def inject_cookie(url, vuln_parameter, payload, proxy): if proxy == None: opener = urllib2.build_opener() else: opener = urllib2.build_opener(proxy) if settings.TIME_RELATIVE_ATTACK : payload = urllib.quote(payload) # Check if defined POST data if menu.options.data: menu.options.data = settings.USER_DEFINED_POST_DATA request = urllib2.Request(url, menu.options.data) else: url = parameters.get_url_part(url) request = urllib2.Request(url) #Check if defined extra headers. headers.do_check(request) payload = checks.newline_fixation(payload) request.add_header('Cookie', menu.options.cookie.replace(settings.INJECT_TAG, payload)) try: headers.check_http_traffic(request) response = opener.open(request) return response except ValueError: pass
def inject_user_agent(url, vuln_parameter, payload, proxy): if proxy == None: opener = urllib2.build_opener() else: opener = urllib2.build_opener(proxy) # Check if defined POST data if menu.options.data: menu.options.data = settings.USER_DEFINED_POST_DATA request = urllib2.Request(url, menu.options.data) else: url = parameters.get_url_part(url) request = urllib2.Request(url) #Check if defined extra headers. headers.do_check(request) payload = checks.newline_fixation(payload) request.add_header('User-Agent', payload) try: headers.check_http_traffic(request) response = opener.open(request) return response except ValueError: pass
def inject_custom_header(url, vuln_parameter, payload, proxy): if proxy == None: opener = _urllib.request.build_opener() else: opener = _urllib.request.build_opener(proxy) # Check if defined POST data if menu.options.data: menu.options.data = settings.USER_DEFINED_POST_DATA request = _urllib.request.Request(url, menu.options.data.encode(settings.UNICODE_ENCODING)) else: url = parameters.get_url_part(url) request = _urllib.request.Request(url) #Check if defined extra headers. headers.do_check(request) payload = checks.newline_fixation(payload) request.add_header(settings.CUSTOM_HEADER_NAME, payload) try: headers.check_http_traffic(request) response = opener.open(request) return response except ValueError: pass