def logo(): from core.alert import write_to_api_console from core import color from core.color import finish write_to_api_console(''' ______ __ _____ _____ / __ \ \ / /\ / ____| __ \ | | | \ \ /\ / / \ | (___ | |__) | | | | |\ \/ \/ / /\ \ \___ \| ___/ | |__| | \ /\ / ____ \ ____) | | {2}Version {0}{3} \____/ \/ \/_/ \_\_____/|_| {4}{1}{5} _ _ _ _ _ | \ | | | | | | | | {6}github.com/viraintel{7} | \| | ___| |_| |_ __ _ ___| | _____ _ __ {8}owasp.org{9} | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__| {10}viraintel.com{11} | |\ | __/ |_| || (_| | (__| < __/ | |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_| \n\n'''.format(__version__, __code_name__, color.color('red'), color.color('reset'), color.color('yellow'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset'))) finish()
def __die_success(): """ exit the framework with code 0 """ from core.color import finish finish() sys.exit(0)
def start_attack(target, num, total, scan_method, users, passwds, timeout_sec, thread_number, ports, log_in_file, time_sleep, language, verbose_level, show_version, check_update, proxies, retries, ping_flag, methods_args): info(messages(language, 45).format(str(target), str(num), str(total))) # Calling Engines # BruteForce Engines if scan_method[-6:] == '_brute': try: start = getattr( __import__('lib.brute.%s.engine' % (scan_method.rsplit('_brute')[0]), fromlist=['start']), 'start') except: error(messages(language, 46).format(scan_method)) from core.color import finish finish() sys.exit(1) start(target, users, passwds, ports, timeout_sec, thread_number, num, total, log_in_file, time_sleep, language, verbose_level, show_version, check_update, proxies, retries, ping_flag, methods_args) # Scanners Engines if scan_method[-5:] == '_scan': try: start = getattr( __import__('lib.scan.%s.engine' % (scan_method.rsplit('_scan')[0]), fromlist=['start']), 'start') except: error(messages(language, 46).format(scan_method)) from core.color import finish finish() sys.exit(1) start(target, users, passwds, ports, timeout_sec, thread_number, num, total, log_in_file, time_sleep, language, verbose_level, show_version, check_update, proxies, retries, ping_flag, methods_args)
def check(language): if 'linux' in os_name() or 'darwin' in os_name(): pass # os.system('clear') elif 'win32' == os_name() or 'win64' == os_name(): #if language != 'en': # from core.color import finish # from core.alert import error # error('please use english language on windows!') # finish() # sys.exit(1) # os.system('cls') pass else: error(messages(language, 47)) from core.color import finish finish() sys.exit(1) if version() is 2 or version() is 3: pass else: error(messages(language, 48)) from core.color import finish finish() sys.exit(1) logo() return
def __die_failure(msg): """ exit the framework with code 1 Args: msg: the error message """ from core.color import finish from core.alert import error error(msg) finish() sys.exit(1)
def build_graph(graph_flag, language, data, _HOST, _USERNAME, _PASSWORD, _PORT, _TYPE, _DESCRIPTION): info(messages(language, 88)) try: start = getattr( __import__('lib.graph.%s.engine' % (graph_flag.rsplit('_graph')[0]), fromlist=['start']), 'start') except: error(messages(language, 98).format(graph_flag)) from core.color import finish finish() sys.exit(1) info(messages(language, 89)) return start(graph_flag, language, data, _HOST, _USERNAME, _PASSWORD, _PORT, _TYPE, _DESCRIPTION)
def start_attack(target, num, total, scan_method, users, passwds, timeout_sec, thread_number, ports, log_in_file, time_sleep, language, verbose_level, socks_proxy, retries, ping_flag, methods_args, scan_id, scan_cmd): info(messages(language, 45).format(str(target), str(num), str(total))) # Calling Engines try: start = getattr( __import__('lib.{0}.{1}.engine'.format( scan_method.rsplit('_')[-1], '_'.join(scan_method.rsplit('_')[:-1])), fromlist=['start']), 'start') except: error(messages(language, 46).format(scan_method)) from core.color import finish finish() sys.exit(1) start(target, users, passwds, ports, timeout_sec, thread_number, num, total, log_in_file, time_sleep, language, verbose_level, socks_proxy, retries, ping_flag, methods_args, scan_id, scan_cmd) return 0
def logo(): """ OWASP HoneyPot Logo """ from core.alert import write_to_api_console from core.color import finish write_to_api_console(""" ______ __ _____ _____ / __ \ \ / /\ / ____| __ \ | | | \ \ /\ / / \ | (___ | |__) | | | | |\ \/ \/ / /\ \ \___ \| ___/ | |__| | \ /\ / ____ \ ____) | | \____/ \/ \/_/ \_\_____/|_| _ _ _____ _ | | | | | __ \ | | | |__| | ___ _ __ ___ _ _| |__) |__ | |_ | __ |/ _ \| "_ \ / _ \ | | | ___/ _ \| __| | | | | (_) | | | | __/ |_| | | | (_) | |_ |_| |_|\___/|_| |_|\___|\__, |_| \___/ \__| __/ | |___/ \n\n""") finish()
def check_all_required(targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list): # Checking Requirements # import libs from core.color import finish from core import compatible # Check Help Menu if help_menu_flag is True: parser.print_help() write('\n\n') write(messages(language, 3)) finish() sys.exit(0) # Check if method args list called if method_args_list is True: from core.load_modules import load_all_method_args load_all_method_args(language) finish() sys.exit(0) # Check version if show_version is True: from core import color info( messages(language, 84).format(color.color('yellow'), compatible.__version__, color.color('reset'), color.color('cyan'), compatible.__code_name__, color.color('reset'), color.color('green'))) finish() sys.exit(0) # Check update if check_update is True: from core.update import _update _update(compatible.__version__, compatible.__code_name__, language) finish() sys.exit(0) # Check the target(s) if targets is None and targets_list is None: parser.print_help() write("\n") error(messages(language, 26)) finish() sys.exit(1) else: if targets is not None: targets = list(set(targets.rsplit(","))) elif targets_list is not None: try: targets = list(set(open(targets_list, "rb").read().rsplit())) except: error(messages(language, 27).format(targets_list)) finish() sys.exit(1) # Check thread number if thread_number > 100 or thread_number_host > 100: warn(messages(language, 28)) # Check timeout number if timeout_sec is not None and timeout_sec >= 15: warn(messages(language, 29).format(timeout_sec)) # Check scanning method if scan_method is not None and scan_method == "all": scan_method = module_names scan_method.remove("all") elif scan_method is not None and scan_method not in module_names: if "," in scan_method: scan_method = scan_method.rsplit(",") for sm in scan_method: if sm not in module_names: error(messages(language, 30).format(sm)) finish() sys.exit(1) if sm == "all": scan_method = module_names scan_method.remove("all") break else: error(messages(language, 31).format(scan_method)) finish() sys.exit(1) elif scan_method is None: error(messages(language, 41)) finish() sys.exit(1) else: scan_method = scan_method.rsplit() if exclude_method is not None: exclude_method = exclude_method.rsplit(",") for exm in exclude_method: if exm in scan_method: if "all" == exm: messages(language, 32) finish() sys.exit(1) else: scan_method.remove(exm) if len(scan_method) is 0: messages(language, 33) finish() sys.exit(1) else: messages(language, 34).format(exm) finish() sys.exit(1) # Check port(s) if type(ports) is not list and ports is not None and "-" in ports: ports = ports.rsplit("-") ports = range(int(ports[0]), int(ports[1]) + 1) elif type(ports) is not list and ports is not None: ports = ports.rsplit(",") # Check user list if users is not None: users = list(set(users.rsplit(","))) elif users_list is not None: try: users = list(set( open(users_list).read().rsplit("\n"))) # fix later except: error(messages(language, 37).format(targets_list)) finish() sys.exit(1) # Check password list if passwds is not None: passwds = list(set(passwds.rsplit(","))) if passwds_list is not None: try: passwds = list(set( open(passwds_list).read().rsplit("\n"))) # fix later except: error(messages(language, 39).format(targets_list)) finish() sys.exit(1) # Check output file try: tmpfile = open(log_in_file, "w") except: error(messages(language, 40).format(log_in_file)) finish() sys.exit(1) # Check Graph if graph_flag is not None: if graph_flag not in load_all_graphs(): error(messages(language, 97).format(graph_flag)) finish() sys.exit(1) if not (log_in_file.endswith('.html') or log_in_file.endswith('.htm')): warn(messages(language, 87)) graph_flag = None # Check Socks if socks_proxy is not None: e = False try: if '://' in socks_proxy: socks_proxy = socks_proxy.rsplit('://')[1].rsplit('/')[0] if len(socks_proxy.rsplit(':')) is not 2 or socks_proxy.rsplit( ':')[1] == '': e = True except: e = True if e: error(messages(language, 63)) finish() sys.exit(1) # Check Methods ARGS if methods_args is not None: new_methods_args = {} methods_args = methods_args.rsplit('&') for imethod_args in methods_args: if len(imethod_args.rsplit('=')) is 2: if imethod_args.rsplit('=')[1].startswith('read_from_file:'): try: read_data = list( set( open( imethod_args.rsplit('=read_from_file:') [1]).read().rsplit('\n'))) except: error(messages(language, 36)) finish() sys.exit(1) new_methods_args[imethod_args.rsplit('=')[0]] = read_data else: new_methods_args[imethod_args.rsplit( '=')[0]] = imethod_args.rsplit('=')[1].rsplit(',') else: new_methods_args[imethod_args.rsplit('=')[0]] = "" methods_args = new_methods_args # Return the values return [ targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list ]
