def main(self):
kwargs = {
'url' : None,
'payload' : None,
'dbms' : 'general',
'method' : 'GET',
'data' : None,
'agent' : ragent(),
'cookie' : None,
'random-agent' : False,
'allow-redirect' : False,
'timeout' : None,
'verbose' : False,
'proxy' : None,
'var' : 0,
'tamper' : None,
}
# -- cmd args -- #
s_cmd = "u:p:d:m:D:a:c:t:Avrh"
l_cmd = [
"url=","payload=","dbms=",",method=","data=","agent=","cookie=",
"random-agent","allow-redirect","timeout=","verbose=","help="
]
try:
opts,args = getopt.getopt(sys.argv[1:],s_cmd,l_cmd)
except getopt.GetoptError,e:
self.usage(True)
class wpseku(object):
"""WPSeku"""
kwargs = {
'agent':ragent(),'ragent':False,'redirect':True,
'cookie':None,'proxy':None,'timeout':None,'verbose':False,'headers':{}
}
def main(self):
# default value
self.brute = False
self.user = "******"
self.wordlist = "db/wordlist.txt"
self.url = None
self.user = None
self.scan = None
#
if len(sys.argv) < 2:
usage(True)
try:
opts,args = getopt.getopt(sys.argv[1:],'u:U:s:p:c:a:t:w:Rrhvb:',['url=',
'brute','user='******'scan=','proxy=','cookie=','agent=','wordlist=','timeout=',
'redirect','ragent','help','verbose'])
except getopt.GetoptError as e:
usage(True)
for opt,arg in opts:
if opt in ('-u','--url'):self.url=urlCheck(arg)
if opt in ('-b','--brute'):self.brute=True
if opt in ('-U','--user'):self.user=arg
if opt in ('-s','--scan'):self.scan=arg
if opt in ('-p','--proxy'):self.kwargs['proxy']=arg
if opt in ('-c','--cookie'):self.kwargs['cookie']=arg
if opt in ('-a','--agent'):self.kwargs['agent']=arg
if opt in ('-t','--timeout'):self.kwargs['timeout']=arg
if opt in ('-R','--redirect'):self.kwargs['redirect']=True
if opt in ('-r','--ragent'):self.kwargs['ragent']=True
if opt in ('-v','--verbose'):self.kwargs['verbose']=True
if opt in ('-h','--help'):usage(True)
# start
try:
if self.scan != None:
banner()
Scan().run(self.scan)
elif self.brute is True:
ptime(self.url)
XMLRPCBrute(self.url,None,self.user,
self.wordlist,self.kwargs).run()
elif self.url:
ptime(self.url)
fingerprint(self.url,None,self.kwargs).run()
generic(self.url,None,self.kwargs)
wpthemes(self.url,None,self.kwargs).run()
wpplugins(self.url,None,self.kwargs).run()
wpusers(self.url,None,self.kwargs).run()
except UnboundLocalError as e:
pass
def send(self, url, method="GET", data=None, headers=None, cookie=None):
if data is None: data = {}
if headers is None: headers = {}
headers = self.kwarg['headers']
if cookie is not None: headers['Cookie'] = cookie
if self.kwarg['cookie']: headers['Cookie'] = self.kwarg['cookie']
headers['User-Agent'] = self.kwarg['agent']
# set random user-agent if argv --ragent is true
if self.kwarg['ragent'] is True:
if self.kwarg['verbose'] is True:
info('setting random user-agent...')
