def newToken(self):
data = '{{"username": "******", "password": "******"}}'.format(self.username, self.password)
req = requests.post('http://api.zoomeye.org/user/login', data=data, )
content = json.loads(req.content)
if req.status_code != 401 and "access_token" in content:
self.token = content['access_token']
self.headers = {'Authorization': 'JWT %s' % self.token}
return True
return False
def _executeVerify(pocInfo, targetJson, targetUrl, mode):
url, startTime = parseTargetUrl(targetUrl), time.time()
step, method, path, params, headers, match, status_code = initilizeJson(targetJson)
if (targetUrl + pocInfo['vulID']) not in resultJson:
resultJson[targetUrl + pocInfo['vulID']] = {}
resultJson[targetUrl + pocInfo['vulID']]['verifyInfo'] = {'URL': url, 'Postdata': params, 'Path': path}
try:
if method == 'get':
r = req.get('%s/%s' % (url, path), params=params, headers=headers)
else:
r = req.post('%s/%s' % (url, path), data=params, headers=headers)
except Exception, ex:
logger.log(CUSTOM_LOGGING.ERROR, str(ex))
return False
def _executeVerify(pocInfo, targetJson, targetUrl, mode):
url, startTime = parseTargetUrl(targetUrl), time.time()
step, method, path, params, headers, match, status_code = initilizeJson(
targetJson)
if (targetUrl + pocInfo['vulID']) not in resultJson:
resultJson[targetUrl + pocInfo['vulID']] = {}
resultJson[targetUrl + pocInfo['vulID']]['verifyInfo'] = {
'URL': url,
'Postdata': params,
'Path': path
}
try:
if method == 'get':
r = req.get('%s/%s' % (url, path), params=params, headers=headers)
else:
r = req.post('%s/%s' % (url, path), data=params, headers=headers)
except Exception, ex:
logger.log(CUSTOM_LOGGING.ERROR, str(ex))
return False
def check(self, url):
try:
content = req.post(url, data=self._check_data, timeout=10).content
return self._keyword in content
except req.Timeout:
return False
def check(self, url):
try:
content = req.post(url, data=self._check_data, timeout=10).content
return self._keyword in content
except req.Timeout:
return False
