Example #1
0
    def main(self):
        print_("""
1.awvs.
0.返回菜单.
        """)
        ipt1 = input_('选项>')
        if ipt1 is '1':
            print_("""
    ___        __       ____  
   / \ \      / /_   __/ ___| 
  / _ \ \ /\ / /\ \ / /\___ \ 
 / ___ \ V  V /  \ V /  ___) |
/_/   \_\_/\_/    \_/  |____/ 


AWVS 配置:
[0] 全扫描
[1] 高风险漏洞
[2] 跨站点脚本漏洞
[3] SQL注入漏洞
[4] 脆弱的密码
[5] 仅爬行'
[x]返回菜单.
    """)
            ipt2 = input_('配置>')
            if ipt2 is 'x':
                self.main()
            self._add_task(rule=ipt2)
            r = Run()
            r.main()

        if ipt1 == '0':
            r = Run()
            r.main()
Example #2
0
    def Run_DirBrute(self):
        print_("""
###########
web目录扫描.
###########
1.查看帮助.
2.输入url.
0.返回菜单.
        """)
        helps1 = dirbrute_helps
        ipt1 = input_('>')
        if ipt1 is '1':
            print_(helps1)
            self.Run_DirBrute()
        if ipt1 is '2':
            dictnames = self.Get_Filename('{}DirBrute/dics/'.format(self.root))
            ipt2 = input_('Url>')
            print_('选择字典...')
            for dictname in dictnames:
                print_(dictname)
            ipt3 = input_('DictPath>')
            self.commands__(
                cmd='python2 {}DirBrute/dirbrute.py {} -e php -t 10 -d {}'.
                format(self.root, ipt2, '"' + ipt3 + '"'))
            self.Run_DirBrute()
        if ipt1 is '0':
            self.main()
Example #3
0
    def TideFinger(self, **kwargs):
        helps = TideFinger_helps
        print_("""
###########
TideFinger
###########
[1].单个识别.
[2].批量识别.
[h].帮助.
[0].返回菜单.
        """)

        for args in kwargs:
            if args == 'url':
                url = kwargs['url']

        ipt1 = input_('>')
        if ipt1 is '1':
            ipt2 = input_('URL>')
            self.commands__(
                cmd='python2 {}TideFinger/TideFinger.py -u "{}"'.format(
                    self.root, ipt2))
            self.TideFinger()
        if ipt1 is '2':
            pass
        if ipt1 is 'h':
            self.commands__(
                cmd='python2 {}TideFinger/TideFinger.py'.format(self.root))
        if ipt1 is '0':
            self.main()
Example #4
0
def _git():
    path = z1
    filename = y1
    if a1:
        ipt1 = input_('username>')
        ipt2 = input_('email>')
        yhxx(ipt1, ipt2)
    elif b1:
        add(path, filename)
    elif c1:
        ipt1 = input_('提交内容>')
        if not ipt1:
            ipt1 = 'up'
        tj(path, ipt1)
    elif d1:
        ts(path)
    elif e1:
        tb(path)
    elif f1:
        delete_1(path, filename)
    elif g1:
        status(path)
    elif h1:
        ipt1 = input_('Url>')
        clong(path, ipt1)
    elif i1:
        ipt1 = input_('Url>')
        add_dm(path, ipt1)
Example #5
0
    def POC_T(self, **kwargs):
        for args in kwargs:
            if 'sqli' == args:
                ke1 = kwargs['sqli']

        self.Install_POC_T()
        helps = poc_t_helps
        print_("""
######
POC_T
######
[1].批量POC验证.
[2].单个POC验证.
[h].帮助.
[0].返回菜单.
        """)
        f1, f2, f3 = get_POC_T_script()
        ipt1 = input_('>')

        if ipt1 is '1':
            if not ke1:
                ipt3 = input_('指纹名称>')
            else:
                ipt3 = ke1
            f1, f2, f3 = get_POC_T_script()
            for sf1 in f1:
                with open('{}lib/script_name.txt'.format(self.root),
                          'a+') as w:
                    w.write(sf1 + '\n')
            search_r = _grep(keyword=ipt3,
                             path='{}lib/script_name.txt'.format(self.root))
            print('')
            print('')
            red('----------------------------')
            print('')
            for s1 in search_r:
                line_number, line_content = s1
                print(line_content)
            green('----------------------------')
            ipt4 = input_('选择脚本>')
            ipt5 = input_('ZSearch_keyword>')
            ipt6 = input_('页数>')
            self.commands__(
                cmd=
                'python2 {}POC-T/POC-T.py -s {} -aZ "{}" --limit {} -luz {} -lup {}'
                .format(self.root, ipt4, ipt5, ipt6, username_z, password_z))
            self.main()

