コード例 #1
0
    def Code(logs,fp):
        mapped = []
        multi = False
        jpad = 4
        opad = 0
        tpl = "single"
    
        if not isinstance(logs,list): 
            logs = [logs]

        if len(logs) > 1:
            multi = True
            jpad = 8
            opad = 4
            tpl = "multiple"
    

        for log in logs:
            mapped.append(Generate.substitute_map(log,jpad))
        const_header = "None"
        const_cookies = "None"

        if multi: 
            if len(set(map(lambda x: x["@@HEADER"],mapped))) == 1:
                const_header = To.Code(logs[0].request.HeaderNoCookies())
                for m in mapped:
                   m["@@HEADER"] = "header"
                
            if len(set(map(lambda x: x["@@COOKIES"],mapped))) == 1:
                const_cookies =  To.Code(logs[0].request.cookies)
                for m in mapped:
                   m["@@COOKIES"] = "cookies"

        t = Reader.Read("{0}/{1}.pyt".format(os.path.dirname(__file__),tpl))
        req_objs = [Generate.gen_request_object(m,opad) for m in mapped]
        
        if multi: 
            t = Reader.Substitute(t,"@@HEADER",const_header)
            t = Reader.Substitute(t,"@@COOKIES",const_cookies)
            t = Reader.Substitute(t,"@@REQOBJS",",\n".join(req_objs))
        else: 
            t = Reader.Substitute(t,"@@REQOBJ",req_objs[0])
        
        Writer.Replace(fp,t)
        return "Python Script Written to: {0}".format(fp)
コード例 #2
0
ファイル: options.py プロジェクト: bdunford/waabi
 def load(self):
     try:
         if os.path.isfile(self._file):
             t = Reader.Json(self._file)
             for k, v in t.items():
                 self.Set(k, v)
         else:
             self.Save()
     except:
         self.Save()
コード例 #3
0
ファイル: scanner.py プロジェクト: bdunford/waabi
    def Init(self):
        if self.options.wordlist:
            self._wl = Reader.List(self.options.wordlist)
        else:
            self._wl = WordList.Get("web-common")

        if not self.options.output:
            self.options.output = "./dirscan.txt"

        if self.options.header:
            self._header = Reader.Json(self.options.header)
        else:
            self._header = waabi.globals.default_header

        if not self.options.threads:
            self.options.threads = 5

        self._counter = 0
        self._errors = 0
        self._found = []
        self._counts = {}
コード例 #4
0
    def WithMockOauth(self, issuer, private_key_file, kid):
        iat = int(datetime.datetime.now().timestamp())
        headers = {"kid": kid}
        payload = self.payload
        payload["iss"] = issuer
        payload["iat"] = iat
        payload["exp"] = iat + 3600

        try:
            token = jwt.encode(payload,
                               Reader.Read(private_key_file),
                               algorithm="RS256",
                               headers=headers)
            return token
        except Exception as ex:
            return "Error encoding token: {0}".format(ex)
コード例 #5
0
    def gen_request_object(s_map,pad):
        lpad = " " * pad
        t = [
            "ReqObj(",
            "    url = @@URL,",
            "    method = @@METHOD,",
            "    header = @@HEADER,",
            "    cookies = @@COOKIES,",
            "    query = @@QUERY,",
            "    body = @@BODY",
            ")"
        ]
        
        tpl = "\n".join([lpad + l for l in t])

        for k,v in s_map.items():
            tpl = Reader.Substitute(tpl,k,v)
        return tpl
コード例 #6
0
    def Construct(payload, keyfile, kid, issuer, header, secret, signature):
        alg = header["alg"] if header and "alg" in header.keys() else False

        if secret:
            if not alg:
                return "Error: Header containing an alg must be present when supplying secret."
            else:
                try:
                    if alg in ("HS256", "HS512"):
                        alg_enc = hashlib.sha512 if alg == "HS512" else hashlib.sha256
                        return Jwty.SignAsHS(header, payload, secret.encode(),
                                             alg_enc)
                    header.pop("alg", None)
                    token = jwt.encode(payload,
                                       secret,
                                       algorithm=alg,
                                       headers=header)
                    return token
                except Exception as ex:
                    return "Error encoding token: {0}".format(ex)

        if signature:
            eh = Jwty.Uenc(header)
            ep = Jwty.Uenc(payload)
            return "{0}.{1}.{2}".format(eh.decode(), ep.decode(), signature)

        header = header if header else {}
        header["alg"] = "RS256"
        header["kid"] = kid
        payload["iss"] = issuer
        try:
            token = jwt.encode(payload,
                               Reader.Read(keyfile),
                               algorithm="RS256",
                               headers=header)
            return token
        except Exception as ex:
            return "Error encoding token: {0}".format(ex)
コード例 #7
0
ファイル: logs.py プロジェクト: bdunford/waabi
 def Reload(self):
     self._logs = Parser.ParseBurpLog(Reader.Xml(self.source))
コード例 #8
0
ファイル: payload.py プロジェクト: bdunford/waabi
 def Get(name):
     if name in Payload.GetNames():
         return Reader.ReadBytes(
             os.path.join(waabi.globals.payload_path, name))
     return False
コード例 #9
0
ファイル: belch.py プロジェクト: bdunford/waabi
 def Init(self):
     if self.options.parameter not in ["header", "code", "cli"]:
         raise ValueError("Invalid Action parameter")
     if not self.options.input:
         raise ValueError("Missing required option -i Burp xml export ")
     self._burp_xml = Reader.Xml(self.options.input)
コード例 #10
0
 def Get(name):
     if name in WordList.GetNames():
         return Reader.List(
             os.path.join(waabi.globals.wordlist_path,
                          "{0}.txt".format(name)))
     return False