本文整理匯總了Python中lib.core.data.conf.cookie方法的典型用法代碼示例。如果您正苦於以下問題:Python conf.cookie方法的具體用法?Python conf.cookie怎麽用?Python conf.cookie使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類lib.core.data.conf的用法示例。
在下文中一共展示了conf.cookie方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: _setBulkMultipleTargets
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def _setBulkMultipleTargets():
if not conf.bulkFile:
return
conf.bulkFile = safeExpandUser(conf.bulkFile)
infoMsg = "parsing multiple targets list from '%s'" % conf.bulkFile
logger.info(infoMsg)
if not os.path.isfile(conf.bulkFile):
errMsg = "the specified bulk file "
errMsg += "does not exist"
raise SqlmapFilePathException(errMsg)
found = False
for line in getFileItems(conf.bulkFile):
if re.match(r"[^ ]+\?(.+)", line, re.I) or CUSTOM_INJECTION_MARK_CHAR in line:
found = True
kb.targets.add((line.strip(), conf.method, conf.data, conf.cookie, None))
if not found and not conf.forms and not conf.crawlDepth:
warnMsg = "no usable links found (with GET parameters)"
logger.warn(warnMsg) 示例2: maskSensitiveData
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def maskSensitiveData(msg):
"""
Masks sensitive data in the supplied message
"""
retVal = getUnicode(msg)
for item in filter(None, map(lambda x: conf.get(x), ("hostname", "data", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "rFile", "wFile", "dFile"))):
regex = SENSITIVE_DATA_REGEX % re.sub("(\W)", r"\\\1", getUnicode(item))
while extractRegexResult(regex, retVal):
value = extractRegexResult(regex, retVal)
retVal = retVal.replace(value, '*' * len(value))
if not conf.get("hostname"):
match = re.search(r"(?i)sqlmap.+(-u|--url)(\s+|=)([^ ]+)", retVal)
if match:
retVal = retVal.replace(match.group(3), '*' * len(match.group(3)))
if getpass.getuser():
retVal = re.sub(r"(?i)\b%s\b" % re.escape(getpass.getuser()), "*" * len(getpass.getuser()), retVal)
return retVal 示例3: __init__
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def __init__(self):
Cmd.__init__(self)
os.system("clear")
banner()
conf.url = None
conf.urlFile = None
conf.cookie = None
#隨機ua的實現
#conf.randomAgent = False
conf.threads = 1
#是否需要html報告
conf.report = None
conf.timeout = 3
conf.httpHeaders = HTTP_DEFAULT_HEADER
self.prompt = "ZEROScan > " 示例4: _setBulkMultipleTargets
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def _setBulkMultipleTargets():
if not conf.bulkFile:
return
conf.bulkFile = safeExpandUser(conf.bulkFile)
infoMsg = "parsing multiple targets list from '%s'" % conf.bulkFile
logger.info(infoMsg)
if not os.path.isfile(conf.bulkFile):
errMsg = "the specified bulk file "
errMsg += "does not exist"
raise SqlmapFilePathException(errMsg)
found = False
for line in getFileItems(conf.bulkFile):
if re.match(r"[^ ]+\?(.+)", line, re.I) or kb.customInjectionMark in line:
found = True
kb.targets.add((line.strip(), conf.method, conf.data, conf.cookie, None))
if not found and not conf.forms and not conf.crawlDepth:
warnMsg = "no usable links found (with GET parameters)"
logger.warn(warnMsg) 示例5: _setHTTPCookies
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def _setHTTPCookies():
"""
Set the HTTP Cookie header
"""
if conf.cookie:
debugMsg = "setting the HTTP Cookie header"
logger.debug(debugMsg)
conf.httpHeaders.append((HTTP_HEADER.COOKIE, conf.cookie)) 示例6: SetOption
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def SetOption(option, value):
"""
@function set the plugin options
:param option: string, 設置項名稱
:param value: string, 設置值
:return:
"""
#TODO
#目標如果在txt文件中,必須將文件放在targets目錄下
if option.upper() == "URL":
path_files = os.listdir(paths.ZEROSCAN_TARGET_PATH)
for tmp_path_file in path_files:
if str(value) in tmp_path_file:
tmp_str = str(value)
if tmp_str[-4:] == '.txt':
conf.urlFile = str(value)
return "%s => %s" % (option, value)
else:
conf.urlFile = str(value)+'.txt'
return "%s => %s" % (option, value)
else:
#這個是要check的
conf.url = str(value)
return "%s => %s" % (option, value)
elif option.upper() == "THREAD":
conf.threads = value
return "%s => %s" % (option, value)
elif option.upper() == "COOKIE":
conf.cookie = str(value)
return "%s => %s" % (option, value)
elif option.upper() == "REPORT":
conf.report = value
return "%s => %s" % (option, value)
else:
return "Invalid option: %s" % option 示例7: ClearConf
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def ClearConf():
"""
@function clear var
:return:
"""
conf.urlFile = ""
conf.url = ""
conf.threads = 1
conf.cookie = ""
conf.report = False 示例8: __setHTTPCookies
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def __setHTTPCookies():
"""
Set the HTTP Cookie header
"""
if conf.cookie:
debugMsg = "setting the HTTP Cookie header"
logger.debug(debugMsg)
conf.httpHeaders.append(("Connection", "Keep-Alive"))
conf.httpHeaders.append(("Cookie", conf.cookie)) 示例9: maskSensitiveData
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def maskSensitiveData(msg):
"""
Masks sensitive data in the supplied message
>>> maskSensitiveData('python sqlmap.py -u "http://www.test.com/vuln.php?id=1" --banner')
u'python sqlmap.py -u *********************************** --banner'
"""
retVal = getUnicode(msg)
for item in filter(None, (conf.get(_) for _ in SENSITIVE_OPTIONS)):
regex = SENSITIVE_DATA_REGEX % re.sub(r"(\W)", r"\\\1", getUnicode(item))
while extractRegexResult(regex, retVal):
value = extractRegexResult(regex, retVal)
retVal = retVal.replace(value, '*' * len(value))
# Just in case (for problematic parameters regarding user encoding)
for match in re.finditer(r"(?i)[ -]-(u|url|data|cookie)( |=)(.*?)(?= -?-[a-z]|\Z)", retVal):
retVal = retVal.replace(match.group(3), '*' * len(match.group(3)))
# Fail-safe substitution
retVal = re.sub(r"(?i)\bhttps?://[^ ]+", lambda match: '*' * len(match.group(0)), retVal)
if getpass.getuser():
retVal = re.sub(r"(?i)\b%s\b" % re.escape(getpass.getuser()), '*' * len(getpass.getuser()), retVal)
return retVal 示例10: resetCookieJar
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def resetCookieJar(cookieJar):
"""
Cleans cookies from a given cookie jar
"""
if not conf.loadCookies:
cookieJar.clear()
else:
try:
if not cookieJar.filename:
infoMsg = "loading cookies from '%s'" % conf.loadCookies
logger.info(infoMsg)
content = readCachedFileContent(conf.loadCookies)
lines = filter(None, (line.strip() for line in content.split("\n") if not line.startswith('#')))
handle, filename = tempfile.mkstemp(prefix="sqlmapcj-")
os.close(handle)
# Reference: http://www.hashbangcode.com/blog/netscape-http-cooke-file-parser-php-584.html
with open(filename, "w+b") as f:
f.write("%s\n" % NETSCAPE_FORMAT_HEADER_COOKIES)
for line in lines:
_ = line.split("\t")
if len(_) == 7:
_[4] = FORCE_COOKIE_EXPIRATION_TIME
f.write("\n%s" % "\t".join(_))
cookieJar.filename = filename
cookieJar.load(cookieJar.filename, ignore_expires=True)
for cookie in cookieJar:
if cookie.expires < time.time():
warnMsg = "cookie '%s' has expired" % cookie
singleTimeWarnMessage(warnMsg)
cookieJar.clear_expired_cookies()
if not cookieJar._cookies:
errMsg = "no valid cookies found"
raise SqlmapGenericException(errMsg)
except cookielib.LoadError, msg:
errMsg = "there was a problem loading "
errMsg += "cookies file ('%s')" % re.sub(r"(cookies) file '[^']+'", "\g<1>", str(msg))
raise SqlmapGenericException(errMsg) 示例11: ShowOptions
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def ShowOptions():
"""
@function show the plugin options
:return:插件的options
"""
zspi_to_re = []
zspi_dict_tmp = {}
zsp = PluginBase(package='zsplugins')
plugin_zsp = zsp.make_plugin_source(searchpath=[paths.ZEROSCAN_PLUGINS_PATH])
zspi = plugin_zsp.load_plugin('%s'%(kb.CurrentPlugin))
zspi_tmp = zspi.expInfo()
for list_tmp in zspi_tmp["options"]:
if list_tmp["Name"] == "URL":
if conf.url:
zspi_dict_tmp["Name"] = "URL"
zspi_dict_tmp["Current Setting"] = conf.url
zspi_dict_tmp["Required"] = True
zspi_dict_tmp["Description"] = "URL or URL file"
elif conf.urlFile:
zspi_dict_tmp["Name"] = "URL"
zspi_dict_tmp["Current Setting"] = conf.urlFile
zspi_dict_tmp["Required"] = True
zspi_dict_tmp["Description"] = "URL or URL file"
else:
zspi_dict_tmp["Name"] = "URL"
zspi_dict_tmp["Current Setting"] = ""
zspi_dict_tmp["Required"] = True
zspi_dict_tmp["Description"] = "URL or URL file"
if list_tmp["Name"] == "Thread":
zspi_dict_tmp["Name"] = "Thread"
zspi_dict_tmp["Current Setting"] = conf.threads
zspi_dict_tmp["Required"] = False
zspi_dict_tmp["Description"] = "Threads"
if list_tmp["Name"] == "Cookie":
zspi_dict_tmp["Name"] = "Cookie"
zspi_dict_tmp["Current Setting"] = conf.cookie
zspi_dict_tmp["Required"] = False
zspi_dict_tmp["Description"] = "Cookie"
if list_tmp["Name"] == "Report":
zspi_dict_tmp["Name"] = "Report"
zspi_dict_tmp["Current Setting"] = conf.report
zspi_dict_tmp["Required"] = False
zspi_dict_tmp["Description"] = "do you need a html report?"
_=copy.deepcopy(zspi_dict_tmp)
zspi_to_re.append(_)
return zspi_to_re 示例12: __feedTargetsDict
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def __feedTargetsDict(reqFile, addedTargetUrls):
fp = open(reqFile, "r")
fread = fp.read()
fread = fread.replace("\r", "")
reqResList = fread.split("======================================================")
for request in reqResList:
if not re.search ("^[\n]*(GET|POST).*?\sHTTP\/", request, re.I):
continue
if re.search("^[\n]*(GET|POST).*?\.(gif|jpg|png)\sHTTP\/", request, re.I):
continue
getPostReq = False
url = None
host = None
method = None
data = None
cookie = None
params = False
lines = request.split("\n")
for line in lines:
if len(line) == 0 or line == "\n":
continue
if line.startswith("GET ") or line.startswith("POST "):
if line.startswith("GET "):
index = 4
else:
index = 5
url = line[index:line.index(" HTTP/")]
method = line[:index-1]
if "?" in line and "=" in line:
params = True
getPostReq = True
elif "?" in line and "=" in line and ": " not in line:
data = line
params = True
elif ": " in line:
key, value = line.split(": ", 1)
if key.lower() == "cookie":
cookie = value
elif key.lower() == "host":
host = value
if getPostReq and params:
if not url.startswith("http"):
url = "http://%s%s" % (host, url)
if not kb.targetUrls or url not in addedTargetUrls:
kb.targetUrls.add(( url, method, data, cookie ))
addedTargetUrls.add(url) 示例13: __setGoogleDorking
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def __setGoogleDorking():
"""
This function checks if the way to request testable hosts is through
Google dorking then requests to Google the search parameter, parses
the results and save the testable hosts into the knowledge base.
