def netbios_scan(ipaddress_list, timeout=0.5):
TYPE_UNKNOWN = 0x01
TYPE_WORKSTATION = 0x00
TYPE_CLIENT = 0x03
TYPE_SERVER = 0x20
TYPE_DOMAIN_MASTER = 0x1B
TYPE_DOMAIN_CONTROLLER = 0x1C
TYPE_MASTER_BROWSER = 0x1D
TYPE_BROWSER = 0x1E
TYPE_NETDDE = 0x1F
TYPE_STATUS = 0x21
format_str = "{:<16}{:<20}{:<20}{:<20}{}".format("IPAddress", "DOMAIN",
"NetbiosName", "MAC",
"Nets")
logger.info(format_str)
for ipaddress in ipaddress_list:
n = NetBIOS()
result = {
"ip": ipaddress,
"domain": None,
"name": None,
"nets": [],
"mac": None
}
try:
entries = n.getnodestatus('*', ipaddress, timeout=timeout)
result['mac'] = n.getmacaddress()
except Exception as E:
continue
for entrie in entries:
if entrie["TYPE"] == TYPE_SERVER:
result["name"] = entrie["NAME"].strip().decode('latin-1')
elif entrie["TYPE"] == TYPE_WORKSTATION:
result["domain"] = entrie["NAME"].strip().decode('latin-1')
elif entrie["TYPE"] == TYPE_CLIENT:
result["TYPE_CLIENT"] = entrie["NAME"].strip().decode(
'latin-1')
elif entrie["TYPE"] == TYPE_DOMAIN_MASTER:
result["TYPE_DOMAIN_MASTER"] = entrie["NAME"].strip().decode(
'latin-1')
elif entrie["TYPE"] == TYPE_DOMAIN_CONTROLLER:
result["TYPE_DOMAIN_CONTROLLER"] = entrie["NAME"].strip(
).decode('latin-1')
elif entrie["TYPE"] == TYPE_MASTER_BROWSER:
result["TYPE_MASTER_BROWSER"] = entrie["NAME"].strip().decode(
'latin-1')
elif entrie["TYPE"] == TYPE_STATUS:
result["TYPE_STATUS"] = entrie["NAME"].strip().decode(
'latin-1')
try:
if result.get("name") is not None:
resp = n.name_query_request(result.get("name"), ipaddress)
result["nets"].extend(resp.entries)
except Exception as e:
pass
format_str = "{:<16}{:<20}{:<20}{:<20}{}".format(
ipaddress, result.get("domain"), result.get("name"),
result.get("mac"), result.get("nets"))
logger.warning(format_str)
def logger_website(self, portScan_result, website, title, wappalyzer_list,
response):
tech_list = []
for one in wappalyzer_list:
tech_list.append("{}:{}".format(one.get("name"),
one.get("version")))
try:
vendorproductname = portScan_result.get("data").get(
"versioninfo").get("vendorproductname")[0]
if len(
portScan_result.get("data").get("versioninfo").get(
"version")) > 0:
version = portScan_result.get("data").get("versioninfo").get(
"version")[0]
else:
version = None
tech_list.append("{}:{}".format(vendorproductname, version))
except Exception as E:
pass
logger.warning("WebSite : {}".format(website))
logger.warning("StatusCode: {}".format(response.status_code))
logger.warning("Title : {}".format(title.encode("utf-8")))
logger.warning("Tech : {}".format(tech_list))
logger.warning("----------------------------------------------")
async def parse(self, ctx, msg, settings):
role_converter = RoleConverter()
new_roles = []
roles = settings.roles_dict
for match in re.finditer(self.pattern, msg.content):
try:
role = await role_converter.convert(ctx, match['role'])
except CommandError:
logger.warning(f"'{match['role']}' doesn't seem to be a role")
continue
if match['nick']:
new_roles.append((match.group('nick').lower(), role.id))
else:
new_roles.append((role.name.lower(), role.id))
if new_roles == []:
raise ValueError
for role in new_roles:
if role[1] in roles.values(): # if role already in dict
if role[0] not in roles: # in dict with a different nick
roles = {k: v for k, v in roles.items() if v != role[1]}
roles[role[0]] = role[1]
else: # in dict with the same nick
roles = {k: v for k, v in roles.items() if v != role[1]}
else: # new role
roles[role[0]] = role[1]
return roles
def ms17010scan(ipaddress, port=445, timeout=3):
try:
s = socket.socket(AF_INET, SOCK_STREAM)
s.settimeout(timeout)
s.connect((str(ipaddress), port))
s.send(packetms17010)
nativeos = ""
try:
while True:
data = s.recv(1024)
if data[8:10] == "\x73\x00":
nativeos = data[45:100].split(b'\x00' * 1)[0]
if data[8:10] == "\x25\x05":
if data[9:13] == "\x05\x02\x00\xc0":
