def Get(url):
mt = methods.Get(url)
if mt == 0:
pass
elif mt == 1 and refxss.Get(url) == 1:
for param in url.split("?")[1].split("&"):
for payload in xss_payloads:
req = nq.Get(url.replace(param, param + en(payload)))
if req != 0:
if payload.encode('utf-8') in req.content:
bug = {
'name': 'Corss-site scripting',
'payload': payload,
'method': 'GET',
'parameter': param,
'link': url.replace(param, param + en(payload))
}
show.bug(bug='Cross-site scripting',
payload=payload,
method='GET',
parameter=param,
link=url.replace(param,
param + en(payload)))
return bug
return None
def Get(url):
if methods.Get(url) == 1:
if 1 == 1:
for param in url.split('?')[1].split('&'):
for payload, message in ssti_payloads.items():
r = nq.Get(url)
if r == 0:
break
r = len(findall(message.encode('utf-8'), r.content))
req = nq.Get(url.replace(param, param + en(payload)))
if req == 0:
break
if r < len(
findall(message.encode('utf-8'), req.content)):
bug = {
'name': 'template injection',
'payload': payload,
'method': 'GET',
'parameter': param,
'link': url.replace(param,
param + en(payload)),
'target': url.split('?')[0]
}
show.bug(bug='template injection',
payload=payload,
method='GET',
parameter=param,
link=url.replace(param,
param + en(payload)))
return bug
return None
def Get(url):
for param in url.split('?')[1].split('&'):
for payload in sqli_payloads:
r = nq.Get(url)
if r == 0:
break
save_request.save(r)
req = nq.Get(url.replace(param, param + payload))
if req == 0:
break
for n, e in sql_err.items():
r2 = findall(e.encode('utf-8'), save_request.get().content)
r3 = findall(e.encode('utf-8'), req.content)
if len(r2) < len(r3):
bug = {
'name': 'SQL injection',
'payload': payload,
'method': 'GET',
'parameter': param,
'link': url.replace(param, param + en(payload)),
'target': url.split('?')[0]
}
show.bug(bug='SQL injection',
payload=payload,
method='GET',
parameter=param,
target=url.split('?')[0],
link=url.replace(param, param + en(payload)))
return bug
return None
def Get(url):
for param in url.split('?')[1].split('&'):
for payload in crlf_payloads:
r = nq.Get(url.replace(param,param + en(payload)))
if r == 0:
break
if r.headers.get('Header-Test'):
bug = {
'name':'CRLF injection',
'payload':payload.replace('\n','%0a').replace('\r','%0d'),
'method':'GET',
'parameter':param,
'link':url.replace(param,param + en(payload)),
'target':url.split('?')[0]
}
show.bug(
bug='CRLF injection',
payload=payload.replace('\n','%0a').replace('\r','%0d'),
method='GET',
parameter=param,
link=url.replace(param,param + en(payload))
)
return bug
else:
continue
return None
def Get(url):
for param in url.split("?")[1].split("&"):
for payload in xss_payloads:
req = nq.Get(url.replace(param, param + en(payload)))
if req != 0:
if payload.encode('utf-8') in req.content:
show.bug(bug='Cross-site scripting',
payload=payload,
method='GET',
parameter=param,
link=url.replace(param, param + en(payload)))
break
def Get(url):
for param in url.split('?')[1].split('&'):
for payload in crlf_payloads:
r = nq.Get(url.replace(param, param + en(payload)))
if r == 0:
break
if 'BLATRUC' == r.headers.get('Header-Test'):
show.bug(bug='CRLF injection',
payload=payload.replace('\n', '%0a').replace(
'\r', '%0d'),
method='GET',
parameter=param,
link=url.replace(param, param + en(payload)))
else:
continue
def Get(url):
for param in url.split('?')[1].split('&'):
for payload, message in ssti_payloads.items():
r = nq.Get(url)
if r == 0:
break
r = len(findall(message.encode('utf-8'), r.content))
req = nq.Get(url.replace(param, param + en(payload)))
if req == 0:
break
if r < len(findall(message.encode('utf-8'), req.content)):
show.bug(bug='template injection',
payload=payload,
method='GET',
parameter=param,
link=url.replace(param, param + en(payload)))
break