Random User Agents, web template fix
This commit is contained in:
@@ -13,3 +13,4 @@ requests==2.28.1
|
|||||||
scapy==2.4.5+g9420c22
|
scapy==2.4.5+g9420c22
|
||||||
SocksiPy_branch==1.01
|
SocksiPy_branch==1.01
|
||||||
urllib3==1.26.12
|
urllib3==1.26.12
|
||||||
|
user-agent==0.1.14
|
||||||
@@ -17,8 +17,12 @@ import dulwich.objects
|
|||||||
import dulwich.pack
|
import dulwich.pack
|
||||||
import requests
|
import requests
|
||||||
import socks
|
import socks
|
||||||
|
import user_agent
|
||||||
|
|
||||||
USER_AGENT = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36"
|
from urllib3.exceptions import InsecureRequestWarning
|
||||||
|
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
|
||||||
|
|
||||||
|
USER_AGENT = user_agent.generate_user_agent()
|
||||||
|
|
||||||
def printf(fmt, *args, file=sys.stdout):
|
def printf(fmt, *args, file=sys.stdout):
|
||||||
if args:
|
if args:
|
||||||
|
|||||||
@@ -12,7 +12,8 @@ def generate_template(base_url, features):
|
|||||||
imports = [
|
imports = [
|
||||||
"os", "io", "re", "sys",
|
"os", "io", "re", "sys",
|
||||||
"json", "time", "base64", "requests",
|
"json", "time", "base64", "requests",
|
||||||
"subprocess", "urllib.parse"
|
"subprocess", "urllib.parse",
|
||||||
|
"user_agent"
|
||||||
]
|
]
|
||||||
|
|
||||||
partial_imports = {
|
partial_imports = {
|
||||||
@@ -22,6 +23,8 @@ def generate_template(base_url, features):
|
|||||||
"urllib3.exceptions": ["InsecureRequestWarning"]
|
"urllib3.exceptions": ["InsecureRequestWarning"]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class_definitions = []
|
||||||
|
|
||||||
main_code = []
|
main_code = []
|
||||||
methods = []
|
methods = []
|
||||||
ip_address_arg = next(filter(lambda f: re.match(r"ip_address=(.*)", f), features), None)
|
ip_address_arg = next(filter(lambda f: re.match(r"ip_address=(.*)", f), features), None)
|
||||||
@@ -29,7 +32,8 @@ def generate_template(base_url, features):
|
|||||||
|
|
||||||
variables = {
|
variables = {
|
||||||
"IP_ADDRESS": ip_address,
|
"IP_ADDRESS": ip_address,
|
||||||
"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"'
|
"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"',
|
||||||
|
"USER_AGENT": "user_agent.generate_user_agent()"
|
||||||
}
|
}
|
||||||
|
|
||||||
proxy_arg = next(filter(lambda f: re.match(r"proxy=(.*)", f), features), None)
|
proxy_arg = next(filter(lambda f: re.match(r"proxy=(.*)", f), features), None)
|
||||||
@@ -67,48 +71,60 @@ def generate_template(base_url, features):
|
|||||||
|
|
||||||
if "verify" not in kwargs:
|
if "verify" not in kwargs:
|
||||||
kwargs["verify"] = False
|
kwargs["verify"] = False
|
||||||
|
|
||||||
|
headers = kwargs.get("headers", {{}})
|
||||||
|
headers["User-Agent"] = USER_AGENT
|
||||||
|
kwargs["headers"] = headers
|
||||||
{proxy}
|
{proxy}
|
||||||
url = {full_url}
|
url = {full_url}
|
||||||
return client.request(method, url, **kwargs)
|
return client.request(method, url, **kwargs)
|
||||||
""")
|
""")
|
||||||
|
|
||||||
if "register" in features or "account" in features:
|
if "register" in features or "account" in features:
|
||||||
main_code.append("""if not register(USERNAME, PASSWORD):
|
main_code.append("""if not register(USER):
|
||||||
exit(1)
|
exit(1)
|
||||||
""")
|
""")
|
||||||
variables["USERNAME"] = '"Blindhero"'
|
|
||||||
variables["PASSWORD"] = '"test1234"'
|
|
||||||
methods.append("""
|
methods.append("""
|
||||||
def register(username, password):
|
def register(user):
|
||||||
res = request("POST", "/register", data={"username": username, "password": password})
|
res = request("POST", "/register", data={"username": user.username, "password": user.password})
|
||||||
if res.status_code != 200:
|
if res.status_code != 200:
|
||||||
print("[-] Error registering")
|
print("[-] Error registering")
|
||||||
exit()
|
return False
|
||||||
|
|
||||||
return True
|
return True