def start(target, users, passwds, ports, timeout_sec, thread_number, num, total, log_in_file, time_sleep, language, verbose_level, show_version, check_update, socks_proxy, retries, ping_flag, methods_args, scan_id, scan_cmd): # Main function if target_type(target) != 'SINGLE_IPv4' or target_type(target) != 'DOMAIN' or target_type(target) != 'HTTP': # rand useragent user_agent_list = [ "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5", "Googlebot/2.1 ( http://www.googlebot.com/bot.html)", "Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Ubuntu/10.04" " Chromium/9.0.595.0 Chrome/9.0.595.0 Safari/534.13", "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.2; WOW64; .NET CLR 2.0.50727)", "Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51", "Mozilla/5.0 (compatible; 008/0.83; http://www.80legs.com/webcrawler.html) Gecko/2008032620", "Debian APT-HTTP/1.3 (0.8.10.3)", "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)", "Googlebot/2.1 (+http://www.googlebot.com/bot.html)", "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)", "YahooSeeker/1.2 (compatible; Mozilla 4.0; MSIE 5.5; yahooseeker at yahoo-inc dot com ; " "http://help.yahoo.com/help/us/shop/merchant/)", "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)", "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)", "msnbot/1.1 (+http://search.msn.com/msnbot.htm)" ] http_methods = ["GET", "HEAD"] user_agent = {'User-agent': random.choice(user_agent_list)} # requirements check new_extra_requirements = extra_requirements_dict() if methods_args is not None: for extra_requirement in extra_requirements_dict(): if extra_requirement in methods_args: new_extra_requirements[extra_requirement] = methods_args[extra_requirement] extra_requirements = new_extra_requirements if extra_requirements["dir_scan_http_method"][0] not in http_methods: warn(messages(language, 110)) extra_requirements["dir_scan_http_method"] = ["GET"] if ports is None: ports = extra_requirements["dir_scan_ports"] random_agent_flag = True if extra_requirements["dir_scan_random_agent"][0] == "False": random_agent_flag = False if ping_flag: if socks_proxy is not None: socks_version = socks.SOCKS5 if socks_proxy.startswith('socks5://') else socks.SOCKS4 socks_proxy = socks_proxy.rsplit('://')[1] if '@' in socks_proxy: socks_username = socks_proxy.rsplit(':')[0] socks_password = socks_proxy.rsplit(':')[1].rsplit('@')[0] socks.set_default_proxy(socks_version, str(socks_proxy.rsplit('@')[1].rsplit(':')[0]), int(socks_proxy.rsplit(':')[-1]), username=socks_username, password=socks_password) socket.socket = socks.socksocket socket.getaddrinfo = getaddrinfo else: socks.set_default_proxy(socks_version, str(socks_proxy.rsplit(':')[0]), int(socks_proxy.rsplit(':')[1])) socket.socket = socks.socksocket socket.getaddrinfo = getaddrinfo warn(messages(language, 100).format(target, 'heartbleed_vuln')) if do_one_ping(target, timeout_sec, 8) is None: return None threads = [] max = thread_number total_req = len(extra_requirements["dir_scan_list"]) * len(ports) thread_tmp_filename = 'tmp/thread_tmp_' + ''.join( random.choice(string.ascii_letters + string.digits) for _ in range(20)) thread_write = open(thread_tmp_filename, 'w') thread_write.write('1') thread_write.close() trying = 0 for port in ports: port = int(port) if target_type(target) == 'SINGLE_IPv4' or target_type(target) == 'DOMAIN': url = 'http://{0}:{1}/'.format(target, str(port)) else: if target.count(':') > 1: error(messages(language, 105)) from core.color import finish finish() sys.exit(1) http = target.rsplit('://')[0] host = target_to_host(target) path = "/".join(target.replace('http://', '').replace('https://', '').rsplit('/')[1:]) url = http + '://' + host + ':' + str(port) + '/' + path if test(url, retries, timeout_sec, user_agent, extra_requirements["dir_scan_http_method"][0], socks_proxy, verbose_level, trying, total_req, total, num, port, language) is 0: for idir in extra_requirements["dir_scan_list"]: # check target type if target_type(target) == 'SINGLE_IPv4' or target_type(target) == 'DOMAIN': url = 'http://{0}:{1}/{2}'.format(target, str(port), idir) else: http = target.rsplit('://')[0] host = target_to_host(target) path = "/".join(target.replace('http://', '').replace('https://', '').rsplit('/')[1:]) url = http + '://' + host + ':' + str(port) + '/' + path + '/' + idir if random_agent_flag is True: user_agent = {'User-agent': random.choice(user_agent_list)} t = threading.Thread(target=check, args=(url, user_agent, timeout_sec, log_in_file, language, time_sleep, thread_tmp_filename, retries, extra_requirements["dir_scan_http_method"][0], socks_proxy, scan_id, scan_cmd)) threads.append(t) t.start() trying += 1 if verbose_level is not 0: info(messages(language, 72).format(trying, total_req, num, total, target_to_host(target), port, 'dir_scan')) while 1: try: if threading.activeCount() >= max: time.sleep(0.01) else: break except KeyboardInterrupt: break break else: warn(messages(language, 109).format(url)) # wait for threads kill_switch = 0 kill_time = int(timeout_sec / 0.1) if int(timeout_sec / 0.1) is not 0 else 1 while 1: time.sleep(0.1) kill_switch += 1 try: if threading.activeCount() is 1 or kill_switch is kill_time: break except KeyboardInterrupt: break thread_write = int(open(thread_tmp_filename).read().rsplit()[0]) if thread_write is 1: info(messages(language, 108).format(target, ",".join(ports))) if verbose_level is not 0: save = open(log_in_file, 'a') save.write(json.dumps({'HOST': target, 'USERNAME': '', 'PASSWORD': '', 'PORT': '', 'TYPE': 'dir_scan', 'DESCRIPTION': messages(language, 94), 'TIME': now(), 'CATEGORY': "scan", 'SCAN_ID': scan_id, 'SCAN_CMD': scan_cmd}) + '\n') save.close() os.remove(thread_tmp_filename) else: warn(messages(language, 69).format('dir_scan', target))
def __die_success(): finish() sys.exit(0)
def __die_failure(msg): error(msg) finish() sys.exit(1)
def load(): write('\n\n') # load libs from core.color import finish # load all modules in lib/brute, lib/scan, lib/graph module_names = load_all_modules() graph_names = load_all_graphs() # Parse ARGVs try: parser, options, startup_update_flag = load_all_args( module_names, graph_names) except SystemExit: finish() sys.exit(1) # Filling Options check_ranges = options.check_ranges check_subdomains = options.check_subdomains targets = options.targets targets_list = options.targets_list thread_number = options.thread_number thread_number_host = options.thread_number_host log_in_file = options.log_in_file scan_method = options.scan_method exclude_method = options.exclude_method users = options.users users_list = options.users_list passwds = options.passwds passwds_list = options.passwds_list timeout_sec = options.timeout_sec ports = options.ports time_sleep = options.time_sleep language = options.language verbose_level = options.verbose_level show_version = options.show_version check_update = options.check_update proxies = options.proxies proxies_file = options.proxies_file retries = options.retries graph_flag = options.graph_flag help_menu_flag = options.help_menu_flag ping_flag = options.ping_flag methods_args = options.methods_args method_args_list = options.method_args_list # Checking Requirements (targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag, methods_args, method_args_list) = \ check_all_required( targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag, methods_args, method_args_list ) info(messages(language, 0)) # check for update if startup_update_flag is True: __version__, __code_name__ = _version_info() _check(__version__, __code_name__, language) info( messages( language, 96).format(len(load_all_modules()) - 1 + len(load_all_graphs()))) suff = str(datetime.datetime.now()).replace(' ', '_').replace( ':', '-') + '_' + ''.join( random.choice(string.ascii_uppercase + string.digits) for _ in range(10)) subs_temp = 'tmp/subs_temp_%s' % (suff) range_temp = 'tmp/ranges_%s' % (suff) total_targets = -1 for total_targets, _ in enumerate( analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, show_version, check_update, proxies, retries)): pass total_targets += 1 total_targets = total_targets * len(scan_method) targets = analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, show_version, check_update, proxies, retries) threads = [] trying = 0 for target in targets: for sm in scan_method: trying += 1 t = threading.Thread( target=start_attack, args=(str(target).rsplit()[0], trying, total_targets, sm, users, passwds, timeout_sec, thread_number, ports, log_in_file, time_sleep, language, verbose_level, show_version, check_update, proxies, retries, ping_flag, methods_args)) threads.append(t) t.start() while 1: n = 0 for thread in threads: if thread.isAlive() is True: n += 1 else: threads.remove(thread) if n >= thread_number_host: time.sleep(0.01) else: break while 1: try: n = True for thread in threads: if thread.isAlive() is True: n = False time.sleep(0.01) if n is True: break except KeyboardInterrupt: break info(messages(language, 42)) os.remove(subs_temp) os.remove(range_temp) info(messages(language, 43)) sort_logs(log_in_file, language, graph_flag) write('\n') info(messages(language, 44)) write('\n\n') finish()
