def run(forms, url, cookies): """ Itera todos os formulários preenchendo os campos com nossos payloads. Se payload for injetado e executado com êxito, significa que a página é vulnerável ao XSS. :param forms: Lista de formulários que existem na URL :param url: URL alvo que irá servir como base para join com atributo action de formulários :param cookies: Informações para auxiliar em caso de acesso restrito :return: Flag informando se é ou não vulnerável ao XSS """ ajax_url = input('Informe a URL que está sendo enviada as informações via AJAX se existir: ') file_payloads = open("payloads.txt", "r") # Carregamos nosso arquivo que possui nossos payloads e para cada payload vamos fazer o teste payloads = file_payloads.readlines() # Transformamos as linhas do nosso arquivo em lista, para facilitar no loop for payload in payloads: for form in forms: details = extractor.run(form) # details do formulário js = ' '.join(payload.split()) # breakpoint() response = submit.run(details=details, url=url, payload=js, ajax_url=ajax_url, cookies=cookies) # breakpoint() # c2205pegoq1lqetqsnts7o0t06 if response: if payload in response.content.decode(): print('--- Formulário Vulnerável ---') print(form) print('--- Payload Executado ---') print(payload) file_payloads.close()
def run(num_samples = 10000, verbose = False, Covid = False, feed_back = [],sf=0): # Extract features loading=open("((cm,-0.4)=0.84)causeSunWed.pkl",'rb') xA, xF, xJ, xS, cmFJS, cmAJS, cmAFS, cmAFJ,_A,_F,_J,_S,cm4=load(loading) loading.close() #ext, val_xs, val_ys, count_vectorizer = extractor.run( # verbose = verbose, num_samples = num_samples, feed_back = [cmFJS, cmAJS, cmAFS, cmAFJ],scoreFactor=-0.4) ext, val_xs, val_ys, count_vectorizer = extractor.run( verbose = verbose, num_samples = num_samples, feed_back = feed_back,scoreFactor=sf) if Covid: val_xs, val_ys = read_data() ## negationArray = [negation.mark_negation(sent) for sent in val_xs] clf = Classifier(ext.score, ext.log_prior, ext.num_classes) # Make validation bow _, val_bows, sent = extractor._create_bow(val_xs, vectorizer=count_vectorizer, msg_prefix="\n[Validation]") # Evaluation ## val_preds = clf.classify(val_xs, negationArray, count_vectorizer,ext.num_classes) val_preds, val_scores = clf.classify(val_bows) val_accuracy = accuracy_score(val_ys, val_preds) val_cm = confusion_matrix(val_ys, val_preds) val_cm_norm = confusion_matrix(val_ys, val_preds,normalize="true") print("\n[Validation] Accuracy: {}".format(val_accuracy)) print("\n[Validation] Confusion matrix: \n{}".format(val_cm)) if True: sn.heatmap(val_cm_norm, annot=True,cmap="Greens",xticklabels=["Anger","Fear","Joy","Sadness"],yticklabels=["Anger","Fear","Joy","Sadness"]) plt.show()
def main(): parser = argparse.ArgumentParser('minecraft-data-extractor', epilog=EPILOG) parser.add_argument("-v", "--version", help=VERSION_HELP, required=True) parser.add_argument("--decompile", help="Decompile speicifed version", action='store_true') parser.add_argument( "--extract", nargs='?', help= "Possible extractors: burger, burger-extractor, jar-extractor, builtin. Seperate with commas. If none specified, all will be run.", const='') parser.add_argument("--diffs", help="Generate git diffs from decompiled versions", action='store_true') parser.add_argument("--clean", help="Erase data on completion (dry run).", action='store_true') parser.add_argument('--server', help="Decompile server instead of client", action='store_true') parser.add_argument("--ignoreMappings", help="Decompile even if mappings are not found", action='store_true') args = parser.parse_args() print("Args", args) versions = [] _versions = args.version if '?' in _versions: print_versions() return if _versions == 'all': versions = [] elif ',' in _versions and ('>' in _versions or '<' in _versions): parser.print_help() print("Invalid versions") sys.exit(1) else: versions = _versions.split(',') if args.decompile: print("Decompile ", versions, _versions, 'server' if args.server else 'client') decompiler.run(versions, client=not args.server, ignoreMappings=args.ignoreMappings) if args.extract != None: toppings_ava = [ 'burger', 'burger-extractor', 'jar-extractor', 'builtin' ] toppings_req = args.extract.split(',') toppings = [] if not args.extract: toppings = toppings_ava else: for t in toppings_req: if t in toppings_ava: toppings.append(t) extractor.run(versions, runBurger='burger' in toppings, runBE='burger-extractor' in toppings, runJarExtractor='jar-extractor' in toppings) if args.diffs: if len(versions) == 2: gen_diffs(versions[0], versions[1]) else: gen_diffs() print(f"Done: {len(utils.get_journal_writes())} files written") if args.clean: clean(args, versions) pass
default_path='logging.yaml', default_level=logging.INFO, env_key='LOG_CFG' ): path = default_path value = os.getenv(env_key, None) if value: path = value if os.path.exists(path): with open(path, 'rt') as f: config = yaml.load(f.read()) logging.config.dictConfig(config) else: logging.basicConfig(level=default_level) if __name__ == '__main__': setup_logging() logger = logging.getLogger(__name__) #logger.info('starting subsetter task') #subsetter.run('46348_CAVoter.txt') #logger.info('ended subsetter task') counties = [ 'alameda', #'sanbernardino', #'sanfrancisco' 'losangeles' ] logger.info('starting extractor task') extractor.run(counties) logger.info('ended extractor task')
def run(num_samples=30000, num_sentences=10, outDeminish=4000, verbose=False, chunkScatter=False, dates=[ "../../2020-04-19 Coronavirus Tweets.csv", "../../2020-04-21 Coronavirus Tweets.csv", "../../2020-04-22 Coronavirus Tweets.csv" ], printtweets=False, feedback=[]): # the list "avoid" contains manual filtering data avoid = ['...', "n't", 'https', "'re", "amp"] data_list = [] for date in dates: data_list.append( pd.read_csv(date, header=None, engine='python', skiprows=1, encoding="utf-8")) data = map(lambda df: list(df[4][df[21] == 'en'][df[11] > 90000]), data_list) # map(fun, iterable) returns function returns a map object(an iterator) of the results # after applying the given function to each item of a given iterable # val here means validation set. val_x means the validation tweet # and val_y means the validated emotion for the val_x(tweet) ext, val_xs, val_ys, count_vectorizer = extractor.run( feed_back=feedback, verbose=verbose, num_samples=num_samples) clf = classifier.Classifier(ext.score, ext.log_prior, ext.num_classes) # Make validation bow(bag of words) val_bows_list = [] random.seed(10) for i in data: _, val_bow_data, sentences = extractor._create_bow( random.sample(i, num_samples), vectorizer=count_vectorizer, msg_prefix="\n[Validation]") val_bows_list.append((val_bow_data, sentences)) # Evaluation val_data_list = [] for x in val_bows_list: val_pred, val_scores = clf.classify(x[0]) val_data_list.append((val_pred, val_scores, x[1])) # See trend of emotions over time result_data = [] for i in val_data_list: fd = nltk.FreqDist(i[0]) result_data.append(list(fd.items())) for d in dates: print(d[8:13], end=" + ") print() _a, _f, _j, _s = 0, 0, 0, 0 for rData in result_data: for i in rData: if i[0] == 0: _a += i[1] elif i[0] == 1: _f += i[1] elif i[0] == 2: _j += i[1] else: _s += i[1] print("Anger : {0}, Fear: {1}, Joy: {2}, Sadness: {3}".format( _a, _f, _j, _s)) tot = _a + _f + _j + _s print("{0:.2f}%, {1:.2f}%, {2:.2f}%, {3:.2f}%".format( _a / tot * 100, _f / tot * 100, _j / tot * 100, _s / tot * 100)) # See classification