-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.py
55 lines (46 loc) · 2.13 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
import flask
import json
import urllib.parse
import os
import requests
app = flask.Flask(__name__)
subscriptionKey = os.getenv("subscriptionKey")
endpoint = 'https://api.bing.microsoft.com'
customConfigId = 'e5f9a53e-48fa-4b66-9d43-9b52fb158d18'
@app.route('/')
def index():
if query := flask.request.args.get('query'):
return flask.redirect(f"/{query}")
return "Welcome to pdork V2. Supply a query to get a new site." +\
"<form action=\"/\">" +\
"<input type=\"text\" id=\"query\" name=\"query\">" +\
"<input type=\"submit\" value=\"Submit\"><br><br>" +\
"What am I looking at? <br> "+\
"- This site bing dorks pastebin for your query plus the term <!DOCTYPE html> "+\
"and returns the first result as a webpage <br>" +\
"Why? <br>"+\
"- V1 was a project for RITSEC. It was an exploration of pastebin dorking, including finding crypto private"+\
"keys, phishing, seo, and more chaos. Unfortunately, the recording has no sound. <br>"+\
"What's new in V2?<br>" +\
"- V2 cleans up some dangling unfinished features and makes the website spiderable.<br><br><br>"+\
"Find me on <br> <a href=https://github.com/secureighty>github</a> <br>"+\
"<a href=https://www.linkedin.com/in/secureighty/>linkedin</a><br>"+\
"<a href=https://twitter.com/Secureighty>twitter</a><br>"
@app.route('/<path:query>')
def site(query):
return get_site(query)
def get_site(query):
global subscriptionKey
global customConfigId
global endpoint
searchTerm = urllib.parse.quote_plus("site:pastebin.com <!DOCTYPE html> " + query)
resp = requests.get(f"{endpoint}/v7.0/custom/search?q={searchTerm}%20&customconfig={customConfigId}&mkt=en-US", headers={"Ocp-Apim-Subscription-Key":subscriptionKey})
searchresult = resp.json()
try:
firsturl = searchresult["webPages"]["value"][0]["url"]
firsturl = firsturl[:20]+'/raw'+firsturl[20:]
rawtext=requests.get(firsturl).text
return rawtext
except KeyError:
return flask.Response("404 :/", status=404)
app.run()