def load_honeypot_engine(): """ load OHP Engine Returns: True """ # print logo logo() # parse argv parser, argv_options = argv_parser() ######################################### # argv rules apply ######################################### # check help menu if argv_options.show_help_menu: parser.print_help() exit_success() # check for requirements before start check_for_requirements(argv_options.start_api_server) # check api server flag if argv_options.start_api_server: start_api_server() exit_success() # check selected modules if argv_options.selected_modules: selected_modules = list(set(argv_options.selected_modules.rsplit(","))) if "all" in selected_modules: selected_modules = load_all_modules() if "" in selected_modules: selected_modules.remove("") # if selected modules are zero if not len(selected_modules): exit_failure(messages("en", "zero_module_selected")) # if module not found for module in selected_modules: if module not in load_all_modules(): exit_failure(messages("en", "module_not_found").format(module)) # check excluded modules if argv_options.excluded_modules: excluded_modules = list(set(argv_options.excluded_modules.rsplit(","))) if "all" in excluded_modules: exit_failure("you cannot exclude all modules") if "" in excluded_modules: excluded_modules.remove("") # remove excluded modules for module in excluded_modules: if module not in load_all_modules(): exit_failure(messages("en", "module_not_found").format(module)) # ignore if module not selected, it will remove anyway try: selected_modules.remove(module) except Exception as _: del _ # if selected modules are zero if not len(selected_modules): exit_failure(messages("en", "zero_module_selected")) virtual_machine_container_reset_factory_time_seconds = argv_options. \ virtual_machine_container_reset_factory_time_seconds run_as_test = argv_options.run_as_test ######################################### # argv rules apply ######################################### # build configuration based on selected modules configuration = honeypot_configuration_builder(selected_modules) info(messages("en", "honeypot_started")) info(messages("en", "loading_modules").format(", ".join(selected_modules))) # check for conflict in real machine ports and pick new ports info("checking for conflicts in ports") configuration = conflict_ports(configuration) # stop old containers (in case they are not stopped) stop_containers(configuration) # remove old containers (in case they are not updated) remove_old_containers(configuration) # remove old images (in case they are not updated) remove_old_images(configuration) # create new images based on selected modules create_new_images(configuration) # create OWASP Honeypot networks in case not exist create_ohp_networks() # start containers based on selected modules configuration = start_containers(configuration) # start network monitoring thread new_network_events_thread = Thread(target=new_network_events, args=(configuration, ), name="new_network_events_thread") new_network_events_thread.start() info("all selected modules started: {0}".format( ", ".join(selected_modules))) bulk_events_thread = Thread(target=insert_bulk_events_from_thread, args=(), name="insert_events_in_bulk_thread") bulk_events_thread.start() # run module processors run_modules_processors(configuration) # check if it's not a test if not run_as_test: # wait forever! in case user can send ctrl + c to interrupt wait_until_interrupt( virtual_machine_container_reset_factory_time_seconds, configuration, new_network_events_thread) # kill the network events thread terminate_thread(new_network_events_thread) terminate_thread(bulk_events_thread) insert_events_in_bulk( ) # if in case any events that were not inserted from thread # stop created containers stop_containers(configuration) # stop module processor stop_modules_processors(configuration) # remove created containers remove_old_containers(configuration) # remove created images remove_old_images(configuration) # remove_tmp_directories() error: access denied! # kill all missed threads for thread in threading.enumerate()[1:]: terminate_thread(thread, False) info("finished.") # reset cmd/terminal color finish() return True
def __scan(config, scan_id, scan_cmd): # Setting Variables targets = config["targets"] check_ranges = config["check_ranges"] check_subdomains = config["check_subdomains"] log_in_file = config["log_in_file"] time_sleep = config["time_sleep"] language = config["language"] verbose_level = config["verbose_level"] retries = config["retries"] socks_proxy = config["socks_proxy"] scan_method = config["scan_method"] users = config["users"] passwds = config["passwds"] timeout_sec = config["timeout_sec"] thread_number = config["thread_number"] ports = config["ports"] ping_flag = config["ping_flag"] methods_args = config["methods_args"] thread_number_host = config["thread_number_host"] graph_flag = config["graph_flag"] suff = now(model="%Y_%m_%d_%H_%M_%S") + "".join( random.choice(string.ascii_lowercase) for x in range(10)) subs_temp = "tmp/subs_temp_" + suff range_temp = "tmp/ranges_" + suff total_targets = -1 for total_targets, _ in enumerate( analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, True)): pass total_targets += 1 total_targets = total_targets * len(scan_method) try: os.remove(range_temp) except: pass range_temp = "tmp/ranges_" + suff targets = analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, False) trying = 0 for target in targets: for sm in scan_method: trying += 1 p = multiprocessing.Process( target=start_attack, args=(str(target).rsplit()[0], trying, total_targets, sm, users, passwds, timeout_sec, thread_number, ports, log_in_file, time_sleep, language, verbose_level, socks_proxy, retries, ping_flag, methods_args, scan_id, scan_cmd)) p.name = str(target) + "->" + sm p.start() while 1: n = 0 processes = multiprocessing.active_children() for process in processes: if process.is_alive(): n += 1 else: processes.remove(process) if n >= thread_number_host: time.sleep(0.01) else: break _waiting_for = 0 while 1: try: exitflag = True if len(multiprocessing.active_children()) is not 0: exitflag = False _waiting_for += 1 if _waiting_for > 3000: _waiting_for = 0 info( messages(language, 138).format(", ".join( [p.name for p in multiprocessing.active_children()]))) time.sleep(0.01) if exitflag: break except KeyboardInterrupt: for process in multiprocessing.active_children(): process.terminate() break info(messages(language, 42)) os.remove(subs_temp) os.remove(range_temp) info(messages(language, 43)) sort_logs(log_in_file, language, graph_flag) write("\n") info(messages(language, 44)) write("\n\n") finish() return True
from core.alert import * from core.compatible import version if version() is 2: from urllib2 import urlopen elif version is 3: from urllib.request import urlopen try: from netaddr import iprange_to_cidrs from netaddr import IPNetwork except: from core.color import finish error('pip install -r requirements.txt') finish() sys.exit(1) def getIPRange(IP): n = 0 while 1: try: data = urlopen( 'http://rest.db.ripe.net/search.json?query-string={0}&flags=no-filtering' .format(IP)).read() for line in data.rsplit('\n'): line = line.rsplit('"') for R in line: if R.count('.') is 6 and R.count('-') is 1 and R.count( ' ') is 2:
def load_honeypot_engine(): """ load OHP Engine Returns: True """ # print logo logo() # parse argv parser, argv_options = argv_parser() ######################################### # argv rules apply ######################################### # check help menu if argv_options.show_help_menu: parser.print_help() __die_success() # check for requirements before start check_for_requirements(argv_options.start_api_server) # check api server flag if argv_options.start_api_server: start_api_server() __die_success() # check selected modules if argv_options.selected_modules: selected_modules = list(set(argv_options.selected_modules.rsplit(","))) if "" in selected_modules: selected_modules.remove("") # if selected modules are zero if not len(selected_modules): __die_failure(messages("en", "zero_module_selected")) # if module not found for module in selected_modules: if module not in load_all_modules(): __die_failure( messages("en", "module_not_found").format(module)) # check excluded modules if argv_options.excluded_modules: excluded_modules = list(set(argv_options.excluded_modules.rsplit(","))) if "" in excluded_modules: excluded_modules.remove("") # remove excluded modules for module in excluded_modules: if module not in load_all_modules(): __die_failure( messages("en", "module_not_found").format(module)) # ignore if module not selected, it will remove anyway try: selected_modules.remove(module) except Exception as _: del _ # if selected modules are zero if not len(selected_modules): __die_failure(messages("en", "zero_module_selected")) virtual_machine_container_reset_factory_time_seconds = argv_options. \ virtual_machine_container_reset_factory_time_seconds global verbose_mode verbose_mode = argv_options.verbose_mode ######################################### # argv rules apply ######################################### # build configuration based on selected modules configuration = honeypot_configuration_builder(selected_modules) # check for conflict in real machine ports conflict = conflict_ports(configuration) if conflict: __die_failure("conflict ports between {0}, {1}".format( conflict[0], conflict[1])) info(messages("en", "honeypot_started")) info(messages("en", "loading_modules").format(", ".join(selected_modules))) # stop old containers (in case they are not stopped) stop_containers(configuration) # remove old containers (in case they are not updated) remove_old_containers(configuration) # remove old images (in case they are not updated) remove_old_images(configuration) # create new images based on selected modules create_new_images(configuration) # create OWASP Honeypot networks in case not exist create_ohp_networks() # start containers based on selected modules configuration = start_containers(configuration) # start network monitoring thread new_network_events_thread = threading.Thread( target=new_network_events, args=(configuration, ), name="new_network_events_thread") new_network_events_thread.start() info("all selected modules started: {0}".format( ", ".join(selected_modules))) # wait forever! in case user can send ctrl + c to interrupt wait_until_interrupt(virtual_machine_container_reset_factory_time_seconds, configuration) # kill the network events thread terminate_thread(new_network_events_thread) # stop created containers stop_containers(configuration) # remove created containers remove_old_containers(configuration) # remove created images remove_old_images(configuration) # remove_tmp_directories() error: access denied! info("finished.") # reset cmd/terminal color finish() return True
def load(): """ load all ARGS, Apply rules and go for attacks Returns: True if success otherwise None """ write("\n\n") # load all modules in lib/brute, lib/scan, lib/graph module_names = load_all_modules() graph_names = load_all_graphs() # Parse ARGVs try: parser, options, startup_update_flag = load_all_args(module_names, graph_names) except SystemExit: finish() sys.exit(1) # Filling Options check_ranges = options.check_ranges check_subdomains = options.check_subdomains targets = options.targets targets_list = options.targets_list thread_number = options.thread_number + 1 thread_number_host = options.thread_number_host log_in_file = options.log_in_file scan_method = options.scan_method exclude_method = options.exclude_method users = options.users users_list = options.users_list passwds = options.passwds passwds_list = options.passwds_list timeout_sec = options.timeout_sec ports = options.ports time_sleep = options.time_sleep language = options.language verbose_level = options.verbose_level show_version = options.show_version check_update = options.check_update socks_proxy = options.socks_proxy retries = options.retries graph_flag = options.graph_flag help_menu_flag = options.help_menu_flag ping_flag = options.ping_flag methods_args = options.methods_args method_args_list = options.method_args_list wizard_mode = options.wizard_mode profile = options.profile start_api = options.start_api api_host = options.api_host api_port = options.api_port api_debug_mode = options.api_debug_mode api_access_key = options.api_access_key api_client_white_list = options.api_client_white_list api_client_white_list_ips = options.api_client_white_list_ips api_access_log = options.api_access_log api_access_log_filename = options.api_access_log_filename backup_ports = ports # Checking Requirements (targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log, api_access_log_filename) = \ check_all_required( targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log, api_access_log_filename ) info(messages(language, 0)) # check for update if startup_update_flag: __version__, __code_name__ = _version_info() _check(__version__, __code_name__, language, socks_proxy) info(messages(language, 96).format(len(load_all_modules()) - 1 + len(load_all_graphs()))) __go_for_attacks(targets, check_ranges, check_subdomains, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, users, passwds, timeout_sec, thread_number, ports, ping_flag, methods_args, backup_ports, scan_method, thread_number_host, graph_flag, profile, False) return True
def load_all_args(module_names, graph_names): # Language Options # import libs from core.color import finish default_config = _builder(get_config()) language_list = [lang for lang in messages(-1, 0)] if "-L" in sys.argv or "--language" in sys.argv: try: index = sys.argv.index("-L") + 1 except: index = sys.argv.index("--language") + 1 else: index = -1 if index is -1: language = "en" else: _error_flag = False try: language = sys.argv[index] except: _error_flag = True if _error_flag or language not in language_list: error("Please select one of these languages {0}".format( language_list)) finish() sys.exit(1) # Check if compatible check(language) finish() # Start Parser parser = argparse.ArgumentParser(prog="Nettacker", add_help=False) # parser = OptionParser(usage=messages(language, 1), # description=messages(language, 2), # epilog=messages(language, 3)) # Engine Options engineOpt = parser.add_argument_group(messages(language, 4), messages(language, 5)) engineOpt.add_argument("-L", "--language", action="store", dest="language", default=default_config["language"], help=messages(language, 6).format(language_list)) engineOpt.add_argument("-v", "--verbose", action="store", dest="verbose_level", default=default_config["verbose_level"], help=messages(language, 59)) engineOpt.add_argument("-V", "--version", action="store_true", default=default_config["show_version"], dest="show_version", help=messages(language, 60)) engineOpt.add_argument("-c", "--update", action="store_true", default=default_config["check_update"], dest="check_update", help=messages(language, 61)) engineOpt.add_argument("-o", "--output", action="store", default=default_config["log_in_file"], dest="log_in_file", help=messages(language, 11)) engineOpt.add_argument("--graph", action="store", default=default_config["graph_flag"], dest="graph_flag", help=messages(language, 86).format(graph_names)) engineOpt.add_argument("-h", "--help", action="store_true", default=default_config["help_menu_flag"], dest="help_menu_flag", help=messages(language, 2)) # Target Options target = parser.add_argument_group(messages(language, 12), messages(language, 13)) target.add_argument("-i", "--targets", action="store", dest="targets", default=default_config["targets"], help=messages(language, 14)) target.add_argument("-l", "--targets-list", action="store", dest="targets_list", default=default_config["targets_list"], help=messages(language, 15)) # Exclude Module Name exclude_names = module_names[:] exclude_names.remove('all') # Methods Options method = parser.add_argument_group("Method", messages(language, 16)) method.add_argument("-m", "--method", action="store", dest="scan_method", default=default_config["scan_method"], help=messages(language, 17).format(module_names)) method.add_argument("-x", "--exclude", action="store", dest="exclude_method", default=default_config["exclude_method"], help=messages(language, 18).format(exclude_names)) method.add_argument("-u", "--usernames", action="store", dest="users", default=default_config["users"], help=messages(language, 19)) method.add_argument("-U", "--users-list", action="store", dest="users_list", default=default_config["users_list"], help=messages(language, 