cpd-sec 0.2.9__py3-none-any.whl

cpd/utils/parser.py

@@ -0,0 +1,63 @@
+from typing import Dict, Tuple, Optional
+from urllib.parse import urlparse
+
+def parse_raw_request(raw_content: str, scheme: str = "https") -> Dict:
+    """
+    Parse a raw HTTP request (string) into components for HttpClient.
+    
+    Args:
+        raw_content: The raw HTTP request string.
+        scheme: The protocol scheme (http/https). Default is https.
+        
+    Returns:
+        Dict containing url, method, headers, and body.
+    """
+    lines = raw_content.strip().splitlines()
+    if not lines:
+        raise ValueError("Empty request content")
+
+    # 1. Parse Request Line
+    # GET /api/folders HTTP/2
+    req_line_parts = lines[0].split()
+    if len(req_line_parts) < 2:
+        raise ValueError(f"Invalid request line: {lines[0]}")
+    
+    method = req_line_parts[0].upper()
+    path = req_line_parts[1]
+    
+    # 2. Parse Headers
+    headers = {}
+    body = None
+    line_idx = 1
+    
+    while line_idx < len(lines):
+        line = lines[line_idx]
+        if line == "":
+            # End of headers, start of body
+            body = "\n".join(lines[line_idx+1:])
+            break
+        
+        if ":" in line:
+            key, val = line.split(":", 1)
+            headers[key.strip()] = val.strip()
+        line_idx += 1
+
+    # 3. Construct URL
+    # Needs Host header
+    host = headers.get("Host")
+    if not host:
+        # Fallback if no Host header (unlikely for valid requests)
+        raise ValueError("Missing Host header in raw request")
+
+    # Handle full URL in path (proxy style) vs relative path
+    if path.startswith("http"):
+        url = path
+    else:
+        url = f"{scheme}://{host}{path}"
+
+    return {
+        "url": url,
+        "method": method,
+        "headers": headers,
+        "body": body
+    }

cpd_sec-0.2.9.dist-info/METADATA

@@ -0,0 +1,153 @@
+Metadata-Version: 2.4
+Name: cpd-sec
+Version: 0.2.9
+Summary: A high-concurrency CLI tool for detecting web cache poisoning vulnerabilities.
+Author: kankburhan
+Author-email: kankburhan@gmail.com
+Requires-Python: >=3.9,<4.0
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Requires-Dist: aiohttp (>=3.9.1,<4.0.0)
+Requires-Dist: click (>=8.1.7,<9.0.0)
+Requires-Dist: requests (>=2.31.0,<3.0.0)
+Project-URL: Repository, https://github.com/kankburhan/cpd
+Description-Content-Type: text/markdown
+
+# CachePoisonDetector (CPD)
+
+A high-concurrency CLI tool for detecting web cache poisoning vulnerabilities.
+
+## Overview
+CPD is a security tool designed to identify vulnerabilities in web caching systems that allow cache poisoning attacks.
+
+## Installation
+
+1.  Clone the repository:
+    ```bash
+    git clone https://github.com/kankburhan/cpd.git
+    cd cpd
+    ```
+
+2.  Install dependencies using Poetry:
+    ```bash
+    poetry install
+    ```
+    *Alternatively, calculate dependencies to requirements.txt and use pip:*
+    ```bash
+    pip install .
+    ```
+
+## Usage
+
+CPD supports multiple input methods and extensive configuration options.
+
+### 1. Basic Scan (`--url`)
+Scan a single target URL.
+
+```bash
+# Using poetry
+poetry run cpd scan --url https://example.com
+
+# As an installed package
+cpd scan -u https://example.com
+```
+
+### 2. Pipeline Mode (Stdin)
+Pipe URLs from other tools (like `waybackurls`, `gau`, `subfinder`, or `cat`) directly into CPD. This is ideal for mass scanning.
+
+```bash
+# Scan URLs found by waybackurls
+waybackurls target.com | cpd scan
+
+# Scan URLs from a file using cat
+cat urls.txt | cpd scan --concurrency 20
+```
+
+### 3. File Input (`--file`)
+Read URLs from a text file (one URL per line).
+
+```bash
+cpd scan --file urls.txt
+```
+
+### 4. Raw Request Scan (`--request-file`)
+Scan using a raw HTTP request definition (e.g., copied from Burp Suite).
+
+```bash
+# Save your request to a file (e.g. request.txt)
+cpd scan --request-file request.txt
+```
+
+**Alternative: Direct String (`--raw`)**
+*Use with caution due to shell escaping characters.*
+```bash
+cpd scan --raw "GET /api/foo HTTP/1.1
+Host: example.com"
+```
+
+### 5. Advanced Options
+
+#### Custom Headers (`--header`)
+Add custom headers to every request (e.g., cookies, authorization). You can use this flag multiple times.
+
+```bash
+cpd scan -u https://admin.example.com \
+    -h "Cookie: session=12345" \
+    -h "Authorization: Bearer XYZ"
+```
+
+#### Output to File (`--output`)
+Save the findings to a JSON file.
+
+```bash
+cpd scan -u https://example.com --output results.json
+```
+
+#### Concurrency (`--concurrency`)
+Control the number of simultaneous requests (default: 50).
+
+```bash
+cpd scan -f targets.txt --concurrency 100
+```
+
+#### Verbosity (`--verbose`, `--quiet`)
+Control output levels.
+
+```bash
+cpd scan -u https://example.com -v  # Debug logging
+cpd scan -u https://example.com -q  # Only show findings
+```
+
+### 5. Utilities
+
+#### Validate Finding (`validate`)
+Manually verify a vulnerability claim step-by-step.
+
+```bash
+cpd validate --url https://target.com --header "X-Forwarded-Host: evil.com"
+```
+
+#### Update Tool (`update`)
+Check for and install the latest version of CPD.
+
+```bash
+cpd update
+```
+
+## Features
+- **Auto Update Check**: Automatically checks for new versions on run. ![Auto Update](https://img.shields.io/badge/Auto%20Update-Enabled-brightgreen)
+- **High Concurrency**: Built with `asyncio` and `aiohttp` for speed.
+- **Smart Baseline**: Establishes a stable baseline to reduce false positives.
+- **Advanced Poisoning**:
+    - **Header Injection**: `X-Forwarded-Host`, `X-Forwarded-Scheme`, `Fastly-Client-IP`, etc.
+    - **Path Normalization**: Exploits backend URL decoding differences (`/foo\bar`).
+    - **Fat GET**: Sends request bodies with GET requests.
+    - **Unkeyed Query Params**: Injects parameters to test cache key inclusion.
+    - **Method Override**: Tests `X-HTTP-Method-Override`.
+- **Pipeline Ready**: Designed to integrate into your reconnaissance workflow.
+

