skipfish

A fully automated, active web application security reconnaissance tool. Key features:

* High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.

* Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

* Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

Le terminal wrote:cc -L/usr/local/lib/ -L/opt/local/lib skipfish.c -o skipfish -O3 -Wno-format -Wall -funsigned-char -g -ggdb -D_FORTIFY_SOURCE=0 -I/usr/local/include/ -I/opt/local/include/ \
http_client.c database.c crawler.c analysis.c report.c -lcrypto -lssl -lidn -lz
Dans le fichier inclus à partir de crawler.h:26,
à partir de skipfish.c:39:
http_client.h:26:25: erreur: openssl/ssl.h : Aucun fichier ou dossier de ce type
In file included from crawler.h:26,
from skipfish.c:39:
http_client.h:189: erreur: expected specifier-qualifier-list before 'SSL_CTX'
skipfish.c: In function 'main':
skipfish.c:151: attention : implicit declaration of function 'SSL_library_init'
http_client.c:37:25: erreur: openssl/ssl.h : Aucun fichier ou dossier de ce type
http_client.c:38:25: erreur: openssl/err.h : Aucun fichier ou dossier de ce type
http_client.c:39:18: erreur: idna.h : Aucun fichier ou dossier de ce type
In file included from database.h:29,
from http_client.c:45:
http_client.h:189: erreur: expected specifier-qualifier-list before 'SSL_CTX'
http_client.c: In function 'parse_url':
http_client.c:277: attention : implicit declaration of function 'idna_to_ascii_8z'
http_client.c:277: erreur: 'IDNA_SUCCESS' undeclared (first use in this function)
http_client.c:277: erreur: (Each undeclared identifier is reported only once
http_client.c:277: erreur: for each function it appears in.)
http_client.c: In function 'destroy_unlink_conn':
http_client.c:1630: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1630: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1631: erreur: 'struct conn_entry' has no member named 'prev'
http_client.c:1631: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1631: erreur: 'struct conn_entry' has no member named 'prev'
http_client.c:1631: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1632: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1632: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1632: erreur: 'struct conn_entry' has no member named 'prev'
http_client.c:1633: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:1633: attention : implicit declaration of function 'SSL_free'
http_client.c:1633: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:1634: erreur: 'struct conn_entry' has no member named 'srv_ctx'
http_client.c:1634: attention : implicit declaration of function 'SSL_CTX_free'
http_client.c:1634: erreur: 'struct conn_entry' has no member named 'srv_ctx'
http_client.c:1635: erreur: 'struct conn_entry' has no member named 'write_buf'
http_client.c:1636: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c: In function 'reuse_conn':
http_client.c:1646: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1646: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1647: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1648: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:1649: erreur: 'struct conn_entry' has no member named 'write_buf'
http_client.c:1650: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:1650: erreur: 'struct conn_entry' has no member named 'write_buf'
http_client.c:1651: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:1651: erreur: 'struct conn_entry' has no member named 'write_len'
http_client.c:1651: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:1652: erreur: 'struct conn_entry' has no member named 'SSL_rd_w_wr'
http_client.c:1652: erreur: 'struct conn_entry' has no member named 'SSL_wr_w_rd'
http_client.c: In function 'check_ssl':
http_client.c:1757: erreur: 'X509' undeclared (first use in this function)
http_client.c:1757: erreur: 'p' undeclared (first use in this function)
http_client.c:1759: attention : implicit declaration of function 'SSL_get_peer_certificate'
http_client.c:1759: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:1767: attention : implicit declaration of function 'ASN1_UTCTIME_cmp_time_t'
http_client.c:1771: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1772: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1776: attention : implicit declaration of function 'X509_NAME_oneline'
http_client.c:1776: attention : assignment makes pointer from integer without a cast
http_client.c:1779: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1780: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1782: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1783: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1790: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1802: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1803: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1805: attention : implicit declaration of function 'X509_free'
http_client.c:1807: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1808: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1810: erreur: 'struct conn_entry' has no member named 'ssl_checked'
http_client.c: In function 'conn_associate':
http_client.c:1865: erreur: 'errno' undeclared (first use in this function)
http_client.c:1865: erreur: 'EINPROGRESS' undeclared (first use in this function)
http_client.c:1871: erreur: 'struct conn_entry' has no member named 'srv_ctx'
http_client.c:1871: attention : implicit declaration of function 'SSL_CTX_new'
http_client.c:1871: attention : implicit declaration of function 'SSLv23_client_method'
http_client.c:1873: erreur: 'struct conn_entry' has no member named 'srv_ctx'
http_client.c:1875: attention : implicit declaration of function 'SSL_CTX_set_mode'
http_client.c:1875: erreur: 'struct conn_entry' has no member named 'srv_ctx'
http_client.c:1875: erreur: 'SSL_MODE_ENABLE_PARTIAL_WRITE' undeclared (first use in this function)
http_client.c:1876: erreur: 'SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER' undeclared (first use in this function)
http_client.c:1878: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:1878: attention : implicit declaration of function 'SSL_new'
http_client.c:1878: erreur: 'struct conn_entry' has no member named 'srv_ctx'
http_client.c:1880: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:1881: erreur: 'struct conn_entry' has no member named 'srv_ctx'
http_client.c:1885: attention : implicit declaration of function 'SSL_set_fd'
http_client.c:1885: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:1886: attention : implicit declaration of function 'SSL_set_connect_state'
http_client.c:1886: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:1892: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1894: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1894: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1900: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1905: erreur: 'struct conn_entry' has no member named 'write_buf'
http_client.c:1906: erreur: 'struct conn_entry' has no member named 'write_len'
http_client.c:1906: erreur: 'struct conn_entry' has no member named 'write_buf'
http_client.c: In function 'next_from_queue':
http_client.c:1934: erreur: 'struct conn_entry' has no member named 'write_len'
http_client.c:1934: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:1934: erreur: 'struct conn_entry' has no member named 'SSL_rd_w_wr'
