def scan(self): ''' ''' try: # Step 3 print '>>>Step3: run each sub task' self.pls = [] for each_service in self.services: pl = PluginLoader(None,each_service,self.target) self.pls.append(pl) results = [] # 改用map_async的方式 proPool = MyPool(10) p = proPool.map_async(procFunc,self.pls) try: results = p.get() except KeyboardInterrupt,e: # proPool.terminate() print "Caught KeyboardInterrupt, terminating workers" proPool.terminate() # newpls = [] # for res in results: # newpls.append(res) # self.pls = newpls # self._saveResultToFile() self._saveResultToWeb()
def getSubDomains(self, host=None): if host == None: host = self.host services = {} services['host'] = host pl = PluginLoader(None, services) pl.runEachPlugin(PLUGINDIR + '/Info_Collect/subdomain.py') print pl.services subdomains = pl.services['subdomains'] return subdomains
def getNeiboorHosts(self, ip=None): if ip == None: ip = self.ip services = {} services['ip'] = ip pl = PluginLoader(None, services) pl.runEachPlugin(PLUGINDIR + '/Info_Collect/neighborhost.py') neighborhosts = [] if pl.services.has_key('neighborhosts'): neighborhosts = pl.services['neighborhosts'] return neighborhosts
def scan(self): ''' ''' try: # Step 3 globalVar.mainlogger.info('[*][*] Step3: run each sub task') # globalVar.undone_targets = [] print 'globalVar.undone_targets=', globalVar.undone_targets print 'self.services=', pprint(self.services) self.pls = [] for each_service in self.services: pl = PluginLoader(None, each_service, self.targetname, self.pluginargs) self.pls.append(pl) results = [] # 改用map_async的方式 # proPool = multiprocessing.Pool(10) proPool = MyPool(self.threads) p = proPool.map_async(procFunc, self.pls) proPool.close() try: proPool.join() except KeyboardInterrupt, e: # print "Caught KeyboardInterrupt, terminating workers" # while True: # print '---------->>hahahaha main thread caught ctrl+c' globalVar.mainlogger.error( 'Caught KeyboardInterrupt, terminating workers') globalVar.mainlogger.info('[*] All Done') # # 改用map_async的方式 # proPool = MyPool(10) # p = proPool.map_async(procFunc,self.pls) # try: # results = p.get() # except KeyboardInterrupt,e: # # proPool.terminate() # print "Caught KeyboardInterrupt, terminating workers" # proPool.terminate() # newpls = [] # for res in results: # newpls.append(res) # self.pls = newpls # self._saveResultToFile() self._saveResultToWeb()
def __init__(self, name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) for t in self.pluginOpts: o = t[0] v = t[1] if (v[0] == '[' and v[-1] == ']') or (v[0] == '{' and v[-1] == '}'): v = eval(v) self.services[o] = v
def getHttpPorts(self, ip=None): if ip == None: ip = self.ip services = {} services['ip'] = ip # get all opened ports pl = PluginLoader(None, services) pl.runEachPlugin(PLUGINDIR + '/Info_Collect/portscan.py') ports = {} if pl.services.has_key('port_detail'): ports = pl.services['port_detail'] # get http ports httpports = [] for eachport in ports.keys(): if ports[eachport]['name'] == 'http': httpports.append(eachport) print 'httpports:\t', httpports return httpports
def scan(self): ''' ''' try: globalVar.mainlogger.info('[*][*] Step3: run each sub task') proPool = MyPool(self.threads) for each_service in self.services: pl = PluginLoader(None,each_service,self.target) proPool.apply_async(procFunc,(pl,self.pluginfilepath)) # 改用map_async的方式 # proPool = multiprocessing.Pool(10) # proPool = MyPool(multiprocessing.cpu_count()) # p = proPool.map_async(procFunc,self.pls) proPool.close() try: proPool.join() except KeyboardInterrupt,e: globalVar.mainlogger.error('Caught KeyboardInterrupt, terminating workers') globalVar.mainlogger.info('[*] All Done') self._saveResultToWeb()
def __init__(self, name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) print self.pluginOpts self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) # for t in self.pluginOpts: # o=t[0] # v=t[1] # # print o,v # if type(v)!=int: # # print type(v) # if(v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): # v = eval(v) # # print v # self.services[o] = v # # print self.services self.services.update(self.pluginOpts)