self.kwarg['agent'] = ragent()
# make request session
make_req = requests.Session()
# disable request warnings
req = requests.packages.urllib3.disable_warnings(
urllib3.exceptions.InsecureRequestWarning)
try:
# get
if method.lower() == "get":
if data: url = "{}".format(Data(url, data))
req = make_req.request(method=method.upper(),
url=url,
headers=headers,
timeout=self.kwarg['timeout'],
allow_redirects=self.kwarg['redirect'],
verify=False,
proxies={
'http': self.kwarg['proxy'],
'https': self.kwarg['proxy']
})
# post
elif method.lower() == "post":
req = make_req.request(method=method.upper(),
url=url,
data=data,
headers=headers,
timeout=self.kwarg['timeout'],
allow_redirects=self.kwarg['redirect'],
verify=False,
proxies={
'http': self.kwarg['proxy'],
'https': self.kwarg['proxy']
})
except requests.exceptions.ConnectionError:
exit(warn('Failed to establish a new connection'))
# return req attr
return req
class atlas(object):
def usage(self,_=False):
def p_usage():
usage = "Usage: {name} [OPTIONS]\n\n".format(name=sys.argv[0])
usage += "\t-u --url\t\tTarget URL (e.g: http://test.com/index.php?id=1)\n"
usage += "\t-p --payload\t\tSet Payload (SQLMap payload return 4xx-5xx code)\n"
usage += "\t-d --dbms\t\tSet DBMS: mysql,mssql,..etc (more quick!)\n"
usage += "\t-m --method\t\tSet method: POST or GET\n"
usage += "\t-D --data\t\tSet post data (e.g: --data=\"id=1..\")\n"
usage += "\t-a --agent\t\tSet HTTP User agent (e.g: --agent=\"string..\")\n"
usage += "\t-c --cookie\t\tSet HTTP Cookie (e.g: --cookie=\"string..\")\n"
usage += "\t-r --random-agent\tSet a random HTTP User agent\n"
usage += "\t-A --allow-redirect\tAllow target URL redirect\n"
usage += "\t-t --timeout\t\tSet timeout (e.g: --timeout=\"5\")\n"
usage += "\t-v --verbose\t\tShow more information\n"
usage += "\t-h --help\t\tShow this help and exit\n"
return usage
self.banner()
print(p_usage())
if(_):sys.exit(0)
def banner(self,__=False,_=False):
print r" _ _ "
print r" | | | | "
print r" __ _| |_| | __ _ ___ "
print r" / _` | __| |/ _` / __| "
print r"| (_| | |_| | (_| \__ \ v.0.1 "
print r" \__,_|\__|_|\__,_|___/ by M4ll0k "
print r" "
print r" Quick SQLMap Tamper Suggester "
print r"-----------------------------------"
if(_):sys.exit(0)
if(__):print('')
def main(self):
kwargs = {
'url' : None,
'payload' : None,
'dbms' : 'general',
'method' : 'GET',
'data' : None,
'agent' : ragent(),
'cookie' : None,
'random-agent' : False,
'allow-redirect' : False,
'timeout' : None,
'verbose' : False,
'proxy' : None,
'var' : 0,
'tamper' : None,
}
# -- cmd args -- #
s_cmd = "u:p:d:m:D:a:c:t:Avrh"
l_cmd = [
"url=","payload=","dbms=",",method=","data=","agent=","cookie=",
"random-agent","allow-redirect","timeout=","verbose=","help="
]
try:
opts,args = getopt.getopt(sys.argv[1:],s_cmd,l_cmd)
except getopt.GetoptError,e:
self.usage(True)
for i in range(len(opts)):
if(opts[i][0] in('-h','--help')):self.usage(1)
if(opts[i][0] in('-u','--url')):kwargs['url']=opts[i][1]
if(opts[i][0] in('-p','--payload')):kwargs['payload']=opts[i][1]
if(opts[i][0] in('-d','--dbms')):kwargs['dbms']=opts[i][1]
if(opts[i][0] in('-m','--method')):kwargs['method']=opts[i][1]
if(opts[i][0] in('-D','--data')):kwargs['data']=opts[i][1]
if(opts[i][0] in('-a','--agent')):kwargs['agent']=opts[i][1]
if(opts[i][0] in('-c','--cookie')):kwargs['cookie']=opts[i][1]
if(opts[i][0] in('-t','--timeout')):kwargs['timeout']=opts[i][1]
if(opts[i][0] in('-v','--verbose')):kwargs['verbose']=True
if(opts[i][0] in('-r','--random-agent')):kwargs['agent']=ragent()
if(opts[i][0] in('-A','--allow-redirect')):kwargs['allow-redirect']=True
if(len(sys.argv)<2) or not kwargs['url']:self.usage(1)
if(kwargs['payload'] is None):warn2('Please set payload with "-p|--payload" options',1)
if(kwargs['data'] != None):kwargs['method']='POST'
self.banner(__=1)
print("[*] Starting at %s\n"%(strftime))
# -- vars -- #
url = kwargs['url']
data = kwargs['data']
dbms = kwargs['dbms']
_payload = kwargs['payload']
method = kwargs['method'] if data is None else 'post'
# -- init -- #
plus2('testing connection to the target URL...')