http_client.c:1936: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1946: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:1964: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1964: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:1966: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1967: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1968: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1972: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1974: erreur: 'struct conn_entry' has no member named 'write_len'
http_client.c:1974: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:1974: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:1975: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1976: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1976: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1976: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1980: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1980: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1980: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:1981: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:1982: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1983: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1983: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1983: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1987: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1988: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1988: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:1988: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2005: erreur: 'struct conn_entry' has no member named 'SSL_wr_w_rd'
http_client.c:2006: erreur: 'struct conn_entry' has no member named 'SSL_rd_w_wr'
http_client.c:2008: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2012: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2012: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2012: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2017: erreur: 'struct conn_entry' has no member named 'SSL_rd_w_wr'
http_client.c:2019: attention : implicit declaration of function 'SSL_read'
http_client.c:2019: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:2019: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2019: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2025: attention : implicit declaration of function 'SSL_get_error'
http_client.c:2025: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:2026: erreur: 'SSL_ERROR_WANT_WRITE' undeclared (first use in this function)
http_client.c:2026: erreur: 'struct conn_entry' has no member named 'SSL_rd_w_wr'
http_client.c:2027: erreur: 'SSL_ERROR_WANT_READ' undeclared (first use in this function)
http_client.c:2032: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2032: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2038: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2039: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2039: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2039: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2041: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2041: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2048: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2048: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2048: erreur: 'struct conn_entry' has no member named 'read_buf'
http_client.c:2048: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2049: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2055: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2056: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2056: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2056: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2062: erreur: 'struct conn_entry' has no member named 'read_len'
http_client.c:2069: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2070: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2070: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2070: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2075: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2086: erreur: 'struct conn_entry' has no member named 'SSL_rd_w_wr'
http_client.c:2087: erreur: 'struct conn_entry' has no member named 'SSL_wr_w_rd'
http_client.c:2089: erreur: 'struct conn_entry' has no member named 'write_len'
http_client.c:2089: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:2095: erreur: 'struct conn_entry' has no member named 'SSL_wr_w_rd'
http_client.c:2097: attention : implicit declaration of function 'SSL_write'
http_client.c:2097: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:2097: erreur: 'struct conn_entry' has no member named 'write_buf'
http_client.c:2097: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:2098: erreur: 'struct conn_entry' has no member named 'write_len'
http_client.c:2098: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:2103: erreur: 'struct conn_entry' has no member named 'srv_ssl'
http_client.c:2104: erreur: 'struct conn_entry' has no member named 'SSL_wr_w_rd'
http_client.c:2107: erreur: 'struct conn_entry' has no member named 'ssl_checked'
http_client.c:2110: erreur: 'struct conn_entry' has no member named 'write_buf'
http_client.c:2110: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:2111: erreur: 'struct conn_entry' has no member named 'write_len'
http_client.c:2111: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:2117: erreur: 'struct conn_entry' has no member named 'write_off'
http_client.c:2119: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2136: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2138: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2139: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2141: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2142: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2143: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2143: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2143: erreur: 'struct conn_entry' has no member named 'q'
http_client.c:2182: erreur: 'struct conn_entry' has no member named 'next'
http_client.c:2186: erreur: 'struct conn_entry' has no member named 'q'
Dans le fichier inclus à partir de database.c:33:
http_client.h:26:25: erreur: openssl/ssl.h : Aucun fichier ou dossier de ce type
In file included from database.c:33:
http_client.h:189: erreur: expected specifier-qualifier-list before 'SSL_CTX'
Dans le fichier inclus à partir de crawler.c:30:
http_client.h:26:25: erreur: openssl/ssl.h : Aucun fichier ou dossier de ce type
In file included from crawler.c:30:
http_client.h:189: erreur: expected specifier-qualifier-list before 'SSL_CTX'
Dans le fichier inclus à partir de analysis.c:28:
http_client.h:26:25: erreur: openssl/ssl.h : Aucun fichier ou dossier de ce type
In file included from analysis.c:28:
http_client.h:189: erreur: expected specifier-qualifier-list before 'SSL_CTX'
analysis.c: In function 'maybe_xsrf':
analysis.c:397: attention : implicit declaration of function 'time'
analysis.c:397: attention : format '%lu' expects type 'long unsigned int', but argument 3 has type 'int'
analysis.c: In function 'get_date':
analysis.c:1355: attention : format '%02llu' expects type 'long long unsigned int *', but argument 3 has type 's64 *'
analysis.c:1355: attention : format '%02llu' expects type 'long long unsigned int *', but argument 4 has type 's64 *'
analysis.c:1355: attention : format '%02llu' expects type 'long long unsigned int *', but argument 5 has type 's64 *'
Dans le fichier inclus à partir de report.c:33:
http_client.h:26:25: erreur: openssl/ssl.h : Aucun fichier ou dossier de ce type
In file included from report.c:33:
http_client.h:189: erreur: expected specifier-qualifier-list before 'SSL_CTX'
make: *** [skipfish] Erreur 1