def __execute_payload(self, vector, parameters):
dir_path = parameters[0]
file_path = parameters[1]
file_url = parameters[2]
dir_url = parameters[3]
payload = self.__prepare_payload(vector, [file_path])
self.modhandler.load(vector.interpreter).run({0: payload})
if self.modhandler.load('file.check').run({
'rpath': file_path,
'mode': 'exists'
}):
file_content = Request(file_url).read()
if (file_content == '1'):
self.dir = dir_path
self.url = dir_url
if self.modhandler.load('shell.php').run(
{0: "unlink('%s') && print('1');" % file_path}) != '1':
print "[!] [find.webdir] Error cleaning test file %s" % (
file_path)
if self.dir and self.url:
print "[find.webdir] Writable web dir found with method '%s': %s -> %s" % (
vector.name, self.dir, self.url)
return True
return False
def __process_response(self,response, remote_path, local_path):
if self.vector.name == 'copy' or self.vector.name == 'symlink':
if not self.file_path.endswith('.html') and not self.file_path.endswith('.htm'):
self.mprint("[%s] Warning, method '%s' use HTTP file download. Assure that remote file\n[%s] has a downloadable extension like 'html', or use another vector" % (self.name, self.vector.name, self.name))
if self.modhandler.load('file.check').run({'rpath' : self.file_path, 'mode': 'exists'}):
response = Request(self.url).read()
if self.modhandler.load('shell.php').run({0: "unlink('%s') && print('1');" % self.file_path}) != '1':
self.mprint("[!] [%s] Error cleaning support file %s" % (self.name, self.file_path))
else:
self.mprint("[!] [%s] Error checking existance of %s" % (self.name, self.file_path))
else:
if self.encoder_callable:
try:
response = b64decode(response)
except TypeError:
self.mprint("[!] [%s] Error, unexpected file content" % (self.name))
if response:
try:
f = open(local_path,'wb')
f.write(response)
f.close()
except Exception, e:
self.mprint('[!] [%s] Some error occurred writing local file \'%s\'.' % (self.name, local_path))
raise ModuleException(self.name, e)
response_md5 = md5(response).hexdigest()
remote_md5 = self.modhandler.load('file.check').run({'rpath' : remote_path, 'mode' : 'md5'})
if not remote_md5:
self.mprint('[!] [%s] MD5 hash method is not callable with \'%s\', check disabled' % (self.name, remote_path))
return response
elif not remote_md5 == response_md5:
self.mprint('[%s] MD5 hash of \'%s\' file mismatch, file corrupted' % (self.name, local_path))
else:
self.mprint('[%s] File correctly downloaded to \'%s\'.' % (self.name, local_path))
return response
def __process_response(self, response, remote_path, local_path):
if self.vector.name == 'copy' or self.vector.name == 'symlink':
if not self.file_path.endswith('.html') and not self.file_path.endswith('.htm'):
self.mprint("[%s] Warning: vector '%s' works better with files with downloadable extension like '.html'" % (self.name, self.vector.name))
if self.modhandler.load('file.check').run({'rpath' : self.file_path, 'mode': 'exists'}):
response = Request(self.url).read()
else:
response = None
# Force deleting. Does not check existance, because broken links returns False
self.modhandler.load('file.rm').run({'rpath' : self.file_path, 'recursive': False})
else:
if self.encoder_callable:
try:
response = b64decode(response)
except TypeError:
self.mprint("[!] [%s] Error, unexpected file content" % (self.name))
if response:
try:
f = open(local_path,'wb')
f.write(response)
f.close()
except Exception, e:
self.mprint('[!] [%s] Some error occurred writing local file \'%s\'.' % (self.name, local_path))
raise ModuleException(self.name, e)
response_md5 = md5(response).hexdigest()
remote_md5 = self.modhandler.load('file.check').run({'rpath' : remote_path, 'mode' : 'md5'})
if not remote_md5:
self.mprint('[!] [%s] MD5 hash method is not callable with \'%s\', check disabled' % (self.name, remote_path))
return response
elif not remote_md5 == response_md5:
self.mprint('[%s] MD5 hash of \'%s\' file mismatch, file corrupted' % (self.name, local_path))
else:
self.mprint('[%s] File correctly downloaded to \'%s\'.' % (self.name, local_path))
return response
def __check_remote_test_url(self, file_url):
file_content = Request(file_url).read()
if (file_content == '1'):
return True
# exit(0)
# print(response[0:500].encode())
elif req.method == "POST":
async with session.post(req.url) as html:
response = await html.text(
encoding=req.encoding)
print(response[0:20].encode())
else:
print('method error')
except aiohttp.client_exceptions.ServerDisconnectedError as e:
print(e)
cnt = 0
except RequestListEmptyException as e:
if cnt < Downloder.__request_list_empty_cnt:
cnt += 1
await asyncio.sleep(1)
else:
# print('爬虫结束')
return
asyncio.ensure_future(Downloder.downloder_task())
if __name__ == "__main__":
start = time.time()
for i in range(500):
ManageReq.add_request(Request(url='http://www.baidu.com'))
loop = asyncio.get_event_loop()
loop.run_until_complete(asyncio.wait(Downloder.task_list()))
print(time.time() - start)
async def start_request(cls):
for url in cls.start_urls:
yield Request(url=url,callback=cls.parse)