
ExploitExpress v1.0.0 - Scripting Guidelines
Written By: Epicurus (epicurus@wilter.com)

This document is by no means a guide or tutorial for writing ExploitExpress scripts. This document simply outlines the structure of ExploitExpress scripts. If you've never programmed anything before, you might be able to figure out how to write ExploitExpress scripts using this document. If you have programmed before, I surely hope you can figure it out from this document.

If, after reading through this, you still don't know what you're doing, take a look at some example scripts. Some scripts should've come with the ExploitExpress package.


+--------------------------------------+
| Reserved Words                       |
+--------------------------------------+

print
usage: print=<what>
summary: Prints <what> with a newline at the end.

prompt
usage: prompt=<what>
summary: Prints <what> without a newline at the end (usefull for prompting input from the user).

STDIN
usage: <name>=STDIN
summary: Sets the value of <name> to input from STDIN (standard input).

OPTION
usage: OPTION=[<option1>],[<option2>],[<etc>]
summary: OPTION presents users with a list of options. Usefull if a field only has certain values that are accepted, or if you wish a field to only have certain values. The above example would print <option1>, <option2>, and <etc> on their own lines, preceded by their place in the list, and prompt the user to choose one of the options. If an invalid answer is given, it'll ask again. Note that the [ and ] on either side of each option is required.

CGI_URL
usage: CGI_URL=<url>
summary: <url> is the URL where the CGI script is located. In the same format as a URL would appear to netscape or any other browser. Can be http://www.host.com[:<port>]/cgi-bin/script.cgi or www.host.com[:<port>]/cgi-bin/script.cgi port will default to 80 if omitted. This is reqired.

HTTP_REFER
usage: HTTP_REFER=<referer>
summary: Bypass referer based security using this. No referer is given if omitted.

var_
usage: var_<form_field_name>=<value>
summary: Form field names will start with "var_". If the form field name is really "name" it would be set as "var_name" in your script.

loop
usage: loop=true
summary: If loop is set to "true", the request will loop.

loop_times
usage: loop_times=<integer>
summary: The request will loop <integer> times. Only works if loop is true.

METHOD
usage: METHOD=<method>
sumary: The request method to be used. GET and POST are both accepted. If not set "GET" will be used.

USER_AGENT
usage: USER_AGENT=<user_agent>
summary: <user_agent> will be sent as part of the request to the server. If not set this will default to "ExploitExpress/1.0 (Perl)".

END_REPORT
usage: END_REPORT=<report>
summary: <report> will be printed to the user when the the server request(s) is/are finished.

DEBUG
usage: DEBUG=<1>
summary: If DEBUG is set to 1, everything the server outputs to you will be shown on-screen. This can be very usefull for debugging your scripts (uh, that's why it's called DEBUG)


+--------------------------------------+
| Variables                            |
+--------------------------------------+

Variables can be used throughout the script. Variables are simply the name of the variable with dollar signs on either side. One example of creating and using a variable would be:

prompt=Your Name: 
your_name=STDIN
print=Howdy $$your_name$$, nice to meet you

one interesting thing about how I've got the variables working is that you can use ANY left value (I call it a name) as a variable. If you added "print=I last printed: $$print$$" to the above chunk of script, it'd print the last thing it printed in place of $$print$$.


+--------------------------------------+
| Other Stuff                          |
+--------------------------------------+

Commenting:

Commenting your code is simple. Any line that begins with a pound sign (#) is ignored by the script parser. Anything after a pound sign on ANY line is ignored by the script parser.

Required Settings:

The ONLY thing you are required to set before ending your script is the CGI_URL. If not set, your script will still parse and function, but will die when it tries to submit your request to the server.


----------------------------------------
Copyright  1997-1999 Wiltered Fire
All Rights Reserved.