|
||||||
""")
|
""")
|
||||||
|
|
||||||
if "login" in features or "account" in features:
|
if "login" in features or "account" in features:
|
||||||
main_code.append("""session = login(USERNAME, PASSWORD)
|
main_code.append("""session = login(USER)
|
||||||
if not session:
|
if not session:
|
||||||
exit(1)
|
exit(1)
|
||||||
""")
|
""")
|
||||||
variables["USERNAME"] = '"username"'
|
variables["USER"] = 'User("username", "password")'
|
||||||
variables["PASSWORD"] = '"password"'
|
class_definitions.append("""
|
||||||
|
class User:
|
||||||
|
def __init__(self, username, password):
|
||||||
|
self.username = username
|
||||||
|
self.password = password
|
||||||
|
def tobase64(self):
|
||||||
|
return base64.b64encode(f"{self.username}:{self.password}".encode()).decode()
|
||||||
|
def get_basic_auth(self):
|
||||||
|
return "Basic " + self.tobase64()
|
||||||
|
""")
|
||||||
|
|
||||||
methods.append("""
|
methods.append("""
|
||||||
def login(username, password):
|
def login(user):
|
||||||
session = requests.Session()
|
session = requests.Session()
|
||||||
res = request("POST", "/login", data={"username": username, "password": password}, session=session)
|
res = request("POST", "/login", data={"username": user.username, "password": user.password}, session=session)
|
||||||
if res.status_code != 200:
|
if res.status_code != 200:
|
||||||
print("[-] Error logging in")
|
print("[-] Error logging in")
|
||||||
exit()
|
return None
|
||||||
|
|
||||||
return session
|
return session
|
||||||
""")
|
""")
|
||||||
|
|
||||||
if "sqli" in features:
|
if "sqli" in features:
|
||||||
partial_imports["hackingscripts.sqli"] = ["MySQLi", "PostgreSQLi", "BlindSQLi", "ReflectedSQLi"]
|
partial_imports["hackingscripts.utils.sqli"] = ["MySQLi", "PostgreSQLi", "BlindSQLi", "ReflectedSQLi"]
|
||||||
methods.append("""
|
class_definitions.append("""
|
||||||
class ReflectedSQLiPoC(MySQLi, ReflectedSQLi):
|
class ReflectedSQLiPoC(MySQLi, ReflectedSQLi):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
# TODO: specify reflected columns with their types
|
# TODO: specify reflected columns with their types
|
||||||
@@ -117,7 +133,7 @@ class ReflectedSQLiPoC(MySQLi, ReflectedSQLi):
|
|||||||
# TODO: build query and extract columns from response
|
# TODO: build query and extract columns from response
|
||||||
return None
|
return None
|
||||||
""")
|
""")
|
||||||
methods.append("""
|
class_definitions.append("""
|
||||||
class BlindSQLiPoC(MySQLi, BlindSQLi):
|
class BlindSQLiPoC(MySQLi, BlindSQLi):
|
||||||
def blind_sqli(self, condition: str, verbose=False) -> bool:
|
def blind_sqli(self, condition: str, verbose=False) -> bool:
|
||||||
# TODO: build query and evaluate condition
|
# TODO: build query and evaluate condition
|
||||||
@@ -153,6 +169,7 @@ if __name__ == "__main__":
|
|||||||
|
|
||||||
imports = "\n".join(f"import {i}" for i in sorted(imports, key=len))
|
imports = "\n".join(f"import {i}" for i in sorted(imports, key=len))
|
||||||
imports += "\n" + "\n".join(sorted(list(f"from {p} import {', '.join(i)}" for p, i in partial_imports.items()), key=len))
|
imports += "\n" + "\n".join(sorted(list(f"from {p} import {', '.join(i)}" for p, i in partial_imports.items()), key=len))
|
||||||
|
class_definitions = "\n".join(class_definitions)
|
||||||
variables = "\n".join(f"{k} = {v}" for k, v in variables.items())
|
variables = "\n".join(f"{k} = {v}" for k, v in variables.items())
|
||||||
header = f"""#!/usr/bin/env python
|
header = f"""#!/usr/bin/env python
|
||||||
|
|
||||||
@@ -163,7 +180,7 @@ if __name__ == "__main__":
|
|||||||
|
|
||||||
{imports}
|
{imports}
|
||||||
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
|
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
|
||||||
|
{class_definitions}
|
||||||
{variables}
|
{variables}
|
||||||
|
|
||||||
"""
|
"""
|
||||||
|
|||||||
Reference in New Issue
Block a user