Created
March 22, 2019 09:15
-
-
Save kecs/97c81716dfe351a962dab2a46e52ec7a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests, time, os | |
| """ | |
| List all .php files in repo, send GET and POST to live url, print response if it is not 404 | |
| Start from repo root dir. | |
| Args: base_url_to_live_server | |
| """ | |
| COOKIES = {'SESSID': '', 'PHPSESSID': ''} | |
| REACHABLE_PHPS = [] | |
| for root, dirs, files in os.walk(os.getcwd()): | |
| for name in files: | |
| if name.endswith('.php'): | |
| REACHABLE_PHPS.append(name.replace(os.getcwd(), '')) | |
| def get_resp(req_type, url): | |
| """ | |
| args: 'get'/'post', url | |
| returns: (message, returned_text) | |
| """ | |
| try: | |
| resp = requests.getattr(req_type)('{}/{}'.format(sys.argv[1], url), cookies=COOKIES) | |
| except Exception as e: | |
| time.sleep(5) | |
| return (('[*] {} at {}'.format(repr(e), url), '') | |
| if resp.status_code == 404: | |
| return ('', '') | |
| text = resp.text.strip() | |
| if text: | |
| return ('{} {}\n{}\n'.format(resp.status_code, url, text)) | |
| for u in REACHABLE_PHPS: | |
| msg_1, text_1 = get_resp('get', u): | |
| msg_2, text_2 = get_resp('post', u): | |
| if msg_1 or msg_2: | |
| print msg_1 | |
| if not (text_1 or text_2): | |
| continue | |
| else: | |
| try: | |
| if text_1 != text_2: | |
| print('[*] Different response for GET and POST: \nGET: {}\nPOST:{}\n'.format(text_1, text_2)) | |
| else: | |
| print(msg, text) | |
| except UnicodeEncodeError: | |
| print('[*] weird unicode at {}'.format(u)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment