From 3dc4606922a8961aedc184b0d1181f8dff74a422 Mon Sep 17 00:00:00 2001 From: Raoul Scholtes Date: Fri, 3 Jul 2020 19:38:03 +0200 Subject: [PATCH] Several Fixes --- .../methods/__pycache__/cookie.cpython-37.pyc | Bin 3528 -> 3601 bytes .../__pycache__/filecheck.cpython-37.pyc | Bin 926 -> 963 bytes .../methods/__pycache__/inpath.cpython-37.pyc | Bin 3101 -> 3133 bytes core/methods/__pycache__/loot.cpython-37.pyc | Bin 1461 -> 1461 bytes core/methods/__pycache__/query.cpython-37.pyc | Bin 3205 -> 3274 bytes core/methods/cookie.py | 4 ++++ core/methods/filecheck.py | 2 ++ core/methods/inpath.py | 2 ++ core/methods/query.py | 4 ++++ 9 files changed, 12 insertions(+) diff --git a/core/methods/__pycache__/cookie.cpython-37.pyc b/core/methods/__pycache__/cookie.cpython-37.pyc index 9b15b8a751ea91bc7136f7e5dc59d247fac0594d..5678391a7bdd1b8539ebe43561cd7ba0a4a4a7ca 100644 GIT binary patch delta 1600 zcmb_c&5ImG6tAl8>F@68p4rS~G`J8y;;wPS#?^#1kg!G>AuNFeCWPInYq@b}!ot+F z>maX~!zy@C80o8r9`N8bD0=rKh*u9w&VmR10|YVe)y$3}<{&sj{p!`LSM@&X_xk(C zKRXp~#BspzcmL*}cXsZ_%l7Cy&KR(gNj~9&8sL0^X_oUtrroM*?f)hf7MQC2{pfzxCY!P!*O>9IqdLA7)sgH&3()`W95Z0GJ(wtYp{rl*Tv?8T7@ z?k`)YO>O(%beOE@`tS>=;+fC4ES>38*K!ZCu7AkOKspl)dT^1}((Q@4?2)YOJVf6C zq=y!*z{6NViUMlV>XA-@UpgbGky84)o=17yO=QqyI9Cm(O(sK>W=@ZHNC!9$@#L8I z?GA&;)F*~t>d1>aq{xd; zpavQ8p$2s+aIW{2;l%>@cUe!UpKw3H8etXn2?)Bjp~_rm=rW5yH()`OPSN(3M*lE_ z=8Rc?GsRbIz{y=fkJf+C!2pMNfeAF)61t&Vb9XIrle^I9ddL@F+J-NZ*0O>e5$akV z;B7IqkRz5_ALU^lbz_Ny#u?+6u8}Yc=@}_T$)D?pDaP*D$$W=66LpC_(Oiet(3)}v zTy$<@kKxS__RK2JVASYhiHs6UCgV>nWNU~S8=c{9R5~U^3=U@^=`>JsILq{S$B+~q z(z*TLOx9J*+EU)5(j5KodH%QHNBBd6LAZieH0O{&cYzo__s=dWKYjfci_F zA)u~P&k`&VvGzX9=D!J_AEIv^`ZTC^@o{{a GFFgd23|fN# delta 1453 zcmb_cO^6&t6t3#->F(*Sp6TgcXB=E2tcg3DA2iuyjf)xyAqEdiFo6MaO#;P6dxFrt ztqk(YISd|!kp@peX26pd2_8Ip@ep$JDth&p!ydfk5WlLPT}1IB&QM>!_v+QF_uluq zzg&IzTy!