本文整理汇总了Python中golismero.api.net.http.HTTP.make_raw_request方法的典型用法代码示例。如果您正苦于以下问题:Python HTTP.make_raw_request方法的具体用法?Python HTTP.make_raw_request怎么用?Python HTTP.make_raw_request使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类golismero.api.net.http.HTTP
的用法示例。
在下文中一共展示了HTTP.make_raw_request方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: http_analyzers
# 需要导入模块: from golismero.api.net.http import HTTP [as 别名]
# 或者: from golismero.api.net.http.HTTP import make_raw_request [as 别名]
def http_analyzers(main_url, update_status_func, number_of_entries=4):
"""
Analyze HTTP headers for detect the web server. Return a list with most possible web servers.
:param main_url: Base url to test.
:type main_url: str
:param update_status_func: function used to update the status of the process
:type update_status_func: function
:param number_of_entries: number of resutls tu return for most probable web servers detected.
:type number_of_entries: int
:return: Web server family, Web server version, Web server complete description, related web servers (as a dict('SERVER_RELATED' : set(RELATED_NAMES))), others web server with their probabilities as a dict(CONCRETE_WEB_SERVER, PROBABILITY)
"""
# Load wordlist directly related with a HTTP fields.
# { HTTP_HEADER_FIELD : [wordlists] }
m_wordlists_HTTP_fields = {
"Accept-Ranges" : "accept-range",
"Server" : "banner",
"Cache-Control" : "cache-control",
"Connection" : "connection",
"Content-Type" : "content-type",
"WWW-Authenticate" : "htaccess-realm",
"Pragma" : "pragma",
"X-Powered-By" : "x-powered-by"
}
m_actions = {
'GET' : { 'wordlist' : 'Wordlist_get' , 'weight' : 1 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': '/' },
'LONG_GET' : { 'wordlist' : 'Wordlist_get_long' , 'weight' : 1 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': '/%s' % ('a' * 200) },
'NOT_FOUND' : { 'wordlist' : 'Wordlist_get_notfound' , 'weight' : 2 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': '/404_NOFOUND__X02KAS' },
'HEAD' : { 'wordlist' : 'Wordlist_head' , 'weight' : 3 , 'protocol' : 'HTTP/1.1', 'method' : 'HEAD' , 'payload': '/' },
'OPTIONS' : { 'wordlist' : 'Wordlist_options' , 'weight' : 2 , 'protocol' : 'HTTP/1.1', 'method' : 'OPTIONS' , 'payload': '/' },
'DELETE' : { 'wordlist' : 'Wordlist_delete' , 'weight' : 5 , 'protocol' : 'HTTP/1.1', 'method' : 'DELETE' , 'payload': '/' },
'TEST' : { 'wordlist' : 'Wordlist_attack' , 'weight' : 5 , 'protocol' : 'HTTP/1.1', 'method' : 'TEST' , 'payload': '/' },
'INVALID' : { 'wordlist' : 'Wordlist_wrong_method' , 'weight' : 5 , 'protocol' : 'HTTP/9.8', 'method' : 'GET' , 'payload': '/' },
'ATTACK' : { 'wordlist' : 'Wordlist_wrong_version' , 'weight' : 2 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': "/etc/passwd?format=%%%%&xss=\x22><script>alert('xss');</script>&traversal=../../&sql='%20OR%201;"}
}
# Store results for others HTTP params
m_d = ParsedURL(main_url)
m_hostname = m_d.hostname
m_port = m_d.port
m_debug = False # Only for develop
# Counter of banners. Used when others methods fails.
m_banners_counter = Counter()
# Score counter
m_counters = HTTPAnalyzer(debug=m_debug)
# Var used to update the status
m_data_len = len(m_actions)
i = 1 # element in process
for l_action, v in m_actions.iteritems():
if m_debug:
print "###########"
l_method = v["method"]
l_payload = v["payload"]
l_proto = v["protocol"]
l_wordlist = v["wordlist"]
# Each type of probe hast different weight.
#
# Weights go from 0 - 5
#
l_weight = v["weight"]
# Make the URL
l_url = urljoin(main_url, l_payload)
# Make the raw request
#l_raw_request = "%(method)s %(payload)s %(protocol)s\r\nHost: %(host)s:%(port)s\r\nConnection: Close\r\n\r\n" % (
l_raw_request = "%(method)s %(payload)s %(protocol)s\r\nHost: %(host)s\r\n\r\n" % (
{
"method" : l_method,
"payload" : l_payload,
"protocol" : l_proto,
"host" : m_hostname,
"port" : m_port
}
)
if m_debug:
print "REQUEST"
print l_raw_request
# Do the connection
l_response = None
try:
m_raw_request = HTTP_Raw_Request(l_raw_request)
discard_data(m_raw_request)
l_response = HTTP.make_raw_request(
host = m_hostname,
port = m_port,
raw_request = m_raw_request,
#.........这里部分代码省略.........
