def build_page1_request_proxy(self, m):
_f = Frame.new(m._('Anonymous/Proxy'))
_boxes = [Box() for _ in range(6)]
_boxes[0].pack_start(m._request_area_safe_url_ckbtn, False, True, 5)
_boxes[0].pack_start(m._request_area_safe_url_entry, True, True, 5)
_boxes[0].pack_start(m._request_area_safe_post_ckbtn, False, True, 5)
_boxes[0].pack_start(m._request_area_safe_post_entry, True, True, 5)
m._request_area_safe_req_chooser.connect(
'clicked',
self._handlers.set_file_entry_text,
[m._request_area_safe_req_entry]
)
_boxes[1].pack_start(m._request_area_safe_req_ckbtn, False, True, 5)
_boxes[1].pack_start(m._request_area_safe_req_entry, True, True, 0)
_boxes[1].pack_start(m._request_area_safe_req_chooser, False, True, 5)
_boxes[1].pack_start(m._request_area_safe_freq_ckbtn, False, True, 5)
_boxes[1].pack_start(m._request_area_safe_freq_entry, False, True, 5)
_boxes[2].pack_start(g.Separator.new(HORIZONTAL), True, True, 5)
m._request_area_proxy_ckbtn.connect(
'clicked',
self.cb_single, m._optimize_area_keep_alive_ckbtn)
m._request_area_proxy_file_chooser.connect(
'clicked',
self._handlers.set_file_entry_text,
[m._request_area_proxy_file_entry]
)
m._request_area_proxy_freq_entry.set_width_chars(10)
m._request_area_proxy_port_entry.set_width_chars(10)
m._request_area_tor_port_entry.set_width_chars(10)
_boxes[3].pack_start(m._request_area_ignore_proxy_ckbtn, False, True, 5)
_boxes[3].pack_start(m._request_area_proxy_freq_ckbtn, False, True, 5)
_boxes[3].pack_start(m._request_area_proxy_freq_entry, False, True, 5)
_boxes[3].pack_start(m._request_area_proxy_file_ckbtn, False, True, 5)
_boxes[3].pack_start(m._request_area_proxy_file_entry, True, True, 0)
_boxes[3].pack_start(m._request_area_proxy_file_chooser, False, True, 5)
_boxes[4].pack_start(m._request_area_proxy_ckbtn, False, True, 5)
_boxes[4].pack_start(m._request_area_proxy_ip_label, False, True, 5)
_boxes[4].pack_start(m._request_area_proxy_ip_entry, True, True, 5)
_boxes[4].pack_start(m._request_area_proxy_port_label, False, True, 5)
_boxes[4].pack_start(m._request_area_proxy_port_entry, False, True, 5)
_boxes[4].pack_start(m._request_area_proxy_username_label, False, True, 5)
_boxes[4].pack_start(m._request_area_proxy_username_entry, True, True, 5)
_boxes[4].pack_start(m._request_area_proxy_password_label, False, True, 5)
_boxes[4].pack_start(m._request_area_proxy_password_entry, True, True, 5)
_boxes[5].pack_start(m._request_area_tor_ckbtn, False, True, 5)
_boxes[5].pack_start(m._request_area_tor_port_ckbtn, False, True, 5)
_boxes[5].pack_start(m._request_area_tor_port_entry, False, True, 5)
_boxes[5].pack_start(m._request_area_tor_type_ckbtn, False, True, 5)
_boxes[5].pack_start(m._request_area_tor_type_entry, False, True, 5)
_boxes[5].pack_start(m._request_area_check_tor_ckbtn, False, True, 5)
_request_proxy_opts = Box(orientation=VERTICAL, spacing = 5)
for _ in _boxes:
_request_proxy_opts.add(_)
_f.add(_request_proxy_opts)
return _f
def build_page1_request_data(self, m):
_f = Frame.new(m._('HTTP data'))
_boxes = [Box() for _ in range(8)]
_boxes[0].pack_start(m._request_area_method_ckbtn, False, True, 5)
_boxes[0].pack_start(m._request_area_method_entry, False, True, 5)
_boxes[0].pack_start(m._request_area_param_del_ckbtn, False, True, 5)
_boxes[0].pack_start(m._request_area_param_del_entry, False, True, 5)
_boxes[0].pack_start(m._request_area_chunked_ckbtn, False, True, 5)
_boxes[1].pack_start(m._request_area_post_ckbtn, False, True, 5)
_boxes[1].pack_start(m._request_area_post_entry, True, True, 5)
_boxes[2].pack_start(g.Separator.new(HORIZONTAL), True, True, 5)
_boxes[3].pack_start(m._request_area_cookie_ckbtn, False, True, 5)
_boxes[3].pack_start(m._request_area_cookie_entry, True, True, 5)
_boxes[3].pack_start(m._request_area_cookie_del_ckbtn, False, True, 5)
_boxes[3].pack_start(m._request_area_cookie_del_entry, False, True, 5)
m._request_area_live_cookies_chooser.connect(
'clicked',
self._handlers.set_file_entry_text,
[m._request_area_live_cookies_entry]
)
m._request_area_load_cookies_chooser.connect(
'clicked',
self._handlers.set_file_entry_text,
[m._request_area_load_cookies_entry]
)
_boxes[4].pack_start(m._request_area_drop_set_cookie_ckbtn, False, True, 5)
_boxes[4].pack_start(m._request_area_live_cookies_ckbtn, False, True, 5)
_boxes[4].pack_start(m._request_area_live_cookies_entry, True, True, 0)
_boxes[4].pack_start(m._request_area_live_cookies_chooser, False, True, 5)
_boxes[4].pack_start(m._request_area_load_cookies_ckbtn, False, True, 5)
_boxes[4].pack_start(m._request_area_load_cookies_entry, True, True, 0)
_boxes[4].pack_start(m._request_area_load_cookies_chooser, False, True, 5)
_boxes[5].pack_start(g.Separator.new(HORIZONTAL), True, True, 5)
m._request_area_auth_file_chooser.connect(
'clicked',
self._handlers.set_file_entry_text,
[m._request_area_auth_file_entry]
)
_boxes[6].pack_start(m._request_area_auth_type_ckbtn, False, True, 5)
_boxes[6].pack_start(m._request_area_auth_type_entry, True, True, 5)
_boxes[6].pack_start(m._request_area_auth_cred_ckbtn, False, True, 5)
_boxes[6].pack_start(m._request_area_auth_cred_entry, True, True, 5)
_boxes[6].pack_start(m._request_area_auth_file_ckbtn, False, True, 5)
_boxes[6].pack_start(m._request_area_auth_file_entry, True, True, 0)
_boxes[6].pack_start(m._request_area_auth_file_chooser, False, True, 5)
m._request_area_csrf_retries_entry.set_width_chars(5)
_boxes[7].pack_start(m._request_area_csrf_method_ckbtn, False, True, 5)
_boxes[7].pack_start(m._request_area_csrf_method_entry, False, True, 5)
_boxes[7].pack_start(m._request_area_csrf_retries_ckbtn, False, True, 5)
_boxes[7].pack_start(m._request_area_csrf_retries_entry, False, True, 5)
_boxes[7].pack_start(m._request_area_csrf_token_ckbtn, False, True, 5)
_boxes[7].pack_start(m._request_area_csrf_token_entry, True, True, 5)
_boxes[7].pack_start(m._request_area_csrf_url_ckbtn, False, True, 5)
_boxes[7].pack_start(m._request_area_csrf_url_entry, True, True, 5)
_request_data_opts = Box(orientation=VERTICAL, spacing = 5)
for _ in _boxes:
_request_data_opts.add(_)
_f.add(_request_data_opts)
return _f
def _build_page1_other_general(self, m):
f = Frame.new('通用项')
_boxes = [Box() for _ in range(10)]
_boxes[0].pack_start(m._page1_general_check_internet_ckbtn, False,
True, 5)
_boxes[0].pack_start(m._page1_general_fresh_queries_ckbtn, False, True,
5)
_boxes[0].pack_start(m._page1_general_forms_ckbtn, False, True, 5)
_boxes[0].pack_start(m._page1_general_parse_errors_ckbtn, False, True,
5)
_boxes[0].pack_start(m._page1_misc_cleanup_ckbtn, False, True, 5)
m._page1_general_preprocess_chooser.connect(
'clicked', self._handlers.set_file_entry_text,
[m._page1_general_preprocess_entry])
_boxes[1].pack_start(m._page1_general_table_prefix_ckbtn, False, True,
5)
_boxes[1].pack_start(m._page1_general_table_prefix_entry, False, True,
5)
_boxes[1].pack_start(m._page1_general_binary_fields_ckbtn, False, True,
5)
_boxes[1].pack_start(m._page1_general_binary_fields_entry, False, True,
5)
_boxes[1].pack_start(m._page1_general_preprocess_ckbtn, False, True, 5)
_boxes[1].pack_start(m._page1_general_preprocess_entry, True, True, 0)
_boxes[1].pack_start(m._page1_general_preprocess_chooser, False, True,
5)
_boxes[2].pack_start(m._page1_general_charset_ckbtn, False, True, 5)
_boxes[2].pack_start(m._page1_general_charset_entry, True, True, 5)
_boxes[2].pack_start(m._page1_general_encoding_ckbtn, False, True, 5)
_boxes[2].pack_start(m._page1_general_encoding_entry, False, True, 5)
m._page1_general_scope_chooser.connect(
'clicked', self._handlers.set_file_entry_text,
[m._page1_general_scope_entry])
_boxes[3].pack_start(m._page1_general_web_root_ckbtn, False, True, 5)
_boxes[3].pack_start(m._page1_general_web_root_entry, True, True, 5)
_boxes[3].pack_start(m._page1_general_scope_ckbtn, False, True, 5)
_boxes[3].pack_start(m._page1_general_scope_entry, True, True, 0)
_boxes[3].pack_start(m._page1_general_scope_chooser, False, True, 5)
_boxes[4].pack_start(m._page1_general_test_filter_ckbtn, False, True,
5)
_boxes[4].pack_start(m._page1_general_test_filter_entry, True, True, 5)
_boxes[4].pack_start(m._page1_general_test_skip_ckbtn, False, True, 5)
_boxes[4].pack_start(m._page1_general_test_skip_entry, True, True, 5)
m._page1_general_crawl_entry.set_width_chars(5)
_boxes[5].pack_start(m._page1_general_crawl_ckbtn, False, True, 5)
_boxes[5].pack_start(m._page1_general_crawl_entry, False, True, 5)
_boxes[5].pack_start(m._page1_general_crawl_exclude_ckbtn, False, True,
5)
_boxes[5].pack_start(m._page1_general_crawl_exclude_entry, True, True,
5)
_boxes[6].pack_start(g.Separator.new(HORIZONTAL), True, True, 5)
m._page1_general_traffic_file_chooser.connect(
'clicked', self._handlers.set_file_entry_text,
[m._page1_general_traffic_file_entry])
m._page1_general_har_chooser.connect(
'clicked', self._handlers.set_file_entry_text,
[m._page1_general_har_entry])
_boxes[7].pack_start(m._page1_general_traffic_file_ckbtn, False, True,
5)
_boxes[7].pack_start(m._page1_general_traffic_file_entry, True, True,
0)
_boxes[7].pack_start(m._page1_general_traffic_file_chooser, False,
True, 5)
_boxes[7].pack_start(m._page1_general_har_ckbtn, False, True, 5)
_boxes[7].pack_start(m._page1_general_har_entry, True, True, 0)
_boxes[7].pack_start(m._page1_general_har_chooser, False, True, 5)
m._page1_general_save_chooser.connect(
'clicked', self._handlers.set_file_entry_text,
[m._page1_general_save_entry])
_boxes[8].pack_start(m._page1_general_flush_session_ckbtn, False, True,
5)
_boxes[8].pack_start(m._page1_general_dump_format_ckbtn, False, True,
5)
_boxes[8].pack_start(m._page1_general_dump_format_entry, False, True,
5)
_boxes[8].pack_start(m._page1_general_csv_del_ckbtn, False, True, 5)
_boxes[8].pack_start(m._page1_general_csv_del_entry, False, True, 5)
_boxes[8].pack_start(m._page1_general_save_ckbtn, False, True, 5)
_boxes[8].pack_start(m._page1_general_save_entry, True, True, 0)
