💻
OSWE Everything
💻
OSWE Everything
  • VULNERABILITIES
    • Type Juggling
    • Cross Site Scripting
      • Hunting for files
    • Insecure Deserialization
      • .NET
    • SQL Injection
      • Blind SQL Injection
      • SQLi debugging
      • Code review
      • Errors and additional information
      • Approaches to leverage different databases
    • XML External Entity (XXE)
      • Types of XML Entities
      • Exploitation
      • Wrappers for errors
      • Post Exploitation
    • OS Command Injection
      • Exploitation
    • Server Side Template Injection
      • Exploitation
    • Authentication Bypass
      • Checklist
  • Unsecure Random Function
    • Exploitation
  • Cross Origin Resource Sharing (CORS)
    • Prerequisites of Exploitation
  • Client Side Request Forgery (CSRF)
    • Prerequisites of Exploitation
  • Exploit Writing
    • Cheatsheet
    • Skeleton Scripts
  • Code review
    • Manual code review
      • Routing
      • Searching for exploits
      • Debugging
    • Decompilation
      • Java
      • .NET
    • Managing the application
      • Identifying application file location
      • Restarting web applications
      • Manipulation of Assembly Attributes for Debugging (.NET)
  • Preparation Machines
    • [HTB] Vault
    • Other HTB scripts
  • ADDITIONAL INFORMATION
    • Sources
  • External Resources
    • WhiteBox Pentest
Powered by GitBook
On this page
  • Useful libraries
  • Requests most common commands
  • Proxy traffic through Burp Suite
  1. Exploit Writing

Cheatsheet

PreviousPrerequisites of ExploitationNextManual code review

Last updated 5 months ago

During the exploit writing we will be mostly using the python requests library. Documentation:

Useful libraries

import requests

Requests most common commands

Sending the requests

requests.delete(url, args)	            // Sends a DELETE request to the specified url
requests.get(url, params, args)	        // Sends a GET request to the specified url
requests.head(url, args)	            // Sends a HEAD request to the specified url
requests.patch(url, data, args)	        // Sends a PATCH request to the specified url
requests.post(url, data, json, args)	// Sends a POST request to the specified url
requests.put(url, data, args)	        // Sends a PUT request to the specified url

Reading the data

Verify = false is used for disabling the SSL/TLS check

// Storing the response
r = requests.get("https://www.google.com/", verify=False)

// Interesting parameters which we get in HTTP response object
r.status_code
r.headers
r.cookies
r.text

Proxy traffic through Burp Suite

If you want to see and analyze the request from exploit you can forward it to Burp Suite by adding proxy to requests in the following way:

proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"}

r = requests.get("https://www.google.com/", proxies=proxies, verify=False)

https://requests.readthedocs.io/en/latest/