def Get(url): d = nq.Dump() for header in SCAN_Headers: for payload in sqli_payloads: all_headers = {} r = nq.Get(url) if r == 0: break save_request.save(r) try: H = nq.Dump()['headers'][header] P = f'{H}{payload}' except: P = payload for H, V in d['headers'].items(): if H == header: pass else: all_headers[H] = V all_headers[header] = P req = REQ(url.split('?')[0], method='GET', headers=all_headers) if req == 0: break for n, e in sql_err.items(): r2 = findall(e.encode('utf-8'), save_request.get().content) r3 = findall(e.encode('utf-8'), req.content) if len(r2) < len(r3): show.bug_Header(bug='SQL injection', payload=payload, method='GET', header=header, target=url) break
def Get(url): d = nq.Dump() for header in SCAN_Headers: for payload, message in ssti_payloads.items(): all_headers = {} r = nq.Get(url) if r == 0: break r = len(findall(message.encode('utf-8'), r.content)) try: H = nq.Dump()['headers'][header] P = f'{H}{payload}' except: P = payload for H, V in d['headers'].items(): if H == header: pass else: all_headers[H] = V all_headers[header] = P req = REQ(url.split('?')[0], headers=all_headers) if req == 0: break if r < len(findall(message.encode('utf-8'), req.content)): show.bug_Header(bug='template injection', payload=payload, method='GET', header=header, target=url) break
def Get(url): all_headers = {} d = nq.Dump() for header in SCAN_Headers: for payload in xss_payloads: try: H = nq.Dump()['headers'][header] P = f'{H}{payload}' except: P = payload for H, V in d['headers'].items(): if H == header: pass else: all_headers[H] = V all_headers[header] = P req = REQ(url, headers=all_headers) if req != 0: if payload.encode('utf-8') in req.content: show.bug_Header(bug='Cross-site scripting', payload=payload, method='GET', header=header, target=url) break
def Put(url): d = nq.Dump() for header in SCAN_Headers: for payload in sqli_payloads: all_headers = {} try: url.split('?')[1].split('&') data = urlparse(url).query data = post_data(data) if data == 0: data = {} except: data = {} r = nq.Put(url, data) if r == 0: break save_request.save(r) try: H = nq.Dump()['headers'][header] P = f'{H}{payload}' except: P = payload for H, V in d['headers'].items(): if H == header: pass else: all_headers[H] = V all_headers[header] = P req = REQ(url.split('?')[0], data=data, method='PUT', headers=all_headers) if req == 0: break for n, e in sql_err.items(): r = findall(e.encode('utf-8'), save_request.get().content) r2 = findall(e.encode('utf-8'), req.content) if len(r) < len(r2): show.bug_Header(bug='SQL injection', payload=payload, method='PUT', header=header, target=url) break
def Put(url): d = nq.Dump() for header in SCAN_Headers: for payload, message in rce_payloads.items(): all_headers = {} payload = payload.replace('\n', '%0a') try: url.split('?')[1].split('&') data = urlparse(url).query data = post_data(data) if data == 0: data = {} except: data = {} r = nq.Put(url.split('?')[0], data) if r == 0: break r = len(findall(message.encode('utf-8'), r.content)) try: H = nq.Dump()['headers'][header] P = f'{H}{payload}' except: P = payload for H, V in d['headers'].items(): if H == header: pass else: all_headers[H] = V all_headers[header] = P req = REQ(url.split('?')[0], data=data, method='PUT', headers=all_headers) if req == 0: break if r < len(findall(message.encode('utf-8'), req.content)): show.bug_Header(bug='command injection', payload=payload.replace('\n', '%0a'), method='PUT', header=header, target=url) break
def REQ(url=None, data=None, method='GET', headers=None): d = nq.Dump() return new_req(url=url, proxy=d['proxy'], Dump=d['dump'], method=method, headers=headers, timeout=d['timeout'], redirect=d['redirect'], cookies=d['cookies'], data=data)
def Put(url): d = nq.Dump() for header in SCAN_Headers: for payload in xss_payloads: all_headers = {} try: url.split('?')[1].split('&') data = urlparse(url).query data = post_data(data) if data == 0: data = {} except: data = {} try: H = nq.Dump()['headers'][header] P = f'{H}{payload}' except: P = payload for H, V in d['headers'].items(): if H == header: pass else: all_headers[H] = V all_headers[header] = P req = REQ(url.split('?')[0], data=data, method='PUT', headers=all_headers) if req == 0: break if payload.encode('utf-8') in req.content: show.bug_Header(bug='Cross-site scripting', payload=payload, method='PUT', header=header, target=url) break