created a new flag called --x-forward that will add a header to the request called 'X-Forwarded-From' with three random IP addresses

This commit is contained in:
ekultek 2017-10-31 13:19:31 -05:00
parent 51db83833b
commit 3bc428dbd9
2 changed files with 32 additions and 10 deletions

View file

@ -41,7 +41,8 @@ from lib.core.settings import (
EXTRACTED_URL_LOG,
URL_EXCLUDES,
CLEANUP_TOOL_PATH,
FIX_PROGRAM_INSTALL_PATH
FIX_PROGRAM_INSTALL_PATH,
create_random_ip
)
try:
@ -228,8 +229,7 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs):
return retval
def parse_search_results(
query, url_to_search, verbose=False, **kwargs):
def parse_search_results(query, url_to_search, verbose=False, **kwargs):
"""
Parse a webpage from Google for URL's with a GET(query) parameter
"""
@ -240,6 +240,7 @@ def parse_search_results(
parse_webcache, pull_all = kwargs.get("parse_webcache", False), kwargs.get("pull_all", False)
proxy_string, user_agent = kwargs.get("proxy", None), kwargs.get("agent", None)
forward_for = kwargs.get("forward_for", False)
if verbose:
logger.debug(set_color(
@ -269,10 +270,23 @@ def parse_search_results(
else:
proxy_string_info = "no proxy configuration detected..."
headers = {
"Connection": "close",
"user-agent": user_agent
}
if forward_for:
ip_to_use = (create_random_ip(), create_random_ip(), create_random_ip())
if verbose:
logger.debug(set_color(
"random IP address generated for headers '{}'...".format(ip_to_use), level=10
))
headers = {
"Connection": "close",
"user-agent": user_agent,
"X-Forward-For": "{}, {}, {}".format(ip_to_use[0], ip_to_use[1], ip_to_use[2])
}
else:
headers = {
"Connection": "close",
"user-agent": user_agent
}
logger.info(set_color(
"attempting to gather query URL..."
))

14
zeus.py
View file

@ -134,6 +134,8 @@ if __name__ == "__main__":
help="Do not exclude URLs because they do not have a GET(query) parameter in them")
search_items.add_option("-W", "--webcache", dest="parseWebcache", action="store_true",
help="Parse webcache URLs for the redirect in them")
search_items.add_option("--x-forward", dest="forwardedForRandomIP", action="store_true",
help="Add a header called 'X-Forwarded-For' with three random IP addresses")
# obfuscation options
anon = optparse.OptionGroup(parser, "Anonymity arguments",
@ -294,7 +296,7 @@ if __name__ == "__main__":
if not batch:
question = prompt(
"would you like to process found URL: '{}'".format(url), opts=["y", "N"]
"would you like to process found URL: '{}'gi".format(url), opts=["y", "N"]
)
else:
question = "y"
@ -396,7 +398,8 @@ if __name__ == "__main__":
try:
search.parse_search_results(
opt.dorkToUse, search_engine, verbose=opt.runInVerbose, proxy=proxy_to_use,
agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache
agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache,
forward_for=opt.forwardedForRandomIP
)
except InvalidProxyType:
supported_proxy_types = ["socks5", "socks4", "https", "http"]
@ -517,12 +520,17 @@ if __name__ == "__main__":
shutdown()
blackwidow.blackwidow_main(opt.spiderWebSite, agent=agent_to_use, proxy=proxy_to_use,
verbose=opt.runInVerbose)
verbose=opt.runInVerbose, forward=opt.forwardedForRandomIP)
__run_attacks_main()
# enumerate a file and run attacks on the URL's provided
elif opt.fileToEnumerate is not None:
logger.info(set_color(
"found a total of {} URL's to enumerate in given file...".format(
len(open(opt.fileToEnumerate).readlines())
)
))
__run_attacks_main()
else: