debian/0000755000000000000000000000000012163306600007163 5ustar debian/wapiti.install0000644000000000000000000000003011740335137012050 0ustar src/* /usr/share/wapiti debian/control0000644000000000000000000000252512163305156010577 0ustar Source: wapiti Section: python X-Python-Version: >= 2.4 Priority: optional Maintainer: Debian QA Group Build-Depends: python (>= 2.6.6-3~), debhelper (>= 9) Standards-Version: 3.9.4 Vcs-Svn: svn://anonscm.debian.org/python-apps/packages/wapiti/trunk/ Vcs-Browser: http://anonscm.debian.org/viewvc/python-apps/packages/wapiti/trunk/ Package: wapiti Architecture: all Depends: ${misc:Depends}, ${python:Depends}, python-beautifulsoup, python-httplib2, libjs-jquery Homepage: http://wapiti.sourceforge.net/ Description: web application vulnerability scanner Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scan the web pages of the deployed web applications, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. . Wapiti can detect the following vulnerabilities: - file handling errors (local and remote include/require, fopen, readfile...) - database injection (PHP/JSP/ASP SQL Injections and XPath Injections) - XSS (Cross Site Scripting) injection - LDAP injection - command execution detection (eval(), system(), passtru()...) - CRLF injection (HTTP response splitting, session fixation...) debian/rules0000755000000000000000000000277211740366460010265 0ustar #!/usr/bin/make -f %: dh $@ --with python2 override_dh_install: dh_install --exclude=generateSources.sh --exclude=generateTranslations.sh \ --exclude=BeautifulSoup.py --exclude=httplib2 --exclude includes/js # install the two used JavaScript files (excluded above) install -d $(CURDIR)/debian/wapiti/usr/share/wapiti/report_template/includes/js install -D -p -m 0644 \ -t $(CURDIR)/debian/wapiti/usr/share/wapiti/report_template/includes/js \ src/report_template/includes/js/report.js find $(CURDIR)/debian/wapiti -type d -empty -delete override_dh_link: dh_link chmod a+rx $(CURDIR)/debian/wapiti/usr/bin/* override_dh_installchangelogs: dh_installchangelogs ChangeLog_Wapiti DEB_DEBIAN_DIR=$(dir $(firstword $(MAKEFILE_LIST))) DEB_UPSTREAM_VERSION=$(shell dpkg-parsechangelog -l$(DEB_DEBIAN_DIR)/changelog \ | sed -rne 's,^Version: ([^+-]+).*,\1,p') get-orig-source: # download and unpack upstream tarball uscan --noconf --force-download --rename --download-current-version --destdir=. $(DEB_DEBIAN_DIR)/.. rm -rf wapiti-$(DEB_UPSTREAM_VERSION) tar -xf wapiti_$(DEB_UPSTREAM_VERSION).orig.tar.bz2 rm wapiti_$(DEB_UPSTREAM_VERSION).orig.tar.bz2 # remove non-free json.js rm wapiti-$(DEB_UPSTREAM_VERSION)/src/report_template/includes/js/json.js # create a new tarball GZIP=--best tar -cz --owner root --group root --mode a+rX \ -f wapiti_$(DEB_UPSTREAM_VERSION)+dfsg.orig.tar.gz \ wapiti-$(DEB_UPSTREAM_VERSION) rm -rf wapiti-$(DEB_UPSTREAM_VERSION) debian/watch0000644000000000000000000000015211740337455010226 0ustar version=3 opts=dversionmangle=s/\+dfsg$// \ http://sf.net/wapiti/wapiti-([\d+\.]+|\d+)\.tar\.(?:gz|bz2) debian/README.source0000644000000000000000000000064111740337455011357 0ustar Wapiti includes a convenience copy of json.js which is otherwise unused and non-free. For this reason the source is repacked. See the get-orig-source of debian/rules for details. The json.js file has been removed upstream in r150: http://wapiti.svn.sourceforge.net/viewvc/wapiti?view=revision&revision=150 which probably means it won't be present in the next upstream version if any such version is ever released. debian/changelog0000644000000000000000000000467412163306145011054 0ustar wapiti (2.2.1+dfsg-1) unstable; urgency=low * QA upload. [ Arthur de Jong ] * New upstream release (Closes: #550072). * Orphaning package (See: #700556). * Drop no longer relevant recommends. * Install wapiti-getcookie and wapiti-lswww commands. * Update