20)) method.add_argument("-p", "--passwords", action="store", dest="passwds", default=default_config["passwds"], help=messages(language, 21)) method.add_argument("-P", "--passwords-list", action="store", dest="passwds_list", default=default_config["passwds_list"], help=messages(language, 22)) method.add_argument("-g", "--ports", action="store", dest="ports", default=default_config["ports"], help=messages(language, 23)) method.add_argument("-T", "--timeout", action="store", dest="timeout_sec", default=default_config["timeout_sec"], type=float, help=messages(language, 24)) method.add_argument("-w", "--time-sleep", action="store", dest="time_sleep", default=default_config["time_sleep"], type=float, help=messages(language, 25)) method.add_argument("-r", "--range", action="store_true", default=default_config["check_ranges"], dest="check_ranges", help=messages(language, 7)) method.add_argument("-s", "--sub-domains", action="store_true", default=default_config["check_subdomains"], dest="check_subdomains", help=messages(language, 8)) method.add_argument("-t", "--thread-connection", action="store", default=default_config["thread_number"], type=int, dest="thread_number", help=messages(language, 9)) method.add_argument("-M", "--thread-hostscan", action="store", default=default_config["thread_number_host"], type=int, dest="thread_number_host", help=messages(language, 10)) method.add_argument("-R", "--socks-proxy", action="store", dest="proxies", default=default_config["socks_proxy"], help=messages(language, 62)) method.add_argument("--retries", action="store", dest="retries", type=int, default=default_config["retries"], help=messages(language, 64)) method.add_argument('--ping-before-scan', action="store_true", dest='ping_flag', default=default_config["ping_flag"], help=messages(language, 99)) method.add_argument('--method-args', action="store", dest="methods_args", default=default_config["methods_args"], help=messages(language, 35)) method.add_argument('--method-args-list', action='store_true', dest='method_args_list', default=default_config["method_args_list"], help=messages(language, 111)) # Return Options return [ parser, parser.parse_args(), default_config["startup_check_for_update"] ]
def start(target, users, passwds, ports, timeout_sec, thread_number, num, total, log_in_file, time_sleep, language, verbose_level, show_version, check_update, socks_proxy, retries, ping_flag, methods_args): # Main function if target_type(target) != 'SINGLE_IPv4' or target_type( target) != 'DOMAIN' or target_type(target) != 'HTTP': # rand useragent user_agent_list = [ "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5", "Googlebot/2.1 ( http://www.googlebot.com/bot.html)", "Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Ubuntu/10.04" " Chromium/9.0.595.0 Chrome/9.0.595.0 Safari/534.13", "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.2; WOW64; .NET CLR 2.0.50727)", "Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51", "Mozilla/5.0 (compatible; 008/0.83; http://www.80legs.com/webcrawler.html) Gecko/2008032620", "Debian APT-HTTP/1.3 (0.8.10.3)", "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)", "Googlebot/2.1 (+http://www.googlebot.com/bot.html)", "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)", "YahooSeeker/1.2 (compatible; Mozilla 4.0; MSIE 5.5; yahooseeker at yahoo-inc dot com ; " "http://help.yahoo.com/help/us/shop/merchant/)", "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)", "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)", "msnbot/1.1 (+http://search.msn.com/msnbot.htm)" ] http_methods = ["GET", "HEAD"] user_agent = {'User-agent': random.choice(user_agent_list)} # requirements check new_extra_requirements = extra_requirements_dict() if methods_args is not None: for extra_requirement in extra_requirements_dict(): if extra_requirement in methods_args: new_extra_requirements[extra_requirement] = methods_args[ extra_requirement] extra_requirements = new_extra_requirements if extra_requirements["dir_scan_http_method"][0] not in http_methods: warn(messages(language, 110)) extra_requirements["dir_scan_http_method"] = ["GET"] if ports is None: ports = extra_requirements["dir_scan_ports"] random_agent_flag = True if extra_requirements["dir_scan_random_agent"][0] == "False": random_agent_flag = False if ping_flag and do_one_ping(target_to_host(target), timeout_sec, 8) is None: warn( messages(language, 100).format(target_to_host(target), 'dir_scan')) return None threads = [] max = thread_number total_req = len(extra_requirements["dir_scan_list"]) * len(ports) thread_tmp_filename = 'tmp/thread_tmp_' + ''.join( random.choice(string.ascii_letters + string.digits) for _ in range(20)) thread_write = open(thread_tmp_filename, 'w') thread_write.write('1') thread_write.close() trying = 0 for port in ports: port = int(port) if target_type(target) == 'SINGLE_IPv4' or target_type( target) == 'DOMAIN': url = 'http://{0}:{1}/'.format(target, str(port)) else: if target.count(':') > 1: error(messages(language, 105)) from core.color import finish finish() sys.exit(1) http = target.rsplit('://')[0] host = target_to_host(target) path = "/".join( target.replace('http://', '').replace('https://', '').rsplit('/')[1:]) url = http + '://' + host + ':' + str(port) + '/' + path if test(url, retries, timeout_sec, user_agent, extra_requirements["dir_scan_http_method"][0], socks_proxy) is 0: for idir in extra_requirements["dir_scan_list"]: # check target type if target_type(target) == 'SINGLE_IPv4' or target_type( target) == 'DOMAIN': url = 'http://{0}:{1}/{2}'.format( target, str(port), idir) else: http = target.rsplit('://')[0] host = target_to_host(target) path = "/".join( target.replace('http://', '').replace('https://', '').rsplit('/')[1:]) url = http + '://' + host + ':' + str( port) + '/' + path + '/' + idir if random_agent_flag is True: user_agent = { 'User-agent': random.choice(user_agent_list) } t = threading.Thread( target=check, args=(url, user_agent, timeout_sec, log_in_file, language, time_sleep, thread_tmp_filename, retries, extra_requirements["dir_scan_http_method"][0], socks_proxy)) threads.append(t) t.start() trying += 1 if verbose_level is not 0: info( messages(language, 72).format(trying, total_req, num, total, target_to_host(target), port)) while 1: n = 0 for thread in threads: if thread.isAlive() is True: n += 1 else: threads.remove(thread) if n >= max: time.sleep(0.01) else: break else: warn(messages(language, 109).format(url)) # wait for threads while 1: n = True for thread in threads: if thread.isAlive() is True: n = False time.sleep(0.01) if n is True: break thread_write = int(open(thread_tmp_filename).read().rsplit()[0]) if thread_write is 1: info(messages(language, 108).format(target, ",".join(ports))) if verbose_level is not 0: _HOST = messages(language, 53) _USERNAME = messages(language, 54) _PASSWORD = messages(language, 55) _PORT = messages(language, 56) _TYPE = messages(language, 57) _DESCRIPTION = messages(language, 58) save = open(log_in_file, 'a') save.write( json.dumps({ _HOST: target, _USERNAME: '', _PASSWORD: '', _PORT: '', _TYPE: 'dir_scan', _DESCRIPTION: messages(language, 94) }) + '\n') save.close() os.remove(thread_tmp_filename) else: warn(messages(language, 69).format('dir_scan', target))
def load(): write("\n\n") # load libs from core.color import finish # load all modules in lib/brute, lib/scan, lib/graph module_names = load_all_modules() graph_names = load_all_graphs() # Parse ARGVs try: parser, options, startup_update_flag = load_all_args( module_names, graph_names) except SystemExit: finish() sys.exit(1) # Filling Options check_ranges = options.check_ranges check_subdomains = options.check_subdomains targets = options.targets targets_list = options.targets_list thread_number = options.thread_number + 1 thread_number_host = options.thread_number_host log_in_file = options.log_in_file scan_method = options.scan_method exclude_method = options.exclude_method users = options.users users_list = options.users_list passwds = options.passwds passwds_list = options.passwds_list timeout_sec = options.timeout_sec ports = options.ports time_sleep = options.time_sleep language = options.language verbose_level = options.verbose_level show_version = options.show_version check_update = options.check_update socks_proxy = options.socks_proxy retries = options.retries graph_flag = options.graph_flag help_menu_flag = options.help_menu_flag ping_flag = options.ping_flag methods_args = options.methods_args method_args_list = options.method_args_list wizard_mode = options.wizard_mode profile = options.profile start_api = options.start_api api_host = options.api_host api_port = options.api_port api_debug_mode = options.api_debug_mode api_access_key = options.api_access_key api_client_white_list = options.api_client_white_list api_client_white_list_ips = options.api_client_white_list_ips