info2('checking if the payload is blocked by some kind of WAF/IDS/IPS..')
kwargs['var'] = 0
code = Process(
url,method,data,kwargs
).run() # run()
if code in range(400,599):
warn2('return HTTP error code \033[1;31m\"%s\"\033[0;33m, the target is protected by some kind of WAF/IDS/IPS..'%code)
plus2('using WAF scripts to detect backend WAF/IPS/IDS protection')
Process(
url,method,data,kwargs
).check()
else:plus('return HTTP code \"%s\", the payload not blocked by some kind of WAF/IDS/IPS..'%code,1)
plus2('trying with sqlmap tampers...')
kwargs['var'] = 1
if dbms:
info2('loading \"%s\" tampers...'%dbms)
tampers = tamper_importer(dbms)
if not tampers:
warn2('%s tampers not found.. loading general tampers..'%dbms.upper())
tampers = tamper_importer('general')
for tamper in tampers:
kwargs['tamper'] = tamper.__name__.split('_')[1]
info2("trying with \"%s\" tamper..."%tamper.__name__.split('_')[1])
payload__ = tamper(_payload)
if payload__ != kwargs['payload']:
kwargs['payload'] = payload__
if kwargs['verbose']:
payload(kwargs['payload'])
Process(url,method,data,kwargs).run()
def main(self) -> None:
kwargs = {
'url': None,
'payload': None,
'dbms': 'general',
'method': 'GET',
'data': "",
'concat': None,
'headers': {},
'agent': ragent(),
'cookie': None,
'random-agent': False,
'get-tampers': False,
'allow-redirect': False,
'timeout': None,
'verbose': False,
'proxy': None,
'var': 0,
'tamper': None
}
# -- cmd args -- #
s_cmd = "u:p:d:m:D:a:C:c:t:H:Avrhg"
l_cmd = [
"url=", "payload=", "dbms=", "headers=", "method=", "get-tampers",
"concat=", "data=", "agent=", "cookie=", "random-agent",
"allow-redirect", "timeout=", "verbose=", "help="
]
try:
opts, args = getopt.getopt(sys.argv[1:], s_cmd, l_cmd)
except getopt.GetoptError as e:
self.usage(True)
for i in range(len(opts)):
if (opts[i][0] in ('-h', '--help')): self.usage(1)
if (opts[i][0] in ('-u', '--url')): kwargs['url'] = opts[i][1]
if (opts[i][0] in ('-p', '--payload')):
kwargs['payload'] = opts[i][1]
if (opts[i][0] in ('-d', '--dbms')): kwargs['dbms'] = opts[i][1]
if (opts[i][0] in ('-C', '--concat')):
kwargs['concat'] = opts[i][1]
if (opts[i][0] in ('-g', '--get-tampers')):
kwargs['get-tampers'] = True
if (opts[i][0] in ('-m', '--method')):
kwargs['method'] = opts[i][1]
if (opts[i][0] in ('-D', '--data')): kwargs['data'] = opts[i][1]