~#0*2q?x1PSw9z-Xd$+w)bl1-WN?lR?LHHnjV3u|r>Tky^6BBpF3n> z-|ex5#jA&oST`4`4z=eE>QF4LJ$u198(%BkD{S{omDIZn*HrAM92pYnNAHWo;B|G3trJF<>sZ)6n*Wq_Llil=sQKtA#abq173 zYh+ zv6l=6=x~T7D427@9eA19;{iF~&fYzyTF|;=8%?M-n2cdz6jK9C+Qn-#Yy3O;*td3n zRUPn}z$XQ-DaGLRQ%a}&>N~&JGfCHW>e91&mgXRTRQ=}nCUvB~j!?SP%{*}GOUwy)d`Iij z0jKCm*~Hn1`coSP4a%SlGa(zGBg`UDgt3E!9HnO@0m(nIX+n+P;T?xN6T@woX_mp} zG6dYIUvo+!n3@N^_(SQ)6WcXxbckN>OAe=BoxROf%m{-4R8BNzQzU8dchC%Tvg|4R?jy41QS z(~GEh#`9IYF4u<`STlZc{s#1yvDRPV#p-i$I=BsS|0aM{KZ=|DYPAym;BG@Lu2w%s Hm-zahHS$A> diff --git a/core/methods/__pycache__/filecheck.cpython-37.pyc b/core/methods/__pycache__/filecheck.cpython-37.pyc index c8decabc4cbe57e527137cedace0c57076a182d3..2f7a7e6caba226d88cf6aee5eb0ab41786d869ec 100644 GIT binary patch delta 274 zcmbQoewdxliIKTjY~&MSWSlZtkx{Zfg&~`%NGXM}h9RE0h9Qe(0nX8kTH!Ak7S=S)ep4lxBm{>=3$!38cS<6{M$xwT7vg5y4O4fU03h z;ml^PWvgKeX3*s1@~dJkElJb0n7o?tD65oHSu*lX{=noR zAp~+gBO4R;B-pD7!$k;Mjkx{aK0ns>Pb-~#f$_N*>n--={JfIXypmhY#U(|zSab5rQ;Q~FXR>7Eoh-=gA;Jf8 zIwKn+48z0_lX4fY=Ck zf}M?6i@hJf(#kKPjn4TfUD%zO-|qfrX7_sbaaMMv^nl03_UFO-y?k;;ZwNq;gT?~S zTEuo444i;*c#0IqVBFNoZGr;(72{<%yrb$mWVnB0d~KP4$t49;8DNIVi?)r_6%!8U zD5PM3$tg+lSyNJ|D{RAfr&sFNnb*{GRW#PDepOdFb?w|TEo$Yp0!*8L8Vaa==#ZNW zY8PlCs^>06)YSH|T_D2nDD|cjF+ciGVdg&t>ij6g&pptNQNt^$ufu+}XPd}0O(*p! z>IY-Yr4|J@cD7r_+8tQjAiiZzx9=`zHZGT+= delta 469 zcmZ{hze~eF6vy97TJt+?n#2@!D0Xt|q>~_0&`CsxF1A8BDx_0lh7RxOkXZ;6q>GR^ zyGR!u)WyNsKgUHcRmUE@d-p!aeee73UYd7J>(H`v5aapid+_mSy(z;_1h@jOh)@$q zfoloo54^-_!hW&ePFyy8nw`5Xfj2Xu7OyU-kxjoq;o6IrB1G32218$Mc zWRdNtJ3CM}_c5%n3IVI$NW4LfyjlQv38)?bxtD9Cp0Sp@?C delta 20 acmdnWy_K8WiI diff --git a/core/methods/__pycache__/query.cpython-37.pyc b/core/methods/__pycache__/query.cpython-37.pyc index 1d21b3b4a9333b0b8495a85124858c7a9a918d29..0cd22ed39eb7d3a5cae8c54d195e64811f15fba9 100644 GIT binary patch literal 3274 zcmcgu&u<(_6|U;;neOTN;rV5cotR}#th}4G7ZY}uB)hD#*&r_7$Q#AdWW8oQ)sAP} z^TX9`$2Qd~gb~_9K$Zv+2M#k5LIQ~kLY(%*nFCx9s$)3qKfu94g74LgCkX^N!PxcH zd#|eNb-nKTzP_2y`wYK7-u?T>f37h07jiCs7L0e%qHh5NYcRou74ojtusGRvXg6&1 zPUv(~jg*O{!gSYdxLvQ|89yCnx_-kqwi{-4{j>o31rU%rmMPEP$woor*)m!