Example #1
0
 def Get(url):
     mt = methods.Get(url)
     if mt == 0:
         pass
     elif mt == 1 and refxss.Get(url) == 1:
         for param in url.split("?")[1].split("&"):
             for payload in xss_payloads:
                 req = nq.Get(url.replace(param, param + en(payload)))
                 if req != 0:
                     if payload.encode('utf-8') in req.content:
                         bug = {
                             'name': 'Corss-site scripting',
                             'payload': payload,
                             'method': 'GET',
                             'parameter': param,
                             'link': url.replace(param, param + en(payload))
                         }
                         show.bug(bug='Cross-site scripting',
                                  payload=payload,
                                  method='GET',
                                  parameter=param,
                                  link=url.replace(param,
                                                   param + en(payload)))
                         return bug
     return None
Example #2
0
 def Get(url):
     if methods.Get(url) == 1:
         if 1 == 1:
             for param in url.split('?')[1].split('&'):
                 for payload, message in ssti_payloads.items():
                     r = nq.Get(url)
                     if r == 0:
                         break
                     r = len(findall(message.encode('utf-8'), r.content))
                     req = nq.Get(url.replace(param, param + en(payload)))
                     if req == 0:
                         break
                     if r < len(
                             findall(message.encode('utf-8'), req.content)):
                         bug = {
                             'name': 'template injection',
                             'payload': payload,
                             'method': 'GET',
                             'parameter': param,
                             'link': url.replace(param,
                                                 param + en(payload)),
                             'target': url.split('?')[0]
                         }
                         show.bug(bug='template injection',
                                  payload=payload,
                                  method='GET',
                                  parameter=param,
                                  link=url.replace(param,
                                                   param + en(payload)))
                         return bug
     return None
Example #3
0
 def Get(url):
     for param in url.split('?')[1].split('&'):
         for payload in sqli_payloads:
             r = nq.Get(url)
             if r == 0:
                 break
             save_request.save(r)
             req = nq.Get(url.replace(param, param + payload))
             if req == 0:
                 break
             for n, e in sql_err.items():
                 r2 = findall(e.encode('utf-8'), save_request.get().content)
                 r3 = findall(e.encode('utf-8'), req.content)
                 if len(r2) < len(r3):
                     bug = {
                         'name': 'SQL injection',
                         'payload': payload,
                         'method': 'GET',
                         'parameter': param,
                         'link': url.replace(param, param + en(payload)),
                         'target': url.split('?')[0]
                     }
                     show.bug(bug='SQL injection',
                              payload=payload,
                              method='GET',
                              parameter=param,
                              target=url.split('?')[0],
                              link=url.replace(param, param + en(payload)))
                     return bug
     return None
Example #4
0
 def Get(url):
     for param in url.split('?')[1].split('&'):
         for payload in crlf_payloads:
             r = nq.Get(url.replace(param,param + en(payload)))
             if r == 0:
                 break
             if r.headers.get('Header-Test'):
                 bug = {
                         'name':'CRLF injection',
                         'payload':payload.replace('\n','%0a').replace('\r','%0d'),
                         'method':'GET',
                         'parameter':param,
                         'link':url.replace(param,param + en(payload)),
                         'target':url.split('?')[0]
                     }
                 show.bug(
                 bug='CRLF injection',
                 payload=payload.replace('\n','%0a').replace('\r','%0d'),
                 method='GET',
                 parameter=param,
                 link=url.replace(param,param + en(payload))
                         )
                 return bug
             else:
                 continue
     return None
Example #5
0
 def Get(url):
     for param in url.split("?")[1].split("&"):
         for payload in xss_payloads:
             req = nq.Get(url.replace(param, param + en(payload)))
             if req != 0:
                 if payload.encode('utf-8') in req.content:
                     show.bug(bug='Cross-site scripting',
                              payload=payload,
                              method='GET',
                              parameter=param,
                              link=url.replace(param, param + en(payload)))
                     break
Example #6
0
 def Get(url):
     for param in url.split('?')[1].split('&'):
         for payload in crlf_payloads:
             r = nq.Get(url.replace(param, param + en(payload)))
             if r == 0:
                 break
             if 'BLATRUC' == r.headers.get('Header-Test'):
                 show.bug(bug='CRLF injection',
                          payload=payload.replace('\n', '%0a').replace(
                              '\r', '%0d'),
                          method='GET',
                          parameter=param,
                          link=url.replace(param, param + en(payload)))
             else:
                 continue
Example #7
0
 def Get(url):
     for param in url.split('?')[1].split('&'):
         for payload, message in ssti_payloads.items():
             r = nq.Get(url)
             if r == 0:
                 break
             r = len(findall(message.encode('utf-8'), r.content))
             req = nq.Get(url.replace(param, param + en(payload)))
             if req == 0:
                 break
             if r < len(findall(message.encode('utf-8'), req.content)):
                 show.bug(bug='template injection',
                          payload=payload,
                          method='GET',
                          parameter=param,
                          link=url.replace(param, param + en(payload)))
                 break