updated code quality, added feature random HTTP user agent fixed #190,…

… bumped version 1.4.1..

README.md

@@ -1,4 +1,4 @@
-[![GitHub release](https://img.shields.io/badge/release-v1.4-brightgreen?style=flat-square)](https://github.com/r0oth3x49/ghauri/releases/tag/1.4)
+[![GitHub release](https://img.shields.io/badge/release-v1.4.1-brightgreen?style=flat-square)](https://github.com/r0oth3x49/ghauri/releases/tag/1.4.1)
 [![GitHub stars](https://img.shields.io/github/stars/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/stargazers)
 [![GitHub forks](https://img.shields.io/github/forks/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/network)
 [![GitHub issues](https://img.shields.io/github/issues/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/issues)
@@ -74,6 +74,7 @@ You can download the latest version of Ghauri by cloning the GitHub repository.
  - added switch for retreiving entries count for table.: `--count`
  - added switch for Scanning multiple targets given in a textual fil. `-m` (experimental)
  - added auto detection and exploitation of base64 deserializable GET parameters. (experimental)
+ - added support for random HTTP user agent: `--random-agent, --mobile`
 
 ## **Advanced Usage**
 
@@ -107,6 +108,8 @@ Request:
 
   -A , --user-agent   HTTP User-Agent header value
   -H , --header       Extra header (e.g. "X-Forwarded-For: 127.0.0.1")
+  --mobile            Imitate smartphone through HTTP User-Agent header
+  --random-agent      Use randomly selected HTTP User-Agent header value
   --host              HTTP Host header value
   --data              Data string to be sent through POST (e.g. "id=1")
   --cookie            HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")

ghauri/__init__.py

@@ -24,7 +24,7 @@
 
 """
 
-__version__ = "1.4"
+__version__ = "1.4.1"
 __author__ = "Nasir Khan (r0ot h3x49)"
 __license__ = "MIT"
 __copyright__ = "Copyright (c) 2016-2025 Nasir Khan (r0ot h3x49)"

ghauri/common/config.py

@@ -123,6 +123,10 @@ def __init__(
         self._deserialized_data = {}
         self._deserialized_data_param = ""
         self._deserialized_data_param_value = ""
+        self._random_ua_string = None
+        self._random_ua = False
+        self._is_mobile_ua = False
+        self._random_agent_dict = {}
 
     @property
     def ignore_code(self):

ghauri/common/lib.py

@@ -50,6 +50,7 @@
 import binascii
 import itertools
 import collections
+import ua_generator
 from os.path import expanduser
 from io import BytesIO, StringIO
 from difflib import unified_diff

ghauri/common/utils.py

@@ -48,6 +48,7 @@
     SequenceMatcher,
     addinfourl,
     DBMS_DICT,
+    ua_generator,
     HTTPRedirectHandler,
     BaseHTTPRequestHandler,
     INJECTABLE_HEADERS_DEFAULT,
@@ -2058,9 +2059,41 @@ def search_possible_dbms_errors(html):
     return _temp
 
 
-def get_random_user_agent():
-    ua = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36"
-    return ua
+def get_user_agent(random=False):
+    # latest one  at: 21-Nov-2024
+    ua = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
+    headers = {}
+    if random:
+        try:
+            if conf._random_ua:
+                if conf._is_mobile_ua:
+                    obj = ua_generator.generate(
+                        browser=("chrome", "firefox", "safari"),
+                        platform=("ios", "android"),
+                        device="mobile",
+                    )
+                else:
+                    obj = ua_generator.generate(
+                        browser=("chrome", "firefox", "safari"),
+                        platform=("windows", "linux", "macos"),
+                        device="desktop",
+                    )
+                ua = obj.text
+                headers = obj.headers.get()
+            else:
+                ua = ua
+        except:
+            ua = ua
+        if not conf._random_ua_string:
+            headers.pop("user-agent")
+            conf._random_ua_string = ua
+            conf._random_agent_dict = headers
+            logger.info(
+                f"fetched random HTTP User-Agent header value '{conf._random_ua_string}'"
+            )
+    else:
+        conf._random_ua_string = ua
+    return conf._random_ua_string
 
 
 def prepare_request(url, data, custom_headers, use_requests=False):
@@ -2076,10 +2109,9 @@ def prepare_request(url, data, custom_headers, use_requests=False):
     if not path:
         path = "/"
     if not custom_headers:
-        ua = get_random_user_agent()
-        custom_headers = f"User-agent: {ua}"
+        custom_headers = f"User-agent: {conf._random_ua_string}"
         if custom_headers and "user-agent" not in custom_headers.lower():
-            custom_headers += f"\nUser-agent: {ua}"
+            custom_headers += f"\nUser-agent: {conf._random_ua_string}"
         if custom_headers and "host" not in custom_headers.lower():
             custom_headers += f"\nHost: {parsed.netloc}"
         if custom_headers and "cache-control" not in custom_headers.lower():

ghauri/core/request.py

@@ -102,6 +102,8 @@ def perform(
         raw = req.raw
         endpoint = req.endpoint
         custom_headers = req.headers
+        if conf._random_agent_dict:
+            custom_headers.update(conf._random_agent_dict)
         if conf.is_json:
             custom_headers.update({"Content-Type": "application/json"})
         request_url = req.request.get("url")

ghauri/ghauri.py

@@ -57,6 +57,7 @@
     check_injection_points_for_level,
     dbms_full_name,
     is_deserializable,
+    get_user_agent,
 )
 
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
@@ -133,6 +134,8 @@ def perform_multitarget_injection(args):
                 update=args.update,
                 ignore_code=args.ignore_code,
                 bulkfile=True,
+                random_agent=args.random_agent,
+                mobile=args.mobile,
             )
             if resp.is_injected:
                 exp_choice = logger.read_input(
@@ -293,6 +296,8 @@ def perform_injection(
     update=False,
     ignore_code="",
     bulkfile=False,
+    random_agent=False,
+    mobile=False,
 ):
     verbose_levels = {
         1: logging.INFO,
@@ -311,6 +316,8 @@ def perform_injection(
     conf.fresh_queries = fresh_queries
     conf._ignore_code = ignore_code
     conf.batch = batch
+    conf._random_ua = random_agent
+    conf._is_mobile_ua = mobile
     if not bulkfile:
         logger.start("starting")
     if not force_ssl:
@@ -367,6 +374,7 @@ def perform_injection(
         raw = "\n".join(
             [re.sub(r"[^\x00-\x7F]+", " ", i.strip()) for i in open(requestfile) if i]
         )
+    get_user_agent(random=conf._random_ua)
     if raw:
         req = HTTPRequest(raw)
         url = req.url

ghauri/scripts/ghauri.py

@@ -130,6 +130,18 @@ def main():
         default="",
         metavar="",
     )
+    request.add_argument(
+        "--mobile",
+        dest="mobile",
+        action="store_true",
+        help="Imitate smartphone through HTTP User-Agent header",
+    )
+    request.add_argument(
+        "--random-agent",
+        dest="random_agent",
+        action="store_true",
+        help="Use randomly selected HTTP User-Agent header value",
+    )
     request.add_argument(
         "--host",
         dest="host",
@@ -511,6 +523,8 @@ def main():
             update=args.update,
             ignore_code=args.ignore_code,
             bulkfile=bool(args.bulkfile),
+            random_agent=args.random_agent,
+            mobile=args.mobile,
         )
         if resp.is_injected:
             target = ghauri.Ghauri(

requirements.txt

@@ -1,4 +1,5 @@
 tldextract
 colorama
 requests
-chardet
+chardet
+ua_generator

setup.py

@@ -5,7 +5,7 @@
 
 setup(
     name="ghauri",
-    version="1.4",
+    version="1.4.1",
     description="An advanced SQL injection detection & exploitation tool.",
     classifiers=["Programming Language :: Python3"],
     author="Nasir Khan",
@@ -20,6 +20,7 @@
         "colorama",
         "requests",
         "chardet",
+        "ua_generator",
     ],
     entry_points={"console_scripts": ["ghauri=ghauri.scripts.ghauri:main"]},
     keywords=[