2021-05-31 14:13:01 +02:00
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
|
|
import sys
|
2023-12-18 00:35:23 +01:00
|
|
|
import json
|
|
|
|
import urllib.parse
|
2021-05-31 14:13:01 +02:00
|
|
|
|
2023-10-01 11:23:05 +02:00
|
|
|
def generate_template(base_url, features):
|
2021-05-31 14:13:01 +02:00
|
|
|
|
2023-12-18 00:35:23 +01:00
|
|
|
variables = {
|
|
|
|
"IP_ADDRESS": "util.get_address()",
|
|
|
|
"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"',
|
|
|
|
"PROXIES": json.dumps({"http":"http://127.0.0.1:8080", "https":"http://127.0.0.1:8080"})
|
|
|
|
}
|
|
|
|
|
2023-10-04 12:24:41 +02:00
|
|
|
if "proxies" in features or "burp" in features:
|
2023-10-01 11:23:05 +02:00
|
|
|
proxy = """
|
2023-10-04 12:24:41 +02:00
|
|
|
if \"proxies\" not in kwargs:
|
2023-12-18 00:35:23 +01:00
|
|
|
kwargs[\"proxies\"] = PROXIES
|
2023-10-01 11:23:05 +02:00
|
|
|
"""
|
|
|
|
else:
|
|
|
|
proxy = ""
|
2021-06-11 12:44:35 +02:00
|
|
|
|
2023-12-18 00:35:23 +01:00
|
|
|
if "vhost" in features or "subdomain" in features:
|
|
|
|
url_parts = urllib.parse.urlparse(base_url)
|
|
|
|
host_name = url_parts.netloc
|
|
|
|
variables["HOST_NAME"] = f"'{host_name}' if \"LOCAL\" not in sys.argv else \"127.0.0.1:1337\""
|
|
|
|
vhost_param = ", vhost=None"
|
|
|
|
full_url = f"f'{url_parts.scheme}://{{vhost}}.{{HOST_NAME}}{{uri}}' if vhost else BASE_URL + uri"
|
|
|
|
else:
|
|
|
|
vhost_param = ""
|
|
|
|
full_url = "BASE_URL + uri"
|
2021-05-31 14:13:01 +02:00
|
|
|
|
2023-12-18 00:35:23 +01:00
|
|
|
request_method = f"""def request(method, uri{vhost_param}, **kwargs):
|
2021-10-25 17:25:49 +02:00
|
|
|
if not uri.startswith("/") and uri != "":
|
|
|
|
uri = "/" + uri
|
|
|
|
|
|
|
|
client = requests
|
|
|
|
if "session" in kwargs:
|
|
|
|
client = kwargs["session"]
|
|
|
|
del kwargs["session"]
|
2022-01-16 23:40:35 +01:00
|
|
|
|
|
|
|
if "allow_redirects" not in kwargs:
|
|
|
|
kwargs["allow_redirects"] = False
|
|
|
|
|
|
|
|
if "verify" not in kwargs:
|
|
|
|
kwargs["verify"] = False
|
2023-10-01 11:23:05 +02:00
|
|
|
{proxy}
|
2023-12-18 00:35:23 +01:00
|
|
|
url = {full_url}
|
|
|
|
return client.request(method, url, **kwargs)
|
2023-10-01 11:23:05 +02:00
|
|
|
"""
|
|
|
|
|
|
|
|
methods = [request_method]
|
|
|
|
|
|
|
|
if "login" in features or "account" in features:
|
|
|
|
variables["USERNAME"] = '"Blindhero"'
|
|
|
|
variables["PASSWORD"] = '"test1234"'
|
|
|
|
methods.append("""
|
|
|
|
def login(username, password):
|
|
|
|
session = requests.Session()
|
|
|
|
res = request("POST", "/login", data={"username": username, "password": password}, session=session)
|
|
|
|
if res.status_code != 200:
|
|
|
|
print("[-] Error logging in")
|
|
|
|
exit()
|
|
|
|
|
|
|
|
return session
|
|
|
|
""")
|
|
|
|
|
|
|
|
if "register" in features or "account" in features:
|
|
|
|
variables["USERNAME"] = '"Blindhero"'
|
|
|
|
variables["PASSWORD"] = '"test1234"'
|
|
|
|
methods.append("""
|
|
|
|
def register(username, password):
|
|
|
|
res = request("POST", "/register", data={"username": username, "password": password})
|
|
|
|
if res.status_code != 200:
|
|
|
|
print("[-] Error registering")
|
|
|
|
exit()
|
|
|
|
|
|
|
|
return True
|
|
|
|
""")
|
2021-05-31 14:13:01 +02:00
|
|
|
|
2023-10-01 11:23:05 +02:00
|
|
|
main = """
|
2021-06-11 12:44:35 +02:00
|
|
|
if __name__ == "__main__":
|
2021-10-25 17:25:49 +02:00
|
|
|
pass
|
2023-10-01 11:23:05 +02:00
|
|
|
"""
|
|
|
|
|
|
|
|
variables = "\n".join(f"{k} = {v}" for k, v in variables.items())
|
|
|
|
header = f"""#!/usr/bin/env python
|
|
|
|
|
2024-02-25 09:44:52 +01:00
|
|
|
#
|
|
|
|
# THE BASE OF THIS FILE WAS AUTOMATICALLY GENERATED BY {' '.join(sys.argv)}
|
|
|
|
# For more information, visit: https://git.romanh.de/Roman/HackingScripts
|
|
|
|
#
|
2023-10-05 15:43:20 +02:00
|
|
|
|
2023-10-01 11:23:05 +02:00
|
|
|
import os
|
2023-12-18 00:35:23 +01:00
|
|
|
import io
|
2023-10-01 11:23:05 +02:00
|
|
|
import re
|
|
|
|
import sys
|
|
|
|
import json
|
|
|
|
import time
|
|
|
|
import base64
|
|
|
|
import requests
|
|
|
|
import subprocess
|
|
|
|
import urllib.parse
|
|
|
|
from bs4 import BeautifulSoup
|
2023-11-26 14:10:54 +01:00
|
|
|
from hackingscripts import util, rev_shell
|
|
|
|
from hackingscripts.fileserver import HttpFileServer
|
2024-02-25 09:44:52 +01:00
|
|
|
from hackingscripts.sqli import MySQLi, PostgreSQLi, BlindSQLi, ReflectedSQLi
|
2023-10-01 11:23:05 +02:00
|
|
|
from urllib3.exceptions import InsecureRequestWarning
|
|
|
|
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
|
|
|
|
|
|
|
|
{variables}
|
|
|
|
|
|
|
|
"""
|
2021-05-31 14:13:01 +02:00
|
|
|
|
2023-10-01 11:23:05 +02:00
|
|
|
return header + "".join(methods) + main
|
2021-05-31 14:13:01 +02:00
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
|
|
|
|
if len(sys.argv) < 2:
|
2023-10-01 11:23:05 +02:00
|
|
|
print("Usage: %s <URL> [features]" % sys.argv[0])
|
2021-05-31 14:13:01 +02:00
|
|
|
exit()
|
|
|
|
|
|
|
|
url = sys.argv[1]
|
|
|
|
if "://" not in url:
|
|
|
|
url = "http://" + url
|
|
|
|
|
2023-10-01 11:23:05 +02:00
|
|
|
features = [] if len(sys.argv) < 3 else sys.argv[2].split(",")
|
|
|
|
template = generate_template(url, features)
|
2021-05-31 14:13:01 +02:00
|
|
|
print(template)
|