(url, params, headers, GET, delay, payload, positions, timeout, encoding)
| 9 | |
| 10 | |
| 11 | def checker(url, params, headers, GET, delay, payload, positions, timeout, encoding): |
| 12 | checkString = 'st4r7s' + payload + '3nd' |
| 13 | if encoding: |
| 14 | checkString = encoding(unquote(checkString)) |
| 15 | response = requester(url, replaceValue( |
| 16 | params, xsschecker, checkString, copy.deepcopy), headers, GET, delay, timeout).text.lower() |
| 17 | reflectedPositions = [] |
| 18 | for match in re.finditer('st4r7s', response): |
| 19 | reflectedPositions.append(match.start()) |
| 20 | filledPositions = fillHoles(positions, reflectedPositions) |
| 21 | # Itretating over the reflections |
| 22 | num = 0 |
| 23 | efficiencies = [] |
| 24 | for position in filledPositions: |
| 25 | allEfficiencies = [] |
| 26 | try: |
| 27 | reflected = response[reflectedPositions[num] |
| 28 | :reflectedPositions[num]+len(checkString)] |
| 29 | efficiency = fuzz.partial_ratio(reflected, checkString.lower()) |
| 30 | allEfficiencies.append(efficiency) |
| 31 | except IndexError: |
| 32 | pass |
| 33 | if position: |
| 34 | reflected = response[position:position+len(checkString)] |
| 35 | if encoding: |
| 36 | checkString = encoding(checkString.lower()) |
| 37 | efficiency = fuzz.partial_ratio(reflected, checkString) |
| 38 | if reflected[:-2] == ('\\%s' % checkString.replace('st4r7s', '').replace('3nd', '')): |
| 39 | efficiency = 90 |
| 40 | allEfficiencies.append(efficiency) |
| 41 | efficiencies.append(max(allEfficiencies)) |
| 42 | else: |
| 43 | efficiencies.append(0) |
| 44 | num += 1 |
| 45 | return list(filter(None, efficiencies)) |
no test coverage detected