Ejemplo n.º 1
0
def main():

    # Make a GET request for the page
    r = simplerequest.SimpleRequest(
        "www.rit.edu",
        port=443,
        resource="/computing/directory?term_node_tid_depth=4919",
        https=True,
        conn="close",
    )
    r.render()
    r.send()

    # Make the soup!
    soup = bs4.BeautifulSoup(r.data["body"], "html.parser")

    # Find all "img" tags
    images = soup.find_all("img", {"class": "card-img-top"})

    # Get the image urls from the images list
    links = get_image_links(images)

    # Make the directory
    try:
        os.mkdir("./staff_pics")
    except FileExistsError:
        pass

    # Make a list of hosts, resources, and https
    vals = []
    for link in links:
        vals.append(simplerequest.parse_url(link))

    # Create list of request objects
    requests = []
    for data in vals:
        requests.append(
            simplerequest.SimpleRequest(
                data["host"],
                port=443,
                resource=data["resource"],
                https=data["https"],
                follow=True,
            ))

    # Thread the sending of prepared requests
    # Save the finished requests
    new = []
    new = simplerequest.thread_requests(requests)

    # Send count to append to file name because same name
    # will over write... caused me 1 hour of headaches
    count = 0
    for req in new:
        save_images(req, count)
        count += 1
Ejemplo n.º 2
0
def main():
    r = simplerequest.SimpleRequest("csec380-core.csec.rit.edu",
                                    port=82,
                                    type="POST",
                                    resource="/getSecure")
    r.render()
    r.send()

    token = simplerequest.parse_value(r.data, "Token is:")

    r = simplerequest.SimpleRequest(
        "csec380-core.csec.rit.edu",
        port=82,
        type="POST",
        resource="/getFlag3Challenge",
        body=f"token={token}",
    )
    r.render()
    r.send()

    captcha = simplerequest.parse_value(r.data, "following:")

    # Possible operator list
    operators = ["+", "-", "//", "*"]

    # Find the operator in the captcha
    op = list(filter(lambda operator: (operator in captcha), operators))
    op = op[0]

    # Get the numbers from the captcha
    captcha = captcha.split(op)

    if op == "//":
        captcha = int(captcha[0]) // int(captcha[1])
    elif op == "+":
        captcha = int(captcha[0]) + int(captcha[1])
    elif op == "-":
        captcha = int(captcha[0]) - int(captcha[1])
    elif op == "*":
        captcha = int(captcha[0]) * int(captcha[1])
    else:
        print("Operator unknown....")

    r = simplerequest.SimpleRequest(
        "csec380-core.csec.rit.edu",
        port=82,
        type="POST",
        resource="/getFlag3Challenge",
        body=f"token={token}&solution={captcha}",
    )
    r.render()
    r.send()

    print(simplerequest.parse_value(r.data, "flag is"))
Ejemplo n.º 3
0
def main():

    # Send that sweet sweet request to get the goodies
    r = simplerequest.SimpleRequest(
        "www.rit.edu",
        port=443,
        resource="/study/computing-security-bs",
        https=True,
    )
    r.render()
    r.send()

    # Start the soup!
    soup = bs4.BeautifulSoup(r.data, "html.parser")

    # Chonker is the list that holds all "tr" tags
    chonker = []

    # Find all "<tr>" tags with "class=hidden-row*"
    chonker = soup.find_all("tr", {"class": "hidden-row"})

    # parse the chonker for courseNumbers
    values = get_values(chonker)

    # Create CSV value
    write_csv(values)
Ejemplo n.º 4
0
def main():
    r = simplerequest.SimpleRequest("csec380-core.csec.rit.edu",
                                    port=82,
                                    type="POST")
    r.render()
    r.send()

    print(simplerequest.parse_value(r.data, "flag is"))
Ejemplo n.º 5
0
def main():
    r = simplerequest.SimpleRequest(
        "csec380-core.csec.rit.edu", port=82, type="POST", resource="/getSecure"
    )
    r.render()
    r.send()

    token = simplerequest.parse_value(r.data, "Token is:")

