本文整理汇总了Python中src.core.requests.parameters.vuln_GET_param函数的典型用法代码示例。如果您正苦于以下问题:Python vuln_GET_param函数的具体用法?Python vuln_GET_param怎么用?Python vuln_GET_param使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了vuln_GET_param函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: get_request
def get_request(url, http_request_method, filename, delay):
#if not settings.COOKIE_INJECTION:
found_url = parameters.do_GET_check(url)
if found_url != False:
check_parameters = []
for i in range(0, len(found_url)):
url = found_url[i]
check_parameter = parameters.vuln_GET_param(url)
check_parameters.append(check_parameter)
header_name = ""
checks.print_non_listed_params(check_parameters, http_request_method, header_name)
for i in range(0, len(found_url)):
url = found_url[i]
check_parameter = parameters.vuln_GET_param(url)
# Check if testable parameter(s) are provided
if len(settings.TEST_PARAMETER) > 0:
if check_parameter in settings.TEST_PARAMETER:
# Check for session file
check_for_stored_sessions(url, http_request_method)
injection_proccess(url, check_parameter, http_request_method, filename, delay)
else:
# Check for session file
check_for_stored_sessions(url, http_request_method)
injection_proccess(url, check_parameter, http_request_method, filename, delay)
# Enable Cookie Injection
if menu.options.level > settings.DEFAULT_INJECTION_LEVEL and menu.options.cookie:
settings.COOKIE_INJECTION = True
开发者ID:Cyber-Forensic,项目名称:commix,代码行数:32,代码来源:controller.py
示例2: icmp_exfiltration_handler
def icmp_exfiltration_handler(url,http_request_method):
# You need to have root privileges to run this script
if os.geteuid() != 0:
print colors.BGRED + "\n(x) Error: You need to have root privileges to run this option.\n" + colors.RESET
sys.exit(0)
if http_request_method == "GET":
url = parameters.do_GET_check(url)
vuln_parameter = parameters.vuln_GET_param(url)
request = urllib2.Request(url)
headers.do_check(request)
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
parameter = parameters.do_POST_check(parameter)
request = urllib2.Request(url, parameter)
headers.do_check(request)
vuln_parameter = parameters.vuln_POST_param(parameter,url)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
opener = urllib2.build_opener(proxy)
urllib2.install_opener(opener)
response = urllib2.urlopen(request)
except urllib2.HTTPError, err:
print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
sys.exit(1)
开发者ID:moscaliucpaulandrei,项目名称:commix,代码行数:30,代码来源:ICMP_Exfiltration.py
示例3: injection_test
def injection_test(payload, http_request_method, url):
# Check if defined method is GET (Default).
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
url = parameters.do_GET_check(url)
# Encoding non-ASCII characters payload.
payload = urllib.quote(payload)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = re.sub(settings.INJECT_TAG, payload, url)
request = urllib2.Request(target)
# Check if defined extra headers.
headers.do_check(request)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
response = proxy.use_proxy(request)
except urllib2.HTTPError, err:
print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
raise SystemExit()
# Check if defined Tor.
elif menu.options.tor:
try:
response = tor.use_tor(request)
except urllib2.HTTPError, err:
print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
raise SystemExit()
开发者ID:evilrovot,项目名称:commix,代码行数:35,代码来源:fb_injector.py
示例4: icmp_exfiltration_handler
def icmp_exfiltration_handler(url, http_request_method):
# You need to have root privileges to run this script
if os.geteuid() != 0:
print "\n" + Back.RED + "(x) Error: You need to have root privileges to run this option." + Style.RESET_ALL
os._exit(0)
if http_request_method == "GET":
url = parameters.do_GET_check(url)
vuln_parameter = parameters.vuln_GET_param(url)
request = urllib2.Request(url)
headers.do_check(request)
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
parameter = parameters.do_POST_check(parameter)
request = urllib2.Request(url, parameter)
headers.do_check(request)
vuln_parameter = parameters.vuln_POST_param(parameter, url)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
response = proxy.use_proxy(request)
except urllib2.HTTPError, err:
print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
os._exit(0)
开发者ID:R3NW4,项目名称:commix,代码行数:27,代码来源:icmp_exfiltration.py
示例5: icmp_exfiltration_handler
def icmp_exfiltration_handler(url, http_request_method):
# You need to have root privileges to run this script
if os.geteuid() != 0:
print "\n" + Back.RED + settings.ERROR_SIGN + "You need to have root privileges to run this option." + Style.RESET_ALL
os._exit(0)
if http_request_method == "GET":
#url = parameters.do_GET_check(url)
vuln_parameter = parameters.vuln_GET_param(url)
request = urllib2.Request(url)
headers.do_check(request)
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
parameter = parameters.do_POST_check(parameter)
request = urllib2.Request(url, parameter)
headers.do_check(request)
vuln_parameter = parameters.vuln_POST_param(parameter, url)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
response = proxy.use_proxy(request)
except urllib2.HTTPError, err:
if settings.IGNORE_ERR_MSG == False:
print "\n" + Back.RED + settings.ERROR_SIGN + str(err) + Style.RESET_ALL
continue_tests = checks.continue_tests(err)
if continue_tests == True:
settings.IGNORE_ERR_MSG = True
else:
os._exit(0)
开发者ID:hanshaze,项目名称:commix,代码行数:32,代码来源:icmp_exfiltration.py
示例6: injection_test
def injection_test(payload,http_request_method,url):
