def run(self): (option, args) = self.optionInit() print(option, args) self.loaddir() if (option.module_name == 'exp_name'): if (option.option == 'all'): print u'全网扫描模式' #动态获取具体的exploit对象 sys.path.append(path) fp, pathname, description = imp.find_module(option.exp_name) exp_file = imp.load_module(option.exp_name, fp, pathname, description) exp_file = exp_file.SafecatExploit() self.exp_module = EXPModule(exp_file) self.exp_module.scanAll() elif (option.option == 'single') and (option.thost): print u'单个主机扫描' target = self.httptools.get_standard_url(option.thost) fp, pathname, description = imp.find_module(option.exp_name) exp_file = imp.load_module(option.exp_name, fp, pathname, description) exp_file = exp_file.SafecatExploit() print exp_file #exp_file = eval(option.exp_name) #载入相关的exploit脚本 self.exp_module = EXPModule(exp_file) self.exp_module.scanOneHost(target) elif (option.option == 'range') and (option.startip) and (option.endip): print u'IP段扫描' startip = option.startip endip = option.endip fp, pathname, description = imp.find_module(option.exp_name) exp_file = imp.load_module(option.exp_name, fp, pathname, description) exp_file = exp_file.SafecatExploit() self.exp_module = EXPModule(exp_file) self.exp_module.scanOneRange(startip, endip) else: print u'Args invalid' elif (option.module_name == 'flag'): if option.class_name and option.query: print u'根据关键词从es中查找攻击' self.keywords_module = KEYModule(option.class_name) self.keywords_module.scanByQuery(option.query) elif option.class_name and option.thost: print u'根据es中的单个域名攻击' self.keywords_module = KEYModule(option.class_name) self.keywords_module.scanByDomain(option.thost) else: print u'Args invalid'