def execute(block, scope):
"""
Execute block and check for blind SQL injection
"""
name = block['name']
opts = block['parameter']
required_fields(opts, ['delay_seconds'])
delay_seconds = float(opts['delay_seconds'])
_, response = http_request(block, scope)
time_diff = response.elapsed.total_seconds()
scope[name] = {
'response': {
'content': response.text,
'cookies': response.cookies,
'headers': response.headers
},
'time_diff': time_diff
}
Message.log(level='status',
message="Response time: {}, delay_seconds: {}".format(
color.cyan(time_diff), color.cyan(delay_seconds)))
if time_diff > delay_seconds:
return True, scope
else:
return False, scope
def execute(block, scope):
"""
Simple HTTP request, also does basic extracting and finding in the response text
"""
opts = block["parameter"]
name = block["name"]
required_fields(opts, ["headers_required"])
_, response = http_request(block, scope)
scope[name] = {
"response": {
"content": response.text,
"cookies": response.cookies,
"headers": response.headers,
}
}
success = False
headers_required = opts["headers_required"]
if not isinstance(headers_required, dict):
raise ParserException("headers_required must be a list of headers")
for header in headers_required:
if header in response.headers:
if headers_required[header] == ".":
success = True
continue
if str(headers_required[header]) != response.headers[header]:
Message.log(
level="status",
message=
"Header '%s: %s' different from response header '%s: %s'" %
(
header,
headers_required[header],
header,
response.headers[header],
),
)
success = False
else:
success = False
return success, scope
def execute(block, scope):
"""
Simple HTTP request, also does basic extracting and finding in the response text
"""
opts = block['parameter']
name = block['name']
required_fields(opts, ['headers_required'])
_, response = http_request(block, scope)
scope[name] = {
'response': {
'content': response.text,
'cookies': response.cookies,
'headers': response.headers
}
}
success = False
headers_required = opts['headers_required']
if not isinstance(headers_required, dict):
raise ParserException('headers_required must be a list of headers')
for header in headers_required:
if header in response.headers:
if headers_required[header] == '.':
continue
if str(headers_required[header]) != response.headers[header]:
Message.log(
level='status',
message=
"Header '%s: %s' different from response header '%s: %s'" %
(header, headers_required[header], header,
response.headers[header]))
success = True
else:
success = True
return success, scope
def execute(block, scope):
"""
Simple HTTP request, also does basic extracting and finding in the response text
"""
name = block['name']
opts = block['parameter']
_, response = http_request(block, scope)
scope[name] = {
'response': {
'content': response.text,
'cookies': response.cookies,
'headers': response.headers
}
}
success = True
if 'find_in_headers' in opts:
headers = ''
for header in response.headers:
headers += '{}: {}\n'.format(header, response.headers[header])
keyword = opts['find_in_headers']
success = (keyword in headers)
if not success:
Message.log(level='status',
message="==> Not found in HEADERS: '%s'" %
color.cyan(keyword))
return success, scope
else:
Message.log(level='status',
message="==> Found in HEADERS: '%s'" %
color.cyan(keyword))
if 'extract' in opts:
scope[name]['extracted'] = extract(response.text, opts['extract'])
if 'find' in opts:
keyword = opts['find']
success = (keyword in response.text)
if not success:
Message.log(level='status',
message="==> Not found in BODY: '%s'" %
color.cyan(keyword))
return success, scope
else:
Message.log(level='status',
message="==> Found in BODY: '%s'" %
color.cyan(keyword))
if 'find_regex' in opts:
pattern = opts['find_regex']
success = (re.search(pattern, response.text, flags=re.MULTILINE) !=
None)
if not success:
Message.log(level='status',
message="==> Not found in BODY: '%s'" %
color.cyan(pattern))
return success, scope
else:
Message.log(level='status',
message="==> Found in BODY: '%s'" %
color.cyan(pattern))
if 'expect_response_code' in opts:
status_code = opts['expect_response_code']
success = (response.status_code == status_code)
if not success:
Message.log(
level='status',
message="==> HTTP Status is not %s, response code is %s" %
(color.cyan(status_code), color.red(response.status_code)))
return success, scope
else:
Message.log(level='status',
message="==> HTTP status is valid (%s == %s)" %
(color.cyan(status_code), color.cyan(status_code)))
return success, scope