}quTtw?8elg`bO`19vR{h%4x-uO`$ba(q z(UZsDxj$&eyRmE@Zj$rKCc=+l(f^M>tKVz3d*Shi7;pFd&vCgejSwb{MpFgVr7#PxK%5XkN=a2rRgWmPLCH zEqY=zrq~eW9`UHG(7(wN_JAcmS~ljVEXl>z&{k~3J5G{6vyXnMoLlV7-W(hPR{=iCVsy0lISTe7e zn#Jt-Em!4+o|+%=WI_6B{5_oUeQSfASx47Y6_v6!U;oHT7O=jr7CPBeKFkSk#Lsy28}dbF&pNZ@ zuj4#+kymr4HtPIYT!?2nMd8;N`VuOZH5O_na>gpc%1>jc=Xl;lj_C+0ijfLtqt38s z1*-l+$E~qbR7|Ae)c9_9RMS*)5uLz`jq+F9d zUW`zT)*8+#i}H>@2n%dDr$7cHya}`(>h;J}qJ&D=^3(t0-v6ij>RnaoGn|RZe#*ld z?Q(>7eOk5oizhLT(DR^bY_R?94W^3b3>Ek9z`u!h6)|6BcPx-!W$m1=e9m#=H9O~D zKj&|2`y21y1&yS;LA=`++CGq>=Bw>xOgc&5|K{554>nIy^)P7eow)V!?<5<=&G;~S zt<@L7Ij=XIs2v9<&iz5S+5Qn-nEH02uGN9c0URlmIxcAC;-dGf!LZ5anvYJLqx~h$1xU2?eq_NqTyim zNOLTRt*>eu%W8*GXf8BwYmXEmkP-Zj&Q7Xjs6B92yNl(a^6zP{QNhN~z1b}g$d)&ca zn&)@{f6fFQGm?Yv@kKM{A>#9*M;qtFgo4jz6 z0@S9Ua!{KA_%aKX$*Y2J&=>aa8MT=aDWfuJoGx&rqMj6{XjH|8s(4V9k}4ThfkrAY znJPn7@-#Q8s0`Gl40Wlh88BZJYG&`)#8pR~*oV4oC$lfeLE1!l#_IK=JahjokD49l z+5gi96PcuT^fNVsd_VojPO3>InT@lm+Q~sf@F`?8$S)8O$;g)o>I7c| zEX|LX_!0$PCU}+L6+pu!dcZfDd>x+lretA0*$hX>*J$!G!79O*3BE#bmEfxcbW-J8 z1YaX~li(V`b%GlNR|tp)#_$d-JuiYdkll7Kn6lKCIsNMxjqU;d`P9>yCk`Mkpc6k2 zpH4TmBHH3Jeih?I{t6<*20pwSn1^dE`7Tyon$hmomgu*(wi;C;pydexEl<8@pFS0x zHRI;nHX74-!9)(5vfbPU6H5mxnkUnkdv2}i$F6xqjnZ?2VZR?61sE5Q?&_HmnPQnb dc{jR!aS#UY(906h>*QEDQ-LC?kh8rv{sGUs|L6b! literal 3205 zcmcgu&u=706|U;;neOTN>6x*|-Zjw(5rLD%UW_4OcUchGB;w+%oE4U4*Kx*E?e)y` z{BU*KYny5m$q}a@jl{wUMPrFWIB?~Z6XJ;Y1M0vb$t5`)c!)!0t$U*l+=6%-43twb$F9`c>wvs#gJ<|BQ zbX}`M`1N}I>o3<=Z{l7jqkgSUx>4(^GmUyKy>;Wi47o``GviXL-J$$oSa~+>fEr|5qQ^f6{FC!_&9X-|qXLR$Pynd8?$qkKA0$P=lM+1dsgg={ z`N)3@*S2`echrgE~ZDyr1w@=TT0+$$_8tBT;bR}SCZrrcGPdC0n!{6g5u zsxjfzm@1cQ7y4J{&AI3S%A+HwBZB+TAI3E`} zMUkm7+)JpJZ?rjRS)-w5A~*A)nv=N89J8Lh(NJlD$|8nFpxQ5W(lvIDdMOv#Z>fS= z1;1;oxI+CC-#NCa@=;+EK^0cnv1i^6?=Ts0l3P%&=^QV6$VX$1tIDFh7hLcqHl9}i zfeU;GG~S3Go|sCMPzhVc|HrxiPv_O&Q0WnuC)4@NjTdN^7x>a=RjXaD#Kc4ELDkr1 zhj+J`Dw!QrI=l`0I@(v^^Hp}=0??H=Kj+xmnmyq^c*4K0?KfY)2fRr4g7{z{w0$H) z&DYzj2s%sO|MBJS56Ap1JkOb(W3dW_%odvo#RG6JBpPQ9BOKocqIYr~ONM zF!j?!