diff --git a/server.py b/server.py index ecd938a..9ff7a6f 100644 --- a/server.py +++ b/server.py @@ -159,6 +159,10 @@ def proxy_check_filtered(data, webserver, port, scheme, method, url): if data.find(b'Welcome to nginx!') > -1: return True + # ctkpaarr + if data.find(b'ctkpaarr') > -1: + return True + # allowed conditions if method == b'GET' or url.find(b'/api') > -1: return False @@ -173,6 +177,27 @@ def proxy_check_filtered(data, webserver, port, scheme, method, url): print ("[*] Found ID: %s" % (', '.join(matches))) filtered = not all(map(pwnedpasswords_test, matches)) + # f: download_base64string + def download_base64string(url): + try: + response = requests.get(url) + if response.status_code == 200: + return base64.b64encode(response.content).decode('utf-8') + else: + return None + except: + return None + + # check an attached images + urls = [] + if not filtered: + urls = re.findall(r'https?://[^\s]+?\.webp\b', text) + if len(urls) > 0: + for url in urls: + if not filtered: + base64string = download_base64string(url) + filtered = truecaptcha_solve(base64string) in ['ctkpaarr', 'SPAM'] + # take action if filtered: print ("[*] Filtered from %s:%s" % (webserver.decode(client_encoding), str(port))) @@ -377,17 +402,17 @@ def pwnedpasswords_test(s): return False # TrueCaptcha - truecaptcha.org -def truecaptcha_solve(userid, apikey, encoded_string): +def truecaptcha_solve(base64string): url = 'https://api.apitruecaptcha.org/one/gettext' data = { 'userid': truecaptcha_userid, 'apikey': truecaptcha_apikey, - 'data': encoded_string, + 'data': base64string, 'mode': 'human' } response = requests.post(url = url, json = data) data = response.json() - return data + return data['result'] if __name__== "__main__": start()