MCPcopy
hub / github.com/jaykali/hackerpro / findUp

Method findUp

hackerpro.py:1208–1227  ·  view source on GitHub ↗

find upload forms from grabbed websites the attacker may succeed to upload malicious files like webshells

(self)

Source from the content-addressed store, hash-verified

1206 pass
1207
1208 def findUp(self):
1209 """
1210 find upload forms from grabbed
1211 websites the attacker may succeed to
1212 upload malicious files like webshells
1213 """
1214 upList = ['up.php', 'up1.php', 'up/up.php', 'site/up.php', 'vb/up.php', 'forum/up.php', 'blog/up.php', 'upload.php',
1215 'upload1.php', 'upload2.php', 'vb/upload.php', 'forum/upload.php', 'blog/upload.php', 'site/upload.php', 'download.php']
1216 clearScr()
1217 print "[~] Finding Upload"
1218 for site in self.sites:
1219 for up in upList:
1220 try:
1221 if (urllib.urlopen(site + up).getcode() == 200):
1222 html = urllib.urlopen(site + up).readlines()
1223 for line in html:
1224 if re.findall('type=file', line):
1225 print " [*] Found upload -> ", site + up
1226 except IOError:
1227 pass
1228
1229 def getUsers(self):
1230 """

Callers 1

__init__Method · 0.95

Calls 1

clearScrFunction · 0.85

Tested by

no test coverage detected