patches (drop most because no longer relevant). * Install upstream manual page. * Provide a get-orig-source target that drops the unused and non-free json.js from the upstream tarball. * Don't install bundled BeautifulSoup and httplib2 and instead use the system ones. * Disable the built-in Nikto plugin because of licensing issues of the used database file. * Install a README.Debian that explains the differences from upstream. * Update debian/copyright file. * Update debian/watch file. * Update to Standards-Version to 3.9.4. * Update package description. [ Jakub Wilk ] * Use canonical URIs for Vcs-* fields. -- Arthur de Jong Fri, 28 Jun 2013 15:14:56 +0200 wapiti (1.1.6-4) unstable; urgency=low * Team upload. [ Jakub Wilk ] * Remove unused Provides field from debian/control. [ Jari Aalto ] * Remove deprecated dpatch and upgrade to packaging format "3.0 quilt" (Closes: #664377). * Update to Standards-Version to 3.9.3 and debhelper to 9. [ Arthur de Jong ] * Switch to dh_python2 (Closes: #617144). * Switch to dh command sequencer and install file with dh_install instead of a custom setup.py. * Update Vcs-Browser field. * Fix spelling error and small wording change in manual page (thanks lintian). * Switch to machine-readable debian/copyright format. -- Arthur de Jong Fri, 06 Apr 2012 16:33:38 +0200 wapiti (1.1.6-3) unstable; urgency=low * Closes: #477034 -> restructured debian/rules * changing some rules in debian/rules * watch-file added * patches now handled by dpatch * new Uploader: Python Applications Packaging Team -- Thomas Bläsing Sat, 26 Apr 2008 12:04:20 +0000 wapiti (1.1.6-2) unstable; urgency=low * changed description ( Closes: #434804 ) * modified man-page. * debianized warning output, if python-utidylib and python-ctypes are not installed. -- Thomas Bläsing Mon, 30 Jul 2007 11:53:19 +0200 wapiti (1.1.6-1) unstable; urgency=low * Initial release (Closes: #381418) -- Thomas Bläsing Thu, 28 Jun 2007 14:08:17 +0200 debian/wapiti.docs0000644000000000000000000000003311740335137011335 0ustar AUTHORS README example.txt debian/compat0000644000000000000000000000000211737551025010372 0ustar 9 debian/README.Debian0000644000000000000000000000164111740363040011227 0ustar This package differs from upstream in the following ways: - It saves the result of scans in a scans folder in the current working directory. - It provides wapiti, wapiti-lswww and wapiti-getcookie commands to perform the needed actions. - The Nikto plugin is disabled by default because the database file used contains a notice that forbids use of the file with anything other than the full Nikto package without written permission. Users that have received permission from the distributor of the database can install the db_tests file in /usr/share/wapiti/config/attacks/nikto_db. If you have the nikto package installed this can be done with: ln -s /var/lib/nikto/plugins/db_tests /usr/share/wapiti/config/attacks/nikto_db Due to a limitation in which the reports are generated the reports are not opened correctly when opening in Chromium. See the file example.txt for example usage information. debian/source/0000755000000000000000000000000012163306600010463 5ustar debian/source/format0000644000000000000000000000001411737551025011702 0ustar 3.0 (quilt) debian/wapiti.manpages0000644000000000000000000000001511740336231012174 0ustar doc/wapiti.1 debian/patches/0000755000000000000000000000000012163306600010612 5ustar debian/patches/use-global-beautifulsoup.patch0000644000000000000000000000250011740351250016550 0ustar Description: Use the system-provided BeautifulSoup instead of a bundled one. Author: Arthur de Jong --- a/src/attack/mod_backup.py +++ b/src/attack/mod_backup.py @@ -5,7 +5,6 @@ # Guillaume TRANCHANT # Gregory FONTAINE -from net import BeautifulSoup from attack import Attack from vulnerability import Vulnerability from vulnerabilitiesdescriptions import VulnerabilitiesDescriptions as VulDescrip --- a/src/attack/mod_nikto.py +++ b/src/attack/mod_nikto.py @@ -1,5 +1,5 @@ #!