🚀Starting Point

Ensure that the main() function is globally accessible, and utilize the Lotus utilities to create an outstanding script. However, before proceeding, set your Script type first.

What type of scanning do you wish to perform?

SCAN ID INPUT TYPE Example Access It

SCAN ID	INPUT TYPE	Example	Access It
0	Full http request	`{"url":"<url>","method":"<method>","headers":"headers","body":"body"}`	`full_req`
1	HOSTS	`testphp.vulnweb.com`	`INPUT_DATA`
2	FULL URL Including Parameters	`http://testphp.vulnweb.com/artists.php?artist=1`	`HttpMessage:url()`
3	Passing URL Paths only without Parameters	`http://testphp.vulnweb.com/artists.php?artist=1`	`HttpMessage:url()`
4	Custom input handler	it can be anything but for example `123.1.2.3.5`	`INPUT_DATA`

Full http request

`{"url":"<url>","method":"<method>","headers":"headers","body":"body"}`

`full_req`

HOSTS

testphp.vulnweb.com

INPUT_DATA

FULL URL Including Parameters

http://testphp.vulnweb.com/artists.php?artist=1

HttpMessage:url()

Passing URL Paths only without Parameters

http://testphp.vulnweb.com/artists.php?artist=1

HttpMessage:url()

Custom input handler

it can be anything but for example 123.1.2.3.5

INPUT_DATA

-- hacking_script.lua

SCAN_TYPE = 2

function main() 
    println("Hello World :D")
end

and then call it

$ echo "http://target.com" | lotus urls hacking_script.lua -o out.json 
Hello World :D

DEV Enviroment

Use any editor you want but ensure that you've installed the Lua Server Plugin

and then open the lotus scripts repo you will be able to use automcomplete for lotus function

finished your script and want to publish it?

$ git checkout -b new_script
$ git add myscript.lua
$ git commit -m 'new script for X'
$ git push origin new_script

PreviousCLI NextNetwork

Last updated 9 months ago