def do_head_check(self, urls): """ Send a HEAD request before to start to inject to verify stability of the target """ for u in urls: self.set_option(pycurl.URL, u) self.set_option(pycurl.NOBODY,1) self.set_option(pycurl.FOLLOWLOCATION, 0) self.set_option(pycurl.MAXREDIRS, 50) self.set_option(pycurl.SSL_VERIFYHOST, 0) self.set_option(pycurl.SSL_VERIFYPEER, 0) if self.fakeheaders: from XSSer.randomip import RandomIP if self.xforw: generate_random_xforw = RandomIP() xforwip = generate_random_xforw._generateip('') xforwfakevalue = ['X-Forwarded-For: ' + str(xforwip)] if self.xclient: generate_random_xclient = RandomIP() xclientip = generate_random_xclient._generateip('') xclientfakevalue = ['X-Client-IP: ' + str(xclientip)] if self.xforw: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue) if self.xclient: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue + xclientfakevalue) elif self.xclient: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xclientfakevalue) if self.headers: self.fakeheaders = self.fakeheaders + self.headers self.set_option(pycurl.HTTPHEADER, self.fakeheaders) if self.agent: self.set_option(pycurl.USERAGENT, self.agent) if self.referer: self.set_option(pycurl.REFERER, self.referer) if self.proxy: self.set_option(pycurl.PROXY, self.proxy) if self.ignoreproxy: self.set_option(pycurl.PROXY, "") if self.timeout: self.set_option(pycurl.CONNECTTIMEOUT, self.timeout) self.set_option(pycurl.TIMEOUT, self.timeout) if self.signals: self.set_option(pycurl.NOSIGNAL, self.signals) if self.tcp_nodelay: self.set_option(pycurl.TCP_NODELAY, self.tcp_nodelay) if self.cookie: self.set_option(pycurl.COOKIE, self.cookie) try: self.handle.perform() except: return if str(self.handle.getinfo(pycurl.HTTP_CODE)) in ["302", "301"]: self.set_option(pycurl.FOLLOWLOCATION, 1)
def do_head_check(self, urls): """ Send a HEAD request before to start to inject to verify stability of the target """ for u in urls: self.set_option(pycurl.URL, u) self.set_option(pycurl.NOBODY, 1) self.set_option(pycurl.FOLLOWLOCATION, 0) self.set_option(pycurl.MAXREDIRS, 50) self.set_option(pycurl.SSL_VERIFYHOST, 0) self.set_option(pycurl.SSL_VERIFYPEER, 0) if self.fakeheaders: from XSSer.randomip import RandomIP if self.xforw: generate_random_xforw = RandomIP() xforwip = generate_random_xforw._generateip('') xforwfakevalue = ['X-Forwarded-For: ' + str(xforwip)] if self.xclient: generate_random_xclient = RandomIP() xclientip = generate_random_xclient._generateip('') xclientfakevalue = ['X-Client-IP: ' + str(xclientip)] if self.xforw: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue) if self.xclient: self.set_option( pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue + xclientfakevalue) elif self.xclient: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xclientfakevalue) if self.headers: self.fakeheaders = self.fakeheaders + self.headers self.set_option(pycurl.HTTPHEADER, self.fakeheaders) if self.agent: self.set_option(pycurl.USERAGENT, self.agent) if self.referer: self.set_option(pycurl.REFERER, self.referer) if self.proxy: self.set_option(pycurl.PROXY, self.proxy) if self.ignoreproxy: self.set_option(pycurl.PROXY, "") if self.timeout: self.set_option(pycurl.CONNECTTIMEOUT, self.timeout) self.set_option(pycurl.TIMEOUT, self.timeout) if self.signals: self.set_option(pycurl.NOSIGNAL, self.signals) if self.tcp_nodelay: self.set_option(pycurl.TCP_NODELAY, self.tcp_nodelay) if self.cookie: self.set_option(pycurl.COOKIE, self.cookie) try: self.handle.perform() except: return if str(self.handle.getinfo(pycurl.HTTP_CODE)) in ["302", "301"]: self.set_option(pycurl.FOLLOWLOCATION, 1)
