HackingScripts/template.py

#!/usr/bin/env python

import sys
import json
import urllib.parse

def generate_template(base_url, features):

    variables = {
        "IP_ADDRESS": "util.get_address()", 
        "BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"',
        "PROXIES": json.dumps({"http":"http://127.0.0.1:8080", "https":"http://127.0.0.1:8080"})
    }
    
    if "proxies" in features or "burp" in features:
        proxy = """
    if \"proxies\" not in kwargs:
        kwargs[\"proxies\"] = PROXIES
"""
    else:
        proxy = ""

    if "vhost" in features or "subdomain" in features:
        url_parts = urllib.parse.urlparse(base_url)
        host_name = url_parts.netloc
        variables["HOST_NAME"] = f"'{host_name}' if \"LOCAL\" not in sys.argv else \"127.0.0.1:1337\""
        vhost_param = ", vhost=None"
        full_url = f"f'{url_parts.scheme}://{{vhost}}.{{HOST_NAME}}{{uri}}' if vhost else BASE_URL + uri"
    else:
        vhost_param = ""
        full_url = "BASE_URL + uri"

    request_method = f"""def request(method, uri{vhost_param}, **kwargs):
    if not uri.startswith("/") and uri != "":
        uri = "/" + uri

    client = requests
    if "session" in kwargs:
        client = kwargs["session"]
        del kwargs["session"]
    
    if "allow_redirects" not in kwargs:
        kwargs["allow_redirects"] = False
    
    if "verify" not in kwargs:
        kwargs["verify"] = False
    {proxy}
    url = {full_url}
    return client.request(method, url, **kwargs)
"""

    methods = [request_method]

    if "login" in features or "account" in features:
        variables["USERNAME"] = '"Blindhero"'
        variables["PASSWORD"] = '"test1234"'
        methods.append("""
def login(username, password):
    session = requests.Session()
    res = request("POST", "/login", data={"username": username, "password": password}, session=session)
    if res.status_code != 200:
        print("[-] Error logging in")
        exit()
    
    return session
""")

    if "register" in features or "account" in features:
        variables["USERNAME"] = '"Blindhero"'
        variables["PASSWORD"] = '"test1234"'
        methods.append("""
def register(username, password):
    res = request("POST", "/register", data={"username": username, "password": password})
    if res.status_code != 200:
        print("[-] Error registering")
        exit()
    
    return True
""")

    main = """
if __name__ == "__main__":
    pass
"""

    variables = "\n".join(f"{k} = {v}" for k, v in variables.items())
    header = f"""#!/usr/bin/env python

# THE BASE OF THIS FILE WAS AUTOMATICALLY GENERATED BY template.py, for more information, visit
# https://git.romanh.de/Roman/HackingScripts

import os
import io
import re
import sys
import json
import time
import base64
import requests
import subprocess
import urllib.parse
from bs4 import BeautifulSoup
from hackingscripts import util, rev_shell
from hackingscripts.fileserver import HttpFileServer
from hackingscripts.sqli import MySQLi, PostgreSQLi
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)

{variables}

"""

    return header + "".join(methods) + main

if __name__ == "__main__":

    if len(sys.argv) < 2:
        print("Usage: %s <URL> [features]" % sys.argv[0])
        exit()

    url = sys.argv[1]
    if "://" not in url:
        url = "http://" + url

    features = [] if len(sys.argv) < 3 else sys.argv[2].split(",")
    template = generate_template(url, features)
    print(template)
bugfixes + exploit template 2021-05-31 14:13:01 +02:00			`#!/usr/bin/env python`

			`import sys`
template update 2023-12-18 00:35:23 +01:00			`import json`
			`import urllib.parse`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00
new functions 2023-10-01 11:23:05 +02:00			`def generate_template(base_url, features):`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00
template update 2023-12-18 00:35:23 +01:00			`variables = {`
			`"IP_ADDRESS": "util.get_address()",`
			`"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"',`
			`"PROXIES": json.dumps({"http":"http://127.0.0.1:8080", "https":"http://127.0.0.1:8080"})`
			`}`

