bhp-pro 1.2.9__py3-none-any.whl → 1.3.0__py3-none-any.whl

{bhp_pro-1.2.9.dist-info → bhp_pro-1.3.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: bhp_pro
-Version: 1.2.9
+Version: 1.3.0
 Summary: Web Enumeration Tool
 Author: ssskingsss12
 Author-email: smalls3000i@gmail.com

bhp_pro-1.3.0.dist-info/RECORD

@@ -0,0 +1,6 @@
+bhp_pro.py,sha256=WJ2J94cH1-qKf3AynRr8Q4t0GhzNxs2VunaQip0T7zA,748620
+bhp_pro-1.3.0.dist-info/METADATA,sha256=t7JildGhotdLKQG8WAcZWV-rFl9R6FhukOP2UhCNEMs,600
+bhp_pro-1.3.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+bhp_pro-1.3.0.dist-info/entry_points.txt,sha256=Yn3HpraGX3lXX4FPq3Gm-lHh3SwQA-5rtgPWNWMFXkw,41
+bhp_pro-1.3.0.dist-info/top_level.txt,sha256=1xjbIaVM77UJz9Tsi1JjILgE0YDG7iLhY6KSMNEi9zM,8
+bhp_pro-1.3.0.dist-info/RECORD,,

bhp_pro.py

@@ -16872,6 +16872,94 @@ def menu3():
 
         mainsee()
 
+    #===SUBDOmain TAKEOVER===#
+    def access_control():
+
+        generate_ascii_banner("ACCESS", "CONTROL")
+        THREAD_COUNT = 100
+
+        LOCK = threading.Lock()
+        user_input = input("Enter a domain or .txt file: ").strip()
+        OUTPUT_FILE = input("Enter output file name (default is x_requested_with_results.txt): ").strip() or "x_requested_with_results.txt"
+        def check_domain(domain, progress):
+            preflight_headers = {
+                'Origin': 'https://yahoo.com/',
+                'Access-Control-Request-Method': 'GET',
+                'Access-Control-Request-Headers': 'X-Requested-With, X-Online-Host, X-Forwarded-For',
+                'User-Agent': 'Mozilla/5.0'
+            }
+
+            for protocol in ['http://', 'https://']:
+                url = protocol + domain
+                try:
+                    response = requests.options(url, headers=preflight_headers, timeout=5)
+                    status = response.status_code
+                    allowed_headers = response.headers.get('Access-Control-Allow-Headers', '').lower()
+
+                    allowed = []
+                    if 'x-requested-with' in allowed_headers:
+                        allowed.append('X-Requested-With')
+                    if 'x-online-host' in allowed_headers:
+                        allowed.append('X-Online-Host')
+                    if 'x-forwarded-for' in allowed_headers:
+                        allowed.append('X-Forwarded-For')
+
+                    if allowed:
+                        server = response.headers.get('Server', 'Unknown')
+                        print(f"✅ {url} - ALLOWS: {', '.join(allowed)} | Status: {status}")
+                        with LOCK:
+                            with open(OUTPUT_FILE, "a") as f:
+                                f.write(f"{url} | Status: {status} | Server: {server} | Allowed Headers: {', '.join(allowed)}\n")
+                    else:
+                        print(f"⚠️ {url} - None of the desired X-* headers allowed.")
+
+                except requests.exceptions.RequestException as e:
+                    print(f"❌ {url} - Request failed: {e}")
+                finally:
+                    with LOCK:
+                        progress.update(1)
+
+
+        def worker(domain_queue, progress):
+            while not domain_queue.empty():
+                domain = domain_queue.get()
+                check_domain(domain, progress)
+                domain_queue.task_done()
+
+        def access_main():
+
+
+            if os.path.isfile(user_input) and user_input.endswith('.txt'):
+                with open(user_input, 'r') as file:
+                    domains = [line.strip() for line in file if line.strip()]
+            else:
+                domains = [user_input]
+
+            if os.path.exists(OUTPUT_FILE):
+                os.remove(OUTPUT_FILE)
+
+            domain_queue = Queue()
+            for domain in domains:
+                domain_queue.put(domain)
+
+            progress = tqdm(total=len(domains) * 2, desc="Checking", ncols=80)
+
+            threads = []
+            for _ in range(THREAD_COUNT):
+                t = threading.Thread(target=worker, args=(domain_queue, progress))
+                t.start()
+                threads.append(t)
+
+            for t in threads:
+                t.join()
+
+            progress.close()
+            print(f"\n✅ Finished checking. Results saved to {OUTPUT_FILE}")
+
+
+        access_main()
+
+
     def x_menu():
 
         def return_to_menu():
@@ -16901,6 +16989,7 @@ def menu3():
                 "3. INFO",
                 "4. Wif Abomination",
                 "5. KPROXY_SCANNER" ,
+                "6. ACCESS CONTROL" ,
 
             ]
             
@@ -16925,7 +17014,8 @@ def menu3():
                 "2": ipcam,
                 "3": info,
                 "4": wifi_deauth,
-                "5": prox
+                "5": prox,
+                "6": access_control,
 
 
             }
@@ -16968,7 +17058,7 @@ def banner():
     MAGENTA + "██╔═══╝ ██╔══██╗██║   ██║" + LIME + "user should understand that useage of this script may be" + ENDC,
     MAGENTA + "██║     ██║  ██║╚██████╔╝" + LIME + "concidered an attack on a data network, and may violate terms" + ENDC,
     MAGENTA + "╚═╝     ╚═╝  ╚═╝ ╚═════╝" + LIME + "of service, use on your own network or get permission first" + ENDC,
-    PURPLE + "script_version@ 1.2.9 ®" + ENDC,
+    PURPLE + "script_version@ 1.3.0 ®" + ENDC,
     ORANGE + "All rights reserved 2022-2026 ♛: ®" + ENDC, 
     MAGENTA + "In Collaboration whit Ayan Rajpoot ® " + ENDC,
     BLUE +  "Support: https://t.me/BugScanX 💬" + ENDC,     

bhp_pro-1.2.9.dist-info/RECORD

@@ -1,6 +0,0 @@
-bhp_pro.py,sha256=PILeO-qsRI54JDAkMxqhte87SrQhNyhaGnb52xypsFU,745023
-bhp_pro-1.2.9.dist-info/METADATA,sha256=ymCnXEbRzRbwrBjss9-hGyZIDXqjHdIEUKWKTEk38-c,600
-bhp_pro-1.2.9.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-bhp_pro-1.2.9.dist-info/entry_points.txt,sha256=Yn3HpraGX3lXX4FPq3Gm-lHh3SwQA-5rtgPWNWMFXkw,41
-bhp_pro-1.2.9.dist-info/top_level.txt,sha256=1xjbIaVM77UJz9Tsi1JjILgE0YDG7iLhY6KSMNEi9zM,8
-bhp_pro-1.2.9.dist-info/RECORD,,