When I use the variable server on my print statement I get this error.
File
"/Users/c0deninja/projects/gsecurity/modules/fetch_requests.py", line
40, in get_headers
print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} SERVER: {Fore.GREEN}{server}") UnboundLocalError: local variable 'server'
referenced before assignment
Also the error only appears on certain websites, maybe when there's no server header it starts getting buggy?
def get_headers(url: str) -> str:
sessions = requests.Session()
try:
res = sessions.get(url, verify=False, headers=header)
if res.status_code == 200:
for value, desc in res.headers.items():
if value == "Server":
server = desc
if value == "Via":
via = desc
print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} SERVER: {Fore.GREEN}{server}")
print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} VIA: {Fore.GREEN}{via}")
except requests.exceptions.InvalidSchema:
print("Please use https://www.target.com")
except requests.exceptions.ConnectionError:
print("Check the target URL and try again\n")
Ok guys I fixed it, what I did was create an empty list outside of the loop and append the output there and then print it.
def get_headers(url: str) -> str:
sessions = requests.Session()
server_output = []
via_output = []
try:
res = sessions.get(url, verify=False, headers=header)
if res.status_code == 200:
for value, desc in res.headers.items():
if value == "Server":
server_output.append(desc)
else:
pass
if value == "Via":
via_output.append(desc)
else:
pass
print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} SERVER: {Fore.GREEN}{', '.join(map(str,server_output))}")
print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} VIA: {Fore.GREEN}{', '.join(map(str,via_output))}")
except requests.exceptions.InvalidSchema:
print("Please use https://www.target.com")
except requests.exceptions.ConnectionError:
print("Check the target URL and try again\n")
Related
I am trying to work on a website and the code works fine, but sometimes the response text has a specific string error happened. If that string appears, I need to send request to that item again
Here's my try but I still got some results with that string error happened
for item in mylist:
while True:
response = requests.get(f'myurl/{item}', headers=headers)
res_text = response.text
if 'SUCESSFUL EXECUTION' in res_text:
scraped_item = (item, 'PAY IT')
else:
json_data=json.loads(res_text)
scraped_item = (item, json_data['errorMsg'])
print(scraped_item)
results.append(scraped_item)
if not 'error happened' in res_text:break
I could solve it using while True trick
for item in mylist:
while True:
response = requests.get(f'myurl/{item}', headers=headers)
res_text = response.text
if not 'error happened' in res_text:
break
if 'SUCESSFUL EXECUTION' in res_text:
scraped_item = (item, 'PAY IT')
else:
json_data=json.loads(res_text)
scraped_item = (item, json_data['errorMsg'])
print(scraped_item)
results.append(scraped_item)
time.sleep(1)
I have the following script working properly. It is to check IP information from netbox API. I would like to know what to add so I can import a list of IPs and run it against the script:
#!/bin/python3
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning) #Disable warning for SSL Error
ip_address = input("Enter the IP Address you want to search: ")
apiBaseUrl = "https://netbox.local/api"
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Token 5c915999999998ad82112b3b5880199769894421' #Here you can add your own token
}
def get_hostInterfaceDescription(ip4):
resp = requests.get(apiBaseUrl + '/ipam/ip-addresses/?q=' + ip4,headers=headers,verify=False).json()
return resp['results'][0]["description"] #this gets the description information
try:
desc = get_hostInterfaceDescription(ip_address)
print("")
print("Description found in Netbox: " + desc)
except TypeError or IndexError:
print("Description Not found")
def get_hostInterfaceTenant(ip4):
resp = requests.get(apiBaseUrl + '/ipam/ip-addresses/?q=' + ip4,headers=headers,verify=False).json()
return resp['results'][0]["tenant"]["name"] #this gets the description information
try:
tenant = get_hostInterfaceTenant(ip_address)
print("")
print("Tenant found in Netbox: " + tenant)
except TypeError or IndexError:
print("Tenant Not found")
def get_hostInterfaceVRF(ip4):
resp = requests.get(apiBaseUrl + '/ipam/ip-addresses/?q=' + ip4, headers=headers, verify=False).json()
return resp['results'][0]["tenant"]["name"] # this gets the description information
try:
vrf = get_hostInterfaceVRF(ip_address)
print("")
print("VRF found in Netbox: " + vrf)
except TypeError or IndexError:
print("VRF Not Found")
Loading a text file and looping over its contents is simple in Python:
with open("ip_list.txt") as ip_list:
for address in ip_list:
address = address.strip() # remove trailing newline
do_something_with(address)
In your case, do_something_with might look like this:
def do_something_with(ip4):
try:
desc = get_hostInterfaceDescription(ip4)
...
except ...:
...
try:
tenant = get_hostInterfaceTenant(ip4)
...
except ...:
...
...
i need a script to make it like a cpanel checker, with more than 1 url and the url is stored in a txt file.
usage : python script.py list.txt
format in file list.txt : https://demo.cpanel.net:2083|democom|DemoCoA5620
this is my code but it doesn't work, can someone help me?
Thanks.
import requests, sys
from multiprocessing.dummy import Pool as ThreadPool
try:
with open(sys.argv[1], 'r') as f:
list_data = [line.strip() for line in f if line.strip()]
except IOError:
pass
def cpanel(url):
try:
data = {'user':'democom', 'pass':'DemoCoA5620'}
r = requests.post(url, data=data)
if r.status_code==200:
print "login success"
else:
print "login failed"
except:
pass
def chekers(url):
try:
cpanel(url)
except:
pass
def Main():
try:
start = timer()
pp = ThreadPool(25)
pr = pp.map(chekers, list_data)
print('Time: ' + str(timer() - start) + ' seconds')
except:
pass
if __name__ == '__main__':
Main()
I fixed your code in a way that it will return an actual array containing a boolean array indicating the success of the cpanel function.
from __future__ import print_function
import requests
from multiprocessing.pool import ThreadPool
try:
list_data = ["https://demo.cpanel.net:2083|democom|DemoCoA5620",
"https://demo.cpanel.net:2083|UserDoesNotExist|WRONGPASSWORD",
]
except IOError:
pass
def cpanel(url):
try:
# try to split that url to get username / password
try:
url, username, password = url.split('|')
except Exception as e:
print("Url {} seems to have wrong format. Concrete error: {}".format(url, e))
return False
# build the correct url
url += '/login/?login_only=1'
# build post parameters
params = {'user': username,
'pass': password}
# make request
r = requests.post(url, params)
if r.status_code==200:
print("login for user {} success".format(username))
return True
else:
print("login for user {} failed due to Status Code {} and message \"{}\"".format(username, r.status_code, r.reason))
return False
except Exception as e:
print("Error occured for url {} ".format(e))
return False
def chekers(url):
return cpanel(url)
def Main():
try:
# start = timer()
pp = ThreadPool(1)
pr = pp.map(chekers, list_data)
print(pr)
# print('Time: ' + str(timer() - start) + ' seconds')
except:
pass
if __name__ == '__main__':
Main()
Output:
login for user democom success
login for user UserDoesNotExist failed due to Status Code 401 and message "Access Denied"
[True, False]
Be aware that I replaced your file read operation by some fixed urls.
Since you use request.post I guess you actually want to POST something to that urls. Your code does not do that. If you just want to send a request, use the requests.get method.
See the official documentation for the requests packet: https://2.python-requests.org/en/master/user/quickstart/#make-a-request for more details.
Also note that
"but it doesn't work"
is NOT a question.
The code below produces these errors:
'Response' object has no attribute 'read'
Please help me understand what I did wrong. I made sure un and pwd are correct
user = "un"
password = 'pwd'
datanodes = ["https://server040:25000/"]
for i, datanode in enumerate(datanodes):
print("Checking {0}: {1}".format(i, datanode))
try:
print "trying"
response = requests.get(datanode + "queries?json",auth=(user,
password), verify='certs.pem')
print response
data = json.loads(response.read())
print data
if data["num_waiting_queries"] > 0:
print(data["num_waiting_queries"])
for in_flight_query in data["in_flight_queries"]:
if in_flight_query["waiting"] is True and
in_flight_query['state'] == "FINISHED":
cancel_url = datanode + "cancel_query?query_id=
{}".format(in_flight_query['query_id'])
print(cancel_url)
except IOError as ioe:
print ioe
except Exception as e:
print(e)
I have tried both json.load(reponse) and json.loads(response.read())
I was able to get around the issues by adding HTTPDigestAuth and changing data = json.loads(response.read()) to data = response.json()
I'm using python 3.3.0 in Windows 7.
I have two files: dork.txt and fuzz.py
dork.txt contains following:
/about.php?id=1
/en/company/news/full.php?Id=232
/music.php?title=11
fuzz.py contains following:
srcurl = "ANY-WEBSITE"
drkfuz = open("dorks.txt", "r").readlines()
print("\n[+] Number of dork names to be fuzzed:",len(drkfuz))
for dorks in drkfuz:
dorks = dorks.rstrip("\n")
srcurl = "http://"+srcurl+dorks
requrl = urllib.request.Request(srcurl)
#httpreq = urllib.request.urlopen(requrl)
# Starting the request
try:
httpreq = urllib.request.urlopen(requrl)
except urllib.error.HTTPError as e:
print ("[!] Error code: ", e.code)
print("")
#sys.exit(1)
except urllib.error.URLError as e:
print ("[!] Reason: ", e.reason)
print("")
#sys.exit(1)
#if e.code != 404:
if httpreq.getcode() == 200:
print("\n*****srcurl********\n",srcurl)
return srcurl
So, when I enter the correct website name which has /about.php?id=1, it works fine.
But when I provide the website which has /en/company/news/full.php?Id=232, it first
prints Error code: 404 and then gives me the following error: UnboundLocalError: local
variable 'e' referenced before assignment or UnboundLocalError: local variable 'httpreq' referenced before assignment
I can understand that if the website doesn't have the page which contains /about.php?id=1, it gives Error code: 404 but why it's not going back in the for loop to check the remaining dorks in the text file??? Why it stops here and throws an error?
I want to make a script to find out valid page from just a website address like: www.xyz.com
When the line urllib.request.urlopen(requrl) expression throws an exception, the variable httpreq is never set. You could set it to None before the try statement, then test if it is still None afterwards:
httpreq = None
try:
httpreq = urllib.request.urlopen(requrl)
# ...
if httpreq is not None and httpreq.getcode() == 200:
srcurl = "ANY-WEBSITE"
drkfuz = open("dorks.txt", "r").readlines()
print("\n[+] Number of dork names to be fuzzed:",len(drkfuz))
for dorks in drkfuz:
dorks = dorks.rstrip("\n")
srcurl = "http://"+srcurl+dorks
try:
requrl = urllib.request.Request(srcurl)
if requrl != None and len(requrl) > 0:
try:
httpreq = urllib.request.urlopen(requrl)
if httpreq.getcode() == 200:
print("\n*****srcurl********\n",srcurl)
return srcurl
except:
# Handle exception
pass
except:
# Handle your exception
print "Exception"
Untested code, but it will work logically.