From 798cfdf57838fde62d374cb847724effa8b8ea64 Mon Sep 17 00:00:00 2001
From: Somdev Sangwan <s0md3v@gmail.com>
Date: Mon, 24 Jan 2022 11:58:00 +0530
Subject: [PATCH] fixes #15, fixes #17

---
 bolt.py | 33 +++++++++++++++++----------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/bolt.py b/bolt.py
index cbbf30b..93338a8 100644
--- a/bolt.py
+++ b/bolt.py
@@ -13,17 +13,18 @@ banner()
 
 try:
     import concurrent.futures
-    try:
-        from fuzzywuzzy import fuzz, process
-    except:
-        import os
-        print ('%s fuzzywuzzy library is not installed, installing now.' % info)
-        os.system('pip3 install fuzzywuzzy')
-        print ('%s fuzzywuzzy has been installed, please restart Bolt.' % info)
-        quit()
 except:
     print ('%s Bolt is not compatible with python 2. Please run it with python 3.' % bad)
 
+try:
+    from fuzzywuzzy import fuzz, process
+except:
+    import os
+    print ('%s fuzzywuzzy library is not installed, installing now.' % info)
+    os.system('pip3 install fuzzywuzzy')
+    print ('%s fuzzywuzzy has been installed, please restart Bolt.' % info)
+    quit()
+
 import argparse
 import json
 import random
@@ -110,8 +111,10 @@ if len(uniqueTokens) < len(allTokens):
     print ('%s Potential Replay Attack condition found' % good)
     print ('%s Verifying and looking for the cause' % run)
     replay = False
-    for url, token in tokenDatabase:
-        for url2, token2 in tokenDatabase:
+    for each in tokenDatabase:
+        url, token = next(iter(each.keys())), next(iter(each.values()))
+        for each2 in tokenDatabase:
+            url2, token2 = next(iter(each2.keys())), next(iter(each2.values()))
             if token == token2 and url != url2:
                 print ('%s The same token was used on %s%s%s and %s%s%s' %
                        (good, green, url, end, green, url2, end))
@@ -233,21 +236,19 @@ print (' %s Phase: Testing %s[%s5/6%s]%s' %
        (lightning, green, end, green, end))
 
 parsed = ''
+found = False
 print ('%s Finding a suitable form for further testing. It may take a while.' % run)
 for form_dict in allForms:
     for url, forms in form_dict.items():
-        found = False
         parsed = datanize(forms, tolerate=True)
         if parsed:
             found = True
             break
-        if found:
-            break
+    if found:
+        break
 
 if not parsed:
-    candidate = list(random.choice(tokenDatabase).keys())[0]
-    parsed = datanize(candidate, tolerate=True)
-    print (parsed)
+    quit('%s No suitable form found for testing.' % bad)
 
 origGET = parsed[0]
 origUrl = parsed[1]