Attachment #238856 for bug #268423




PORTNAME=	0d1n
PORTVERSION=	3.8
CATEGORIES=	security

MAINTAINER=	zackj901@yandex.com


USE_GITHUB=	yes
GH_ACCOUNT=	CoolerVoid
GH_TAGNAME=	OdinV38

PLIST_FILES=	bin/0d1n
PORTDOCS=	README.txt

OPTIONS_DEFINE=	DOCS

post-patch:
	@${REINPLACE_CMD}  -e  '/^#include <alloca\.h>/d' \
	${WRKSRC}/src/headers/spider.h ${WRKSRC}/src/headers/results.h

do-install:
	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin
	${MKDIR} 	    ${STAGEDIR}${DATADIR}/view
	${MKDIR} 	    ${STAGEDIR}${DATADIR}/view/response_sources
	${MKDIR} 	    ${STAGEDIR}${DATADIR}/payloads
	(cd ${WRKSRC} && ${COPYTREE_SHARE} templates  ${STAGEDIR}${DATADIR})
	(cd ${WRKSRC} && ${COPYTREE_SHARE} payloads   ${STAGEDIR}${DATADIR})

do-install-DOCS-on:
	@${MKDIR} ${STAGEDIR}${DOCSDIR}

Lines 1-3 Link Here

(-)b/security/0d1n/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1488890485	1	TIMESTAMP = 1671242917
2	SHA256 (CoolerVoid-0d1n-2.3_GH0.tar.gz) = 7fe26f0268fe63ec0352502ae590a7a5e258248f253649661dc782ca7edd52ae	2	SHA256 (CoolerVoid-0d1n-3.8-OdinV38_GH0.tar.gz) = d392250b27c6870cbd219de52c89e3f2e3ed50ec2d309a1b8721774f63591665
3	SIZE (CoolerVoid-0d1n-2.3_GH0.tar.gz) = 3866302	3	SIZE (CoolerVoid-0d1n-3.8-OdinV38_GH0.tar.gz) = 4350113




--- Makefile.orig	2022-07-10 02:56:04 UTC
+++ Makefile
@@ -1,42 +1,14 @@
-CC=gcc
-CFLAGS=-W -Wall -Wextra -Wformat-security -Wno-maybe-uninitialized -O2
-HARDENING=-fstack-protector-all -pie -fPIE
+CC?=gcc
+CFLAGS+=-W -Wall -Wextra  -fstack-protector-all
+DFLAGS=-D_FORTIFY_SOURCE=2 -I /usr/local/include -I src/headers
+LDFLAGS=-Wl,-z,relro,-z,now,-L,/usr/local/lib,-lcurl,-lpthread
 DIR=src/
 DIROUT=bin/
 DIR_HEADERS=src/headers/
-UNAME_S := $(shell uname -s)
-ifeq ($(UNAME_S),Darwin)
-	LDFLAGS=-Wl,-lcurl, -lpthread
-else
-	LDFLAGS=-Wl,-z,relro,-z,now -lcurl -lpthread
-endif
-
-#LDFLAGS=-lcurl
-
+CC?=cc
+CFLAGS+=-W -Wall -Wextra -fstack-protector-all
+DFLAGS=-D_FORTIFY_SOURCE=2 -I /usr/local/include
+LDFLAGS=-Wl,-z,relro,-z,now,-L,/usr/local/lib,-lcurl
 
-0d1n: 0d1n.c 
+all: 0d1n.c
 	$(CC) $(CFLAGS) $(DFLAGS) -c *.c
 	$(CC) -o 0d1n *.o $(LDFLAGS)
 
+all:   $(DIR)0d1n.c 
+	$(CC) $(CFLAGS) $(DFLAGS) -c $(DIR)*.c 
+	$(CC)  -o 0d1n *.o  $(LDFLAGS)
 
-0d1n: $(DIR)0d1n.c 
-	$(CC) $(CFLAGS) $(HARDENING) -c $(DIR)*.c -I$(DIR_HEADERS)
-	$(CC) $(HARDENING)  -o $(DIROUT)0d1n *.o  $(LDFLAGS)
 
-clean:
-	rm -f *.o 0d1n
-
-PREFIX=/usr/local
-install:
-	make
-	mkdir -p $(DESTDIR)$(PREFIX)/bin
-	install -m 0755 bin/0d1n $(DESTDIR)$(PREFIX)/bin
-	mkdir /opt/0d1n
-	mkdir /opt/0d1n/view/
-	mkdir /opt/0d1n/view/response_sources
-	mkdir /opt/0d1n/payloads
-	cp -rf templates /opt/0d1n/
-	cp -rf tables /opt/0d1n/view/
-	cp -rf payloads /opt/0d1n/
-	chmod 0755 -R /opt/0d1n
-	chown ${USER} -R /opt/0d1n
-	chown ${USER} $(DESTDIR)$(PREFIX)/bin/0d1n
-
-uninstall:
-	rm $(DESTDIR)$(PREFIX)/bin/0d1n
-	rm -rf /opt/0d1n
-	rm -f *.o 0d1n




--- src/0d1n.c.orig	2022-12-09 02:48:56 UTC
+++ src/0d1n.c
@@ -61,14 +61,7 @@ main (int argc, char ** argv)
 // this source code have a different scan() function to bypass the compiler bug
 /* remove comment to test the patch
 */
-#ifdef __GNUC__
-#  if __GNUC_PREREQ(10,0)
 
-	scan_gcc_new();
-#  else
-	scan_gcc_old();
-#  endif
-#endif
 
  	exit(0);
 }




--- src/headers/file_ops.h.orig	2022-07-10 02:56:04 UTC
+++ src/headers/file_ops.h
@@ -1,18 +1,17 @@
 #ifndef FILE_OPS_H__
 #define FILE_OPS_H__
 
-#define PATH_RESULT "/opt/0d1n/view/"
-#define TABLE "/opt/0d1n/view/tables/output_array.txt"
-#define TEMPLATE "/opt/0d1n/templates/template.conf"
-#define TEMPLATE2 "/opt/0d1n/templates/hammer1.conf"
-#define TEMPLATE3 "/opt/0d1n/templates/hammer2.conf"
+#define PATH_RESULT "/usr/local/share/data/0d1n/view/"
+#define TABLE      "/usr/local/share/data/0d1n/output_array.txt"
+#define TEMPLATE  "/usr/local/share/data/templates/template.conf"
+#define TEMPLATE2 "/usr/loal/share/data/templates/hammer1.conf"
+#define TEMPLATE3 "/usr/local/share/data/templates/hammer2.conf"
 
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <errno.h>
-#include <alloca.h>
 #include "opt_extract.h"
 
 void end_datatable(char * path);




--- src/mem_ops.c.orig	2022-12-16 06:38:12 UTC
+++ src/mem_ops.c
@@ -17,7 +17,8 @@ xmalloc_fatal(size_t size) 
 xmalloc_fatal(size_t size) 
 {
 
-	DEBUG("\n Memory FAILURE...\n size dbg: %lu\n",size);
+
+    DEBUG("\n Memory FAILURE...\n size dbg: %zu\n",size);
 