def startScan(self, services=None): ''' ''' print '>>>starting scan' self._noticeStartToWeb() # get subdomains print '>>>collecting subdomain info' subdomains = self.getSubDomains(self.host) print 'subdomains:\t', subdomains # get hosts hosts = {} print '>>>for each subdomain, collecting neiborhood host info' for eachdomain in subdomains: tmp = {} tmpip = socket.gethostbyname(eachdomain) if tmpip not in hosts.keys(): tmphosts = self.getNeiboorHosts(tmpip) hosts[tmpip] = tmphosts if eachdomain not in tmphosts: hosts[tmpip].append(eachdomain) else: if eachdomain not in hosts[tmpip]: hosts[tmpip].append(eachdomain) print 'hosts:\t', hosts # get urls urls = {} for eachip in hosts.keys(): ip_hosts = hosts[eachip] httpports = self.getHttpPorts(eachip) urls[eachip] = self.generateUrl(eachip, ip_hosts, httpports) self.urls = urls print 'urls\t', urls # get services print '>>>starting scan each host' pls = [] # ip type scan for eachip in urls.keys(): services = {} if eachip != self.ip: services['issubdomain'] = True services['ip'] = eachip pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services # http type scan for eachip in urls.keys(): for eachurl in urls[eachip]: services = {} # not subdomain if self.domain not in eachurl: services['isneighborhost'] = True services['url'] = eachurl pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services self.pls = pls #print pls mthpls = [] for eachpl in pls: #print eachpl.services if eachpl.services.has_key('ip'): threadName = eachpl.services['ip'] elif eachpl.services.has_key('url'): threadName = eachpl.services['url'] else: threadName = 'Unknow' print 'An unknow scanner services found:\t', eachpl.services sys.exit(0) mthpl = MutiScanner(self.lock, threadName, eachpl) mthpls.append(mthpl) for eachmthpl in mthpls: eachmthpl.start() for eachmthpl in mthpls: eachmthpl.join() self.setResult(urls=self.urls, pls=pls) #self.saveResultToFile(pls) self._saveResultToWeb()
def infoGather(self, depth=None): if depth == None: depth = self.gatherdepth try: # Step 2 globalVar.mainlogger.info('[*][*] Step2: gathing info') self.services = [] for i in range(depth): globalVar.mainlogger.info('[*][*][-] >>> depth: %d <<<' % i) # print globalVar.done_targets # print 'id(globalVar.undone_targets)=\t',id(globalVar.undone_targets) globalVar.depth_now = globalVar.depth_now + 1 if globalVar.undone_targets: # Step1: services = [] pls = [] # print globalVar.undone_targets tmpundone = copy.deepcopy(globalVar.undone_targets) for each_target in tmpundone: # print tmpundone # print each_target service = {} service_type = self._getServiceType(each_target) # print service_type if globalVar.depth_now > self.gatherdepth: service['nogather'] = True service[service_type] = each_target services.append(service) globalVar.target_lock.acquire() globalVar.undone_targets.remove(each_target) globalVar.done_targets.append(each_target) globalVar.target_lock.release() # pprint(services) # sys.exit() for each_service in services: pl = PluginLoader(BASEDIR + '/plugins/Info_Collect', each_service, '_' + self.target) pls.append(pl) # globalVar.target_lock.acquire() # globalVar.done_targets += globalVar.undone_targets # globalVar.undone_targets = [] # globalVar.target_lock.release() # Step2: results = [] # 改用map_async的方式 # proPool = multiprocessing.Pool(10) proPool = MyPool(self.threads) p = proPool.map_async(procFunc, pls) proPool.close() try: proPool.join() except KeyboardInterrupt, e: print "Caught KeyboardInterrupt, terminating workers" results = p.get() for service in results: # print service service['alreadyrun'] = True self.services.append(service) print 'globalVar.undone_targets=', globalVar.undone_targets print 'self.services=', pprint(self.services) for each_target in globalVar.undone_targets: print each_target service = {} service_type = self._getServiceType(each_target) # print service_type service[service_type] = each_target service['nogather'] = True self.services.append(service) globalVar.mainlogger.info('Targets:') for service in self.services: globalVar.mainlogger.info('\t' + str(service))
def infoGather(self,depth=1): try: # Step 2 print '>>>Step2: gathing info' for i in range(depth): print '>>>',i,'<<<' print globalVar.done_targets print 'id(globalVar.undone_targets)=\t',id(globalVar.undone_targets) print 'globalVar.undone_targets=',globalVar.undone_targets if globalVar.undone_targets: # Step1: services = [] pls = [] # print globalVar.undone_targets tmpundone = copy.deepcopy(globalVar.undone_targets) for each_target in tmpundone: # print tmpundone # print each_target service = {} service_type = self._getServiceType(each_target) # print service_type service[service_type] = each_target services.append(service) globalVar.target_lock.acquire() globalVar.undone_targets.remove(each_target) globalVar.done_targets.append(each_target) globalVar.target_lock.release() pprint(services) # sys.exit() for each_service in services: pl = PluginLoader(BASEDIR+'/plugins/Info_Collect',each_service,'_'+self.target) pls.append(pl) # globalVar.target_lock.acquire() # globalVar.done_targets += globalVar.undone_targets # globalVar.undone_targets = [] # globalVar.target_lock.release() # Step2: results = [] # 改用map_async的方式 proPool = MyPool(10) p = proPool.map_async(procFunc,pls) try: results = p.get() # while True: # print 'globalVar.undone_targets=',globalVar.undone_targets # time.sleep(1) # pass except KeyboardInterrupt,e: # proPool.terminate() print "Caught KeyboardInterrupt, terminating workers" proPool.terminate() newpls = [] for res in results: newpls.append(res) self.pls = self.pls + newpls for pl in self.pls: service = pl.services service['alreadyrun'] = True self.services.append(service) self.pls = [] for each_target in globalVar.undone_targets: service = {} service_type = self._getServiceType(each_target) # print service_type service[service_type] = each_target self.services.append(service) pprint(self.services)
def startScan(self, services=None): ''' ''' try: print '>>>starting scan' self._noticeStartToWeb() self._initGlobalVar() # get subdomains print '>>>collecting subdomain info' subdomains = self.getSubDomains(self.host) print 'subdomains:\t', subdomains # get hosts hosts = {} print '>>>for each subdomain, collecting neiborhood host info' for eachdomain in subdomains: tmpip = socket.gethostbyname(eachdomain) if tmpip not in hosts.keys(): tmphosts = self.getNeiboorHosts(tmpip) hosts[tmpip] = tmphosts if eachdomain not in tmphosts: hosts[tmpip].append(eachdomain) else: if eachdomain not in hosts[tmpip]: hosts[tmpip].append(eachdomain) print 'hosts:\t', hosts # get urls urls = {} for eachip in hosts.keys(): ip_hosts = hosts[eachip] httpports = self.getHttpPorts(eachip) urls[eachip] = self.generateUrl(eachip, ip_hosts, httpports) # just for test # urls = {'106.185.36.44': ['http://www.hengtiansoft.com','http://www.leesec.com']} # urls = {'172.16.15.2': []} # urls = {'106.185.36.44': ['http://87.230.29.167:80']} self.urls = urls print 'urls\t', urls # get services print '>>>starting scan each host' pls = [] # ip type scan for eachip in urls.keys(): services = {} if eachip != self.ip: services['issubdomain'] = True services['ip'] = eachip pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services # http type scan for eachip in urls.keys(): for eachurl in urls[eachip]: services = {} # not subdomain if self.domain not in eachurl: services['isneighborhost'] = True services['url'] = eachurl pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services results = [] # for eachpl in pls: # results.append(proPool.apply_async(procFunc,(eachpl,))) # proPool.close() # try: # proPool.join() # except KeyboardInterrupt,e: # # isexit = raw_input('Sure to exit?yes/no') # # if isexit.lower() == 'y' or isexit.lower() == 'yes': # proPool.terminate() # 改用map_async的方式 proPool = multiprocessing.Pool(10) p = proPool.map_async(procFunc, pls) try: results = p.get(0xFFFF) except KeyboardInterrupt, e: print "Caught KeyboardInterrupt, terminating workers" newpls = [] for res in results: newpls.append(res) self.pls = newpls self._setResult(urls=self.urls, pls=newpls) #self._saveResultToFile(pls) self._saveResultToWeb()
def startScan(self, services=None): ''' ''' print '>>>starting scan' self._noticeStartToWeb() # get subdomains print '>>>collecting subdomain info' subdomains = self.getSubDomains(self.host) print 'subdomains:\t', subdomains # get hosts hosts = {} print '>>>for each subdomain, collecting neiborhood host info' for eachdomain in subdomains: tmpip = socket.gethostbyname(eachdomain) if tmpip not in hosts.keys(): tmphosts = self.getNeiboorHosts(tmpip) hosts[tmpip] = tmphosts if eachdomain not in tmphosts: hosts[tmpip].append(eachdomain) else: if eachdomain not in hosts[tmpip]: hosts[tmpip].append(eachdomain) print 'hosts:\t', hosts # get urls urls = {} for eachip in hosts.keys(): ip_hosts = hosts[eachip] httpports = self.getHttpPorts(eachip) urls[eachip] = self.generateUrl(eachip, ip_hosts, httpports) # urls = {'106.185.36.44': []} self.urls = urls print 'urls\t', urls # get services print '>>>starting scan each host' pls = [] # ip type scan for eachip in urls.keys(): services = {} if eachip != self.ip: services['issubdomain'] = True services['ip'] = eachip pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services # http type scan for eachip in urls.keys(): for eachurl in urls[eachip]: services = {} # not subdomain if self.domain not in eachurl: services['isneighborhost'] = True services['url'] = eachurl pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services self.pls = pls results = [] proPool = multiprocessing.Pool(10) for eachpl in pls: results.append(proPool.apply_async(procFunc, (eachpl, ))) proPool.close() proPool.join() newpls = [] for res in results: newpls.append(res.get()) self.pls = newpls self.setResult(urls=self.urls, pls=newpls) #self.saveResultToFile(pls) self._saveResultToWeb()