-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmain.py
147 lines (115 loc) · 4.3 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
import requests
from colorama import Fore, Back, Style
import argparse
import socket
from function import *
import urllib
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
print(Fore.BLUE + Style.BRIGHT + """
_ _
(_) | |
__ ____ _ _ __ _ __ _ ___| |__ ___ _ __
\ \ / / _` | '__| '_ \| / __| '_ \ / _ \ '__|
\ V / (_| | | | | | | \__ \ | | | __/ |
\_/ \__,_|_| |_| |_|_|___/_| |_|\___|_|
""")
print(Style.RESET_ALL)
#print('Use -u for a single url or -iL for url list')
## arguments <3
parser = argparse.ArgumentParser()
parser.add_argument('-u', help='URL', dest='url')
parser.add_argument('-iL', help='URL List path', dest='fileList')
parser.add_argument('-d', help='debugmode', dest='debug')
args = parser.parse_args() # arguments to be parsed
## This is to retrieve content-length
headers = {'Accept-Encoding': 'None' }
## crazy paths for now only two pretty much static
paths = ['{}///', '/love/..{}']
## ipHeader test
ipHeader = ['127.0.0.1']
xIPHeader = ['X-Forwarded-For', 'Real-IP', 'X-Real-IP']
if args.url:
print('URL: '+ args.url)
urlParsed = urllib.parse.urlparse(args.url)
try:
ipHeader.append(getIP(urlParsed.netloc))
except:
print('NO IP')
if args.debug:
print('\n>>>>> ' + str(urlParsed) + '\n')
r = requests.get(urlParsed.geturl(), allow_redirects = False, headers={'Accept-Encoding': None })
print(r.headers)
print(ipHeader)
print('\n')
print(Fore.YELLOW + 'Request via http & via https [non altered]')
print(Style.RESET_ALL)
r = requestT(urlParsed, headers)
print('\n')
## lets try crazy paths
print(Fore.YELLOW + 'Crazy paths')
print(Style.RESET_ALL)
for i in paths:
alterPath = i.replace("{}",urlParsed.path)
alterUrl = urlParsed._replace(path=alterPath)
##print(alterUrl)
r = requestP(alterUrl, headers)
print('\n')
## lets try just proto
print(Fore.YELLOW + 'Request with X-Forwarded-Proto')
print(Style.RESET_ALL)
headers.update({'X-Forwarded-Proto':'https'})
r = requestT(urlParsed, headers)
print('\n')
## lets try crazy paths
print(Fore.YELLOW + 'Crazy paths + X-Forwarded-Proto')
print(Style.RESET_ALL)
for i in paths:
alterPath = i.replace("{}",urlParsed.path)
alterUrl = urlParsed._replace(path=alterPath)
##print(alterUrl)
r = requestP(alterUrl, headers)
#print('\n')
## lets X-Forwarded-For and IPs HEADER
#print(Fore.YELLOW + 'IP Headers ' + str(xIPHeader))
#print(Style.RESET_ALL)
for i in xIPHeader:
headers.update({i:''})
for i in ipHeader:
print('\n')
## lets X-Forwarded-For and IPs HEADER
print(Fore.YELLOW + 'IP Headers ' + str(xIPHeader) + ' and IP: ' + i)
print(Style.RESET_ALL)
headers = headers.fromkeys(xIPHeader, i)
r = requestT(urlParsed, headers)
## lets try with HOST
print('\n')
print(Fore.YELLOW + 'Request with Host value as server')
print(Style.RESET_ALL)
headers.update({'Host':str(ipHeader[1])})
r = requestT(urlParsed, headers)
## lets try with HOST
print('\n')
print(Fore.YELLOW + 'Request with Host value as server + X-Forwarded-Proto')
print(Style.RESET_ALL)
headers.update({'Host':str(ipHeader[1])})
headers.update({'X-Forwarded-Proto':'https'})
r = requestT(urlParsed, headers)
## HOST
print('\n')
print(Fore.YELLOW + 'Crazy paths + Host + X-Forwarded-Proto')
print(Style.RESET_ALL)
headers.update({'Host':str(ipHeader[1])})
headers.update({'X-Forwarded-Proto':'https'})
for i in paths:
alterPath = i.replace("{}",urlParsed.path)
alterUrl = urlParsed._replace(path=alterPath)
##print(alterUrl)
r = requestP(alterUrl, headers)
## lets try with HOST
print('\n')
print(Fore.YELLOW + 'Request with Host uppercase + X-Forwarded-proto')
print(Style.RESET_ALL)
headers.update({'Host':str(urlParsed.netloc).upper()})
headers.update({'X-Forwarded-Proto':'https'})
r = requestT(urlParsed, headers)