def Log(self, record, detail=False, full=False, opt1=None, opt2=None, opt3=None): highlight, skip, take = self._displayOptions(opt1, opt2, opt3) ix = record[0] x = record[1] ct = "" cl = "" for k, v in x.request.header.items(): if k.lower() == "content-type": ct = v.split(";")[0] if k.lower() == "content-length": cl = v self.HR() Printer.Cols([ (ix, 6, False), (x.method, 7, False), (ct, 34, False), (cl, 8, False), ("Response: ", 10, False), (x.status, 4, False), (x.mime, 7, False), (x.length, 8, False), (x.ip, 15, False), ]) self.P(x.url) if detail: self.HR() self.P(x.request.line) self.Dict(x.request.HeaderNoCookies()) if x.request.cookies: self.P("Cookie:") self.Dict(x.request.cookies, " ") self.BR(2) if x.request.body: self.P(x.request.content) self.HR() self.P(x.response.line) self.Dict(x.response.header) self.BR(2) if full: matches, lines = Printer.PrintBody(x.response.body, highlight, skip, take, self.P) if highlight: self.BR() self.Pair("Highlights", matches) self.Pair("Lines", ", ".join(lines)) self.BR()
def ResultHeader(self): self.BR() Printer.Cols([("id", 5, False), ("flag", 5, False), ("log", 5, False), ("status", 7, False), ("length", 8, False), ("mime", 7, False), ("time", 7, False), ("cnt", 4, False), ("type", 7, False), ("parameter", 25, False), ("value", 35, False)]) self.HR()
def for_inputs(self): patterns = { "url": re.compile("(http|https)\:\/\/"), "file": re.compile( "\.(php|pdf|exe|txt|asp|aspx|json|do|pl|html|js|csv|htm|jsp|css|ashx|dhtml|cgi|cfm|action|rb|shtml|xml)" ), "code": re.compile("[\{\}\$\;\=\|\:]+"), "path": re.compile("[\/\\\\]+") } ret = [] tpl = "{0} {1} {2}\n{3}\n" for log in self.logs.Search(): params = {} if log[1].request.query: params["Query"] = To.SingleDemension(log[1].request.query) if log[1].request.body: sd = To.SingleDemension(log[1].request.body) if sd: params["Body"] = sd finds = {} for param, values in params.items(): for f, v in values.items(): for t, p in patterns.items(): if p.search(v.lower()): if param in finds.keys(): finds[param][f] = (t, v) else: finds[param] = {f: (t, v)} break if len(finds.keys()) > 0: meta = [] for p, find in finds.items(): label = p + ":" for f, v in find.items(): meta.append( Printer.Cols([ (label, 7, False), (f, 25, False), (v[0].upper(), 5, False), (v[1], 80, False), ], False)) label = "" ret.append( tpl.format(log[0], log[1].method, log[1].request.uri, "\n".join(meta))) return ret
def P(self, content, sep=False): if isinstance(content, bytes): content = content.decode() if self._opt("highlight"): hl = self._opt("highlight") hl = hl if isinstance(hl, list) else [hl] for h in hl: if content.find(h) > -1: if not re.findall("33\/.*{0}.*33\/".format(h), content): content = content.replace( h, Printer.Highlighter(h, "yellow")) print("{0}{1}{0}".format("\n" if sep else "", content))
def Intro(self, source, log_cnt, prnt=False): x = "\n".join([ Printer.Highlighter(("<" * 55) + " belch CLI " + (">" * 55), "orange"), "Source: {0}".format(source), "Records: {0}".format(log_cnt), "" ]) if not prnt: return x else: self.P(x)
def for_cookies(self): ret = [] for log in self.logs.Search(): res = log[1].response if res.cookies: ret += self._cookie_results(res.cookies) h = Printer.Cols([ ("DOMAIN", 40, False), ("NAME", 40, False), ("VALUE", 7, False), ("SAMESITE", 9, False), ("HTTPONLY", 9, False), ("SECURE", 7, False), ], False) return [h] + list(sorted(set(ret)))
def _cookie_results(self, cookies): ret = [] for k, v in cookies.items(): dom = v["Domain"] if "Domain" in v.keys() else "No Domain Set" enc = self._cookie_encoding(v["value"]) sms = v["SameSite"] if "SameSite" in v.keys() else "Lax" htp = "HttpOnly" if "HttpOnly" in v.keys() else "" sec = "Secure" if "Secure" in v.keys() else "" ret.append( Printer.Cols([ (dom, 40, False), (k, 40, False), (enc, 7, False), (sms, 9, False), (htp, 9, False), (sec, 7, False), ], False)) return ret
def Result(self, result, detail=False, full=False, opt1=None, opt2=None, opt3=None): highlight, skip, take = self._displayOptions(opt1, opt2, opt3) res = result.response req = result.response.request meta = result.meta if not detail: Printer.Cols([ (result.result_id, 5, False), ("[+]" if result.flag else "[-]", 5, False, "green" if result.flag else None), (result.log_id, 5, False), (res.status_code, 7, False), (len(res.text), 8, False), (Html.GetMime(res), 7, False), (int(res.elapsed.microseconds / 1000), 7, False), (result.meta["count"] if result.meta else "", 4, False), (result.type, 7, False), (result.parameter, 25, False), (result.value, 35, False) ]) else: self.HR() self.Pair(req.method.upper(), req.url, False) self.Dict(req.headers) self.BR(2) if req.body: #TODO: correct json display self.P(req.body) self.HR() self.Pair(res.status_code, res.reason, False) self.Dict(res.headers) self.BR(2) if full: body = res.text if result.meta and "rendered" in result.meta.keys(): body = result.meta["rendered"] if result.meta and "diff" in result.meta.keys(): body = "".join(result.meta["diff"]) matches, lines = Printer.PrintBody(body, highlight, skip, take, self.P) if highlight: self.BR() self.Pair("Highlights", matches) self.Pair("Lines", ", ".join(lines)) self.BR() self.HR() if result.pv: for p, v in result.pv.items(): self.Pair("Parameter", p) self.Pair("Word", v) self.BR() if meta: if meta["type"] == "match": self.Pair("Matches", meta["count"]) for m in meta["matches"]: self.Pair(" ", m, False) if meta["type"] == "compare": diffs = [] for k, v in meta.items(): if isinstance(v, bool) and v == True: diffs.append(k) self.Pair("Differences", meta["count"]) self.P(", ".join(diffs)) self.BR() if meta["headers"]: self.Pair("Headers", ", ".join(meta["headers"])) if meta["cookies"]: self.Pair("Cookies", ", ".join(meta["cookies"])) self.BR()
def GetPrompt(self): return Printer.Highlighter("b3l(h> ", "orange")
def Warring(self, mesage): self.P(Printer.Highlighter(message, "yellow"))
def Error(self, message): self.P(Printer.Highlighter(message, "red"))
def Success(self, message): self.P(Printer.Highlighter(message, "green"))