pasthook_scrap.py

import aiohttp
import asyncio
from bs4 import BeautifulSoup

async def fetch_url(session, url, timeout, vulnerable_data):
    try:
        async with session.get(url, timeout=timeout) as response:
            if response.status == 200:
                # Extract the title from the response
                soup = BeautifulSoup(await response.text(), 'html.parser')
                title = soup.title.string.strip() if soup.title else f"Untitled_{url.split('=')[-1]}"
                
                print(f"Vulnerable URL found: {url}, Title: {title}")
                
                # Save content to a text file
                content_url = f"{base_url}/paste.php?raw&id={url.split('=')[-1]}"
                async with session.get(content_url, timeout=timeout) as content_response:
                    content = await content_response.text()
                    save_to_file(title, content, url.split('=')[-1])
                
                vulnerable_data.append({
                    'title': title,
                    'vulnerable_id': int(url.split('=')[-1]),
                    'content': content
                })
    except asyncio.TimeoutError:
        print(f"Request to {url} timed out.")
    except Exception as e:
        print(f"Error for {url}: {e}")

async def check_vulnerability_async(base_url, min_id, max_id, timeout=50, retries=3):
    vulnerable_data = []

    async with aiohttp.ClientSession() as session:
        tasks = []
        for i in range(min_id, max_id + 1):
            url = f"{base_url}/paste.php?id={i}"
            for _ in range(retries):
                tasks.append(fetch_url(session, url, timeout, vulnerable_data))
        await asyncio.gather(*tasks)

    return vulnerable_data

def save_to_file(title, content, vulnerable_id):
    # Remove " - Pastehook" from the title
    cleaned_title = title.replace(" - Pastehook", "").strip()
    filename = f"{vulnerable_id} - {cleaned_title}.txt"
    with open(filename, "w", encoding="utf-8") as file:
        file.write(content)
    print(f"Content saved to {filename}")

def save_vulnerable_ids_to_file(vulnerable_data):
    with open("vulnerable_ids.txt", "w", encoding="utf-8") as file:
        for item in vulnerable_data:
            title = item['title']
            vulnerable_id = item['vulnerable_id']
            file.write(f"Title: {title}\n")
            file.write(f"Vulnerable ID: {vulnerable_id}\n\n")

if __name__ == "__main__":
    base_url = "https://pastehook.com"
    min_id_to_check = 3000
    max_id_to_check = 3200
    timeout_seconds = 60

    print("Starting vulnerability scan...")
    try:
        vulnerable_data = asyncio.run(check_vulnerability_async(base_url, min_id_to_check, max_id_to_check, timeout=timeout_seconds))
        
        if vulnerable_data:
            print("Vulnerable IDs:")
            for item in vulnerable_data:
                print(item['vulnerable_id'])
            save_vulnerable_ids_to_file(vulnerable_data)
            print("Vulnerable IDs saved to 'vulnerable_ids.txt'.")
        else:
            print("No vulnerabilities found.")
        
        print("Vulnerability scan completed.")
    except KeyboardInterrupt:
        print("Vulnerability scan interrupted.")

    # Close the event loop
    asyncio.get_event_loop().close()