Commits

Tim Tomes committed 6d2e9da

changed the curl command to avoid HEAD requests and added the ability to store and view the source code of each target.

  • Participants
  • Parent commits f4713b5

Comments (0)

Files changed (1)

                 printProgress(cnt, tot, target, previouslen)
             else:
                 printProgress(cnt, tot)
-            filename = '%s.png' % re.sub('\W','',target)
-            filepath = '%s/%s' % (directory, filename)
-            getCapture(target, filepath, timeout)
+            imgname = '%s.png' % re.sub('\W','',target)
+            srcname = '%s.txt' % re.sub('\W','',target)
+            imgpath = '%s/%s' % (directory, imgname)
+            srcpath = '%s/%s' % (directory, srcname)
+            getCapture(target, imgpath, timeout)
             cnt += 1
             previouslen = len(target)
             target_data = {}
             target_data['url'] = target
-            target_data['path'] = filename
-            target_data['hash'] = hashlib.md5(open(filepath).read()).hexdigest() if os.path.exists(filepath) else 'z'*32
-            target_data['headers'] = getHeaders(target, timeout)
+            target_data['imgpath'] = imgname
+            target_data['srcpath'] = srcname
+            target_data['hash'] = hashlib.md5(open(imgpath).read()).hexdigest() if os.path.exists(imgpath) else 'z'*32
+            target_data['headers'] = getHeaders(target, srcpath, timeout)
             db['targets'].append(target_data)
             cnt += 1
         print printProgress(1,1)
         return "https"
     return "http"
 
-def getCapture(url, filename, timeout):
-    cmd = './phantomjs --ignore-ssl-errors=yes ./capture.js %s %s %d' % (url, filename, timeout*1000)
+def getCapture(url, imgpath, timeout):
+    cmd = './phantomjs --ignore-ssl-errors=yes ./capture.js %s %s %d' % (url, imgpath, timeout*1000)
     returncode, response = runCommand(cmd)
     return returncode
 
-def getHeaders(url, timeout):
-    cmd = 'curl -sILk %s --connect-timeout %d' % (url, timeout)
+def getHeaders(url, srcpath, timeout):
+    #cmd = 'curl -sILk %s --connect-timeout %d' % (url, timeout)
+    cmd = 'curl -sLkD - %s -o %s --connect-timeout %d' % (url, srcpath, timeout)
     returncode, response = runCommand(cmd)
     return response
 
     dead_markup = ''
     # process markup for live targets
     for live in sorted(db['targets'], key=lambda k: k['hash']):
-        live_markup += "<tr><td class='img'><a href='{0}'><img src='{0}' onerror=\"this.parentNode.parentNode.innerHTML='No image available.';\" /></a></td><td class='head'><a href='{1}' target='_blank'>{1}</a><br /><pre>{2}</pre></td></tr>\n".format(live['path'],live['url'],live['headers'])
+        live_markup += "<tr><td class='img'><a href='{0}' target='_blank'><img src='{0}' onerror=\"this.parentNode.parentNode.innerHTML='No image available.';\" /></a></td><td class='head'><a href='{1}' target='_blank'>{1}</a> (<a href='{2}' target='_blank'>source</a>)<br /><pre>{3}</pre></td></tr>\n".format(live['imgpath'],live['url'],live['srcpath'],live['headers'])
     # add markup to the report
     file = open(outfile, 'w')
     file.write("""