Python JsonSerializer.set_dictionary Beispiele

Beispiel #1

        def _deep_inject_form(href, depth=1):
            # Check the domain
            if href in parsed_forms or \
                    urlparse(href).netloc != base_url or \
                    (max_depth is not None and depth > max_depth):
                return ''

            # Visit the current href
            parsed_relevant, request_cookies = HtmlParser.relevant_parse(href)
            parsed_forms[href] = HtmlParser.find_forms(parsed_relevant, href)

            # Find adjacent links
            links = HtmlParser.find_links(parsed_relevant)

            if len(parsed_forms) % 10 == 0:
                Log.info('Writing result in ' + out_file + '...')
                JsonSerializer.set_dictionary(parsed_forms, out_file)

            # Visit adjacent links
            for link in links:
                # print('link: '+link)
                child_request_cookies = _deep_inject_form(link, depth + 1)
                if len(child_request_cookies) > len(request_cookies):
                    request_cookies = child_request_cookies

            return request_cookies

Beispiel #2

 def __add__(key, element):
     dictionary = JsonSerializer.get_dictionary(APP_SETTINGS)
     elements = dictionary.get(key)
     if type(elements) != list:
         elements = []
     if element not in elements:
         elements.append(element)
         dictionary[key] = elements
         JsonSerializer.set_dictionary(dictionary, APP_SETTINGS)
     return True

Beispiel #3

Datei: mac_manufacturer.py Projekt: LaRaCySec/black-widow

 def _update_manufacturer_dict(self):
     manufacturer_response = HttpRequest.request(
         MacManufacturer._MANUFACTURERS_URL)
     if manufacturer_response is None:
         return
     if manufacturer_response.text is None:
         return
     manufacturer_dict = dict()
     manufacturer_list = manufacturer_response.text.splitlines()
     for manufacturer in manufacturer_list:
         if len(manufacturer) < 1:
             continue
         if manufacturer[0] == '#':
             continue
         manufacturer_details = manufacturer.split('\t')
         i = 0
         mac = None
         lookup_dict = {
             MacManufacturer._MANUFACTURERS_DETAIL_DICT[1]: None,
             MacManufacturer._MANUFACTURERS_DETAIL_DICT[2]: None,
             MacManufacturer._MANUFACTURERS_DETAIL_DICT[3]: None
         }
         for detail in manufacturer_details:
             if detail == '':
                 continue
             if i == 0:
                 # MAC address
                 mac_detail = detail.split('/')
                 if len(mac_detail) == 2:
                     # The mac has a sub mask, so the dict key is the first n bits
                     sub_mask = int(mac_detail[1]) / 4
                     mac_sub_mask = floor(sub_mask + (sub_mask / 2))
                     mac = mac_detail[0][0:mac_sub_mask]
                 elif len(mac_detail) == 1:
                     # The mac has not a sub mask
                     mac = mac_detail[0]
                 else:
                     Log.error("Wrong mac address: " + str(detail))
                     break
             if i >= len(MacManufacturer._MANUFACTURERS_DETAIL_DICT):
                 Log.error("Wrong manufacturer details: " +
                           str(manufacturer_details))
                 break
             lookup_dict[
                 MacManufacturer._MANUFACTURERS_DETAIL_DICT[i]] = detail
             i += 1
         if mac is None:
             Log.error("Wrong manufacturer details: " +
                       str(manufacturer_details))
             continue
         manufacturer_dict[mac] = lookup_dict
     if len(manufacturer_dict) > 0:
         self._manufacturer_dict = manufacturer_dict
         JsonSerializer.set_dictionary(self._manufacturer_dict,
                                       MacManufacturer._MANUFACTURERS_JSON)

Beispiel #4

    def deep_inject_form(url, max_depth, listen: bool = False) -> dict:
        """
        Search a form in the page returned by url.
        If it doesn't find a form, or the injection can't be done, it visit the website in search for other forms
        :param listen: True if this method should listen and print the SQL tasks, otherwise False
        :param url: str The url to visit
        :param max_depth: int The max depth during the visit
        :return A dictionary of SQL injection tasks
        """

        base_url = urlparse(url).netloc
        parsed_forms = dict()
        out_file = APP_STORAGE_OUT + '/' + now(
        ) + '_DEEP_FORMS_' + base_url + '.json'

        def _deep_inject_form(href, depth=1):
            # Check the domain
            if href in parsed_forms or \
                    urlparse(href).netloc != base_url or \
                    (max_depth is not None and depth > max_depth):
                return ''

            # Visit the current href
            parsed_relevant, request_cookies = HtmlParser.relevant_parse(href)

            # Find forms in page
            parsed_forms[href] = HtmlParser.find_forms(parsed_relevant, href)

            # Find adjacent links
            links = HtmlParser.find_links(parsed_relevant)

            if len(parsed_forms) % 10 == 0:
                Log.info('Writing result in ' + out_file + '...')
                JsonSerializer.set_dictionary(parsed_forms, out_file)

            # Visit adjacent links
            for link in links:
                # print('link: '+link)
                child_request_cookies = _deep_inject_form(link, depth + 1)
                if len(child_request_cookies) > len(request_cookies):
                    request_cookies = child_request_cookies

            return request_cookies

        cookies = _deep_inject_form(url)
        Log.info('Writing result in ' + out_file + '...')
        JsonSerializer.set_dictionary(parsed_forms, out_file)
        Log.success('Result wrote in ' + out_file)
        Log.success('Website crawled! Found ' + str(len(parsed_forms)) +
                    ' pages')
        tasks = SqlmapClient.try_inject_forms(parsed_forms, cookies)
        if listen:
            SqlInjection.__listen_tasks(tasks)
        return tasks

Beispiel #5

 def __remove__(key, element):
     dictionary = JsonSerializer.get_dictionary(APP_SETTINGS)
     if dictionary.get(key) is None:
         return True
     if element == '*':
         # Rimuove tutti gli elementi
         dictionary[key] = []
         JsonSerializer.set_dictionary(dictionary, APP_SETTINGS)
         return True
     elements = dictionary[key]
     if element in elements:
         elements.remove(element)
         dictionary[key] = elements
         JsonSerializer.set_dictionary(dictionary, APP_SETTINGS)
     return True

Beispiel #6

 def __set__(key, value):
     dictionary = JsonSerializer.get_dictionary(APP_SETTINGS)
     dictionary[key] = value
     JsonSerializer.set_dictionary(dictionary, APP_SETTINGS)
     return True