Exemplos de SingleRequest em Python

Exemplo n.º 1

Arquivo: test_request.py Projeto: zzhacked/Sitadel

def test_request():
    r = SingleRequest()
    assert hasattr(r, 'send')

    r1 = SingleRequest(url='test',
                       agent='agent',
                       proxy='proxy',
                       redirect='redirect',
                       timeout='timeout')
    assert r1.url == 'test'
    assert r1.agent == 'agent'
    assert r1.proxy == 'proxy'
    assert r1.redirect == 'redirect'
    assert r1.timeout == 'timeout'
    assert isinstance(r1.ruagent, str)

Exemplo n.º 2

Arquivo: test_attack.py Projeto: xianlimei/Sitadel

def test_current_plugins():
    test_url = "http://localhost"
    settings.from_yaml("tests/lib/config/test_attack_config.yml")
    Services.register("datastore", Datastore(settings.datastore))
    Services.register("logger", logging.getLogger("sitadelLog"))
    Services.register("output", Output())
    Services.register("request_factory", SingleRequest(url=test_url, agent="Sitadel"))
    plugins = settings.attack_plugins
    Attacks(test_url, [test_url]).run(plugins)

Exemplo n.º 3

Arquivo: test_fingerprint.py Projeto: xianlimei/Sitadel

def test_current_plugins():
    test_url = "http://localhost"
    settings.from_yaml("tests/lib/config/test_fingerprint_config.yml")
    Services.register("logger", logging.getLogger("sitadelLog"))
    Services.register("output", Output())
    Services.register("request_factory", SingleRequest(url=test_url, agent="Sitadel"))
    plugins = settings.fingerprint_plugins
    Fingerprints(
        url=test_url,
        cookie=None,
    ).run(plugins)

Exemplo n.º 4

Arquivo: test_request.py Projeto: zzhacked/Sitadel

def test_request_send():
    req = SingleRequest()
    with pytest.raises(requests.exceptions.MissingSchema):
        req.send(url='test')

    assert req.send(url='http://example.com').request.method == 'GET'
    assert req.send(url='http://example.com',
                    method='post').request.method == 'POST'

Exemplo n.º 5

Arquivo: test_request.py Projeto: xianlimei/Sitadel

def test_request():
    Services.register("output", Output())

    r = SingleRequest()
    if not hasattr(r, "send"):
        raise AssertionError

    r1 = SingleRequest(url="test",
                       agent="agent",
                       proxy="proxy",
                       redirect="redirect",
                       timeout="timeout")
    if r1.url != "test":
        raise AssertionError
    if r1.agent != "agent":
        raise AssertionError
    if r1.proxy != "proxy":
        raise AssertionError
    if r1.redirect != "redirect":
        raise AssertionError
    if r1.timeout != "timeout":
        raise AssertionError
    if not isinstance(r1.ruagent, str):
        raise AssertionError

Exemplo n.º 6

Arquivo: test_request.py Projeto: xianlimei/Sitadel

def test_request_send():
    req = SingleRequest()
    with pytest.raises(requests.exceptions.MissingSchema):
        req.send(url="test")

    if req.send(url="http://example.com").request.method != "GET":
        raise AssertionError
    if req.send(url="http://example.com",
                method="post").request.method != "POST":
        raise AssertionError

Exemplo n.º 7

    def main(self):
        parser = argparse.ArgumentParser(
            formatter_class=argparse.ArgumentDefaultsHelpFormatter,
            usage=self.bn.banner(),
        )
        # Prepare the possible values for risk levels
        risk_values = [r.value for r in Risk]
        # Add arguments
        parser.add_argument("url", help="URL of the website to scan")
        parser.add_argument(
            "-r",
            "--risk",
            type=int,
            help="Level of risk allowed for the scan",
            choices=risk_values,
        )
        parser.add_argument(
            "-ua",
            "--user-agent",
            default="Sitadel " + __version__,
            help="User-agent to set for the scan requests",
        )
        parser.add_argument(
            "--redirect",
            dest="redirect",
            help="Whether or not the scan should follow redirection",
            action="store_true",
        )
        parser.add_argument(
            "--no-redirect",
            dest="redirect",
            help="Whether or not the scan should follow redirection",
            action="store_false",
        )
        parser.set_defaults(redirect=True)
        parser.add_argument(
            "-t",
            "--timeout",
            type=int,
            default=30,
            help="Timeout to set for the scan HTTP requests",
        )
        parser.add_argument("-c",
                            "--cookie",
                            help="Cookie to set for the scan HTTP requests")
        parser.add_argument("-p",
                            "--proxy",
                            help="Proxy to set for the scan HTTP requests")
        parser.add_argument("-f",
                            "--fingerprint",
                            nargs="+",
                            help="Fingerprint modules to activate")
        parser.add_argument("-a",
                            "--attack",
                            nargs="+",
                            help="Attack modules to activate")
        parser.add_argument("--config",
                            help="Path to the config file",
                            default="config/config.yml")
        parser.add_argument(
            "-v",
            "--verbosity",
            action="count",
            default=0,
            help="Increase output verbosity",
        )
        parser.add_argument("--version",
                            action="version",
                            version=self.bn.version())
        args = parser.parse_args()

        # Verify the target URL
        self.url = validator.validate_target(args.url)

        # Reading configuration
        settings.from_yaml(args.config)
        if args.risk is not None:
            settings.risk = Risk(args.risk)