api_access_log = options.api_access_log api_access_log_filename = options.api_access_log_filename # Checking Requirements (targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log, api_access_log_filename) = \ check_all_required( targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log, api_access_log_filename ) info(messages(language, 0)) # check for update if startup_update_flag: __version__, __code_name__ = _version_info() _check(__version__, __code_name__, language, socks_proxy) info( messages( language, 96).format(len(load_all_modules()) - 1 + len(load_all_graphs()))) suff = now(model="%Y_%m_%d_%H_%M_%S") + "".join( random.choice(string.ascii_lowercase) for x in range(10)) subs_temp = "tmp/subs_temp_" + suff range_temp = "tmp/ranges_" + suff total_targets = -1 for total_targets, _ in enumerate( analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, True)): pass total_targets += 1 total_targets = total_targets * len(scan_method) try: os.remove(range_temp) except: pass range_temp = "tmp/ranges_" + suff targets = analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, False) trying = 0 scan_id = "".join(random.choice("0123456789abcdef") for x in range(32)) scan_cmd = " ".join(sys.argv) for target in targets: for sm in scan_method: trying += 1 p = multiprocessing.Process( target=start_attack, args=(str(target).rsplit()[0], trying, total_targets, sm, users, passwds, timeout_sec, thread_number, ports, log_in_file, time_sleep, language, verbose_level, socks_proxy, retries, ping_flag, methods_args, scan_id, scan_cmd)) p.name = str(target) + "->" + sm p.start() while 1: n = 0 processes = multiprocessing.active_children() for process in processes: if process.is_alive(): n += 1 else: processes.remove(process) if n >= thread_number_host: time.sleep(0.01) else: break _waiting_for = 0 while 1: try: exitflag = True if len(multiprocessing.active_children()) is not 0: exitflag = False _waiting_for += 1 if _waiting_for > 3000: _waiting_for = 0 info( messages(language, 138).format(", ".join( [p.name for p in multiprocessing.active_children()]))) time.sleep(0.01) if exitflag: break except KeyboardInterrupt: for process in multiprocessing.active_children(): process.terminate() break info(messages(language, 42)) os.remove(subs_temp) os.remove(range_temp) info(messages(language, 43)) sort_logs(log_in_file, language, graph_flag) write("\n") info(messages(language, 44)) write("\n\n") finish()
def load_all_args(module_names, graph_names): # Language Options # import libs default_config = _builder(_core_config(), _core_default_config()) _all_profiles = [key for key in _builder(_profiles(), default_profiles())] _all_profiles.append("all") language_list = [lang for lang in messages(-1, 0)] if "-L" in sys.argv or "--language" in sys.argv: try: index = sys.argv.index("-L") + 1 except: index = sys.argv.index("--language") + 1 else: index = -1 if index is -1: language = "en" else: _error_flag = False try: language = sys.argv[index] except: _error_flag = True if _error_flag or language not in language_list: __die_failure("Please select one of these languages {0}".format( language_list)) # Check if compatible check(language) finish() # Start Parser parser = argparse.ArgumentParser(prog="Nettacker", add_help=False) # parser = OptionParser(usage=messages(language, 1), # description=messages(language, 2), # epilog=messages(language, 3)) # Engine Options engineOpt = parser.add_argument_group(messages(language, 4), messages(language, 5)) engineOpt.add_argument("-L", "--language", action="store", dest="language", default=default_config["language"], help=messages(language, 6).format(language_list)) engineOpt.add_argument("-v", "--verbose", action="store", dest="verbose_level", default=default_config["verbose_level"], help=messages(language, 59)) engineOpt.add_argument("-V", "--version", action="store_true", default=default_config["show_version"], dest="show_version", help=messages(language, 60)) engineOpt.add_argument("-c", "--update", action="store_true", default=default_config["check_update"], dest="check_update", help=messages(language, 61)) engineOpt.add_argument("-o", "--output", action="store", default=default_config["log_in_file"], dest="log_in_file", help=messages(language, 11)) engineOpt.add_argument("--graph", action="store", default=default_config["graph_flag"], dest="graph_flag", help=messages(language, 86).format(graph_names)) engineOpt.add_argument("-h", "--help", action="store_true", default=default_config["help_menu_flag"], dest="help_menu_flag", help=messages(language, 2)) engineOpt.add_argument("-W", "--wizard", action="store_true", default=default_config["wizard_mode"], dest="wizard_mode", help=messages(language, 107)) engineOpt.add_argument("--profile", action="store", default=default_config["profile"], dest="profile", help=messages(language, 136).format(_all_profiles)) # Target Options target = parser.add_argument_group(messages(language, 12), messages(language, 13)) target.add_argument("-i", "--targets", action="store", dest="targets", default=default_config["targets"], help=messages(language, 14)) target.add_argument("-l", "--targets-list", action="store", dest="targets_list", default=default_config["targets_list"], help=messages(language, 15)) # Exclude Module Name exclude_names = module_names[:] exclude_names.remove("all") # Methods Options method = parser.add_argument_group(messages(language, 142), messages(language, 16)) method.add_argument("-m", "--method", action="store", dest="scan_method", default=default_config["scan_method"], help=messages(language, 17).format(module_names)) method.add_argument("-x", "--exclude", action="store", dest="exclude_method", default=default_config["exclude_method"], help=messages(language, 18).format(exclude_names)) method.add_argument("-u", "--usernames", action="store", dest="users", default=default_config["users"], help=messages(language, 19)) method.add_argument("-U", "--users-list", action="store", dest="users_list", default=default_config["users_list"], help=messages(language, 20)) method.add_argument("-p", "--passwords", action="store", dest="passwds", default=default_config["passwds"], help=messages(language, 21)) method.add_argument("-P", "--passwords-list", action="store", dest="passwds_list", default=default_config["passwds_list"], help=messages(language, 22)) method.add_argument("-g", "--ports", action="store", dest="ports", default=default_config["ports"], help=messages(language, 23)) method.add_argument("-T", "--timeout", action="store", dest="timeout_sec", default=default_config["timeout_sec"], type=float, help=messages(language, 24)) method.add_argument("-w", "--time-sleep", action="store", dest="time_sleep", default=default_config["time_sleep"], type=float, help=messages(language, 25)) method.add_argument("-r", "--range", action="store_true", default=default_config["check_ranges"], dest="check_ranges", help=messages(language, 7)) method.add_argument("-s", "--sub-domains", action="store_true", default=default_config["check_subdomains"], dest="check_subdomains", help=messages(language, 8)) method.add_argument("-t", "--thread-connection", action="store", default=default_config["thread_number"], type=int, dest="thread_number", help=messages(language, 9)) method.add_argument("-M", "--thread-hostscan", action="store", default=default_config["thread_number_host"], type=int, dest="thread_number_host", help=messages(language, 10)) method.add_argument("-R", "--socks-proxy", action="store", dest="socks_proxy", default=default_config["socks_proxy"], help=messages(language, 62)) method.add_argument("--retries", action="store", dest="retries", type=int, default=default_config["retries"], help=messages(language, 64)) method.add_argument("--ping-before-scan", action="store_true", dest="ping_flag", default=default_config["ping_flag"], help=messages(language, 99)) method.add_argument("--method-args", action="store", dest="methods_args", default=default_config["methods_args"], help=messages(language, 35)) method.add_argument("--method-args-list", action="store_true", dest="method_args_list", default=default_config["method_args_list"], help=messages(language, 111)) # API Options api = parser.add_argument_group(messages(language, 143), messages(language, 144)) api.add_argument("--start-api", action="store_true", dest="start_api", default=default_config["start_api"], help=messages(language, 145)) api.add_argument("--api-host", action="store", dest="api_host", default=default_config["api_host"], help=messages(language, 146)) api.add_argument("--api-port", action="store", dest="api_port", default=default_config["api_port"], help=messages(language, 147)) api.add_argument("--api-debug-mode", action="store_true", dest="api_debug_mode", default=default_config["api_debug_mode"], help=messages(language, 148)) api.add_argument("--api-access-key", action="store", dest="api_access_key", default=default_config["api_access_key"], help=messages(language, 149)) api.add_argument("--api-client-white-list", action="store_true", dest="api_client_white_list", default=default_config["api_client_white_list"], help=messages(language, 150)) api.add_argument("--api-client-white-list-ips", action="store", dest="api_client_white_list_ips", default=default_config["api_client_white_list_ips"], help=messages(language, 151)) api.add_argument("--api-access-log", action="store_true", dest="api_access_log", default=default_config["api_access_log"], help=messages(language, 152)) api.add_argument("--api-access-log-filename", action="store", dest="api_access_log_filename", default=default_config["api_access_log_filename"], help=messages(language, 153)) # Return Options return [ parser, parser.parse_args(), default_config["startup_check_for_update"] ]