def __request(self, relative_url=None): """ Perform a request and returns the payload. """ if self.fakeheaders: from XSSer.randomip import RandomIP if self.xforw: """ Set the X-Forwarded-For to use. """ generate_random_xforw = RandomIP() xforwip = generate_random_xforw._generateip('') #xforwip = '127.0.0.1' xforwfakevalue = ['X-Forwarded-For: ' + str(xforwip)] if self.xclient: """ Set the X-Client-IP to use. """ generate_random_xclient = RandomIP() xclientip = generate_random_xclient._generateip('') #xclientip = '127.0.0.1' xclientfakevalue = ['X-Client-IP: ' + str(xclientip)] if self.xforw: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue) if self.xclient: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue + xclientfakevalue) elif self.xclient: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xclientfakevalue) if self.headers: # XXX sanitize user input self.fakeheaders = self.fakeheaders + self.headers self.set_option(pycurl.HTTPHEADER, self.fakeheaders) if self.agent: self.set_option(pycurl.USERAGENT, self.agent) if self.referer: self.set_option(pycurl.REFERER, self.referer) if self.proxy: self.set_option(pycurl.PROXY, self.proxy) if self.ignoreproxy: self.set_option(pycurl.PROXY, "") if relative_url: self.set_option(pycurl.URL,os.path.join(self.base_url,relative_url)) if self.timeout: self.set_option(pycurl.CONNECTTIMEOUT, self.timeout) self.set_option(pycurl.TIMEOUT, self.timeout) if self.signals: self.set_option(pycurl.NOSIGNAL, self.signals) if self.tcp_nodelay: self.set_option(pycurl.TCP_NODELAY, self.tcp_nodelay) if self.cookie: self.set_option(pycurl.COOKIE, self.cookie) if self.followred: self.set_option(pycurl.FOLLOWLOCATION , 1) self.set_option(pycurl.MAXREDIRS, 50) if self.fli: self.set_option(pycurl.MAXREDIRS, int(self.fli)) else: self.set_option(pycurl.FOLLOWLOCATION , 0) if self.fli: print "\n[E] You must launch --follow-redirects command to set correctly this redirections limit\n" return """ Set the HTTP authentication method: Basic, Digest, GSS, NTLM or Certificate """ if self.atype and self.acred: atypelower = self.atype.lower() if atypelower not in ( "basic", "digest", "ntlm", "gss" ): print "\n[E] HTTP authentication type value must be: Basic, Digest, GSS or NTLM\n" return acredregexp = re.search("^(.*?)\:(.*?)$", self.acred) if not acredregexp: print "\n[E] HTTP authentication credentials value must be in format username:password\n" return user = acredregexp.group(1) password = acredregexp.group(2) self.set_option(pycurl.USERPWD, "%s:%s" % (user,password)) if atypelower == "basic": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC) elif atypelower == "digest": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_DIGEST) elif atypelower == "ntlm": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_NTLM) elif atypelower == "gss": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_GSSNEGOTIATE) else: self.set_option(pycurl.HTTPAUTH, None) self.set_option(pycurl.HTTPHEADER, ["Accept:"]) elif self.atype and not self.acred: print "\n[E] You specified the HTTP authentication type, but did not provide the credentials\n" return elif not self.atype and self.acred: print "\n[E] You specified the HTTP authentication credentials, but did not provide the type\n" return #if self.acert: # acertregexp = re.search("^(.+?),\s*(.+?)$", self.acert) # if not acertregexp: # print "\n[E] HTTP authentication certificate option must be 'key_file,cert_file'\n" # return # # os.path.expanduser for support of paths with ~ # key_file = os.path.expanduser(acertregexp.group(1)) # cert_file = os.path.expanduser(acertregexp.group(2)) # self.set_option(pycurl.SSL_VERIFYHOST, 0) # self.set_option(pycurl.SSL_VERIFYPEER, 1) # self.set_option(pycurl.SSH_PUBLIC_KEYFILE, key_file) # self.set_option(pycurl.CAINFO, cert_file) # self.set_option(pycurl.SSLCERT, cert_file) # self.set_option(pycurl.SSLCERTTYPE, 'p12') # self.set_option(pycurl.SSLCERTPASSWD, '1234') # self.set_option(pycurl.SSLKEY, key_file) # self.set_option(pycurl.SSLKEYPASSWD, '1234') # for file in (key_file, cert_file): # if not os.path.exists(file): # print "\n[E] File '%s' doesn't exist\n" % file # return self.set_option(pycurl.SSL_VERIFYHOST, 0) self.set_option(pycurl.SSL_VERIFYPEER, 0) self.header.seek(0,0) self.payload = "" for count in range(0, self.retries): time.sleep(self.delay) if self.dropcookie: self.set_option(pycurl.COOKIELIST, 'ALL') nocookie = ['Set-Cookie: ', ''] self.set_option(pycurl.HTTPHEADER, self.fakeheaders + nocookie) try: self.handle.perform() except: return return self.payload
