Building the Scanner
Next
we begin crafting the code for our
scanner. The first thing we need to do is open our script and set up
our command-line options. We use the
Getopt::Std
Perl module to parse the three
command-line options outlined in Table 8-2.
Table 8-2. simpleScanner.pl options
Switch |
Argument |
Description |
---|---|---|
-c |
Cookie data string |
Use these HTTP cookies for all test requests. |
-o |
Filename |
Log all output to this filename. |
-v |
N/A |
Generate verbose output. |
We also need to check whether at least two arguments have been passed to the script (the two mandatory arguments of the input filename and hostname). If two arguments have not been passed, the script dies and prints out some basic syntax info:
#!/usr/bin/perl use LWP::UserAgent; use strict; use Getopt::Std; my %args; getopts('c:o:v', \%args); printReport("\n** Simple Web Application Scanner **\n"); unless (@ARGV) { die "\nsimpleScanner.pl [-o <file>] [-c <cookie data>] [-v] inputfile http://hostname\n\n-c: Use HTTP Cookie\n-o: Output File\n-v: Be Verbose\n"; }
Notice in the preceding code that we already called a custom
subroutine, printReport
. This subroutine is an
extremely simple routine for printing output to the screen and/or log
file. Let’s jump down and take a look at it.
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.