mirror of
https://github.com/Ekultek/Zeus-Scanner.git
synced 2026-03-11 08:55:51 +00:00
created a new flag called --x-forward that will add a header to the request called 'X-Forwarded-From' with three random IP addresses
This commit is contained in:
parent
51db83833b
commit
3bc428dbd9
2 changed files with 32 additions and 10 deletions
|
|
@ -41,7 +41,8 @@ from lib.core.settings import (
|
|||
EXTRACTED_URL_LOG,
|
||||
URL_EXCLUDES,
|
||||
CLEANUP_TOOL_PATH,
|
||||
FIX_PROGRAM_INSTALL_PATH
|
||||
FIX_PROGRAM_INSTALL_PATH,
|
||||
create_random_ip
|
||||
)
|
||||
|
||||
try:
|
||||
|
|
@ -228,8 +229,7 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs):
|
|||
return retval
|
||||
|
||||
|
||||
def parse_search_results(
|
||||
query, url_to_search, verbose=False, **kwargs):
|
||||
def parse_search_results(query, url_to_search, verbose=False, **kwargs):
|
||||
"""
|
||||
Parse a webpage from Google for URL's with a GET(query) parameter
|
||||
"""
|
||||
|
|
@ -240,6 +240,7 @@ def parse_search_results(
|
|||
|
||||
parse_webcache, pull_all = kwargs.get("parse_webcache", False), kwargs.get("pull_all", False)
|
||||
proxy_string, user_agent = kwargs.get("proxy", None), kwargs.get("agent", None)
|
||||
forward_for = kwargs.get("forward_for", False)
|
||||
|
||||
if verbose:
|
||||
logger.debug(set_color(
|
||||
|
|
@ -269,10 +270,23 @@ def parse_search_results(
|
|||
else:
|
||||
proxy_string_info = "no proxy configuration detected..."
|
||||
|
||||
headers = {
|
||||
"Connection": "close",
|
||||
"user-agent": user_agent
|
||||
}
|
||||
if forward_for:
|
||||
ip_to_use = (create_random_ip(), create_random_ip(), create_random_ip())
|
||||
if verbose:
|
||||
logger.debug(set_color(
|
||||
"random IP address generated for headers '{}'...".format(ip_to_use), level=10
|
||||
))
|
||||
|
||||
headers = {
|
||||
"Connection": "close",
|
||||
"user-agent": user_agent,
|
||||
"X-Forward-For": "{}, {}, {}".format(ip_to_use[0], ip_to_use[1], ip_to_use[2])
|
||||
}
|
||||
else:
|
||||
headers = {
|
||||
"Connection": "close",
|
||||
"user-agent": user_agent
|
||||
}
|
||||
logger.info(set_color(
|
||||
"attempting to gather query URL..."
|
||||
))
|
||||
|
|
|
|||
14
zeus.py
14
zeus.py
|
|
@ -134,6 +134,8 @@ if __name__ == "__main__":
|
|||
help="Do not exclude URLs because they do not have a GET(query) parameter in them")
|
||||
search_items.add_option("-W", "--webcache", dest="parseWebcache", action="store_true",
|
||||
help="Parse webcache URLs for the redirect in them")
|
||||
search_items.add_option("--x-forward", dest="forwardedForRandomIP", action="store_true",
|
||||
help="Add a header called 'X-Forwarded-For' with three random IP addresses")
|
||||
|
||||
# obfuscation options
|
||||
anon = optparse.OptionGroup(parser, "Anonymity arguments",
|
||||
|
|
@ -294,7 +296,7 @@ if __name__ == "__main__":
|
|||
|
||||
if not batch:
|
||||
question = prompt(
|
||||
"would you like to process found URL: '{}'".format(url), opts=["y", "N"]
|
||||
"would you like to process found URL: '{}'gi".format(url), opts=["y", "N"]
|
||||
)
|
||||
else:
|
||||
question = "y"
|
||||
|
|
@ -396,7 +398,8 @@ if __name__ == "__main__":
|
|||
try:
|
||||
search.parse_search_results(
|
||||
opt.dorkToUse, search_engine, verbose=opt.runInVerbose, proxy=proxy_to_use,
|
||||
agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache
|
||||
agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache,
|
||||
forward_for=opt.forwardedForRandomIP
|
||||
)
|
||||
except InvalidProxyType:
|
||||
supported_proxy_types = ["socks5", "socks4", "https", "http"]
|
||||
|
|
@ -517,12 +520,17 @@ if __name__ == "__main__":
|
|||
shutdown()
|
||||
|
||||
blackwidow.blackwidow_main(opt.spiderWebSite, agent=agent_to_use, proxy=proxy_to_use,
|
||||
verbose=opt.runInVerbose)
|
||||
verbose=opt.runInVerbose, forward=opt.forwardedForRandomIP)
|
||||
|
||||
__run_attacks_main()
|
||||
|
||||
# enumerate a file and run attacks on the URL's provided
|
||||
elif opt.fileToEnumerate is not None:
|
||||
logger.info(set_color(
|
||||
"found a total of {} URL's to enumerate in given file...".format(
|
||||
len(open(opt.fileToEnumerate).readlines())
|
||||
)
|
||||
))
|
||||
__run_attacks_main()
|
||||
|
||||
else:
|
||||
|
|
|
|||
Loading…
Reference in a new issue