xsscrapy/xsscrapy.py

#!/usr/bin/env python

import argparse
from scrapy.cmdline import execute
from xsscrapy.spiders.xss_spider import XSSspider
import sys

__author__ = 'Dan McInerney'
__license__ = 'BSD'
__version__ = '1.0'
__email__ = 'danhmcinerney@gmail.com'

def get_args():
    parser = argparse.ArgumentParser(description=__doc__,
                                    formatter_class=argparse.RawDescriptionHelpFormatter)
    parser.add_argument('-u', '--url', help="URL to scan; -u http://example.com")
    parser.add_argument('-l', '--login', help="Login name; -l danmcinerney")
    parser.add_argument('-p', '--password', help="Password; -p pa$$w0rd")
    parser.add_argument('-c', '--connections', default='30', help="Set the max number of simultaneous connections allowed, default=30")
    parser.add_argument('-r', '--ratelimit', default='0', help="Rate in requests per minute, default=0")
    parser.add_argument('--basic', help="Use HTTP Basic Auth to login", action="store_true")
    parser.add_argument('-k', '--cookie',help="Cookie key; --cookie SessionID=afgh3193e9103bca9318031bcdf")
    args = parser.parse_args()
    return args

def main():
    args = get_args()
    rate = args.ratelimit
    if rate not in [None, '0']:
        rate = str(60 / float(rate))
    try:
        cookie_key = args.cookie.split('=',1)[0] if args.cookie else None
        cookie_value = ''.join(args.cookie.split('=',1)[1:]) if args.cookie else None
        execute(['scrapy', 'crawl', 'xsscrapy',
                 '-a', 'url=%s' % args.url, '-a', 'user=%s' % args.login, '-a',
                 'pw=%s' % args.password, '-a', 'basic=%s' % args.basic,
                 '-a', 'cookie_key=%s' % cookie_key, '-a', 'cookie_value=%s' % cookie_value,
                 '-s', 'CONCURRENT_REQUESTS=%s' % args.connections,
                 '-s', 'DOWNLOAD_DELAY=%s' % rate])
    except KeyboardInterrupt:
        sys.exit()

main()
now sends 1 request per form input 2014-09-08 05:10:10 -04:00			`#!/usr/bin/env python`

			`import argparse`
			`from scrapy.cmdline import execute`
			`from xsscrapy.spiders.xss_spider import XSSspider`
Need to import sys to use sys.exit() 2015-02-12 21:14:28 -05:00			`import sys`
now sends 1 request per form input 2014-09-08 05:10:10 -04:00
			`__author__ = 'Dan McInerney'`
			`__license__ = 'BSD'`
attempts to fix broken form action URLs 2014-11-09 14:21:04 -05:00			`__version__ = '1.0'`
now sends 1 request per form input 2014-09-08 05:10:10 -04:00			`__email__ = 'danhmcinerney@gmail.com'`

			`def get_args():`
			`parser = argparse.ArgumentParser(description=__doc__,`
			`formatter_class=argparse.RawDescriptionHelpFormatter)`
			`parser.add_argument('-u', '--url', help="URL to scan; -u http://example.com")`
			`parser.add_argument('-l', '--login', help="Login name; -l danmcinerney")`
			`parser.add_argument('-p', '--password', help="Password; -p pa$$w0rd")`
readded rate limiting 2014-11-09 20:28:37 -05:00			`parser.add_argument('-c', '--connections', default='30', help="Set the max number of simultaneous connections allowed, default=30")`
			`parser.add_argument('-r', '--ratelimit', default='0', help="Rate in requests per minute, default=0")`
added --basic option for http basic auth 2014-10-24 07:12:40 -04:00			`parser.add_argument('--basic', help="Use HTTP Basic Auth to login", action="store_true")`
Added cookie support 2016-04-17 02:52:12 -05:00			`parser.add_argument('-k', '--cookie',help="Cookie key; --cookie SessionID=afgh3193e9103bca9318031bcdf")`
now sends 1 request per form input 2014-09-08 05:10:10 -04:00			`args = parser.parse_args()`
			`return args`

added -c option for max simultaneous connections 2014-11-08 06:35:52 -05:00			`def main():`
			`args = get_args()`
fixed rate limiting 2014-11-09 20:45:11 -05:00			`rate = args.ratelimit`
			`if rate not in [None, '0']:`
			`rate = str(60 / float(rate))`
added -c option for max simultaneous connections 2014-11-08 06:35:52 -05:00			`try:`
Added cookie support 2016-04-17 02:52:12 -05:00			`cookie_key = args.cookie.split('=',1)[0] if args.cookie else None`
			`cookie_value = ''.join(args.cookie.split('=',1)[1:]) if args.cookie else None`
			`execute(['scrapy', 'crawl', 'xsscrapy',`
			`'-a', 'url=%s' % args.url, '-a', 'user=%s' % args.login, '-a',`
			`'pw=%s' % args.password, '-a', 'basic=%s' % args.basic,`
			`'-a', 'cookie_key=%s' % cookie_key, '-a', 'cookie_value=%s' % cookie_value,`
fixed rate limiting 2014-11-09 20:45:11 -05:00			`'-s', 'CONCURRENT_REQUESTS=%s' % args.connections,`
			`'-s', 'DOWNLOAD_DELAY=%s' % rate])`
added -c option for max simultaneous connections 2014-11-08 06:35:52 -05:00			`except KeyboardInterrupt:`
			`sys.exit()`

			`main()`