# Check if defined method is GET (Default).
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
url = parameters.do_GET_check(url)
# Encoding non-ASCII characters payload.
payload = urllib.quote(payload)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = re.sub(settings.INJECT_TAG, payload, url)
request = urllib2.Request(target)
# Check if defined extra headers.
headers.do_check(request)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
opener = urllib2.build_opener(proxy)
urllib2.install_opener(opener)
response = urllib2.urlopen(request)
except urllib2.HTTPError, err:
print "\n(x) Error : " + str(err)
sys.exit(1)
else:
response = urllib2.urlopen(request)
# Just to be sure
response.read()
开发者ID:MiauWuffMiau,项目名称:commix,代码行数:35,代码来源:fb_injector.py
示例7: injection_test
def injection_test(payload, http_request_method, url):
# Check if defined method is GET (Default).
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
#url = parameters.do_GET_check(url)
# Encoding spaces.
payload = payload.replace(" ","%20")
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = re.sub(settings.INJECT_TAG, payload, url)
request = urllib2.Request(target)
# Check if defined extra headers.
headers.do_check(request)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
response = proxy.use_proxy(request)
except urllib2.HTTPError, err:
print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
raise SystemExit()
except KeyboardInterrupt:
response = None
开发者ID:Mechkov,项目名称:commix,代码行数:29,代码来源:fb_injector.py
示例8: injection_test
def injection_test(payload, http_request_method, url):
# Check if defined method is GET (Default).
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
#url = parameters.do_GET_check(url)
# Encoding spaces.
payload = payload.replace(" ","%20")
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = re.sub(settings.INJECT_TAG, payload, url)
request = urllib2.Request(target)
# Check if defined extra headers.
headers.do_check(request)
try:
# Get the response of the request
response = get_request_response(request)
except KeyboardInterrupt:
response = None
# Check if defined method is POST.
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
# Check if its not specified the 'INJECT_HERE' tag
parameter = parameters.do_POST_check(parameter)
# Define the POST data
if settings.IS_JSON == False:
data = re.sub(settings.INJECT_TAG, payload, parameter)
request = urllib2.Request(url, data)
else:
payload = payload.replace("\"", "\\\"")
data = re.sub(settings.INJECT_TAG, urllib.unquote(payload), parameter)
try:
data = json.loads(data, strict = False)
except:
pass
request = urllib2.Request(url, json.dumps(data))
# Check if defined extra headers.
headers.do_check(request)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_POST_param(parameter, url)
try:
# Get the response of the request
response = get_request_response(request)
except KeyboardInterrupt:
response = None
return response, vuln_parameter
开发者ID:jamesshew,项目名称:commix,代码行数:60,代码来源:fb_injector.py
示例9: injection_test
def injection_test(payload, http_request_method, url):
start = 0
end = 0
start = time.time()
# Check if defined method is GET (Default).
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
#url = parameters.do_GET_check(url)
# Encoding non-ASCII characters payload.
payload = urllib.quote(payload)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = re.sub(settings.INJECT_TAG, payload, url)
request = urllib2.Request(target)
# Check if defined extra headers.
headers.do_check(request)
# Get the response of the request
response = get_request_response(request)
# Check if defined method is POST.
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
# Check if its not specified the 'INJECT_HERE' tag
parameter = parameters.do_POST_check(parameter)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_POST_param(parameter, url)
# Define the POST data
if settings.IS_JSON == False:
data = re.sub(settings.INJECT_TAG, payload, parameter)
request = urllib2.Request(url, data)
else:
payload = payload.replace("\"", "\\\"")
data = re.sub(settings.INJECT_TAG, urllib.unquote(payload), parameter)
data = json.loads(data, strict = False)
request = urllib2.Request(url, json.dumps(data))
# Check if defined extra headers.
headers.do_check(request)
# Get the response of the request
response = get_request_response(request)
end = time.time()
how_long = int(end - start)
return how_long, vuln_parameter
开发者ID:jack51706,项目名称:commix,代码行数:57,代码来源:tfb_injector.py
示例10: injection_test
def injection_test(payload, http_request_method, url):
# Check if defined method is GET (Default).
if http_request_method == "GET":
if " " in payload:
payload = payload.replace(" ","%20")
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = url.replace(settings.INJECT_TAG, payload)
request = urllib2.Request(target)
# Check if defined extra headers.
headers.do_check(request)
# Get the response of the request.
response = requests.get_request_response(request)
# Check if defined method is POST.
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
# Check if its not specified the 'INJECT_HERE' tag
parameter = parameters.do_POST_check(parameter)
parameter = parameter.replace("+","%2B")
# Define the POST data
if settings.IS_JSON:
payload = payload.replace("\"", "\\\"")
data = parameter.replace(settings.INJECT_TAG, urllib.unquote(payload))
try:
data = json.loads(data, strict = False)
except:
pass
request = urllib2.Request(url, json.dumps(data))
else:
if settings.IS_XML:
data = parameter.replace(settings.INJECT_TAG, urllib.unquote(payload))
else:
data = parameter.replace(settings.INJECT_TAG, payload)
request = urllib2.Request(url, data)
# Check if defined extra headers.
headers.do_check(request)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_POST_param(parameter, url)
# Get the response of the request.
response = requests.get_request_response(request)
return response, vuln_parameter
开发者ID:security-geeks,项目名称:commix,代码行数:52,代码来源:cb_injector.py
示例11: injection_test
def injection_test(payload, http_request_method, url):
start = 0
end = 0
start = time.time()
# Check if defined method is GET (Default).
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
#url = parameters.do_GET_check(url)
# Encoding non-ASCII characters payload.
payload = urllib.quote(payload)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = re.sub(settings.INJECT_TAG, payload, url)
request = urllib2.Request(target)
# Check if defined method is POST.
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
# Check if its not specified the 'INJECT_HERE' tag
parameter = parameters.do_POST_check(parameter)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_POST_param(parameter, url)
# Define the POST data
if settings.IS_JSON == False:
data = re.sub(settings.INJECT_TAG, payload, parameter)
request = urllib2.Request(url, data)
else:
payload = payload.replace("\"", "\\\"")
data = re.sub(settings.INJECT_TAG, urllib.unquote(payload), parameter)
data = json.loads(data, strict = False)
request = urllib2.Request(url, json.dumps(data))
# Check if defined extra headers.
headers.do_check(request)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
response = proxy.use_proxy(request)
except urllib2.HTTPError, err:
print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
raise SystemExit()
开发者ID:ROIXppttdr,项目名称:commix,代码行数:52,代码来源:tb_injector.py
示例12: icmp_exfiltration_handler
def icmp_exfiltration_handler(url,http_request_method):
# You need to have root privileges to run this script
if os.geteuid() != 0:
print colors.RED + "\n(x) Error: You need to have root privileges to run this option.\n" + colors.RESET
sys.exit(0)
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
url = parameters.do_GET_check(url)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
request_data = vuln_parameter
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
# Check if its not specified the 'INJECT_HERE' tag
parameter = parameters.do_POST_check(parameter)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_POST_param(parameter,url)
request_data = vuln_parameter
ip_data = menu.options.ip_icmp_data
# Load the module ICMP_Exfiltration
try:
from src.core.modules import ICMP_Exfiltration
except ImportError as e:
print colors.RED + "(x) Error:", e
print colors.RESET
sys.exit(1)
technique = "ICMP exfiltration technique"
sys.stdout.write( colors.BOLD + "(*) Testing the "+ technique + "... \n" + colors.RESET)
sys.stdout.flush()
ip_src = re.findall(r"ip_src=(.*),", ip_data)
ip_src = ''.join(ip_src)
ip_dst = re.findall(r"ip_dst=(.*)", ip_data)
ip_dst = ''.join(ip_dst)
ICMP_Exfiltration.exploitation(ip_dst,ip_src,url,http_request_method,request_data)
开发者ID:jdalessandro,项目名称:commix,代码行数:49,代码来源:classic.py
示例13: injection_test
def injection_test(payload,http_request_method,url):
# Check if defined method is GET (Default).
if http_request_method == "GET":
# Check if its not specified the 'INJECT_HERE' tag
url = parameters.do_GET_check(url)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_GET_param(url)
target = re.sub(settings.INJECT_TAG, payload, url)
request = urllib2.Request(target)
# Check if defined extra headers.
headers.do_check(request)
# Check if defined method is POST.
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
# Check if its not specified the 'INJECT_HERE' tag
parameter = parameters.do_POST_check(parameter)
# Define the POST data
data = re.sub(settings.INJECT_TAG, payload, parameter)
request = urllib2.Request(url, data)
# Check if defined extra headers.
headers.do_check(request)
# Define the vulnerable parameter
vuln_parameter = parameters.vuln_POST_param(parameter,url)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
opener = urllib2.build_opener(proxy)
urllib2.install_opener(opener)
response = urllib2.urlopen(request)
except urllib2.HTTPError, err:
print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
sys.exit(1)
开发者ID:TheNameIsNigel,项目名称:commix,代码行数:43,代码来源:cb_injector.py
示例14: dns_exfiltration_handler
def dns_exfiltration_handler(url, http_request_method):
# Check injection state
settings.DETECTION_PHASE = True
settings.EXPLOITATION_PHASE = False
# You need to have root privileges to run this script
if os.geteuid() != 0:
err_msg = "You need to have root privileges to run this option."
print "\n" + settings.print_critical_msg(err_msg)
os._exit(0)
if http_request_method == "GET":
#url = parameters.do_GET_check(url)
vuln_parameter = parameters.vuln_GET_param(url)
request = urllib2.Request(url)
headers.do_check(request)
else:
parameter = menu.options.data
parameter = urllib2.unquote(parameter)
parameter = parameters.do_POST_check(parameter)
request = urllib2.Request(url, parameter)
headers.do_check(request)
vuln_parameter = parameters.vuln_POST_param(parameter, url)
# Check if defined any HTTP Proxy.
if menu.options.proxy:
try:
response = proxy.use_proxy(request)
except urllib2.HTTPError, err_msg:
if str(err_msg.code) == settings.INTERNAL_SERVER_ERROR:
response = False
elif settings.IGNORE_ERR_MSG == False:
err = str(err_msg) + "."
print "\n" + settings.print_critical_msg(err)
continue_tests = checks.continue_tests(err_msg)
if continue_tests == True:
settings.IGNORE_ERR_MSG = True
else:
os._exit(0)
开发者ID:security-geeks,项目名称:commix,代码行数:39,代码来源:dns_exfiltration.py
示例15: cb_injection_handler
#.........这里部分代码省略.........
no_result = False
# Check injection state
settings.DETECTION_PHASE = False
settings.EXPLOITATION_PHASE = True
if settings.COOKIE_INJECTION == True:
header_name = " cookie"
found_vuln_parameter = vuln_parameter
the_type = " parameter"
elif settings.USER_AGENT_INJECTION == True:
header_name = " User-Agent"
found_vuln_parameter = ""
the_type = " HTTP header"
elif settings.REFERER_INJECTION == True:
header_name = " Referer"
found_vuln_parameter = ""
the_type = " HTTP header"
elif settings.HOST_INJECTION == True:
header_name = " Host"
found_vuln_parameter = ""
the_type = " HTTP header"
elif settings.CUSTOM_HEADER_INJECTION == True:
header_name = " " + settings.CUSTOM_HEADER_NAME
found_vuln_parameter = ""
the_type = " HTTP header"
else:
header_name = ""
the_type = " parameter"
if http_request_method == "GET":
found_vuln_parameter = parameters.vuln_GET_param(url)
else :
found_vuln_parameter = vuln_parameter
if len(found_vuln_parameter) != 0 :
found_vuln_parameter = " '" + found_vuln_parameter + Style.RESET_ALL + Style.BRIGHT + "'"
