Documentation and pep8 compilance

2018-11-16 21:13:45 +05:30
parent 8a3cefde22
commit d27eef116f
19 changed files with 342 additions and 216 deletions
--- a/core/utils.py
+++ b/core/utils.py
@@ -5,6 +5,7 @@ import re
 from core.colors import info, red, end
 from core.config import xsschecker

+
 def verboseOutput(data, name, verbose):
    if verbose:
        print ('%s %s %s%s%s' % (info, name, red, ('-' * 50), end))
@@ -16,14 +17,16 @@ def verboseOutput(data, name, verbose):
        print (data)
        print ('%s%s%s' % (red, ('-' * 60), end))

+
 def closest(number, numbers):
    difference = [abs(list(numbers.values())[0]), {}]
    for index, i in numbers.items():
        diff = abs(number - i)
        if diff < difference[0]:
-            difference = [diff, {index : i}]
+            difference = [diff, {index: i}]
    return difference[1]

+
 def fillHoles(original, new):
    filler = 0
    filled = []
@@ -35,6 +38,7 @@ def fillHoles(original, new):
            filler += (int(x) - y)
    return filled

+
 def stripper(string, substring, direction='right'):
    done = False
    strippedString = ''
@@ -49,6 +53,7 @@ def stripper(string, substring, direction='right'):
        strippedString = strippedString[::-1]
    return strippedString

+
 def extractHeaders(headers):
    sorted_headers = {}
    matches = re.findall(r'(.*):\s(.*)', headers)
@@ -63,18 +68,21 @@ def extractHeaders(headers):
            pass
    return sorted_headers

+
 def replacer(dic, toReplace, replaceWith):
    for key in dic.keys():
        if dic[key] == toReplace:
            dic[key] = replaceWith
    return dic

+
 def getUrl(url, GET):
    if GET:
        return url.split('?')[0]
    else:
        return url

+
 def extractScripts(response):
    scripts = []
    matches = re.findall(r'(?s)<script.*?>(.*?)</script>', response.lower())
@@ -83,8 +91,10 @@ def extractScripts(response):
            scripts.append(match)
    return scripts

+
 def randomUpper(string):
-    return ''.join(random.choice((x, y)) for x, y in zip(string.upper(),string.lower()))
+    return ''.join(random.choice((x, y)) for x, y in zip(string.upper(), string.lower()))
+

 def flattenParams(currentParam, params, payload):
    flatted = []
@@ -94,15 +104,17 @@ def flattenParams(currentParam, params, payload):
        flatted.append(name + '=' + value)
    return '?' + '&'.join(flatted)

+
 def genGen(fillings, eFillings, lFillings, eventHandlers, tags, functions, ends, breaker, special):
    vectors = []
-    r = randomUpper
+    r = randomUpper  # randomUpper randomly converts chars of a string to uppercase
    for tag in tags:
        if tag == 'd3v' or tag == 'a':
            bait = 'z'
        else:
            bait = ''
        for eventHandler in eventHandlers:
+            # if the tag is compatible with the event handler
            if tag in eventHandlers[eventHandler]:
                for function in functions:
                    for filling in fillings:
@@ -111,11 +123,13 @@ def genGen(fillings, eFillings, lFillings, eventHandlers, tags, functions, ends,
                                for end in ends:
                                    if tag == 'd3v' or tag == 'a':
                                        if '>' in ends:
-                                            end = '>'
-                                    vector = vector = r(breaker) + special + '<' + r(tag) + filling + r(eventHandler) + eFilling + '=' + eFilling + function + lFilling + end + bait
+                                            end = '>'  # we can't use // as > with "a" or "d3v" tag
+                                    vector = vector = r(breaker) + special + '<' + r(tag) + filling + r(
+                                        eventHandler) + eFilling + '=' + eFilling + function + lFilling + end + bait
                                    vectors.append(vector)
    return vectors

+
 def getParams(url, data, GET):
    params = {}
    if GET: