Update requirements and setup, refactor loader module for compatibility, bump version to 3.2.0

.travis.yml

@@ -3,35 +3,33 @@ language: python
 services:
   - docker
 python:
-  - "3.4"
-  - "3.5"
-  - "3.6"
-  - "3.7"
-  - "3.8"
+  - "3.12"
 before_install:
   - docker-compose -f tests/server_dir/docker-compose.yml up -d
 install:
- - make install-dev
- - python setup.py install
-  
+  - make install-dev
+  - python setup.py install
+
 script:
   - flake8 src tests
   - coverage run --append -m unittest discover -v -s tests/
-  - if [[ $TRAVIS_PYTHON_VERSION == '3.6' && $TRAVIS_BRANCH == 'master' ]]; then codecov; fi
-  - if [[ $TRAVIS_PYTHON_VERSION != '3.4' && $TRAVIS_PYTHON_VERSION != '3.5' ]]; then black --check src tests; fi
+  - black --check src tests
+
 deploy:
   provider: pypi
   user: x4vi_mendez
   password:
     secure: qE2hD6gyopogdJh6Qs9B1s8LkTLiZ2b4jZzDojDOnhITve2hosOfoi2T/a9JrRxP9xeMJmt7t4B7F6h+qiSdi6fz2CLT8qAG5zJFfk/+ZqIQX3zvhthoG6QS8F4Qk7kNDMuaMOeMF3qtK5oSR/cqBY3Fs7SiF9wmH2OH7XBjFdOhRzs7Y8vVEXfxy6O4wHqXkwa6ZHXfuFPly/aZGj8CwlVF4qT6zQGpOrTAJneUonQGei2qIBGVSMSLGXHxndN3a1/RA0L+J3jZKb7zi6XyqAJvXTa3OqbxwSSEdLlUdzPrjLPuMuArgTgDErgSiDlwbceDwx7TlBJy2VEF2OwQ9KAIQFKkE6Rp/sp38l3Dnriv8gzi7N0sdaSAMDH5n8zvl6xJ5hqOnB+1jfpEiSQmvr7chi3OxpniG0eW9ThgZOSLjGp0TXGSh9P3jAiZPlt1HWmNoiwOuTwjue0Lx0MH2vYW1smHJSM+FMbdCL1GwFMsEmBX+2bFzaniuyUEmM5GBpj66Pa9yULho4FTC00Aumffl2A7gnSinYwLzjIB3zUMWFzZBaijLr8caeTYMnMdccNYxWcU4kE1h584FGtMDAO8IdEwW907ZTn0H/sTrb+lFs+x3H4oLc9i+/9j/K1G3jrKJfcTOuMm4D9df+lcfgRCQzB6RyiHJWlEdGEBrJM=
   distributions: sdist bdist_wheel
   on:
-    branch:
-      - master
-      - /^v.*$/
+    branches:
+      only:
+        - master
+        - /^v.*$/
     tags: true
-    python: 3.6
+    python: 3.12
+
 addons:
   apt:
     packages:
-    - libcurl4-openssl-dev
+      - libcurl4-openssl-dev

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.8-alpine3.12 as builder
+FROM python:3.12-alpine as builder
 
 RUN apk add --no-cache build-base curl-dev
 
@@ -9,7 +9,7 @@ WORKDIR wfuzz/
 RUN python setup.py install
 
 
-FROM python:3.8-alpine3.12
+FROM python:3.12-alpine
 
 RUN apk add --no-cache curl-dev
 

README.md

@@ -6,7 +6,6 @@
 <a href="https://pypi.python.org/pypi/wfuzz"><img src="https://img.shields.io/pypi/pyversions/wfuzz.svg"></a>
 <a href="https://codecov.io/github/xmendez/wfuzz"><img src="https://codecov.io/github/xmendez/wfuzz/coverage.svg?branch=master"></a>
 
-
 # Wfuzz - The Web Fuzzer
 
 Wfuzz has been created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload.
@@ -23,27 +22,26 @@ Wfuzz is more than a web content scanner:
 
 * Wfuzz exposes a simple language interface to the previous HTTP requests/responses performed using Wfuzz or other tools, such as Burp. This allows you to perform manual and semi-automatic tests with full context and understanding of your actions, without relying on a web application scanner underlying implementation.
 
-
 It was created to facilitate the task in web applications assessments, it's a tool by pentesters for pentesters ;)
 
-## Installation 
+## Installation
 
 To install WFuzz, simply use pip:
 
-```
+```bash
 pip install wfuzz
 ```
 
 To run Wfuzz from a docker image, run:
 
-```
-$ docker run -v $(pwd)/wordlist:/wordlist/ -it ghcr.io/xmendez/wfuzz wfuzz
+```bash
+docker run -v $(pwd)/wordlist:/wordlist/ -it ghcr.io/xmendez/wfuzz wfuzz
 ```
 
 ## Documentation
 
-Documentation is available at http://wfuzz.readthedocs.io
+Documentation is available at <http://wfuzz.readthedocs.io>
 
-## Download 
+## Download
 
-Check github releases. Latest is available at https://github.com/xmendez/wfuzz/releases/latest
+Check github releases. Latest is available at <https://github.com/xmendez/wfuzz/releases/latest>

requirements.txt

@@ -16,3 +16,4 @@ pyparsing==2.4.7          # via packaging
 pytest==6.0.1             # via wfuzz (setup.py)
 six==1.15.0               # via packaging, wfuzz (setup.py)
 toml==0.10.1              # via pytest
+legacy-cgi; python_version >= '3.13'  # via pytest

setup.py

@@ -8,84 +8,83 @@
 
 
 version = re.search(
-    r'^__version__\s*=\s*"(.*)"',
-    open('src/wfuzz/__init__.py').read(),
-    re.M
+    r'^__version__\s*=\s*"(.*)"', open("src/wfuzz/__init__.py").read(), re.M
 ).group(1)
 
 docs_requires = [
     "Sphinx",
 ]
 
 dev_requires = [
-    'mock',
-    'coverage',
-    'codecov',
-    'netaddr',  # tests/api/test_payload.py uses ipranges payload
-    'pip-tools',
-    'flake8==3.8.3',
+    "mock",
+    "coverage",
+    "codecov",
+    "netaddr",  # tests/api/test_payload.py uses ipranges payload
+    "pip-tools",
+    "flake8==3.8.3",
     'black==19.10b0;python_version>"3.5"',
-    'pytest',
+    "pytest",
 ]
 
 install_requires = [
-    'pycurl',
-    'pyparsing<2.4.2;python_version<="3.4"',
-    'pyparsing>=2.4*;python_version>="3.5"',
-    'six',
-    'configparser;python_version<"3.5"',
-    'chardet',
+    "pycurl",
+    'pyparsing < 2.4.2; python_version <= "3.4"',
+    'pyparsing >= 2.4; python_version >= "3.5"',
+    "six",
+    'configparser; python_version < "3.5"',
+    "chardet",
+    'legacy-cgi; python_version >= "3.13"',
 ]
 
 
 if sys.platform.startswith("win"):
-    install_requires += ["colorama>=0.4.0"]
+    install_requires += ["colorama >= 0.4.0"]
 
