Add files via upload

2019-11-24 21:12:10 +05:30
parent 4e1623440e
commit a5529a0298
6 changed files with 205 additions and 0 deletions
--- a/core/colors.py
+++ b/core/colors.py
@@ -0,0 +1,21 @@
+import sys
+
+colors = True # Output should be colored
+machine = sys.platform # Detecting the os of current system
+if machine.lower().startswith(('os', 'win', 'darwin', 'ios')):
+    colors = False # Colors shouldn't be displayed in mac & windows
+if not colors:
+    end = red = white = green = yellow = grey = run = bad = good = info = que = ''
+else:
+    grey = '\033[37m'
+    white = '\033[97m'
+    green = '\033[92m'
+    red = '\033[91m'
+    yellow = '\033[93m'
+    end = '\033[0m'
+    back = '\033[7;91m'
+    info = '\033[93m[!]\033[0m'
+    que = '\033[94m[?]\033[0m'
+    bad = '\033[91m[-]\033[0m'
+    good = '\033[92m[+]\033[0m'
+    run = '\033[97m[~]\033[0m'
--- a/core/requester.py
+++ b/core/requester.py
@@ -0,0 +1,16 @@
+import requests
+
+headers = {
+    'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0',
+    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
+    'Accept-Language': 'en-US,en;q=0.5',
+    'Accept-Encoding': 'gzip',
+    'DNT': '1',
+    'Connection': 'close',
+}
+
+def requester(url, scheme, origin):
+	headers['Origin'] = scheme + origin
+	response = requests.get(url, headers).headers
+	if 'Access-Control-Allow-Origin' in response:
+		return response['Access-Control-Allow-Origin']
--- a/core/tests.py
+++ b/core/tests.py
@@ -0,0 +1,51 @@
+import time
+
+from core.utils import host
+from core.requester import requester
+
+def passive_tests(url, acao_header):
+	root = host(url)
+	if root:
+		if root != host(acao_header):
+			return 'Third party allowed'
+		elif url.startswith('http://'):
+			return 'HTTP origin allowed'
+		else:
+			return False
+	elif acao_header == '*':
+		return 'Wildcard value'
+	else:
+		return 'Invalid value'
+
+def active_tests(url, root, scheme, delay):
+	acao_header = requester(url, scheme, 'example.com')
+	if acao_header:
+		if acao_header == (scheme + 'example.com'):
+			return 'Origin reflected'
+	time.sleep(delay)
+	acao_header = requester(url, scheme, root + '.example.com')
+	if acao_header:
+		if acao_header == (scheme + root + '.example.com'):
+			return 'Post domain wildcard'
+	time.sleep(delay)
+	acao_header = requester(url, scheme, 'd3v' + root)
+	if acao_header:
+		if acao_header == (scheme + 'd3v' + root):
+			return 'Pre domain wildcard'
+	time.sleep(delay)
+	acao_header = requester(url, '', 'null')
+	if acao_header:
+		if acao_header == 'null':
+			return 'Null origin allowed'
+	time.sleep(delay)
+	acao_header = requester(url, scheme, root + '%60.example.com')
+	if acao_header:
+		if '`.example.com' in acao_header:
+			return 'Broken parser'
+	time.sleep(delay)
+	acao_header = requester(url, 'http', root)
+	if acao_header:
+		if acao_header.startswith('http://'):
+			return 'HTTP origin allowed'
+		else:
+			return passive_tests(url, acao_header)
--- a/core/utils.py
+++ b/core/utils.py
@@ -0,0 +1,17 @@
+import tld
+import json
+
+def load_file(path):
+    with open(path, 'r') as f:
+        result = [line.rstrip('\n').encode('utf-8').decode('utf-8') for line in f]
+    return '\n'.join(result)
+
+def host(string):
+	if string and '*' not in string:
+		try:
+			return tld.get_fld(string, fix_protocol=True)
+		except:
+			return False
+
+def load_json(file):
+	return json.loads(load_file('./db/details.json'))