def complete_brute(self,url,body,charset,begin_str,end_str): resultl=[] bflist=generate_bflist(charset,begin_str,end_str) for cur in bflist: resultl.append(self._pool.apply_async(self._request, args=(url.replace('@0@',cur),body.replace('@0@',cur)))) return self._get_result(resultl)
def complete_brute(self,target,charset,begin_str,end_str): resultl=[] bflist=generate_bflist(charset,begin_str,end_str) for cur in bflist: cur_target=target+cur resultl.append(self._pool.apply_async(self._scan_target,args=(cur_target,))) return self._get_result(resultl)
def _recur_set_payloads(self, url, body, depth): if depth == 0: return [ [url, body], ] else: ret = [] replacel = [] if len(self._args.int_payload[depth]) == 2: with open(self._args.int_payload[depth][1]) as fp: replacel.append(fp.readline()) else: charset = self._args.int_payload[depth][1] replacel = generate_bflist( charset, self._args.int_payload[depth][2][0] * charset[0], self._args.int_payload[depth][2][1] * charset[-1], ) # recursion for curre in replacel: ret.extend( self._recur_set_payloads( url.replace('@' + str(depth) + '@', curre), body.replace('@' + str(depth) + '@', curre), depth - 1)) return ret
def complete_brute(self, target, charset, begin_str, end_str): resultl = [] bflist = generate_bflist(charset, begin_str, end_str) for cur in bflist: cur_target = cur + '.' + target resultl.append( self._pool.apply_async(self._scan_target, args=(cur_target, ))) return self._get_result(resultl)
def _recur_set_payloads(self,url,body,depth): if depth==0: return [[url,body],] else: ret=[] replacel=[] if len(self._args.int_payload[depth])==2: with open(self._args.int_payload[depth][1]) as fp: replacel.append(fp.readline()) else: charset=self._args.int_payload[depth][1] replacel=generate_bflist(charset, self._args.int_payload[depth][2][0]*charset[0], self._args.int_payload[depth][2][1]*charset[-1],) # recursion for curre in replacel: ret.extend(self._recur_set_payloads( url.replace('@'+str(depth)+'@',curre), body.replace('@'+str(depth)+'@',curre), depth-1) ) return ret
def generate_compbrute_subtask(targetlist, len_interval, charset, granularity): """ Format: target|comp|charset|begin_str|end_str """ # convert granularity granularity += 2 # parse interval of subdomain name length minlen, maxlen = parse_digital_interval(len_interval) # parse char set charset = parse_charset(charset) subtasklist = [] for cur_target in targetlist: begin_str = '' if maxlen < granularity: begin_str = minlen * charset[0] end_str = maxlen * charset[-1] task = '|'.join([cur_target, 'comp', charset, begin_str, end_str]) subtasklist.append(task) continue if minlen < granularity: begin_str = minlen * charset[0] end_str = (granularity - 1) * charset[-1] task = '|'.join([cur_target, 'comp', charset, begin_str, end_str]) subtasklist.append(task) bflist = generate_bflist(charset, charset[0], (maxlen - granularity + 1) * charset[-1]) for pre_str in bflist: begin_str = pre_str + (granularity - 1) * charset[0] end_str = pre_str + (granularity - 1) * charset[-1] task = '|'.join([cur_target, 'comp', charset, begin_str, end_str]) subtasklist.append(task) return subtasklist