 	exit(0);
 }




--- src/opt_extract.c.orig	2022-07-10 02:56:04 UTC
+++ src/opt_extract.c
@@ -99,27 +99,27 @@ LAST
  YELLOW
  "Example 1 to find SQL-injection:\n"
 LAST
-"0d1n --host 'http://site.com/view/1^/product/^/' --payloads /opt/0d1n/payloads/sqli_list.txt --find_string_list /opt/0d1n/payloads/sqli_str2find_list.txt --log log1337 --tamper randcase --threads 800 --timeout 3 --save_response\n"
+"0d1n --host 'http://site.com/view/1^/product/^/' --payloads /usr/local/share/0d1n/payloads/sqli_list.txt --find_string_list /usr/local/share/0d1n/payloads/sqli_str2find_list.txt --log log1337 --tamper randcase --threads 800 --timeout 3 --save_response\n"
 "\n"
 YELLOW
  "Example 2 to Bruteforce in simple auth:\n"
 LAST
-"0d1n --host 'http://site.com/auth.py' --post 'user=admin&password=^' --payloads /opt/0d1n/payloads/wordlist.txt --log log007 --threads 500 --timeout 3 --save_response\n"
+"0d1n --host 'http://site.com/auth.py' --post 'user=admin&password=^' --payloads /usr/local/share/0d1n/payloads/wordlist.txt --log log007 --threads 500 --timeout 3 --save_response\n"
 "\n"
 YELLOW
 "Example 3 to search XSS and pass anti-csrf token:\n"
 LAST
-"0d1n --host https://page/test.php --post 'admin=user_name&pass=^' --payloads /opt/0d1n/payloads/xss.txt --find_string_list opt/0d1n/payloads/xss.txt --token_name name_token_field --log logtest --save_response\n"
+"0d1n --host https://page/test.php --post 'admin=user_name&pass=^' --payloads /usr/local/share/0d1n/payloads/xss.txt --find_string_list opt/0d1n/payloads/xss.txt --token_name name_token_field --log logtest --save_response\n"
 "\n"
 YELLOW
 "Example 4 Brute dir:\n"
 LAST
-"0d1n --host https://page/^ --payloads /opt/0d1n/payloads/dir_brute.txt --threads 800 --timeout 3 --log logtest_brutedir --save_response\n"
+"0d1n --host https://page/^ --payloads /usr/local/share/0d1n/payloads/dir_brute.txt --threads 800 --timeout 3 --log logtest_brutedir --save_response\n"
 YELLOW
 "\n"
 "Example 5 Keep alive test like slowloris:\n"
 LAST
-"0d1n --host https://page/ --threads 50 --keep_alive_test --max_requests 1000 --proxy-rand  /opt/0d1n/payloads/proxy.txt --useragent-rand /opt/0d1n/payloads/useragents.txt --log logtest_keepalive --save_response\n"
+"0d1n --host https://page/ --threads 50 --keep_alive_test --max_requests 1000 --proxy-rand  /usr/local/share/0d1n/payloads/proxy.txt --useragent-rand /usr/local/share/0d1n/payloads/useragents.txt --log logtest_keepalive --save_response\n"
 "\nNotes:\n"
 LAST
 "Look the character '^', is lexical char to change to payload list lines...\n"




--- src/strsec.c.orig	2022-12-09 02:57:38 UTC
+++ src/strsec.c
@@ -17,6 +17,9 @@
  */
 
 
+#include <string.h>
+#include <stdlib.h>
+
 #if !defined(__FreeBSD__) && !defined(__OpenBSD__) && !defined(__NetBSD__) && \
     !defined(__bsdi__) && !defined(__APPLE__)
 
@@ -155,7 +158,7 @@ char *xstrndup (const char *s, size_t n)
 
 char *xstrndup (const char *s, size_t n)
 {
-	char* new = xmalloc(n+1);
+	char* new = malloc(n+1);
 
 	if (new) 
 	{




%%DATADIR%%/templates/hammer1.conf
%%DATADIR%%/templates/hammer2.conf
%%DATADIR%%/templates/template.conf
%%DATADIR%%/payloads/crlfinjection.txt
%%DATADIR%%/payloads/dir_brute.txt
%%DATADIR%%/payloads/find_responses.txt
%%DATADIR%%/payloads/js_inject.txt
%%DATADIR%%/payloads/ldap_injection.txt
%%DATADIR%%/payloads/list.txt
%%DATADIR%%/payloads/openredirect.txt
%%DATADIR%%/payloads/passive_sqli.txt
%%DATADIR%%/payloads/password_brute.txt
%%DATADIR%%/payloads/path_traversal.txt
%%DATADIR%%/payloads/path_traversal_win32.txt
%%DATADIR%%/payloads/proxy.txt
%%DATADIR%%/payloads/proxy_list.txt
%%DATADIR%%/payloads/sqli.txt
%%DATADIR%%/payloads/useragents.txt
%%DATADIR%%/payloads/wordlist.txt
%%DATADIR%%/payloads/xml_attack.txt
%%DATADIR%%/payloads/xml_attacks.txt
%%DATADIR%%/payloads/xpath_injection.txt
%%DATADIR%%/payloads/xss.txt
%%DATADIR%%/payloads/xss_robertux.txt
%%DATADIR%%/payloads/xxe_fuzz.txt
@dir %%DATADIR%%/view/response_sources

