def __add__(key, element):
dictionary = get_json(APP_SETTINGS)
elements = dictionary.get(key)
if type(elements) != list:
elements = []
if element not in elements:
elements.append(element)
dictionary[key] = elements
set_json(dictionary, APP_SETTINGS)
return True
def __remove__(key, element):
dictionary = get_json(APP_SETTINGS)
if dictionary.get(key) is None:
return True
if element == '*':
# Rimuove tutti gli elementi
dictionary[key] = []
set_json(dictionary, APP_SETTINGS)
return True
elements = dictionary[key]
if element in elements:
elements.remove(element)
dictionary[key] = elements
set_json(dictionary, APP_SETTINGS)
return True
def deep_inject_form(url, max_depth):
"""
Search a form in the page returned by url.
If it doesn't find a form, or the injection can't be done, it visit the website in search for other forms
:param url: str The url to visit
:param max_depth: int The max depth during the visit
:return A dictionary of parsed forms like { '<visited_url>': [ form_1, form_2, ... }
"""
base_url = urlparse(url).netloc
parsed_forms = dict()
out_file = APP_STORAGE_OUT + '/' + now() + '_DEEP_FORMS_' + base_url + '.json'
def _deep_inject_form(href, depth=1):
# Check the domain
if href in parsed_forms or urlparse(href).netloc != base_url or (max_depth is not None and depth > max_depth):
return ''
# Visit the current href
parsed_relevant, request_cookies = relevant_parse(href)
parsed_forms[href] = find_forms(parsed_relevant, href)
# Find adjacent links
links = find_links(parsed_relevant)
if len(parsed_forms) % 10 == 0:
Log.info('Writing result in ' + out_file + '...')
set_json(parsed_forms, out_file)
# Visit adjacent links
for link in links:
# print('link: '+link)
child_request_cookies = _deep_inject_form(link, depth+1)
if len(child_request_cookies) > len(request_cookies):
request_cookies = child_request_cookies
return request_cookies
cookies = _deep_inject_form(url)
Log.info('Writing result in ' + out_file + '...')
set_json(parsed_forms, out_file)
Log.success('Result wrote in ' + out_file)
Log.success('Website crawled! Found '+str(len(parsed_forms))+' pages')
SqlmapClient.try_inject(parsed_forms, cookies)
return parsed_forms
def _deep_inject_form(href, depth=1):
# Check the domain
if href in parsed_forms or urlparse(href).netloc != base_url or (max_depth is not None and depth > max_depth):
return ''
# Visit the current href
parsed_relevant, request_cookies = relevant_parse(href)
parsed_forms[href] = find_forms(parsed_relevant, href)
# Find adjacent links
links = find_links(parsed_relevant)
if len(parsed_forms) % 10 == 0:
Log.info('Writing result in ' + out_file + '...')
set_json(parsed_forms, out_file)
# Visit adjacent links
for link in links:
# print('link: '+link)
child_request_cookies = _deep_inject_form(link, depth+1)
if len(child_request_cookies) > len(request_cookies):
request_cookies = child_request_cookies
return request_cookies
def __set__(key, value):
dictionary = get_json(APP_SETTINGS)
dictionary[key] = value
set_json(dictionary, APP_SETTINGS)
return True