import requests
import re

def check_vulnerability(url):
    try:
        # Send a GET request to the URL
        response = requests.get(url)

        # Check for DataTables in the response text
        if "datatables.net" in response.text:
            print("[+] DataTables detected in response.")

            # Look for the version in script tags
            version_pattern = re.compile(r"datatables\.net(?:@|\s+)(\d+\.\d+\.\d+)")
            version = version_pattern.search(response.text)

            # Alternatively, look for DataTables in the JavaScript files linked in the HTML
            script_pattern = re.compile(r"<script.*?src=[\"'].*?/datatables\.net[\"'].*?>", re.IGNORECASE)
            scripts = script_pattern.findall(response.text)

            if scripts:
                for script in scripts:
                    # Extract version from the script src if it contains the version number
                    version_match = re.search(r"datatables\.net(?:@|\s+)(\d+\.\d+\.\d+)", script)
                    if version_match:
                        version = version_match.group(1)
                        break

            if version:
                print(f"[+] DataTables version detected: {version}")
                if version < "1.10.23":
                    print(f"[!] Vulnerable to CVE-2020-28458. Version: {version}")
                else:
                    print(f"[-] DataTables version {version} is not vulnerable.")
            else:
                print("[-] Could not detect DataTables version.")
        else:
            print("[-] DataTables not found in the response.")

    except requests.RequestException as e:
        print(f"[!] Error connecting to {url}: {e}")

if __name__ == "__main__":
    target_url = input("Enter the target URL (e.g., http://example.com): ")
    check_vulnerability(target_url)