def resultHandler(status, payload): th.output_screen_lock.acquire() sys.stdout.write(payload + " " * (th.console_width - len(payload)) + "\r") sys.stdout.flush() th.output_screen_lock.release() if not status or status is POC_RESULT_STATUS.FAIL: return # try again elif status is POC_RESULT_STATUS.RETRAY: changeScanCount(-1) th.target.put(payload) return # vulnerable elif status is True or status is POC_RESULT_STATUS.SUCCESS: msg = '[+] ' + payload th.output_screen_lock.acquire() outputscreen.info(msg) # 成功了 th.output_screen_lock.release() th.result.append(payload) else: msg = str(status) th.output_screen_lock.acquire() outputscreen.info(msg) th.output_screen_lock.release() th.result.append(msg) # get found number of payload +1 changeFoundCount(1) # if result list is too large, save it to file and empty list if len(th.result) > 5000: if not th.no_output: output2file(th.result) th.result = []
def responseHandler(response): ''' @description: 处理响应结果 @param {type} @return: ''' #结果处理阶段 try: size = intToSize(int(response.headers['content-length'])) except (KeyError, ValueError): size = intToSize(len(response.content)) #跳过大小为skip_size的页面 if size == conf.skip_size: return #自动识别404-判断是否与获取404页面特征匹配 if conf.auto_check_404_page: if hashlib.md5( response.content).hexdigest() in conf.autodiscriminator_md5: return #自定义状态码显示 if response.status_code in conf.response_status_code: msg = '[{}]'.format(str(response.status_code)) if conf.response_header_content_type: msg += '[{}]'.format(response.headers.get('content-type')) if conf.response_size: msg += '[{}] '.format(str(size)) msg += response.url outputscreen.info('\r' + msg + ' ' * (th.console_width - len(msg) + 1)) conf['thread'].update.emit(response.url, response.headers.get('content-type'), str(size), str(response.status_code)) #已去重复,结果保存。NOTE:此处使用response.url进行文件名构造,解决使用-iL参数时,不能按照域名来命名文件名的问题 #使用replace(),替换`:`,修复window下不能创建有`:`的文件问题 saveResults( urllib.parse.urlparse(response.url).netloc.replace(':', '_'), msg) #关于递归扫描。响应在自定义状态码中时,添加判断是否进行递归扫描 if response.status_code in conf.recursive_status_code: if conf.recursive_scan: recursiveScan(response.url, payloads.all_payloads) #自定义正则匹配响应 if conf.custom_response_page: pattern = re.compile(conf.custom_response_page) if pattern.search(response.text): outputscreen.info( '[!] Custom response information matched\n[!] use regular expression:{}\n[!] matched page:{}' .format(conf.custom_response_page, response.text))
def responseHandler(response): ''' @description: 处理响应结果 @param {type} @return: ''' #3结果处理阶段 try: size = intToSize(int(response.headers['content-length'])) except (KeyError, ValueError): size = intToSize(len(response.content)) #跳过大小为skip_size的页面 if size == conf.skip_size: return #自定义404页面 if conf.custom_404_page in response.text: return #自定义状态码显示 if response.status_code in conf.response_status_code: msg = '[' + str(response.status_code) + ']' if conf.response_header_content_type: msg += '[' + response.headers['content-type'] + ']' if conf.response_size: msg += '[' + str(size) + ']' msg += response.url outputscreen.info('\r' + msg + ' ' * (th.console_width - len(msg) + 1)) #已去重复,结果保存。NOTE:此处使用response.url进行文件名构造,解决使用-iL参数时,不能按照域名来命名文件名的问题 saveResults(urllib.parse.urlparse(response.url).netloc, msg) #关于递归扫描。响应在自定义状态码中时,添加判断是否进行递归扫描 if response.status_code in conf.recursive_status_code: if conf.recursive_scan: recursiveScan(response.url, payloads.all_payloads) #自定义正则匹配响应 pattern = re.compile(conf.custom_response_page) if pattern.search(response.text): outputscreen.info( '[!] custom response information matched\n[!] use regular expression:{}\n[!] matched page:{}' .format(conf.custom_response_page, response.text))
def _initHttpClient(): if conf.google_proxy: proxy_str = conf.google_proxy elif ConfigFileParser().google_proxy(): proxy_str = ConfigFileParser().google_proxy() else: proxy_str = None if not proxy_str: return Http() msg = 'Proxy: %s' % proxy_str outputscreen.info(msg) proxy = proxy_str.strip().split(' ') if len(proxy) != 3: msg = '[-] SyntaxError in GoogleProxy string, Please check your args or config file.' outputscreen.error(msg) sys.exit() if proxy[0].lower() == 'http': type = PROXY_TYPE.HTTP elif proxy[0].lower() == 'sock5': type = PROXY_TYPE.SOCKS5 elif proxy[0].lower() == 'sock4': type = PROXY_TYPE.SOCKS4 else: msg = '[-] Invalid proxy-type in GoogleProxy string, Please check your args or config file.' outputscreen.error(msg) sys.exit() try: port = int(proxy[2]) except ValueError: msg = '[-] Invalid port in GoogleProxy string, Please check your args or config file.' outputscreen.error(msg) sys.exit() else: http_client = Http(proxy_info=ProxyInfo(type, proxy[1], port)) return http_client
def resultHandler(status, payload): if th.thread_mode: th.output_screen_lock.acquire() sys.stdout.write(payload + " " * (th.console_width - len(payload)) + "\r") sys.stdout.flush() if th.thread_mode: th.output_screen_lock.release() if not status or status is POC_RESULT_STATUS.FAIL: return # try again elif status is POC_RESULT_STATUS.RETRAY: change_scan_count(-1) th.target.put(payload) return # vulnerable elif status is True or status is POC_RESULT_STATUS.SUCCESS: msg = '[+] ' + payload if th.thread_mode: th.output_screen_lock.acquire() outputscreen.info(msg) if th.thread_mode: th.output_screen_lock.release() th.result.append(payload) # If there is a lot of information, Line feed display elif isinstance(status, list): if th.thread_mode: th.output_screen_lock.acquire() for msg in status: outputscreen.info(msg) th.result.append(msg) if th.thread_mode: th.output_screen_lock.release() else: msg = str(status) if th.thread_mode: th.output_screen_lock.acquire() outputscreen.info(msg) if th.thread_mode: th.output_screen_lock.release() th.result.append(msg) # get found number of payload +1 change_found_count(1) # if result list is too large, save it to file and empty list if len(th.result) > 5000: if not th.no_output: output2file(th.result) th.result = []