HackingScripts/template.py

108 lines
2.7 KiB
Python
Raw Normal View History

2021-05-31 14:13:01 +02:00
#!/usr/bin/env python
import sys
2023-10-01 11:23:05 +02:00
def generate_template(base_url, features):
2021-05-31 14:13:01 +02:00
2023-10-04 12:24:41 +02:00
if "proxies" in features or "burp" in features:
2023-10-01 11:23:05 +02:00
proxy = """
2023-10-04 12:24:41 +02:00
if \"proxies\" not in kwargs:
kwargs[\"proxies\"] = {\"http\":\"http://127.0.0.1:8080\", \"https\":\"http://127.0.0.1:8080\"}
2023-10-01 11:23:05 +02:00
"""
else:
proxy = ""
2021-06-11 12:44:35 +02:00
2023-10-01 11:23:05 +02:00
variables = {
"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"'
}
2021-05-31 14:13:01 +02:00
2023-10-01 11:23:05 +02:00
request_method = f"""def request(method, uri, **kwargs):
2021-10-25 17:25:49 +02:00
if not uri.startswith("/") and uri != "":
uri = "/" + uri
client = requests
if "session" in kwargs:
client = kwargs["session"]
del kwargs["session"]
2022-01-16 23:40:35 +01:00
if "allow_redirects" not in kwargs:
kwargs["allow_redirects"] = False
if "verify" not in kwargs:
kwargs["verify"] = False
2023-10-01 11:23:05 +02:00
{proxy}
2022-01-16 23:40:35 +01:00
return client.request(method, BASE_URL + uri, **kwargs)
2023-10-01 11:23:05 +02:00
"""
methods = [request_method]
if "login" in features or "account" in features:
variables["USERNAME"] = '"Blindhero"'
variables["PASSWORD"] = '"test1234"'
methods.append("""
def login(username, password):
session = requests.Session()
res = request("POST", "/login", data={"username": username, "password": password}, session=session)
if res.status_code != 200:
print("[-] Error logging in")
exit()
return session
""")
if "register" in features or "account" in features:
variables["USERNAME"] = '"Blindhero"'
variables["PASSWORD"] = '"test1234"'
methods.append("""
def register(username, password):
res = request("POST", "/register", data={"username": username, "password": password})
if res.status_code != 200:
print("[-] Error registering")
exit()
return True
""")
2021-05-31 14:13:01 +02:00
2023-10-01 11:23:05 +02:00
main = """
2021-06-11 12:44:35 +02:00
if __name__ == "__main__":
2021-10-25 17:25:49 +02:00
pass
2023-10-01 11:23:05 +02:00
"""
variables = "\n".join(f"{k} = {v}" for k, v in variables.items())
header = f"""#!/usr/bin/env python
import os
import re
import sys
import json
import time
import base64
import requests
import subprocess
import urllib.parse
from bs4 import BeautifulSoup
from hackingscripts import util, fileserver, rev_shell
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
{variables}
"""
2021-05-31 14:13:01 +02:00
2023-10-01 11:23:05 +02:00
return header + "".join(methods) + main
2021-05-31 14:13:01 +02:00
if __name__ == "__main__":
if len(sys.argv) < 2:
2023-10-01 11:23:05 +02:00
print("Usage: %s <URL> [features]" % sys.argv[0])
2021-05-31 14:13:01 +02:00
exit()
url = sys.argv[1]
if "://" not in url:
url = "http://" + url
2023-10-01 11:23:05 +02:00
features = [] if len(sys.argv) < 3 else sys.argv[2].split(",")
template = generate_template(url, features)
2021-05-31 14:13:01 +02:00
print(template)