-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathbhp_wordlist.py
86 lines (69 loc) · 2.58 KB
/
bhp_wordlist.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
from burp import IBurpExtender
from burp import IContextMenuFactory
from java.util import ArrayList
from javax.swing import JMenuItem
from datetime import datetime
from HTMLParser import HTMLParser
import re
class TagStripper(HTMLParser):
def __init__(self):
HTMLParser.__init__(self)
self.page_text = list()
def handle_data(self, data):
self.page_text.append(data)
def handle_comment(self, data):
self.page_text.append(data)
def strip(self, html):
self.feed(html)
return ' '.join(self.page_text)
class BurpExtender(IBurpExtender, IContextMenuFactory):
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self.context = None
self.hosts = set()
self.wordlist = set(['password'])
callbacks.setExtensionName('BHP Wordlist')
callbacks.registerContextMenuFactory(self)
return
def createMenuItems(self, context_menu):
self.context = context_menu
menu_list = ArrayList()
menu_list.add(JMenuItem('Create Wordlist', actionPerformed=self.wordlist_menu))
return menu_list
def wordlist_menu(self, event):
http_traffic = self.context.getSelectedMessages()
for traffic in http_traffic:
http_service = traffic.getHttpService()
host = http_service.getHost()
self.hosts.add(host)
http_response = traffic.getResponse()
if http_response:
self.get_words(http_response)
self.display_wordlist()
return
def get_words(self, http_response):
headers, body = http_response.tostring().split('\r\n\r\n', 1)
if headers.lower().find('content-type: text') == -1:
return
tag_stripper = TagStripper()
page_text = tag_stripper.strip(body)
words = re.findall(r'[a-zA-Z]\w{2,}', page_text)
for word in words:
if len(word) <= 12:
self.wordlist.add(word.lower())
return
def mangle(self, word):
year = datetime.now().year
suffixes = ['', '1', '!', year]
mangled = list()
for password in (word, word.capitalize()):
for suffix in suffixes:
mangled.append('%s%s' % (password, suffix))
return mangled
def display_wordlist(self):
print('#!comment: BHP Wordlist for site(%s)' % ', '.join(self.hosts))
for word in sorted(self.wordlist):
for password in self.mangle(word):
print(password)
return