cpd_sec-0.2.9.dist-info/RECORD

@@ -0,0 +1,16 @@
+cpd/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cpd/cli.py,sha256=FBPVafWzqsU3wGy43SmTbk6_bPQFdaTLkSCwrMl4aMg,12796
+cpd/engine.py,sha256=JNRYjkdpHHmePmPqtPWw3Hnky9hY8LRRoGOAvr67pio,3126
+cpd/http_client.py,sha256=6EF9_cVWVyF2rr6fH7gnxVsIXXCir4JVmxsPw3eWzhE,1400
+cpd/logic/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cpd/logic/baseline.py,sha256=5O7eO34oBwLMEtA1vZTNaNKBDQsS8D4Ny9K3MebxDUA,1777
+cpd/logic/poison.py,sha256=ZdCCCc4neMS-MOlMlaqXT1KRsVu6hhVxyXL1vglxB10,31129
+cpd/logic/validator.py,sha256=HYgTNAnaISU5Nxkn-qcDdkjagEnbSYyfp2jlKuKoG8s,2584
+cpd/main.py,sha256=zfDYCwxYZnbzSmQUKqRNLb_tYDXV6caVejsj5Nr2umM,62
+cpd/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cpd/utils/logger.py,sha256=ZMv9lJ0P70dhTP_t1Pxzt7AR6t3f93feOrjR0U-B46w,2324
+cpd/utils/parser.py,sha256=u42IIqcUk5Tb2mpaK6r_9uCBbpVUFllZgQivlLmPs1w,1752
+cpd_sec-0.2.9.dist-info/METADATA,sha256=1LPtVacFfNqBT2w9mPJWth3trWxSRx1F916e76Z0yto,4288
+cpd_sec-0.2.9.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
+cpd_sec-0.2.9.dist-info/entry_points.txt,sha256=0xoiZMQwikuXkO4m6FcGFJuyxqNmFKHLoCSxOaHymIc,57
+cpd_sec-0.2.9.dist-info/RECORD,,

cpd_sec-0.2.9.dist-info/WHEEL

@@ -0,0 +1,4 @@
+Wheel-Version: 1.0
+Generator: poetry-core 2.2.1
+Root-Is-Purelib: true
+Tag: py3-none-any

cpd_sec-0.2.9.dist-info/entry_points.txt

@@ -0,0 +1,4 @@
+[console_scripts]
+cpd=cpd.main:cli
+cpd-sec=cpd.main:cli
+