def menu():
global nThread,ports,PortList,response
tool=Tool()
address=""
usage = """
-host To scan the open ports of the Host Default scanning ports are most usual ports
-sh Specific Host Detective Example: -sh 127.0.0.1
-ah All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255 Default ports is 80 443
-t Threads(1-200) Default is 80
-r Read hosts file Example: -r "hosts.txt"
-p Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports
-o Output file address Example: -o recoder.txt or -o D:\\recoder.txt
-dir Scanning visible background directory Example: -dir http://127.0.0.1
-add Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt
-url Butian SRC list url Example: -url https://butian.360.cn/Home/Active/company -page 10
-page Butian SRC Pages Default is 10 Example: -url https://butian.360.cn/Home/Active/company -page 10
-help To show help information
"""
parser = argparse.ArgumentParser()
parser.add_argument('-host', dest='host', help='-h To scan the open ports of the Host Default scanning ports are most usual ports ')
parser.add_argument('-sh', dest='sh', help='Specific Host Detective Example: -sh 127.0.0.1 ')
parser.add_argument('-ah', dest='ah', help='All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255')
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 80')
parser.add_argument('-r', dest='r', help='Read hosts file Example: -r "hosts.txt"')
parser.add_argument('-p', dest='p', help='Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports')
parser.add_argument('-o', dest='o', help='Output file address Example: -o recoder.txt or -o D:\\recoder.txt')
parser.add_argument('-dir', dest='dir', help='Scanning visible background directory Example: -dir http://127.0.0.1' )
parser.add_argument('-add', dest='add', help='Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt' )
parser.add_argument('-url', dest='url', help='Butian SRC list url Example: -url https://butian.360.cn/Home/Active/company' )
parser.add_argument('-page', dest='page', help='Butian SRC Pages Default is 10 Example: -url https://butian.360.cn/Home/Active/company' )
parser.add_argument('-help', action="store_true", help='To show help information')
options = parser.parse_args()
if options.host:
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList=tool.changeList(tool.split2List(options.p))
msg1=msg2=''
if len(PortList)<50:
for i in PortList:
msg1+=str(i)+' '
msg2="[*] Scanning Ports :"+msg1
printc.printf(msg2,"skyblue")
s = tool.standardUrl(options.host)
ip= tools.getIPByName(s)
info="[+]Starting scanning:"+str(s)+"({ip})".format(ip=ip)
printc.printf(info,'yellow')
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah :
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add=options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "存活"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "关闭"
printc.printf(s1, "darkred")
elif options.dir:
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
host=options.dir
if tool.isStandard(host) ==True:
res=tool.Requests(host)
response=tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add=options.add
else:
add=str(os.getcwd())+"\\dict\\directory.txt"
scanDir(host,add)
tool.printIfExist(address)
else:
printc.printf("\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",'yellow')
elif options.url:
url=options.url
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.page:
page=options.page
else:
# url="https://butian.360.cn/Home/Active/company"
# page=10
page=10
butianInfo.get_src_name(url,page)
tool.printIfExist(address)
if options.help:
helpInfo()
def menu():
global nThread, ports, PortList, response
tool = Tool()
address = ""
usage = """
-host To scan the open ports of the Host Default scanning ports are most usual ports
-sh Specific Host Detective Example: -sh 127.0.0.1
-ah All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255 Default ports is 80 443
-t Threads(1-200) Default is 80
-r Read hosts file Example: -r "hosts.txt"
-p Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports
-o Output file address Example: -o recoder.txt or -o D:\\recoder.txt
-dir Scanning visible background directory Example: -dir http://127.0.0.1
-add Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt
-sdn Subdomain names Example: -sdn baidu.com -types 3 -sdn pku.edu.cn -types 1
-pro Protocol Example: -pro https Default Protocol is http
-types Using different dictionary txt file 1 2 3 means school gov company website,it can make the result more reliable
-url Butian SRC list url Example: -url https://butian.net/Reward/pub -page 1-10
-page Butian SRC Pages Default is 10 Example: -url https://butian.net/Reward/pub -page 1-10
-help To show help information
"""
parser = argparse.ArgumentParser()
parser.add_argument(
'-host',
dest='host',
help=
'-h To scan the open ports of the Host Default scanning ports are most usual ports '
)
parser.add_argument(