if (opts[i][0] in ('-a', '--agent')): kwargs['agent'] = opts[i][1]
if (opts[i][0] in ('-H', '--headers')):
kwargs['headers'].update(self.headers_c(opts[i][1]))
if (opts[i][0] in ('-c', '--cookie')):
kwargs['cookie'] = opts[i][1]
if (opts[i][0] in ('-t', '--timeout')):
kwargs['timeout'] = opts[i][1]
if (opts[i][0] in ('-v', '--verbose')): kwargs['verbose'] = True
if (opts[i][0] in ('-r', '--random-agent')):
kwargs['agent'] = ragent()
if (opts[i][0] in ('-A', '--allow-redirect')):
kwargs['allow-redirect'] = True
# -- * --
if kwargs['get-tampers']:
_p = []
for tamper in tamper_importer('all'):
_p.append(tamper.__name__.split('_'))
print(pretty(_p, ['dbms', 'tamper']))
sys.exit(0)
if (len(sys.argv) < 2) or not kwargs['url']:
self.usage(1)
if (kwargs['payload'] is None):
warn2('Please set payload with "-p|--payload" options', 1)
self.banner(__=1)
print("[*] Starting at %s\n" % (strftime))
# -- vars -- #
_dbms = kwargs['dbms']
_payload = kwargs['payload']
# -- init -- #
plus2('testing connection to the target URL...')
info2(
'checking if the payload is blocked by some kind of WAF/IDS/IPS..')
kwargs['var'] = 0
# -- run --
get_code = Process(url=kwargs['url'],
method=kwargs['method'],
data=kwargs['data'],
kwargs=kwargs)
code = get_code.run()
# -- check
if code in range(400, 599):
warn2(
'return HTTP error code \033[1;31m\"%s\"\033[0;33m, the target is protected by some kind of WAF/IDS/IPS..'
% code)
plus2('using WAF scripts to detect backend WAF/IPS/IDS protection')
waf_ = Process(url=kwargs['url'],
method=kwargs['method'],
data=kwargs['data'],
kwargs=kwargs).waf_detector()
else:
# print msg and exit
plus(
'return HTTP code \"%s\", the payload not blocked by some kind of WAF/IDS/IPS..'
% code, 1)
plus2('trying with sqlmap tampers...')
kwargs['var'] = 1
if _dbms:
info2('loading \"%s\" tampers...' % _dbms)
tampers = tamper_importer(_dbms)
if not tampers:
warn2(
'%s tampers not found for this dbms.. loading generic tampers..'
% _dbms.upper())
tampers = tamper_importer('general')
if kwargs['concat'] != None:
l_ = kwargs['concat'].split(',')
kwargs['tamper'] = kwargs['concat']
info2('tamper concatination.. %s' % ",".join(l_))
concat_ = []
for tamper in tampers:
tamper_ = tamper.__name__.split('_')[1]
if tamper_ in l_:
concat_.append(tamper)
