| skipped 17 lines |
18 | 18 | | from multiprocessing.dummy import Pool |
19 | 19 | | from colored import fg, bg, attr |
20 | 20 | | |
21 | | - | MAX_EXCEPTION = 3 |
22 | | - | MAX_VULNERABLE = 3 |
| 21 | + | MAX_EXCEPTION = 100 |
| 22 | + | MAX_VULNERABLE = 100 |
23 | 23 | | |
24 | 24 | | # disable "InsecureRequestWarning: Unverified HTTPS request is being made." |
25 | 25 | | from requests.packages.urllib3.exceptions import InsecureRequestWarning |
| skipped 92 lines |
118 | 118 | | t_urlparse = urllib.parse.urlparse( url ) |
119 | 119 | | |
120 | 120 | | if len(t_urlparse.query): |
121 | | - | testParams( t_urlparse, payload.strip('/') ) |
| 121 | + | testParams( t_urlparse, payload ) |
| 122 | + | # testParams( t_urlparse, payload.strip('/') ) |
122 | 123 | | |
123 | 124 | | # if len(t_urlparse.fragment): |
124 | 125 | | # testFragment( t_urlparse, payload.strip('/') ) |
| skipped 3 lines |
128 | 129 | | |
129 | 130 | | def testURL( url ): |
130 | 131 | | time.sleep( 0.01 ) |
131 | | - | |
| 132 | + | # print(url) |
132 | 133 | | if _verbose <= 1: |
133 | 134 | | sys.stdout.write( 'progress: %d/%d\r' % (t_multiproc['n_current'],t_multiproc['n_total']) ) |
134 | 135 | | t_multiproc['n_current'] = t_multiproc['n_current'] + 1 |
| skipped 6 lines |
141 | 142 | | |
142 | 143 | | def doTest( url, method='GET', post_params='' ): |
143 | 144 | | |
144 | | - | with open('generated_urls', 'a+') as fp: |
145 | | - | fp.write(url+"\n") |
146 | | - | return |
| 145 | + | # with open('generated_urls', 'a+') as fp: |
| 146 | + | # fp.write(url+"\n") |
| 147 | + | # return |
147 | 148 | | |
148 | | - | t_realdotest.append( [url,method,post_params] ) |
| 149 | + | # t_realdotest.append( [url,method,post_params] ) |
| 150 | + | realDoTest( [url,method,post_params] ); |
149 | 151 | | return |
150 | 152 | | |
151 | 153 | | |
| skipped 10 lines |
162 | 164 | | t_urlparse = urllib.parse.urlparse(url) |
163 | 165 | | u = t_urlparse.scheme + '_' + t_urlparse.netloc |
164 | 166 | | |
165 | | - | if not u in t_exceptions: |
166 | | - | t_exceptions[u] = 0 |
167 | | - | if t_exceptions[u] >= MAX_EXCEPTION: |
168 | | - | if _verbose >= 3 and _verbose < 4: |
169 | | - | print("skip too many exceptions %s" % t_urlparse.netloc) |
170 | | - | return |
| 167 | + | # if not u in t_exceptions: |
| 168 | + | # t_exceptions[u] = 0 |
| 169 | + | # if t_exceptions[u] >= MAX_EXCEPTION: |
| 170 | + | # if _verbose >= 3 and _verbose < 4: |
| 171 | + | # print("skip too many exceptions %s" % t_urlparse.netloc) |
| 172 | + | # return |
171 | 173 | | |
172 | | - | if not u in t_vulnerable: |
173 | | - | t_vulnerable[u] = 0 |
174 | | - | if t_vulnerable[u] >= MAX_VULNERABLE: |
175 | | - | if _verbose >= 3 and _verbose < 4: |
176 | | - | print("skip already vulnerable %s" % t_urlparse.netloc) |
177 | | - | return |
| 174 | + | # if not u in t_vulnerable: |
| 175 | + | # t_vulnerable[u] = 0 |
| 176 | + | # if t_vulnerable[u] >= MAX_VULNERABLE: |
| 177 | + | # if _verbose >= 3 and _verbose < 4: |
| 178 | + | # print("skip already vulnerable %s" % t_urlparse.netloc) |
| 179 | + | # return |
178 | 180 | | |
179 | 181 | | try: |
180 | 182 | | if method == 'POST': |
| skipped 1 lines |
182 | 184 | | else: |
183 | 185 | | r = requests.get( url, headers=t_custom_headers, timeout=5, verify=False ) |
184 | 186 | | except Exception as e: |
185 | | - | t_exceptions[u] = t_exceptions[u] + 1 |
| 187 | + | # t_exceptions[u] = t_exceptions[u] + 1 |
186 | 188 | | if _verbose >= 3 and _verbose < 4: |
187 | 189 | | sys.stdout.write( "%s[-] error occurred: %s%s\n" % (fg('red'),e,attr(0)) ) |
188 | 190 | | return |
| skipped 9 lines |
198 | 200 | | else: |
199 | 201 | | vuln = '-' |
200 | 202 | | |
201 | | - | if vuln == 'VULNERABLE': |
202 | | - | t_vulnerable[u] = t_vulnerable[u] + 1 |
| 203 | + | # if vuln == 'VULNERABLE': |
| 204 | + | # t_vulnerable[u] = t_vulnerable[u] + 1 |
203 | 205 | | |
204 | 206 | | # output = '%sC=%d\t\tT=%s\t\tV=%s\n' % (url.ljust(t_multiproc['u_max_length']),r.status_code,content_type,vuln) |
205 | 207 | | output = '%s\t\tC=%d\t\tT=%s\t\tV=%s\n' % (url,r.status_code,content_type,vuln) |
| skipped 114 lines |
320 | 322 | | |
321 | 323 | | if _verbose < 4: |
322 | 324 | | sys.stdout.write( '%s[+] options are -> threads:%d, verbose:%d%s\n' % (fg('green'),_threads,_verbose,attr(0)) ) |
323 | | - | sys.stdout.write( '[+] computing host and payload list...\n' ) |
| 325 | + | # sys.stdout.write( '[+] computing host and payload list...\n' ) |
324 | 326 | | |
325 | 327 | | |
326 | 328 | | # source: https://github.com/jhaddix/SecLists/blob/master/Fuzzing/LFI-JHADDIX.txt |
| skipped 180 lines |
507 | 509 | | |
508 | 510 | | n_totest = len(t_totest) |
509 | 511 | | |
510 | | - | random.shuffle(t_totest) |
| 512 | + | # random.shuffle(t_totest) |
511 | 513 | | # print("\n".join(t_totest)) |
512 | 514 | | # exit() |
513 | 515 | | |
| skipped 29 lines |
543 | 545 | | sys.exit(1) |
544 | 546 | | |
545 | 547 | | |
| 548 | + | |
| 549 | + | |
| 550 | + | exit() |
| 551 | + | |
| 552 | + | |
| 553 | + | |
| 554 | + | |
546 | 555 | | if _verbose < 4: |
547 | 556 | | sys.stdout.write( '%s[+] %d urls payloaded to test.%s\n' % (fg('green'),len(t_realdotest),attr(0)) ) |
548 | 557 | | sys.stdout.write( '[+] testing...\n' ) |
| skipped 15 lines |
564 | 573 | | realDoTest( params ) |
565 | 574 | | q.task_done() |
566 | 575 | | |
567 | | - | # q = Queue( _threads*2 ) |
| 576 | + | q = Queue( _threads*2 ) |
568 | 577 | | |
569 | | - | # for i in range(_threads): |
570 | | - | # t = Thread( target=realDoWork ) |
571 | | - | # t.daemon = True |
572 | | - | # t.start() |
| 578 | + | for i in range(_threads): |
| 579 | + | t = Thread( target=realDoWork ) |
| 580 | + | t.daemon = True |
| 581 | + | t.start() |
573 | 582 | | |
574 | | - | # with open('generated_urls', 'w') as fp: |
575 | | - | # fp.write("\n".join(str(item[0]) for item in t_realdotest)) |
576 | | - | |
577 | | - | exit() |
578 | | - | |
579 | | - | # f = open("generated_urls", "w") |
580 | | - | # f.write(t_realdotest.join("\n")) |
581 | | - | # # f.write("\n".join(t_realdotest)) |
582 | | - | # f.close() |
583 | | - | |
584 | | - | # try: |
585 | | - | # for url in t_realdotest: |
586 | | - | # q.put( url ) |
587 | | - | # q.join() |
588 | | - | # except KeyboardInterrupt: |
589 | | - | # sys.exit(1) |
| 583 | + | try: |
| 584 | + | for url in t_realdotest: |
| 585 | + | q.put( url ) |
| 586 | + | q.join() |
| 587 | + | except KeyboardInterrupt: |
| 588 | + | sys.exit(1) |
590 | 589 | | |
591 | 590 | | |