template features 2023-10-04 12:24:41 +02:00			`if "proxies" in features or "burp" in features:`
new functions 2023-10-01 11:23:05 +02:00			`proxy = """`
template features 2023-10-04 12:24:41 +02:00			`if \"proxies\" not in kwargs:`
template update 2023-12-18 00:35:23 +01:00			`kwargs[\"proxies\"] = PROXIES`
new functions 2023-10-01 11:23:05 +02:00			`"""`
			`else:`
			`proxy = ""`
Bugfixes 2021-06-11 12:44:35 +02:00
template update 2023-12-18 00:35:23 +01:00			`if "vhost" in features or "subdomain" in features:`
			`url_parts = urllib.parse.urlparse(base_url)`
			`host_name = url_parts.netloc`
			`variables["HOST_NAME"] = f"'{host_name}' if \"LOCAL\" not in sys.argv else \"127.0.0.1:1337\""`
			`vhost_param = ", vhost=None"`
			`full_url = f"f'{url_parts.scheme}://{{vhost}}.{{HOST_NAME}}{{uri}}' if vhost else BASE_URL + uri"`
			`else:`
			`vhost_param = ""`
			`full_url = "BASE_URL + uri"`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00
template update 2023-12-18 00:35:23 +01:00			`request_method = f"""def request(method, uri{vhost_param}, **kwargs):`
Update 2021-10-25 17:25:49 +02:00			`if not uri.startswith("/") and uri != "":`
			`uri = "/" + uri`

			`client = requests`
			`if "session" in kwargs:`
			`client = kwargs["session"]`
			`del kwargs["session"]`
Bugfix 2022-01-16 23:40:35 +01:00
			`if "allow_redirects" not in kwargs:`
			`kwargs["allow_redirects"] = False`

			`if "verify" not in kwargs:`
			`kwargs["verify"] = False`
new functions 2023-10-01 11:23:05 +02:00			`{proxy}`
template update 2023-12-18 00:35:23 +01:00			`url = {full_url}`
			`return client.request(method, url, **kwargs)`
new functions 2023-10-01 11:23:05 +02:00			`"""`

			`methods = [request_method]`

			`if "login" in features or "account" in features:`
			`variables["USERNAME"] = '"Blindhero"'`
			`variables["PASSWORD"] = '"test1234"'`
			`methods.append("""`
			`def login(username, password):`
			`session = requests.Session()`
			`res = request("POST", "/login", data={"username": username, "password": password}, session=session)`
			`if res.status_code != 200:`
			`print("[-] Error logging in")`
			`exit()`

			`return session`
			`""")`

			`if "register" in features or "account" in features:`
			`variables["USERNAME"] = '"Blindhero"'`
			`variables["PASSWORD"] = '"test1234"'`
			`methods.append("""`
			`def register(username, password):`
			`res = request("POST", "/register", data={"username": username, "password": password})`
			`if res.status_code != 200:`
			`print("[-] Error registering")`
			`exit()`

			`return True`
			`""")`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00
new functions 2023-10-01 11:23:05 +02:00			`main = """`
Bugfixes 2021-06-11 12:44:35 +02:00			`if __name__ == "__main__":`
Update 2021-10-25 17:25:49 +02:00			`pass`
new functions 2023-10-01 11:23:05 +02:00			`"""`

			`variables = "\n".join(f"{k} = {v}" for k, v in variables.items())`
			`header = f"""#!/usr/bin/env python`

rev shell fixes 2023-10-05 15:43:20 +02:00			`# THE BASE OF THIS FILE WAS AUTOMATICALLY GENERATED BY template.py, for more information, visit`
			`# https://git.romanh.de/Roman/HackingScripts`

new functions 2023-10-01 11:23:05 +02:00			`import os`
template update 2023-12-18 00:35:23 +01:00			`import io`
new functions 2023-10-01 11:23:05 +02:00			`import re`
			`import sys`
			`import json`
			`import time`
			`import base64`
			`import requests`
			`import subprocess`
			`import urllib.parse`
			`from bs4 import BeautifulSoup`
update 2023-11-26 14:10:54 +01:00			`from hackingscripts import util, rev_shell`
			`from hackingscripts.fileserver import HttpFileServer`
sqli template 2024-02-24 16:08:04 +01:00			`from hackingscripts.sqli import MySQLi, PostgreSQLi`
new functions 2023-10-01 11:23:05 +02:00			`from urllib3.exceptions import InsecureRequestWarning`
			`requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)`

			`{variables}`

			`"""`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00
new functions 2023-10-01 11:23:05 +02:00			`return header + "".join(methods) + main`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00
			`if __name__ == "__main__":`

			`if len(sys.argv) < 2:`
new functions 2023-10-01 11:23:05 +02:00			`print("Usage: %s <URL> [features]" % sys.argv[0])`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00			`exit()`

			`url = sys.argv[1]`
			`if "://" not in url:`
			`url = "http://" + url`

new functions 2023-10-01 11:23:05 +02:00			`features = [] if len(sys.argv) < 3 else sys.argv[2].split(",")`
			`template = generate_template(url, features)`
bugfixes + exploit template 2021-05-31 14:13:01 +02:00			`print(template)`