'-sh',
dest='sh',
help=
'Specific Host Detective Example: -sh 127.0.0.1 '
)
parser.add_argument(
'-ah',
dest='ah',
help=
'All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255'
)
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 80')
parser.add_argument(
'-r',
dest='r',
help=
'Read hosts file Example: -r "hosts.txt"'
)
parser.add_argument(
'-p',
dest='p',
help=
'Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports'
)
parser.add_argument(
'-o',
dest='o',
help=
'Output file address Example: -o recoder.txt or -o D:\\recoder.txt'
)
parser.add_argument(
'-dir',
dest='dir',
help=
'Scanning visible background directory Example: -dir http://127.0.0.1'
)
parser.add_argument(
'-add',
dest='add',
help=
'Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt'
)
parser.add_argument(
'-sdn',
dest='sdn',
help=
'Subdomain names Example: -sdn baidu.com -types 3 -sdn pku.edu.cn -types 1 -sdn cn.gov.cn -types 2 '
)
parser.add_argument(
'-pro',
dest='pro',
help=
'Protocol Example: -pro https Default Protocol is http '
)
parser.add_argument(
'-types',
dest='types',
help=
'Using different dictionary txt file 1 2 3 means school government company website,it can make the result more reliable'
)
parser.add_argument(
'-url',
dest='url',
help=
'Butian SRC list url Example: -url https://butian.net/Reward/pub'
)
parser.add_argument(
'-page',
dest='page',
help=
'Butian SRC Pages Default is 10 Example: -url https://butian.net/Reward/pub'
)
parser.add_argument('-help',
action="store_true",
help='To show help information')
options = parser.parse_args()
if options.host:
# if options.r:
# address = str(options.r) 待完成功能
# host_list = tools.content2List(address)
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
if len(PortList) < 50:
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
s = tool.standardUrl(options.host)
ip = tools.getIPByName(s)
info = "[+]Starting scanning:" + str(s) + "({ip})".format(ip=ip)
printc.printf(info, 'yellow')
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
#print(msg2)
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add = options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "存活"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "关闭"
printc.printf(s1, "darkred")
elif options.dir:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
host = options.dir
if tool.isStandard(host) == True:
res = tool.Requests(host)
response = tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add = options.add
else:
#Windows和Linux平台文件目录稍有差别
if "Windows" in systeminfo:
add = str(os.getcwd()) + "\\dict\\directory.txt"
elif "Linux" in systeminfo:
add = str(os.getcwd()) + "/dict/directory.txt"
scanDir(host, add)
tool.printIfExist(address)
else:
printc.printf(
"\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",
'yellow')
elif options.url:
url = options.url
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.page:
page = options.page
else:
# url="https://butian.net/Reward/pub"
# page=10
page = 10
butianInfo.get_src_name(url, page)
tool.printIfExist(address)
elif options.sdn:
domain = options.sdn
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.pro:
protocol = options.pro
else:
protocol = "http"
if options.types:
types = int(options.types)
else:
types = 0
subdomains.getSubdomainName(nThread, types, domain, protocol)
#subdomains.getSubdomainName(300,1,"ncu.edu.cn","http")
tool.printIfExist(address)
if options.help:
helpInfo()
def menu():
global nThread, ports, PortList, response
tool = Tool()
address = ""
parser = argparse.ArgumentParser()
parser.add_argument(
'-host',
dest='host',
help=
'-h To scan the open ports of the Host Default scanning ports are most usual ports '
)
parser.add_argument(
'-telnet',
dest='telnet',
help=
'Telnet Scanning Example: -telnet 127.0.0.1 -p ="22,33,44" or -telnet target.txt'
)
parser.add_argument(
'-sh',
dest='sh',
help=
'Specific Host Detective Example: -sh 127.0.0.1 '
)
parser.add_argument(
'-ah',
dest='ah',
help=
'All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255'
)
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 80')
parser.add_argument(
'-r',
dest='r',
help=
'Read hosts file Example: -r "hosts.txt"'
)
parser.add_argument(
'-p',
dest='p',
help=
'Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports'
)
parser.add_argument(
'-o',
dest='o',
help=
'Output file address Example: -o recoder.txt or -o D:\\recoder.txt'
)
parser.add_argument(
'-dir',
dest='dir',
help=
'Scanning visible background directory Example: -dir http://127.0.0.1'
)
parser.add_argument(
'-add',
dest='add',
help=
'Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt'
)
parser.add_argument(
'-sdn',
dest='sdn',
help=
'Subdomain names Example: -sdn baidu.com -types 3 -sdn pku.edu.cn -types 1 -sdn cn.gov.cn -types 2 '
)
parser.add_argument(
'-pro',
dest='pro',
help=
'Protocol Example: -pro https Default Protocol is http '
