def gen_fuzz_domains(domain, rule):
domains = set()
if '{fuzz}' not in domain:
logger.log('FATAL', f'没有指定fuzz位置')
return domains
if not rule:
logger.log('FATAL', f'没有指定fuzz规则')
return domains
fuzz_count = exrex.count(rule)
if fuzz_count > 2000000:
logger.log('FATAL', f'fuzz规则范围太大:{fuzz_count} > 2000000')
return domains
logger.log('INFOR', f'fuzz字典大小:{fuzz_count}')
for i in range(3):
random_domain = domain.replace('{fuzz}', exrex.getone(rule))
logger.log('ALERT', f'请注意检查随机生成的{random_domain}是否正确')
logger.log('ALERT', f'你有10秒检查时间退出使用`CTRL+C`')
try:
time.sleep(5)
except KeyboardInterrupt:
logger.log('INFOR', '爆破终止')
exit(0)
parts = domain.split('{fuzz}')
for fuzz in exrex.generate(rule):
fuzz_domain = parts[0] + fuzz + parts[1]
domains.add(fuzz_domain)
return domains
def gen_fuzz_subdomains(expression, rule):
"""
Generate subdomains based on fuzz mode
:param str expression: generate subdomains's expression
:param str rule: regexp rule
:return list subdomains: list of subdomains
"""
subdomains = list()
fuzz_count = exrex.count(rule)
if fuzz_count > 10000000:
logger.log(
'ALERT',
f'The dictionary generated by this rule is too large:{fuzz_count} > 10000000'
)
logger.log('DEBUG', f'Dictionary size based on fuzz mode: {fuzz_count}')
for fuzz_string in exrex.generate(rule):
fuzz_string = fuzz_string.lower()
if not fuzz_string.isalnum():
continue
fuzz_domain = expression.replace('*', fuzz_string)
subdomains.append(fuzz_domain)
random_domain = random.choice(subdomains)
logger.log('ALERT',
f'Please check whether {random_domain} is correct or not')
return subdomains
def gen_fuzz_subdomains(expression, rule, fuzzlist):
"""
Generate subdomains based on fuzz mode
:param str expression: generate subdomains's expression
:param str rule: regexp rule
:param str fuzzlist: fuzz dictionary
:return set subdomains: list of subdomains
"""
subdomains = set()
if fuzzlist:
fuzz_domain = gen_subdomains(expression, fuzzlist)
subdomains.update(fuzz_domain)
if rule:
fuzz_count = exrex.count(rule)
if fuzz_count > 10000000:
logger.log(
'ALERT',
f'The dictionary generated by this rule is too large: '
f'{fuzz_count} > 10000000')
for fuzz_string in exrex.generate(rule):
fuzz_string = fuzz_string.lower()
if not fuzz_string.isalnum():
continue
fuzz_domain = expression.replace('*', fuzz_string)
subdomains.add(fuzz_domain)
utils.check_random_subdomain(subdomains)
logger.log('DEBUG',
f'Dictionary size based on fuzz mode: {len(subdomains)}')
return subdomains
def count_test():
for regex, result in RS.items():
c = count(regex)
l = len(result)
try:
assert c == l
except:
print '[E] Assertion error! "%s"\n\t%d != %d' % (regex, c, l)
def count_test():
for regex, result in RS.items():
c = count(regex)
l = len(result)
try:
assert c == l
except:
print '[E] Assertion error! "%s"\n\t%d != %d' % (regex, c, l)
def regex_exrex(pattern, count):
count = int(count) if int(count) > 0 and int(count) < 10 else 10
return objdict({
"pattern":
pattern,
"data":
sorted(set([exrex.getone(pattern) for _ in range(count)])),
"count":
exrex.count(pattern)
})
def count_matches(include_malpedia: bool = False):
if exrex is None:
print("Error: Python module exrex is needed but not available.",
file=sys.stderr)
return 2
replace = re.compile(
r'\{[0-9]*,?([0-9]{2,}|[3-9])(,[0-9]*)?\}'
) # either more than one digit or greater than 2. Match also '{..,n}' or '{n,...}'
print(
sum(
exrex.count(replace.sub('', expression))
for expression, _, _ in load_mapping(
include_malpedia=include_malpedia) if '*' not in expression))
def count_test():
for regex, result in RS.items():
c = count(regex)
l = len(result)
try:
assert c == l
except:
if IS_PY3:
print('[E] Assertion error! "%s"\n\t%d != %d' % (regex, c, l))
return -1
else:
print('[E] Assertion error! "%s"\n\t%d != %d' % (regex.decode("utf-8"), c, l))
return -1
return 0
def _get_primary_keys(self, table_name, num_rows):
"""Return the primary key and amount of values for the requested table.
Args:
table_name(str): Name of the table to get the primary keys.
num_rowd(str): Number of primary_keys to generate.
