def init_spider(self):
for k, v in self.hash_pycode_Lists.iteritems():
pluginObj = self._load_module(v)
pluginObj.task_push = self.task_push
pluginObj.curl = miniCurl.Curl()
pluginObj.security_note = self._security_note
pluginObj.security_info = self._security_info
pluginObj.security_warning = self._security_warning
pluginObj.security_hole = self._security_hole
pluginObj.security_set = self._security_set
pluginObj.debug = self._debug
pluginObj.util = until
pluginObj._G = self._TargetScanAnge
pluginObj.hackhttp = hackhttp.hackhttp()
pluginObj.ThreadPool = w8_threadpool
try:
pluginObj_tuple = pluginObj.assign("spider_file", "")
if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组
pluginObj_tuple = pluginObj.assign("spider_end", "")
if not isinstance(pluginObj_tuple, tuple):
continue
bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1]
if bool_value:
pconf = {}
pconf["pluginObj"] = pluginObj
pconf["service"] = "spider_file"
w9_hash_pycode.setdefault(k, pconf)
except Exception as err_info:
raise ToolkitMissingPrivileges(
"load spider plugins error! " + err_info)
def load_modules(self, service, url):
# 内部载入所有模块,并且判断服务名是否正确
for k, v in self.hash_pycode_Lists.iteritems():
pluginObj = self._load_module(v)
pluginObj.task_push = self.task_push
pluginObj.curl = miniCurl.Curl()
pluginObj.security_note = self._security_note
pluginObj.security_info = self._security_info
pluginObj.security_warning = self._security_warning
pluginObj.security_hole = self._security_hole
pluginObj.debug = self._debug
pluginObj.util = until
pluginObj._G = self._TargetScanAnge
pluginObj.hackhttp = hackhttp.hackhttp()
pluginObj.ThreadPool = w8_threadpool
try:
pluginObj_tuple = pluginObj.assign(service, url)
if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组
continue
bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1]
if bool_value:
threadConf = dict()
threadConf["filename"] = k
threadConf["service"] = service
threadConf["agrs"] = agrs
threadConf["pluginObj"] = pluginObj
self._print(
"[***] load plugin %s for service '%s'" %
(threadConf["filename"], threadConf["service"]))
# self.task_queue.put_nowait(threadConf)
self.th.push(threadConf)
except Exception as err_info:
self._print("[!!!] load error:", service, k, err_info)
def load_modules(self, service, url):
# 内部载入所有模块,并且判断服务名是否正确
for k, v in self.hash_pycode_Lists.iteritems():
try:
pluginObj = self._load_module(v)
for each in ESSENTIAL_MODULE_METHODS:
if not hasattr(pluginObj, each):
errorMsg = "Can't find essential method:'{}' in current script,Please modify your {}.".format(
each, k)
logger.error(errorMsg)
continue
pluginObj.task_push = self.task_push
pluginObj.curl = miniCurl.Curl()
pluginObj.security_note = self._security_note
pluginObj.security_info = self._security_info
pluginObj.security_warning = self._security_warning
pluginObj.security_hole = self._security_hole
pluginObj.security_set = self._security_set
pluginObj.debug = self._debug
pluginObj.util = until
pluginObj._G = self._TargetScanAnge
pluginObj.ThreadPool = Ajatar_threadpool
if Ajconfig.TimeOut is None:
Ajconfig.TimeOut = 10
if Ajconfig.Cookie is None:
Ajconfig.Cookie = ""
socket.setdefaulttimeout(Ajconfig.TimeOut)
conpool = hackhttp.httpconpool(20, timeout=Ajconfig.TimeOut)
pluginObj.hackhttp = hackhttp.hackhttp(
conpool=conpool,
cookie_str=Ajconfig.Cookie,
user_agent=Ajconfig.UserAgent,
headers=Ajconfig.headers)
pluginObj_tuple = pluginObj.assign(service, url)
if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组
continue
bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1]
if bool_value:
threadConf = dict()
threadConf["filename"] = k
threadConf["service"] = service
threadConf["agrs"] = agrs
threadConf["pluginObj"] = pluginObj
self._print(
"load plugin %s for service '%s'" %
(threadConf["filename"], threadConf["service"]))
self.th.push(threadConf)
except Exception as err_info:
logger.error("load plugin error:%s service:%s filename:%s" %
(err_info, service, k))
def load_modules(self, service, url):
# 内部载入所有模块,并且判断服务名是否正确
for k, v in self.hash_pycode_Lists.iteritems():
try:
pluginObj = self._load_module(v)
pluginObj.task_push = self.task_push
pluginObj.curl = miniCurl.Curl()
pluginObj.security_note = self._security_note
pluginObj.security_info = self._security_info
pluginObj.security_warning = self._security_warning
