s0md3v/Corsy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
205b214ddab4cfe2add95ffcdafc237a3148c4e9
Corsy/corsy.py

56 lines
1.6 KiB
Python
Raw Normal View History

Fixes #1
2019-11-25 10:06:20 +05:30
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
Add files via upload
2019-11-24 21:12:10 +05:30
import argparse
from core.utils import load_json, host
from core.tests import active_tests
from core.colors import white, green, info, bad, good, grey, end
try:
from urllib.parse import urlparse
except ImportError:
from urlparse import urlparse
print('''
%s %s{%sv0.1-beta%s}%s
''' % (green, white, grey, white, end))
parser = argparse.ArgumentParser()
parser.add_argument('-u', help='target url', dest='url')
parser.add_argument('-d', help='request delay', dest='delay', type=float, default=0)
args = parser.parse_args()
target_url = args.url
delay = args.delay
def cors(target, delay, scheme=False):
url = target
if not target.startswith(('http://', 'https://')):
url = scheme + '://' + url
root = host(url)
parsed = urlparse(url)
netloc = parsed.netloc
scheme = parsed.scheme
url = scheme + '://' + netloc
active = active_tests(url, root, scheme, delay)
return active
details = load_json('./db/details.json')
if target_url:
if target_url.startswith(('http://', 'https://')):
result = cors(target_url, delay)
if result:
print('%s Misconfiguration found!' % good)
print('%s Title: %s' % (info, result))
print('%s Description: %s' % (info, details[result.lower()]['Description']))
print('%s Severity: %s' % (info, details[result.lower()]['Severity']))
print('%s Exploitation: %s' % (info, details[result.lower()]['Exploitation']))
else:
print('%s No misconfiguration found.' % bad)
else:
print('%s Please use https://example.com not example.com' % bad)
else:
print('\n' + parser.format_help().lower())
Reference in New Issue Copy Permalink