format_str = "{:<16}{:<7}{:<25}{}".format(ipaddress, port, "VULNERABLE to MS17-010", nativeos)
logger.warning(format_str)
s.send(handle(data, str(ipaddress)))
except Exception as E:
pass
s.close()
except Exception as msg:
# print("[+] Can't connecto to "+str(targets))
try:
s.close()
except Exception as E:
pass
def format_log(self, ipaddress, port, data):
if data.get(u"number") is not None:
# 根据端口猜测fingerprint
format_str = "{:<16}{:<7}{:<20}".format(ipaddress, port, data.get("service") + "?")
store_str = "{},{},{}".format(ipaddress, port, data.get("service") + "?")
else:
versioninfo = ""
try:
versioninfo = versioninfo + data.get("versioninfo").get("vendorproductname")[0] + " "
except Exception as E:
pass
try:
versioninfo = versioninfo + data.get("versioninfo").get("version")[0] + " "
except Exception as E:
pass
try:
versioninfo = versioninfo + data.get("versioninfo").get("operatingsystem")[0] + " "
except Exception as E:
pass
try:
versioninfo = versioninfo + data.get("versioninfo").get("info")[0] + " "
except Exception as E:
pass
try:
versioninfo = versioninfo + data.get("versioninfo").get("hostname")[0] + " "
except Exception as E:
pass
format_str = "{:<16}{:<7}{:<20}{}".format(ipaddress, port, data.get("service"), versioninfo)
store_str = "{},{},{}".format(ipaddress, port, data.get("service"))
logger.warning(format_str)
ipportservicelogger.info(store_str)
async def on_emoji_renamed(self, before, after) -> None:
"""updates our version of an emoji that just got renamed"""
logger.debug(f'renamed emoji {before.name}->{after.name}')
e = next((e for e in self.emojis if before.id == e.discord_id), None)
if e is None:
logger.warning(
f"someone renamed an emoji that I don't know about! {after.name}:{after.id}"
)
else:
e.update_from_discord(after)
await self._update_emojis_db((e, ))
async def list_guilds(self):
"""Update the manager with the guilds that we know about"""
await self.wait_until_ready()
while not self.is_closed():
logger.info("Current guilds:")
for guild in self.guilds:
if guild.me.display_name == 'archit.us':
try:
await guild.me.edit(nick='architus')
except discord.Forbidden:
logger.warning(f"couldn't change nickname in {guild.name}")
logger.info("{} - {} ({})".format(guild.name, guild.id, guild.member_count))
await asyncio.sleep(600)
def netbios_scan(ipaddress, timeout):
n = NetBIOS()
result = {
"ip": ipaddress,
"domain": None,
"name": None,
"nets": [],
"mac": None
}
try:
entries = n.getnodestatus('*', ipaddress, timeout=timeout)
result['mac'] = n.getmacaddress()
except Exception as E:
return
for entrie in entries:
if entrie["TYPE"] == TYPE_SERVER:
result["name"] = entrie["NAME"].strip().decode('latin-1')
elif entrie["TYPE"] == TYPE_WORKSTATION:
result["domain"] = entrie["NAME"].strip().decode('latin-1')
elif entrie["TYPE"] == TYPE_CLIENT:
result["TYPE_CLIENT"] = entrie["NAME"].strip().decode('latin-1')
elif entrie["TYPE"] == TYPE_DOMAIN_MASTER:
result["TYPE_DOMAIN_MASTER"] = entrie["NAME"].strip().decode(
'latin-1')
elif entrie["TYPE"] == TYPE_DOMAIN_CONTROLLER:
result["TYPE_DOMAIN_CONTROLLER"] = entrie["NAME"].strip().decode(
'latin-1')
elif entrie["TYPE"] == TYPE_MASTER_BROWSER:
result["TYPE_MASTER_BROWSER"] = entrie["NAME"].strip().decode(
'latin-1')
elif entrie["TYPE"] == TYPE_STATUS:
result["TYPE_STATUS"] = entrie["NAME"].strip().decode('latin-1')
try:
if result.get("name") is not None:
resp = n.name_query_request(result.get("name"),
ipaddress,
timeout=timeout)
result["nets"].extend(resp.entries)
except Exception as e:
pass
format_str = "{:<16}{:<20}{:<20}{:<20}{}".format(ipaddress,
result.get("domain"),
result.get("name"),
result.get("mac"),
result.get("nets"))
logger.warning(format_str)
async def cache_guild(self, guild):
'''cache interesting information about all the messages in a guild'''
logger.debug(f"Downloading messages in {len(guild.channels)} channels for '{guild.name}'...")