Return to bug 268423

Lines 1-5 Link Here

(-)b/security/0d1n/Makefile (-3 / +9 lines)
1	PORTNAME= 0d1n	1	PORTNAME= 0d1n
2	PORTVERSION= 2.3	2	PORTVERSION= 3.8
3	CATEGORIES= security	3	CATEGORIES= security
4		4
5	MAINTAINER= zackj901@yandex.com	5	MAINTAINER= zackj901@yandex.com
Lines 12-17 LIB_DEPENDS= libcurl.so:ftp/curl Link Here
12		12
13	USE_GITHUB= yes	13	USE_GITHUB= yes
14	GH_ACCOUNT= CoolerVoid	14	GH_ACCOUNT= CoolerVoid
		15	GH_TAGNAME= OdinV38
15		16
16	PLIST_FILES= bin/0d1n	17	PLIST_FILES= bin/0d1n
17	PORTDOCS= README.txt	18	PORTDOCS= README.txt
Lines 19-29 PORTDOCS= README.txt Link Here
19	OPTIONS_DEFINE= DOCS	20	OPTIONS_DEFINE= DOCS
20		21
21	post-patch:	22	post-patch:
22	@${REINPLACE_CMD} -e '/^#include <alloca\.h>/d' \	23	@${REINPLACE_CMD} -e '/^#include <alloca\.h>/d' \
23	${WRKSRC}/get_csrf_token.h ${WRKSRC}/spider.h	24	${WRKSRC}/src/headers/spider.h ${WRKSRC}/src/headers/results.h
24		25
25	do-install:	26	do-install:
26	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin	27	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin
		28	${MKDIR} ${STAGEDIR}${DATADIR}/view
		29	${MKDIR} ${STAGEDIR}${DATADIR}/view/response_sources
		30	${MKDIR} ${STAGEDIR}${DATADIR}/payloads
		31	(cd ${WRKSRC} && ${COPYTREE_SHARE} templates ${STAGEDIR}${DATADIR})
		32	(cd ${WRKSRC} && ${COPYTREE_SHARE} payloads ${STAGEDIR}${DATADIR})
27		33
28	do-install-DOCS-on:	34	do-install-DOCS-on:
29	@${MKDIR} ${STAGEDIR}${DOCSDIR}	35	@${MKDIR} ${STAGEDIR}${DOCSDIR}