        if ipt1 is '2':
            pass

        if ipt1 is 'h':
            print_(helps)
        if ipt1 is '0':
            self.main()
Example #6
0
    def Run_subdns(self):
        content = """
#########
子域名爆破
#########
1.查看帮助.
2.输入Domain.
3.自定义字典.
4.查看结果.
0.返回菜单.
        """
        helps1 = subdns_helps
        c1 = self.Install_subdns()
        helps2 = "例子:Domain>baidu.com"
        if c1:
            print_(content)
            c2 = input_('>')
            if not c2:
                self.Run_subdns()
            if c2 is '1':
                print_(helps1)
                self.Run_subdns()
            if c2 is '2':
                print_(helps2)
                ipt1 = input_('Domain>')
                c3 = self.commands__(cmd=[
                    'python3 {}subdns/subdns.py -u {} -d mini_names.txt'.
                    format(self.root, ipt1)
                ])
                self.Run_subdns()
            if c2 is '3':
                print_('字典存放路径:$HOME/.Tools/Tools_list/dict')
                print_('如果存放好了字典,请输入字典名字...')
                print_(helps2)
                ipt1 = input_('Domain>')
                ipt2 = input_('Dict>')
                c3 = self.commands__(cmd=[
                    'python3 {}subdns/subdns.py -u {} -d {}'.format(
                        self.root, ipt1, ipt2)
                ])
                self.Run_subdns()
            if c2 is '4':
                print_("""
1.查看结果.
0.返回菜单.
                """)
                ipt1 = input_('>')
                if ipt1 == '1':
                    self.sElect_Files_(num=1)
            if c2 is '0':
                self.main()
Example #7
0
    def Run_xcdn(self):
        print_("""
1.输入Domain.
0.返回菜单.
        """)
        ipt1 = input_('>')
        if not ipt1:
            self.Run_xcdn()
        if ipt1 is '1':
            ipt2 = input_('Domain>')
            c1 = self.commands__(
                cmd='sudo python3 {}xcdn/xcdn.py {}'.format(self.root, ipt2))
            self.Run_xcdn()
        if ipt1 is '0':
            self.main()
Example #8
0
def note():
    print_("""
    笔记:
        1.dict:
    """)

    ipt1 = input_('>')
    if ipt1 is '1':
        print_("""
    1.dict1.md
        """)
        ipt2 = input_('>')
        if ipt2 is '1':
            d = dict1()
            d.content()
Example #9
0
    def Run_dirmap(self):
        content = """
###########
web目录扫描
###########
1.查看帮助.
2.输入URL.
3.尝试批量扫描,请输入文件名.
4.自定义命令.
5.查看结果.
0.返回菜单.
        """
        helps1 = dirmap_helps
        c1 = self.Install_dirmap()
        if c1:
            print_(content)
            ipt1 = input_('>')
            if ipt1 is '1':
                print_(helps1)
                # c2 = self.commands__(cmd='python3 {}dirmap/dirmap.py --help'.format(self.root))
                self.Run_dirmap()
            if ipt1 is '2':
                print_('例子:Url>https://www.baidu.com/')
                ipt2 = input_('Url>')
                c2 = self.commands__(
                    cmd='python3 {}dirmap/dirmap.py -iU {} -t 30 -lcf --debug'.
                    format(self.root, ipt2))
                self.Run_dirmap()
            if ipt1 is '3':
                print_('例子: Filename> DiscoverTarget/URL.txt')
                ipt2 = input_('Filename> ')
                c2 = self.commands__(
                    cmd='python3 {}dirmap/dirmap.py -iF {} -t 30 -lcf --debug'.
                    format(self.root, ipt2))
                self.Run_dirmap()
            if ipt1 is '4':
                print_('输入选项...')
                print_('例子1: > --help')
                print_('例子2: > --iN xxx')
                ipt2 = input_('> ')
                c2 = self.commands__(
                    cmd='python3 {}dirmap/dirmap.py {}'.format(
                        self.root, ipt2))
                self.Run_dirmap()
            if ipt1 is '5':
                pass
            if ipt1 is '0':
                self.main()
Example #10
0
    def main(self):
        print_("""
1.DNS接口查询.
0.Exit.
""")
        ipt1 = input_('选项>')
        if ipt1 is '1':
            print_("""
 ____  _   _        ___                        
|  _ \| \ | |___   / _ \ _   _  ___ _ __ _   _ 
| | | |  \| / __| | | | | | | |/ _ \ '__| | | |
| |_| | |\  \__ \ | |_| | |_| |  __/ |  | |_| |
|____/|_| \_|___/  \__\_\\\\__,_|\___|_|   \__, |
                                         |___/ 

1.批量查询
2.单个查询
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '0':
                self.main()
            if ipt2 is '1':
                ipt3 = input_('处理URL获取Domain name.[y/n]')
                filenames = get_filename(path='{}lib/batch'.format(root))
                for filename in filenames:
                    print_(filename)
                ipt4 = input_('Filename>')
                lines = read_text_(ipt4)
                for line in lines:
                    if ipt3 == 'y':
                        domain = get_domain(line)
                        self.DNS_Query_Interface(domain)
                    if ipt3 == 'n':
                        domain = line
                        self.DNS_Query_Interface(domain)
            if ipt2 is '2':
                ipt3 = input_('Domain>')
                self.DNS_Query_Interface(ipt3)

        if ipt1 is '0':
            selenium_.browser_.quit()
            exit(0)
Example #11
0
    def whatweb(self):
        print_("""
#########
whatweb
#########
1.批量域名扫描(domain).
2.常规扫描.
3.详细回显扫描.
4.快速本地扫描(扫描内网主机).
5.查看结果.
0.返回菜单.
        """)
        ipt1 = input_('>')
        if ipt1 != '0':
            ipt2 = input_('Save name>')
            path = f'{self.root}lib/batch/whatweb/results'
            save_name = f'{ipt2}.xml'
        if ipt1 == '1':
            paths = get_filename(f'{self.root}lib/batch/whatweb')
            i = 1
            for p1 in paths:
                print_(f'{i}. {p1}')
                i += 1

            ipt2 = input_('Path编号>')
            i = 1
            for p2 in paths:
                if ipt2 == str(i):
                    path = p2
                    break
                i += 1
            self.commands__(
                f'cd {path} && whatweb -i {path} --log-xml={save_name}')
            self.whatweb()
        if ipt1 == '2':
            ipt2 = input_('Domain>')
            self.commands__(
                f'cd {path} && whatweb {ipt2} --log-xml={save_name}')
            self.whatweb()
        if ipt1 == '3':
            ipt2 = input_('Domain>')
            self.commands__(
                f'cd {path} && whatweb -v {ipt2} --log-xml={save_name}')
            self.whatweb()
        if ipt1 == '4':
            ipt2 = input_('IP>')
            ipt3 = input_('前缀>')
            self.commands__(
                f'cd {path} && whatweb --no-errors -t 255 {ipt2}{ipt3} --log-xml={save_name}'
            )
            self.whatweb()
        if ipt1 == '5':
            pass
        if ipt1 == '0':
            self.main()
Example #12
0
    def Run_DiscoverTarget(self):
        content = """
#######
URL采集
#######
1.查看帮助.
2.输入关键字.
3.自定义命令.
4.查看结果.
0.返回菜单.
        """
        helps1 = discovertarget_helps
        c1 = self.Install_DiscoverTarget()
        if c1:
            print_(content)
            ipt1 = input_('>')
            if ipt1 is '1':
                print_(helps1)
                # c2 = self.commands__(cmd=['python2 {}DiscoverTarget/DiscoverTarget.py --help'.format(self.root)])
                self.Run_DiscoverTarget()
            if ipt1 is '2':
                keywords = input_('>')
                c2 = self.commands__(cmd=[
                    'sudo python2 {}DiscoverTarget/DiscoverTarget.py -B {}'.
                    format(self.root, keywords)
                ])
                self.Run_DiscoverTarget()
            if ipt1 is '3':
                print_('例子1:> -B hello word')
                print_('例子2:> -Z app:"Apache-Tomcat"')
                c3 = input_('> ')
                c4 = self.commands__(
                    cmd='sudo python2 {}DiscoverTarget/DiscoverTarget.py {}'.
                    format(self.root, c3))
                self.Run_DiscoverTarget()
            if ipt1 is '4':
                self.sElect_Files__()
                self.Run_DiscoverTarget()
            if ipt1 is '0':
                self.main()
Example #13
0
    def Run_fsociety(self):
        print_("""
1.Run Fsociety
0.返回菜单.
        """)
        c1 = self.Install_fsociety()
        if c1:
            ipt1 = input_('>')
            if ipt1 is '1':
                self.commands__(cmd='fsociety')
                self.Run_fsociety()
            if ipt1 is '0':
                self.main()
Example #14
0
    def nmap_script_exploit(self):
        print_("""
1.cve_script_search.
2.cve_script_exploit.
0.返回菜单. 
        """)
        ipt1 = input_('>')
        if ipt1 == '1':
            if system_platform == 'kali':
                filenames = get_filename_(path='/usr/share/nmap/scripts')
            if system_platform == 'deepin':
                filenames = get_filename_(path='/usr/share/nmap/scripts')
            i = 1
            for filename in filenames:
                d1 = grep('cve', filename)
                if d1:
                    print(f'{i}. {d1}')
                i += 1
            self.nmap_script_exploit()

        if ipt1 == '2':
            print_("""
1.http-vuln-cve2017-5638.nse
2.http-vuln-cve2015-1635.nse
3.其他cve脚本使用.
0.返回菜单.
            """)
            if system_platform == 'kali':
                path = '/usr/share/nmap/scripts'
            if system_platform == 'deepin':
                path = '/usr/share/nmap/scripts'
            ipt1 = input_('>')
            if ipt1 == '1':
                print_('port -> 80')
                ipt2 = input_('port>')
                ipt3 = input_('target(domain)>')
                self.commands__(
                    f'cd {path} && sudo nmap -p {ipt2} --script http-vuln-cve2017-5638 {ipt3}'
                )
                self.nmap_script_exploit()
            if ipt1 == '2':
                ipt2 = input_('target(domain)>')
                self.commands__(
                    f'cd {path} && sudo nmap -p 80 --script http-vuln-cve2015-1635.nse {ipt2}'
                )
                self.nmap_script_exploit()
            if ipt1 == '3':
                print_('编号 -> http-vuln-cve2017-5638')
                ipt2 = input_('编号>')
                s1 = f'官方使用教程:https://nmap.org/nsedoc/scripts/{ipt2}.html'
                print_(s1)
                self.nmap_script_exploit()
            if ipt1 == '0':
                self.nmap_script_exploit()

        if ipt1 == '0':
            self.main()
Example #15
0
    def Run_xwaf(self):
        print_("""
1.查看帮助.
2.输入url.
3.输入url,post参数.
4.选择headerfile,输入参数,设置攻击向量level大小.
0.返回菜单.
        """)
        helps1 = """
1.python3 xwaf.py -u "http://www.baidu.com/1.php?id=1"
2.python3 xwaf.py -u "http://www.baidu.com/1.php" --data="postdata" -p xxx
3.python3 xwaf.py -r /tmp/headerfile -p xxx --level 5
        """
        ipt1 = input_('>')
        if not ipt1:
            self.Run_xwaf()
        if ipt1 is '1':
            print_(helps1)
            self.Run_xwaf()
        if ipt1 is '2':
            ipt2 = input_('Url>')
            self.commands__(
                cmd='sudo python3 {}bypass_waf/xwaf.py -u "{}"'.format(
                    self.root, ipt2))
            self.Run_xwaf()
        if ipt1 is '3':
            ipt2 = input_('Url>')
            ipt3 = input_('Data>')
            ipt4 = input_('Post parameter>')
            self.commands__(
                cmd='sudo python3 {}bypass_waf/xwaf.py -u "{}" --data="{}" -p {}'
                .format(self.root, ipt2, ipt3, ipt4))
            self.Run_xwaf()
        if ipt1 is '4':
            ipt2 = input_('1>')
            ipt3 = input_('2>')
            ipt4 = input_('3>')
            self.commands__(
                cmd='sudo python3 {}bypass_waf/xwaf.py -r {} -p {} --level {}'.
                format(self.root, ipt2, ipt3, ipt4))
            self.Run_xwaf()
        if ipt1 is '0':
            self.main()
Example #16
0
def ip_or_domain_result_handle():
    from main import Run
    r1 = Run()
    main = r1.main

    print_("""
########
处理结果
########
1.查看结果.
2.结果提交到nmap扫描. 
0.返回菜单.
    """)

    ipt1 = input_('>')

    if ipt1 is '0':
        main()

    if ipt1 is '1':
        filenames = get_filename(path=f'{root}lib/fping')

        if not filenames:
            red('[Error] fping 没有结果.')
            return False

        i = 1
        for filename in filenames:
            print_(str(i) + '. ' + filename)
            i += 1

        ipt1 = input_('>')

        i = 1
        for filename in filenames:
            if str(i) == ipt1:
                ipt1 = str(filename.replace(' ', '').replace('\n', ''))
                break
            i += 1

        with open(f'{ipt1}', 'r') as r:
            for line in r.readlines():
                if re.findall(f'({regular(1)})(\.+)*', line):
                    ip = str(line.strip().replace(' ', '').replace('\n', ''))
                    if ip:
                        data = _red(ip)
                        print(data)

    if ipt1 is '2':
        filenames = get_filename(path=f'{root}lib/fping')

        if not filenames:
            red('[Error] fping 没有结果.')
            return False

        i = 1
        for filename in filenames:
            print_(str(i) + '. ' + filename)
            i += 1

        ipt1 = input_('>')

        i = 1
        for filename in filenames:
            if str(i) == ipt1:
                ipt1 = str(filename.replace(' ', '').replace('\n', ''))
                break
            i += 1

        with open(f'{ipt1}', 'r') as r:
            for line in r.readlines():
                if re.findall(f'({regular(1)})(\.+)*', line):
                    ip = str(line.strip().replace(' ', '').replace('\n', ''))
                    if ip:
                        thread1 = Thread(target=port_scan, args=(ip, ip))
                        thread1.start()
Example #17
0
    def _add_task(self, rule):

        print_("""
    1.批量任务添加
    2.删除所有任务
    3.删除指定任务
    4.跳过
    0.Exit.
            """)

        if self.option_:

            ipt1 = input_('>')
            if ipt1 is '1':
                domains = []
                ipt2 = input_('处理URL获取Domain name.[y/n]')
                if ipt2 is 'y':
                    i1 = True
                if ipt2 is 'n':
                    i1 = False
                filename = get_filename('{}lib/batch/awvs'.format(root))
                i = 1
                for f in filename:
                    print_(f'{i}. {f}')
                    i += 1
                ipt3 = input_('Path编号>')
                i = 1
                for f in filename:
                    if ipt3 == str(i):
                        ipt3 = f
                        break
                    i += 1
                if ipt3:
                    datas = read_text_(ipt3)
                    if i1:
                        for data in datas:
                            d = get_domain(data)
                            domains.append(d)
                datas = domains

            if ipt1 is '2':
                self.delete_()
                return False
            if ipt1 is '3':
                self.delete()
                return False
            if ipt1 is '4':
                self.option_ = False

            eXit = False if not ipt1 is '0' else True

        try:

            def r():
                if eXit:
                    return False
                i = 1
                for target1 in datas:
                    if i <= 5:
                        if self.option:
                            info(('Add scann target -> ', target1))
                        self.add_task(target=target1, rule=rule)
                    else:
                        i = 0
                        time.sleep(600)
                    i += 1

            thread1 = threading.Thread(target=r)
            thread1.start()
        except Exception as e:
            # red(traceback.format_exc())
            pass
Example #18
0
    def main(self):
        content1 = """
{}


[1].信息收集.
[2].Web程序.
[3].黑盒测试工具包.
[4].Linux 工具.
[5].漏洞验证(POC).
[6].漏洞测试(FUZZ).
[7].note.
[8].内网攻击工具.
[9].内网扫描.
[10].漏洞分析.
[11].字典构造.
[12].Exploits.
[i].INIT.
[c].Clear.
[n].记录线索.
[0].退出.
        """.format(logo)
        print_(content1)
        ipt1 = input_('>')
        if not ipt1:
            self.main()

        if ipt1 is '1':
            content2 = """
########
信息收集
########
1.子域名爆破.
2.URL采集.
3.Web目录扫描.
4.尝试找出cdn背后的真实ip.
5.九世信息收集工具.
6.指纹识别.
7.ABC段扫描.
0.返回菜单.
            """
            print_(content2)
            ipt2 = input_('>')
            if not ipt2:
                self.main()
            if ipt2 is '1':
                self.Run_subdns()
            if ipt2 is '2':
                self.Run_DiscoverTarget()
            if ipt2 is '3':
                print_("""
#######
选择工具
#######
1.dirmap.
2.DirBrute.
0.返回菜单.
                """)
                ipt3 = input_('>')
                if not ipt3:
                    self.main()
                if ipt3 is '1':
                    self.Run_dirmap()
                if ipt3 is '2':
                    self.Run_DirBrute()
                if ipt3 is '0':
                    self.main()
            if ipt2 is '4':
                if system_platform == 'kali':
                    self.Run_xcdn()
                else:
                    red('[Error] xcdn run for kali.')
                    self.main()
            if ipt2 is '5':
                ipt1 = input_('URL>')
                ipt2 = input_('Domain>')
                c1 = jiushixxsj(url=ipt1, domain=ipt2)
                if c1:
                    print_('九世信息收集工具配置完成...')
                else:
                    print_('九世信息收集工具配置失败...')
                self.commands__(
                    cmd='cd "{}信息收集工具" && python3 ./main.py'.format(self.root))
            if ipt2 is '6':
                print_("""
1.TideFinger.
2.whatweb.
0.返回菜单.
                """)
                ipt1 = input_('>')
                if ipt1 == '1':
                    self.TideFinger()
                    self.main()
                if ipt1 == '2':
                    self.whatweb()
                    self.main()
                if ipt1 == '0':
                    self.main()
            if ipt2 is '7':
                print_("""
[A].A段扫描.
[B].B段扫描.
[C].C段扫描.
[r].查看结果.
                """)
                ipt2 = input_('>')
                if ipt2 is 'r':
                    if ip_or_domain_result_handle():
                        time.sleep(3)
                        self.main()
                    else:
                        time.sleep(3)
                        self.main()

                content1 = """
A段 前缀 8.
B段 前缀 16.
C段 前缀 24.
                """
                a1 = grep(f'{ipt2}', content1)
                print(a1)
                ipt3 = input_('IP>')
                ipt4 = input_('前缀>')
                # self.commands__(f'fping -a -g "{ipt3}/{ipt4}" > {self.root}lib/fping_result.txt')
                self.commands__(
                    f'fping -a -g "{ipt3}/{ipt4}" > {self.root}lib/fping_result.txt'
                )
                datas = _grep(f'({regular(1)})(\.+)*',
                              f'{self.root}lib/fping_result.txt',
                              regex=1,
                              highlight=0)
                for data in datas:
                    line_number, line_content = data
                    if 'ICMP Host Unreachable from' not in line_content:
                        print(line_content.replace('\n', '').strip())
                        s1 = line_content.replace('\n', '').strip()
                        with open(f'{self.root}lib/fping/{ipt3}_{ipt4}.txt',
                                  'a+') as w:
                            w.write(s1 + '\n')

                self.commands__(f'rm -rf {self.root}lib/{ipt3}_{ipt4}.txt')
                self.commands__(f'rm -rf {self.root}lib/fping_result.txt')
                time.sleep(3)
                self.main()

            if ipt2 is '0':
                self.main()

        if ipt1 is '2':
            print_("""
########
web程序
########
1.xwaf waf自动化绕过工具.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                if system_platform == 'kali':
                    self.Run_xwaf()
                    self.main()
                else:
                    red('[Error] xwaf run for kali.')
                    self.main()
            if ipt2 is '0':
                self.main()
        if ipt1 is '3':
            print_("""
1.Fsociety.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if not ipt2:
                self.main()
            if ipt2 is '1':
                if system_platform == 'kali':
                    self.Run_fsociety()
                else:
                    red('[Error] fsociety run for kali.')
                    self.main()
            if ipt2 is '0':
                self.main()

        if ipt1 is '4':
            print_("""
##########
linux 工具
##########
    [1].输出艺术字.
    [2].获取工具的绝对路径.
    [3].History.
    [4].源配置.
    [5].配置x11 vnc server.
    [6].配置sftp.
    [0].返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                ipt3 = input_('内容>')
                self.commands__(cmd='figlet {}'.format(ipt3))
                self.commands__(cmd='toilet {}'.format(ipt3))
                self.main()
            if ipt2 is '2':
                ipt3 = input_('Tool name>')
                c1 = self.commands_(cmd='whereis {}'.format(ipt3))
                c2 = self.commands_(cmd='which {}'.format(ipt3))
                data1 = grep(ipt3, c1)
                data2 = grep(ipt3, c2)
                print(data1)
                print(data2)
            if ipt2 is '3':
                from os import popen
                ipt1 = input_('Keyword>')
                print_('history | grep "{}"'.format(ipt1))
            if ipt2 is '4':
                if system_platform == 'deepin':
                    print_('1.deepin 源配置.')
                    ipt1 = input_('>')
                    if ipt1 is '1':
                        c1 = self.commands__(
                            cmd=
                            f'sudo cp -v -r {self.root}bak/sources.list.deepin /etc/apt/sources.list'
                        )
                        c2 = self.commands__(cmd='sudo apt-get update')
                        if c1:
                            print_('deepin 源配置完成.')
                        else:
                            print_('deepin 源配置失败.')
                        self.main()
                if system_platform == 'kali':
                    print_('1.kali 源配置.')
                    ipt1 = input_('>')
                    if ipt1 is '1':
                        c1 = self.commands__(
                            cmd=
                            f'sudo cp -v -r {self.root}bak/sources.list.kali /etc/apt/sources.list'
                        )
                        c2 = self.commands__(cmd='sudo apt-get update')
                        if c1:
                            print_('kali 源配置完成.')
                        else:
                            print_('kali 源配置失败.')
                        self.main()

            if ipt2 is '5':
                self.commands__('sudo apt-get -y install x11vnc')
                self.commands__('x11vnc -storepasswd')
                self.commands__('ip address')
                self.commands__(
                    'x11vnc -auth guess -once -loop -noxdamage -repeat -rfbauth ~/.vnc/passwd -rfbport 5900 -shared'
                )

            if ipt2 is '6':
                self.commands__('sudo apt-get -y install ssh')

            if ipt2 is '0':
                self.main()

        if ipt1 is '5':
            print_("""
############
漏洞验证(POC)
############
1.Xss
2.Sqli
3.Csrf
4.POC-T
0.返回菜单
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                pass
            if ipt2 is '2':
                self.POC_T(sqli='sqli')
            if ipt2 is '3':
                pass
            if ipt2 is '4':
                self.POC_T()
            if ipt2 is '0':
                self.main()

        if ipt1 is '6':
            print_("""
#############
漏洞测试(FUZZ)
#############
1.Xss
2.Sqli
3.Csrf
0.返回菜单
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                print_("""
####
Xss
####
1.XSStrike.
0.返回菜单.
                """)
                ipt3 = input_('>')
                if ipt3 is '1':
                    self.xsstrike()
                    self.main()
                if ipt3 is '0':
                    self.main()

            if ipt2 is '0':
                self.main()

        if ipt1 is '7':
            from src._note import note
            note()
            self.main()

        if ipt1 is 'i':
            self.commands__('{}lib/INIT'.format(self.root))
            self.main()

        if ipt1 is '8':
            print_("""
############
内网攻击工具.
############
1.ARP欺骗.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                self.commands__(cmd='python2 {}src/arp.py'.format(self.root))
                self.main()
            if ipt2 is '0':
                self.main()

        if ipt1 is '9':
            print_("""
############
内网扫描工具.
############
1.nbtscan.
0.返回菜单.
            """)
            ipt2 = input_('>')

            if system_platform == 'kali':
                if ipt2 is '1':
                    print_('例子:192.168.1.1/24')
                    ipt3 = input_('输入扫描的IP段>')
                    self.commands__(f'nbtscan -r {ipt3}')
                    self.main()
            else:
                red('[Error] nbtscan run for kali.')

            if ipt2 is '0':
                self.main()

        if ipt1 == '10':
            print_("""
########
漏洞分析
########
1.apache-users.
2.scann.py.
3.nikto.
4.nmap.
5.lynis
6.sparta
7.unix-privesc-check
8.goLismero
9.awvs.py
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] apache_users run for kali.')
            if ipt2 is '2':
                self.commands__(f'python3 {self.root}scann.py')
                self.main()

            if ipt2 is '3':
                pass
            if ipt2 is '4':
                self.nmap_script_exploit()
            if ipt2 is '5':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] lynis run for kali.')
            if ipt2 is '6':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] sparta run for kali.')
            if ipt2 is '7':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] unix-privesc-check run for kali.')
            if ipt2 is '8':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] goLismero run for kali.')

            if ipt2 == '9':
                try:
                    a1 = _awvs()
                    a1.main()
                except:
                    from src.awvs import awvs as _awvs
                    a1 = _awvs()
                    a1.main()

            if ipt2 is '0':
                self.main()

        if ipt1 == '11':
            print_("""
########
字典构造
########
1.crunch.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 == '1':
                if system_platform == 'kali':
                    self.crunch()
                    self.main()
                else:
                    red('[Error] crunch run for kali.')
            if ipt2 == '0':
                self.main()

        if ipt1 == '12':
            print_("""
#########
Exploits
#########
1.exp_2019_7_16_baopo.py
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 == '1':
                pass
            if ipt2 == '0':
                self.main()

        if ipt1 is 'c':
            self.commands__(cmd='clear')
            self.main()

        if ipt1 is 'n':
            thread1 = threading.Thread(target=self.commands__,
                                       args=('gedit', ))
            thread1.start()

        if ipt1 is '0':
            c1 = self.commands_(cmd=[
                'sudo chmod +x {}lib/pyc_clear && bash {}lib/pyc_clear'.format(
                    self.root, self.root)
            ])
            print_(c1)
            exit(0)

        if ipt1:
            self.commands__(f'{ipt1}')
            ipt2 = input_('返回菜单[y/n]>')
            if ipt2 is 'y':
                self.main()
            if \
            ipt2 is 'n' or \
            not ipt2 or \
            ipt2[0] in 'abcdefghijklmnopqrstuvwsyz' or \
            ipt2[0] in 'ABCDEFGHIJKLMNOPQRSTUVWSYZ':
                self.main()
Example #19
0
    def xsstrike(self):
        self.Install_xSStrike()
        help1 = xsstrike_helps
        print_("""
#########
XSStrike
#########
[1].扫描单个目标(GET).
[2].扫描单个目标(POST).
[3].扫描多个目标.
[4].测试URL路径组件.
[5].将POST数据视为JSON.
[6].爬行.
[7].自定义命令.
[r].查看结果.
[h].帮助.
[0].返回菜单.
        """)
        ipt1 = input_('>')
        if not ipt1:
            self.xsstrike()
        if ipt1 is '1':
            ipt2 = input_('URL>')
            c1 = self.commands__(
                cmd='{}XSStrike/xsstrike.py -u \"{}\"'.format(self.root, ipt2))
            self.xsstrike()

        if ipt1 is '2':
            ipt2 = input_('URL>')
            ipt3 = input_('data>')
            c1 = self.commands__(
                cmd='{}XSStrike/xsstrike.py -u \"{}\" --data \"{}\"'.format(
                    self.root, ipt2, ipt3))
            self.xsstrike()

        if ipt1 is '3':
            ipt2 = input_('FilenamePath>')
            c1 = self.commands__(
                cmd='{}/XSStrike/xsstrike.py --seeds {}'.format(
                    self.root, ipt2))
            self.xsstrike()

        if ipt1 is '4':
            ipt2 = input_('Payload>')
            ipt3 = input_('Url>')
            c1 = self.commands__(
                cmd='{}/XSStrike/xsstrike.py -u "{}{}" --path'.format(
                    self.root, ipt3, ipt2))
            self.xsstrike()

        if ipt1 is '5':
            pass

        if ipt1 is '6':
            pass

        if ipt1 is '7':
            print_(help1)
            ipt2 = input_('>')
            c1 = self.commands__(
                cmd='{}/XSStrike/xsstrike.py {}'.format(self.root, ipt2))
            self.xsstrike()

        if ipt1 is 'r':
            pass

        if ipt1 is 'h':
            print_(help1)
            self.xsstrike()

        if ipt1 is '0':
            self.main()
Example #20
0
    def crunch(self):
        print_("""
########
crunch
########
1.生成.
2.查看结果.
3.结果传递至爆破脚本.
0.返回菜单.
        """)
        ipt1 = input_('>')
        if ipt1 == '1':
            ipt1 = input_('最小字符长度>')
            ipt2 = input_('最大字符长度>')
            ipt3 = input_('构造内容>')
            ipt4 = input_('Domain>')
            self.commands__(f'cd {self.root}dict && mkdir login')
            self.commands__(
                f'crunch {ipt1} {ipt2} {ipt3} > {self.root}dict/login/f{ipt4}.txt'
            )
        if ipt1 == '2':
            paths = get_filename(f'{self.root}dict/login')
            i = 1
            for f1 in paths:
                print_(f'{i}. {f1}')
                i += 1
            ipt1 = input_('选择编号>')
            i = 1
            for f1 in paths:
                if i == int(ipt1):
                    path = f1
                    break
                i += 1
            self.commands__(f'vim {path}')

        if ipt1 == '3':
            paths = get_filename(f'{self.root}dict/login')
            i = 1
            for f1 in paths:
                print_(f'{i}. {f1}')
                i += 1
            ipt1 = input_('user字典编号>')
            ipt2 = input_('passwd字典编号>')
            i = 1
            for f1 in paths:
                if i == int(ipt1):
                    user_path = f1
                if i == int(ipt2):
                    passwd_path = f1
                i += 1
            print_("""
1.exp_2019_7_16_baopo.
0.返回菜单.
            """)
            ipt1 = input_('>')
            if ipt1 == '1':
                exp_2019_7_16_baopo(user_path, passwd_path)
                self.main()
            if ipt1 == '0':
                self.main()

        if ipt1 == '0':
            self.main()