Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

魔改增加功能,便于盲注 #25

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
+117 −47
Open

魔改增加功能,便于盲注 #25

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
98d2860
为http() 增加了 params 参数,支持以 dict 形式传入query string
Mar 4, 2022
ed4027a
还原误删的代码
Mar 11, 2022
31d9fc1
当post是str的时候,取消urlencode
Mar 18, 2022
25573a4
还原误删的代码
Mar 18, 2022
22e1ac7
post的content-type改为默认用 application/x-www-form-urlencoded
Mar 18, 2022
560613f
删除没用的代码
Mar 18, 2022
11406a5
copy a function from requests to process ivalid characters in url
Apr 8, 2022
9a7f7c7
增加了timeout 参数
Apr 9, 2022
bc7818c
更改readme,当post data 是 str 的时候,会对非法字符进行 urlencode
Apr 9, 2022
b967285
update
May 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
update
1nhann committed May 24, 2022
commit b9672852392baee4c0c2fbaa7b9310b5a8f6cd85
54 changes: 31 additions & 23 deletions HackRequests/HackRequests.py
View file
Original file line number Diff line number Diff line change
@@ -195,7 +195,7 @@ def _send_output_hook(*args, **kwargs):

return _send_output_hook

def httpraw(self, raw: str, **kwargs):
def httpraw(self, raw: bytes, **kwargs):
raw = raw.strip()
proxy = kwargs.get("proxy", None)
real_host = kwargs.get("real_host", None)
@@ -209,19 +209,19 @@ def httpraw(self, raw: str, **kwargs):
port = 443

try:
index = raw.index('\n')
index = raw.index(b'\n')
except ValueError:
raise Exception("ValueError")
log = {}
try:
method, path, protocol = raw[:index].split(" ")
method, path, protocol = raw[:index].decode().split(" ")
except:
raise Exception("Protocol format error")
raw = raw[index + 1:]

try:
host_start = raw.index("Host: ")
host_end = raw.index('\n', host_start)
host_start = raw.index(b"Host: ")
host_end = raw.index(b'\n', host_start)

except ValueError:
raise ValueError("Host headers not found")
@@ -231,7 +231,7 @@ def httpraw(self, raw: str, **kwargs):
if ":" in real_host:
host, port = real_host.split(":")
else:
host = raw[host_start + len("Host: "):host_end]
host = raw[host_start + len(b"Host: "):host_end].decode()
if ":" in host:
host, port = host.split(":")
raws = raw.splitlines()
@@ -244,20 +244,22 @@ def httpraw(self, raw: str, **kwargs):

index = 0
for r in raws:
if r == "":
if r == b"":
break
try:
k, v = r.split(": ")
k, v = r.split(b": ")
except:
k = r
v = ""
v = b""
headers[k] = v
index += 1
headers["Connection"] = "close"
headers[b"Connection"] = b"close"
if b"Content-Length" in headers:
headers.pop(b"Content-Length")
if len(raws) < index + 1:
body = ''
body = b''
else:
body = '\n'.join(raws[index + 1:]).lstrip()
body = b'\n'.join(raws[index + 1:]).lstrip()

urlinfo = scheme, host, int(port), path

@@ -270,17 +272,17 @@ def httpraw(self, raw: str, **kwargs):
conn.putrequest(method, path, skip_host=True, skip_accept_encoding=True)
for k, v in headers.items():
conn.putheader(k, v)
if body and "Content-Length" not in headers and "Transfer-Encoding" not in headers:
if body and b"Content-Length" not in headers and b"Transfer-Encoding" not in headers:
length = conn._get_content_length(body, method)
conn.putheader("Content-Length", length)
conn.putheader(b"Content-Length", length)
conn.endheaders()
if body:
if headers.get("Transfer-Encoding", '').lower() == "chunked":
body = body.replace('\r\n', '\n')
body = body.replace('\n', '\r\n')
body = body + "\r\n" * 2
log["request"] += "\r\n" + body
conn.send(body.encode('utf-8'))
if headers.get(b"Transfer-Encoding", b'').lower() == b"chunked":
body = body.replace(b'\r\n', b'\n')
body = body.replace(b'\n', b'\r\n')
body = body + b"\r\n" * 2
log["request"] += "\r\n" + body.decode()
conn.send(body)
rep = conn.getresponse()
except socket.timeout:
raise HackError("socket connect timeout")
@@ -517,6 +519,9 @@ def __init__(self, threadnum, callback, timeout=10):
self.isContinue = True
self.thread_count_lock = threading.Lock()
self._callback = callback

def set_callback(self,callback):
self._callback = callback

def push(self, payload):
self.queue.put(payload)
@@ -551,10 +556,13 @@ def http(self, url, **kwargs):
func = self.hack.http
self.queue.put({"func": func, "url": url, "kw": kwargs})

def httpraw(self, raw: str, ssl: bool = False, proxy=None, location=True):
def httpraw(self, raw: str, ssl: bool = False, proxy=None, location=True,real_host=None):
func = self.hack.httpraw
self.queue.put({"func": func, "raw": raw, "ssl": ssl,
"proxy": proxy, "location": location})
params = {"func": func, "raw": raw, "ssl": ssl,
"proxy": proxy, "location": location}
if real_host != None:
params.update({"real_host":real_host})
self.queue.put(params)

def scan(self):
while 1: