def path_generator(self, parsed_url, payloads: list) -> list: payloads_to_try = [] skip_print = f"{Color.bad} Skipping some used paths." upto_path = urlerslasher(parsed_url.netloc) if parsed_url.path == '/' or len(parsed_url.path) == 1: payloads_list = self.netloc_generator(parsed_url, payloads) payloads_to_try = [p for p in payloads_list] else: path_list = [ ender(path, '/') for path in findall(r'([^/]+)', parsed_url.path) ] path_range = range(len(path_list) - 1, 0, -1) for index in path_range: unslashed = unender(path_list[index - 1], '/') if self.Skipper.check_path(path_list[index - 1]): print(skip_print) return payloads_to_try elif search('[a-zA-Z].+[0-9]$', unslashed): print(skip_print) return payloads_to_try elif search('^[0-9].*$', unslashed) and len(unslashed) >= 2: print(skip_print) return payloads_to_try elif not self.Skipper.check_path(path_list[index - 1]): self.Skipper.add_path(path_list[index - 1]) for payload in payloads: path_list[index] = unstarter(payload, '/') path_payload = upto_path + "".join(path_list) payloads_to_try.append(path_payload) path_list.pop() return payloads_to_try
def main(): sql_dict['HOST'] = ender(urler(sql_dict['HOST']), "/") const = input(f"{ColorObj.information} Fetch data or edit (F/E)? ") if const == 'F': print(f"{ColorObj.good} Fetching data ..") query_res = fetch_mysql() for i in query_res: print(i) print(f"{ColorObj.good} Fetched!") main() exit() for keys, values in sql_dict.items(): print("{} ::: {}".format(keys, colored(values, color='green'))) print("") cont = input( f"{ColorObj.information} Continue with above value (Y/N) or update value (U): " ) if cont.upper() == 'Y': try: insert_mysql() except Exception as E: print(f"Error {E,E.__class__} occured while inserting data") exit(0) elif cont.upper() == 'U': up = input(f"{ColorObj.information} Enter hostname to update: ") update_mysql(up) else: main()
def insert_mysql(): statement = "INSERT INTO password (HOST, USERNAME, EMAIL, PASSWORD, 2FA, BACKUP, OTHER) VALUES (%s,%s,%s,%s,%s,%s,%s)" values = (ender( urler(sql_dict['HOST']).replace('http://', 'https://'), "/"), sql_dict['USERNAME'], sql_dict['EMAIL'], sql_dict['PASSWORD'], sql_dict['2FA'], sql_dict['BACKUP'], sql_dict['OTHER']) cursor.execute(statement, values) conn.commit()
def check_parameter(self, url: str, parameter: str) -> bool: url = ender(url, '?') exist = bool(self.parameter_list.get(url)) if exist: for self_parameter in self.parameter_list[url]: if self_parameter == parameter: return True return False
def add_parameter(self, url: str, parameter_list: list) -> list: url = ender(url, '?') if bool(self.parameter_list.get(url)): var = self.parameter_list[url] var.update(set(parameter_list)) self.parameter_list[url] = var return False self.parameter_list[url] = set(parameter_list) return True
def write_output(filename, orgs, commons, filepath=None) -> tuple: if filepath: output_file = open(ender(filepath, '/') + filename + '.certex', 'a') else: output_file = open(filename, 'a') for org in orgs: output_file.write(org) output_file.write('\n') for common in commons: output_file.write(common + '\n') output_file.close()
def main(): if argv.server: p = Payloader.generate_payloads(input_wordlist, urler(argv.server)) elif argv.auto: if ',' in argv.auto: server_path, public_path = argv.auto.split(',') public_url = unender(ender(ngrok.connect(port = port), '/') + unstarter(public_path, '/'), '/') else: server_path = argv.auto public_url = unender(ngrok.connect(port = port), '/') system(f"(cd {server_path}; fuser -k {port}/tcp 1>/dev/null 2>/dev/null; php -S 0.0.0.0:{port} 1>/dev/null 2>/dev/null &)") p = Payloader.generate_payloads(input_wordlist, urler(public_url)) with ThreadPoolExecutor(max_workers=argv.threads) as mapper: mapper.map(try_payload, p) print(f"{Color.good} Success. Check your server logs for bounty!")