/usr/bin/env python -from net import BeautifulSoup +import BeautifulSoup from net.httplib2 import ServerNotFoundError from attack import Attack from vulnerability import Vulnerability --- a/src/attack/mod_permanentxss.py +++ b/src/attack/mod_permanentxss.py @@ -2,7 +2,7 @@ import random import re import socket -from net import BeautifulSoup +import BeautifulSoup from attack import Attack from vulnerability import Vulnerability from vulnerabilitiesdescriptions import VulnerabilitiesDescriptions as VulDescrip --- a/src/attack/mod_xss.py +++ b/src/attack/mod_xss.py @@ -2,7 +2,7 @@ import random import re import socket -from net import BeautifulSoup +import BeautifulSoup from attack import Attack from vulnerability import Vulnerability from vulnerabilitiesdescriptions import VulnerabilitiesDescriptions as VulDescrip debian/patches/use-local-scans-dir.patch0000644000000000000000000000211111740362741015403 0ustar Description: Save scan results in a scans directory in the local directory. Author: Arhur de Jong Forwarded: not-needed --- a/src/net/crawlerpersister.py +++ b/src/net/crawlerpersister.py @@ -9,8 +9,10 @@ """ CRAWLER_DATA_DIR_NAME = "scans" - BASE_DIR = os.path.normpath(os.path.join(os.path.abspath(__file__),'../..')) + BASE_DIR = os.getcwd() CRAWLER_DATA_DIR = BASE_DIR+"/"+CRAWLER_DATA_DIR_NAME + if not os.path.exists(CRAWLER_DATA_DIR): + os.makedirs(CRAWLER_DATA_DIR) ROOT_URL = "rootURL" TO_BROWSE = "toBrowse" --- a/src/wapiti.py +++ b/src/wapiti.py @@ -160,10 +160,7 @@ self.reportGen = TXTReportGenerator() else: #default self.reportGen = XMLReportGenerator() - if "__file__" in dir(): - BASE_DIR = os.path.normpath(os.path.join(os.path.abspath(__file__), '..')) - else: - BASE_DIR = os.getcwd() + BASE_DIR = '/usr/share/wapiti' xmlParser = VulnerabilityXMLParser() xmlParser.parse(BASE_DIR + "/config/vulnerabilities/vulnerabilities.xml") for vul in xmlParser.getVulnerabilities(): debian/patches/disable-nikto-download.patch0000644000000000000000000000144111740362741016175 0ustar Description: Disable downloading of Nikto database. The Nikto database contains a notice that forbids use of the file with anything other than the full Nikto package. Also, downloading at run-time would cause problems with writing the file because the config directory isn't writeable. Author: Arthur de Jong Forwarded: not-needed --- a/src/attack/mod_nikto.py +++ b/src/attack/mod_nikto.py @@ -28,6 +28,10 @@ self.nikto_db = [l for l in reader if l!=[] and l[0].isdigit()] fd.close() except IOError: + # Disable downloading of Nikto database because the license of the file + # forbids it. + self.nikto_db = [] + return try: print _("Problem with local nikto database.") print _("Downloading from the web...") debian/patches/fix-man-page.patch0000644000000000000000000000110211740336520014102 0ustar Description: Fixes for the manual page. Author: Arthur de Jong --- a/doc/wapiti.1 +++ b/doc/wapiti.1 @@ -89,7 +89,7 @@ .br .RS .RS --m "-all,xss:get,exec:post" +\-m "\-all,xss:get,exec:post" .RE .RE .TP @@ -139,5 +139,5 @@ .SH BUG REPORTS If you find a bug in Wapiti please report it to http://sourceforge.net/tracker/?group_id=168625 .SH SEE ALSO -The README file that comes with Wapiti gives more detailed informations on the options. +The README file that comes with Wapiti gives more detailed information on the options. .\" Vim for teh win! debian/patches/series0000644000000000000000000000032611757667206012054 0ustar use-wapiti-command.patch fix-man-page.patch use-global-beautifulsoup.patch use-global-httplib2.patch use-local-scans-dir.patch disable-nikto-download.patch allow-local-nikto-db.patch remove-unused-js-scripts.patch debian/patches/use-global-httplib2.patch0000644000000000000000000000116711740350735015430 0ustar Description: Use the system-provided httplib2 instead of a bundled one. The bug report http://sourceforge.net/tracker/?func=detail&aid=2954109&group_id=168625&atid=847490 contains some more information and the implementation of a missing parse_proxy() function. Author: Arthur de Jong --- a/src/attack/mod_nikto.py +++ b/src/attack/mod_nikto.py @@ -1,6 +1,5 @@ #!/usr/bin/env python import BeautifulSoup -from net.httplib2 import ServerNotFoundError from attack import Attack from vulnerability import Vulnerability from vulnerabilitiesdescriptions import VulnerabilitiesDescriptions as VulDescrip debian/patches/use-wapiti-command.patch0000644000000000000000000000336611740335137015355 0ustar Description: Ensure that documation refrers to wapiti commands. Author: Arhur de Jong Forwarded: not-needed --- a/src/wapiti.py +++ b/src/wapiti.py @@ -43,7 +43,7 @@ """ Wapiti-2.2.1 - A web application vulnerability scanner -Usage: python wapiti.py http://server.com/base/url/ [options] +Usage: wapiti http://server.com/base/url/ [options] Supported options are: -s --- a/example.txt +++ b/example.txt @@ -1,6 +1,6 @@ First I use getcookie.py to login in the restricted area and get the cookie in cookies.txt -bash-3.0$ python getcookie.py cookies.txt http://127.0.0.1/vuln/?page=login +bash-3.0$ wapiti-getcookie cookies.txt http://127.0.0.1/vuln/?page=login Please enter values for the folling form : url = http://127.0.0.1/vuln/login.php login (on) : toto @@ -9,7 +9,7 @@ Then I scan the vuln website using the cookie and excluding the logout script -bash-3.0$ python wapiti.py http://127.0.0.1/vuln/ -c cookies.txt -x http://127.0.0.1/vuln/index.php?page=logout +bash-3.0$ wapiti http://127.0.0.1/vuln/ -c cookies.txt -x http://127.0.0.1/vuln/index.php?page=logout .......................... Attacking urls (GET)... --- a/src/net/getcookie.py +++ b/src/net/getcookie.py @@ -31,7 +31,7 @@ return s if len(sys.argv) != 3: - sys.stderr.write("Usage: python getcookie.py \n") + sys.stderr.write("Usage: wapiti-getcookie \n") sys.exit(1) COOKIEFILE = sys.argv[1] --- a/src/net/lswww.py +++ b/src/net/lswww.py @@ -36,7 +36,7 @@ """ lswww explore a website and extract links and forms fields. -Usage: python lswww.py http://server.com/base/url/ [options] +Usage: wapiti-lswww http://server.com/base/url/ [options] Supported options are: -s debian/patches/allow-local-nikto-db.patch0000644000000000000000000000243511740362741015562 0ustar Description: Save and load the local Nikto database in Nikto format. Author: Arthur de Jong --- a/src/attack/mod_nikto.py +++ b/src/attack/mod_nikto.py @@ -22,9 +22,10 @@ def __init__(self, HTTP, xmlRepGenerator): Attack.__init__(self, HTTP, xmlRepGenerator) + csv.register_dialect("nikto", quoting=csv.QUOTE_ALL, doublequote=False, escapechar="\\") try: fd = open(self.CONFIG_DIR + "/" + self.CONFIG_FILE) - reader = csv.reader(fd) + reader = csv.reader(fd, "nikto") self.nikto_db = [l for l in reader if l!=[] and l[0].isdigit()] fd.close() except IOError: @@ -36,13 +37,12 @@ print _("Problem with local nikto database.") print _("Downloading from the web...") page = urllib2.urlopen("http://cirt.net/nikto/UPDATES/2.1.0/db_tests") - csv.register_dialect("nikto", quoting=csv.QUOTE_ALL, doublequote=False, escapechar="\\") reader = csv.reader(page, "nikto") self.nikto_db = [l for l in reader if l!=[] and l[0].isdigit()] page.close() fd = open(self.CONFIG_DIR + "/" + self.CONFIG_FILE, "w") - writer = csv.writer(fd) + writer = csv.writer(fd, "nikto") writer.writerows(self.nikto_db) fd.close() except socket.timeout: debian/patches/remove-unused-js-scripts.patch0000644000000000000000000000210611740363515016537 0ustar Description: Remove unused JavaScript files from report template. Origin: upstream, http://wapiti.svn.sourceforge.net/viewvc/wapiti?view=revision&revision=150 Bug: http://sourceforge.net/tracker/?func=detail&aid=2971259&group_id=168625&atid=847490 --- a/src/report_template/index.html +++ b/src/report_template/index.html @@ -30,12 +30,6 @@ - - - - - - - \ No newline at end of file + debian/copyright0000644000000000000000000002102411740363740011125 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: Wapiti Upstream-Contact: Nicolas Surribas Source: http://wapiti.sourceforge.net/ Files: * Copyright: (C) 2006-2009 Nicolas Surribas (C) 2008 Informatica Gesfor License: GPL-2+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . On Debian systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-2'. Files: src/net/BeautifulSoup.py Copyright: (C) 2004-2009, Leonard Richardson License: BSD-3-clause Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: . * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. . * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. . * Neither the name of the the Beautiful Soup Consortium and All Night Kosher Bakery nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. . THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE, DAMMIT. Comment: This file is not used in the binary package. Files: src/net/httplib2/* Copyright: (C) 2006 Joe Gregorio License: MIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: . The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Comment: These files are not used in the binary package. Files: src/net/httplib2/*socks* Copyright: (C) 2006 Dan-Haim License: BSD-3-clause Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of Dan Haim nor the names of his contributors may be used to endorse or promote products derived from this software without specific prior written permission. . THIS SOFTWARE IS PROVIDED BY DAN HAIM "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DAN HAIM OR HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMANGE. Comment: These files are not used in the binary package. Files: src/report_template/includes/js/canvaschartpainter*.js src/report_template/includes/js/chart.src.js src/report_template/includes/js/chart.js src/report_template/includes/js/iecanvas.* src/report_template/includes/js/jgchartpainter*.js src/report_template/includes/js/piechart.js src/report_template/includes/js/svgchartpainter.js Copyright: (C) 2005, 2006 Emil A Eklund (C) 2006 Ma Bingyao License: MIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Comment: These files are not used in the binary package. Files: src/report_template/includes/js/excanvas.js Copyright: (C) 2006 Google Inc. License: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. . On Debian systems, the complete text of the Apache License can be found in `/usr/share/common-licenses/Apache-2.0'. Comment: These files are not used in the binary package. Files: src/report_template/includes/js/jquery.js Copyright: (C) 2007 John Resig License: MIT or GPL Dual licensed under the MIT (MIT-LICENSE.txt) and GPL (GPL-LICENSE.txt) licenses. Files: src/report_template/includes/js/wz_jsgraphics.js Copyright: (C) 2002-2004 Walter Zorn License: LGPL-2.1+ This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License (LGPL) as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. . This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. . On Debian systems, the complete text of the GNU Lesser General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'. Comment: These files are not used in the binary package. debian/wapiti.links0000644000000000000000000000037511740366460011541 0ustar /usr/share/wapiti/wapiti.py /usr/bin/wapiti /usr/share/wapiti/net/getcookie.py /usr/bin/wapiti-getcookie /usr/share/wapiti/net/lswww.py /usr/bin/wapiti-lswww /usr/share/javascript/jquery/jquery.js /usr/share/wapiti/report_template/includes/js/jquery.js