-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathprocess_post.php
117 lines (98 loc) · 3.89 KB
/
process_post.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
require_once 'globals.php';
/* Global initializers */
if (!initialize()) {
http_response_code(500);
return;
}
#$DOMAINHUNTER_PY="./daemon_wrapper.sh python3 ./domainhunter2.py";
$DOMAINHUNTER_PY="PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ./domainhunter2.py";
$PROCESS_POST_PHP="process_post.php";
$extention = ".svg";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
/* Start processing */
$domain = trim($_POST["domain"]);
if (array_key_exists("scopecreep", $_POST)) {
// $scopecreep = trim($_POST["scopecreep"]);
$scopecreep = "yes";
} else {
$scopecreep = "no";
}
$sideload = "no";
$otherfqdns = "";
if (array_key_exists("otherfqdns", $_POST) and !empty($_POST["otherfqdns"])) {
$otherfqdns = $_POST["otherfqdns"];
$sideload = "yes";
}
/* Sanitizer */
if(preg_match('/[^\.a-zA-Z\-0-9]/i', $domain)) {
header("refresh:4;url=index.html");
print("Not a valid FQAN. No special characters allowed.\n");
print("You typed: ");
print($domain);
return;
}
/* Create UUID HUNT */
$uuid = guidv4();
$data = array("uuid_hunt" => $uuid,
"domain" => $domain,
"scopecreep" => $scopecreep,
"wrapper" => "yes",
"sideload" => $sideload,
"otherfqdns" => $otherfqdns);
$data_string = json_encode($data);
$ch = curl_init("http://localhost:5000/domainhunter");
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST,count($data_string));
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string))
);
$result = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpcode == 200) {
/* Store domainhunt */
$sql = 'INSERT INTO domainhunts (uuid_hunt, fqdn, status, scopecreep, sideload)'.
' VALUES (:uuid_hunt, :fqdn, :status, :scopecreep, :sideload)';
$GLOBALS['db']->begintransaction();
$statement = $GLOBALS['db']->prepare($sql);
$statement->execute(array(
"uuid_hunt" => $uuid,
"fqdn" => $domain,
"status" => "processing",
"scopecreep" => $scopecreep,
"sideload" => $sideload
));
$GLOBALS['db']->commit();
header("refresh:1;url=index.html");
print "Processing...\n<br>";
print $result;
} else {
header("refresh:3;url=index.html");
print $result;
}
return;
}
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (! isset($_GET['uuid'])) {
print "No uuid";
header("refresh:4;url=index.html");
} else {
$uuid = $_GET['uuid'];
print("results/" . $uuid . $extention);
if (file_exists("results/" . $uuid . $extention)) {
/* Redirect to end result */
/* header("refresh:1;url=temp/" . $uuid . $extention); */
header("refresh:1;url=results/" . $uuid . ".html");
} else {
print("<br>\nProcessing...\n");
/* header("refresh:5;url=" . $PROCESS_POST_PHP . "?uuid=" . $uuid); */
header("refresh:1;url=index.php");
}
return;
}
}
?>