def results_cmd(self, raw):
try:
args = Args(raw, ["clear"], 0, [
Term("where",
keys=self.results.Keys(),
start="where",
stop="order"),
Term("order",
keys=self.results.Keys(),
start="order",
stop="where"),
])
if args.clear:
self.results.Clear()
self.display.P("Results Cleared...", True)
else:
self.display.ResultHeader()
for r in self.results.Search(args.where.pairs,
args.order.terms):
self.display.Result(r)
self.display.BR()
return True
except:
self._error()
return False
def jwt_cmd(self, raw):
try:
args = Args(raw, [("token", str)], 0)
canary = self.options.Get("canary_url")
issuer = self.options.Get("oauth_issuer")
keyfile = self.options.Get("oauth_keyfile")
kid = self.options.Get("oauth_kid")
if args.token:
jwt = Jwty(args.token)
self.display.JWT(False, jwt, canary, issuer, keyfile, kid)
else:
wzd = Wizzard({
"header": ("Enter Header (Default None):", dict, True, {}),
"payload":
("Enter Payload (Default None):", dict, True, {}),
"secret": ("Enter HS Secret or RS Key (Default None):",
str, True, False),
"signature":
("Enter Signature (Default None): ", str, False, False)
})
self.display.Header("JWT Builder")
wzd.Launch()
j = Jwty.Construct(wzd.payload, keyfile, kid, issuer,
wzd.header, wzd.secret, wzd.signature)
self.display.Header("ENCODED TOKEN: ")
print(j)
self.display.BR()
return True
except:
self._error()
return False
def permutate_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), "ALL", ("opt1", str),
("opt2", str)], 1)
opts = [self._substitute(args.opt1), self._substitute(args.opt2)]
if self._validate(args, "log_id"):
log = self.logs.Get(args.log_id)
orig, err = self.replay.Request(log, None)
self.display.ResultHeader()
if err:
self.display.Error(
"Base Request Failed for log: {0}".format(args.log_id))
return True
self._result(args.log_id, "PERM", {"Base Line": ""}, orig,
False, None)
self.replay.Repeat(
args.log_id, log, "PERM",
self.logs.Permutations(False if args.ALL else args.log_id,
opts), None, None,
[Html.Compare, orig], self._result, self.display.Error)
self.display.BR()
return True
except:
self._error()
return False
def replay_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), ("parm", str), ("val", str),
("find", str)], 1)
args.val = self._substitute(args.val)
if self._validate(args, "log_id"):
log = self.logs.Get(args.log_id)
pv = To.Dict(args.parm, args.val) if args.parm else None
res, err = self.replay.Request(log, pv, args.find)
if not err:
self.display.ResultHeader()
self._result(args.log_id, "REPLY", pv, res, False, None)
self.display.BR()
else:
self.display.Error(err)
return True
except:
self._error()
return False
def hunt_cmd(self, raw):
try:
args = Args(raw, [("category", str)], 0)
for k, v in Hunt(self.logs, args.category).results.items():
self.display.Header(k)
self.display.List(v)
return True
except:
self._error()
return False
def result_cmd(self, raw):
try:
args = Args(raw, [("result_id", int), "full", ("opt1", str),
("opt2", str), ("opt3", str)], 1)
if self._validate(args, "result_id"):
self.display.Result(self.results.Get(args.result_id), True,
args.full, args.opt1, args.opt2, args.opt3)
return True
except:
self._error()
return False
def search_cmd(self, raw):
try:
args = Args(raw, (), 0, [Term("search", keys=self.logs.Keys())])
results = self.logs.Search(args.search.terms, args.search.pairs)
for r in results:
self.display.Log(r)
self.display.Pair("Results", len(results), True, True)
return True
except Exception:
self._error()
return False
def header_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), ("fp", str)], 1)
if self._validate(args, "log_id"):
fp = args.fp if args.fp else "./header.json"
msg = Generate.Header(self.logs.Get(args.log_id), fp)
self.display.P(msg, True)
return True
except:
self._error()
return False
def reflected_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), ("parm", str), ("val", str),
("find", str)], 3)
args.val = self._substitute(args.val)
if self._validate(args, "log_id"):
log = self.logs.Get(args.log_id)
pv = To.Dict(args.parm, args.val)
res, err = self.replay.Request(log, pv, args.find)
if not err:
self.display.ResultHeader()
flag, meta = Html.Reflected(res, args.val,
self.options.Get("render"))
self._result(args.log_id, "RFLCT", pv, res, flag, meta)
self.display.BR()
else:
self.display.Error(err)
return True
except:
self._error()
return False
def view_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), "full", ("opt1", str),
("opt2", str), ("opt3", str)], 1)
if self._validate(args, "log_id"):
self.display.Log((args.log_id, self.logs.Get(args.log_id)),
True, args.full, args.opt1, args.opt2,
args.opt3)
return True
except:
self._error()
return False
def unique_cmd(self, raw):
try:
args = Args(raw, [("field", str), ("regex", str)], 1,
[Term("where", keys=self.logs.Keys(), start="where")])
if self._validate(args):
ret = self.logs.Unique(args.field, args.regex,
args.where.terms, args.where.pairs)
self.display.List(ret)
self.display.Pair("Results", len(ret), True, True)
return True
except:
self._error()
return False
def parameters_cmd(self, raw):
try:
args = Args(raw, [("log_id", int)], 0)
if self._validate(args, "log_id"):
result = self.logs.Parameters(args.log_id)
for s in ["Headers", "Cookies", "Query", "Body"]:
self.display.Header(s)
for v in result[s.lower()]:
self.display.P(v)
self.display.BR()
return True
except:
self._error()
return False
def code_cmd(self, raw):
try:
args = Args(raw,
[("log_id", lambda l: [int(x) for x in l.split(',')]),
("fp", str)], 1)
if self._validate(args, "log_id"):
fp = args.fp if args.fp else "./run-{0}.py".format("-".join(
[str(x) for x in args.log_id]))
msg = Generate.Code([self.logs.Get(i) for i in args.log_id],
fp)
self.display.P(msg, True)
return True
except:
self._error()
return False
def extract_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), ("fp", str)], 2)
if self._validate(args, "log_id"):
content = self.logs.Get(args.log_id).response.body
if isinstance(content, (list, dict)):
Writer.Json(args.fp, content)
else:
Writer.Replace(args.fp, content)
self.display.Format("Log: {0} Extracted: {1}", True,
args.log_id, args.fp)
return True
except:
self._error()
return False
def burp_cmd(self, raw):
try:
args = Args(raw, [("result_id", int)], 1)
if self._validate(args, "result_id"):
result = self.results.Get(args.result_id)
r = self.replay.Result(result, self.proxies)
self.display.Header(
"Result: {0} Sent Through Burp Proxy".format(
result.result_id))
self.display.Pair(r.request.method.upper(), r.request.url)
self.display.BR()
return True
except:
self._error()
return False
def flip_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), ("method", str)], 2)
if self._validate(args, "log_id"):
log = self.logs.Get(args.log_id)
pv = To.Dict("method", args.method)
res, err = self.replay.Request(log, pv, None, True,
self.proxies)
if not err:
self.display.ResultHeader()
flag = (str(log.status) == str(res.status_code))
self._result(args.log_id, "FLIP", pv, res, flag, None)
self.display.BR()
else:
self.display.Error(err)
return True
except:
self._error()
return False
def set_cmd(self, raw):
try:
args = Args(raw, [("key", str), ("value", str)], 2)
if self._validate(args):
value = int(args.value) if args.value.isdigit() else args.value
value = True if str(
args.value).lower() == "true" else args.value
value = False if str(
args.value).lower() == "false" else args.value
value = args.value.split(
",") if args.value.find(",") > -1 else args.value
self.options.Set(args.key, value)
self.display.Header("Belch Cli Options Updated")
self.display.Pair(args.key, value)
self.display.BR()
return True
except:
self._error()
return False
def _fuzz(self, result_type, wordlist_name, raw):
try:
args = Args(raw, [("log_id", int), ("parm", str), ("opt1", str),
("opt2", str)], 2)
if self._validate(args, "log_id"):
log = self.logs.Get(args.log_id)
self.display.ResultHeader()
self.replay.Repeat(
args.log_id, log, result_type, args.parm,
self._substitute(WordList.Get(wordlist_name)),
[args.opt1, args.opt2], [
lambda res:
(True if res.status_code == 500 else False, None)
], self._result, self.display.Error)
self.display.BR()
return True
except:
self._error()
return False
def jwts_cmd(self, raw):
try:
args = Args(raw, [("log_id", int)], 1)
if self._validate(args, "log_id"):
log = self.logs.Get(args.log_id)
x = log.request.raw
if log.response and log.response.raw:
x += log.response.raw
jwts = Parser.FindJWTs(x)
self.display.JWT(
(args.log_id, log),
jwts,
self.options.Get("canary_url"),
self.options.Get("oauth_issuer"),
self.options.Get("oauth_keyfile"),
self.options.Get("oauth_kid"),
)
return True
except:
self._error()
return False
def xss_cmd(self, raw):
try:
args = Args(raw, [("log_id", int), ("parm", str), ("opt1", str),
("opt2", str)], 2)
if self._validate(args, "log_id"):
log = self.logs.Get(args.log_id)
self.display.ResultHeader()
self.replay.Repeat(
args.log_id, log, "XSS", args.parm,
self._substitute(WordList.Get("xss")),
[args.opt1, args.opt2], [
Html.FindExecJs, "console.log(742)",
[
"onerror", "onpointermove", "href", "src",
"onload", "BACKGROUND", "STYLE"
],
self.options.Get("render")
], self._result, self.display.Error)
self.display.BR()
return True
except:
self._error()
return False