Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Major rewrite #61

Open
wants to merge 50 commits into
base: master
Choose a base branch
from
Open

Major rewrite #61

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
4d2313e
'black'
nrathaus Apr 29, 2024
e971a16
Add requirements.txt file
nrathaus Apr 29, 2024
424b2e1
Sort the order of imports
nrathaus Apr 29, 2024
25edd46
Add new line to the end
nrathaus Apr 29, 2024
0a1bcd2
Don't delay while displaying the banner
nrathaus Apr 29, 2024
1713cba
Order the modules correctly
nrathaus Apr 29, 2024
3cbb1d2
Allow running the package without installing it
nrathaus Apr 29, 2024
86ad8e6
Support no-colors
nrathaus Apr 29, 2024
6a6f42c
More work on color removal
nrathaus Apr 29, 2024
ac24630
Remove all color references
nrathaus Apr 29, 2024
9a569a0
Give default 'value' to avoid cases where default value is "" and the…
nrathaus Apr 29, 2024
5661090
Reduce 'import *'
nrathaus Apr 29, 2024
218cc9e
Missing class
nrathaus Apr 29, 2024
152ff2e
Make sure options are loaded early
nrathaus Apr 29, 2024
10283ba
Give it a default (empty) value
nrathaus Apr 29, 2024
335dbe2
Fix grammar
nrathaus Apr 29, 2024
d2d9ac3
Set default value, handle end_point better
nrathaus Apr 29, 2024
e72b8a3
Make it clearer, where we are
nrathaus Apr 29, 2024
0f71e89
Move to f-string
nrathaus Apr 29, 2024
139f96a
Make code more readable
nrathaus Apr 29, 2024
44c66ab
Missing space
nrathaus Apr 29, 2024
84e0700
f stirng
nrathaus Apr 29, 2024
15da06d
Remove "!" from URLs printing to allow clicking on them
nrathaus Apr 29, 2024
b2bfa20
Fix endless loop due to "../" in the URL
nrathaus Apr 29, 2024
b940686
Move to f string
nrathaus Apr 29, 2024
0037b58
Move global to the top
nrathaus Apr 29, 2024
5ca49de
f-string
nrathaus Apr 29, 2024
181b3b8
f stirng
nrathaus Apr 29, 2024
ca06d31
Move to isinstance
nrathaus Apr 29, 2024
cc05311
New build
nrathaus Apr 29, 2024
a024ad2
f string
nrathaus Apr 29, 2024
51fccb9
http or https
nrathaus Apr 29, 2024
2334772
f string
nrathaus Apr 29, 2024
a07fd88
Use URL parts to build the new URL
nrathaus Apr 29, 2024
1438247
Use 'port_part' to make code easier to debug
nrathaus Apr 29, 2024
e536f5f
f-string
nrathaus Apr 29, 2024
f001aa4
Make code clearer
nrathaus Apr 29, 2024
f790e0e
Make errors more verbose
nrathaus Apr 29, 2024
cdaa8b6
Prettify
nrathaus Apr 29, 2024
7df5791
Handle empty responses
nrathaus Apr 29, 2024
513adfa
f-string
nrathaus Apr 29, 2024
d544d72
f-string
nrathaus Apr 29, 2024
7f40a9c
Wrong variable use
nrathaus Apr 29, 2024
c546eba
Add support for JSON results
nrathaus Apr 29, 2024
262207a
Grammar
nrathaus Apr 29, 2024
500a4a1
Start cleanup
nrathaus Apr 29, 2024
5b12160
Support JSON
nrathaus Apr 29, 2024
a9a0451
Make the output clearer
nrathaus Apr 29, 2024
952cbe9
More f-string
nrathaus Apr 29, 2024
af24a83
f-string
nrathaus Apr 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 5 additions & 0 deletions requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
bs4
requests
stringdist
tld
yattag
56 changes: 26 additions & 30 deletions setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-

#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#
# XSRF Probe #
#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#

# Author: 0xInfection
# This module requires XSRFProbe
Expand All @@ -12,40 +12,36 @@
import io
from setuptools import setup, find_packages
from os import path

this_directory = path.abspath(path.dirname(__file__))
with io.open(path.join(this_directory, 'README.md'), encoding='utf-8') as f:
with io.open(path.join(this_directory, "README.md"), encoding="utf-8") as f:
desc = f.read()

setup(
name='xsrfprobe',
version=__import__('xsrfprobe').__version__,
description='The Prime Cross Site Request Forgery (CSRF) Audit & Exploitation Toolkit',
name="xsrfprobe",
version=__import__("xsrfprobe").__version__,
description="The Prime Cross Site Request Forgery (CSRF) Audit & Exploitation Toolkit",
long_description=desc,
long_description_content_type='text/markdown',
author='Pinaki Mondal',
author_email='theinfecteddrake@gmail.com',
license='GPLv3',
url='https://github.com/0xInfection/XSRFProbe',
download_url='https://github.com/0xInfection/XSRFProbe/archive/v%s.zip' % __import__('xsrfprobe').__version__,
long_description_content_type="text/markdown",
author="Pinaki Mondal",
author_email="theinfecteddrake@gmail.com",
license="GPLv3",
url="https://github.com/0xInfection/XSRFProbe",
download_url="https://github.com/0xInfection/XSRFProbe/archive/v%s.zip"
% __import__("xsrfprobe").__version__,
packages=find_packages(),
scripts=['xsrfprobe/bin/xsrfprobe'],
install_requires=[
'requests',
'bs4',
'stringdist',
'tld',
'yattag'
],
scripts=["xsrfprobe/bin/xsrfprobe"],
install_requires=["requests", "bs4", "stringdist", "tld", "yattag"],
classifiers=[
'Development Status :: 5 - Production/Stable',
'Intended Audience :: System Administrators',
'Intended Audience :: Developers',
'Intended Audience :: Information Technology',
'Operating System :: OS Independent',
'Topic :: Internet',
'Topic :: Security',
'License :: OSI Approved :: GNU General Public License v3 (GPLv3)',
'Programming Language :: Python :: 3',
"Development Status :: 5 - Production/Stable",
"Intended Audience :: System Administrators",
"Intended Audience :: Developers",
"Intended Audience :: Information Technology",
"Operating System :: OS Independent",
"Topic :: Internet",
"Topic :: Security",
"License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
"Programming Language :: Python :: 3",
],
keywords=['csrf', 'xsrf', 'appsec', 'vulnerability scanner', 'webapps', 'hacking'],
keywords=["csrf", "xsrf", "appsec", "vulnerability scanner", "webapps", "hacking"],
)
8 changes: 4 additions & 4 deletions xsrfprobe/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-

#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#
# XSRF Probe #
#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#

# Author: 0xInfection
# This module requires XSRFProbe
# https://github.com/0xInfection/XSRFProbe

__version__ = '2.3.1'
__license__ = 'GNU General Public License v3 (GPLv3)'
__version__ = "4.4.29"
__license__ = "GNU General Public License v3 (GPLv3)"
10 changes: 9 additions & 1 deletion xsrfprobe/bin/xsrfprobe
100644 → 100755
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,15 @@
# This module requires XSRFProbe
# https://github.com/0xInfection/XSRFProbe

import os
import sys

# Allow loading of the module from the path where we are when you
# didn't install it using pip
SCRIPT_DIR = os.path.realpath(os.path.dirname("."))
sys.path.append(SCRIPT_DIR)

from xsrfprobe import xsrfprobe

if __name__ == '__main__':
xsrfprobe.startEngine()
xsrfprobe.startEngine()
8 changes: 4 additions & 4 deletions xsrfprobe/core/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-

#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#
# XSRF Probe #
#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#

#This module requires XSRFProbe
#https://github.com/0xInfection/XSRFProbe
# This module requires XSRFProbe
# https://github.com/0xInfection/XSRFProbe
245 changes: 209 additions & 36 deletions xsrfprobe/core/banner.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,48 +1,221 @@
#!/usr/bin/env python3
#coding: utf-8
# coding: utf-8

#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#
# XSRF Probe #
#-:-:-:-:-:-:-::-:-:#
# -:-:-:-:-:-:-::-:-:#

#Author: 0xInfection
#This module requires XSRF-Probe
#https://github.com/0xInfection/XSRF-Probe
# Author: 0xInfection
# This module requires XSRF-Probe
# https://github.com/0xInfection/XSRF-Probe

# Just for some fancy benner to appear at beginning

import time
from xsrfprobe import __version__
from xsrfprobe.core.colors import *
import xsrfprobe.core.colors

colors = xsrfprobe.core.colors.color()

SLEEP_TIME = 0


def banner():
"""Display the program banner"""
print("\n\n")
time.sleep(SLEEP_TIME)
print(
colors.ORANGE
+ " _____ _____ _____ _____ _____ "
)
time.sleep(SLEEP_TIME)
print(
colors.RED
+ " __"
+ colors.ORANGE
+ "|"
+ colors.RED
+ "__ "
+ colors.ORANGE
+ " |_ "
+ colors.RED
+ "__"
+ colors.ORANGE
+ "|"
+ colors.RED
+ "___ "
+ colors.ORANGE
+ " |_ "
+ colors.RED
+ "__"
+ colors.ORANGE
+ "|"
+ colors.RED
+ "___ "
+ colors.ORANGE
+ "|_ "
+ colors.RED
+ "_"
+ colors.ORANGE
+ "|"
+ colors.RED
+ "____ "
+ colors.ORANGE
+ "|_"
+ colors.RED
+ " _"
+ colors.ORANGE
+ "|"
+ colors.RED
+ "____ "
+ colors.ORANGE
+ "|_ "
+ colors.RED
+ " _____ _____ ______ ______ "
)
time.sleep(SLEEP_TIME)
print(
colors.RED
+ " \ ` / "
+ colors.ORANGE
+ "|"
+ colors.RED
+ "| ___| "
+ colors.ORANGE
+ "|"
+ colors.RED
+ "| _ _| "
+ colors.ORANGE
+ "|"
+ colors.RED
+ "| ___| "
+ colors.ORANGE
+ "| "
+ colors.RED
+ "| _ | "
+ colors.ORANGE
+ "|"
+ colors.RED
+ "| _ ,' / \| _ )| ___| "
)
time.sleep(SLEEP_TIME)
print(
colors.RED
+ " > < "
+ colors.ORANGE
+ "|"
+ colors.RED
+ " `-.`-. "
+ colors.ORANGE
+ "|"
+ colors.RED
+ "| \ "
+ colors.ORANGE
+ "|"
+ colors.RED
+ "| ___| "
+ colors.ORANGE
+ "|"
+ colors.RED
+ " | __| "
+ colors.ORANGE
+ "|"
+ colors.RED
+ "| \ | - || |_ { | ___| "
)
time.sleep(SLEEP_TIME)
print(
colors.RED
+ " /__/__\ "
+ colors.ORANGE
+ "_|"
+ colors.RED
+ "|______| "
+ colors.ORANGE
+ "_|"
+ colors.RED
+ "|__|\__\ "
+ colors.ORANGE
+ " _|"
+ colors.RED
+ "|___| "
+ colors.ORANGE
+ " _|"
+ colors.RED
+ " |___| "
+ colors.ORANGE
+ " _|"
+ colors.RED
+ "|__|\__\\\_____/|______)|______| "
)
time.sleep(SLEEP_TIME)
print(
colors.ORANGE
+ " |_____| |_____| |_____| |_____| |_____| \n\n"
)
time.sleep(SLEEP_TIME)


print('\n\n')
time.sleep(0.05)
print(color.ORANGE+' _____ _____ _____ _____ _____ ')
time.sleep(0.05)
print(color.RED+' __'+color.ORANGE+'|'+color.RED+'__ '+color.ORANGE+' |_ '+color.RED+'__'+color.ORANGE+'|'+color.RED+'___ '+color.ORANGE+' |_ '+color.RED+'__'+color.ORANGE+'|'+color.RED+'___ '+color.ORANGE+'|_ '+color.RED+'_'+color.ORANGE+'|'+color.RED+'____ '+color.ORANGE+'|_'+color.RED+' _'+color.ORANGE+'|'+color.RED+'____ '+color.ORANGE+'|_ '+color.RED+' _____ _____ ______ ______ ')
time.sleep(0.05)
print(color.RED+" \ ` / "+color.ORANGE+'|'+color.RED+'| ___| '+color.ORANGE+'|'+color.RED+'| _ _| '+color.ORANGE+'|'+color.RED+'| ___| '+color.ORANGE+'| '+color.RED+'| _ | '+color.ORANGE+"|"+color.RED+"| _ ,' / \| _ )| ___| ")
time.sleep(0.05)
print(color.RED+' > < '+color.ORANGE+'|'+color.RED+' `-.`-. '+color.ORANGE+'|'+color.RED+'| \ '+color.ORANGE+'|'+color.RED+'| ___| '+color.ORANGE+'|'+color.RED+' | __| '+color.ORANGE+'|'+color.RED+'| \ | - || |_ { | ___| ')
time.sleep(0.05)
print(color.RED+' /__/__\ '+color.ORANGE+'_|'+color.RED+'|______| '+color.ORANGE+'_|'+color.RED+'|__|\__\ '+color.ORANGE+' _|'+color.RED+'|___| '+color.ORANGE+' _|'+color.RED+' |___| '+color.ORANGE+' _|'+color.RED+'|__|\__\\\_____/|______)|______| ')
time.sleep(0.05)
print(color.ORANGE+' |_____| |_____| |_____| |_____| |_____| \n\n')
time.sleep(0.05)

def banabout(): # some fancy banner stuff :p

print(color.BLUE+' [---] '+color.GREY+'XSRFProbe,'+color.RED+' A'+color.ORANGE+' Cross Site Request Forgery '+color.RED+'Audit Toolkit '+color.BLUE+'[---]')
time.sleep(0.05)
print(color.BLUE+' [---] [---]')
time.sleep(0.05)
print(color.BLUE+' [---] '+color.PURPLE+' '+color.GREEN+'~ Author : '+color.CYAN+'Pinaki Mondal ~ '+color.BLUE+' [---]')
time.sleep(0.05)
print(color.BLUE+' [---] '+color.CYAN+' ~ github.com / '+color.GREY+'0xInfection ~ '+color.BLUE+' [---]')
time.sleep(0.05)
print(color.BLUE+' [---] [---]')
time.sleep(0.05)
print(color.BLUE+' [---] '+color.ORANGE+' ~ Version '+color.RED+__version__+color.ORANGE+' ~ '+color.BLUE+' [---]\n')
time.sleep(0.05)
def banabout(): # some fancy banner stuff :p
print(
colors.BLUE
+ " [---] "
+ colors.GREY
+ "XSRFProbe,"
+ colors.RED
+ " A"
+ colors.ORANGE
+ " Cross Site Request Forgery "
+ colors.RED
+ "Audit Toolkit "
+ colors.BLUE
+ "[---]"
)
time.sleep(SLEEP_TIME)
print(
colors.BLUE
+ " [---] [---]"
)
time.sleep(SLEEP_TIME)
print(
colors.BLUE
+ " [---] "
+ colors.PURPLE
+ " "
+ colors.GREEN
+ "~ Author : "
+ colors.CYAN
+ "Pinaki Mondal ~ "
+ colors.BLUE
+ " [---]"
)
time.sleep(SLEEP_TIME)
print(
colors.BLUE
+ " [---] "
+ colors.CYAN
+ " ~ github.com / "
+ colors.GREY
+ "0xInfection ~ "
+ colors.BLUE
+ " [---]"
)
time.sleep(SLEEP_TIME)
print(
colors.BLUE
+ " [---] [---]"
)
time.sleep(SLEEP_TIME)
print(
colors.BLUE
+ " [---] "
+ colors.ORANGE
+ " ~ Version "
+ colors.RED
+ __version__
+ colors.ORANGE
+ " ~ "
+ colors.BLUE
+ " [---]\n"
)
time.sleep(SLEEP_TIME)