Initial Commit
commit
dc6f9ade0b
@ -0,0 +1,6 @@
|
|||||||
|
# What is this?
|
||||||
|
Fuzzy box is a quick program I wrote to fuzz a URL that is in the format https://<url>/20characterstring.<extension>. I have redacted the URL.
|
||||||
|
|
||||||
|
# Example
|
||||||
|
A Quick demo of what this looks like once you fill out the `base` and `extension` variable
|
||||||
|
![](/fuzzybox.gif)
|
@ -0,0 +1,26 @@
|
|||||||
|
#!/bin/python3
|
||||||
|
import random
|
||||||
|
import string
|
||||||
|
import requests
|
||||||
|
import time
|
||||||
|
startTime = time.time()
|
||||||
|
|
||||||
|
base = "https://www.YourURLHere.com/"
|
||||||
|
extension = "File Extension (.jpg,.bak,.sh, etc)"
|
||||||
|
count = int(input("How many times do you want to run the loop? "))
|
||||||
|
for i in range (count):
|
||||||
|
# get random string of letters and digits
|
||||||
|
source = string.ascii_letters + string.digits
|
||||||
|
result_str = ''.join((random.choice(source) for i in range(20)))
|
||||||
|
# Send request to FQDN
|
||||||
|
x = requests.get(base+result_str+extension)
|
||||||
|
url = base+result_str+extension
|
||||||
|
print(url)
|
||||||
|
statuscode = x.status_code
|
||||||
|
print(statuscode)
|
||||||
|
if str(statuscode) == "200":
|
||||||
|
f = open("hits.txt","a")
|
||||||
|
f.write("HIT: " + url + "\n")
|
||||||
|
f.close()
|
||||||
|
executionTime = (time.time() - startTime)
|
||||||
|
print('Execution time in seconds: ' + str(executionTime))
|
Loading…
Reference in New Issue