HackingScripts/template.py

113 lines
2.9 KiB
Python
Raw Normal View History

2021-05-31 14:13:01 +02:00
#!/usr/bin/env python
import sys
2023-10-01 11:23:05 +02:00
def generate_template(base_url, features):
2021-05-31 14:13:01 +02:00
2023-10-04 12:24:41 +02:00
if "proxies" in features or "burp" in features:
2023-10-01 11:23:05 +02:00
proxy = """
2023-10-04 12:24:41 +02:00
if \"proxies\" not in kwargs:
kwargs[\"proxies\"] = {\"http\":\"http://127.0.0.1:8080\", \"https\":\"http://127.0.0.1:8080\"}
2023-10-01 11:23:05 +02:00
"""
else:
proxy = ""
2021-06-11 12:44:35 +02:00
2023-10-01 11:23:05 +02:00
variables = {
2023-11-26 14:10:54 +01:00
"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"',
"IP_ADDRESS": "util.get_address()",
2023-10-01 11:23:05 +02:00
}
2021-05-31 14:13:01 +02:00
2023-10-01 11:23:05 +02:00
request_method = f"""def request(method, uri, **kwargs):
2021-10-25 17:25:49 +02:00
if not uri.startswith("/") and uri != "":
uri = "/" + uri
client = requests
if "session" in kwargs:
client = kwargs["session"]
del kwargs["session"]
2022-01-16 23:40:35 +01:00
if "allow_redirects" not in kwargs:
kwargs["allow_redirects"] = False
if "verify" not in kwargs:
kwargs["verify"] = False
2023-10-01 11:23:05 +02:00
{proxy}
2022-01-16 23:40:35 +01:00
return client.request(method, BASE_URL + uri, **kwargs)
2023-10-01 11:23:05 +02:00
"""
methods = [request_method]
if "login" in features or "account" in features:
variables["USERNAME"] = '"Blindhero"'
variables["PASSWORD"] = '"test1234"'
methods.append("""
def login(username, password):
session = requests.Session()
res = request("POST", "/login", data={"username": username, "password": password}, session=session)
if res.status_code != 200:
print("[-] Error logging in")
exit()
return session
""")
if "register" in features or "account" in features:
variables["USERNAME"] = '"Blindhero"'
variables["PASSWORD"] = '"test1234"'
methods.append("""
def register(username, password):
res = request("POST", "/register", data={"username": username, "password": password})
if res.status_code != 200:
print("[-] Error registering")
exit()
return True
""")
2021-05-31 14:13:01 +02:00
2023-10-01 11:23:05 +02:00
main = """
2021-06-11 12:44:35 +02:00
if __name__ == "__main__":
2021-10-25 17:25:49 +02:00
pass
2023-10-01 11:23:05 +02:00
"""
variables = "\n".join(f"{k} = {v}" for k, v in variables.items())
header = f"""#!/usr/bin/env python
2023-10-05 15:43:20 +02:00
# THE BASE OF THIS FILE WAS AUTOMATICALLY GENERATED BY template.py, for more information, visit
# https://git.romanh.de/Roman/HackingScripts
2023-10-01 11:23:05 +02:00
import os
import re
import sys
import json
import time
import base64
import requests
import subprocess
import urllib.parse
from bs4 import BeautifulSoup
2023-11-26 14:10:54 +01:00
from hackingscripts import util, rev_shell
from hackingscripts.fileserver import HttpFileServer
2023-10-01 11:23:05 +02:00
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
{variables}
"""
2021-05-31 14:13:01 +02:00
2023-10-01 11:23:05 +02:00
return header + "".join(methods) + main
2021-05-31 14:13:01 +02:00
if __name__ == "__main__":
if len(sys.argv) < 2:
2023-10-01 11:23:05 +02:00
print("Usage: %s <URL> [features]" % sys.argv[0])
2021-05-31 14:13:01 +02:00
exit()
url = sys.argv[1]
if "://" not in url:
url = "http://" + url
2023-10-01 11:23:05 +02:00
features = [] if len(sys.argv) < 3 else sys.argv[2].split(",")
template = generate_template(url, features)
2021-05-31 14:13:01 +02:00
print(template)