def write_output(objects, filename=None, path=None): if path: output_file = open(ender(path, '/') + filename + '.CRLFi', 'a') elif filename: output_file = open(filename, 'a') else: print("Cant write output") for single_object in objects: the_payload, is_exploitable = single_object.result() if is_exploitable: print( f"{Color.good} Yes, the url is exploitable\t,Payload: {the_payload}" ) output_file.write("Exploitable:{}, Payload:{}\n".format( is_exploitable, the_payload)) return output_file.close()
def update_mysql(host): data = fetch_mysql() where = "" for i in data: if i[1] == host: where = i[0] data = i[1:] break statement = "UPDATE password SET HOST = %s, USERNAME = %s, EMAIL = %s, PASSWORD = %s, 2FA = %s, BACKUP = %s, OTHER = %s WHERE ID = %s" values = (ender( urler(sql_dict['HOST']).replace('http://', 'https://'), "/"), sql_dict['USERNAME'], sql_dict['EMAIL'], sql_dict['PASSWORD'], sql_dict['2FA'], sql_dict['BACKUP'], sql_dict['OTHER'], int(where)) cursor.execute(statement, values) conn.commit()
def output_writer(filename, to_write, filepath=None): if filepath: output_file = open(ender(filepath, '/') + filename + '.jscan', 'a') else: output_file = open(filename, 'a') for jsresults in to_write: jarray = sorted(jsresults.result(), key=lambda x: x[1]) for jsresult in jarray: output_file.write(jsresult[0]) #for tag in tag_dict.items(): #for jsresult in jarray: #print(f"JR1: {jsresult[1]}, Tag0: {tag[0]}") #if not tag[1] and tag[0] == jsresult[1]: # output_file.write(f"{tag[0]}:\t") # tag_dict[tag[0]] = True #else: # print("Writing content", end=" ") # print(f"Jresult[0] {jsresult[0]}") # output_file.write(jsresult[0]) #else: # print(f"T0: {tag[0]},J1: {jsresult[1]}") #output_file.write('\n') output_file.close()
def output_directory_writer(filepath, filename, dork_list: list) -> bool: output_file = open( ender(filepath, '/') + unstarter(filepath, '/') + '.google', 'a') for dork_line in dork_list: output_file.write(dork_line) output_file.close()
action="store_true", help="Fetch from config file (optional, not implemented)") group.add_argument('-a', '--argv', action="store_true", help="Fetch from command line (optional, not implemented)") group.add_argument('-i', '--input', action="store_true", help="Fetch from input (optional, not implemented)") argv = parser.parse_args() mode = starter(argv) if mode == 'argv': sql_dict['HOST'] = ender( urler(argv.host).replace('http://', 'https://'), "/") sql_dict['USERNAME'] = argv.username sql_dict['EMAIL'] = argv.email sql_dict['PASSWORD'] = argv.password sql_dict['2FA'] = argv.two_factor sql_dict['BACKUP'] = argv.backup sql_dict['OTHER'] = argv.other elif mode == 'input': sql_dict['HOST'] = ender( (urler(input(f"{ColorObj.information} Enter Host: "))).replace( 'http://', 'https://'), "/") sql_dict['USERNAME'] = input(f"{ColorObj.information} Enter Username: "******"{ColorObj.information} Enter Email: ") sql_dict['PASSWORD'] = input(f"{ColorObj.information} Enter Password: "******"{ColorObj.information} Enter 2FA: ") sql_dict['BACKUP'] = input(f"{ColorObj.information} Enter Backup: ")
def generate_url(self, half_url: str, parameters: list) -> list: return [ ender(half_url, '?') + '&'.join(parameter) for parameter in parameters ]
def write_output_directory(filepath, filename, towrite): f = open(ender(filepath, '/') + filename + ".github", 'a') [f.write(d) for data in towrite for d in data] f.close()