Random User Agents, web template fix
This commit is contained in:
@@ -13,3 +13,4 @@ requests==2.28.1
|
||||
scapy==2.4.5+g9420c22
|
||||
SocksiPy_branch==1.01
|
||||
urllib3==1.26.12
|
||||
user-agent==0.1.14
|
||||
@@ -17,8 +17,12 @@ import dulwich.objects
|
||||
import dulwich.pack
|
||||
import requests
|
||||
import socks
|
||||
import user_agent
|
||||
|
||||
USER_AGENT = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36"
|
||||
from urllib3.exceptions import InsecureRequestWarning
|
||||
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
|
||||
|
||||
USER_AGENT = user_agent.generate_user_agent()
|
||||
|
||||
def printf(fmt, *args, file=sys.stdout):
|
||||
if args:
|
||||
|
||||
@@ -12,7 +12,8 @@ def generate_template(base_url, features):
|
||||
imports = [
|
||||
"os", "io", "re", "sys",
|
||||
"json", "time", "base64", "requests",
|
||||
"subprocess", "urllib.parse"
|
||||
"subprocess", "urllib.parse",
|
||||
"user_agent"
|
||||
]
|
||||
|
||||
partial_imports = {
|
||||
@@ -22,6 +23,8 @@ def generate_template(base_url, features):
|
||||
"urllib3.exceptions": ["InsecureRequestWarning"]
|
||||
}
|
||||
|
||||
class_definitions = []
|
||||
|
||||
main_code = []
|
||||
methods = []
|
||||
ip_address_arg = next(filter(lambda f: re.match(r"ip_address=(.*)", f), features), None)
|
||||
@@ -29,7 +32,8 @@ def generate_template(base_url, features):
|
||||
|
||||
variables = {
|
||||
"IP_ADDRESS": ip_address,
|
||||
"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"'
|
||||
"BASE_URL": f'"{base_url}" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"',
|
||||
"USER_AGENT": "user_agent.generate_user_agent()"
|
||||
}
|
||||
|
||||
proxy_arg = next(filter(lambda f: re.match(r"proxy=(.*)", f), features), None)
|
||||
@@ -67,48 +71,60 @@ def generate_template(base_url, features):
|
||||
|
||||
if "verify" not in kwargs:
|
||||
kwargs["verify"] = False
|
||||
|
||||
headers = kwargs.get("headers", {{}})
|
||||
headers["User-Agent"] = USER_AGENT
|
||||
kwargs["headers"] = headers
|
||||
{proxy}
|
||||
url = {full_url}
|
||||
return client.request(method, url, **kwargs)
|
||||
""")
|
||||
|
||||
if "register" in features or "account" in features:
|
||||
main_code.append("""if not register(USERNAME, PASSWORD):
|
||||
main_code.append("""if not register(USER):
|
||||
exit(1)
|
||||
""")
|
||||
variables["USERNAME"] = '"Blindhero"'
|
||||
variables["PASSWORD"] = '"test1234"'
|
||||
methods.append("""
|
||||
def register(username, password):
|
||||
res = request("POST", "/register", data={"username": username, "password": password})
|
||||
def register(user):
|
||||
res = request("POST", "/register", data={"username": user.username, "password": user.password})
|
||||
if res.status_code != 200:
|
||||
print("[-] Error registering")
|
||||
exit()
|
||||
return False
|
||||
|
||||
return True
|
||||
""")
|
||||
|
||||
if "login" in features or "account" in features:
|
||||
main_code.append("""session = login(USERNAME, PASSWORD)
|
||||
main_code.append("""session = login(USER)
|
||||
if not session:
|
||||
exit(1)
|
||||
""")
|
||||
variables["USERNAME"] = '"username"'
|
||||
variables["PASSWORD"] = '"password"'
|
||||
variables["USER"] = 'User("username", "password")'
|
||||
class_definitions.append("""
|
||||
class User:
|
||||
def __init__(self, username, password):
|
||||
self.username = username
|
||||
self.password = password
|
||||
def tobase64(self):
|
||||
return base64.b64encode(f"{self.username}:{self.password}".encode()).decode()
|
||||
def get_basic_auth(self):
|
||||
return "Basic " + self.tobase64()
|
||||
""")
|
||||
|
||||
methods.append("""
|
||||
def login(username, password):
|
||||
def login(user):
|
||||
session = requests.Session()
|
||||
res = request("POST", "/login", data={"username": username, "password": password}, session=session)
|
||||
res = request("POST", "/login", data={"username": user.username, "password": user.password}, session=session)
|
||||
if res.status_code != 200:
|
||||
print("[-] Error logging in")
|
||||
exit()
|
||||
return None
|
||||
|
||||
return session
|
||||
""")
|
||||
|
||||
if "sqli" in features:
|
||||
partial_imports["hackingscripts.sqli"] = ["MySQLi", "PostgreSQLi", "BlindSQLi", "ReflectedSQLi"]
|
||||
methods.append("""
|
||||
partial_imports["hackingscripts.utils.sqli"] = ["MySQLi", "PostgreSQLi", "BlindSQLi", "ReflectedSQLi"]
|
||||
class_definitions.append("""
|
||||
class ReflectedSQLiPoC(MySQLi, ReflectedSQLi):
|
||||
def __init__(self):
|
||||
# TODO: specify reflected columns with their types
|
||||
@@ -117,7 +133,7 @@ class ReflectedSQLiPoC(MySQLi, ReflectedSQLi):
|
||||
# TODO: build query and extract columns from response
|
||||
return None
|
||||
""")
|
||||
methods.append("""
|
||||
class_definitions.append("""
|
||||
class BlindSQLiPoC(MySQLi, BlindSQLi):
|
||||
def blind_sqli(self, condition: str, verbose=False) -> bool:
|
||||
# TODO: build query and evaluate condition
|
||||
@@ -153,6 +169,7 @@ if __name__ == "__main__":
|
||||
|
||||
imports = "\n".join(f"import {i}" for i in sorted(imports, key=len))
|
||||
imports += "\n" + "\n".join(sorted(list(f"from {p} import {', '.join(i)}" for p, i in partial_imports.items()), key=len))
|
||||
class_definitions = "\n".join(class_definitions)
|
||||
variables = "\n".join(f"{k} = {v}" for k, v in variables.items())
|
||||
header = f"""#!/usr/bin/env python
|
||||
|
||||
@@ -163,7 +180,7 @@ if __name__ == "__main__":
|
||||
|
||||
{imports}
|
||||
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
|
||||
|
||||
{class_definitions}
|
||||
{variables}
|
||||
|
||||
"""
|
||||
|
||||
Reference in New Issue
Block a user