struts built_potential_url's now use map function to save code

This commit is contained in:
Vakaris 2018-08-23 13:51:11 +03:00
parent b07e70855c
commit 84fb96d0de
1 changed files with 2 additions and 16 deletions

View File

@ -38,22 +38,8 @@ class Struts2Exploiter(WebRCE):
:param extensions: What subdirectories to scan. www.domain.com[/extension]
:return: Array of url's to try and attack
"""
url_list = []
if extensions:
extensions = [(e[1:] if '/' == e[0] else e) for e in extensions]
else:
extensions = [""]
for port in ports:
for extension in extensions:
if port[1]:
protocol = "https"
else:
protocol = "http"
url = join(("%s://%s:%s/" % (protocol, self.host.ip_addr, port[0])), extension)
redirected_url = self.get_redirected(url)
url_list.append(redirected_url)
if not url_list:
LOG.info("No attack url's were built")
url_list = super(Struts2Exploiter, self).build_potential_urls(ports)
url_list = list(map(self.get_redirected, url_list))
return url_list
@staticmethod