def download_image(img_path, img_url): # Fetch URL url = urllib2.urlopen(img_url) meta = url.info() file_size = int(meta.getheaders("Content-Length")[0]) print_verbose("Downloading image %s (%s)" % (url.geturl(), size(file_size, system=alternative)), 0) # Set progress bar widgets = ['Progress: ', Percentage(), ' ', Bar(), ' ', AdaptiveETA(), ' ', AdaptiveTransferSpeed()] pbar = ProgressBar(widgets=widgets, maxval=file_size).start() # Download f = open(img_path, 'wb') file_size_dl = 0 block_sz = 1024 * 8 while True: buff = url.read(block_sz) if not buff: break file_size_dl += len(buff) f.write(buff) pbar.update(file_size_dl) # Done f.close() pbar.finish() return url.getcode()
def example27(): # Testing AdaptiveETA when the value doesn't actually change pbar = ProgressBar(widgets=[AdaptiveETA(), AdaptiveTransferSpeed()], max_value=2, poll=0.0001) pbar.start() pbar.update(1) time.sleep(0.001) pbar.update(1) pbar.finish()
def example26(): widgets = [ Percentage(), ' ', Bar(), ' ', ETA(), ' ', AdaptiveETA(), ' ', AdaptiveTransferSpeed(), ] pbar = ProgressBar(widgets=widgets, max_value=500) pbar.start() for i in range(500): time.sleep(0.001 + (i < 100) * 0.0001 + (i > 400) * 0.009) pbar.update(i + 1) pbar.finish()
def attack(self, urls, forms): #Load ProgressBar widgets = [ Percentage(), ' ', Bar(), ' ', ETA(), ' ', AdaptiveETA(), ' ', AdaptiveTransferSpeed(), ] # Load config file... user_input = raw_input("[*] Use [E]lite, [G]reat or [N]ormal buster payload?\n") if user_input == "E": self.CONFIG_FILE = "busterElitePayloads.txt" self.pbar = ProgressBar(widgets=widgets, maxval=1292) elif user_input == "G": self.CONFIG_FILE = "busterGreatPayloads.txt" self.pbar = ProgressBar(widgets=widgets, maxval=7372) else: self.CONFIG_FILE = "busterPayloads.txt" self.pbar = ProgressBar(widgets=widgets, maxval=45524) self.payloads = self.loadPayloads(os.path.join(self.CONFIG_DIR, self.CONFIG_FILE)) # First we make a list of uniq webdirs and webpages without parameters for res in urls: path = res.path if path.endswith("/"): if path not in self.known_dirs: self.known_dirs.append(path) else: if path not in self.known_pages: self.known_pages.append(path) # Then for each known webdirs we look for unknown webpages inside for current_dir in self.known_dirs: self.test_directory(current_dir) # Finally, for each discovered webdirs we look for more webpages while self.new_resources: current_res = self.new_resources.pop(0) if current_res.endswith("/"): # Mark as known then explore self.known_dirs.append(current_res) self.test_directory(current_res) else: self.known_pages.append(current_res) self.pbar.finish()
def get_file_iterator(self, remote, chunk_size=4096, progress=None): """Get a file iterator from the disk. .. note:: This function is a generator, and thus can be used in a for loop :param remote: the name of the remote file or a QFileInfo :type remote: str or FileInfo :param int chunk_size: Size of chunks to be yield :raises qarnot.exceptions.MissingDiskException: the disk is not on the server :raises qarnot.exceptions.QarnotGenericException: API general error, see message for details :raises qarnot.exceptions.UnauthorizedException: invalid credentials :raises ValueError: no such file """ progressbar = None def _cb(c, total, remote): c = max(0, min(c, 100)) progressbar.update(c) if isinstance(remote, FileInfo): remote = remote.name # Ensure file is done uploading pending = self._filethreads.get(remote) if pending is not None: pending.join() if remote in self._filecache: try: self._filecache[remote].seek(0) except AttributeError: pass while True: chunk = self._filecache[remote].read(chunk_size) if not chunk: break yield chunk else: response = self._connection._get(get_url('update file', name=self._uuid, path=remote), stream=True) if response.status_code == 404: if response.json()['message'] == "No such disk": raise