def _test(self, payload_obj):
try:
web = EasySSL(self.ssl_flag)
web.connect(self._host, self._port, self._timeout)
web.send(str(payload_obj).encode())
#print(payload_obj)
start_time = datetime.now()
res = web.recv_nb(self._timeout)
end_time = datetime.now()
web.close()
if res is None:
delta_time = end_time - start_time
if delta_time.seconds < (self._timeout - 1):
return (2, res, payload_obj
) # Return code 2 if disconnected before timeout
return (1, res, payload_obj
) # Return code 1 if connection timedout
# Filter out problematic characters
res_filtered = ""
for single in res:
if single > 0x7F:
res_filtered += '\x30'
else:
res_filtered += chr(single)
res = res_filtered
#if '504' in res:
#print("\n\n"+str(str(payload_obj)))
#print("\n\n"+res)
return (0, res, payload_obj
) # Return code 0 if normal response returned
except Exception as exception_data:
#print(exception_data)
return (-1, None, payload_obj
) # Return code -1 if some except occured
def _get_cookies(self):
RN = "\r\n"
try:
cookies = []
web = EasySSL(self.ssl_flag)
web.connect(self._host, self._port, 2.0)
p = Payload()
p.host = self._host
p.method = "GET"
p.endpoint = self._endpoint
p.header = "__METHOD__ __ENDPOINT__?cb=__RANDOM__ HTTP/1.1" + RN
p.header += "Host: __HOST__" + RN
p.header += "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.87 Safari/537.36" + RN
p.header += "Content-type: application/x-www-form-urlencoded; charset=UTF-8" + RN
p.header += "Content-Length: 0" + RN
p.body = ""
#print (str(p))
web.send(str(p).encode())
sleep(0.5)
res = web.recv_nb(2.0)
web.close()
if (res is not None):
res = res.decode().split("\r\n")
for elem in res:
if len(elem) > 11:
if elem[0:11].lower().replace(" ",
"") == "set-cookie:":
cookie = elem.lower().replace("set-cookie:", "")
cookie = cookie.split(";")[0] + ';'
cookies += [cookie]
info = ((Fore.CYAN + str(len(cookies)) + Fore.MAGENTA),
self._logh)
print_info("Cookies : %s (Appending to the attack)" %
(info[0]))
self._cookies += cookies
return True
except Exception as exception_data:
error = ((Fore.CYAN + "Unable to connect to host" + Fore.MAGENTA),
self._logh)
print_info("Error : %s" % (error[0]))
return False
def _test(self, payload_obj):
try:
web = EasySSL(self.ssl_flag)
web.connect(self._host, self._port, self._timeout)
web.send(
str(payload_obj).encode().replace(
b'\xc2\x80',
b'\x80').replace(b'\xc2\x81', b'\x81').replace(
b'\xc2\x82',
b'\x82').replace(b'\xc2\x83', b'\x83').replace(
b'\xc2\x84',
b'\x84').replace(b'\xc2\x85', b'\x85').replace(
b'\xc2\x86',
b'\x86').replace(b'\xc2\x87', b'\x87').replace(
b'\xc2\x88', b'\x88').replace(
b'\xc2\x89', b'\x89').replace(
b'\xc2\x8a', b'\x8a').replace(
b'\xc2\x8b', b'\x8b').replace(
b'\xc2\x8c',
b'\x8c').replace(
b'\xc2\x8d',
b'\x8d').replace(
b'\xc2\x8e',
b'\x8e').replace(
b'\xc2\x8f',
b'\x8f').
replace(b'\xc2\x90', b'\x90').replace(
b'\xc2\x91', b'\x91').replace(
b'\xc2\x92',
b'\x92').replace(b'\xc2\x93',
b'\x93').replace(
b'\xc2\x94',
b'\x94').replace(
b'\xc2\x95',
b'\x95').replace(
b'\xc2\x96',
b'\x96').replace(
b'\xc2\x97',
b'\x97').replace(
b'\xc2\x98',
b'\x98').replace(
b'\xc2\x99',
b'\x99').
replace(b'\xc2\x9a', b'\x9a').replace(
b'\xc2\x9b', b'\x9b').replace(
b'\xc2\x9c',
b'\x9c').replace(
b'\xc2\x9d',
b'\x9d').replace(
b'\xc2\x9e',
b'\x9e').replace(
b'\xc2\x9f',
b'\x9f').replace(
b'\xc2\xa0',
b'\xa0').replace(
b'\xc2\xa1',
b'\xa1').replace(
b'\xc2\xa2',
b'\xa2').replace(
b'\xc2\xa3',
b'\xa3').replace(
b'\xc2\xa4',
b'\xa4').replace(
b'\xc2\xa5',
b'\xa5').replace(
b'\xc2\xa6',
b'\xa6').
replace(b'\xc2\xa7', b'\xa7').replace(
b'\xc2\xa8', b'\xa8').replace(
b'\xc2\xa9',
b'\xa9').replace(
b'\xc2\xaa',
b'\xaa').replace(
b'\xc2\xab',
b'\xab').replace(
b'\xc2\xac',
b'\xac').replace(
b'\xc2\xad',
b'\xad').replace(
b'\xc2\xae',
b'\xae').replace(
b'\xc2\xaf',
b'\xaf').replace(
b'\xc2\xb0',
b'\xb0').replace(
b'\xc2\xb1',
b'\xb1').replace(
b'\xc2\xb2',
b'\xb2').replace(
b'\xc2\xb3',
b'\xb3').
replace(b'\xc2\xb4', b'\xb4').replace(
b'\xc2\xb5', b'\xb5').replace(
b'\xc2\xb6',
b'\xb6').replace(
b'\xc2\xb7',
b'\xb7').replace(
b'\xc2\xb8',
b'\xb8').replace(
b'\xc2\xb9',
b'\xb9').replace(
b'\xc2\xba',
b'\xba').replace(
b'\xc2\xbb',
b'\xbb').replace(
b'\xc2\xbc',
b'\xbc').replace(
b'\xc2\xbd',
b'\xbd').replace(
b'\xc2\xbe',
b'\xbe').replace(
b'\xc2\xbf',
b'\xbf').replace(
b'\xc3\x80',
b'\xc0').
replace(b'\xc3\x81', b'\xc1').replace(
b'\xc3\x82', b'\xc2').replace(
b'\xc3\x83',
b'\xc3').replace(
b'\xc3\x84',
b'\xc4').replace(
b'\xc3\x85',
b'\xc5').replace(
b'\xc3\x86',
b'\xc6').replace(
b'\xc3\x87',
b'\xc7').replace(
b'\xc3\x88',
b'\xc8').replace(
b'\xc3\x89',
b'\xc9').replace(
b'\xc3\x8a',
b'\xca').replace(
b'\xc3\x8b',
b'\xcb').replace(
b'\xc3\x8c',
b'\xcc').replace(
b'\xc3\x8d',
b'\xcd').
replace(b'\xc3\x8e', b'\xce').replace(
b'\xc3\x8f', b'\xcf').replace(
b'\xc3\x90',
b'\xd0').replace(
b'\xc3\x91',
b'\xd1').replace(
b'\xc3\x92',
b'\xd2').replace(
b'\xc3\x93',
b'\xd3').replace(
b'\xc3\x94',
b'\xd4').replace(
b'\xc3\x95',
b'\xd5').replace(
b'\xc3\x96',
b'\xd6').replace(
b'\xc3\x97',
b'\xd7').replace(
b'\xc3\x98',
b'\xd8').replace(
b'\xc3\x99',
b'\xd9').replace(
b'\xc3\x9a',
b'\xda').
replace(b'\xc3\x9b', b'\xdb').replace(
b'\xc3\x9c', b'\xdc').replace(
b'\xc3\x9d',
b'\xdd').replace(
b'\xc3\x9e',
b'\xde').replace(
b'\xc3\x9f',
b'\xdf').replace(
b'\xc3\xa0',
b'\xe0').replace(
b'\xc3\xa1',
b'\xe1').replace(
b'\xc3\xa2',
b'\xe2').replace(
b'\xc3\xa3',
b'\xe3').replace(
b'\xc3\xa4',
b'\xe4').replace(
b'\xc3\xa5',
b'\xe5').replace(
b'\xc3\xa6',
b'\xe6').replace(
b'\xc3\xa7',
b'\xe7').
replace(b'\xc3\xa8', b'\xe8').replace(
b'\xc3\xa9', b'\xe9').replace(
b'\xc3\xaa',
b'\xea').replace(
b'\xc3\xab',
b'\xeb').replace(
b'\xc3\xac',
b'\xec').replace(
b'\xc3\xad',
b'\xed').replace(
b'\xc3\xae',
b'\xee').replace(
b'\xc3\xaf',
b'\xef').replace(
b'\xc3\xb0',
b'\xf0').replace(
b'\xc3\xb1',
b'\xf1').replace(
b'\xc3\xb2',
b'\xf2').replace(
b'\xc3\xb3',
b'\xf3').replace(
b'\xc3\xb4',
b'\xf4').
replace(b'\xc3\xb5', b'\xf5').replace(
b'\xc3\xb6', b'\xf6').replace(
b'\xc3\xb7',
b'\xf7').replace(
b'\xc3\xb8',
b'\xf8').replace(
b'\xc3\xb9',
b'\xf9').replace(
b'\xc3\xba',
b'\xfa').replace(
b'\xc3\xbb',
b'\xfb').replace(
b'\xc3\xbc',
b'\xfc').replace(
b'\xc3\xbd',
b'\xfd').replace(
b'\xc3\xbe',
b'\xfe').replace(
b'\xc3\xbf', b'\xff'))
start_time = datetime.now()
res = web.recv_nb(self._timeout)
end_time = datetime.now()
web.close()
if res is None:
delta_time = end_time - start_time
if delta_time.seconds < (self._timeout - 1):
return (2, res, payload_obj
) # Return code 2 if disconnected before timeout
return (1, res, payload_obj
) # Return code 1 if connection timedout
# Filter out problematic characters
res_filtered = ""
for single in res:
if single > 0x7F:
res_filtered += '\x30'
else:
res_filtered += chr(single)
res = res_filtered
#if '504' in res:
#print("\n\n"+str(str(payload_obj)))
#print("\n\n"+res)
return (0, res, payload_obj
) # Return code 0 if normal response returned
except Exception as exception_data:
#print(exception_data)
return (-1, None, payload_obj
) # Return code -1 if some except occured