def inject_cookie(url, vuln_parameter, payload, proxy):
if proxy == None:
opener = urllib2.build_opener()
else:
opener = urllib2.build_opener(proxy)
if settings.TIME_RELATIVE_ATTACK :
payload = urllib.quote(payload)
# Check if defined POST data
if menu.options.data:
menu.options.data = settings.USER_DEFINED_POST_DATA
request = urllib2.Request(url, menu.options.data)
else:
url = parameters.get_url_part(url)
request = urllib2.Request(url)
#Check if defined extra headers.
headers.do_check(request)
payload = checks.newline_fixation(payload)
request.add_header('Cookie', menu.options.cookie.replace(settings.INJECT_TAG, payload))
try:
headers.check_http_traffic(request)
response = opener.open(request)
return response
except ValueError:
pass
def inject_cookie(url, vuln_parameter, payload, proxy):
if proxy == None:
opener = urllib2.build_opener()
else:
opener = urllib2.build_opener(proxy)
if settings.TIME_RELATIVE_ATTACK :
payload = urllib.quote(payload)
# Check if defined POST data
if menu.options.data:
menu.options.data = settings.USER_DEFINED_POST_DATA
request = urllib2.Request(url, menu.options.data)
else:
url = parameters.get_url_part(url)
request = urllib2.Request(url)
#Check if defined extra headers.
headers.do_check(request)
payload = checks.newline_fixation(payload)
request.add_header('Cookie', menu.options.cookie.replace(settings.INJECT_TAG, payload))
try:
headers.check_http_traffic(request)
response = opener.open(request)
return response
except ValueError:
pass
def inject_user_agent(url, vuln_parameter, payload, proxy):
if proxy == None:
opener = urllib2.build_opener()
else:
opener = urllib2.build_opener(proxy)
# Check if defined POST data
if menu.options.data:
menu.options.data = settings.USER_DEFINED_POST_DATA
request = urllib2.Request(url, menu.options.data)
else:
url = parameters.get_url_part(url)
request = urllib2.Request(url)
#Check if defined extra headers.
headers.do_check(request)
payload = checks.newline_fixation(payload)
request.add_header('User-Agent', payload)
try:
headers.check_http_traffic(request)
response = opener.open(request)
return response
except ValueError:
pass
def inject_user_agent(url, vuln_parameter, payload, proxy):
if proxy == None:
opener = urllib2.build_opener()
else:
opener = urllib2.build_opener(proxy)
# Check if defined POST data
if menu.options.data:
menu.options.data = settings.USER_DEFINED_POST_DATA
request = urllib2.Request(url, menu.options.data)
else:
url = parameters.get_url_part(url)
request = urllib2.Request(url)
#Check if defined extra headers.
headers.do_check(request)
payload = checks.newline_fixation(payload)
request.add_header('User-Agent', payload)
try:
headers.check_http_traffic(request)
response = opener.open(request)
return response
except ValueError:
pass
def inject_custom_header(url, vuln_parameter, payload, proxy):
if proxy == None:
opener = _urllib.request.build_opener()
else:
opener = _urllib.request.build_opener(proxy)
# Check if defined POST data
if menu.options.data:
menu.options.data = settings.USER_DEFINED_POST_DATA
request = _urllib.request.Request(url, menu.options.data.encode(settings.UNICODE_ENCODING))
else:
url = parameters.get_url_part(url)
request = _urllib.request.Request(url)
#Check if defined extra headers.
headers.do_check(request)
payload = checks.newline_fixation(payload)
request.add_header(settings.CUSTOM_HEADER_NAME, payload)
try:
headers.check_http_traffic(request)
response = opener.open(request)
return response
except ValueError:
pass
