Archives/patator
2
0
Fork 0
mirror of https://github.com/lanjelot/patator synced 2024-11-10 01:13:31 +00:00
Code Issues Projects Releases Wiki Activity

Fixes #116

Browse Source
This commit is contained in:
lanjelot 2019-06-27 16:11:22 +10:00
parent 13eadce953
commit 53ace4f7e7
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Vagrantfile vendored
View File

@ -16,6 +16,7 @@ apt-get install -y ldap-utils # ldapsearch
apt-get install -y libmysqlclient-dev # mysqlclient-python
apt-get install -y ike-scan unzip default-jdk
apt-get install -y libsqlite3-dev libsqlcipher-dev # pysqlcipher
apt-get install -y libpq-dev # psycopg2
# xfreerdp
apt-get install -y git-core cmake xsltproc libssl-dev libx11-dev libxext-dev libxinerama-dev libxcursor-dev libxdamage-dev libxv-dev libxkbfile-dev libasound2-dev libcups2-dev libxml2 libxml2-dev libxrandr-dev libxi-dev libgstreamer-plugins-base1.0-dev

16
patator.py
View File

@ -1053,6 +1053,15 @@ def md5hex(plain):
def sha1hex(plain):
return hashlib.sha1(plain).hexdigest()
def html_unescape(s):
if PY3:
import html
return html.unescape(s)
else:
from HTMLParser import HTMLParser
h = HTMLParser()
return h.unescape(h)
# I rewrote itertools.product to avoid memory over-consumption when using large wordlists
def product(xs, *rest):
if len(rest) == 0:
@ -1456,6 +1465,7 @@ Please read the README inside for more examples and usage information.
wlists = {}
kargs = []
for arg in args: # ('host=NET0', '0=10.0.0.0/24', 'user=COMBO10', 'password=COMBO11', '1=combos.txt', 'name=google.MOD2', '2=TLD')
logger.debug('arg: %r' % arg)
for k, v in self.expand_key(arg):
logger.debug('k: %s, v: %s' % (k, v))
@ -3707,6 +3717,10 @@ class HTTP_fuzz(TCP_Cache):
mark, regex = be.split(':', 1)
val = re.search(regex, response.getvalue(), re.M).group(1)
if auto_urlencode == '1':
val = html_unescape(val)
val = quote(val)
header = header.replace(mark, val)
query = query.replace(mark, val)
body = body.replace(mark, val)
@ -4039,7 +4053,7 @@ class VNC_login:
'''Brute-force VNC'''
usage_hints = (
'''%prog host=10.0.0.1 password=FILE0 0=passwords.txt -t 1 -x retry:fgrep!='Authentication failure' --max-retries -1 -x quit:code=0''',
'''%prog host=10.0.0.1 password=FILE0 0=passwords.txt -t 1 -x 'retry:fgrep!=Authentication failure' --max-retries -1 -x quit:code=0''',
)
available_options = (