s0md3v/XSStrike
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

optimized utilities

Browse Source
This commit is contained in:
Stefan Hagen
2018-11-18 22:46:31 +01:00
committed by Somdev Sangwan
parent b6d28ddec5
commit 5f807800c6
4 changed files with 42 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
core/checker.py
View File

@@ -5,16 +5,15 @@ from urllib.parse import unquote
from core.config import xsschecker
from core.requester import requester
from core.utils import replacer, fillHoles
from core.utils import replaceValue, fillHoles
def checker(url, params, headers, GET, delay, payload, positions, timeout, encoding):
checkString = 'st4r7s' + payload + '3nd'
if encoding:
checkString = encoding(unquote(checkString))
paramsCopy = copy.deepcopy(params)
response = requester(url, replacer(
paramsCopy, xsschecker, checkString), headers, GET, delay, timeout).text.lower()
response = requester(url, replaceValue(
params, xsschecker, checkString, copy.deepcopy), headers, GET, delay, timeout).text.lower()
reflectedPositions = []
for match in re.finditer('st4r7s', response):
reflectedPositions.append(match.start())

5
core/fuzzer.py
View File

@@ -6,7 +6,7 @@ from urllib.parse import unquote
from core.colors import end, red, green, yellow, bad, good, info
from core.config import fuzzes, xsschecker
from core.requester import requester
from core.utils import replacer
from core.utils import replaceValue
def counter(string):
@@ -24,11 +24,10 @@ def fuzzer(url, params, headers, GET, delay, timeout, WAF, encoding):
delay = 0
t = delay + randint(delay, delay * 2) + counter(fuzz)
sleep(t)
paramsCopy = copy.deepcopy(params)
try:
if encoding:
fuzz = encoding(unquote(fuzz))
data = replacer(paramsCopy, xsschecker, fuzz)
data = replaceValue(params, xsschecker, fuzz, copy.deepcopy)
response = requester(url, data, headers, GET, delay/2, timeout)
except:
print ('\n%s WAF is dropping suspicious requests.' % bad)

39
core/utils.py
View File

@@ -69,11 +69,22 @@ def extractHeaders(headers):
return sorted_headers
def replacer(dic, toReplace, replaceWith):
for key in dic.keys():
if dic[key] == toReplace:
dic[key] = replaceWith
return dic
def replaceValue(mapping, old, new, strategy=None):
"""
Replace old values with new ones following dict strategy.
The parameter strategy is None per default for inplace operation.
A copy operation is injected via strateg values like copy.copy
or copy.deepcopy
Note: A dict is returned regardless of modifications.
"""
anotherMap = strategy(mapping) if strategy else mapping
if old in anotherMap.values():
for k in anotherMap.keys():
if anotherMap[k] == old:
anotherMap[k] = new
return anotherMap
def getUrl(url, GET):
@@ -147,3 +158,21 @@ def getParams(url, data, GET):
except IndexError:
params = None
return params
def writer(obj, path):
kind = str(type(obj)).split('\'')[0]
if kind == 'list' or kind == 'tuple':
obj = '\n'.join(obj)
elif kind == 'dict':
obj = json.dumps(obj, indent=4)
savefile = open(path, 'w+')
savefile.write(obj)
savefile.close()
def reader(path):
with open(path, 'r') as f:
result = [line.strip(
'\n').encode('utf-8').decode('utf-8') for line in f]
return result

16
xsstrike.py
View File

@@ -13,7 +13,7 @@ from core.encoders import base64
from core.photon import photon
from core.prompt import prompt
from core.updater import updater
from core.utils import extractHeaders, verboseOutput
from core.utils import extractHeaders, verboseOutput, reader
from modes.bruteforcer import bruteforcer
from modes.crawl import crawl
@@ -32,7 +32,6 @@ except ImportError: # throws error in python2
print('%s XSStrike isn\'t compatible with python2.\n Use python > 3.4 to run XSStrike.' % bad)
quit()
# Processing command line arguments, where dest var names will be mapped to local vars with the same name
parser = argparse.ArgumentParser()
parser.add_argument('-u', '--url', help='url', dest='target')
@@ -103,20 +102,11 @@ if args_file:
if args_file == 'default':
payloadList = core.config.payloads
else:
payloadList = []
with open(args_file, 'r') as f:
for line in f:
payloadList.append(line.strip(
'\n').encode('utf-8').decode('utf-8'))
payloadList = list(filter(None, payloadList))
payloadList = list(filter(None, reader(args_file)))
seedList = []
if args_seeds:
with open(args_seeds, 'r') as f:
for line in f:
seedList.append(line.strip(
'\n').encode('utf-8').decode('utf-8'))
seedList = list(filter(None, seedList))
seedList = list(filter(None, reader(args_seeds)))
encoding = base64 if encode and encode == 'base64' else False