def run(self): """ Run """ info('Checking OS Command Injection...') URL = None DATA = None PAYLOAD = None for payload in os(): # post method if self.data: # data add payload rPayload = padd(self.url, payload, self.data) for data in rPayload.run(): # send request req = self.Send(url=self.url, method=self.post, data=data) # search payload in req.content if search('{}'.format(payload.split('"')[1]), req.content): URL = req.url DATA = data PAYLOAD = payload break # get method else: # url query add payload urls = padd(self.url, payload, None) for url in urls.run(): # send request req = self.Send(url=url, method=self.get) # search payload in req.content if search('{}'.format(payload.split('"')[1]), req.content): URL = url PAYLOAD = payload break # if URL and PAYLOAD not empty if URL and PAYLOAD: return True
def run(self): """ Run """ info('Checking OS Command Injection...') URL = None DATA = None PAYLOAD = None for payload in os(): # post method if self.data: # data add payload rPayload = padd(self.url, payload, self.data) for data in rPayload.run(): # send request req = self.Send(url=self.url, method=self.post, data=data) # search payload in req.content if search('{}'.format(payload.split('"')[1]), req.content): URL = req.url DATA = data PAYLOAD = payload break # get method else: # url query add payload urls = padd(self.url, payload, None) for url in urls.run(): # send request req = self.Send(url=url, method=self.get) # search payload in req.content if search('{}'.format(payload.split('"')[1]), req.content): URL = url PAYLOAD = payload break # if URL and PAYLOAD not empty if URL and PAYLOAD: # print if DATA != None: plus( "A potential \"OS Command Injection\" was found at:" ) more("URL: {}".format(URL)) more("POST DATA: {}".format(DATA)) more("PAYLOAD: {}".format(PAYLOAD)) return True, PAYLOAD elif DATA == None: plus( "A potential \"OS Command Injection\" was found at:" ) more("URL: {}".format(URL)) more("PAYLOAD: {}".format(PAYLOAD)) return True, PAYLOAD # break break