示例2: http_simple_analyzer
# 需要导入模块: from golismero.api.net.http import HTTP [as 别名]
# 或者: from golismero.api.net.http.HTTP import make_raw_request [as 别名]
def http_simple_analyzer(main_url, update_status_func, number_of_entries=4):
"""Simple method to get fingerprint server info
:param main_url: Base url to test.
:type main_url: str
:param update_status_func: function used to update the status of the process
:type update_status_func: function
:param number_of_entries: number of resutls tu return for most probable web servers detected.
:type number_of_entries: int
:return: a typle as format: Web server family, Web server version, Web server complete description, related web servers (as a dict('SERVER_RELATED' : set(RELATED_NAMES))), others web server with their probabilities as a dict(CONCRETE_WEB_SERVER, PROBABILITY)
"""
m_actions = {
'GET' : { 'wordlist' : 'Wordlist_get' , 'weight' : 1 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': '/' },
'LONG_GET' : { 'wordlist' : 'Wordlist_get_long' , 'weight' : 1 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': '/%s' % ('a' * 200) },
'NOT_FOUND' : { 'wordlist' : 'Wordlist_get_notfound' , 'weight' : 2 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': '/404_NOFOUND__X02KAS' },
'HEAD' : { 'wordlist' : 'Wordlist_head' , 'weight' : 3 , 'protocol' : 'HTTP/1.1', 'method' : 'HEAD' , 'payload': '/' },
'OPTIONS' : { 'wordlist' : 'Wordlist_options' , 'weight' : 2 , 'protocol' : 'HTTP/1.1', 'method' : 'OPTIONS' , 'payload': '/' },
'DELETE' : { 'wordlist' : 'Wordlist_delete' , 'weight' : 5 , 'protocol' : 'HTTP/1.1', 'method' : 'DELETE' , 'payload': '/' },
'TEST' : { 'wordlist' : 'Wordlist_attack' , 'weight' : 5 , 'protocol' : 'HTTP/1.1', 'method' : 'TEST' , 'payload': '/' },
'INVALID' : { 'wordlist' : 'Wordlist_wrong_method' , 'weight' : 5 , 'protocol' : 'HTTP/9.8', 'method' : 'GET' , 'payload': '/' },
'ATTACK' : { 'wordlist' : 'Wordlist_wrong_version' , 'weight' : 2 , 'protocol' : 'HTTP/1.1', 'method' : 'GET' , 'payload': "/etc/passwd?format=%%%%&xss=\x22><script>alert('xss');</script>&traversal=../../&sql='%20OR%201;"}
}
m_d = ParsedURL(main_url)
m_hostname = m_d.hostname
m_port = m_d.port
m_debug = False # Only for develop
i = 0
m_counters = HTTPAnalyzer()
m_data_len = len(m_actions) # Var used to update the status
m_banners_counter = Counter()
for l_action, v in m_actions.iteritems():
if m_debug:
print "###########"
l_method = v["method"]
l_payload = v["payload"]
l_proto = v["protocol"]
#l_wordlist = v["wordlist"]
# Each type of probe hast different weight.
#
# Weights go from 0 - 5
#
l_weight = v["weight"]
# Make the raw request
l_raw_request = "%(method)s %(payload)s %(protocol)s\r\nHost: %(host)s\r\n\r\n" % (
{
"method" : l_method,
"payload" : l_payload,
"protocol" : l_proto,
"host" : m_hostname,
"port" : m_port
}
)
if m_debug:
print "REQUEST"
print l_raw_request
# Do the connection
l_response = None
try:
m_raw_request = HTTP_Raw_Request(l_raw_request)
discard_data(m_raw_request)
l_response = HTTP.make_raw_request(
host = m_hostname,
port = m_port,
raw_request = m_raw_request,
callback = check_raw_response)
if l_response:
discard_data(l_response)
except NetworkException,e:
Logger.log_error_more_verbose("Server-Fingerprint plugin: No response for URL (%s) with method '%s'. Message: %s" % (m_hostname, l_method, str(e)))
continue
if not l_response:
Logger.log_error_more_verbose("No response for host '%s' with method '%s'." % (m_hostname, l_method))
continue
if m_debug:
print "RESPONSE"
print l_response.raw_headers
# Update the status
update_status_func((float(i) * 100.0) / float(m_data_len))
Logger.log_more_verbose("Making '%s' test." % l_method)
i += 1
# Analyze for each wordlist
#
# Store the server banner
try:
m_banners_counter[l_response.headers["Server"]] += l_weight
except KeyError:
#.........这里部分代码省略.........