def load_all_args(module_names, graph_names): """ create the ARGS and help menu Args: module_names: all module names graph_names: all graph names Returns: the parser, the ARGS """ # Language Options # import libs default_config = _builder(_core_config(), _core_default_config()) _all_profiles = [key for key in _builder(_profiles(), default_profiles())] _all_profiles.append("all") language_list = [lang for lang in messages(-1, 0)] if "-L" in sys.argv or "--language" in sys.argv: try: index = sys.argv.index("-L") + 1 except Exception: index = sys.argv.index("--language") + 1 else: index = -1 if index == -1: language = "en" else: _error_flag = False try: language = sys.argv[index] except Exception: _error_flag = True if _error_flag or language not in language_list: __die_failure( "Please select one of these languages {0}".format( language_list ) ) # Check if compatible check(language) finish() # Start Parser parser = argparse.ArgumentParser(prog="Nettacker", add_help=False) # parser = OptionParser(usage=messages(language,"options"), # description=messages(language,"help_menu"), # epilog=messages(language,"license")) # Engine Options engineOpt = parser.add_argument_group( messages(language, "engine"), messages(language, "engine_input") ) engineOpt.add_argument( "-L", "--language", action="store", dest="language", default=default_config["language"], help=messages(language, "select_language").format(language_list), ) engineOpt.add_argument( "-v", "--verbose", action="store", type=int, dest="verbose_level", default=default_config["verbose_level"], help=messages(language, "verbose_level"), ) engineOpt.add_argument( "-V", "--version", action="store_true", default=default_config["show_version"], dest="show_version", help=messages(language, "software_version"), ) engineOpt.add_argument( "-c", "--update", action="store_true", default=default_config["check_update"], dest="check_update", help=messages(language, "check_updates"), ) engineOpt.add_argument( "-o", "--output", action="store", default=default_config["log_in_file"], dest="log_in_file", help=messages(language, "save_logs"), ) engineOpt.add_argument( "--graph", action="store", default=default_config["graph_flag"], dest="graph_flag", help=messages(language, "available_graph").format(graph_names), ) engineOpt.add_argument( "-h", "--help", action="store_true", default=default_config["help_menu_flag"], dest="help_menu_flag", help=messages(language, "help_menu"), ) engineOpt.add_argument( "-W", "--wizard", action="store_true", default=default_config["wizard_mode"], dest="wizard_mode", help=messages(language, "wizard_mode"), ) engineOpt.add_argument( "--profile", action="store", default=default_config["profile"], dest="profile", help=messages(language, "select_profile").format(_all_profiles), ) # Target Options target = parser.add_argument_group( messages(language, "target"), messages(language, "target_input") ) target.add_argument( "-i", "--targets", action="store", dest="targets", default=default_config["targets"], help=messages(language, "target_list"), ) target.add_argument( "-l", "--targets-list", action="store", dest="targets_list", default=default_config["targets_list"], help=messages(language, "read_target"), ) # Exclude Module Name exclude_names = module_names[:] exclude_names.remove("all") # Methods Options method = parser.add_argument_group( messages(language, "Method"), messages(language, "scan_method_options") ) method.add_argument( "-m", "--method", action="store", dest="scan_method", default=default_config["scan_method"], help=messages(language, "choose_scan_method").format(module_names), ) method.add_argument( "-x", "--exclude", action="store", dest="exclude_method", default=default_config["exclude_method"], help=messages(language, "exclude_scan_method").format(exclude_names), ) method.add_argument( "-u", "--usernames", action="store", dest="users", default=default_config["users"], help=messages(language, "username_list"), ) method.add_argument( "-U", "--users-list", action="store", dest="users_list", default=default_config["users_list"], help=messages(language, "username_from_file"), ) method.add_argument( "-p", "--passwords", action="store", dest="passwds", default=default_config["passwds"], help=messages(language, "password_seperator"), ) method.add_argument( "-P", "--passwords-list", action="store", dest="passwds_list", default=default_config["passwds_list"], help=messages(language, "read_passwords"), ) method.add_argument( "-g", "--ports", action="store", dest="ports", default=default_config["ports"], help=messages(language, "port_seperator"), ) method.add_argument( "-T", "--timeout", action="store", dest="timeout_sec", default=default_config["timeout_sec"], type=float, help=messages(language, "read_passwords"), ) method.add_argument( "-w", "--time-sleep", action="store", dest="time_sleep", default=default_config["time_sleep"], type=float, help=messages(language, "time_to_sleep"), ) method.add_argument( "-r", "--range", action="store_true", default=default_config["check_ranges"], dest="check_ranges", help=messages(language, "range"), ) method.add_argument( "-s", "--sub-domains", action="store_true", default=default_config["check_subdomains"], dest="check_subdomains", help=messages(language, "subdomains"), ) method.add_argument( "-t", "--thread-connection", action="store", default=default_config["thread_number"], type=int, dest="thread_number", help=messages(language, "thread_number_connections"), ) method.add_argument( "-M", "--thread-hostscan", action="store", default=default_config["thread_number_host"], type=int, dest="thread_number_host", help=messages(language, "thread_number_hosts"), ) method.add_argument( "-R", "--socks-proxy", action="store", dest="socks_proxy", default=default_config["socks_proxy"], help=messages(language, "outgoing_proxy"), ) method.add_argument( "--retries", action="store", dest="retries", type=int, default=default_config["retries"], help=messages(language, "connection_retries"), ) method.add_argument( "--ping-before-scan", action="store_true", dest="ping_flag", default=default_config["ping_flag"], help=messages(language, "ping_before_scan"), ) method.add_argument( "--method-args", action="store", dest="methods_args", default=default_config["methods_args"], help=messages(language, "method_inputs"), ) method.add_argument( "--method-args-list", action="store_true", dest="method_args_list", default=default_config["method_args_list"], help=messages(language, "list_methods"), ) # API Options api = parser.add_argument_group( messages(language, "API"), messages(language, "API_options")) api.add_argument("--start-api", action="store_true", dest="start_api", default=default_config["start_api"], help=messages(language, "start_API")) api.add_argument("--api-host", action="store", dest="api_host", default=default_config["api_host"], help=messages(language, "API_host")) api.add_argument("--api-port", action="store", dest="api_port", default=default_config["api_port"], help=messages(language, "API_port")) api.add_argument("--api-debug-mode", action="store_true", dest="api_debug_mode", default=default_config["api_debug_mode"], help=messages(language, "API_debug")) api.add_argument("--api-access-key", action="store", dest="api_access_key", default=default_config["api_access_key"], help=messages(language, "API_access_key")) api.add_argument("--api-client-white-list", action="store_true", dest="api_client_white_list", default=default_config["api_client_white_list"], help=messages(language, "white_list_API")) api.add_argument("--api-client-white-list-ips", action="store", dest="api_client_white_list_ips", default=default_config["api_client_white_list_ips"], help=messages(language, "define_whie_list")) api.add_argument("--api-access-log", action="store_true", dest="api_access_log", default=default_config["api_access_log"], help=messages(language, "gen_API_access_log")) api.add_argument("--api-access-log-filename", action="store", dest="api_access_log_filename", default=default_config["api_access_log_filename"], help=messages(language, "API_access_log_file")) api.add_argument("--api-cert", action="store", dest="api_cert", help=messages(language, "API_cert")) api.add_argument("--api-cert-key", action="store", dest="api_cert_key", help=messages(language, "API_cert_key")) # Return Options return [ parser, parser.parse_args(), default_config["startup_check_for_update"], ]
def __go_for_attacks(targets, check_ranges, check_subdomains, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, users, passwds, timeout_sec, thread_number, ports, ping_flag, methods_args, backup_ports, scan_method, thread_number_host, graph_flag, profile, api_flag, scan_id=None): """ preparing for attacks and managing multi-processing for host Args: targets: list of calculated targets check_ranges: check IP range flag check_subdomains: check subdomain flag log_in_file: output filename time_sleep: time sleep seconds language: language verbose_level: verbose level number retries: retries number socks_proxy: socks proxy address users: usernames passwds: passwords timeout_sec: timeout seconds thread_number: thread numbers ports: port numbers ping_flag: ping before scan flag methods_args: method args for modules backup_ports: port numbers (backup) scan_method: selected module names thread_number_host: threads for hosts scan graph_flag: graph name profile: profile name api_flag: API flag Returns: True when it ends """ suff = now(model="%Y_%m_%d_%H_%M_%S") + "".join( random.choice(string.ascii_lowercase) for x in range(10)) subs_temp = "{}/tmp/subs_temp_".format(load_file_path()) + suff range_temp = "{}/tmp/ranges_".format(load_file_path()) + suff total_targets = -1 for total_targets, _ in enumerate( analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, True)): pass total_targets += 1 total_targets = total_targets * len(scan_method) try: os.remove(range_temp) except: pass range_temp = "{}/tmp/ranges_".format(load_file_path()) + suff targets = analysis(targets, check_ranges, check_subdomains, subs_temp, range_temp, log_in_file, time_sleep, language, verbose_level, retries, socks_proxy, False) trying = 0 if scan_id is None: scan_id = "".join(random.choice("0123456789abcdef") for x in range(32)) scan_cmd = messages(language, "through_API") if api_flag else " ".join( sys.argv) for target in targets: for sm in scan_method: trying += 1 p = multiprocessing.Process( target=start_attack, args=(str(target).rsplit()[0], trying, total_targets, sm, users, passwds, timeout_sec, thread_number, ports, log_in_file, time_sleep, language, verbose_level, socks_proxy, retries, ping_flag, methods_args, scan_id, scan_cmd)) p.name = str(target) + "->" + sm p.start() while 1: n = 0 processes = multiprocessing.active_children() for process in processes: if process.is_alive(): n += 1 else: processes.remove(process) if n >= thread_number_host: time.sleep(0.01) else: break _waiting_for = 0 while 1: try: exitflag = True if len(multiprocessing.active_children()) is not 0: exitflag = False _waiting_for += 1 if _waiting_for > 3000: _waiting_for = 0 info( messages(language, "waiting").format(", ".join( [p.name for p in multiprocessing.active_children()]))) time.sleep(0.01) if exitflag: break except KeyboardInterrupt: for process in multiprocessing.active_children(): process.terminate() break info(messages(language, "remove_temp")) os.remove(subs_temp) os.remove(range_temp) info(messages(language, "sorting_results")) sort_logs(log_in_file, language, graph_flag, scan_id, scan_cmd, verbose_level, 0, profile, scan_method, backup_ports) write("\n") info(messages(language, "done")) write("\n\n") finish() return True
def check_all_required(targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag): # Checking Requirements # Check Help Menu if help_menu_flag is True: parser.print_help() from core.color import finish finish() sys.exit(0) # Check version if show_version is True: from core import compatible from core import color info( messages(language, 84).format(color.color('yellow'), compatible.__version__, color.color('reset'), color.color('cyan'), compatible.__code_name__, color.color('reset'), color.color('green'))) from core.color import finish finish() sys.exit(0) # Check update if check_update is True: info(messages(language, 85)) from core.color import finish finish() sys.exit(0) # Check the target(s) if targets is None and targets_list is None: parser.print_help() write("\n") error(messages(language, 26)) from core.color import finish finish() sys.exit(1) else: if targets is not None: targets = list(set(targets.rsplit(","))) elif targets_list is not None: try: targets = list(set(open(targets_list, "rb").read().rsplit())) except: error(messages(language, 27).format(targets_list)) from core.color import finish finish() sys.exit(1) # Check thread number if thread_number > 100 or thread_number_host > 100: warn(messages(language, 28)) # Check timeout number if timeout_sec is not None and timeout_sec >= 15: warn(messages(language, 29).format(timeout_sec)) # Check scanning method if scan_method is not None and scan_method == "all": scan_method = module_names scan_method.remove("all") elif scan_method is not None and scan_method not in module_names: if "," in scan_method: scan_method = scan_method.rsplit(",") for sm in scan_method: if sm not in module_names: error(messages(language, 30).format(sm)) from core.color import finish finish() sys.exit(1) if sm == "all": scan_method = module_names scan_method.remove("all") break else: error(messages(language, 31).format(scan_method)) from core.color import finish finish() sys.exit(1) elif scan_method is None: error(messages(language, 41)) from core.color import finish finish() sys.exit(1) else: scan_method = scan_method.rsplit() if exclude_method is not None: exclude_method = exclude_method.rsplit(",") for exm in exclude_method: if exm in scan_method: if "all" == exm: messages(language, 32) from core.color import finish finish() sys.exit(1) else: scan_method.remove(exm) if len(scan_method) is 0: messages(language, 33) from core.color import finish finish() sys.exit(1) else: messages(language, 34).format(exm) from core.color import finish finish() sys.exit(1) # Check port(s) if ports is None: error(messages(language, 35)) from core.color import finish finish() sys.exit(1) if type(ports) is not list and "-" in ports: ports = ports.rsplit("-") ports = range(int(ports[0]), int(ports[1]) + 1) elif type(ports) is not list: ports = ports.rsplit(",") # Check user list if users is None and users_list is None and scan_method is not None: for imethod in scan_method: if "_brute" in imethod: error(messages(language, 36)) from core.color import finish finish() sys.exit(1) else: if users is not None: users = list(set(users.rsplit(","))) if users_list is not None: try: users = list(set( open(users_list).read().rsplit("\n"))) # fix later except: error(messages(language, 37).format(targets_list)) from core.color import finish finish() sys.exit(1) # Check password list if passwds is None and passwds_list is None and scan_method is not None: for imethod in scan_method: if "_brute" in imethod: error(messages(language, 38)) from core.color import finish finish() sys.exit(1) else: if passwds is not None: passwds = list(set(passwds.rsplit(","))) if passwds_list is not None: try: passwds = list(set( open(passwds_list).read().rsplit("\n"))) # fix later except: error(messages(language, 39).format(targets_list)) from core.color import finish finish() sys.exit(1) # Check output file try: tmpfile = open(log_in_file, "w") except: error(messages(language, 40).format(log_in_file)) from core.color import finish finish() sys.exit(1) # Check Proxies if proxies is not None: proxies = list(set(proxies.rsplit(','))) elif proxies_file is not None: if os.path.isfile(proxies_file): try: proxies = list(set(open(proxies_file).read().rsplit())) except: error(messages(language, 82).format(proxies_file)) from core.color import finish finish() sys.exit(1) else: error(messages(language, 83).format(proxies_file)) from core.color import finish finish() sys.exit(1) # Check Graph if graph_flag is not None: if not (len(log_in_file) >= 5 and log_in_file[-5:] == '.html') or ( not len(log_in_file) >= 4 and log_in_file[-4:] == '.htm'): error(messages(language, 87)) from core.color import finish finish() sys.exit(1) if graph_flag not in load_all_graphs(): error(messages(language, 97).format(graph_flag)) from core.color import finish finish() sys.exit(1) # Return the values return [ targets, targets_list, thread_number, thread_number_host, log_in_file, scan_method, exclude_method, users, users_list, passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version, check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag ]