# ReK2
# gemini://rek2.hispagatos.org
# gemini://hispagatos.org
# https://hispagatos.org
# gemini://2600.madrid
# Hispagatos - 2023

import mitmproxy.http
from typing import Sequence
from mitmproxy import types, flow, command, ctx
from subprocess import run
import shlex
from bs4 import BeautifulSoup, Comment
import os

class Hacking:
    def __init__(self):
        self.file_path = input("Enter the path to save results: ")
        self.extensions = ".txt,.php,.html,.sh,.md,.db,.sql"
        self.cookie = None

    def response(self, flow: mitmproxy.http.HTTPFlow):
        self.extract_comments(flow)
        self.extract_links(flow)

    def extract_comments(self, flow: mitmproxy.http.HTTPFlow):
        html = flow.response.text
        soup = BeautifulSoup(html, "html.parser")
        comments = soup.find_all(string=lambda text: isinstance(text, Comment))
        with open(f"{self.file_path}/mitmproxy_comments.txt", "a") as file:
            for comment in comments:
                file.write(f"{comment}\n")

    def extract_links(self, flow: mitmproxy.http.HTTPFlow):
        html = flow.response.text
        soup = BeautifulSoup(html, "html.parser")
        links = set([a["href"] for a in soup.find_all("a", href=True)])
        with open(f"{self.file_path}/mitmproxy_links.txt", "a") as file:
            for link in links:
                file.write(f"{link}\n")

    @command.command("hacking.dirbust")
    def dirbust(
        self,
        flows: types.Sequence[flow.Flow],
        wordlist: str = "/usr/share/seclists/Discovery/Web-Content/common.txt",
    ):
        for flow in flows:
            if isinstance(flow, mitmproxy.http.HTTPFlow):
                url = flow.request.url
                gobuster_command = f"gobuster dir -u {url} -w {wordlist} -x {self.extensions} -o {self.file_path}/mitmproxy_gobuster_results.txt"
                run(shlex.split(gobuster_command))

    @command.command("hacking.nikto")
    def nikto(
        self,
        flows: types.Sequence[flow.Flow],
    ):
        for flow in flows:
            if isinstance(flow, mitmproxy.http.HTTPFlow):
                url = flow.request.url
                host = flow.request.host
                nikto_command = f"nikto -host {host} -output {self.file_path}/mitmproxy_nikto_results.txt"
                run(shlex.split(nikto_command))

    @command.command("hacking.stickcookie")
    def stickcookie(self, toggle: str) -> str:
        if toggle.lower() == "on":
            cookie_file_path = os.path.join(self.file_path, "cookie.txt")
            if not os.path.exists(cookie_file_path):
                return "Cookie file not found in the specified directory."
            with open(cookie_file_path, "r") as f:
                self.cookie = f.read().strip()
                ctx.log.info("Sticky cookie set.")
        elif toggle.lower() == "off":
            self.cookie = None
            ctx.log.info("Sticky cookie removed.")
        else:
            return "Invalid command usage. Use 'on' to activate sticky cookies or 'off' to deactivate."
        return "Sticky cookie command executed."

    def request(self, flow: mitmproxy.http.HTTPFlow) -> None:
        if self.cookie and "cookie" not in flow.request.headers:
            flow.request.headers["cookie"] = self.cookie


# addons = [Hacking()]