-
Notifications
You must be signed in to change notification settings - Fork 70
/
Copy pathredirect.py
92 lines (51 loc) · 2.25 KB
/
redirect.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
import requests
import sys
import time
import os
os.system('clear')
print "#################################################"
print "# Open redirect Scanner for dummies like me :) #"
print "# by ak1t4 ([email protected]) #"
print "# twitter.com/knowledge_2014 #"
print "# www.security-root.com #"
print "#################################################"
print ""
print "Use ./redirect.py [subdomains.file] [redirect-payload]"
print "Example ./redirect.py uber.list '//yahoo.com/%2F..'"
# Payloads example
#payload = '//www.google.com/%2F..'
#payload2 = '//www.yahoo.com//'
#payload3 = '//www.yahoo.com//%2F%2E%2E'
# first argument - file with subdomains
file = sys.argv[1]
# second argument - payload string
payload = sys.argv[2]
#open file with subdomains and iterates
with open(file) as f:
print ""
print "Searching the ex-girlfriend target & Holy Grial at [303 see others].."
print ""
time.sleep(4)
# loop for find the trace of all requests (303 is an open redirect) see the final destination
for line in f:
try:
line2 = line.strip()
line3 = 'http://' + line2 + payload
print line3
response = requests.get(line3, verify=True)
print response
try:
if response.history:
print "Request was redirected"
for resp in response.history:
print "|"
print resp.status_code, resp.url
print "Final destination:"
print "+"
print response.status_code, response.url
else:
print "Request was not redirected"
except:
print "connection error :("
except:
print "quiting.."