Lines 1-25 Link Here

(-)b/security/0d1n/files/patch-Makefile (-17 / +44 lines)
1	--- Makefile.orig 2017-01-14 22:53:30 UTC	1	--- Makefile.orig 2022-07-10 02:56:04 UTC
2	+++ Makefile	2	+++ Makefile
3	@@ -1,17 +1,9 @@	3	@@ -1,42 +1,14 @@
4	-CC=gcc	4	-CC=gcc
5	-CFLAGS=-W -Wall -Wextra -O2 -fstack-protector-all	5	-CFLAGS=-W -Wall -Wextra -Wformat-security -Wno-maybe-uninitialized -O2
6	-DFLAGS=-D_FORTIFY_SOURCE=2	6	-HARDENING=-fstack-protector-all -pie -fPIE
		7	+CC?=gcc
		8	+CFLAGS+=-W -Wall -Wextra -fstack-protector-all
		9	+DFLAGS=-D_FORTIFY_SOURCE=2 -I /usr/local/include -I src/headers
		10	+LDFLAGS=-Wl,-z,relro,-z,now,-L,/usr/local/lib,-lcurl,-lpthread
		11	DIR=src/
		12	DIROUT=bin/
		13	DIR_HEADERS=src/headers/
7	-UNAME_S := $(shell uname -s)	14	-UNAME_S := $(shell uname -s)
8	-ifeq ($(UNAME_S),Darwin)	15	-ifeq ($(UNAME_S),Darwin)
9	- LDFLAGS=-Wl,-lcurl	16	- LDFLAGS=-Wl,-lcurl, -lpthread
10	-else	17	-else
11	- LDFLAGS=-Wl,-z,relro,-z,now -lcurl	18	- LDFLAGS=-Wl,-z,relro,-z,now -lcurl -lpthread
12	-endif	19	-endif
13	-
14	-#LDFLAGS=-lcurl
15	-
16	+CC?=cc
17	+CFLAGS+=-W -Wall -Wextra -fstack-protector-all
18	+DFLAGS=-D_FORTIFY_SOURCE=2 -I /usr/local/include
19	+LDFLAGS=-Wl,-z,relro,-z,now,-L,/usr/local/lib,-lcurl
20		20
21	-0d1n: 0d1n.c
22	+all: 0d1n.c
23	$(CC) $(CFLAGS) $(DFLAGS) -c *.c
24	$(CC) -o 0d1n *.o $(LDFLAGS)
25		21
		22	+all: $(DIR)0d1n.c
		23	+ $(CC) $(CFLAGS) $(DFLAGS) -c $(DIR)*.c
		24	+ $(CC) -o 0d1n *.o $(LDFLAGS)
		25
		26	-0d1n: $(DIR)0d1n.c
		27	- $(CC) $(CFLAGS) $(HARDENING) -c $(DIR)*.c -I$(DIR_HEADERS)
		28	- $(CC) $(HARDENING) -o $(DIROUT)0d1n *.o $(LDFLAGS)
		29
		30	-clean:
		31	- rm -f *.o 0d1n
		32	-
		33	-PREFIX=/usr/local
		34	-install:
		35	- make
		36	- mkdir -p $(DESTDIR)$(PREFIX)/bin
		37	- install -m 0755 bin/0d1n $(DESTDIR)$(PREFIX)/bin
		38	- mkdir /opt/0d1n
		39	- mkdir /opt/0d1n/view/
		40	- mkdir /opt/0d1n/view/response_sources
		41	- mkdir /opt/0d1n/payloads
		42	- cp -rf templates /opt/0d1n/
		43	- cp -rf tables /opt/0d1n/view/
		44	- cp -rf payloads /opt/0d1n/
		45	- chmod 0755 -R /opt/0d1n
		46	- chown ${USER} -R /opt/0d1n
		47	- chown ${USER} $(DESTDIR)$(PREFIX)/bin/0d1n
		48	-
		49	-uninstall:
		50	- rm $(DESTDIR)$(PREFIX)/bin/0d1n
		51	- rm -rf /opt/0d1n
		52	- rm -f *.o 0d1n

Added Link Here

(-)b/security/0d1n/files/patch-src_0d1n.c (+17 lines)
1	--- src/0d1n.c.orig 2022-12-09 02:48:56 UTC
2	+++ src/0d1n.c
3	@@ -61,14 +61,7 @@ main (int argc, char ** argv)
4	// this source code have a different scan() function to bypass the compiler bug
5	/* remove comment to test the patch
6	*/
7	-#ifdef __GNUC__
8	-# if __GNUC_PREREQ(10,0)
9
10	- scan_gcc_new();
11	-# else
12	- scan_gcc_old();
13	-# endif
14	-#endif
15
16	exit(0);
17	}

Added Link Here

(-)b/security/0d1n/files/patch-src_headers_file__ops.h (+26 lines)
1	--- src/headers/file_ops.h.orig 2022-07-10 02:56:04 UTC
2	+++ src/headers/file_ops.h
3	@@ -1,18 +1,17 @@
4	#ifndef FILE_OPS_H__
5	#define FILE_OPS_H__
6
7	-#define PATH_RESULT "/opt/0d1n/view/"
8	-#define TABLE "/opt/0d1n/view/tables/output_array.txt"
9	-#define TEMPLATE "/opt/0d1n/templates/template.conf"
10	-#define TEMPLATE2 "/opt/0d1n/templates/hammer1.conf"
11	-#define TEMPLATE3 "/opt/0d1n/templates/hammer2.conf"
12	+#define PATH_RESULT "/usr/local/share/data/0d1n/view/"
13	+#define TABLE "/usr/local/share/data/0d1n/output_array.txt"
14	+#define TEMPLATE "/usr/local/share/data/templates/template.conf"
15	+#define TEMPLATE2 "/usr/loal/share/data/templates/hammer1.conf"
16	+#define TEMPLATE3 "/usr/local/share/data/templates/hammer2.conf"
17
18	#include <stdio.h>
19	#include <string.h>
20	#include <stdlib.h>
21	#include <unistd.h>
22	#include <errno.h>
23	-#include <alloca.h>
24	#include "opt_extract.h"
25
26	void end_datatable(char * path);

Added Link Here

(-)b/security/0d1n/files/patch-src_mem__ops.c (+12 lines)
1	--- src/mem_ops.c.orig 2022-12-16 06:38:12 UTC
2	+++ src/mem_ops.c
3	@@ -17,7 +17,8 @@ xmalloc_fatal(size_t size)
4	xmalloc_fatal(size_t size)
5	{
6
7	- DEBUG("\n Memory FAILURE...\n size dbg: %lu\n",size);
8	+
9	+ DEBUG("\n Memory FAILURE...\n size dbg: %zu\n",size);
10
11	exit(0);
12	}

Added Link Here

(-)b/security/0d1n/files/patch-src_opt__extract.c (+35 lines)
1	--- src/opt_extract.c.orig 2022-07-10 02:56:04 UTC
2	+++ src/opt_extract.c
3	@@ -99,27 +99,27 @@ LAST
4	YELLOW
5	"Example 1 to find SQL-injection:\n"
6	LAST
7	-"0d1n --host 'http://site.com/view/1^/product/^/' --payloads /opt/0d1n/payloads/sqli_list.txt --find_string_list /opt/0d1n/payloads/sqli_str2find_list.txt --log log1337 --tamper randcase --threads 800 --timeout 3 --save_response\n"
8	+"0d1n --host 'http://site.com/view/1^/product/^/' --payloads /usr/local/share/0d1n/payloads/sqli_list.txt --find_string_list /usr/local/share/0d1n/payloads/sqli_str2find_list.txt --log log1337 --tamper randcase --threads 800 --timeout 3 --save_response\n"
9	"\n"
10	YELLOW
11	"Example 2 to Bruteforce in simple auth:\n"
12	LAST
13	-"0d1n --host 'http://site.com/auth.py' --post 'user=admin&password=^' --payloads /opt/0d1n/payloads/wordlist.txt --log log007 --threads 500 --timeout 3 --save_response\n"
14	+"0d1n --host 'http://site.com/auth.py' --post 'user=admin&password=^' --payloads /usr/local/share/0d1n/payloads/wordlist.txt --log log007 --threads 500 --timeout 3 --save_response\n"
15	"\n"
16	YELLOW
17	"Example 3 to search XSS and pass anti-csrf token:\n"
18	LAST
19	-"0d1n --host https://page/test.php --post 'admin=user_name&pass=^' --payloads /opt/0d1n/payloads/xss.txt --find_string_list opt/0d1n/payloads/xss.txt --token_name name_token_field --log logtest --save_response\n"
20	+"0d1n --host https://page/test.php --post 'admin=user_name&pass=^' --payloads /usr/local/share/0d1n/payloads/xss.txt --find_string_list opt/0d1n/payloads/xss.txt --token_name name_token_field --log logtest --save_response\n"
21	"\n"
22	YELLOW
23	"Example 4 Brute dir:\n"
24	LAST
25	-"0d1n --host https://page/^ --payloads /opt/0d1n/payloads/dir_brute.txt --threads 800 --timeout 3 --log logtest_brutedir --save_response\n"
26	+"0d1n --host https://page/^ --payloads /usr/local/share/0d1n/payloads/dir_brute.txt --threads 800 --timeout 3 --log logtest_brutedir --save_response\n"
27	YELLOW
28	"\n"
29	"Example 5 Keep alive test like slowloris:\n"
30	LAST
31	-"0d1n --host https://page/ --threads 50 --keep_alive_test --max_requests 1000 --proxy-rand /opt/0d1n/payloads/proxy.txt --useragent-rand /opt/0d1n/payloads/useragents.txt --log logtest_keepalive --save_response\n"
32	+"0d1n --host https://page/ --threads 50 --keep_alive_test --max_requests 1000 --proxy-rand /usr/local/share/0d1n/payloads/proxy.txt --useragent-rand /usr/local/share/0d1n/payloads/useragents.txt --log logtest_keepalive --save_response\n"
33	"\nNotes:\n"
34	LAST
35	"Look the character '^', is lexical char to change to payload list lines...\n"

