From 4e5f0da1aeb4f22cf530ac80654c13952f6e60fb Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 20 Jan 2011 16:07:08 +0000
Subject: [PATCH] minor update

---
 lib/core/option.py   | 24 ++++++++++++++++++------
 lib/core/settings.py |  6 ++++++
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/lib/core/option.py b/lib/core/option.py
index a7f8d86b5..75039f413 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -82,6 +82,8 @@ from lib.core.settings import MAXDB_ALIASES
 from lib.core.settings import SYBASE_ALIASES
 from lib.core.settings import UNKNOWN_DBMS_VERSION
 from lib.core.settings import TIME_DELAY_CANDIDATES
+from lib.core.settings import BURP_SPLITTER
+from lib.core.settings import WEBSCARAB_SPLITTER
 from lib.core.update import update
 from lib.parse.configfile import configFileParser
 from lib.parse.payloads import loadPayloads
@@ -145,7 +147,12 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
         """
         Parses web scarab logs (POST method not supported)
         """
-        reqResList = content.split("### Conversation")
+        reqResList = content.split(WEBSCARAB_SPLITTER)
+
+        if WEBSCARAB_SPLITTER not in content:
+            warnMsg = "given file is not a valid WebScarab log file"
+            logger.warning(warnMsg)
+            return
 
         for request in reqResList:
             url    = extractRegexResult(r"URL: (?P<result>.+?)\n", request, re.I)
@@ -173,7 +180,12 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
         port   = None
         scheme = None
 
-        reqResList = content.split("======================================================")
+        if BURP_SPLITTER not in content:
+            warnMsg = "given file is not a valid Burp log file"
+            logger.warning(warnMsg)
+            return
+
+        reqResList = content.split(BURP_SPLITTER)
 
         for request in reqResList:
             if scheme is None:
@@ -267,14 +279,14 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
 
     fp = openFile(reqFile, "rb")
 
-    fread = fp.read()
-    fread = fread.replace("\r", "")
+    content = fp.read()
+    content = content.replace("\r", "")
 
     if conf.scope:
         logger.info("using regular expression '%s' for filtering targets" % conf.scope)
 
-    __parseBurpLog(fread)
-    __parseWebScarabLog(fread)
+    __parseBurpLog(content)
+    __parseWebScarabLog(content)
 
 def __loadQueries():
     """
diff --git a/lib/core/settings.py b/lib/core/settings.py
index b20b75f43..28b4ce821 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -198,3 +198,9 @@ COMMON_PASSWORD_SUFFIXES = ["1", "123", "2", "12", "3", "13", "7", "11", "5", "2
 
 # Reference: http://www.the-interweb.com/serendipity/index.php?/archives/94-A-brief-analysis-of-40,000-leaked-MySpace-passwords.html
 COMMON_PASSWORD_SUFFIXES += ["!", ".", "*", "!!", "?", ";", "..", "!!!", ",", "@"]
+
+# Splitter used between requests in WebScarab log files
+WEBSCARAB_SPLITTER = "### Conversation"
+
+# Splitter used between requests in BURP log files
+BURP_SPLITTER = "======================================================"