Users Guide

The application should be executed from console, in the next chapter is described the program usage.

 

Program usage

  

Usage: python wapiti.py http://server.com/base/url/ [options]

Supported options are:
-s <url>
--start <url>
    To specify an url to start with

-x <url>
--exclude <url>
    To exclude an url from the scan (for example logout scripts)
    You can also use a wildcard (*)
    Example : -x "http://server/base/?page=*&module=test"
    or -x http://server/base/admin/* to exclude a directory

-p <url_proxy>
--proxy <url_proxy>
    To specify a proxy
    Exemple: -p http://proxy:port/

-c <cookie_file>
--cookie <cookie_file>
    To use a cookie

-t <timeout>
--timeout <timeout>
    To fix the timeout (in seconds)

-a <login%password>
--auth <login%password>
    Set credentials for HTTP authentication
    Doesn't work with Python 2.4

-r <parameter_name>
--remove <parameter_name>
    Remove a parameter from URLs

-n <limit>
--nice <limit>
  Define a limit of urls to read with the same pattern
  Use this option to prevent endless loops
  Must be greater than 0

-m <module_options>
--module <module_options>
  Set the modules and HTTP methods to use for attacks.
  Example: -m "-all,xss:get,exec:post"

-u
--underline
    Use color to highlight vulnerables parameters in output

-v <level>
--verbose <level>
    Set the verbosity level
    0: quiet (default), 1: print each url, 2: print every attack

-f <type_file>
--reportType <type_file>
    Set the type of the report
    xml: Report in XML format
    html: Report in HTML format

-o <output>
--output <output_file>
    Set the name of the report file
    If the selected report type is "html", this parameter must be a directory

-i <file>
--continue <file>
    This parameter indicates Wapiti to continue with the scan from the specified
  file, this file should contain data from a previous scan.
    The file is optional, if it is not specified, Wapiti takes the default file
  from \"scans\" folder.

-k <file>
--attack <file>
    This parameter indicates Wapiti to perform attacks without scanning again the
  website and following the data of this file.
    The file is optional, if it is not specified, Wapiti takes the default file
  from \"scans\" folder.

-h
--help
    To print this usage message
 

Examples

python wapiti.py http://server.com/base/url/ -o my_report_folder -f html
python wapiti.py http://server.com/base/url/ -v 2

This examples works if python executable is in the PATH environment variable and you are in the root directory of Wapiti. In other case you cannot execute the application like in the examples and you have to put all the path to Python executable.
For example:
Windows:

C:\Python25\python C:\Wapiti\wapiti.py http://server.com/base/url/ -o my_report_folder -f html

Linux:

/usr/bin/python /home/user/wapiti.py http://server.com/base/url/ -o my_report_folder -f html

 

Other Wapiti Tools

Wapiti Web Crawler

Description

This tool explores a website and extract links and forms fields.

 

Usage

python lswww.py http://server.com/base/url/ [options]

Supported options are:
-s <url>
--start <url>
        To specify an url to start with

-x <url>
--exclude <url>
        To exclude an url from the scan (for example logout scripts)
        You can also use a wildcard (*)
        Exemple : -x "http://server/base/?page=*&module=test"
        or -x http://server/base/admin/* to exclude a directory

-p <url_proxy>
--proxy <url_proxy>
        To specify a proxy
        Exemple: -p http://proxy:port/

-c <cookie_file>
--cookie <cookie_file>
        To use a cookie

-a <login%password>
--auth <login%password>
        Set credentials for HTTP authentication
        Doesn't work with Python 2.4

-r <parameter_name>
--remove <parameter_name>
        Remove a parameter from URLs

-v <level>
--verbose <level>
        Set verbosity level
        0: only print results
        1: print a dot for each url found (default)
        2: print each url

-t <timeout>
--timeout <timeout>
        Set the timeout (in seconds)

-n <limit>
--nice <limit>
  Define a limit of urls to read with the same pattern
  Use this option to prevent endless loops
  Must be greater than 0

-h
--help
        To print this usage message
 

Wapiti Cookies Extractor

Description

This tool searches the forms in the given URL and allows you to submit a form retrieving the cookies generated by a web page. If the tool found more than one form gives you the chance to choose one of them.

Usage

python getcookie.py <cookie_file> <url_with_form>

 

Reports

HTML Report

The application generates a HTML Report (option -f html, but also by default) with contains a detailed information about the attacks performed and the vulnerabilities found

 

XML Report

Application can also generate a report with XML format. This type of report can be generated specifying the option -f xml