Returns:
tuple(str,pandas.Series): If the table has a primary key.
tuple(None, None): If the table doesn't have a primary key.
Raises:
ValueError: If there aren't enough remaining values to generate.
"""
meta = self.dn.get_meta_data(table_name)
primary_key = meta.get('primary_key')
primary_key_values = None
if primary_key:
node = meta['fields'][primary_key]
regex = node['regex']
generator = self.primary_key.get(table_name)
if generator is None:
generator = exrex.generate(regex)
self.primary_key[table_name] = generator
remaining = exrex.count(regex)
self.remaining_primary_key[table_name] = remaining
else:
remaining = self.remaining_primary_key[table_name]
if remaining < num_rows:
raise ValueError(
'Not enough unique values for primary key of table {} with regex {}'
' to generate {} samples.'.format(table_name, regex,
num_rows))
self.remaining_primary_key[table_name] -= num_rows
primary_key_values = pd.Series(
[x for i, x in zip(range(num_rows), generator)])
if (node['type'] == 'number') and (node['subtype'] == 'integer'):
primary_key_values = primary_key_values.astype(int)
return primary_key, primary_key_values
def count_test():
for regex, result in RS.items():
c = count(regex)
l = len(result)
try:
assert c == l
except:
if IS_PY3:
print('[E] Assertion error! "%s"\n\t%d != %d' % (regex, c, l))
return -1
else:
print('[E] Assertion error! "%s"\n\t%d != %d' %
(regex.decode('utf-8'), c, l))
return -1
return 0
def __init__(self, name, regex, limit=20):
if isinstance(name, str) and name:
self.name = name
else:
raise DizzyParseException("Name must be str and not empty.")
if isinstance(regex, str):
self.regex = regex
else:
raise DizzyParseException("regex must be str.")
if isinstance(limit, int):
self.limit = limit
else:
raise DizzyParseException("limit must be int.")
self.len = count(self.regex, self.limit)
def generate(str_length=10, patterns=[]):
print("# total possible strings: ", exrex.count('(a|b|c|d|e|f){{{}}}'.format(str_length)))
data = {
"pos": [],
"neg": []
}
for str in exrex.generate('(a|b|c|d|e|f){{{}}}'.format(str_length)):
label = False
latest = -1
for p in patterns:
if p[0].match(str):
label = p[1]
latest = p[0]
if label:
data["pos"].append((str, label, latest))
else:
data["neg"].append((str, label, latest))
return data
def gen_fuzz_subdomains(expression, rule):
"""
生成基于fuzz模式的爆破子域
:param str expression: 子域域名生成表达式
:param str rule: 生成子域所需的正则规则
:return: 用于爆破的子域
"""
subdomains = list()
fuzz_count = exrex.count(rule)
if fuzz_count > 10000000:
logger.log('ALERT', f'请注意该规则生成的字典太大:{fuzz_count} > 10000000')
logger.log('DEBUG', f'fuzz模式下生成的字典大小:{fuzz_count}')
for fuzz_string in exrex.generate(rule):
fuzz_string = fuzz_string.lower()
if not fuzz_string.isalnum():
continue
fuzz_domain = expression.replace('*', fuzz_string)
subdomains.append(fuzz_domain)
random_domain = random.choice(subdomains)
logger.log('ALERT', f'请注意检查基于fuzz模式生成的{random_domain}是否正确')
return subdomains
# Python3.7.3
import exrex
exrex.getone('(ex)r\\1')
list(exrex.generate('((hai){2}|world!)'))
exrex.getone('\d{4}-\d{4}-\d{4}-[0-9]{4}')
exrex.getone('(1[0-2]|0[1-9])(:[0-5]\d){2} (A|P)M')
exrex.count('[01]{0,9}')
print('\n'.join(exrex.generate('This is (a (secret|test|whisper)|an (code|lie|truth))\.')))
print(exrex.simplify('(ab|c|d)'))
# -*- coding: utf-8 -*-
import exrex
#填入正则表达式的代码会生成对应的内容
print exrex.getone('(ex)r\\1')
#转换列表 匹配2个hai或word
num = list(exrex.generate('((hai){2}|word!)'))
print num
#数字 如3575-7048-5984-2471
print exrex.getone('\d{4}-\d{4}-\d{4}-[0-9]{4}')
#时间
print exrex.getone('(1[0-2]|0[1-9])(:[0-5]\d){2} (A|P)M')
#计数
print exrex.count('[01]{0,9}')
#假设知道某个密码的组合方式,需要将所有的密码都列举出来
num = list(exrex.generate('[Pp][a@]ssw[Oo]rd'))
print num
from tests import *
import shutil
dir_path = os.path.dirname(os.path.realpath(__file__))
if not os.path.isfile(dir_path + "/config.py"):
shutil.copy2(dir_path + "/defaults.py", dir_path + "/config.py")
from config import *
def command(tup):
return "(" + tup[0] + ")" + PLACEHOLDER + "(" + tup[1] + ")"
t_count = count(command(AUTO_TESTER))
DIR = "* = expected - = actual\n"
def run_tests(tests, source, reference, force_strict, leng=None):
total_errors = []
total_tested = 0
for key, test_pool in tests.items():
print("running", key, "tests..")
errors = test_pool.run_tests(source, reference, force_strict, key,
leng)
l = len(errors)
total_tested += len(test_pool)
if l > 0:
total_errors += errors
if reinput(
def _get_primary_keys(self, table_name, num_rows):
"""Return the primary key and amount of values for the requested table.
Args:
table_name (str):
Name of the table to get the primary keys from.
num_rows (str):
Number of ``primary_keys`` to generate.
Returns:
tuple (str, pandas.Series):
primary key name and primary key values. If the table has no primary
key, ``(None, None)`` is returned.
Raises:
ValueError:
If the ``metadata`` contains invalid types or subtypes, or if
there are not enough primary keys left on any of the generators.
NotImplementedError:
If the primary key subtype is a ``datetime``.
"""
primary_key = self.metadata.get_primary_key(table_name)
primary_key_values = None
if primary_key:
field = self.metadata.get_fields(table_name)[primary_key]
generator = self.primary_key.get(table_name)
if generator is None:
if field['type'] != 'id':
raise ValueError(
'Only columns with type `id` can be primary keys')
subtype = field.get('subtype', 'integer')
if subtype == 'integer':
generator = itertools.count()
remaining = np.inf
elif subtype == 'string':
regex = field.get('regex', r'^[a-zA-Z]+$')
generator = exrex.generate(regex)
remaining = exrex.count(regex)
elif subtype == 'datetime':
raise NotImplementedError(
'Datetime ids are not yet supported')
else:
raise ValueError(
'Only `integer` or `string` id columns are supported.')
self.primary_key[table_name] = generator
self.remaining_primary_key[table_name] = remaining
else:
remaining = self.remaining_primary_key[table_name]
if remaining < num_rows:
raise ValueError(
'Not enough unique values for primary key of table {}'
' to generate {} samples.'.format(table_name, num_rows))
self.remaining_primary_key[table_name] -= num_rows
primary_key_values = pd.Series(
[x for i, x in zip(range(num_rows), generator)])
return primary_key, primary_key_values
sys.exit(1)
FuckyHandle = win32file.CreateFile(
"\\\\.\\PhysicalDrive4", # Change this according to: wmic diskdrive list brief
0xC0000000,
win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE,
None,
win32con.OPEN_EXISTING,
0,
0
)
OutBuffer = bytearray(b"\x00"*80)
CHARSET = r"[a-zA-Z0-9]{6}"
Combinations = exrex.count(CHARSET)
for N, Password in enumerate(exrex.generate(CHARSET)):
InBuffer = (
b"\x2c\x00\x00\x00\x00\x00\x10\x18\x00\x00\x00\x00\x20\x00\x00\x00\x0A\x00\x00\x00\x50\x00\x00\x00\x30\x00\x00\x00\xf4\x01" +
b"\x00" * 50 +
Password.encode("ascii") +
b"\x00" * 60
)
try:
win32file.DeviceIoControl(FuckyHandle, 0x4D004, InBuffer, OutBuffer)
except Exception as Error:
print(Error)
print()
def gen_packet(self):
"""
Infinite generator
Generates all combinations of n_bits that matches the given pattern and repeats
them again.
Returns:
A list with the generated combination
"""
n = self.n
spacing = self.spacing
repetitions = self.repetitions
pattern = self.pattern
# Substitues '.' for '[01]', as packets are a binary string
pattern = re.sub("[.]", "[01]", pattern)
# Python's regex substitutes '*' for {0, 4294967295}, and '+' for {1, 4294967295}.
# To reduce the output of exrex, 4294967295 is changed for n
pattern = re.sub("[*]", "{0," + str(n) + "}", pattern)
pattern = re.sub("[+]", "{1," + str(n) + "}", pattern)
if exrex.count(pattern, limit=n + 1) < (2**self.n):
# Generated with exrex (reversing the regular expression)
while True:
for b in exrex.generate(pattern, limit=n + 1):
# Spacing between packets
yield [2] * self.comb_spacing
if len(b) == n:
# Repeats the current combination 'repetitions' times, if it matches
for i in xrange(repetitions):
yield [int(x) for x in b] + [2] * spacing
print b
else:
# Normal generation (pure bruteforcing)
regex = re.compile(pattern)
b = 0
while True:
s = "{0:b}".format(b).zfill(n)
if regex.match(s):
# Spacing between packets
yield [2] * self.comb_spacing
# Repeats the current combination 'repetitions' times, if it matches
for i in xrange(repetitions):
yield [int(x) for x in s] + [2] * spacing
print s
# Restarts the counter
if b >= ((2**n) - 1):
b = 0
else:
b += 1
