CODEWITHSUNDEEP
python
ChickenMinh
ChickenMinh

Reputation: 47

My python code with 'sys.argv' not worked

I am making a SSRF scanner by python but I don't know much about 'sys.argv' in python. Here is my code and it doesn't work when I running(python3):

class targets:
    def __init__(self, url, ip, port, method, param, error):
        self.url = url
        self.ip = ip
        self.port = port
        self.method = method
        self.param = param
        self.er = error 

    def scan(target):
        print("Success!")
        print(target.url)
        print(target.method)
        print(target.ip)

for carg in sys.argv:
    target = targets('', '', '', '', '', "Please enter a valid command. If you don't know how to use it, enter '-help'")
    if "-u" in carg:
        argnum = sys.argv.index(carg)
        argnum += 1
        target.url = sys.argv[argnum]
        if "-g" in carg:
            argnum += 1
            target.method = "g"
            if "-i" in carg:
                argnum = sys.argv.index(carg)
                argnum += 1
                target.ip = sys.argv[argnum]
            if "-pt" in carg:
                argnum = sys.argv.index(carg)
                argnum += 1
                target.port = sys.argv[argnum]
        if "-p" in carg:
            if not "-pa" in carg:
                print("Please enter the parameters of request(POST)")
                quit
            argnum += 1
            target.method = "p"
            if "-i" in carg:
                argnum = sys.argv.index(carg)
                argnum += 1
                target.ip = sys.argv[argnum]
            if "-p" in carg:
                argnum = sys.argv.index(carg)
                argnum += 1
                target.port = sys.argv[argnum]
        else:
            print(target.er)
            quit
        target.scan()

    elif carg == "-help":
        tuto = open("tutorial.dat", "r")
        tuto.read()
        tuto.close
        print(tuto)
    else:
        print(target.er)

After running this code: ssrf.py -u google.com -g -i 123.123.123.123

I receive back this:

Please enter a valid command. If you don't know how to use it, enter '-help'
Please enter a valid command. If you don't know how to use it, enter '-help'
Success!
google.com


Please enter a valid command. If you don't know how to use it, enter '-help'
Please enter a valid command. If you don't know how to use it, enter '-help'
Please enter a valid command. If you don't know how to use it, enter '-help'
Please enter a valid command. If you don't know how to use it, enter '-help'

That not the thing I am waiting for:

Success!
google.com
g
123.123.123.123

Can anyone tell me what wrong in this code!(Sorry if this is a stupid question and sorry if bad English)

Upvotes: 0

Views: 165

Answers (1)

Prayson W. Daniel
Prayson W. Daniel

Reputation: 15568

sys.argv is not the right tool for that task. Use argparse. Python Documentation is very rich with examples on using sys and argparse

Python Doc argparse

Example:

#pars.py
import argparse


parser = argparse.ArgumentParser('SSRF',
    description='SSRF scanner description')

parser.add_argument('-u','--url', metavar='url',
    type=str, required=True, help='url to scan' )

parser.add_argument('-i','--ip', metavar='ip',
    type=str, required=True, help='ip address' )

parsed = parser.parse_args()

# do something parsed.url or parsed.ip
print(parsed.url, parsed.ip)
print(parsed)

# run
#>>> python pars.py --help
#>>> python pars.py -i 133.333.3 -u hello.com
#>>> python pars.py --url world.com --ip 123.45.6

Upvotes: 1

Related Questions