def scan(cls, conf_dir='conf.json'): """ Retrieve title and article of URLs from text files based on config. The retrieved information will be inserted into data.csv by default along with the pre-determined label """ default_scanner_error_log_dir = "./scan_error_log.csv" open(default_scanner_error_log_dir, 'w') # Will always overwrite existing file Scanner._extract_data()
def __init__(self, addr, port):
RPCServer.__init__(self, addr, port, user=User())
self._scanner = Scanner()
locks = []
for _ in range(LOCK_MAX):
locks.append(Lock())
self._locks = HashRing(locks)
self._cache = {}
if DEBUG:
self._register_cnt = 0
self._login_cnt = 0
self._upload_cnt = 0
self._install_cnt = 0
self._uninstall_cnt = 0
self._download_cnt = 0
def main():
parser = build_parser()
args = parser.parse_args()
if args.target is None:
parser.print_help()
print("[-] -t target parameter required")
exit()
starttime = int(time.time())
ipList = IPV4Network(args.target).getIPs()
scanner = Scanner()
print("Scanning {} network".format(args.target))
scanResult = []
with concurrent.futures.ThreadPoolExecutor(max_workers=254) as executor:
futures = {executor.submit(scanner.scan, ip, "-sP"): ip for ip in ipList}
for future in concurrent.futures.as_completed(futures):
result = future.result()
if result:
host = futures[future]
hostname = result['hostname']
scanResult.append((host, hostname))
tableprinter(scanResult)
endtime = int(time.time())
print("Elasped : {} seconds".format(endtime - starttime))
def scan_root(root, host, proto):
srv = get_server(host) if not cfg.LOCAL_TEST else Scanner(
root=root, host=host, protocol=proto)
cfg.LOCAL_TEST or log.info(
f"Connect to {cfg.RPC_SERVER_PROXY_URL} XML-RPC server")
db = ZDB(root, host, proto)
paths = scan_objects(srv, db)
log.info(
f"Updating changed objects in database for root {proto}:{host}:{root}")
log.info(f"Got {len(paths)} changed paths for check")
def _setting_up_the_process(process,args): uid = os.getuid() target = args.target threads = args.Threads quite = args.quite timeout = args.timeout ports = portHandler(args.port) try: Scanner(process,target,ports,threads,timeout,quite) except : sys.exit(msgStat(exce.PermissionDenied(),err=True)())
def main():
target = 'www.ricter.me'
mode = 'single'
# moe, ep(enterprise), single
# moe mode:
# sooooooooooooooooo sloooooooooooow
# sub-domains brute, ports(1-65535) scan, dir scan, C class IP scan (including previous scans)
# ep mode:
# sub-domains brute, ports(21, 22, 53, 80, 81, 82, 88, 873, 2049, 3389, 5900, 8080, 8081, 8888, 7001, 9200
# ) scan, dir scan, C class IP scan(including ports scan)
# single mode
# ports scan (1-65535), dir scan
# run('port_scan', '127.0.0.1', '81,2049', arg=''%)
# run('dir_scan', 'http://static.ricter.me/', status_code=(200, 403))
# run('dns_resolve', 'http://static.ricter.me')
s = Scanner(target=target, mode=mode)
s.run()
def main():
target = 'www.ricter.me'
mode = 'single'
# moe, ep(enterprise), single
# moe mode:
# sooooooooooooooooo sloooooooooooow
# sub-domains brute, ports(1-65535) scan, dir scan, C class IP scan (including previous scans)
# ep mode:
# sub-domains brute, ports(21, 22, 53, 80, 81, 82, 88, 873, 2049, 3389, 5900, 8080, 8081, 8888, 7001, 9200
# ) scan, dir scan, C class IP scan(including ports scan)
# single mode
# ports scan (1-65535), dir scan
# run('port_scan', '127.0.0.1', '81,2049', arg=''%)
# run('dir_scan', 'http://static.ricter.me/', status_code=(200, 403))
# run('dns_resolve', 'http://static.ricter.me')
s = Scanner(target=target, mode=mode)
s.run()
def scanner_subroutine(arguments):
""" Starts the scanning subroutine depeding on application arguments.
Creates a Scanner instance and depending on the user selecting a manual input or a an input file,
it initiates the scanner from different methods.
:param arguments: Application arguments
:type arguments: argparse.Namespace
"""
print_success("Starting scanner subroutine.")
scanner = Scanner(arguments.scan_type,
arguments.ports,
arguments.output_directory,
arguments.output_filename,
arguments.closed_ports,
arguments.skip_os,
arguments.diff_file,
arguments.persistent,
arguments.output_pdf)
if arguments.scan_input_file is not None:
scanner.init_from_file(arguments.scan_input_file)
else:
scanner.init_from_targets(arguments.scan_targets)
def check_host(host):
srv = get_server(host) if not cfg.LOCAL_TEST else Scanner(host=host)
cfg.LOCAL_TEST or log.info(
f"Connect to {cfg.RPC_SERVER_PROXY_URL} XML-RPC server")
cfg.LOCAL_TEST or log.info(
f"Available RPC methods:{str(srv.system.listMethods())}")
db = ZDB(host=host)
for root in db.get_all_roots():
db.set_root(root)
paths = scan_objects(srv, db)
log.info(f"Updating changed objects in database for {root}")
log.info(f"Got {len(paths)} changed paths for check")
log.info(f"Check objects...")
check_objects(srv, db, paths)
log.info(f"Work done! Look at ZDB for results.")
def create_server(bind_host='', bind_port=cfg.RPC_PORT):
"""Create an XML-RPC server instance"""
server = SimpleXMLRPCServer((bind_host, bind_port),
requestHandler=RequestHandler, allow_none=True)
server.register_introspection_functions()
# @server.register_function
server.register_function(check_object)
server.register_function(get_object)
server.register_function(list_files)
server.register_instance(Scanner(), allow_dotted_names=True)
server.register_multicall_functions()
# @server.register_function
# @server.register_function
# server.register_function(Scanner.get_n_obj_scanned)
return server
def main():
"""
Create a filter object, a scanner object, and do all the cool stuff...
"""
f = Filter()
if not args.outfile:
args.outfile = '{0}-{1}.html'.format(args.project,
time.strftime('%Y-%m-%d'))
scanner = Scanner(project=args.project,
source=args.source,
ignored_paths=args.ignored_paths,
color=args.color,
filter_obj=f,
verbose=args.verbose,
outfile=args.outfile,
quiet=args.quiet)
print "Beginning {0} password scan against {1}".format(
args.project, args.source)
scanner.scan()
print "\n{0} Password scan complete.\nOutput written to {1}".format(
args.project, args.outfile)
sys.exit(0)
def check_root(root, host, proto):
srv = get_server(host) if not cfg.LOCAL_TEST else Scanner(root=root,
host=host)
cfg.LOCAL_TEST or log.info(
f"Connect to http://{host}:{cfg.RPC_PORT} XML-RPC server")
cfg.LOCAL_TEST or log.info(
f"Available RPC methods:{str(srv.system.listMethods())}")
db = ZDB(root=root, host=host, protocol=proto)
db.set_root(root)
log.info(f"Updating changed objects in database for {proto}:{host}:{root}")
paths = scan_objects(srv, db)
log.info(f"Got {len(paths)} changed paths for check")
#log.debug(paths)
log.info(f"Check objects...")
check_objects(srv, db, paths)
log.info(f"Work done! Look at DB for results.")
def main():
usage()
valid = Filter(sys.argv[1], sys.argv[4], sys.argv[5])
if valid.ip() and valid.threads() and valid.password():
for i in range(int(sys.argv[5])):
try:
Scanner(sys.argv[1], sys.argv[2], sys.argv[3],
sys.argv[4]).start()
except:
pass
print("Started %d threads." % int(sys.argv[5]))
else:
exit()
#!/usr/bin/env python
# coding:utf-8
from config import ALLPATH
from lib.cmds import cmd_parser
from lib.scanner import Scanner
from lib.loader import load_urls
from lib.loader import load_paths
if __name__ == '__main__':
args = cmd_parser()
urls = load_urls(args)
paths = load_paths(args, ALLPATH)
scanner = Scanner(args.threads)
scanner.scan(urls, paths)
from lib.config import Config
from lib.scanner import Scanner
from lib.fpemail import Emailer
if __name__ == '__main__':
config = Config("./config.ini")
scanner = Scanner(config)
scanner.scan()
vunerabilities = scanner.detect_vunerabilites()
emailer = Emailer(config, vunerabilities)
emailer.send()
class Backend(RPCServer):
def __init__(self, addr, port):
RPCServer.__init__(self, addr, port, user=User())
self._scanner = Scanner()
locks = []
for _ in range(LOCK_MAX):
locks.append(Lock())
self._locks = HashRing(locks)
self._cache = {}
if DEBUG:
self._register_cnt = 0
self._login_cnt = 0
self._upload_cnt = 0
self._install_cnt = 0
self._uninstall_cnt = 0
self._download_cnt = 0
def _print(self, text):
if LOG_BACKEND:
show_info(self, text)
def _load(self, buf):
return json.loads(buf)
def _get_lock(self, user):
uid = get_uid(user)
return self._locks.get_node(uid)
def _get_allocator(self, uid):
ring = HashRing(SERVER_ALLOCATOR)
server = ring.get_node(uid)
return server
def _get_repo(self, package):
ring = HashRing(SERVER_REPOSITORY)
server = ring.get_node(package)
return server
def _get_recorder(self, package):
ring = HashRing(SERVER_RECORDER)
server = ring.get_node(package)
return server
def _update(self, uid, category, package, title, description):
self._print('update, cat=%s, desc=%s' %
(str(category), str(description)))
addr = self._get_recorder(package)
rpcclient = RPCClient(addr, RECORDER_PORT)
return rpcclient.request('upload',
uid=uid,
category=category,
package=package,
title=title,
description=description)
def upload(self, uid, package, version, buf, typ):
self._print('start to upload, uid=%s, package=%s' %
(str(uid), str(package)))
try:
if SHOW_TIME:
start_time = datetime.utcnow()
try:
desc = self._scanner.scan(buf)
except:
show_error(self, 'failed to scan package %s' % str(package))
return
if not desc:
show_error(self, 'no description, package=%s' % str(package))
return
args = yaml.load(desc)
if not args:
show_error(
self,
'failed to load description, package=%s' % str(package))
return
if typ == APP:
if not args.get('category') or not args.get(
'title') or not args.get('description'):
show_error(self, 'invalid description')
return
cat = check_category(args['category'])
if not cat:
show_error(self,
'invalid category, package=%s' % str(package))
return
if typ == DRIVER:
if not args.get('title') or not args.get('description'):
show_error(self, 'invalid description')
return
addr = self._get_repo(package)
rpcclient = RPCClient(addr, REPOSITORY_PORT)
res = rpcclient.request('upload',
uid=uid,
package=package,
version=version,
buf=buf)
if SHOW_TIME:
self._print('upload, upload package to repo, time=%d sec' %
(datetime.utcnow() - start_time).seconds)
start_time = datetime.utcnow()
if not res:
show_error(
self, '%s failed to upload %s to repo' %
(str(uid), str(package)))
return
if SHOW_TIME:
self._print('upload, analyze yaml, time=%d sec' %
(datetime.utcnow() - start_time).seconds)
start_time = datetime.utcnow()
if typ == APP:
res = self._update(uid, cat, package, args.get('title'),
args.get('description'))
if res:
if DEBUG:
self._upload_cnt += 1
self._print('upload, count=%d' % self._upload_cnt)
if SHOW_TIME:
self._print('upload, update recorder, time=%d sec' %
(datetime.utcnow() - start_time).seconds)
return res
except:
show_error(self, 'failed to upload %s' % str(package))
def _get_installer(self, uid):
self._print('start to get instsaller addr')
try:
cache = self._cache
addr = cache.get(uid)
if addr:
return addr
else:
address = self._get_allocator(uid)
rpcclient = RPCClient(address, ALLOCATOR_PORT)
addr = rpcclient.request('get_installer', uid=uid)
if len(cache) >= CACHE_MAX:
cache.popitem()
cache.update({uid: addr})
return addr
except:
show_error(self, 'failed to get instsaller addr')
def download(self, package, version):
self._print('start to download')
try:
if SHOW_TIME:
start_time = datetime.utcnow()
addr = self._get_repo(package)
rpcclient = RPCClient(addr, REPOSITORY_PORT)
if not version:
version = rpcclient.request('version', package=package)
if not version:
show_error(
self,
'failed to download, invalid version, package=%s, ' %
str(package))
return
ret = rpcclient.request('download',
package=package,
version=version)
if ret:
if SHOW_TIME:
self._print('download, time=%d sec' %
(datetime.utcnow() - start_time).seconds)
if DEBUG:
self._download_cnt += 1
self._print('download, count=%d' % self._download_cnt)
return ret
except:
show_error(self, 'failed to download')
def install(self, uid, package, version, typ, content):
self._print('start to install')
try:
if SHOW_TIME:
start_time = datetime.utcnow()
