#!/usr/bin/env python """ A revised version of req.py using urllib2. A little script I threw together to facilitate quick and dirty web requests for use during web app pen tests. It will likely grow. I already have a number of features I want to add so check back for an updated version. It's not done and throws errors. Remember, this is quick and dirty. This program is in the public domain. Do whatever you want with it. Run with a -h to see the help. """ import sys, urllib2, re from optparse import OptionParser def main(): # Supported options usage = "usage: %prog [options] hostname.domainname.tld" parser = OptionParser(usage) parser.add_option("-d", "--headers", dest="headers", action="store_true", default=False, help="return headers") parser.add_option("-m", "--method", dest="method", help="request method (default is GET)", default="GET") parser.add_option("-p", "--post_params", dest="post_params", help="post parameters in \"key=value&key2=value\" pairs", default="") (options, args) = parser.parse_args() if len(args) != 1: parser.error("Insufficient args matey!") else: request(args[0], options.headers, options.method, options.post_params) """ Where the action is. Send the request to the given server and dump the response to stdout. """ def request(url, headers, method, post_params): if len(post_params): req = RequestWithMethod(method, url, data=post_params) else: req = RequestWithMethod(method, url) try: resp = urllib2.urlopen(req) except urllib2.URLError, resp: pass if headers: print resp.info() print resp.read() def parsePostVars(post_params): pass parsedParm[:] = [] parsedPostParms = post_params.split('&') for i in range(0, len(parsedPostParms)): parsedParm.append(parsedPostParms[i].split('=')) result = dict(parsedParm[:]) return result """ Pulled this from http://benjamin.smedbergs.us/blog/2008-10-21/putting-and-deleteing-in-python-urllib2/ in order to be able to support OPTIONS, TRACE, PUT and DELETE methods. """ class RequestWithMethod(urllib2.Request): def __init__(self, method, *args, **kwargs): self.method = method urllib2.Request.__init__(self, *args, **kwargs) def get_method(self): return self.method if __name__ == "__main__": main()