-
Notifications
You must be signed in to change notification settings - Fork 23
/
EndPoint-Finder.py
102 lines (86 loc) · 3.19 KB
/
EndPoint-Finder.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
import re
import argparse
import requests
parser = argparse.ArgumentParser()
parser.add_argument("-u","--url",
help="Input a URL i.e. https, http, ftp, etc..")
parser.add_argument("-f","--file",
help="Input file location")
parser.add_argument("-o","--output",
help="Output file location")
parser.add_argument("-c","--cookie",
help="Add URL cookie, in the form \"PHPSESSID=qw32312313\"")
args = parser.parse_args()
if(args.file!=None or args.url!=None):
print """
.___ ..__ , .___ .
[__ ._ _|[__) _ *._ -+- ___ [__ *._ _| _ ._.
[___[ )(_]| (_)|[ ) | | |[ )(_](/,[
author: $_SpyD3r_$
"""
else:
print parser.print_help()
exit()
if(args.file):
f = open(args.file,'r').read()
content1 = f.split('"')
if(args.url):
url=args.url
if(args.cookie):
cookie = args.cookie.split("=")
req=requests.get(url,cookies={cookie[0]:cookie[1]})
content1=req.text.split('"')
else:
req=requests.get(url)
content1=req.text.split('"')
end_point = []
extension=(".png",".jpg",".wav",".jpeg",".json",".js",".php",".xml") #more can be added, as requirement
start = ("/","http://","https://","file://","php://","ftp://","./","../")
def end_points(content):
for i in content:
if re.match("^[a-zA-Z0-9_\/:&?%.\-=]*$", i):
if (i.startswith(start) or i.endswith(extension)):
end_point.append(i)
for i in content:
if re.match("^[a-zA-Z0-9_\/:&?%.\-=]*$", i):
if (not i.startswith(start)):
temp = i.split("/")
if "/"+temp[0] in end_point or "./"+temp[0] in end_point or "../"+temp[0] in end_point:
end_point.append(i)
def saving_in_file(end_point):
f=open(args.output,'a')
f.write(end_point)
f.write("\n")
def print_end_points(end_point):
start1=("http://","https://","file://","php://","ftp://")
a="\n-----------------Remote files which are added-----------------------------------\n"
if(args.output): saving_in_file(a)
print a
for i in end_point:
if i.startswith(start1):
print i
if(args.output): saving_in_file(i)
b="\n-----------------These files are present in server------------------------------\n"
print b
if(args.output): saving_in_file(b)
for i in end_point:
if i.endswith(extension):
print i
if(args.output): saving_in_file(i)
c="\n-----------------These are files and directory, you can look into---------------\n"
print c
if(args.output): saving_in_file(c)
start1=("/","./","../")
for i in end_point:
if i.startswith(start1) and not (i.endswith(extension)):
print i
if(args.output): saving_in_file(i)
print "\n-----------------These directory can be present (not sure!!)--------------------\n"
for i in end_point:
if(not i.startswith(start) and not i.endswith(extension)):
print i
if(args.output): saving_in_file(i)
if __name__=='__main__':
end_points(content1)
end_point = set(end_point)
print_end_points(end_point)