdate = None + doupdate = False rev = 0 # HEAD revision for o, a in opts: @@ -110,21 +99,6 @@ if o in ('-v', '--version'): print get_w3af_version() return 0 - if o in ('-f', '--force-update'): - doupdate = True - elif o in ('-n', '--no-update'): - doupdate = False - if o in ('-r', '--revision'): - doupdate = True - a = a.upper() - if a in ('HEAD', 'PREV'): - rev = 0 if (a == 'HEAD') else -1 - else: - try: - rev = int(a) - except ValueError: - om.out.error("Invalid value for revision number. Expected int.") - return -3 # console from core.ui.consoleUi.consoleUi import consoleUi --- a/w3af_gui +++ b/w3af_gui @@ -38,14 +38,6 @@ -h or --help Display this help message. - -n or --no-update - No update check will be made when starting. This option takes - precedence over the 'auto-update' setting in 'startup.conf' file. - - -f or --force-update - An update check will be made when starting. This option takes - precedence over the 'auto-update' setting in 'startup.conf' file. - -p or --profile= Run with the selected @@ -57,14 +49,14 @@ def main(): try: - long_options = ['help', 'no-update', 'force-update', 'profile='] + long_options = ['help', 'profile='] opts, args = getopt.getopt(sys.argv[1:], "ehnfp:", long_options) except getopt.GetoptError: # print help information and exit: usage() return -3 profile = None - doupdate = None + doupdate = False for o, a in opts: if o in ( "-e" ): # easter egg @@ -78,11 +70,6 @@ if o == "-h": usage() return 0 - if o in ('-f', '--force-update'): - doupdate = True - elif o in ('-n', '--no-update'): - doupdate = False - # go with GTK, but first check about DISPLAY environment variable if sys.platform != "win32": debian/patches/dep-a-la-deb_01_nltk.patch0000644000000000000000000000703012000070320015256 0ustar --- a/core/controllers/dependency_check/dependency_check.py +++ b/core/controllers/dependency_check/dependency_check.py @@ -34,7 +34,7 @@ ''' #mem_test('at start') om.out.debug('Checking core dependencies') - + # Check python version major, minor, micro, releaselevel, serial = sys.version_info if major == 2: @@ -46,13 +46,13 @@ msg += ' w3af works as expected at w3af-develop@lists.sourceforge.net !' print msg sys.exit( 1 ) - + reasonForExit = False packages = [] packages_debian = [] packages_mac_ports = [] additional_information = [] - + if platform.system() != 'Windows': try: from pybloomfilter import BloomFilter as mmap_filter @@ -73,11 +73,11 @@ msg += ' can download it from http://code.google.com/p/esmre/ or run' msg += ' the following command to install it:\n' msg += ' sudo easy_install esmre\n' - + #packages.append('esmre') #packages.append('esm') #additional_information.append(msg) - + # nltk raises a warning... which I want to ignore... # This is the original warning: # @@ -88,8 +88,6 @@ warnings.filterwarnings('ignore', '.*',) #mem_test('after esmre import') if not lazy_load('nltk'): - packages.append('nltk') - packages_debian.append('python-nltk') #TODO #packages_mac_port.append() msg = ' If you can not install nltk, please try the following:\n' @@ -102,10 +100,8 @@ msg += ' tar -xzvf nltk-2.0b9.tar.gz\n' msg += ' cd nltk-2.0b9\n' msg += ' python setup.py install' - additional_information.append(msg) - reasonForExit = True #mem_test('after nltk import') - + if not lazy_load('extlib.SOAPpy.SOAPpy'): if not lazy_load('SOAPpy'): packages.append('SOAPpy') @@ -125,7 +121,7 @@ #TODO #packages_mac_port.append() reasonForExit = True - #mem_test('after pypdf import') + #mem_test('after pypdf import') try: from OpenSSL import SSL except: @@ -150,7 +146,7 @@ msg = ' It looks like your pysvn library installation is broken\n' msg += ' (are you using BT4 R2?). The error we get when importing\n' msg += ' the pysvn library is "%s". \n\n' % e.message - + msg += ' This is a BackTrack issue (works with Ubuntu 8.04 and 10.10)\n' msg += ' that was fixed by them in their devel repositories, in order to\n' msg += ' enable them you need to follow these steps:\n' @@ -164,7 +160,7 @@ packages_debian.append('python-svn') #TODO #packages_mac_port.append() - reasonForExit = True + reasonForExit = True #mem_test('after pysvn import') import logging logging.getLogger("scapy.runtime").setLevel(logging.ERROR) @@ -214,7 +210,7 @@ #Now exit if necessary if reasonForExit: exit(1) - + def mem_test(when): from core.controllers.profiling.ps_mem import get_memory_usage, human @@ -223,4 +219,4 @@ msg = "%8sB Private + %8sB Shared = %8sB" % ( human(cmd[1]-shareds[cmd[0]]), human(shareds[cmd[0]]), human(cmd[1]) ) - print 'Total memory usage %s: %s' % (when,msg) \ No newline at end of file + print 'Total memory usage %s: %s' % (when,msg) debian/patches/series0000644000000000000000000000021612010610246012021 0ustar 01-debian-as-distribution.patch 03-webshell.pl-is-not-script.patch disable-auto-update.patch dep-a-la-deb_01_nltk.patch disable-pybloom.patch debian/patches/01-debian-as-distribution.patch0000644000000000000000000000070112000070320016372 0ustar From: Luciano Bello Subject: Indicates that the version cames from a Debian Package --- a/core/controllers/misc/get_w3af_version.py +++ b/core/controllers/misc/get_w3af_version.py @@ -33,4 +33,5 @@ return ('w3af - Web Application Attack and Audit Framework\n' 'Version: 1.2\n' 'Revision: %s\n' + 'Distribution: Debian\n' 'Author: Andres Riancho and the w3af team.') % rev debian/patches/03-webshell.pl-is-not-script.patch0000755000000000000000000000046512000070320016776 0ustar From: Luciano Bello Subject: this script won't ever be running by hand. --- a/plugins/attack/payloads/webshell/webshell.pl +++ b/plugins/attack/payloads/webshell/webshell.pl @@ -1,4 +1,3 @@ -#!/usr/bin/perl if (length ($ENV{'QUERY_STRING'}) > 0){ $buffer = $ENV{'QUERY_STRING'}; debian/patches/disable-pybloom.patch0000644000000000000000000001610512010610222014705 0ustar --- a/core/data/bloomfilter/bloomfilter.py +++ b/core/data/bloomfilter/bloomfilter.py @@ -21,26 +21,7 @@ ''' -# Generic imports, -import os -import string -from random import choice -from core.controllers.misc.temp_dir import get_temp_dir - -# -# This import should never fail -# -from core.data.bloomfilter.pybloom import BloomFilter as pure_python_filter - -# -# This might fail... -# -try: - from pybloomfilter import BloomFilter as mmap_filter -except: - USE_PURE_PYTHON_FILTER = True -else: - USE_PURE_PYTHON_FILTER = False +from core.data.db.disk_set import disk_set class generic_bloomfilter(object): @@ -64,163 +45,28 @@ def add(self, key): raise NotImplementedError() -class mmap_filter_wrapper(generic_bloomfilter): +class disk_set_filter_wrapper(generic_bloomfilter): def __init__(self, capacity, error_rate=0.01): - generic_bloomfilter.__init__(self, capacity, error_rate) + generic_bloomfilter.__init__(self, 10**1024, 0.0) - # - # Create the temp file - # - tempdir = get_temp_dir() - if not os.path.exists( tempdir ): - os.makedirs( tempdir ) - filename = ''.join([choice(string.letters) for i in range(12)]) + '.w3af.bloom' - temp_file = os.path.join(tempdir, filename) - - self.bf = mmap_filter(capacity, error_rate, temp_file) + self.ds = disk_set() def __contains__(self, key): - return key in self.bf + return key in self.ds def __len__(self): - return len(self.bf) + return len(self.ds) def add(self, key): - return self.bf.add( key ) - -class pure_python_filter_wrapper(generic_bloomfilter): - def __init__(self, capacity, error_rate=0.01): - generic_bloomfilter.__init__(self, capacity, error_rate) - self.bf = pure_python_filter(capacity, error_rate) - - def __contains__(self, key): - return key in self.bf + return self.ds.add( key ) - def __len__(self): - return len(self.bf) - - def add(self, key): - return self.bf.add( key ) - -if USE_PURE_PYTHON_FILTER: - # - # Easier to install (embedded in extlib) but slow and memory hungry. - # - bloomfilter = pure_python_filter_wrapper -else: - # - # Faster! - # - bloomfilter = mmap_filter_wrapper - +bloomfilter = disk_set_filter_wrapper +scalable_bloomfilter = disk_set_filter_wrapper -class scalable_bloomfilter(object): +class scalable_bloomfilter(disk_set_filter_wrapper): SMALL_SET_GROWTH = 2 # slower, but takes up less memory LARGE_SET_GROWTH = 4 # faster, but takes up more memory faster def __init__(self, initial_capacity=1000, error_rate=0.001, mode=SMALL_SET_GROWTH): - """Implements a space-efficient probabilistic data structure that - grows as more items are added while maintaining a steady false - positive rate - - initial_capacity - the initial capacity of the filter - error_rate - the error_rate of the filter returning false positives. This - determines the filters capacity. Going over capacity greatly - increases the chance of false positives. - mode - can be either scalable_bloomfilter.SMALL_SET_GROWTH or - scalable_bloomfilter.LARGE_SET_GROWTH. SMALL_SET_GROWTH is slower - but uses less memory. LARGE_SET_GROWTH is faster but consumes - memory faster. - - >>> b = scalable_bloomfilter(initial_capacity=512, error_rate=0.001, \ - mode=scalable_bloomfilter.SMALL_SET_GROWTH) - >>> b.add("test") - False - >>> "test" in b - True - >>> unicode_string = u'¡' - >>> b.add(unicode_string) - False - >>> unicode_string in b - True - - >>> sbf = scalable_bloomfilter(mode=scalable_bloomfilter.SMALL_SET_GROWTH) - >>> count = 10000 - >>> for i in xrange(0, count): - ... _ = sbf.add(i) - ... - >>> sbf.capacity > count - True - >>> len(sbf) <= count - True - >>> abs((len(sbf) / float(count)) - 1.0) <= sbf.error_rate - True - """ - if not error_rate or error_rate < 0: - raise ValueError("Error_Rate must be a decimal less than 0.") - self._setup(mode, 0.9, initial_capacity, error_rate) - self.filters = [] - - def _setup(self, mode, ratio, initial_capacity, error_rate): - self.scale = mode - self.ratio = ratio - self.initial_capacity = initial_capacity - self.error_rate = error_rate - - def __contains__(self, key): - """Tests a key's membership in this bloom filter. - - >>> b = scalable_bloomfilter(initial_capacity=100, error_rate=0.001, \ - mode=scalable_bloomfilter.SMALL_SET_GROWTH) - >>> b.add("hello") - False - >>> "hello" in b - True - - """ - for f in reversed(self.filters): - if key in f: - return True - return False - - def add(self, key): - """Adds a key to this bloom filter. - If the key already exists in this filter it will return True. - Otherwise False. - - >>> b = scalable_bloomfilter(initial_capacity=100, error_rate=0.001, \ - mode=scalable_bloomfilter.SMALL_SET_GROWTH) - >>> b.add("hello") - False - >>> b.add("hello") - True - - """ - if key in self: - return True - filter = self.filters[-1] if self.filters else None - if filter is None or len(filter) >= filter.capacity: - num_filters = len(self.filters) - filter = bloomfilter( - capacity=self.initial_capacity * (self.scale ** num_filters), - error_rate=self.error_rate * (self.ratio ** num_filters)) - self.filters.append(filter) - filter.add(key) - return False - - @property - def capacity(self): - """Returns the total capacity for all filters in this SBF""" - return sum([f.capacity for f in self.filters]) - - @property - def count(self): - return len(self) - - def __len__(self): - """Returns the total number of elements stored in this SBF""" - return sum([len(f) for f in self.filters]) + disk_set_filter_wrapper.__init__(self, 10**1024, 0.0) \ No newline at end of file --- a/core/data/bloomfilter/test_pybloom.py +++ b/core/data/bloomfilter/test_pybloom.py @@ -4,6 +4,7 @@ from pybloom import BloomFilter from core.data.bloomfilter.bloomfilter import scalable_bloomfilter +from core.controllers.misc.temp_dir import create_temp_dir class TestBloomFilter(unittest.TestCase): @@ -37,7 +38,10 @@ self.assertEqual(rnd in f, True) class TestScalableBloomfilter(unittest.TestCase): - + + def setUp(self): + create_temp_dir() + def test_bloom_int(self): f = scalable_bloomfilter(mode=scalable_bloomfilter.SMALL_SET_GROWTH) debian/w3af-console.dirs0000644000000000000000000000003011145630557012351 0ustar usr/share/w3af/ usr/bin debian/w3af.manpages0000644000000000000000000000002311174204351011534 0ustar manpage/w3af_gui.1 debian/w3af-console.docs0000644000000000000000000000000711174433747012350 0ustar readme