Added Link Here

(-)b/security/0d1n/files/patch-src_strsec.c (+21 lines)
1	--- src/strsec.c.orig 2022-12-09 02:57:38 UTC
2	+++ src/strsec.c
3	@@ -17,6 +17,9 @@
4	*/
5
6
7	+#include <string.h>
8	+#include <stdlib.h>
9	+
10	#if !defined(__FreeBSD__) && !defined(__OpenBSD__) && !defined(__NetBSD__) && \
11	!defined(__bsdi__) && !defined(__APPLE__)
12
13	@@ -155,7 +158,7 @@ char xstrndup (const char s, size_t n)
14
15	char xstrndup (const char s, size_t n)
16	{
17	- char* new = xmalloc(n+1);
18	+ char* new = malloc(n+1);
19
20	if (new)
21	{

Added Link Here

(-)b/security/0d1n/pkg-plist (+26 lines)
1	%%DATADIR%%/templates/hammer1.conf
2	%%DATADIR%%/templates/hammer2.conf
3	%%DATADIR%%/templates/template.conf
4	%%DATADIR%%/payloads/crlfinjection.txt
5	%%DATADIR%%/payloads/dir_brute.txt
6	%%DATADIR%%/payloads/find_responses.txt
7	%%DATADIR%%/payloads/js_inject.txt
8	%%DATADIR%%/payloads/ldap_injection.txt
9	%%DATADIR%%/payloads/list.txt
10	%%DATADIR%%/payloads/openredirect.txt
11	%%DATADIR%%/payloads/passive_sqli.txt
12	%%DATADIR%%/payloads/password_brute.txt
13	%%DATADIR%%/payloads/path_traversal.txt
14	%%DATADIR%%/payloads/path_traversal_win32.txt
15	%%DATADIR%%/payloads/proxy.txt
16	%%DATADIR%%/payloads/proxy_list.txt
17	%%DATADIR%%/payloads/sqli.txt
18	%%DATADIR%%/payloads/useragents.txt
19	%%DATADIR%%/payloads/wordlist.txt
20	%%DATADIR%%/payloads/xml_attack.txt
21	%%DATADIR%%/payloads/xml_attacks.txt
22	%%DATADIR%%/payloads/xpath_injection.txt
23	%%DATADIR%%/payloads/xss.txt
24	%%DATADIR%%/payloads/xss_robertux.txt
25	%%DATADIR%%/payloads/xxe_fuzz.txt
26	@dir %%DATADIR%%/view/response_sources