p = _payload
# concatination..
for i in concat_:
p = str(i(p)).replace(r'\u', r'\\u')
# --
if p != _payload:
kwargs['payload'] = p
if kwargs['verbose']:
payload(p)
inject_payload = Process(kwargs.get('url'),
kwargs.get('method'),
kwargs.get('data'), kwargs)
inject_payload.run()
else:
for tamper in tampers:
kwargs['tamper'] = tamper.__name__.split('_')[1]
info2("trying with \"%s\" tamper..." %
tamper.__name__.split('_')[1])
payload__ = str(tamper(_payload)).replace(r'\u', r'\\u')
if payload__ != kwargs['payload']:
kwargs['payload'] = payload__
if kwargs['verbose']:
payload(kwargs['payload'])
inject_payload = Process(
kwargs.get('url'),
kwargs.get('method'),
kwargs.get('data'),
kwargs,
)
inject_payload.run()
def main(self):
kwargs = {
'url': None,
'payload': None,
'dbms': 'general',
'method': 'GET',
'data': None,
'agent': ragent(),
'cookie': None,
'random-agent': False,
'allow-redirect': False,
'timeout': None,
'verbose': False,
'proxy': None,
'var': 0,
'tamper': None,
}
# -- cmd args -- #
s_cmd = "u:p:d:m:D:a:c:t:Avrh"
l_cmd = [
"url=", "payload=", "dbms=", ",method=", "data=", "agent=",
"cookie=", "random-agent", "allow-redirect", "timeout=",
"verbose=", "help="
]
try:
opts, args = getopt.getopt(sys.argv[1:], s_cmd, l_cmd)
except getopt.GetoptError as e:
self.usage(True)
for i in range(len(opts)):
if (opts[i][0] in ('-h', '--help')): self.usage(1)
if (opts[i][0] in ('-u', '--url')): kwargs['url'] = opts[i][1]
if (opts[i][0] in ('-p', '--payload')):
kwargs['payload'] = opts[i][1]
if (opts[i][0] in ('-d', '--dbms')): kwargs['dbms'] = opts[i][1]
if (opts[i][0] in ('-m', '--method')):
kwargs['method'] = opts[i][1]
if (opts[i][0] in ('-D', '--data')): kwargs['data'] = opts[i][1]
if (opts[i][0] in ('-a', '--agent')): kwargs['agent'] = opts[i][1]
if (opts[i][0] in ('-c', '--cookie')):
kwargs['cookie'] = opts[i][1]
if (opts[i][0] in ('-t', '--timeout')):
kwargs['timeout'] = opts[i][1]
if (opts[i][0] in ('-v', '--verbose')): kwargs['verbose'] = True
if (opts[i][0] in ('-r', '--random-agent')):
kwargs['agent'] = ragent()
if (opts[i][0] in ('-A', '--allow-redirect')):
kwargs['allow-redirect'] = True
if (len(sys.argv) < 2) or not kwargs['url']: self.usage(1)
if (kwargs['payload'] is None):
warn2('Please set payload with "-p|--payload" options', 1)
if (kwargs['data'] != None): kwargs['method'] = 'POST'
self.banner(__=1)
print("[*] Starting at %s\n" % (strftime))
# -- vars -- #
url = kwargs['url']
data = kwargs['data']
dbms = kwargs['dbms']
_payload = kwargs['payload']
method = kwargs['method'] if data is None else 'post'
# -- init -- #
plus2('testing connection to the target URL...')
info2(
'checking if the payload is blocked by some kind of WAF/IDS/IPS..')
kwargs['var'] = 0
code = Process(url, method, data, kwargs).run() # run()
if code in range(400, 599):
warn2(
'return HTTP error code \033[1;31m\"%s\"\033[0;33m, the target is protected by some kind of WAF/IDS/IPS..'
% code)
plus2('using WAF scripts to detect backend WAF/IPS/IDS protection')
Process(url, method, data, kwargs).check()
else:
plus(
'return HTTP code \"%s\", the payload not blocked by some kind of WAF/IDS/IPS..'
% code, 1)
plus2('trying with sqlmap tampers...')
kwargs['var'] = 1
if dbms:
info2('loading \"%s\" tampers...' % dbms)
tampers = tamper_importer(dbms)
if not tampers:
warn2('%s tampers not found.. loading general tampers..' %
dbms.upper())
tampers = tamper_importer('general')
for tamper in tampers:
kwargs['tamper'] = tamper.__name__.split('_')[1]
info2("trying with \"%s\" tamper..." %
tamper.__name__.split('_')[1])
payload__ = tamper(_payload)
if payload__ != kwargs['payload']:
kwargs['payload'] = payload__
if kwargs['verbose']:
payload(kwargs['payload'])
Process(url, method, data, kwargs).run()