-KeiDN&<21$>8uPh~h}w4}(~{twBEy`cSqee(errFl@>|7AV|_g1*q{=5R=N zJBp5wFB zwgR2rAIM%aM(k@V%hQ~g_PTbv!Re!c6gov18EHqfWu#Lg7{&+MJr3mFAPO3m2pe-z z01%A>u{*`ts8OD|2yORHV+@em9~|{X!@=m0<`@uDU)MH<)efc5Txj0b9szzJBiJ3C zomR^rcM64*rN5!xGqW!%9p&2zkfpEH#X_qhk31G#MaJa~LwvV30WB}7ea zUdHbQ*d1Oq{(Fe-z}~Xb{8ji&wiYc1U5jX>8aZ?fy$qWgP1RX&nojqg@ zV#Shq(g_pZkVQxXN(Nx=O~6K$D6V2qM$S=inFLOfOjb$Elb`|Q0*M-l6bbqO4vAMue2>Hp5-*XUeLfMlpy@>s#DVO!`@sx_cFpd- zi{5Ap;@MqIdz$w6<&IvQ?q1r#CA8&d>?-0){3Up3xBIYeVW;C+OWww)D@E<@?utQc zceha`a9N##%j)zf`gBEf*7TcWX*7Z8g7F+TWxKftl$8!fG^^5Bcy6rOIn^vrWA3@m ta4?7sx=)HnZ}m)hOrcDTyj#72I0}Q?^kqc!y*O6RU|Ifunction.main" not in conn and "[function.include" not in conn and ("failed opening" not in conn and "for inclusion" not in conn) and "failed to open stream:" not in conn and "open_basedir restriction in effect" not in conn diff --git a/core/methods/inpath.py b/core/methods/inpath.py index 664f2ee..99bfa71 100644 --- a/core/methods/inpath.py +++ b/core/methods/inpath.py @@ -77,6 +77,8 @@ def inpath(url,url2,keyword,files,dirs,depth,verbose,dl,selected_payloads, selec def determine_payloads_inpath(url,url2,keyword,verbose,depth,paylist,file): + if not url.endswith("/"): + url += "/" payloads = [] nullbytes = [] s = session() diff --git a/core/methods/query.py b/core/methods/query.py index f1d26ba..0371b6c 100644 --- a/core/methods/query.py +++ b/core/methods/query.py @@ -26,6 +26,8 @@ def query(url,url2,keyword,files,dirs,depth,verbose,dl, selected_payloads, selected_nullbytes): + if not url.endswith("/"): + url += "/" found=[] urls = [] s = session() @@ -78,6 +80,8 @@ def query(url,url2,keyword,files,dirs,depth,verbose,dl, selected_payloads, selec return (found, urls) def determine_payloads_query(url,url2,keyword,verbose,depth,paylist, file): + if not url.endswith("/"): + url += "/" payloads = [] nullbytes = [] s = session()