for channel in guild.text_channels:
try:
await self.cache_channel(channel)
except Forbidden:
logger.warning(f"Insuffcient permissions to download messages from '{guild.name}.{channel.name}'")
except HTTPException as e:
logger.error(f"Caught {e} when downloading '{guild.name}.{channel.name}'")
logger.error("trying again in 10 seconds...")
await asyncio.sleep(10)
try:
await self.cache_channel(channel)
except Exception:
logger.exception("failed to download channel a second time, giving up :(")
async def schedule(self, ctx, *argst):
'''
Start an event poll.
Timezone is based on your servers voice zone.
'''
args = list(argst)
logger.debug(args)
# event bot's id
if ctx.guild.get_member(476042677440479252):
logger.warning("not scheduling cause event bot exists")
return
region = ctx.guild.region
tz = pytz.timezone(self.get_timezone(region))
# ct = datetime.datetime.now(tz=tz)
title = []
parsed_time = None
for i in range(len(args)):
with suppress(ValueError):
parsed_time = dateutil.parser.parse(' '.join(args))
# parsed_time = tz.localize(parsed_time)
break
with suppress(ValueError):
parsed_time = dateutil.parser.parse(' '.join(args[:-1]))
# parsed_time = tz.localize(parsed_time)
break
title.append(args[0])
del args[0]
else:
parsed_time = await self.prompt_date(ctx, ctx.author)
if not parsed_time:
return
parsed_time = tz.localize(parsed_time)
if len(title) == 0:
title_str = await self.prompt_title(ctx, ctx.author)
if not title_str:
return
else:
title_str = ' '.join(title)
msg = await ctx.channel.send(
self.render_schedule_text(title_str, parsed_time, [], [], []))
await msg.add_reaction(self.YES_EMOJI)
await msg.add_reaction(self.NO_EMOJI)
await msg.add_reaction(self.MAYBE_EMOJI)
self.schedule_messages[msg.id] = ScheduleEvent(msg, title_str,
parsed_time)
async def api_entry(self, method_name, *args, **kwargs):
"""Callback method for the rpc server
:param method_name: name of the method to execute
:param *args: args to pass through
:param **kwargs: kwargs to pass through
"""
try:
assert not method_name.startswith('_')
method = getattr(self, method_name)
except (AttributeError, AssertionError):
logger.warning(f"Someone tried to call '{method}' but it doesn't exist (or is private)")
return {"message": "No such method"}, sc.NOT_FOUND_404
try:
return await method(*args, **kwargs)
except Exception as e:
logger.exception(f"caught exception while handling remote request")
return {"message": f"'{e}'"}, sc.INTERNAL_SERVER_ERROR_500
def check_website_url(self, website=None, urls=[]):
for url in urls:
if website.startswith('https://') or website.startswith('http://'):
entireUrl = "{}/{}".format(website, url)
else:
entireUrl = "http://{}/{}".format(website, url)
try:
logging.captureWarnings(True)
response = requests.get(entireUrl,
verify=False,
headers=self.headers,
timeout=3)
response.encoding = response.apparent_encoding
except Exception as E:
continue
if response.ok:
logger.warning("WebSite : {}".format(website))
logger.warning("StatusCode: {}".format(response.status_code))
logger.warning("Url : {}".format(url))
logger.warning("Maybe this is your target !!!")