)
parser.add_argument(
'-types',
dest='types',
help=
'Using different dictionary txt file 1 2 3 means school government company website,it can make the result more reliable'
)
parser.add_argument(
'-url',
dest='url',
help=
'Butian SRC list url Example: -url https://butian.net/Reward/pub'
)
parser.add_argument(
'-page',
dest='page',
help=
'Butian SRC Pages Default is 10 Example: -urldetect baidu.com or -urldetect urls.txt'
)
parser.add_argument(
'-urldetect',
dest='urldetect',
help=
'url Detective Example: -url https://butian.net/Reward/pub'
)
parser.add_argument(
'-ip',
dest='ip',
help=
'Find ip information Example: -urldetect baidu.com or -urldetect urls.txt'
)
parser.add_argument('-help',
action="store_true",
help='To show help information')
options = parser.parse_args()
if options.host:
# if options.r:
# address = str(options.r) 待完成功能
# host_list = tools.content2List(address)
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
if len(PortList) < 50:
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
#进行单个ip以及批量域名扫描
res_host = tools.input2result(str(options.host))
if type(res_host) == type([]):
for host in res_host:
s = tool.standardUrl(host)
ip = tools.getIPByName(s)
info = "[+]Starting scanning:" + str(s) + "({ip})".format(
ip=ip)
printc.printf(info, 'yellow')
scan_host_ports(s)
tool.printIfExist(address)
else:
s = tool.standardUrl(res_host)
ip = tools.getIPByName(s)
info = "[+]Starting scanning:" + str(s) + "({ip})".format(ip=ip)
printc.printf(info, 'yellow')
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
#print(msg2)
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add = options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "UP"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "Down"
printc.printf(s1, "darkred")
elif options.dir:
start_time = time.time()
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
#根据用户输入的数据来返回不同的结果,如果用户输入的是http://www.baidu.com则直接返回结果,如果用户输入的是txt文件地址则将结果返回list
res_host = tools.input2result(str(options.dir))
if type(res_host) == type([]):
for host in res_host:
# host=options.dir
if tool.isStandard(host) == True:
res = tool.Requests(host)
response = tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add = options.add
else:
#Windows和Linux平台文件目录稍有差别
if "Windows" in systeminfo:
add = str(os.getcwd()) + "\\dict\\directory.txt"
# elif "Linux" in systeminfo:
else:
add = str(os.getcwd()) + "/dict/directory.txt"
scanDir(host, add)
# tool.printIfExist(address)
else:
printc.printf(
"\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",
'yellow')
else:
host = res_host
if tool.isStandard(host) == True:
res = tool.Requests(host)
response = tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add = options.add
else:
#Windows和Linux平台文件目录稍有差别
if "Windows" in systeminfo:
add = str(os.getcwd()) + "\\dict\\directory.txt"
#elif "Linux" in systeminfo:
else:
add = str(os.getcwd()) + "/dict/directory.txt"
scanDir(host, add)
# tool.printIfExist(address)
else:
printc.printf(
"\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",
'yellow')
s1 = '[*] The scanning is finished'
s2 = '[*] Time cost :' + str((time.time() - start_time)) + ' s'
printc.printf(s1, "yellow")
printc.printf(s2, "yellow")
tool.printIfExist(address)
elif options.url:
url = options.url
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.page:
page = options.page
else:
# url="https://butian.net/Reward/pub"
# page=10
page = 10
butianInfo.get_src_name(url, page)
tool.printIfExist(address)
elif options.sdn:
domain = options.sdn
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.pro:
protocol = options.pro
else:
protocol = "http"
if options.types:
types = int(options.types)
else:
types = 0
subdomains.getSubdomainName(nThread, types, domain, protocol)
#subdomains.getSubdomainName(300,1,"ncu.edu.cn","http")
tool.printIfExist(address)
elif options.urldetect:
urls = options.urldetect
if options.o:
address = tools.address(options.o)
tools.output(address)
if options.t:
tool.nThreads(options.t)
if options.pro:
protocol = options.pro
else:
protocol = "http"
subdomains.urlDetect(urls, protocol=protocol, nThreads=nThread)
tool.printIfExist(address)
elif options.telnet: #Telnet扫描,既可以单个ip扫描,也支持从文件中读取目标站点进行扫描
ports = '' #端口默认为空
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.p:
ports = options.p
#根据用户输入的数据来返回不同的结果,如果用户输入的是txt文件地址则将结果返回list,反之则原封不动返回输入结果
host = tools.input2result(str(options.telnet))
if type(host) == type([]):
for ip in host:
msg = "************Start telnet {target}************".format(
target=ip)
print(msg)
telnet.telnet(ip, ports)
else:
msg = "************Start telnet {target}************".format(
target=host)
print(msg)
telnet.telnet(host, ports)
tool.printIfExist(address)
elif options.ip:
if options.o:
address = tool.address(options.o)
tool.output(address)
ip = options.ip
tools.findAddressByIp(ip)
tool.printIfExist(address)
else:
helpInfo()