MissingDiskException(response.json()['message']) raise_on_error(response) total_length = float(response.headers.get('content-length')) if progress is not None: if progress is True: progress = _cb try: widgets = [ remote, ' ', Percentage(), ' ', AnimatedMarker(), ' ', Bar(), ' ', AdaptiveETA(), ' ', AdaptiveTransferSpeed(unit='B') ] progressbar = ProgressBar(widgets=widgets, max_value=total_length) except Exception as e: print(str(e)) progress = None elif progress is False: progress = None count = 0 for chunk in response.iter_content(chunk_size): count += len(chunk) if progress is not None: progress(count, total_length, remote) yield chunk if progress: progressbar.finish()
def copySourceFiles(self): """Initiates the copy of source files from the data directory to the sourcefiles directory. :returns: False if there are no source files. True if the files were copied or don't need to be copied. """ if self._sourceFilesDir == self._dataDir: print("Not copying source files") return True if not os.path.exists(self._dataDir): print("Data directory doesn't exist") self._installer.log.error( "Data directory \"{0}\" doesn't exist".format(self._dataDir)) return False filebytes = 0 self._installer.log.debug("Determining size of data directory") # Number of bytes to copy for path, dirs, files in os.walk(self._dataDir): for f in files: filebytes += os.path.getsize(os.path.join(path, f)) # Remove the source files directory if it already exists if os.path.exists(self._sourceFilesDir): self._installer.log.debug( "Removing old sourcefiles directory: \"{0}\"".format( self._sourceFilesDir)) shutil.rmtree(self._sourceFilesDir) widgets = [ 'Copying source files: ', Percentage(), ' ', Bar(marker='#'), ' ', AdaptiveETA(num_samples=100), ' ', AdaptiveTransferSpeed(num_samples=100) ] # Create a progress bar instance. We'll use this to count files as we transfer them. with ProgressBar(widgets=widgets, maxval=filebytes) as pb: try: os.makedirs(self._sourceFilesDir) except: self._installer.log.warning( "Directory already exists \"{0}\"".format( self._sourceFilesDir)) for path, dirs, filenames in os.walk(self._dataDir): for directory in dirs: dest = path.replace(self._dataDir, self._sourceFilesDir) directory = os.path.join(dest, directory) try: os.makedirs(directory) except: self._installer.log.warning( "Directory already exists \"{0}\"".format( directory)) for sfile in filenames: srcFile = os.path.join(path, sfile) destFile = os.path.join( path.replace(self._dataDir, self._sourceFilesDir), sfile) if not shutil.copy(srcFile, destFile): self._installer.log.error( "Error copying the file:\n From: \"{0}\"\n To:\"{1}\"" .format(srcFile, destFile)) pb += os.path.getsize(destFile)
if configset.read_config('PLAYER', 'PLAYER2'): PLAYER2 = configset.read_config('PLAYER', 'PLAYER2') else: PLAYER2 = r'c:\TOOLS\EXE\playwav.exe' IS_PLAYER = '' COVER_ART = r'F:\ICONS\Phuzion_Icon_Pack\PNG\Devices\Headphones2.png' widgets = [ Percentage(), ' ', Bar(), ' ', ETA(), ' ', AdaptiveETA(), ' ', AdaptiveTransferSpeed(), ] def makeThumb(image_file_path): img = Image.open(image_file_path) img = resizeimage.resize_width(img, 48) img.save( os.path.join(os.path.dirname(image_file_path), os.path.splitext(os.path.basename(image_file_path))[0]) + "_thumb" + os.path.splitext(os.path.basename(image_file_path))[1], img.format) if os.path.join(os.path.dirname(image_file_path), os.path.splitext(os.path.basename(image_file_path)) [0]) + "_thumb" + os.path.splitext( os.path.basename(image_file_path))[1]:
def generate_payloads(self, html_code, code): # We must keep the original source code because bs gives us something that may differ... e = [] if self.parser == "BS": soup = BeautifulSoup(html_code, 'lxml') self.study(soup, keyword=code, entries=e) elif self.parser == "lxml": tree = etree.HTML(html_code) self.study(tree, keyword=code, entries=e) payloads = [] for elem in e: payload = "" # Try each case where our string can be found # Leave at the first possible exploitation found # Our string is in the value of a tag attribute # ex: <a href="our_string"></a> if elem['type'] == "attrval": # print("tag -> {0}".format(elem['tag'])) # print(elem['name']) code_index = html_code.find(code) attrval_index = 0 before_code = html_code[:code_index] # Not perfect but still best than the former rfind attr_pattern = "\s*" + elem['name'] + "\s*=\s*" # Let's find the last match for m in re.finditer(attr_pattern, before_code, flags=re.IGNORECASE): attrval_index = m.end() attrval = before_code[attrval_index:] # between the tag name and our injected attribute there is an equal sign and maybe # a quote or a double-quote that we need to close before adding our payload if attrval.startswith("'"): payload = "'" elif attrval.startswith('"'): payload = '"' # we must deal differently with self-closing tags if elem['tag'].lower() in ["img", "input"]: payload += "/>" else: payload += "></" + elem['tag'] + ">" payload += elem['noscript'] # ok let's send the requests for xss in self.independant_payloads: js_code = payload + xss.replace("__XSS__", code) if js_code not in payloads: payloads.append(js_code) if elem['name'].lower() == "src" and elem['tag'].lower() in ["frame", "iframe"]: js_code = "javascript:String.fromCharCode(0,__XSS__,1);".replace("__XSS__", code) if js_code not in payloads: payloads.insert(0, js_code) # we control an attribute name # ex: <a our_string="/index.html"> elif elem['type'] == "attrname": # name,tag if code == elem['name']: for xss in self.independant_payloads: js_code = '>' + elem['noscript'] + xss.replace("__XSS__", code) if js_code not in payloads: payloads.append(js_code) # we control the tag name # ex: <our_string name="column" /> elif elem['type'] == "tag": if elem['value'].startswith(code): # use independent payloads, just remove the first character (<) for xss in self.independant_payloads: payload = elem['noscript'] + xss.replace("__XSS__", code) js_code = payload[1:] if js_code not in payloads: payloads.append(js_code) else: for xss in self.independant_payloads: js_code = "/>" + elem['noscript'] + xss.replace("__XSS__", code) if js_code not in payloads: payloads.append(js_code) # we control the text of the tag # ex: <textarea>our_string</textarea> elif elem['type'] == "text": if elem['parent'] in ["title", "textarea"]: # we can't execute javascript in those tags if elem['noscript'] != "": payload = elem['noscript'] else: payload = "</{0}>".format(elem['parent']) elif elem['parent'] == "script": # Control over the body of a script :) # Just check if we can use brackets js_code = "String.fromCharCode(0,__XSS__,1)".replace("__XSS__", code) if js_code not in payloads: payloads.insert(0, js_code) for xss in self.independant_payloads: js_code = payload + xss.replace("__XSS__", code) if js_code not in payloads: payloads.append(js_code) # Injection occurred in a comment tag # ex: <!-- <div> whatever our_string blablah </div> --> elif elem['type'] == "comment": payload = "-->" if elem['parent'] in ["title", "textarea"]: # we can't execute javascript in those tags if elem['noscript'] != "": payload += elem['noscript'] else: payload += "</{0}>".format(elem['parent']) elif elem['parent'] == "script": # Control over the body of a script :) # Just check if we can use brackets js_code = payload + "String.fromCharCode(0,__XSS__,1)".replace("__XSS__", code) if js_code not in payloads: payloads.insert(0, js_code) for xss in self.independant_payloads: js_code = payload + xss.replace("__XSS__", code) if js_code not in payloads: payloads.append(js_code) html_code = html_code.replace(code, "none", 1) # Reduce the research zone #Load ProgressBar widgets = [ Percentage(), ' ', Bar(), ' ', ETA(), ' ', AdaptiveETA(), ' ', AdaptiveTransferSpeed(), ] self.pbar = ProgressBar(widgets=widgets, maxval=len(payloads)) return payloads