Python Regular Expression - Find all words between two specific words on different lines
Question
for context I am attempting to create a script for the TryHackMe 'Dogcat' LFI CTF, I have gotten so far as to being able to inject commands via the LFI / Log Poisoning vulnerability but now I want to be able to filter out the response.
The current issue I believe is that the regular expression is failing because of the way the files are returned in the HTML and I can't seem to find out how to get it to work, any help is greatly appreciated (example below)
HTML OUTPUT
<ip> - - [10/Jun/2020:07:41:20 +0000] "GET / HTTP/1.1" 200 537 "-" "Mozilla/5.0 access.log
cat.php
cats
dog.php
dogs
flag.php
index.php
style.css
Firefox/69.0"
PYTHON
response = request.get(url+"/?view=php://filter/dog/resource=/var/log/apache2/access.log&ext"+cmd+command)
html_content = response.text
test = "Mozilla/5.0 access.log cat.php cats dog.php dogs flag.php index.php style.css Firefox/69.0"
#The Test works but the real content doesn't, likely something to do with the new lines after each file.
output = re.findall("Mozilla/5.0 (.*?) Firefox/69.0", html_content)
try:
print(output)
except:
print("There was an error.")
1 answers
solution1
2 ACCPTED 2020-06-10 07:56:13
If you use the dot in regular expressions it does not includes line breaks. And remember that dots from 5.0 or 69.0 are being considered "any character" too, it should be scaped. Try this regex:
Mozilla/5\.0 ([\S\s]*?) Firefox/69\.0
With [\S\s] you are including everything, when you use that it is very important to use a not eager quantifier with the? after *.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.