logger.warning(
"----------------------------------------------")
def http_scan(url):
# confluence
try:
s = CVE_2019_3396(url)
if s.check():
format_str = "{:<25} VULNERABLE to CVE_2019_3396".format(url)
logger.warning(format_str)
except Exception as E:
pass
# jboss
try:
s = CVE_2017_12149(url)
if s.check():
format_str = "{:<25} VULNERABLE to CVE_2017_12149".format(url)
logger.warning(format_str)
except Exception as E:
pass
# struts2
try:
s = S2_015(url)
if s.check():
format_str = "{:<25} VULNERABLE to S2_015".format(url)
logger.warning(format_str)
except Exception as E:
pass
try:
s = S2_016(url)
if s.check():
format_str = "{:<25} VULNERABLE to S2_016".format(url)
logger.warning(format_str)
format_str = "{:<25} Webpath: {}".format(url, s.get_path())
logger.warning(format_str)
except Exception as E:
pass
try:
s = S2_045(url)
if s.check():
format_str = "{:<25} VULNERABLE to S2_045".format(url)
logger.warning(format_str)
format_str = "{:<25} Webpath: {}".format(url, s.get_path())
logger.warning(format_str)
except Exception as E:
pass
# tomcat
try:
s = CVE_2017_12615(url)
if s.check():
format_str = "{:<25} VULNERABLE to CVE_2017_12615".format(url)
logger.warning(format_str)
format_str = "{:<25} Webshell: {}".format(url, s.confirm_info())
logger.warning(format_str)
except Exception as E:
pass
try:
s = WeakPassword(url)
if s.check():
format_str = "{:<25} VULNERABLE to WeakPassword".format(url)
logger.warning(format_str)
except Exception as E:
pass
# weblogic
try:
s = CVE_2017_10271(url)
if s.check():
format_str = "{:<25} VULNERABLE to CVE_2017_10271".format(url)
logger.warning(format_str)
except Exception as E:
pass
try:
s = CVE_2018_2894(url)
if s.check():
format_str = "{:<25} VULNERABLE to CVE_2018_2894".format(url)
logger.warning(format_str)
except Exception as E:
pass
try:
s = CVE_2019_2729(url)
if s.check():
format_str = "{:<25} VULNERABLE to CVE_2019_2729".format(url)
logger.warning(format_str)
except Exception as E:
pass
def read_squad_examples(input_file, is_training):
"""Read a SQuAD json file into a list of SquadExample."""
with open(input_file, "r", encoding="utf-8") as reader:
input_data = json.load(reader)["data"]
#
examples = []
for entry in input_data:
for paragraph in entry["paragraphs"]:
paragraph_text = paragraph["context"]
raw_doc_tokens = customize_tokenizer(
paragraph_text, do_lower_case=cf.do_lower_case)
doc_tokens = []
char_to_word_offset = []
prev_is_whitespace = True
k = 0
temp_word = ""
for c in paragraph_text:
if is_whitespace(c):
char_to_word_offset.append(k - 1)
continue
else:
temp_word += c
char_to_word_offset.append(k)
if cf.do_lower_case:
temp_word = temp_word.lower()
if temp_word == raw_doc_tokens[k]:
doc_tokens.append(temp_word)
temp_word = ""
k += 1
assert k == len(raw_doc_tokens)
for qa in paragraph["qas"]:
qas_id = qa["id"]
question_text = qa["question"]
start_position = None
end_position = None
orig_answer_text = None
if is_training:
answer = qa["answers"][0]
orig_answer_text = answer["text"]
if orig_answer_text not in paragraph_text:
logger.warning("Could not find answer")
else:
answer_offset = paragraph_text.index(orig_answer_text)
answer_length = len(orig_answer_text)
start_position = char_to_word_offset[answer_offset]
end_position = char_to_word_offset[answer_offset +
answer_length - 1]
# Only add answers where the text can be exactly recovered from the
# document. If this CAN'T happen it's likely due to weird Unicode
# stuff so we will just skip the example.
#
# Note that this means for training mode, every example is NOT
# guaranteed to be preserved.
actual_text = "".join(
doc_tokens[start_position:(end_position + 1)])
cleaned_answer_text = "".join(
whitespace_tokenize(orig_answer_text))
if cf.do_lower_case:
cleaned_answer_text = cleaned_answer_text.lower()
if actual_text.find(cleaned_answer_text) == -1:
# pdb.set_trace()
logger.warning(
"Could not find answer: '%s' vs. '%s'",
actual_text, cleaned_answer_text)
continue
example = SquadExample(qas_id=qas_id,
question_text=question_text,
doc_tokens=doc_tokens,
orig_answer_text=orig_answer_text,
start_position=start_position,
end_position=end_position)
examples.append(example)
logger.info("**********read_squad_examples complete!**********")
return examples
def bruteforce_interface(portScan_result_list, timeout, no_default_dict, proto_list, pool):
password_total = Password_total()
password_total.init(no_default_dict)
try:
import psycopg2
tasksQueue = Queue.Queue()
postgreSQL_login = PostgreSQL_login()
for one_portscan_result in portScan_result_list:
service = one_portscan_result.get("service").lower()
ipaddress = one_portscan_result.get("ipaddress")
port = one_portscan_result.get("port")
if "postgresql" in service and "postgresql" in proto_list:
tasksQueue.put(
(postgreSQL_login.login, (ipaddress, port, password_total.PostgreSQL_user_passwd_pair_list)))
runner = Runer(100)
runner.taskQueue = tasksQueue
runner.start()
except Exception as E:
logger.warning("Can not import OpenSSL,PostgreSQL pass")
# 协程扫描
patch_all()
try:
import gevent_openssl
gevent_openssl.monkey_patch()
from bruteforce.rdp_check import check_rdp
SSL_FLAG = True
except Exception as E:
logger.error("Can not import OpenSSL,RDP pass")
SSL_FLAG = False
if SSL_FLAG:
rdp_login = RDP_login(timeout) # 1.07500004768
smb_login = SMB_login(timeout) # 1.08800005913
ssh_login = SSH_login(timeout) # 30.617000103
ftp_login = FTP_login(timeout) # 9.10599994659
mysql_login = MySQL_login(timeout) # 15.7749998569
mssql_login = MSSQL_login(timeout) # 1.04799985886
redis_login = Redis_login(timeout) # 12.3710000515
mongo_login = MongoDB_login(timeout) # 12.9830000401
memcached_login = Memcached_login(timeout) # 2.07899999619
vnc_login = VNC_login(timeout) # 6.06700015068
pool = pool
tasks = []
for one_portscan_result in portScan_result_list:
service = one_portscan_result.get("service").lower()
ipaddress = one_portscan_result.get("ipaddress")
port = one_portscan_result.get("port")
# 快的扫描
if SSL_FLAG:
if ("ms-wbt-server" in service or "rdp" in service) and "rdp" in proto_list and SSL_FLAG:
task = pool.spawn(rdp_login.login, ipaddress, port, password_total.RDP_user_passwd_pair_list)
tasks.append(task)
if "ssh" in service and "ssh" in proto_list: # 原生支持协程,直接扫描
ssh_login.login_with_pool(ipaddress, port, password_total.SSH_user_passwd_pair_list, pool.size)
if "mongodb" in service and "mongodb" in proto_list:
task = pool.spawn(mongo_login.login, ipaddress, port, password_total.MongoDB_user_passwd_pair_list)
tasks.append(task)
if "ftp" in service and "ftp" in proto_list:
task = pool.spawn(ftp_login.login, ipaddress, port, password_total.FTP_user_passwd_pair_list)
tasks.append(task)
if "microsoft-ds" in service and "smb" in proto_list:
task = pool.spawn(smb_login.login, ipaddress, port, password_total.SMB_user_passwd_pair_list)
tasks.append(task)
if "mysql" in service and "mysql" in proto_list:
task = pool.spawn(mysql_login.login, ipaddress, port, password_total.MYSQL_user_passwd_pair_list)
tasks.append(task)
if "ms-sql-s" in service and "mssql" in proto_list:
task = pool.spawn(mssql_login.login, ipaddress, port, password_total.MSSQL_user_passwd_pair_list)
tasks.append(task)
if "redis" in service and "redis" in proto_list:
task = pool.spawn(redis_login.login, ipaddress, port, password_total.Redis_user_passwd_pair_list)
tasks.append(task)
if "memcached" in service and "memcached" in proto_list:
task = pool.spawn(memcached_login.login, ipaddress, port, password_total.Memcached_user_passwd_pair_list)
tasks.append(task)
if "vnc" in service and "vnc" in proto_list:
task = pool.spawn(vnc_login.login, ipaddress, port, password_total.VNC_user_passwd_pair_list)
tasks.append(task)
gevent.joinall(tasks)
async def gulag(self, ctx, comrade: discord.Member):
'''
Starts a vote to move a member to the gulag.
