def print_scan_result(type, response, payload_str, verification, request_info):
""" Print Scan Result
Args:
type: Type of POC, it is a string, e.g. "Cookie", "Path", "Post"
response: The response content of request
payload_str: The real payload of XSS based on parameters, it is a string, e.g. "value=<script>alert(1)</script>"
verification: The verification of XSS, it can be a string or list
request_info: The info of request, it is a dict
"""
result_xss = ""
if response:
res = "[XSS] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(
request_info['rid'], request_info['host'], request_info['method'],
payload_str, verify_xss(response, verification))
result_xss = verify_xss(response, verification)
else:
res = "[XSS] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(
request_info['rid'], request_info['host'], request_info['method'],
payload_str, "not vulnerable")
result_xss = "not vulnerable"
poc_xss = "{}: {}".format(type, payload_str)
update_scan_result(request_info['rid'], 'scan_xss', 'result_xss',
result_xss, 'poc_xss', poc_xss, 'response_xss',
response)
print highlight(res, 'green')
return result_xss
def print_scan_result(type, response, payload_str, verification, request_info):
""" Print Scan Result
Args:
type: Type of POC, it is a string, e.g. "Cookie", "Path", "Post"
response: The response content of request
payload_str: The real payload of FI based on parameters, it is a string, e.g. "file=../../../../../../../../../../../../../../../etc/passwd%00"
verification: The verification of FI, it can be a string or list
request_info: The info of request, it is a dict
"""
result_fi = ""
if response:
res = "[FI] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(
request_info['rid'], request_info['host'], request_info['method'],
payload_str, verify_fi(response, verification))
result_fi = verify_fi(response, verification)
else:
res = "[FI] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(
request_info['rid'], request_info['host'], request_info['method'],
payload_str, "not vulnerable")
result_fi = "not vulnerable"
poc_fi = "{}: {}".format(type, payload_str)
update_scan_result(request_info['rid'], 'scan_fi', 'result_fi', result_fi,
'poc_fi', poc_fi, 'response_fi', response)
print highlight(res, 'green')
return result_fi
def scan_sqli_request(request_info, sqlmapapi_server):
delim = '.............................................\n'
try:
if not is_checked(request_info['rid'], 'scan_sqli'):
print highlight('[*] request id: {}'.format(request_info['rid']), 'green')
print highlight('[*] sqlmapapi server: {}'.format(sqlmapapi_server), 'green')
run_scan_sqli = HackSqlmapApi(sqlmapapi_server, request_info)
run_scan_sqli.run()
if len(run_scan_sqli.data) == 0:
result_sqli = 'not vulnerable'
poc_sqli = ''
else:
result_sqli = 'vulnerable'
poc_sqli = str(run_scan_sqli.data)
update_scan_result(request_info['rid'], 'scan_sqli', 'result_sqli', result_sqli, 'poc_sqli', poc_sqli, 'response_sqli', poc_sqli)
print delim
except Exception, err:
print highlight('[!] error: {}'.format(str(err)), 'red')
print delim
pass
def print_scan_result(type, response, payload_str, verification, request_info):
""" Print Scan Result
Args:
type: Type of POC, it is a string, e.g. "Cookie", "Path", "Post"
response: The response content of request
payload_str: The real payload of FI based on parameters, it is a string, e.g. "file=../../../../../../../../../../../../../../../etc/passwd%00"
verification: The verification of FI, it can be a string or list
request_info: The info of request, it is a dict
"""
result_fi = ""
if response:
res = "[FI] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, verify_fi(response, verification))
result_fi = verify_fi(response, verification)
else:
res = "[FI] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, "not vulnerable")
result_fi = "not vulnerable"
poc_fi = "{}: {}".format(type, payload_str)
update_scan_result(request_info['rid'], 'scan_fi', 'result_fi', result_fi, 'poc_fi', poc_fi, 'response_fi', response)
print highlight(res, 'green')
return result_fi
def print_scan_result(type, response, payload_str, verification, request_info):
""" Print Scan Result
Args:
type: Type of POC, it is a string, e.g. "Cookie", "Path", "Post"
response: The response content of request
payload_str: The real payload of XSS based on parameters, it is a string, e.g. "value=<script>alert(1)</script>"
verification: The verification of XSS, it can be a string or list
request_info: The info of request, it is a dict
"""
result_xss = ""
if response:
res = "[XSS] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, verify_xss(response, verification))
result_xss = verify_xss(response, verification)
else:
res = "[XSS] request id: {}\n\t[-] host: {}\n\t[-] method: {}\n\t[-] payload: {}\n\n[*] result: {}\n\n".format(request_info['rid'], request_info['host'], request_info['method'], payload_str, "not vulnerable")
result_xss = "not vulnerable"
poc_xss = "{}: {}".format(type, payload_str)
update_scan_result(request_info['rid'], 'scan_xss', 'result_xss', result_xss, 'poc_xss', poc_xss, 'response_xss', response)
print highlight(res, 'green')
return result_xss
def scan_sqli_request(request_info, sqlmapapi_server):
delim = '.............................................\n'
try:
if not is_checked(request_info['rid'], 'scan_sqli'):
print highlight('[*] request id: {}'.format(request_info['rid']),
'green')
print highlight(
'[*] sqlmapapi server: {}'.format(sqlmapapi_server), 'green')
run_scan_sqli = HackSqlmapApi(sqlmapapi_server, request_info)
run_scan_sqli.run()
if len(run_scan_sqli.data) == 0:
result_sqli = 'not vulnerable'
poc_sqli = ''
else:
result_sqli = 'vulnerable'
poc_sqli = str(run_scan_sqli.data)
update_scan_result(request_info['rid'], 'scan_sqli', 'result_sqli',
result_sqli, 'poc_sqli', poc_sqli,
'response_sqli', poc_sqli)
print delim
except Exception, err:
print highlight('[!] error: {}'.format(str(err)), 'red')
print delim
pass