pluginObj.security_hole = self._security_hole
pluginObj.security_set = self._security_set
pluginObj.debug = self._debug
pluginObj.util = until
pluginObj._G = self._TargetScanAnge
pluginObj.ThreadPool = w8_threadpool
if w9config.TimeOut is None:
w9config.TimeOut = 10
if w9config.Cookie is None:
w9config.Cookie = ""
socket.setdefaulttimeout(w9config.TimeOut)
conpool = hackhttp.httpconpool(20, timeout=w9config.TimeOut)
pluginObj.hackhttp = hackhttp.hackhttp(
conpool=conpool,
cookie_str=w9config.Cookie,
user_agent=w9config.UserAgent,
headers=w9config.headers)
pluginObj_tuple = pluginObj.assign(service, url)
if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组
continue
bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1]
if bool_value:
threadConf = dict()
threadConf["filename"] = k
threadConf["service"] = service
threadConf["agrs"] = agrs
threadConf["pluginObj"] = pluginObj
self._print(
"load plugin %s for service '%s'" %
(threadConf["filename"], threadConf["service"]))
self.th.push(threadConf)
except Exception as err_info:
logger.error("load plugin error:%s service:%s filename:%s" %
(err_info, service, k))
def init_spider(self):
#items() 迭代器 k exp文件 v 代码
for k, v in self.hash_pycode_Lists.iteritems():
pluginObj = self._load_module(v) #动态加载代码
for each in ESSENTIAL_MODULE_METHODS: #bugcsan插件的两个主要函数
if not hasattr(pluginObj, each):
errorMsg = "Can't find essential method:'{}' in current script,Please modify your {}.".format(
each, k)
logger.error(errorMsg)
continue
pluginObj.task_push = self.task_push
pluginObj.curl = miniCurl.Curl() #bugscan 旧版http
#Bugscan 漏洞等级
pluginObj.security_note = self._security_note
pluginObj.security_info = self._security_info
pluginObj.security_warning = self._security_warning
pluginObj.security_hole = self._security_hole
pluginObj.security_set = self._security_set
pluginObj.debug = self._debug
pluginObj.util = until
pluginObj._G = self._TargetScanAnge #目标信息
pluginObj.hackhttp = hackhttp.hackhttp() #bugscan http
pluginObj.ThreadPool = Ajatar_threadpool #线程池
try:
#判断是否为爬虫插件 xss那些..
pluginObj_tuple = pluginObj.assign("spider_file", "") #
if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组
pluginObj_tuple = pluginObj.assign("spider_end", "")
if not isinstance(pluginObj_tuple, tuple):
continue
bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1]
if bool_value: #爬虫插件返回True
pconf = {}
pconf["pluginObj"] = pluginObj #保存爬虫插件对象
pconf["service"] = "spider_file"
Ajatar_hash_pycode.setdefault(k, pconf) #保存文件名,对象
except Exception as err_info:
raise ToolkitMissingPrivileges("load spider plugins error! " +
err_info)
def init_spider(self):
for k, v in self.hash_pycode_Lists.iteritems():
pluginObj = self._load_module(v)
for each in ESSENTIAL_MODULE_METHODS:
if not hasattr(pluginObj, each):
errorMsg = "Can't find essential method:'{}' in current script,Please modify your {}.".format(
each, k)
logger.error(errorMsg)
continue
pluginObj.task_push = self.task_push
pluginObj.curl = miniCurl.Curl()
pluginObj.security_note = self._security_note
pluginObj.security_info = self._security_info
pluginObj.security_warning = self._security_warning
pluginObj.security_hole = self._security_hole
pluginObj.security_set = self._security_set
pluginObj.debug = self._debug
pluginObj.util = until
pluginObj._G = self._TargetScanAnge
pluginObj.hackhttp = hackhttp.hackhttp()
pluginObj.ThreadPool = w8_threadpool
try:
pluginObj_tuple = pluginObj.assign("spider_file", "")
if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组
pluginObj_tuple = pluginObj.assign("spider_end", "")
if not isinstance(pluginObj_tuple, tuple):
continue
bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1]
if bool_value:
pconf = {}
pconf["pluginObj"] = pluginObj
pconf["service"] = "spider_file"
w9_hash_pycode.setdefault(k, pconf)
except Exception as err_info:
raise ToolkitMissingPrivileges("load spider plugins error! " +
err_info)
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# package for test
from thirdparty import miniCurl
from thirdparty import ThreadPool
from thirdparty import hackhttp
from lib.utils import until
def security_hole(msg,k = ''):
print k,msg
def security_info(msg,k = ''):
print k,msg
def security_note(msg,k = ''):
print k,msg
ThreadPool = ThreadPool.w8_threadpool
curl = miniCurl.Curl()
hackhttp = hackhttp.hackhttp()
util = until