Each vote over the threshold will add additional time.
'''
settings = self.bot.settings[ctx.guild]
filtered = filter(lambda role: role.name == "kulak", ctx.guild.roles)
try:
gulag_role = next(filtered)
gulag_emoji = settings.gulag_emoji
assert gulag_emoji is not None
except Exception:
logger.warning("gulag role/emoji not found")
await ctx.send(
"Please create a role called `kulak` and an emoji called `gulag` to use this feature."
)
return
if comrade == self.bot.user:
await ctx.channel.send(file=discord.File('res/treason.gif'))
comrade = ctx.author
t_end = time.time() + 60 * 30
user_list = []
timer_msg = None
timer_msg_gulag = None
generated = False
msg = await ctx.send(
f"{settings.gulag_threshold} more {gulag_emoji}'s to gulag {comrade.display_name}"
)
await msg.add_reaction(gulag_emoji)
while time.time() < t_end:
user = None
def check(r, u):
return r.message.id == msg.id and str(r.emoji) == gulag_emoji
with suppress(asyncio.TimeoutError):
react, user = await self.bot.wait_for('reaction_add',
timeout=5,
check=check)
if user and user not in user_list and user != self.bot.user:
user_list.append(user)
await msg.edit(
content=
f"{max(0, (settings.gulag_threshold - len(user_list)))} more {gulag_emoji}'s "
f"to gulag {comrade.display_name}")
t_end += int((settings.gulag_severity / 2) * 60)
if len(
user_list
) >= settings.gulag_threshold and gulag_role not in comrade.roles:
try:
logger.debug(comrade.avatar_url)
img = gulaggen.generate(await comrade.avatar_url_as(
format='png', size=1024).read())
generated = True
except Exception:
logger.exception("gulag generator error")
pass
if generated:
await ctx.channel.send(file=discord.File(
img,
filename=f'{self.bot.hoarfrost_gen.generate()}.png'))
else:
await ctx.channel.send(f"gulag'd {comrade.display_name}")
timer_msg = await ctx.channel.send(
f"⏰ {int(settings.gulag_severity * 60)} seconds")
with suppress(AttributeError):
timer_msg_gulag = await (
discord.utils.get(ctx.guild.text_channels,
name='gulag')
).send(
f"⏰ {int(settings.gulag_severity * 60)} seconds, {comrade.display_name}"
)
await comrade.add_roles(gulag_role)
t_end = time.time() + int(60 * settings.gulag_severity)
elif timer_msg or timer_msg_gulag:
await timer_msg.edit(
content=f"⏰ {int(max(0, t_end - time.time()))} seconds")
with suppress(AttributeError):
await timer_msg_gulag.edit(
content=f"⏰ {int(max(0, t_end - time.time()))} seconds,"
f" {comrade.display_name}")
if gulag_role not in comrade.roles:
await msg.edit(
content=f"Vote for {comrade.display_name} failed to pass")
await comrade.remove_roles(gulag_role)
logger.info('ungulag\'d ' + comrade.display_name)