of random sentences from the first set combined_preds, combined_scores, combined_tweets = [], [], [] for val_data in val_data_list: combined_preds = combined_preds + list(val_data[0]) combined_scores = combined_scores + list(val_data[1]) combined_tweets = combined_tweets + list(val_data[2]) check_list = list(zip(combined_preds, combined_scores, combined_tweets)) check_anger = sorted([item for item in check_list if item[0] == 0], key=lambda x: x[1], reverse=True) check_fear = sorted([item for item in check_list if item[0] == 1], key=lambda x: x[1], reverse=True) check_joy = sorted([item for item in check_list if item[0] == 2], key=lambda x: x[1], reverse=True) check_sadness = sorted([item for item in check_list if item[0] == 3], key=lambda x: x[1], reverse=True) if printtweets: print("ANGER:", len(check_anger)) for i in check_anger[:len(check_anger) // outDeminish]: print(i) print("FEAR:", len(check_fear)) for i in check_fear[:len(check_fear) // outDeminish]: print(i) print("JOY:", len(check_joy)) for i in check_joy[:len(check_joy) // outDeminish]: print(i) print("SADNESS:", len(check_sadness)) for i in check_sadness[:len(check_sadness) // outDeminish]: print(i) if chunkScatter: model = Word2Vec([ nltk.word_tokenize(twt[2].lower()) for twt in check_fear + check_sadness + check_joy + check_anger ], size=50, workers=4, iter=10) checks = [check_anger, check_fear, check_joy, check_sadness] title = ["Anger", "Fear", "Joy", "Sadness"] titlei = 0 result = [] for check in checks: Words = [] for _twt in check: Words += list(nltk.word_tokenize(_twt[2].lower())) wFD = nltk.FreqDist(Words) # model = model.wv.save_word2vec_format() words = [ w for w, fr in wFD.most_common(200) if (w not in list(stp.words('english')) + avoid and len(w) > 2) ] result.append(words) if chunkScatter: vecs = [model[w] for w in words] tsne = TSNE(n_components=2) vecs_tsne = tsne.fit_transform(vecs) df = pd.DataFrame(vecs_tsne, index=words, columns=['x', 'y']) fig = plt.figure() fig.suptitle("Word Cluster for {}".format(title[titlei]), fontsize=25) ax = fig.add_subplot(1, 1, 1) ax.title.set_text(title[titlei]) kcl = KMeansClusterer(5, nltk.cluster.util.cosine_distance, repeats=50) Labels = kcl.cluster(vecs, assign_clusters=True) colors = [] for i in Labels: if (i == 0): colors.append("r") elif (i == 1): colors.append("g") elif (i == 2): colors.append("y") elif (i == 3): colors.append("c") elif (i == 4): colors.append("m") else: colors.append("k") ax.scatter(df['x'], df['y'], marker=6, s=270, c=colors) titlei = titlei + 1 for word, pos in df.iterrows(): ax.annotate(word, pos, fontsize=10) for j in range(10): for i in range(len(vecs)): if Labels[i] == j: print(words[i]) print("\n") plt.show() return result
import extractor import sqlite import config import os import time weibo_list = extractor.run() if os.path.exists(config.sqlite_db): os.rename(config.sqlite_db, config.sqlite_db + str(int(time.time()))) sqlite.insert_into_new_db(weibo_list) sqlite.dump_db()
parser = argparse.ArgumentParser(description=description) parser.add_argument("--option", dest="option", action="store", choices=["c", "s", "e"], required=True, help="c - compress, s - scan, e - extract") parser.add_argument("file", metavar="file", type=str, help="path for file to processing") parser.add_argument("--extract-dir", dest="extract_dir", action="store") args = parser.parse_args() print("{0}\n".format(description)) logging.info("Running scanner...") scanner = scanner.Scanner(file_name=args.file) results = scanner.run() if results == None: sys.exit(1) if args.option == "e": logging.info("Extracting...") extractor = extractor.Extractor(file_name=args.file, extract_dir=args.extract_dir, results=results) extractor.run()