        # Register services
        Services.register("datastore", Datastore(settings.datastore))
        Services.register("logger", logging.getLogger("sitadelLog"))
        Services.register("output", Output(args.verbosity))
        Services.register(
            "request_factory",
            SingleRequest(
                url=self.url,
                agent=args.user_agent,
                proxy=args.proxy,
                redirect=args.redirect,
                timeout=args.timeout,
            ),
        )

        # Display target and scan starting time
        self.bn.preamble(self.url)

        # Run the fingerprint modules
        self.ma.fingerprints(
            args.fingerprint,
            args.user_agent,
            args.proxy,
            args.redirect,
            args.timeout,
            self.url,
            args.cookie,
        )

        # Run the crawler to discover urls
        discovered_urls = self.ma.crawler(self.url, args.user_agent)

        # Run the attack modules on discovered urls
        self.ma.attacks(args.attack, self.url, discovered_urls)

Exemplo n.º 8

    def main(self):
        parser = argparse.ArgumentParser(
            formatter_class=argparse.ArgumentDefaultsHelpFormatter,
            usage=self.bn.banner(),
        )
        # Prepare the possible values for risk levels
        risk_values = [r.value for r in Risk]
        # Add arguments
        parser.add_argument("url", help="URL of the website to scan")
        parser.add_argument(
            "-r",
            "--risk",
            type=int,
            help="Level of risk allowed for the scan",
            choices=risk_values,
        )
        parser.add_argument(
            "-ua",
            "--user-agent",
            default="Sitadel " + __version__,
            help="User-agent to set for the scan requests",
        )
        parser.add_argument(
            "--redirect",
            dest="redirect",
            help="Whether or not the scan should follow redirection",
            action="store_true",
        )
        parser.add_argument(
            "--no-redirect",
            dest="redirect",
            help="Whether or not the scan should follow redirection",
            action="store_false",
        )
        parser.set_defaults(redirect=True)
        parser.add_argument(
            "-t",
            "--timeout",
            type=int,
            default=30,
            help="Timeout to set for the scan HTTP requests",
        )
        parser.add_argument("-c",
                            "--cookie",
                            help="Cookie to set for the scan HTTP requests")
        parser.add_argument("-p",
                            "--proxy",
                            help="Proxy to set for the scan HTTP requests")
        parser.add_argument("-f",
                            "--fingerprint",
                            nargs="+",
                            help="Fingerprint modules to activate")
        parser.add_argument("-a",
                            "--attack",
                            nargs="+",
                            help="Attack modules to activate")
        parser.add_argument("--config",
                            help="Path to the config file",
                            default="config/config.yml")
        parser.add_argument(
            "-v",
            "--verbosity",
            action="count",
            default=0,
            help="Increase output verbosity",
        )
        parser.add_argument("--version",
                            action="version",
                            version=self.bn.version())
        args = parser.parse_args()

        # Verify the target URL
        self.url = validator.validate_target(args.url)

        # Reading configuration
        settings.from_yaml(args.config)
        if args.risk is not None:
            settings.risk = Risk(args.risk)

        # Setting up the logger
        logger = logging.getLogger("sitadelLog")
        logging.basicConfig(
            filename="sitadel.log",
            filemode="w",
            format="%(asctime)s - %(name)s - %(levelname)s - %(message)s",
            datefmt="%d-%b-%y %H:%M:%S",
            level=(logging.CRITICAL - (args.verbosity * 10)),
        )

        # Create handlers
        console_handler = logging.StreamHandler()
        console_handler.setLevel(logging.WARNING)

        file_handler = logging.FileHandler("sitadel.log")
        file_handler.setLevel(level=(logging.CRITICAL - (args.verbosity * 10)))

        # Create formatters and add it to handlers
        console_format = logging.Formatter(
            "%(name)s - %(levelname)s - %(message)s")
        console_handler.setFormatter(console_format)

        file_format = logging.Formatter(
            "%(asctime)s - %(name)s - %(levelname)s - %(message)s")
        file_handler.setFormatter(file_format)

        # Add handlers to the logger
        logger.addHandler(console_handler)
        logger.addHandler(file_handler)

        # Register services
        Services.register("datastore", Datastore(settings.datastore))
        Services.register("logger", logger)
        Services.register("output", Output())
        Services.register(
            "request_factory",
            SingleRequest(
                url=self.url,
                agent=args.user_agent,
                proxy=args.proxy,
                redirect=args.redirect,
                timeout=args.timeout,
            ),
        )

        # Display target and scan starting time
        self.bn.preamble(self.url)
        try:
            # Run the fingerprint modules
            self.ma.fingerprints(
                args.fingerprint,
                self.url,
                args.cookie,
            )

            # Run the crawler to discover urls
            discovered_urls = self.ma.crawler(self.url, args.user_agent)

            # Hotfix on KeyboardInterrupt being redirected to scrapy crawler process
            signal.signal(signal.SIGINT, signal.default_int_handler)

            # Run the attack modules on discovered urls
            self.ma.attacks(args.attack, self.url, discovered_urls)
        except KeyboardInterrupt:
            raise
        finally:
            self.bn.postscript()

Exemplo n.º 9

Arquivo: test_fingerprint.py Projeto: xianlimei/Sitadel

def test_fingerprint_launcher():
    Services.register("output", Output())
    Services.register("request_factory", SingleRequest())
    f = Fingerprints(None, None)
    if not hasattr(f, "run"):
        raise AssertionError