action = formDetails["action"]
if checkStringContainKey(action,negKeywords)==False:#check the Negative keywords to filter out non-sensitive data
if formDetails["method"].lower() == "get":# form is a get form, it cannot
#load possible exploit payloads(may generate from phase2)
with open('evaluation.json') as evaluates:
evalData = json.load(evaluates)
for item in evalData:
ssciForm = Form(url, formDetails)
# print '!!!!!formLength'
# print len(ssciForm.formdata["parameter"])
parameters = ssciForm.formdata["parameter"]
for name in parameters.keys():
# print 'name1:', name
# print 'value:', parameters[name]
valid_parameters = dict(ssciForm.fill_entries(payload=evalData[item], paramkey=name))
# print 'parameters!!!'
# print valid_parameters
try:
newParam = ''
r = client.get(action, params=urlencode(valid_parameters))
if r != None:
if r.status_code == 200:
# print r.content
# print r.url
injectSuccess = False
if item == 'LFI1':
if "root:/bin/bash" in r.content \
or 'root:/bin/sh' in r.content:
print "injection success1!"
args, url, method = fill_login_form(response.url, response.content, login_user, login_pass)
loginResponse = client.post(url, data=args, headers=dict(Referer=start_urls))
pprint(loginResponse)
jsonform = []
if "Invalid" in response.content:
pprint("Login failed")
else:
pprint("login successful")
for formDetails in data:
url = formDetails["url"]
action = formDetails["action"]
if checkStringContainKey(action,negKeywords)==False:#check the Negative keywords to filter out non-sensitive data
if formDetails["method"].lower() == "get":# form is a get form, it cannot
csrfForm = Form(url,formDetails)
valid_parameters = dict(csrfForm.fill_entries())
try:
r = client.get(action,params=urlencode(valid_parameters))
if r != None:
if r.status_code == 200:
#formDetails["url"] = url
formDetails["parameter"] = valid_parameters
if len(valid_parameters) != 0:
jsonform.append(formDetails)
#pprint("post form "+csrfForm.formdata["action"] + " is vulnerable to CSRF")
continue
except :
''
elif formDetails["method"].lower() == "post":# form is a post form, check for CSRF
csrfForm = Form(url,formDetails)
pprint(loginResponse)
jsonform = []
if "Invalid" in response.content:
pprint("Login failed")
else:
pprint("login successful")
for formDetails in data:
url = formDetails["url"]
action = formDetails["action"]
if checkStringContainKey(
action, negKeywords
) == False: #check the Negative keywords to filter out non-sensitive data
if formDetails["method"].lower(
) == "get": # form is a get form, it cannot
csrfForm = Form(url, formDetails)
valid_parameters = dict(csrfForm.fill_entries())
try:
r = client.get(action,
params=urlencode(valid_parameters))
if r != None:
if r.status_code == 200:
#formDetails["url"] = url
formDetails["parameter"] = valid_parameters
if len(valid_parameters) != 0:
jsonform.append(formDetails)
#pprint("post form "+csrfForm.formdata["action"] + " is vulnerable to CSRF")
continue
except:
''
elif formDetails["method"].lower(
