Example #1
0
def target_parse(target_list):
    new_target_list = []
    for target in target_list:
        if target in new_target_list:
            continue
        target = target.strip()
        re_ip = re.compile('\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$')
        re_ips = re.compile('\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/\d{1,2}$')
        re_url = re.compile('[^\s]*.[a-zA-Z]')
        re_ip_port = re.compile('\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d{1,5}$')
        re_url_port = re.compile('[^\s]*.[a-zA-Z]:\d{1,5}')

        if re_ip.match(target):
            new_target_list.append(target)

        # 如果是网络段 转换成IP
        elif re_ips.match(target):
            try:
                ip_list = ipaddress.ip_network(target)
                for ip in ip_list.hosts():
                    new_target_list.append(str(ip))
            except Exception as e:
                logger.error("IP address is not standardized: " + str(e))
                logger.error("Example: 192.168.111.0/24")

        elif re_url.match(target):
            new_target_list.append(url_parse(target))

        elif re_ip_port.match(target):
            new_target_list.append(target)

        elif re_url_port.match(target):
            new_target_list.append(target)
    return new_target_list
Example #2
0
def start(options):
    logger.data(VIEW_DATA.BANNER)
    logger.data(VIEW_DATA.VERSION)
    logger.data(VIEW_DATA.POWERED)
    logger.data(VIEW_DATA.START_DATE)

    task_list = []
    target_list, poc_list, thread = options
    class_list = []
    target_list = target_parse(target_list)
    for poc in poc_list:
        for poc_class in LoadPoC(poc).load_poc():
            class_list.append(poc_class)
    for scanner in class_list:
        for target in target_list:
            task_list.append((target, scanner))
    try:
        logger.data("")
        logger.info("Scanning")
        logger.info("Concurrent: {}".format(thread))
        logger.info("Total tasks: {}".format(len(task_list)))
        logger.data("")
        coroutine(task_list, thread)
    except Exception as e:
        logger.error("start coroutine error: " + str(e))
    logger.data("")
    logger.data(res_table_print(SCAN_RESULT.RESULT))
    logger.data("success: {} / {}".format(SCAN_RESULT.SUCCESS_COUNT,
                                          len(task_list)))
    logger.data("\n[*] shutting down at {}".format(
        strftime("%H:%M:%S", localtime())))
    result = SCAN_RESULT.RESULT
    SCAN_RESULT.RESULT = []
    return result
Example #3
0
def task_run(task):
    target, scanner = task
    logger.info("Testing: {} {}".format(target, scanner.name))
    try:
        scanner(target).run()
    except Exception as e:
        logger.error(e)
    logger.info("Done: {} {}".format(target, scanner.name))
Example #4
0
async def async_run(task, semaphore):
    # 获取当前事件循环
    async_task = asyncio.get_event_loop()
    try:
        async with semaphore:
            # 新建一个线程来执行函数 防止阻塞
            await async_task.run_in_executor(None, task_run, task)
    except Exception as e:
        logger.error("async start error: " + str(e))
Example #5
0
 def _get_poc_class_name(self):
     """
     正则匹配出 PoC 的 class 名,如: TestPoC
     :return:
     """
     try:
         class_name = re.search(RE_POC_CHECK, self.poc_str).group(1)
     except Exception as e:
         class_name = ""
         logger.error("Illegal poc: " + str(e))
     return class_name
Example #6
0
def coroutine(task_list, thread):
    try:
        # 将扫描任务协程 打包为一个 Task 排入日程准备执行 返回 Task 对象
        loop = asyncio.new_event_loop()
        asyncio.set_event_loop(loop)
        # 控制携程数量
        semaphore = asyncio.Semaphore(thread)
        tasks = [
            asyncio.ensure_future(async_run(task, semaphore))
            for task in task_list
        ]
        loop.run_until_complete(asyncio.wait(tasks))
    except Exception as e:
        logger.error(e)
Example #7
0
 def __init__(self, poc_file):
     # 先判断文件是否存在
     if os.path.exists(poc_file):
         self.poc_file = poc_file
         try:
             # 根据文件名获取插件的 Path
             self.module_path = "/".join(self.poc_file.split('/')[0:-1])
             # 获取包名: 2018_12_12_redis_all_unauthorized
             self.pack_name = self.poc_file.split('/')[-1][0:-3]
             # PoC 文件内容
             self.poc_str = open(self.poc_file).read()
         except Exception as e:
             logger.error("load poc error: " + str(e))
     else:
         logger.error("load poc error: Not Found " + poc_file)
         sys.exit(0)
Example #8
0
 def load_poc(self):
     """
     加载 PoC 文件
     :return: 返回 PoC 函数 (list)
     """
     class_list = []
     try:
         # 将 PoC 路径加入到环境变量
         sys.path.append(self.module_path)
         class_name = self._get_poc_class_name()
         # 加载模块
         __import__(self.pack_name)
         tmp_module = sys.modules[self.pack_name]
         class_list.append(getattr(tmp_module, class_name))
         logger.info("load poc " + self.pack_name + " success")
     except ImportError as e:
         logger.error("load poc " + self.pack_name + " error")
         logger.error("load poc error: " + str(e))
     except Exception as e:
         logger.error("load poc " + self.pack_name + " error")
         logger.error("load poc error: " + str(e))
     return class_list