| 5 | import utils.config |
| 6 | |
| 7 | class Channel: |
| 8 | |
| 9 | def __init__(self, args): |
| 10 | |
| 11 | self.args = args |
| 12 | |
| 13 | # Consider # as part of the query string, end encode \n |
| 14 | self.url = self.args.get('url').replace('#', '%23').replace('\\n', '%0A') |
| 15 | |
| 16 | self.base_url = self.url.split("?")[0] if '?' in self.url else self.url |
| 17 | |
| 18 | self.tag = self.args.get('injection_tag') |
| 19 | |
| 20 | self.data = {} |
| 21 | |
| 22 | self.injs = [] |
| 23 | self.inj_idx = 0 |
| 24 | |
| 25 | proxy = self.args.get('proxy') |
| 26 | if proxy: |
| 27 | self.proxies = { |
| 28 | 'http': proxy, |
| 29 | 'https': proxy |
| 30 | } |
| 31 | else: |
| 32 | self.proxies = {} |
| 33 | |
| 34 | self.get_params = {} |
| 35 | self.post_params = {} |
| 36 | self.header_params = {} |
| 37 | |
| 38 | self._parse_url() |
| 39 | self._parse_cookies() |
| 40 | |
| 41 | self._parse_get() |
| 42 | self._parse_post() |
| 43 | self._parse_header() |
| 44 | |
| 45 | # If there are not injection, inject |
| 46 | # all the passed GET, POST, and Headers |
| 47 | if not self.injs: |
| 48 | |
| 49 | self._parse_get(all_injectable = True) |
| 50 | self._parse_post(all_injectable = True) |
| 51 | self._parse_header(all_injectable = True) |
| 52 | |
| 53 | self._parse_method() |
| 54 | |
| 55 | # Disable requests warning in case of |
| 56 | # skipped SSL certificate check |
| 57 | requests.packages.urllib3.disable_warnings() |
| 58 | |
| 59 | def _parse_method(self): |
| 60 | |
| 61 | if self.args.get('request'): |
| 62 | self.http_method = self.args.get('request') |
| 63 | elif self.post_params: |
| 64 | self.http_method = 'POST' |
no outgoing calls