Change parameter names

andresriancho · Mar 25, 2019 · adc4f79 · adc4f79
1 parent f677dd4
commit adc4f79
Show file tree

Hide file tree

Showing 6 changed files with 104 additions and 107 deletions.
diff --git a/profiles/full_audit.pw3af b/profiles/full_audit.pw3af
@@ -78,30 +78,30 @@ follow_regex = .*
 ignore_regex = 
 
 [bruteforce.basic_auth]
-usersFile = %ROOT_PATH%/core/controllers/bruteforce/users.txt
-passwdFile = %ROOT_PATH%/core/controllers/bruteforce/passwords.txt
-useSvnUsers = True
-stopOnFirst = True
-passEqUser = True
-useLeetPasswd = True
-useEmails = True
-useProfiling = True
-profilingNumber = 50
-comboFile = 
-comboSeparator = :
+users_file = %ROOT_PATH%/core/controllers/bruteforce/users.txt
+passwd_file = %ROOT_PATH%/core/controllers/bruteforce/passwords.txt
+use_svn_users = True
+stop_on_first = True
+pass_eq_user = True
+use_leet_password = True
+use_emails = True
+use_profiling = True
+profiling_number = 50
+combo_file =
+combo_separator = :
 
 [bruteforce.form_auth]
-usersFile = %ROOT_PATH%/core/controllers/bruteforce/users.txt
-passwdFile = %ROOT_PATH%/core/controllers/bruteforce/passwords.txt
-useSvnUsers = True
-stopOnFirst = True
-passEqUser = True
-useLeetPasswd = True
-useEmails = True
-useProfiling = True
-profilingNumber = 50
-comboFile = 
-comboSeparator = :
+users_file = %ROOT_PATH%/core/controllers/bruteforce/users.txt
+passwd_file = %ROOT_PATH%/core/controllers/bruteforce/passwords.txt
+use_svn_users = True
+stop_on_first = True
+pass_eq_user = True
+use_leet_password = True
+use_emails = True
+use_profiling = True
+profiling_number = 50
+combo_file =
+combo_separator = :
 
 [grep.symfony]
 override = False

diff --git a/profiles/full_audit_spider_man.pw3af b/profiles/full_audit_spider_man.pw3af
@@ -75,17 +75,17 @@ use_w3af_site = True
 [crawl.spider_man]
 
 [bruteforce.basic_auth]
-usersFile = %ROOT_PATH%/core/controllers/bruteforce/users.txt
-passwdFile = %ROOT_PATH%/core/controllers/bruteforce/passwords.txt
-useSvnUsers = True
-stopOnFirst = True
-passEqUser = True
-useLeetPasswd = True
-useEmails = True
-useProfiling = True
-profilingNumber = 50
-comboFile = 
-comboSeparator = :
+users_file = %ROOT_PATH%/core/controllers/bruteforce/users.txt
+passwd_file = %ROOT_PATH%/core/controllers/bruteforce/passwords.txt
+use_svn_users = True
+stop_on_first = True
+pass_eq_user = True
+use_leet_password = True
+use_emails = True
+use_profiling = True
+profiling_number = 50
+combo_file =
+combo_separator = :
 
 [bruteforce.form_auth]
 

diff --git a/w3af/core/controllers/plugins/bruteforce_plugin.py b/w3af/core/controllers/plugins/bruteforce_plugin.py
@@ -59,7 +59,6 @@ def __init__(self):
         self._use_SVN_users = True
         self._pass_eq_user = True
         self._l337_p4sswd = True
-        self._useMails = True
         self._use_profiling = True
         self._profiling_number = 50
         self._stop_on_first = True
@@ -169,51 +168,51 @@ def get_options(self):
         ol = OptionList()
 
         d = 'Users file to use in bruteforcing'
-        o = opt_factory('usersFile', self._users_file, d, INPUT_FILE)
+        o = opt_factory('users_file', self._users_file, d, INPUT_FILE)
         ol.add(o)
 
         d = 'Passwords file to use in bruteforcing'
-        o = opt_factory('passwdFile', self._passwd_file, d, INPUT_FILE)
+        o = opt_factory('passwd_file', self._passwd_file, d, INPUT_FILE)
         ol.add(o)
 
         d = 'This indicates if we will use usernames from SVN headers collected by w3af plugins in bruteforce.'
-        o = opt_factory('useSvnUsers', self._use_SVN_users, d, BOOL)
+        o = opt_factory('use_svn_users', self._use_SVN_users, d, BOOL)
         ol.add(o)
 
         d = 'This indicates if the bruteforce should stop after finding the first correct user and password.'
-        o = opt_factory('stopOnFirst', self._stop_on_first, d, BOOL)
+        o = opt_factory('stop_on_first', self._stop_on_first, d, BOOL)
         ol.add(o)
 
         d = 'This indicates if the bruteforce should try password equal user in logins.'
-        o = opt_factory('passEqUser', self._pass_eq_user, d, BOOL)
+        o = opt_factory('pass_eq_user', self._pass_eq_user, d, BOOL)
         ol.add(o)
 
         d = 'This indicates if the bruteforce should try l337 passwords'
-        o = opt_factory('useLeetPasswd', self._l337_p4sswd, d, BOOL)
+        o = opt_factory('use_leet_password', self._l337_p4sswd, d, BOOL)
         ol.add(o)
 
         d = 'This indicates if the bruteforcer should use emails collected by w3af plugins as users.'
-        o = opt_factory('useEmails', self._useMails, d, BOOL)
+        o = opt_factory('use_emails', self._use_emails, d, BOOL)
         ol.add(o)
 
         d = 'This indicates if the bruteforce should use password profiling to collect new passwords.'
-        o = opt_factory('useProfiling', self._use_profiling, d, BOOL)
+        o = opt_factory('use_profiling', self._use_profiling, d, BOOL)
         ol.add(o)
 
         d = 'This indicates how many passwords from profiling will be used.'
-        o = opt_factory('profilingNumber', self._profiling_number, d, INT)
+        o = opt_factory('profiling_number', self._profiling_number, d, INT)
         ol.add(o)
 
         d = 'Mask valid passwords found via brute-force with * when writing to report'
         o = opt_factory('mask_password_report', self._mask_password_in_report, d, BOOL)
         ol.add(o)
 
         d = 'Combo of username and password, file to use in bruteforcing'
-        o = opt_factory('comboFile', self._combo_file, d, INPUT_FILE)
+        o = opt_factory('combo_file', self._combo_file, d, INPUT_FILE)
         ol.add(o)
 
         d = 'Separator string used in Combo file to split username and password'
-        o = opt_factory('comboSeparator', self._combo_separator, d, STRING)
+        o = opt_factory('combo_separator', self._combo_separator, d, STRING)
         ol.add(o)
 
         return ol
@@ -226,17 +225,17 @@ def set_options(self, options_list):
         :param options_list: A dictionary with the options for the plugin.
         :return: No value is returned.
         """
-        self._users_file = options_list['usersFile'].get_value()
-        self._stop_on_first = options_list['stopOnFirst'].get_value()
-        self._passwd_file = options_list['passwdFile'].get_value()
-        self._pass_eq_user = options_list['passEqUser'].get_value()
-        self._l337_p4sswd = options_list['useLeetPasswd'].get_value()
-        self._use_emails = options_list['useEmails'].get_value()
-        self._use_SVN_users = options_list['useSvnUsers'].get_value()
-        self._use_profiling = options_list['useProfiling'].get_value()
-        self._profiling_number = options_list['profilingNumber'].get_value()
-        self._combo_file = options_list['comboFile'].get_value()
-        self._combo_separator = options_list['comboSeparator'].get_value()
+        self._users_file = options_list['users_file'].get_value()
+        self._stop_on_first = options_list['stop_on_first'].get_value()
+        self._passwd_file = options_list['passwd_file'].get_value()
+        self._pass_eq_user = options_list['pass_eq_user'].get_value()
+        self._l337_p4sswd = options_list['use_leet_password'].get_value()
+        self._use_emails = options_list['use_emails'].get_value()
+        self._use_SVN_users = options_list['use_svn_users'].get_value()
+        self._use_profiling = options_list['use_profiling'].get_value()
+        self._profiling_number = options_list['profiling_number'].get_value()
+        self._combo_file = options_list['combo_file'].get_value()
+        self._combo_separator = options_list['combo_separator'].get_value()
 
     def get_plugin_deps(self):
         """
@@ -253,34 +252,33 @@ def get_long_desc(self):
         This plugin bruteforces form authentication logins.
 
         Eleven configurable parameters exist:
-            - usersFile
-            - stopOnFirst
-            - passwdFile
-            - passEqUser
-            - useLeetPasswd
-            - useMailUsers
-            - useSvnUsers
-            - useMails
-            - useProfiling
-            - profilingNumber
-            - comboFile
-            - comboSeparator
-
-        This plugin will take users from the file pointed by "usersFile", mail
+            - users_file
+            - stop_on_first
+            - passwd_file
+            - pass_eq_user
+            - use_leet_password
+            - use_svn_users
+            - use_emails
+            - use_profiling
+            - profiling_number
+            - combo_file
+            - combo_separator
+
+        This plugin will take users from the file pointed by "users_file", mail
         users found on the site ( if "useMailUsers" is set to True ), emails found
-        on the site ( if "useMails" is set to True ), and svn users found on the
-        site ( if "useSvnUsers" is set to True ).
+        on the site ( if "use_emails" is set to True ), and svn users found on the
+        site ( if "use_svn_users" is set to True ).
 
-        This plugin will take passwords from the file pointed by "passwdFile"
-        and the result of the password profiling plugin (if "useProfiling"
-        is set to True). The profilingNumber sets the number of results from
+        This plugin will take passwords from the file pointed by "passwd_file"
+        and the result of the password profiling plugin (if "use_profiling"
+        is set to True). The profiling_number sets the number of results from
         the password profiling plugin to use in the password field.
 
         This plugin will take a combination of user and password from the
-        pointed file by "comboFile". The comboSeparator set the string used to
-        split each combination in the comboFile.
+        pointed file by "combo_file". The combo_separator set the string used to
+        split each combination in the combo_file.
 
-        The "stopOnFirst" parameter indicates if the bruteforce will stop when
+        The "stop_on_first" parameter indicates if the bruteforce will stop when
         finding the first valid credentials or not.
         """
 

diff --git a/w3af/plugins/bruteforce/basic_auth.py b/w3af/plugins/bruteforce/basic_auth.py
@@ -122,7 +122,6 @@ def _brute_worker(self, url, combination, debugging_id):
         self._found = True
 
         password_for_report = self._get_password_for_report(passwd)
-        print password_for_report
 
         desc = ('Found authentication credentials to: "%s".'
                 ' A valid user and password combination is: %s/%s .')
@@ -160,25 +159,25 @@ def get_long_desc(self):
         This plugin bruteforces basic authentication endpoints.
 
         Nine configurable parameters exist:
-            - usersFile
-            - stopOnFirst
-            - passwdFile
-            - passEqUser
-            - useLeetPasswd
-            - useSvnUsers
-            - useEmails
-            - useProfiling
-            - profilingNumber
-
-        This plugin will take users from the file pointed by "usersFile", mail
-        users found on the site and email addresses (if "useEmails" is set to True)
-        and svn users found on the site ( if "useSvnUsers" is set to True ).
-
-        This plugin will take passwords from the file pointed by "passwdFile" and
-        the result of the password profiling plugin (if "useProfiling" is set to
-        True). The profilingNumber sets the number of results from the password
+            - users_file
+            - stop_on_first
+            - passwd_file
+            - pass_eq_user
+            - use_leet_password
+            - use_svn_users
+            - use_emails
+            - use_profiling
+            - profiling_number
+
+        This plugin will take users from the file pointed by "users_file", mail
+        users found on the site and email addresses (if "use_emails" is set to True)
+        and svn users found on the site ( if "use_svn_users" is set to True ).
+
+        This plugin will take passwords from the file pointed by "passwd_file" and
+        the result of the password profiling plugin (if "use_profiling" is set to
+        True). The profiling_number sets the number of results from the password
         profiling plugin to use in the password field.
 
-        The "stopOnFirst" parameter indicates if the bruteforce will stop when
+        The "stop_on_first" parameter indicates if the bruteforce will stop when
         finding the first valid credentials or not.
         """
diff --git a/w3af/plugins/tests/bruteforce/test_basic_auth.py b/w3af/plugins/tests/bruteforce/test_basic_auth.py
@@ -43,10 +43,10 @@ class TestBasicAuth(PluginTest):
             'target': None,
             'plugins': {
                 'bruteforce': (PluginConfig('basic_auth',
-                                            ('usersFile', small_users_positive,
+                                            ('users_file', small_users_positive,
                                              PluginConfig.STR),
                                             (
-                                            'passwdFile', small_passwords, PluginConfig.STR),),
+                                            'passwd_file', small_passwords, PluginConfig.STR),),
                                ),
                 'grep': (PluginConfig('http_auth_detect'),),
             }
@@ -56,10 +56,10 @@ class TestBasicAuth(PluginTest):
             'target': None,
             'plugins': {
                 'bruteforce': (PluginConfig('basic_auth',
-                                            ('usersFile', small_users_negative,
+                                            ('users_file', small_users_negative,
                                              PluginConfig.STR),
                                             (
-                                            'passwdFile', small_passwords, PluginConfig.STR),),
+                                            'passwd_file', small_passwords, PluginConfig.STR),),
                                ),
                 'grep': (PluginConfig('http_auth_detect'),),
             }

diff --git a/w3af/plugins/tests/bruteforce/test_form_auth.py b/w3af/plugins/tests/bruteforce/test_form_auth.py
@@ -39,15 +39,15 @@ class GenericFormAuthTest(PluginTest):
         'crawl': (PluginConfig('web_spider',
                                ('only_forward', True, PluginConfig.BOOL),),),
         'bruteforce': (PluginConfig('form_auth',
-                                    ('usersFile',
+                                    ('users_file',
                                      small_users_positive,
                                      PluginConfig.STR),
 
-                                    ('passwdFile',
+                                    ('passwd_file',
                                      small_passwords,
                                      PluginConfig.INPUT_FILE),
 
-                                    ('useProfiling',
+                                    ('use_profiling',
                                      False,
                                      PluginConfig.BOOL),),),
     }
@@ -69,15 +69,15 @@ class FormAuthTest(GenericFormAuthTest):
                               ('only_forward', True, PluginConfig.BOOL),),),
         'bruteforce': (PluginConfig('form_auth',
 
-                                    ('usersFile',
+                                    ('users_file',
                                      GenericFormAuthTest.small_users_negative,
                                      PluginConfig.STR),
 
-                                    ('passwdFile',
+                                    ('passwd_file',
                                      GenericFormAuthTest.small_passwords,
                                      PluginConfig.INPUT_FILE),
 
-                                    ('useProfiling',
+                                    ('use_profiling',
                                      False,
                                      PluginConfig.BOOL),),)
     }