 
 try:
-    os.symlink('../../docs/user/advanced.rst', 'src/wfuzz/advanced.rst')
+    os.symlink("../../docs/user/advanced.rst", "src/wfuzz/advanced.rst")
     setup(
         name="wfuzz",
-        packages=find_packages(where='src'),
-        package_dir={'wfuzz': 'src/wfuzz'},
+        packages=find_packages(where="src"),
+        package_dir={"wfuzz": "src/wfuzz"},
         include_package_data=True,
-        package_data={'wfuzz': ['*.rst']},
+        package_data={"wfuzz": ["*.rst"]},
         entry_points={
-            'console_scripts': [
-                'wfuzz = wfuzz.wfuzz:main',
-                'wfpayload = wfuzz.wfuzz:main_filter',
-                'wfencode = wfuzz.wfuzz:main_encoder',
+            "console_scripts": [
+                "wfuzz = wfuzz.wfuzz:main",
+                "wfpayload = wfuzz.wfuzz:main_filter",
+                "wfencode = wfuzz.wfuzz:main_encoder",
+            ],
+            "gui_scripts": [
+                "wxfuzz = wfuzz.wfuzz:main_gui",
             ],
-            'gui_scripts': [
-                'wxfuzz = wfuzz.wfuzz:main_gui',
-            ]
         },
         version=version,
         description="Wfuzz - The web fuzzer",
         long_description=long_descr,
-        long_description_content_type='text/markdown',
+        long_description_content_type="text/markdown",
         author="Xavi Mendez (@x4vi_mendez)",
         author_email="[email protected]",
         url="http://wfuzz.org",
         license="GPLv2",
         install_requires=install_requires,
         extras_require={
-            'dev': dev_requires,
-            'docs': docs_requires,
+            "dev": dev_requires,
+            "docs": docs_requires,
         },
         python_requires=">=2.6",
         classifiers=(
-            'Development Status :: 4 - Beta',
-            'Natural Language :: English',
-            'License :: OSI Approved :: GNU General Public License v2 (GPLv2)',
-            'Programming Language :: Python',
-            'Programming Language :: Python :: 3',
-            'Programming Language :: Python :: 3.4',
-            'Programming Language :: Python :: 3.5',
-            'Programming Language :: Python :: 3.6',
-            'Programming Language :: Python :: 3.7',
-            'Programming Language :: Python :: 3.8',
+            "Development Status :: 4 - Beta",
+            "Natural Language :: English",
+            "License :: OSI Approved :: GNU General Public License v2 (GPLv2)",
+            "Programming Language :: Python",
+            "Programming Language :: Python :: 3",
+            "Programming Language :: Python :: 3.4",
+            "Programming Language :: Python :: 3.5",
+            "Programming Language :: Python :: 3.6",
+            "Programming Language :: Python :: 3.7",
+            "Programming Language :: Python :: 3.8",
         ),
     )
 finally:
-    os.unlink('src/wfuzz/advanced.rst')
+    os.unlink("src/wfuzz/advanced.rst")

src/wfuzz/__init__.py

@@ -1,5 +1,5 @@
 __title__ = "wfuzz"
-__version__ = "3.1.0"
+__version__ = "3.2.0"
 __build__ = 0x023000
 __author__ = "Xavier Mendez"
 __license__ = "GPL 2.0"
@@ -51,6 +51,3 @@ def warning_on_one_line(message, category, filename, lineno, file=None, line=Non
     )
 
     sys.exit(1)
-
-from .options import FuzzSession
-from .api import fuzz, get_payload, get_payloads, encode, decode, payload, get_session

src/wfuzz/externals/moduleman/loader.py

@@ -1,8 +1,17 @@
 import inspect
 import logging
-import imp
 import os.path
 
+try:
+    from imp import find_module
+except ImportError:
+    from importlib.util import find_spec as find_module
+try:
+    from imp import load_module
+except ImportError:
+    from importlib.util import module_from_spec as load_module
+# import imp
+
 
 class IModuleLoader:
     def __init__(self, **params):
@@ -58,8 +67,8 @@ def _load_py_from_file(self, filename):
         module = None
 
         try:
-            exten_file, filename, description = imp.find_module(fn, [dirname])
-            module = imp.load_module(fn, exten_file, filename, description)
+            exten_file, filename, description = find_module(fn, [dirname])
+            module = load_module(fn, exten_file, filename, description)
         except ImportError as msg:
             self.__logger.critical(
                 "__load_py_from_file. Filename: %s Exception, msg=%s" % (filename, msg)

src/wfuzz/helpers/file_func.py

@@ -1,7 +1,10 @@
 import os
 import sys
-import re
-import pkg_resources
+
+# import re
+# import pkg_resources
+import importlib.resources
+# Use importlib.resources (Python 3.7+) or importlib_resources for older Python 3.
 
 from chardet.universaldetector import UniversalDetector
 import chardet
@@ -15,7 +18,11 @@ def get_filter_help_file():
 
     filter_help_text = None
     try:
-        fname = pkg_resources.resource_filename("wfuzz", FILTER_HELP_FILE)
+        try:
+            filter_help_text = importlib.resources.read_text("wfuzz", FILTER_HELP_FILE)
+            return filter_help_text
+        except (FileNotFoundError, AttributeError):
+            fname = get_path(FILTER_HELP_DEV_FILE)
         filter_help_text = open(fname).read()
     except IOError:
         filter_help_text = open(get_path(FILTER_HELP_DEV_FILE)).read()
@@ -102,7 +109,6 @@ def __next__(self):
         last_error = None
 
         while decoded_line is None:
-
             while self.det_encoding is None:
                 detect_encoding = self.detect_encoding().get("encoding", "utf-8")
                 self.det_encoding = (