def Log(self,
record,
detail=False,
full=False,
opt1=None,
opt2=None,
opt3=None):
highlight, skip, take = self._displayOptions(opt1, opt2, opt3)
ix = record[0]
x = record[1]
ct = ""
cl = ""
for k, v in x.request.header.items():
if k.lower() == "content-type":
ct = v.split(";")[0]
if k.lower() == "content-length":
cl = v
self.HR()
Printer.Cols([
(ix, 6, False),
(x.method, 7, False),
(ct, 34, False),
(cl, 8, False),
("Response: ", 10, False),
(x.status, 4, False),
(x.mime, 7, False),
(x.length, 8, False),
(x.ip, 15, False),
])
self.P(x.url)
if detail:
self.HR()
self.P(x.request.line)
self.Dict(x.request.HeaderNoCookies())
if x.request.cookies:
self.P("Cookie:")
self.Dict(x.request.cookies, " ")
self.BR(2)
if x.request.body:
self.P(x.request.content)
self.HR()
self.P(x.response.line)
self.Dict(x.response.header)
self.BR(2)
if full:
matches, lines = Printer.PrintBody(x.response.body, highlight,
skip, take, self.P)
if highlight:
self.BR()
self.Pair("Highlights", matches)
self.Pair("Lines", ", ".join(lines))
self.BR()
def ResultHeader(self):
self.BR()
Printer.Cols([("id", 5, False), ("flag", 5, False), ("log", 5, False),
("status", 7, False), ("length", 8, False),
("mime", 7, False), ("time", 7, False),
("cnt", 4, False), ("type", 7, False),
("parameter", 25, False), ("value", 35, False)])
self.HR()
def for_inputs(self):
patterns = {
"url":
re.compile("(http|https)\:\/\/"),
"file":
re.compile(
"\.(php|pdf|exe|txt|asp|aspx|json|do|pl|html|js|csv|htm|jsp|css|ashx|dhtml|cgi|cfm|action|rb|shtml|xml)"
),
"code":
re.compile("[\{\}\$\;\=\|\:]+"),
"path":
re.compile("[\/\\\\]+")
}
ret = []
tpl = "{0} {1} {2}\n{3}\n"
for log in self.logs.Search():
params = {}
if log[1].request.query:
params["Query"] = To.SingleDemension(log[1].request.query)
if log[1].request.body:
sd = To.SingleDemension(log[1].request.body)
if sd:
params["Body"] = sd
finds = {}
for param, values in params.items():
for f, v in values.items():
for t, p in patterns.items():
if p.search(v.lower()):
if param in finds.keys():
finds[param][f] = (t, v)
else:
finds[param] = {f: (t, v)}
break
if len(finds.keys()) > 0:
meta = []
for p, find in finds.items():
label = p + ":"
for f, v in find.items():
meta.append(
Printer.Cols([
(label, 7, False),
(f, 25, False),
(v[0].upper(), 5, False),
(v[1], 80, False),
], False))
label = ""
ret.append(
tpl.format(log[0], log[1].method, log[1].request.uri,
"\n".join(meta)))
return ret
def P(self, content, sep=False):
if isinstance(content, bytes):
content = content.decode()
if self._opt("highlight"):
hl = self._opt("highlight")
hl = hl if isinstance(hl, list) else [hl]
for h in hl:
if content.find(h) > -1:
if not re.findall("33\/.*{0}.*33\/".format(h), content):
content = content.replace(
h, Printer.Highlighter(h, "yellow"))
print("{0}{1}{0}".format("\n" if sep else "", content))
def Intro(self, source, log_cnt, prnt=False):
x = "\n".join([
Printer.Highlighter(("<" * 55) + " belch CLI " + (">" * 55),
"orange"), "Source: {0}".format(source),
"Records: {0}".format(log_cnt), ""
])
if not prnt:
return x
else:
self.P(x)
def for_cookies(self):
ret = []
for log in self.logs.Search():
res = log[1].response
if res.cookies:
ret += self._cookie_results(res.cookies)
h = Printer.Cols([
("DOMAIN", 40, False),
("NAME", 40, False),
("VALUE", 7, False),
("SAMESITE", 9, False),
("HTTPONLY", 9, False),
("SECURE", 7, False),
], False)
return [h] + list(sorted(set(ret)))
def _cookie_results(self, cookies):
ret = []
for k, v in cookies.items():
dom = v["Domain"] if "Domain" in v.keys() else "No Domain Set"
enc = self._cookie_encoding(v["value"])
sms = v["SameSite"] if "SameSite" in v.keys() else "Lax"
htp = "HttpOnly" if "HttpOnly" in v.keys() else ""
sec = "Secure" if "Secure" in v.keys() else ""
ret.append(
Printer.Cols([
(dom, 40, False),
(k, 40, False),
(enc, 7, False),
(sms, 9, False),
(htp, 9, False),
(sec, 7, False),
], False))
return ret
def Result(self,
result,
detail=False,
full=False,
opt1=None,
opt2=None,
opt3=None):
highlight, skip, take = self._displayOptions(opt1, opt2, opt3)
res = result.response
req = result.response.request
meta = result.meta
if not detail:
Printer.Cols([
(result.result_id, 5, False),
("[+]" if result.flag else "[-]", 5, False,
"green" if result.flag else None), (result.log_id, 5, False),
(res.status_code, 7, False), (len(res.text), 8, False),
(Html.GetMime(res), 7, False),
(int(res.elapsed.microseconds / 1000), 7, False),
(result.meta["count"] if result.meta else "", 4, False),
(result.type, 7, False), (result.parameter, 25, False),
(result.value, 35, False)
])
else:
self.HR()
self.Pair(req.method.upper(), req.url, False)
self.Dict(req.headers)
self.BR(2)
if req.body:
#TODO: correct json display
self.P(req.body)
self.HR()
self.Pair(res.status_code, res.reason, False)
self.Dict(res.headers)
self.BR(2)
if full:
body = res.text
if result.meta and "rendered" in result.meta.keys():
body = result.meta["rendered"]
if result.meta and "diff" in result.meta.keys():
body = "".join(result.meta["diff"])
matches, lines = Printer.PrintBody(body, highlight, skip, take,
self.P)
if highlight:
self.BR()
self.Pair("Highlights", matches)
self.Pair("Lines", ", ".join(lines))
self.BR()
self.HR()
if result.pv:
for p, v in result.pv.items():
self.Pair("Parameter", p)
self.Pair("Word", v)
self.BR()
if meta:
if meta["type"] == "match":
self.Pair("Matches", meta["count"])
for m in meta["matches"]:
self.Pair(" ", m, False)
if meta["type"] == "compare":
diffs = []
for k, v in meta.items():
if isinstance(v, bool) and v == True:
diffs.append(k)
self.Pair("Differences", meta["count"])
self.P(", ".join(diffs))
self.BR()
if meta["headers"]:
self.Pair("Headers", ", ".join(meta["headers"]))
if meta["cookies"]:
self.Pair("Cookies", ", ".join(meta["cookies"]))
self.BR()
def GetPrompt(self):
return Printer.Highlighter("b3l(h> ", "orange")
def Warring(self, mesage):
self.P(Printer.Highlighter(message, "yellow"))
def Error(self, message):
self.P(Printer.Highlighter(message, "red"))
def Success(self, message):
self.P(Printer.Highlighter(message, "green"))