|
|
@@ -2,6 +2,7 @@
|
|
|
# depends (debian) python3-lxml
|
|
|
import sys
|
|
|
import email
|
|
|
+from base64 import b64encode
|
|
|
from lxml import html as HTML
|
|
|
|
|
|
def iter(e):
|
|
|
@@ -32,16 +33,23 @@ INJECTED = {
|
|
|
'text/html': False,
|
|
|
}
|
|
|
|
|
|
+def recode(msg, payload, encoder):
|
|
|
+ _bytes = payload.encode("utf-8")
|
|
|
+ if encoder is email.encoders.encode_base64:
|
|
|
+ msg.set_payload(b64encode(_bytes))
|
|
|
+ else:
|
|
|
+ msg.set_payload(_bytes)
|
|
|
+ encoder(msg)
|
|
|
+
|
|
|
def inject(m):
|
|
|
c = m.get_content_type()
|
|
|
e = m.get('Content-Transfer-Encoding','').lower()
|
|
|
- payload = m.get_payload(decode=True).decode("utf-8")
|
|
|
+ payload = m.get_payload(decode=True).decode(m.get_content_charset("utf-8"))
|
|
|
|
|
|
if c == 'text/plain' and txt not in payload:
|
|
|
- payload = payload + f"""
|
|
|
-{txt}
|
|
|
-"""
|
|
|
- if c == 'text/html':
|
|
|
+ payload += f"\n{txt}\n"
|
|
|
+
|
|
|
+ elif c == 'text/html':
|
|
|
h = HTML.fromstring(payload)
|
|
|
payload = drop_banner(h)
|
|
|
|
|
|
@@ -58,8 +66,8 @@ def inject(m):
|
|
|
encode = email.encoders.encode_base64
|
|
|
else:
|
|
|
encode = email.encoders.encode_noop
|
|
|
- m.set_payload(payload.encode("utf-8"))
|
|
|
- encode(m)
|
|
|
+
|
|
|
+ recode(m, payload, encode)
|
|
|
m.set_charset("utf-8")
|
|
|
|
|
|
def visit(m):
|
Pi