def responseHandler(response):
'''
@description: 处理响应结果
@param {type}
@return:
'''
#结果处理阶段
try:
size = intToSize(int(response.headers['content-length']))
except (KeyError, ValueError):
size = intToSize(len(response.content))
#跳过大小为skip_size的页面
if size == conf.skip_size:
return
#自动识别404-判断是否与获取404页面特征匹配
if conf.auto_check_404_page:
if hashlib.md5(
response.content).hexdigest() in conf.autodiscriminator_md5:
return
#自定义状态码显示
if response.status_code in conf.response_status_code:
# msg = '[{}]'.format(str(response.status_code))
# if conf.response_header_content_type:
# msg += '[{}]'.format(response.headers['content-type'])
# if conf.response_size:
# msg += '[{}] '.format(str(size))
# msg += response.url
# msg += 'xuchao'
# print(msg)
msg = []
msg.append(str(response.status_code))
if conf.response_header_content_type:
msg.append(str(response.headers['content-type']))
if conf.response_size:
msg.append(str(size))
msg.append(str(response.url))
print(msg)
result.append(msg)
#已去重复,结果保存。NOTE:此处使用response.url进行文件名构造,解决使用-iL参数时,不能按照域名来命名文件名的问题
#使用replace(),替换`:`,修复window下不能创建有`:`的文件问题
# saveResults(urllib.parse.urlparse(response.url).netloc.replace(':','_'),msg)
#关于递归扫描。响应在自定义状态码中时,添加判断是否进行递归扫描
if response.status_code in conf.recursive_status_code:
if conf.recursive_scan:
recursiveScan(response.url, payloads.all_payloads)
#自定义正则匹配响应
pattern = re.compile(conf.custom_response_page)
if pattern.search(response.content.decode('utf-8')):
print(
'[!] Custom response information matched\n[!] use regular expression:{}\n[!] matched page:{}'
.format(conf.custom_response_page, response.text))
def responseHandler(response, check404=True):
'''
@description: 处理响应结果
@param {type}
@return:
'''
#结果处理阶段
try:
size = intToSize(int(response.headers['content-length']))
except (KeyError, ValueError):
size = intToSize(len(response.content))
#跳过大小为skip_size的页面
if size == conf.skip_size:
return
brief = getBrief(response.text)
#自动识别404-判断是否与获取404页面特征匹配
if check404:
if check404Feature(response.text):
return
if checkBriefLimit(brief):
return
#自定义状态码显示
if response.status_code in conf.response_status_code or not check404:
msg = '[{}]'.format(str(response.status_code))
if conf.response_header_content_type:
msg += '[{}]'.format(response.headers.get('content-type'))
if conf.response_size:
msg += '[{}]'.format(str(size))
msg += '[{}] '.format(brief)
msg += response.url
outputscreen.info('\r' + msg + ' ' * (th.console_width - len(msg) + 1))
#已去重复,结果保存。NOTE:此处使用response.url进行文件名构造,解决使用-iL参数时,不能按照域名来命名文件名的问题
#使用replace(),替换`:`,修复window下不能创建有`:`的文件问题
#saveResultssaveResults(urllib.parse.urlparse(response.url).netloc.replace(':','_'),msg)
saveResults(msg)
#关于递归扫描。响应在自定义状态码中时,添加判断是否进行递归扫描
if response.status_code in conf.recursive_status_code:
if conf.recursive_scan:
recursiveScan(response.url, payloads.all_payloads)
#自定义正则匹配响应
if conf.custom_response_page:
pattern = re.compile(conf.custom_response_page)
if pattern.search(response.text):
outputscreen.info(
'[!] Custom response information matched\n[!] use regular expression:{}\n[!] matched page:{}'
.format(conf.custom_response_page, response.text))
def responseHandler(response):
'''
@description: 处理响应结果
@param {type}
@return:
'''
#3结果处理阶段
try:
size = intToSize(int(response.headers['content-length']))
except (KeyError, ValueError):
size = intToSize(len(response.content))
#跳过大小为skip_size的页面
if size == conf.skip_size:
return
#自动识别404-判断是否与获取404页面特征匹配
if conf.auto_check_404_page:
if hashlib.md5(
response.content).hexdigest() == conf.autodiscriminator_md5:
return
#自定义状态码显示
if response.status_code in conf.response_status_code:
msg = '[{}]'.format(str(response.status_code))
if conf.response_header_content_type:
msg += '[{}]'.format(response.headers['content-type'])
if conf.response_size:
msg += '[{}]'.format(str(size))
msg += response.url
outputscreen.info('\r' + msg + ' ' * (th.console_width - len(msg) + 1))
#已去重复,结果保存。NOTE:此处使用response.url进行文件名构造,解决使用-iL参数时,不能按照域名来命名文件名的问题
saveResults(urllib.parse.urlparse(response.url).netloc, msg)
#关于递归扫描。响应在自定义状态码中时,添加判断是否进行递归扫描
if response.status_code in conf.recursive_status_code:
if conf.recursive_scan:
recursiveScan(response.url, payloads.all_payloads)
#自定义正则匹配响应
pattern = re.compile(conf.custom_response_page)
if pattern.search(response.text):
outputscreen.info(
'[!] custom response information matched\n[!] use regular expression:{}\n[!] matched page:{}'
.format(conf.custom_response_page, response.text))