"""
global proxyHandler
if not conf.googleDork:
return
debugMsg = "initializing Google dorking requests"
logger.debug(debugMsg)
logMsg = "first request to Google to get the session cookie"
logger.info(logMsg)
googleObj = Google(proxyHandler)
googleObj.getCookie()
matches = googleObj.search(conf.googleDork)
if not matches:
errMsg = "unable to find results for your "
errMsg += "Google dork expression"
raise sqlmapGenericException, errMsg
googleObj.getTargetUrls()
if kb.targetUrls:
logMsg = "sqlmap got %d results for your " % len(matches)
logMsg += "Google dork expression, "
if len(matches) == len(kb.targetUrls):
logMsg += "all "
else:
logMsg += "%d " % len(kb.targetUrls)
logMsg += "of them are testable targets"
logger.info(logMsg)
else:
errMsg = "sqlmap got %d results " % len(matches)
errMsg += "for your Google dork expression, but none of them "
errMsg += "have GET parameters to test for SQL injection"
raise sqlmapGenericException, errMsg 示例14: _doSearch
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def _doSearch():
"""
This function performs search dorking, parses results
and saves the testable hosts into the knowledge base.
"""
if not conf.googleDork:
return
kb.data.onlyGETs = None
def retrieve():
links = search(conf.googleDork)
if not links:
errMsg = "unable to find results for your "
errMsg += "search dork expression"
raise SqlmapGenericException(errMsg)
for link in links:
link = urldecode(link)
if re.search(r"(.*?)\?(.+)", link):
kb.targets.add((link, conf.method, conf.data, conf.cookie, None))
elif re.search(URI_INJECTABLE_REGEX, link, re.I):
if kb.data.onlyGETs is None and conf.data is None and not conf.googleDork:
message = "do you want to scan only results containing GET parameters? [Y/n] "
test = readInput(message, default="Y")
kb.data.onlyGETs = test.lower() != 'n'
if not kb.data.onlyGETs or conf.googleDork:
kb.targets.add((link, conf.method, conf.data, conf.cookie, None))
return links
while True:
links = retrieve()
if kb.targets:
infoMsg = "sqlmap got %d results for your " % len(links)
infoMsg += "search dork expression, "
if len(links) == len(kb.targets):
infoMsg += "all "
else:
infoMsg += "%d " % len(kb.targets)
infoMsg += "of them are testable targets"
logger.info(infoMsg)
break
else:
message = "sqlmap got %d results " % len(links)
message += "for your search dork expression, but none of them "
message += "have GET parameters to test for SQL injection. "
message += "Do you want to skip to the next result page? [Y/n]"
test = readInput(message, default="Y")
if test[0] in ("n", "N"):
raise SqlmapSilentQuitException
else:
conf.googlePage += 1 示例15: resetCookieJar
# 需要導入模塊: from lib.core.data import conf [as 別名]
# 或者: from lib.core.data.conf import cookie [as 別名]
def resetCookieJar(cookieJar):
"""
Cleans cookies from a given cookie jar
"""
if not conf.loadCookies:
cookieJar.clear()
else:
try:
if not cookieJar.filename:
infoMsg = "loading cookies from '%s'" % conf.loadCookies
logger.info(infoMsg)
content = readCachedFileContent(conf.loadCookies)
lines = filter(None, (line.strip() for line in content.split("\n") if not line.startswith('#')))
handle, filename = tempfile.mkstemp(prefix="sqlmapcj-")
os.close(handle)
# Reference: http://www.hashbangcode.com/blog/netscape-http-cooke-file-parser-php-584.html
with openFile(filename, "w+b") as f:
f.write("%s\n" % NETSCAPE_FORMAT_HEADER_COOKIES)
for line in lines:
_ = line.split("\t")
if len(_) == 7:
_[4] = FORCE_COOKIE_EXPIRATION_TIME
f.write("\n%s" % "\t".join(_))
cookieJar.filename = filename
cookieJar.load(cookieJar.filename, ignore_expires=True)
for cookie in cookieJar:
if cookie.expires < time.time():
warnMsg = "cookie '%s' has expired" % cookie
singleTimeWarnMessage(warnMsg)
cookieJar.clear_expired_cookies()
if not cookieJar._cookies:
errMsg = "no valid cookies found"
raise SqlmapGenericException(errMsg)
except cookielib.LoadError, msg:
errMsg = "there was a problem loading "
errMsg += "cookies file ('%s')" % re.sub(r"(cookies) file '[^']+'", "\g<1>", str(msg))
raise SqlmapGenericException(errMsg)