So I have a list of path traversal payloads in DirTraversal.txt, but for some weird reason when sending the requests it stops at the first line and it just hangs. It doesn't give me any errors or anything, it just stops sending the request after the first line.
I tried removing the concurrent.future part of the code and just iterate through a normal for loop, but I get the same result.
from colorama import Fore, Back, Style
from fake_useragent import UserAgent
import concurrent.futures
import requests
import os
import sys
filepath = os.path.abspath(os.getcwd())
payload = "".join((filepath, "/wordlists/DirTraversal.txt"))
with open(f"{payload}", "r") as f:
dirtraversal = (x.strip() for x in f.readlines())
def get_request(url: str):
ua = UserAgent()
header = {'User-Agent':str(ua.chrome)}
s = requests.Session()
r = s.get(f"{url}", headers=header)
if r.status_code == 200:
if b"root:x:" in r.content:
print(f"{Fore.GREEN} VULNERABLE {Fore.CYAN} - {Fore.WHITE} {url}")
else:
print(f"{Fore.RED} NOT VULNERABLE {Fore.CYAN} - {Fore.WHITE} {url}")
else:
print("Error")
def PathTraversal(dirtraversal):
target = input("Site: ")
check = "".join((target, dirtraversal))
get_request(check)
if __name__== "__main__":
try:
with concurrent.futures.ThreadPoolExecutor() as executor:
executor.map(PathTraversal, dirtraversal)
except KeyboardInterrupt as err:
sys.exit(0)
except Exception as e:
print(e)
CodePudding user response:
your dirtraversal
variable is a list of urls. when you feed your map
with it, it will execute multiple times PathTraversal
with one of the links
input
will wait for you to input anything, and will hang until you hit enter
. join
will add whatever you typed at the start of the url, and requests
won't like that. maybe you just wanted to print
def PathTraversal(url):
print(f"Site: {url}")
get_request(url)
CodePudding user response:
I think you should just remove input
from code. input
waits for you to enter a string on the terminal
If your DirTraversal.txt file contains the urls, then you can simply remove input
and do a get_request(url)
instead.