_boxes[8].pack_start(m._page1_general_save_chooser, False, True, 5)
m._page1_general_session_file_chooser.connect(
'clicked', self._handlers.set_file_entry_text,
[m._page1_general_session_file_entry])
m._page1_general_output_dir_chooser.connect(
'clicked', self._handlers.set_file_entry_text,
[m._page1_general_output_dir_entry, '选择 结果保存在哪'])
_boxes[9].pack_start(m._page1_general_session_file_ckbtn, False, True,
5)
_boxes[9].pack_start(m._page1_general_session_file_entry, True, True,
0)
_boxes[9].pack_start(m._page1_general_session_file_chooser, False,
True, 5)
_boxes[9].pack_start(m._page1_general_output_dir_ckbtn, False, True, 5)
_boxes[9].pack_start(m._page1_general_output_dir_entry, True, True, 0)
_boxes[9].pack_start(m._page1_general_output_dir_chooser, False, True,
5)
_page1_other_general_opts = Box(orientation=VERTICAL, spacing=6)
for _ in _boxes:
_page1_other_general_opts.add(_)
f.add(_page1_other_general_opts)
return f
def build_page1_setting_inject(self, m):
_f = Frame.new(m._('Injection'))
_boxes = [Box() for _ in range(13)]
m._inject_area_param_ckbtn.connect(
'clicked',
self.cb_single, m._detection_area_level_ckbtn)
i = 0
_boxes[i].pack_start(m._inject_area_param_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_param_entry, True, True, 5)
_ = g.ListStore(str)
for _data in (["GET"], ["POST"], ["URI"],
["Cookie"], ["User-Agent"], ["Referer"],
["Host"], ["(custom) POST"], ["(custom) HEADER"]):
_.append(_data)
m._inject_area_param_filter_combobox.set_model(_)
m._inject_area_param_filter_combobox.set_entry_text_column(0)
m._inject_area_param_filter_combobox.set_active(0)
m._inject_area_param_filter_combobox.get_child().set_editable(False)
i += 1
_boxes[i].pack_start(m._inject_area_param_filter_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_param_filter_combobox, True, True, 5)
# set_active(True)为选中状态
m._inject_area_skip_static_ckbtn.set_active(True)
i += 1
_boxes[i].pack_start(m._inject_area_skip_static_ckbtn, False, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_skip_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_skip_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_param_exclude_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_param_exclude_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_prefix_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_prefix_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_suffix_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_suffix_entry, True, True, 5)
_ = g.ListStore(str)
_.append(["postgresql"])
_.append(["MySQL <version>"])
_.append(["Microsoft SQL Server <version>"])
m._inject_area_dbms_combobox.set_model(_)
m._inject_area_dbms_combobox.set_entry_text_column(0)
i += 1
_boxes[i].pack_start(m._inject_area_dbms_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_dbms_combobox, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_dbms_cred_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_dbms_cred_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_os_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_os_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_no_cast_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_no_escape_ckbtn, False, True, 5)
_invalid_label = label.new('payload\'s invalid value:')
_invalid_label.set_tooltip_text('default:\nTrue: id=13, False: id=-13')
