#!/usr/bin/perl
#
# Dec.1999 martin eiszner
# security@freefly.com
#
# check sitemap-file for
# a given list(file) of
# possible file-extensions
# like: bak,~,sav etc....
#
#############################

$|=1;
use strict;
use Getopt::Std;
use LWP::UserAgent;
use HTTP::Request::Common;
use HTTP::Response;

use vars qw($opt_s $opt_e $opt_p $opt_l $opt_n);
getopts("s:e:p:l:n:");

my $smfile = $opt_s;
my $extfile = $opt_e;
my $proxy = $opt_p;
my $ign = $opt_n;
my $logfile = $opt_l;
my @ignore;

## ival
##
if (!$smfile || !$extfile)
{
print "\nusage: $0 -s [url/sitemapFile]\n\t-e [extensionsFile]\n\t-l [logFile]";
print "\n\t-n [ignoreExtensions example:(jpg:gif:xyz) ]\n\t-p [proxy]\n\n";
exit 11;
}

## check ignore
##
@ignore = split(/:/,$ign) if ($ign ne '');
$ignore[0] = $ign if ($ign !~ /:/ && length($ign) > 0);

## load extensions
##
my @ext;
open (EF, "< $extfile") || die "\ncant open $extfile ?!\n";

while (<EF>)
{
push (@ext, $_);
}

close(EF);

## our sitemap
##
open (SMF, "< $smfile") || die "\ncant open $smfile ?!\n";
if ($logfile ne ''){ open (RF, "> $logfile") || print "cant open $logfile\n"; }

## our useragent
##
my $ua = new LWP::UserAgent;
$ua->timeout(25);
$ua->agent("Mozilla/4.0(compatible;MSIE 6.0;Windows NT 5.0)");
if ($proxy ne '')
{
($proxy = "http://".$proxy) if ($proxy !~ /http:\/\// && $proxy !~ /https:\/\//);
$ua->proxy('http', $proxy);
}


## ok the main loop
## walks thru sitemap-file
##

while (<SMF>)
{
my $e = $_;
$e =~ s/[\r\n]//g;
my $oext = ext($e);

## only if extension is valid
##
if ( !inarr(\@ignore,ext($e)) )
{
my $ex;
foreach $ex (@ext)
{
$ex =~ s/[\r\n]//g;
if (".".$oext ne $ex) # too easy :-)
{
my $req = new HTTP::Request('HEAD', $e.$ex);
my $res = $ua->request($req);

if ($res->is_success)
{
print "*** FOUND ***\t $e$ex\n";
print RF "*** FOUND ***\t $e$ex\n" if($logfile ne '');
}
else
{
print "(",$res->code,") $e$ex\n";
print RF "(",$res->code,") $e$ex\n" if($logfile ne '');
}

## lets try another request
## for prog-src-files ?!
my $src_e = $e;
if ($src_e =~ /\.(.[^\/\.]+)$/)
{
my $e_ext = $1;
$src_e =~ s/\..[^\/\.]+$/$ex/;

my $req1 = new HTTP::Request('HEAD', $src_e);
my $res1 = $ua->request($req1);

if ($res1->is_success)
{
print "*** FOUND ***\t $src_e\n";
print RF "*** FOUND ***\t $src_e\n" if($logfile ne '');
}
else
{
print "(",$res1->code,") $src_e\n";
print RF "(",$res1->code,") $src_e\n" if($logfile ne '');
}
}

} # oext ne $ext
} # foreach $ext
}
}

close(SFM);
close(RF) if($logfile ne '');
print "\ngame over\n";

######################
## end main start subs
######################

## search array
##
sub inarr
{
my $array = shift;
my $needle = shift;

for (my $c=0; $c<=$#{$array}; $c++)
{
return 1 if ($needle eq @{$array}[$c]);
}

return 0;
}

## return extension of url
##
sub ext
{
my $str = shift;
$str =~ /.+\.(.[^\.\/]+)$/;

return $1;
}