# Print the findings to log file.
if export_injection_info == False:
export_injection_info = logs.add_type_and_technique(export_injection_info, filename, injection_type, technique)
if vp_flag == True:
vp_flag = logs.add_parameter(vp_flag, filename, the_type, header_name, http_request_method, vuln_parameter, payload)
logs.update_payload(filename, counter, payload)
counter = counter + 1
if not settings.LOAD_SESSION:
if not settings.VERBOSITY_LEVEL >= 1:
print ""
else:
checks.total_of_requests()
# Print the findings to terminal.
success_msg = "The"
if len(found_vuln_parameter) > 0 and not "cookie" in header_name :
success_msg += " " + http_request_method + ""
success_msg += ('', ' (JSON)')[settings.IS_JSON] + ('', ' (SOAP/XML)')[settings.IS_XML] + the_type + header_name
success_msg += found_vuln_parameter + " seems injectable via "
success_msg += "(" + injection_type.split(" ")[0] + ") " + technique + "."
print settings.print_success_msg(success_msg)
print settings.SUB_CONTENT_SIGN + "Payload: " + str(checks.url_decode(payload)) + Style.RESET_ALL
# Export session
if not settings.LOAD_SESSION:
session_handler.injection_point_importation(url, technique, injection_type, separator, shell[0], vuln_parameter, prefix, suffix, TAG, alter_shell, payload, http_request_method, url_time_response=0, timesec=0, how_long=0, output_length=0, is_vulnerable=menu.options.level)
开发者ID:security-geeks,项目名称:commix,代码行数:67,代码来源:cb_handler.py
示例16: eb_injection_handler
#.........这里部分代码省略.........
except:
continue
# Yaw, got shellz!
# Do some magic tricks!
if shell:
found = True
no_result = False
# Print the findings to log file.
if export_injection_info == False:
output_file = open(filename + ".txt", "a")
output_file.write("\n(+) Type : " + injection_type)
output_file.write("\n(+) Technique : " + technique.title())
output_file.close()
export_injection_info = True
if http_request_method == "GET":
# Print the findings to log file
if vp_flag == True:
output_file = open(filename + ".txt", "a")
output_file.write("\n(+) Parameter : " + vuln_parameter + " (" + http_request_method + ")")
output_file.write("\n")
vp_flag = False
output_file.close()
counter = counter + 1
output_file = open(filename + ".txt", "a")
output_file.write(" (" + str(counter) + ") Payload : " + re.sub("%20", " ", payload) + "\n")
output_file.close()
# Vulnerable Parameter
GET_vuln_param = parameters.vuln_GET_param(url)
# Print the findings to terminal.
print Style.BRIGHT + "\n(!) The (" + http_request_method + ") '" + Style.UNDERLINE + GET_vuln_param + Style.RESET_ALL + Style.BRIGHT + "' parameter is vulnerable to " + injection_type + "." + Style.RESET_ALL
print " (+) Type : " + Fore.YELLOW + Style.BRIGHT + injection_type + Style.RESET_ALL + ""
print " (+) Technique : " + Fore.YELLOW + Style.BRIGHT + technique.title() + Style.RESET_ALL + ""
print " (+) Payload : " + Fore.YELLOW + Style.BRIGHT + re.sub(
"%20", " ", payload
) + Style.RESET_ALL
else:
# Print the findings to log file
if vp_flag == True:
output_file = open(filename + ".txt", "a")
output_file.write("\n(+) Parameter : " + vuln_parameter + " (" + http_request_method + ")")
vp_flag = False
output_file.close()
counter = counter + 1
output_file = open(filename + ".txt", "a")
output_file.write(" (" + str(counter) + ") Payload : " + re.sub("%20", " ", payload) + "\n")
output_file.close()
# Vulnerable Parameter
POST_vuln_param = vuln_parameter
# Print the findings to terminal.
print Style.BRIGHT + "\n(!) The (" + http_request_method + ") '" + Style.UNDERLINE + POST_vuln_param + Style.RESET_ALL + Style.BRIGHT + "' parameter is vulnerable to " + injection_type + "." + Style.RESET_ALL
print " (+) Type : " + Fore.YELLOW + Style.BRIGHT + injection_type + Style.RESET_ALL + ""
print " (+) Technique : " + Fore.YELLOW + Style.BRIGHT + technique.title() + Style.RESET_ALL + ""
print " (+) Payload : " + Fore.YELLOW + Style.BRIGHT + re.sub(
"%20", " ", payload
) + Style.RESET_ALL
开发者ID:bupt007,项目名称:commix,代码行数:67,代码来源:eb_handler.py
示例17: eb_injection_handler
#.........这里部分代码省略.........