i += 1
_boxes[i].pack_start(_invalid_label, False, True, 5)
_boxes[i].pack_end(m._inject_area_invalid_bignum_ckbtn, False, True, 5)
i += 1
_boxes[i].pack_end(m._inject_area_invalid_string_ckbtn, False, True, 5)
_boxes[i].pack_end(m._inject_area_invalid_logical_ckbtn, False, True, 5)
_inject_area_opts = Box(orientation=VERTICAL, spacing=3)
for _ in _boxes:
_inject_area_opts.add(_)
_f.add(_inject_area_opts)
return _f
def _build_page1_setting_inject(self, m):
f = Frame.new('注入选项')
_boxes = [Box() for _ in range(13)]
m._inject_area_param_ckbtn.connect('clicked', self.cb_single,
m._detection_area_level_ckbtn)
_boxes[0].pack_start(m._inject_area_param_ckbtn, False, True, 5)
_boxes[0].pack_start(m._inject_area_param_entry, True, True, 5)
_ = g.ListStore(str)
_.append(["GET"])
_.append(["POST"])
_.append(["URI"])
_.append(["Cookie"])
_.append(["User-Agent"])
_.append(["Referer"])
_.append(["Host"])
_.append(["(custom) POST"])
_.append(["(custom) HEADER"])
m._inject_area_param_filter_combobox.set_model(_)
m._inject_area_param_filter_combobox.set_entry_text_column(0)
m._inject_area_param_filter_combobox.set_active(0)
m._inject_area_param_filter_combobox.get_child().set_editable(False)
_boxes[1].pack_start(m._inject_area_param_filter_ckbtn, False, True, 5)
_boxes[1].pack_start(m._inject_area_param_filter_combobox, True, True,
5)
# set_active(True)为选中状态
m._inject_area_skip_static_ckbtn.set_active(True)
_boxes[2].pack_start(m._inject_area_skip_static_ckbtn, False, True, 5)
_boxes[3].pack_start(m._inject_area_skip_ckbtn, False, True, 5)
_boxes[3].pack_start(m._inject_area_skip_entry, True, True, 5)
_boxes[4].pack_start(m._inject_area_param_exclude_ckbtn, False, True,
5)
_boxes[4].pack_start(m._inject_area_param_exclude_entry, True, True, 5)
_boxes[5].pack_start(m._inject_area_prefix_ckbtn, False, True, 5)
_boxes[5].pack_start(m._inject_area_prefix_entry, True, True, 5)
_boxes[6].pack_start(m._inject_area_suffix_ckbtn, False, True, 5)
_boxes[6].pack_start(m._inject_area_suffix_entry, True, True, 5)
_ = g.ListStore(str)
_.append(["postgresql"])
_.append(["MySQL <version>"])
_.append(["Microsoft SQL Server <version>"])
m._inject_area_dbms_combobox.set_model(_)
m._inject_area_dbms_combobox.set_entry_text_column(0)
_boxes[7].pack_start(m._inject_area_dbms_ckbtn, False, True, 5)
_boxes[7].pack_start(m._inject_area_dbms_combobox, True, True, 5)
_boxes[8].pack_start(m._inject_area_dbms_cred_ckbtn, False, True, 5)
_boxes[8].pack_start(m._inject_area_dbms_cred_entry, True, True, 5)
_boxes[9].pack_start(m._inject_area_os_ckbtn, False, True, 5)
_boxes[9].pack_start(m._inject_area_os_entry, True, True, 5)
_boxes[10].pack_start(m._inject_area_no_cast_ckbtn, False, True, 5)
_boxes[10].pack_start(m._inject_area_no_escape_ckbtn, False, True, 5)
_invalid_label = label.new('对payload中无效值:')
_invalid_label.set_tooltip_text('默认情况下, 要使原参数值无效时会改成相反数\n'
'真: id=13 假: id=-13')
_boxes[11].pack_start(_invalid_label, False, True, 5)
_boxes[11].pack_end(m._inject_area_invalid_logic_ckbtn, False, True, 5)
_boxes[12].pack_end(m._inject_area_invalid_str_ckbtn, False, True, 5)
_boxes[12].pack_end(m._inject_area_invalid_bignum_ckbtn, False, True,
5)
_inject_area_opts = Box(orientation=VERTICAL, spacing=3)
for _ in _boxes:
_inject_area_opts.add(_)
f.add(_inject_area_opts)
return f