    r = simplerequest.SimpleRequest(
        "csec380-core.csec.rit.edu",
        port=82,
        type="POST",
        resource="/getFlag2",
        body=f"token={token}",
    )
    r.render()
    r.send()

    print(simplerequest.parse_value(r.data, "flag is"))
Ejemplo n.º 6
0
def main():
    r = simplerequest.SimpleRequest("csec380-core.csec.rit.edu",
                                    port=82,
                                    type="POST",
                                    resource="/getSecure")
    r.render()
    r.send()

    token = simplerequest.parse_value(r.data, "Token is:")

    r = simplerequest.SimpleRequest(
        "csec380-core.csec.rit.edu",
        port=82,
        type="POST",
        resource="/createAccount",
        body=f"token={token}&username=oneNutW0nder",
        agent=
        "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko",
    )
    r.render()
    r.send()

    password = simplerequest.parse_value(r.data, "password is")
    password = simplerequest.url_encode(password)

    r = simplerequest.SimpleRequest(
        "csec380-core.csec.rit.edu",
        port=82,
        type="POST",
        resource="/login",
        body=f"token={token}&username=oneNutW0nder&password={password}",
        agent=
        "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko",
    )
    r.render()
    r.send()

    print(simplerequest.parse_value(r.data, "flag is"))
Ejemplo n.º 7
0
def discover(paths, host, port, found, allpaths):

    wait = True
    starttime = time.time()

    while len(paths) > 0 or wait:
        try:
            wait = False

            try:
                path = paths.pop()
                starttime = time.time()

            except IndexError:
                minutes, seconds = divmod((time.time() - starttime), 60)

                if minutes > 1:
                    print("Thread decided to quit...")
                    break
                else:
                    wait = True
                    continue

            # Make request
            # no redirects
            req = simplerequest.SimpleRequest(host,
                                              resource=path,
                                              port=port,
                                              https=False)
            req.render()
            req.send()
            req.redirects()
            # print(path)

            try:
                if (req.status == "200") and (path not in found):
                    if path.count("/") < 4:
                        print(path)
                        found.append(path)

                        if path != "/":
                            for p in allpaths:
                                if ".." not in p:
                                    paths.append(f"{path}{p}")
            except IndexError:
                continue
            else:
                continue
        except Exception:
            continue
Ejemplo n.º 8
0
import simplerequest

r = simplerequest.SimpleRequest('csec380-core.csec.rit.edu',
                                port=82,
                                type="GET",
                                resource="/getFlag5")
r.render()
r.send()

print(r.data)
Ejemplo n.º 9
0
import simplerequest
import math
import time



e = time.time()

r = simplerequest.SimpleRequest(
    "csec380-core.csec.rit.edu", port=82, type="POST", resource="/getSecure"
)

r.render()
r.send()

key = simplerequest.parse_value(r.data, "Token is:")

r = simplerequest.SimpleRequest(
    "csec380-core.csec.rit.edu", port=82, type="GET", resource="/getFlag5"
)

r.render()
r.send()

xidx = r.data.find("var x =")
yidx = r.data.find("var y =")

x = int(r.data[xidx + 8 : xidx + 12].strip(";").strip('"'))
y = int(r.data[yidx + 8 : yidx + 10].strip(";"))

i = complex(x, 3)
Ejemplo n.º 10
0
import simplerequest
import socket

r = simplerequest.SimpleRequest('csec380-core.csec.rit.edu:82',
                                'POST',
                                resource='/getSecure')

req = r.render()
print(req)

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('csec380-core.csec.rit.edu', 82))

s.sendall(req.encode('utf-8'))

data = s.recv(4096).decode('ASCII')

print(data)

token = request.parse_value(data, 'Token is:').strip('"')
#print(value)

r = request.Request('csec380-core.csec.rit.edu:82',
                    'POST',
                    resource='/createAccount',
                    body=f'username=oneNutW0nder&token={token}')
req = r.render()
print(req)
s.sendall(req.encode('utf-8'))

data = s.recv(4096).decode('ASCII')