0

I am making a SSRF scanner by python but I don't know much about 'sys.argv' in python. Here is my code and it doesn't work when I running(python3):

class targets: def __init__(self, url, ip, port, method, param, error): self.url = url self.ip = ip self.port = port self.method = method self.param = param self.er = error def scan(target): print("Success!") print(target.url) print(target.method) print(target.ip) for carg in sys.argv: target = targets('', '', '', '', '', "Please enter a valid command. If you don't know how to use it, enter '-help'") if "-u" in carg: argnum = sys.argv.index(carg) argnum += 1 target.url = sys.argv[argnum] if "-g" in carg: argnum += 1 target.method = "g" if "-i" in carg: argnum = sys.argv.index(carg) argnum += 1 target.ip = sys.argv[argnum] if "-pt" in carg: argnum = sys.argv.index(carg) argnum += 1 target.port = sys.argv[argnum] if "-p" in carg: if not "-pa" in carg: print("Please enter the parameters of request(POST)") quit argnum += 1 target.method = "p" if "-i" in carg: argnum = sys.argv.index(carg) argnum += 1 target.ip = sys.argv[argnum] if "-p" in carg: argnum = sys.argv.index(carg) argnum += 1 target.port = sys.argv[argnum] else: print(target.er) quit target.scan() elif carg == "-help": tuto = open("tutorial.dat", "r") tuto.read() tuto.close print(tuto) else: print(target.er)

After running this code: ssrf.py -u google.com -g -i 123.123.123.123

I receive back this:

Please enter a valid command. If you don't know how to use it, enter '-help' Please enter a valid command. If you don't know how to use it, enter '-help' Success! google.com Please enter a valid command. If you don't know how to use it, enter '-help' Please enter a valid command. If you don't know how to use it, enter '-help' Please enter a valid command. If you don't know how to use it, enter '-help' Please enter a valid command. If you don't know how to use it, enter '-help'

That not the thing I am waiting for:

Success! google.com g 123.123.123.123

Can anyone tell me what wrong in this code!(Sorry if this is a stupid question and sorry if bad English)

Improve this question
2
  • 1
    sys.argv is a list of strings. So each element of sys.argv (e.g. carg) is just a string. So you probably don't want to do things like if "-u" in carg, but instead just do if carg == "-u". This should all be very easy to debug. Just print out sys.argv and carg and it should be immediately obvious where you're going wrong. Commented Nov 16, 2019 at 6:02
  • I have try it but still it not working good:((((((((( Commented Nov 16, 2019 at 8:57

1 Answer 1

Reset to default
1

sys.argv is not the right tool for that task. Use argparse. Python Documentation is very rich with examples on using sys and argparse

Python Doc argparse

Example:

#pars.py import argparse parser = argparse.ArgumentParser('SSRF', description='SSRF scanner description') parser.add_argument('-u','--url', metavar='url', type=str, required=True, help='url to scan' ) parser.add_argument('-i','--ip', metavar='ip', type=str, required=True, help='ip address' ) parsed = parser.parse_args() # do something parsed.url or parsed.ip print(parsed.url, parsed.ip) print(parsed) # run #>>> python pars.py --help #>>> python pars.py -i 133.333.3 -u hello.com #>>> python pars.py --url world.com --ip 123.45.6
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you so much! I have used it perfectly!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.