addr = self._get_installer(uid)
rpcclient = RPCClient(addr, INSTALLER_PORT)
res = rpcclient.request('install',
uid=uid,
package=package,
version=version,
typ=typ,
content=content)
if not res:
show_error(self, 'failed to install')
return
if typ == APP:
addr = self._get_recorder(package)
rpcclient = RPCClient(addr, RECORDER_PORT)
info = rpcclient.request('install', package=package)
if not info:
show_error(
self,
'failed to install, invalid update install table')
return
if SHOW_TIME:
self._print('install, time=%d sec' %
(datetime.utcnow() - start_time).seconds)
if DEBUG:
self._install_cnt += 1
self._print('install, count=%d' % self._install_cnt)
return res
except:
show_error(self, 'failed to install')
def uninstall(self, uid, package, typ):
self._print('start to uninstall')
addr = self._get_installer(uid)
rpcclient = RPCClient(addr, INSTALLER_PORT)
res = rpcclient.request('uninstall', uid=uid, package=package, typ=typ)
if not res:
show_error(self, 'failed to uninstall')
return
if DEBUG:
self._uninstall_cnt += 1
self._print('uninstall, count=%d' % self._uninstall_cnt)
return res
def get_name(self, uid):
self._print('start to get name, uid=%s' % str(uid))
return self.user.get_name(uid)
def get_installed_packages(self, uid, typ):
self._print('start to get installed packages')
addr = self._get_installer(uid)
rpcclient = RPCClient(addr, INSTALLER_PORT)
return rpcclient.request('get_packages', uid=uid, typ=typ)
def has_package(self, uid, package, typ):
self._print('has_package, package=%s' % str(package))
addr = self._get_installer(uid)
rpcclient = RPCClient(addr, INSTALLER_PORT)
return rpcclient.request('has_package',
uid=uid,
package=package,
typ=typ)
def _alloc_installer(self, uid):
self._print('alloc_installer->uid=%s' % str(uid))
addr = self._get_allocator(uid)
rpcclient = RPCClient(addr, ALLOCATOR_PORT)
if rpcclient.request('alloc_installer', uid=uid):
return True
else:
show_error(self, 'failed to allocate installer')
return False
def register(self, user, pwd, email):
self._print('register starts')
lock = self._get_lock(user)
lock.acquire()
try:
if SHOW_TIME:
start_time = datetime.utcnow()
uid = self.user.add(user, pwd, email)
if not uid:
show_error(self, 'failed to register, invalid register table')
return False
info = self._alloc_installer(uid)
if SHOW_TIME:
self._print('register, time=%d sec' %
(datetime.utcnow() - start_time).seconds)
if info:
if DEBUG:
self._register_cnt += 1
self._print('register, count=%d' % self._register_cnt)
return True
else:
self.user.remove(user)
show_error(
self, 'failed to register, invalid alloc installer table')
return False
finally:
lock.release()
def login(self, user, pwd):
self._print('start to login')
if SHOW_TIME:
start_time = datetime.utcnow()
password = self.user.get_password(user)
if pwd == password:
if DEBUG:
self._login_cnt += 1
self._print('login, count=%d' % self._login_cnt)
if SHOW_TIME:
self._print('login, time=%d sec' %
(datetime.utcnow() - start_time).seconds)
return self.user.get_public_key(user)
else:
show_error(self, 'failed to login, invalid login password')
return (None, None)
def test_scanner_widget_getter_should_return_a_gtk_object(self):
scanner = Scanner(self)
widget = scanner.get_widget()
assert 'ZBarGtk' in str(widget)
def scan(self):
Process(target=Scanner(self.interface, self.my_ip, self.gateway_ip,
self.hscl_a, self.b).scan).start()
Thread(target=self.scanner_receiver, daemon=True).start()
self.scanner_active = True
logging.info('Solve time: {:d}ms'.format(t3 - t2))
logging.info('Execution time: {:d}ms'.format(t5 - t4))
return(0)
if __name__ == "__main__":
config_file = "config.yaml"
config = {}
with open(config_file, 'r') as ymlfile:
config = yaml.load(ymlfile, Loader=yaml.FullLoader)
logging.basicConfig(
level=logging.getLevelName(config['app']['log_level']), format=config['app']['log_format'])
scanner = Scanner(config)
motors = MotorController(config)
solvers = {
"DEFAULT": solve,
"-I": solve_interactive
}
mode = "DEFAULT"
if len(sys.argv) > 1:
mode = sys.argv[1].upper()
# non-interactive solver is the default, if not found.
func = solvers.get(mode, solve)