def __request(self, relative_url=None): """ Perform a request and returns the payload. """ if self.fakeheaders: from XSSer.randomip import RandomIP if self.xforw: """ Set the X-Forwarded-For to use. """ generate_random_xforw = RandomIP() xforwip = generate_random_xforw._generateip('') #xforwip = '127.0.0.1' xforwfakevalue = ['X-Forwarded-For: ' + str(xforwip)] if self.xclient: """ Set the X-Client-IP to use. """ generate_random_xclient = RandomIP() xclientip = generate_random_xclient._generateip('') #xclientip = '127.0.0.1' xclientfakevalue = ['X-Client-IP: ' + str(xclientip)] if self.xforw: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue) if self.xclient: self.set_option( pycurl.HTTPHEADER, self.fakeheaders + xforwfakevalue + xclientfakevalue) elif self.xclient: self.set_option(pycurl.HTTPHEADER, self.fakeheaders + xclientfakevalue) if self.headers: # XXX sanitize user input self.fakeheaders = self.fakeheaders + self.headers self.set_option(pycurl.HTTPHEADER, self.fakeheaders) if self.agent: self.set_option(pycurl.USERAGENT, self.agent) if self.referer: self.set_option(pycurl.REFERER, self.referer) if self.proxy: self.set_option(pycurl.PROXY, self.proxy) if self.ignoreproxy: self.set_option(pycurl.PROXY, "") if relative_url: self.set_option(pycurl.URL, os.path.join(self.base_url, relative_url)) if self.timeout: self.set_option(pycurl.CONNECTTIMEOUT, self.timeout) self.set_option(pycurl.TIMEOUT, self.timeout) if self.signals: self.set_option(pycurl.NOSIGNAL, self.signals) if self.tcp_nodelay: self.set_option(pycurl.TCP_NODELAY, self.tcp_nodelay) if self.cookie: self.set_option(pycurl.COOKIE, self.cookie) if self.followred: self.set_option(pycurl.FOLLOWLOCATION, 1) self.set_option(pycurl.MAXREDIRS, 50) if self.fli: self.set_option(pycurl.MAXREDIRS, int(self.fli)) else: self.set_option(pycurl.FOLLOWLOCATION, 0) if self.fli: print "\n[E] You must launch --follow-redirects command to set correctly this redirections limit\n" return """ Set the HTTP authentication method: Basic, Digest, GSS, NTLM or Certificate """ if self.atype and self.acred: atypelower = self.atype.lower() if atypelower not in ("basic", "digest", "ntlm", "gss"): print "\n[E] HTTP authentication type value must be: Basic, Digest, GSS or NTLM\n" return acredregexp = re.search("^(.*?)\:(.*?)$", self.acred) if not acredregexp: print "\n[E] HTTP authentication credentials value must be in format username:password\n" return user = acredregexp.group(1) password = acredregexp.group(2) self.set_option(pycurl.USERPWD, "%s:%s" % (user, password)) if atypelower == "basic": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC) elif atypelower == "digest": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_DIGEST) elif atypelower == "ntlm": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_NTLM) elif atypelower == "gss": self.set_option(pycurl.HTTPAUTH, pycurl.HTTPAUTH_GSSNEGOTIATE) else: self.set_option(pycurl.HTTPAUTH, None) self.set_option(pycurl.HTTPHEADER, ["Accept:"]) elif self.atype and not self.acred: print "\n[E] You specified the HTTP authentication type, but did not provide the credentials\n" return elif not self.atype and self.acred: print "\n[E] You specified the HTTP authentication credentials, but did not provide the type\n" return #if self.acert: # acertregexp = re.search("^(.+?),\s*(.+?)$", self.acert) # if not acertregexp: # print "\n[E] HTTP authentication certificate option must be 'key_file,cert_file'\n" # return # # os.path.expanduser for support of paths with ~ # key_file = os.path.expanduser(acertregexp.group(1)) # cert_file = os.path.expanduser(acertregexp.group(2)) # self.set_option(pycurl.SSL_VERIFYHOST, 0) # self.set_option(pycurl.SSL_VERIFYPEER, 1) # self.set_option(pycurl.SSH_PUBLIC_KEYFILE, key_file) # self.set_option(pycurl.CAINFO, cert_file) # self.set_option(pycurl.SSLCERT, cert_file) # self.set_option(pycurl.SSLCERTTYPE, 'p12') # self.set_option(pycurl.SSLCERTPASSWD, '1234') # self.set_option(pycurl.SSLKEY, key_file) # self.set_option(pycurl.SSLKEYPASSWD, '1234') # for file in (key_file, cert_file): # if not os.path.exists(file): # print "\n[E] File '%s' doesn't exist\n" % file # return self.set_option(pycurl.SSL_VERIFYHOST, 0) self.set_option(pycurl.SSL_VERIFYPEER, 0) self.header.seek(0, 0) self.payload = "" for count in range(0, self.retries): time.sleep(self.delay) if self.dropcookie: self.set_option(pycurl.COOKIELIST, 'ALL') nocookie = ['Set-Cookie: ', ''] self.set_option(pycurl.HTTPHEADER, self.fakeheaders + nocookie) try: self.handle.perform() except: return return self.payload