except:
continue
# Yaw, got shellz!
# Do some magic tricks!
if shell:
found = True
no_result = False
if settings.COOKIE_INJECTION == True:
header_name = " cookie"
found_vuln_parameter = vuln_parameter
the_type = " parameter"
elif settings.USER_AGENT_INJECTION == True:
header_name = " User-Agent"
found_vuln_parameter = ""
the_type = " HTTP header"
elif settings.REFERER_INJECTION == True:
header_name = " Referer"
found_vuln_parameter = ""
the_type = " HTTP header"
elif settings.CUSTOM_HEADER_INJECTION == True:
header_name = " " + settings.CUSTOM_HEADER_NAME
found_vuln_parameter = ""
the_type = " HTTP header"
else:
header_name = ""
the_type = " parameter"
if http_request_method == "GET":
found_vuln_parameter = parameters.vuln_GET_param(url)
else :
found_vuln_parameter = vuln_parameter
if len(found_vuln_parameter) != 0 :
found_vuln_parameter = " '" + Style.UNDERLINE + found_vuln_parameter + Style.RESET_ALL + Style.BRIGHT + "'"
# Print the findings to log file.
if export_injection_info == False:
export_injection_info = logs.add_type_and_technique(export_injection_info, filename, injection_type, technique)
if vp_flag == True:
vp_flag = logs.add_parameter(vp_flag, filename, the_type, header_name, http_request_method, vuln_parameter, payload)
logs.update_payload(filename, counter, payload)
counter = counter + 1
if not settings.LOAD_SESSION:
print ""
# Print the findings to terminal.
success_msg = "The (" + http_request_method + ")"
success_msg += found_vuln_parameter + header_name
success_msg += the_type + " is vulnerable to " + injection_type + "."
print settings.print_success_msg(success_msg)
print " (+) Type : " + Fore.YELLOW + Style.BRIGHT + injection_type + Style.RESET_ALL + ""
print " (+) Technique : " + Fore.YELLOW + Style.BRIGHT + technique.title() + Style.RESET_ALL + ""
print " (+) Payload : " + Fore.YELLOW + Style.BRIGHT + re.sub("%20", " ", payload) + Style.RESET_ALL
# Export session
if not settings.LOAD_SESSION:
session_handler.injection_point_importation(url, technique, injection_type, separator, shell[0], vuln_parameter, prefix, suffix, TAG, alter_shell, payload, http_request_method, url_time_response=0, delay=0, how_long=0, output_length=0, is_vulnerable="True")
else:
whitespace = settings.WHITESPACE[0]
settings.LOAD_SESSION = False
开发者ID:HugoDelval,项目名称:commix,代码行数:67,代码来源:eb_handler.py
示例18: tb_injection_handler
#.........这里部分代码省略.........
except SystemExit:
raise
except:
break
# Yaw, got shellz!
# Do some magic tricks!
if how_long == previous_how_long + delay:
if (len(TAG) == output_length) and (is_vulnerable == True):
found = True
no_result = False
is_vulnerable = False
if settings.COOKIE_INJECTION == True:
header_name = " Cookie"
found_vuln_parameter = vuln_parameter
the_type = " HTTP header"
elif settings.USER_AGENT_INJECTION == True:
header_name = " User-Agent"
found_vuln_parameter = ""
the_type = " HTTP header"
elif settings.REFERER_INJECTION == True:
header_name = " Referer"
found_vuln_parameter = ""
the_type = " HTTP header"
else:
header_name = ""
the_type = " parameter"
if http_request_method == "GET":
found_vuln_parameter = parameters.vuln_GET_param(url)
else :
found_vuln_parameter = vuln_parameter
if len(found_vuln_parameter) != 0 :
found_vuln_parameter = " '" + Style.UNDERLINE + found_vuln_parameter + Style.RESET_ALL + Style.BRIGHT + "'"
# Print the findings to log file.
if export_injection_info == False:
export_injection_info = logs.add_type_and_technique(export_injection_info, filename, injection_type, technique)
if vp_flag == True:
vp_flag = logs.add_parameter(vp_flag, filename, http_request_method, vuln_parameter, payload)
logs.update_payload(filename, counter, payload)
counter = counter + 1
# Print the findings to terminal.
print Style.BRIGHT + "\n(!) The ("+ http_request_method + ")" + found_vuln_parameter + header_name + the_type + " is vulnerable to "+ injection_type + "." + Style.RESET_ALL
print " (+) Type : "+ Fore.YELLOW + Style.BRIGHT + injection_type + Style.RESET_ALL + ""
print " (+) Technique : "+ Fore.YELLOW + Style.BRIGHT + technique.title() + Style.RESET_ALL + ""
print " (+) Payload : "+ Fore.YELLOW + Style.BRIGHT + re.sub("%20", " ", payload.replace("\n", "\\n")) + Style.RESET_ALL
# Check for any enumeration options.
if settings.ENUMERATION_DONE == True:
while True:
enumerate_again = raw_input("\n(?) Do you want to enumerate again? [Y/n/q] > ").lower()
if enumerate_again in settings.CHOISE_YES:
tb_enumeration.do_check(separator, maxlen, TAG, prefix, suffix, delay, http_request_method, url, vuln_parameter, alter_shell, filename)
break
elif enumerate_again in settings.CHOISE_NO:
break
elif enumerate_again in settings.CHOISE_QUIT:
sys.exit(0)
else:
开发者ID:BwRy,项目名称:commix,代码行数:67,代码来源:tb_handler.py
示例19: cb_injection_handler
#.........这里部分代码省略.........
shell = cb_injector.injection_test_results(response, TAG, randvcalc)
if not menu.options.verbose:
percent = ((i*100)/total)
if percent == 100:
if no_result == True:
percent = Fore.RED + "FAILED" + Style.RESET_ALL
else:
percent = str(percent)+"%"
elif len(shell) != 0:
percent = Fore.GREEN + "SUCCEED" + Style.RESET_ALL
else:
percent = str(percent)+"%"
sys.stdout.write("\r(*) Testing the "+ technique + "... " + "[ " + percent + " ]")
sys.stdout.flush()
except KeyboardInterrupt:
raise
except:
continue
# Yaw, got shellz!
# Do some magic tricks!
if shell:
found = True
no_result = False
if settings.COOKIE_INJECTION == True:
http_request_method = "cookie"
found_vuln_parameter = vuln_parameter
else:
if http_request_method == "GET":
found_vuln_parameter = parameters.vuln_GET_param(url)
else :
found_vuln_parameter = vuln_parameter
# Print the findings to log file.
if export_injection_info == False:
export_injection_info = logs.add_type_and_technique(export_injection_info, filename, injection_type, technique)
if vp_flag == True:
vp_flag = logs.add_parameter(vp_flag, filename, http_request_method, vuln_parameter, payload)
logs.upload_payload(filename, counter, payload)
counter = counter + 1
# Print the findings to terminal.
print Style.BRIGHT + "\n(!) The ("+ http_request_method + ") '" + Style.UNDERLINE + found_vuln_parameter + Style.RESET_ALL + Style.BRIGHT + "' parameter is vulnerable to "+ injection_type +"."+ Style.RESET_ALL
print " (+) Type : "+ Fore.YELLOW + Style.BRIGHT + injection_type + Style.RESET_ALL + ""
print " (+) Technique : "+ Fore.YELLOW + Style.BRIGHT + technique.title() + Style.RESET_ALL + ""
print " (+) Payload : "+ Fore.YELLOW + Style.BRIGHT + re.sub("%20", " ", payload) + Style.RESET_ALL
# Check for any enumeration options.
cb_enumeration.do_check(separator, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell)
# Check for any system file access options.
cb_file_access.do_check(separator, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell)
# Pseudo-Terminal shell
while True:
gotshell = raw_input("\n(?) Do you want a Pseudo-Terminal shell? [Y/n] > ").lower()
if gotshell in settings.CHOISE_YES:
print ""
print "Pseudo-Terminal (type 'q' or use <Ctrl-C> to quit)"
while True:
try:
cmd = raw_input("Shell > ")
开发者ID:azizjonm,项目名称:commix,代码行数:67,代码来源:cb_handler.py
|
请发表评论