def HttpPost(self):
retak = []
ak_List = []
rouData = {}
postData = self.connection
rouData["fields"] = postData
if len(postData) < 1:
return False
if self.header["path"].find(self.testWeb) != -1:
if self.ackMod == "csrf":
ak_List = SearchAndReplace("","csrf")
else:
ak_List = SearchAndReplace("?" + postData)
else:
return False
if len(ak_List) == 0:
return False
echoAk = ""
for ak in ak_List:
if self.ackMod == "csrf":
echoAk = ak
else:
echoAk = ak[1:]
print echo.fail("#Attack Post --------> ") + echo.high(echoAk)
try:
self.setCurlSetOpt("post",ak,rouData)
self.curl.perform()
if self.curl.getinfo(self.curl.HTTP_CODE) == 200:
html = self.sio.getvalue()
if self.ackMod == "csrf":
retak.append(self.header["path"] + ":" + echoAk)
continue;
ds = dasis(html)
if ds.start() == 1:
retak.append(headers["path"] + ":" + echoAk)
del ds
else:
pass
except KeyboardInterrupt:
exit()
except pycurl.error , e:
if e[0] == 56:
print e[1]
#raw_input("Press Enter to continue: ")
break;
except:
def HttpGet(self):
retak = []
ak_List = []
if self.header["path"].find(self.testWeb) != -1:
if self.ackMod == "csrf":
ak_List = SearchAndReplace("","csrf")
else:
ak_List = SearchAndReplace(self.header["path"])
else:
return False
if len(ak_List) == 0:
return False
for ak in ak_List:
print echo.fail("#Attack Get --------> ") + echo.high(ak)
try:
self.setCurlSetOpt("get",ak)
self.curl.perform()
if self.curl.getinfo(self.curl.HTTP_CODE) == 200:
html = self.sio.getvalue()
if self.ackMod == "csrf":
retak.append(self.header["path"] + ":" + ak)
ds = dasis(html)
continue;
if ds.start() == 1:
retak.append(ak)
del ds
else:
pass
except KeyboardInterrupt:
exit()
except pycurl.error , e:
if e[0] == 56:
print e[1]
#raw_input("Press Enter to continue: ")
break;
except: