Created
December 18, 2012 08:07
-
-
Save miau/4326041 to your computer and use it in GitHub Desktop.
Ad-hoc patches to https://github.com/miau/watobo-patched
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/lib/watobo/core/session.rb b/lib/watobo/core/session.rb | |
index c7c1eeb..037a2ed 100644 | |
--- a/lib/watobo/core/session.rb | |
+++ b/lib/watobo/core/session.rb | |
@@ -19,6 +19,7 @@ | |
# along with WATOBO; if not, write to the Free Software | |
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
# . | |
+@@user_id = 1 | |
module Watobo | |
@@ -1237,6 +1238,19 @@ end | |
def updateSession(request) | |
@@session_lock.synchronize do | |
+ user_id_found = false | |
+ request.map!{ |line| | |
+ if line.match(/pentest0(?!\d)/) | |
+ puts "*" * 40 | |
+ puts "=UPDATE user_id" | |
+ unless user_id_found | |
+ @@user_id += 1 | |
+ user_id_found = true | |
+ end | |
+ line.gsub!(/pentest0(?!\d)/, "pentest#{@@user_id}") | |
+ end | |
+ line | |
+ } | |
if @session[:valid_sids].has_key?(request.host) | |
valid_sids = @session[:valid_sids][request.host] | |
puts "* found sid for site: #{request.site}" if $DEBUG |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/lib/watobo/core/session.rb b/lib/watobo/core/session.rb | |
index 037a2ed..0258b48 100644 | |
--- a/lib/watobo/core/session.rb | |
+++ b/lib/watobo/core/session.rb | |
@@ -180,6 +180,7 @@ include Watobo::Constants | |
data = request.join + "\r\n" | |
unless socket.nil? | |
+ puts data if $DEBUG | |
socket.print data | |
response_header = readHTTPHeader(socket, current_prefs) | |
end | |
@@ -243,6 +244,7 @@ include Watobo::Constants | |
data << "\r\n" unless request.has_body? | |
unless socket.nil? | |
+ puts data if $DEBUG | |
socket.print data | |
# if socket.is_a? OpenSSL::SSL::SSLSocket | |
# socket.io.shutdown(0) | |
@@ -329,9 +331,9 @@ include Watobo::Constants | |
updateCSRFToken(csrf_cache, copy) | |
socket, csrf_request, csrf_response = sendHTTPRequest(copy, opts) | |
next if socket.nil? | |
- # puts "= Response Headers:" | |
- # puts csrf_response | |
- # puts "===" | |
+ puts "= Response Headers:" | |
+ puts csrf_response | |
+ puts "===" | |
update_sids(csrf_request.host, csrf_response.headers) | |
next if socket.nil? | |
# p "*" | |
@@ -564,6 +566,7 @@ end | |
end | |
data = auth_request.join + "\r\n" | |
+ puts data if $DEBUG | |
socket.print data | |
puts "-----------------" if $DEBUG | |
@@ -638,7 +641,7 @@ end | |
if $DEBUG | |
puts "= NTLM Type 3 =" | |
- puts data | |
+ puts data if $DEBUG | |
end | |
socket.print data | |
@@ -770,6 +773,7 @@ end | |
end | |
data = request.join + "\r\n" | |
+ puts data if $DEBUG | |
tcp_socket.print data | |
# puts "-----------------" | |
cl = 0 | |
@@ -818,7 +822,7 @@ end | |
data = request.join + "\r\n" | |
if $DEBUG | |
puts "============= T3 =======================" | |
- puts data | |
+ puts data if $DEBUG | |
puts "---" | |
end | |
@@ -848,6 +852,7 @@ end | |
# Start ProxyConnect Without Authentication | |
data = request.join + "\r\n" | |
+ puts data if $DEBUG | |
tcp_socket.print data | |
# puts "-----------------" | |
@@ -898,6 +903,7 @@ end | |
# puts auth_request | |
data = request.join + "\r\n" | |
+ puts data if $DEBUG | |
tcp_socket.print data | |
# puts "-----------------" | |
response_header = readHTTPHeader(tcp_socket) | |
@@ -946,6 +952,7 @@ end | |
# puts request | |
# puts "------------------------" | |
data = request.join + "\r\n" | |
+ puts data if $DEBUG | |
tcp_socket.print data | |
response_header = readHTTPHeader(tcp_socket) | |
@@ -1036,6 +1043,7 @@ end | |
else | |
data = auth_request.join + "\r\n" | |
+ puts data if $DEBUG | |
tcp_socket.print data | |
response_header = readHTTPHeader(tcp_socket) | |
@@ -1165,9 +1173,9 @@ end | |
# site = request.site | |
@@csrf_lock.synchronize do | |
response.each do |line| | |
- # puts line | |
+ puts line if $DEBUG | |
@session[:csrf_patterns].each do |pat| | |
- puts pat if $DEBUG | |
+ # puts pat if $DEBUG | |
if line =~ /#{pat}/i then | |
token_key = Regexp.quote($1.upcase) | |
token_value = $2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Ad-hoc patchs to https://github.com/miau/watobo-patched
RUBY_OPT=-d watobo_gui.rb