m4dh4v45b1n 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/fuzz-web-dir.rb +11 -0
- data/lib/m4dh4v45b1n/fuzz-web-dir.rb +51 -7
- data/lib/m4dh4v45b1n/rand-util.rb +79 -1
- data/lib/m4dh4v45b1n/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4906107520ba8d1e44618a3036aa49372b162ad0298698a6711a3ee91eaa5a19
|
4
|
+
data.tar.gz: 82aff205ae89b27118fc15144076db5cd491e2b30e4291091c00e79354a2c5e5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 563388213634d03963aea55ee27c196efd9ea4dc908edf39ea3bc4b8ff09abe518032174feba6554167024300d07e134b6d470f0ad8d2f034fdaf8e7859de6a1
|
7
|
+
data.tar.gz: ae48b871d69ab5053e56c9acb69c8dead5bdb04fa2e8dc75f4bf2673907b5891aab4b6aa99045daf2db2def1d44b495ad8026fd575ddc7a16c838c8a0e3b69c6
|
data/bin/fuzz-web-dir.rb
CHANGED
@@ -25,6 +25,16 @@ Eg: fuzz-web-dir.rb -e php,txt --hc 303,404 https://example.com\n\n"
|
|
25
25
|
optp.on('-p PAUSE', Float, 'Pause the fuzz for N second.') do |p|
|
26
26
|
init.wait = p
|
27
27
|
end
|
28
|
+
optp.on('-d' , "Enable decoy for evate the fire wall. add #{FUZZ_WEB_DIR_PROXY_FILE} for default decoy list. x.x.x.x:p format.") do |d|
|
29
|
+
init.decoy = true
|
30
|
+
end
|
31
|
+
optp.on('-D DECOY' , "Use decoy file.") do |d|
|
32
|
+
init.decoy = true
|
33
|
+
init.pfile = d
|
34
|
+
end
|
35
|
+
optp.on('-n', 'Run decoy with out checking it. It may affect the result.') do
|
36
|
+
init.check = false
|
37
|
+
end
|
28
38
|
optp.on('-t MAXTHREAD', Integer, "Maximum concurrency. (default:#{FUZZ_WEB_DIR_MAX_THREAD})") do |t|
|
29
39
|
init.max_thread = t
|
30
40
|
end
|
@@ -86,4 +96,5 @@ rescue (EOFError) => e
|
|
86
96
|
rescue (Interrupt) => e
|
87
97
|
puts "\e[1A\e[C"
|
88
98
|
rescue => e
|
99
|
+
puts e
|
89
100
|
end
|
@@ -1,6 +1,7 @@
|
|
1
1
|
require_relative 'version'
|
2
2
|
require_relative 'rand-util'
|
3
3
|
require 'json'
|
4
|
+
require 'openssl'
|
4
5
|
require 'net/http';
|
5
6
|
def wordlist
|
6
7
|
Gem::path.map do |p|
|
@@ -15,9 +16,10 @@ FUZZ_WEB_DIR_DICT= wordlist
|
|
15
16
|
FUZZ_WEB_DIR_HIDE_CODE=['404']
|
16
17
|
FUZZ_WEB_DIR_EXT = ['php', 'txt', 'html', 'xml']
|
17
18
|
FUZZ_WEB_DIR_HEADER = '{}'
|
18
|
-
FUZZ_WEB_DIR_TIMEOUT =
|
19
|
+
FUZZ_WEB_DIR_TIMEOUT = 3 # SECONDS
|
19
20
|
FUZZ_WEB_DIR_MAX_THREAD = 24
|
20
21
|
FUZZ_WEB_DIR_WAIT = 0
|
22
|
+
FUZZ_WEB_DIR_PROXY_FILE = "#{ENV['HOME']}/.proxies.txt"
|
21
23
|
=begin
|
22
24
|
var = Fuzz_web_dir::new
|
23
25
|
var.url = "http://example.com" *
|
@@ -30,7 +32,7 @@ var.max_thread = 24
|
|
30
32
|
var.ext = ['php','txt']
|
31
33
|
=end
|
32
34
|
class Fuzz_web_dir
|
33
|
-
attr_accessor :url,:dict,:hide_code,:hide_line,:hide_char,:show_code,:show_line,:show_char,:timeout,:max_thread,:ext,:out,:wait
|
35
|
+
attr_accessor :url,:dict,:hide_code,:hide_line,:hide_char,:show_code,:show_line,:show_char,:timeout,:max_thread,:ext,:out,:wait,:proxy,:decoy,:last_decoy, :pfile,:check
|
34
36
|
def initialize()
|
35
37
|
@dict = FUZZ_WEB_DIR_DICT
|
36
38
|
@hide_code = FUZZ_WEB_DIR_HIDE_CODE
|
@@ -44,11 +46,42 @@ class Fuzz_web_dir
|
|
44
46
|
@header = FUZZ_WEB_DIR_HEADER
|
45
47
|
@ext = FUZZ_WEB_DIR_EXT
|
46
48
|
@wait = FUZZ_WEB_DIR_WAIT
|
49
|
+
@decoy = false
|
50
|
+
@check = true
|
51
|
+
@last_decoy = ''
|
52
|
+
@pfile = FUZZ_WEB_DIR_PROXY_FILE
|
47
53
|
end
|
48
54
|
def show_result(url_)
|
49
55
|
begin
|
50
56
|
@header['User-Agent'] = rand_user_agent
|
51
|
-
|
57
|
+
if @decoy
|
58
|
+
proxy_ = @last_decoy
|
59
|
+
loop do
|
60
|
+
proxy_ = @proxy.shuffle[0]
|
61
|
+
if proxy_[0] != @last_decoy
|
62
|
+
@last_decoy = proxy_[0]+":"+proxy_[1]
|
63
|
+
break
|
64
|
+
end
|
65
|
+
end
|
66
|
+
proxy = Net::HTTP::Proxy(proxy_[0],proxy_[1].to_i)
|
67
|
+
uri = URI url_
|
68
|
+
uri.query = @header.to_s
|
69
|
+
req = Net::HTTP::Get::new(uri.path)
|
70
|
+
@header.keys.map do |k|
|
71
|
+
req[k] = @header[k]
|
72
|
+
end
|
73
|
+
if uri.scheme == 'https'
|
74
|
+
res_ = proxy.start(uri.host,uri.port,:use_ssl=>true,:verify_mode => OpenSSL::SSL::VERIFY_NONE) do |http|
|
75
|
+
http.request(req)
|
76
|
+
end
|
77
|
+
else
|
78
|
+
res_ = proxy.start(uri.host,uri.port) do |http|
|
79
|
+
http.request(req)
|
80
|
+
end
|
81
|
+
end
|
82
|
+
else
|
83
|
+
res_ = Net::HTTP::get_response(URI(url_), @header)
|
84
|
+
end
|
52
85
|
line_ = res_.body.split("\n").length
|
53
86
|
char_ = res_.body.length
|
54
87
|
code_ = res_.code
|
@@ -61,7 +94,12 @@ class Fuzz_web_dir
|
|
61
94
|
if (@show_line.include? line_);put_it = true;end
|
62
95
|
#if (code_ == '301' and char_ == 0 and line_ == 0);url_ += "/";end
|
63
96
|
if put_it
|
64
|
-
|
97
|
+
finally_ = "\r\e[32m#{url_}\e[0m lines:\e[33m#{line_}\e[0m chrs:\e[35m#{char_}\e[0m status:\e[36m#{code_}\e[0m"
|
98
|
+
if !res_.header['Location'].nil?
|
99
|
+
finally_ += " \e[33;1m>\e[0m #{res_.header['Location']}"
|
100
|
+
end
|
101
|
+
puts finally_
|
102
|
+
|
65
103
|
if !@out.nil?
|
66
104
|
@out.write(url_ + "\n")
|
67
105
|
end
|
@@ -73,7 +111,8 @@ class Fuzz_web_dir
|
|
73
111
|
Thread::kill t
|
74
112
|
end
|
75
113
|
rescue => e
|
76
|
-
print "\
|
114
|
+
print "\r#{e}"
|
115
|
+
#print "\rInvalideURL: #{@url} "
|
77
116
|
end
|
78
117
|
end
|
79
118
|
def print_status(key, val)
|
@@ -91,7 +130,8 @@ class Fuzz_web_dir
|
|
91
130
|
["pause", "#{@wait}s"],
|
92
131
|
["hide /status/line/char", "#{@hide_code}/#{@hide_line}/#{@hide_char}"],
|
93
132
|
["show /status/line/char", "#{@show_code}/#{@show_line}/#{@show_char}"],
|
94
|
-
["output", @out]
|
133
|
+
["output", @out],
|
134
|
+
["decoy-proxy", @proxy.length]
|
95
135
|
].map {|k,v| print_status(k, v)}
|
96
136
|
puts "-"*45
|
97
137
|
end
|
@@ -102,6 +142,10 @@ class Fuzz_web_dir
|
|
102
142
|
@ext = @ext.map {|i| '.'+i }
|
103
143
|
@ext.append("")
|
104
144
|
@header = JSON::parse(@header)
|
145
|
+
if @decoy
|
146
|
+
@proxy = Pr0xy.new.get_proxies(@pfile, @check)
|
147
|
+
#@proxy = [["http","127.0.0.1",8080],["http","127.0.0.2", 8081]]
|
148
|
+
end
|
105
149
|
print_status_all
|
106
150
|
if !@out.nil?
|
107
151
|
@out = File.open(@out, "w")
|
@@ -130,7 +174,7 @@ class Fuzz_web_dir
|
|
130
174
|
sleep(0.01 + @wait)
|
131
175
|
end
|
132
176
|
if string_line.length < 20
|
133
|
-
print "\r#{' '*
|
177
|
+
print "\r#{' '*60}\r> #{string_line.chomp}"
|
134
178
|
end
|
135
179
|
end
|
136
180
|
end
|
@@ -1,3 +1,7 @@
|
|
1
|
+
require 'net/http'
|
2
|
+
|
3
|
+
PROXY_CACHE = ENV["HOME"] + "/.cache/m4dh4v45b1n/http-proxy.x7"
|
4
|
+
|
1
5
|
USER_AGENTS = [
|
2
6
|
"Mozilla/5.0 (X11; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0",
|
3
7
|
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)",
|
@@ -11,8 +15,82 @@ USER_AGENTS = [
|
|
11
15
|
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Edg/91.0.864.59",
|
12
16
|
"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Vivaldi/4.0",
|
13
17
|
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Vivaldi/4.0",
|
14
|
-
"Mozilla/5.0 (Linux; Android 11; LM-X420) AppleWebKit/537.36 (KHTML,
|
18
|
+
"Mozilla/5.0 (Linux; Android 11; LM-X420) AppleWebKit/537.36 (KHTML, likeGecko) Chrome/91.0.4472.120 Mobile Safari/537.36"
|
15
19
|
]
|
20
|
+
|
16
21
|
def rand_user_agent
|
17
22
|
return USER_AGENTS[rand(USER_AGENTS.length)]
|
18
23
|
end
|
24
|
+
|
25
|
+
class Pr0xy
|
26
|
+
attr_accessor :tmp, :proto
|
27
|
+
def initialize
|
28
|
+
@tmp = []
|
29
|
+
end
|
30
|
+
def check_if_the_proxy_is_up(host, port)
|
31
|
+
proxy = Net::HTTP::Proxy(
|
32
|
+
host,
|
33
|
+
port
|
34
|
+
)
|
35
|
+
begin
|
36
|
+
Timeout::timeout(10) do
|
37
|
+
uri = URI "http://ifconfig.me/"
|
38
|
+
req = Net::HTTP::Get::new(uri.path)
|
39
|
+
res = proxy.start(uri.host,uri.port) do |http|
|
40
|
+
http.request(req)
|
41
|
+
end
|
42
|
+
if res.code == '200' and
|
43
|
+
res.body.length <= 16 and
|
44
|
+
res.body.length >= 7 and
|
45
|
+
res.body.split(".").length == 4
|
46
|
+
print "."
|
47
|
+
return true
|
48
|
+
end
|
49
|
+
end
|
50
|
+
rescue => e
|
51
|
+
end
|
52
|
+
return false
|
53
|
+
end
|
54
|
+
def get_proxies(file, check)
|
55
|
+
if check
|
56
|
+
print "\e[33;1mChecking Proxy status\e[0m"
|
57
|
+
end
|
58
|
+
if File.file? file
|
59
|
+
File.open(file, "r").readlines.map do |l|
|
60
|
+
sleep 0.02
|
61
|
+
Thread.new do
|
62
|
+
if l.strip[0] != "#"
|
63
|
+
l = l.strip.split(":")
|
64
|
+
if check
|
65
|
+
if check_if_the_proxy_is_up(l[0],l[1])
|
66
|
+
@tmp.append([l[0],l[1]])
|
67
|
+
end
|
68
|
+
else
|
69
|
+
@tmp.append([l[0], l[1]])
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
while Thread::list.length > 100;end
|
74
|
+
end
|
75
|
+
else
|
76
|
+
puts "\rUnable to locate proxy file.'#{file}'"
|
77
|
+
exit
|
78
|
+
end
|
79
|
+
while Thread::list.length > 1;end;puts
|
80
|
+
if @tmp.length < 1
|
81
|
+
print "\rThere is no proxy is alive.\n" +
|
82
|
+
"please add proxy in ~/.proxies.txt to take default"+
|
83
|
+
" or specify fresh list with -D flag.\n"
|
84
|
+
exit
|
85
|
+
elsif @tmp.length <= 5
|
86
|
+
puts "\r#{@tmp.length} decoys are \e[31mDeductable\e[0m.\nAdd More decoy for better evation."
|
87
|
+
sleep 3
|
88
|
+
end
|
89
|
+
return @tmp
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
|
94
|
+
|
95
|
+
# test
|
96
|
+
#puts Pr0xy.new.get_proxies("../test/http-proxy.txt")
|
data/lib/m4dh4v45b1n/version.rb
CHANGED
@@ -1,2 +1,2 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
VERSION = "0.1.
|
2
|
+
VERSION = "0.1.4"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: m4dh4v45b1n
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Madhava-mng
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-07-
|
11
|
+
date: 2021-07-12 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: ''
|
14
14
|
email:
|