Exemple #1
0
def MedusaScan(WebScanUrl, WebScanUserToken, WebScanModule, WebScanThreads,
               WebScanAgentHeader):
    WebScanThreadPool = ThreadPool()  #定义一个线程池
    if WebScanAgentHeader == "false":
        Values = AgentHeader().result("None")
    else:
        Values = AgentHeader().result(WebScanAgentHeader)

    if WebScan(WebScanThreadPool, WebScanUrl, Values, WebScanUserToken,
               WebScanModule):
        WebScanThreadPool.Start(WebScanThreads)  # 启动多线程
Exemple #2
0
def main(**kwargs):
    Module = kwargs.get("Exploit")
    Url = kwargs.get("Url")
    RandomAgent = AgentHeader().result(kwargs.get("AgentHeader"))  #获取随机头
    Proxies = kwargs.get("Proxies")
    Sid = kwargs.get("Sid")
    Uid = kwargs.get("Uid")
    # p1 = Process(target=ExploitModuleList[Module], args=(Url, RandomAgent, Proxies,), kwargs={"Sid": Sid, "Uid": Uid})
    # p1.start()
    # print('parent process:', os.getppid())
    # print('process id:', os.getpid())
    OperatingSystem = ExploitOutput().OperatingSystem()  #获取系统名称
    while True:
        try:
            Command = ExploitOutput().Command()  # 获取需要执行的命令
            ExploitModuleList[Module](Url,
                                      RandomAgent,
                                      Proxies,
                                      Command=Command,
                                      OperatingSystem=OperatingSystem,
                                      Sid=Sid,
                                      Uid=Uid)  # 调用列表里面的值

        except:  # 如果传入非法字符串会调用出错
            print(
                "\033[31m[ ! ] Please enter the correct command to execute the module name\033[0m"
            )
            os._exit(0)  # 直接退出整个函数
Exemple #3
0
def main(**kwargs):
    Module = kwargs.get("Exploit")
    Url = kwargs.get("Url")
    RandomAgent = AgentHeader().result(kwargs.get("AgentHeader"))  #获取随机头
    Proxies = kwargs.get("Proxies")
    Command = kwargs.get("Command")
    Sid = kwargs.get("Sid")
    Uid = kwargs.get("Uid")
    OperatingSystem = kwargs.get("OperatingSystem")
    if OperatingSystem != ("windows" or "linux"):
        print(
            "\033[31m[ ! ] Please pass in the target operating system [windows/linux]\033[0m"
        )
        os._exit(0)  # 直接退出整个函数
    try:
        ExploitModuleList[Module](Url,
                                  RandomAgent,
                                  Proxies,
                                  Command=Command,
                                  OperatingSystem=OperatingSystem,
                                  Sid=Sid,
                                  Uid=Uid)  # 调用列表里面的值

    except:  # 如果传入非法字符串会调用出错
        print(
            "\033[31m[ ! ] Please enter the correct command to execute the module name\033[0m"
        )
        os._exit(0)  # 直接退出整个函数
Exemple #4
0
 def __init__(self):
     self.Thread = []  #多线程列表
     self.TargetList = []  #存放目标URL
     self.headers = {
         'Accept-Encoding': 'gzip, deflate',
         'Accept': '*/*',
         'User-Agent': AgentHeader().result("chrome"),
     }
Exemple #5
0
 def __init__(self):
     self.Thread=[]#多线程列表
     self.ThreadNumber=20000
     self.TargetList=[]#存放目标URL
     self.UnixTime=str(int(time.time()))
     self.headers = {
         'Accept-Encoding': 'gzip, deflate',
         'Accept': '*/*',
         'User-Agent': AgentHeader().result("chrome"),
     }
     global TargetName
     if sys.platform == "win32" or sys.platform == "cygwin":
         TargetName = os.path.split(os.path.realpath(__file__))[
                       0] + "\\Target\\"
     elif sys.platform == "linux" or sys.platform == "darwin":
         TargetName = os.path.split(os.path.realpath(__file__))[0] + "/Target/"
     with open(TargetName + self.TargetDocument, 'r', encoding='UTF-8') as f:
         line = f.readline()
         while line:
             self.TargetList.append(line.replace('\n', ''))  # 删除\n符号
             line = f.readline()
Exemple #6
0
def main(**kwargs):
    Module = kwargs.get("Exploit")
    Url = kwargs.get("Url")
    RandomAgent = AgentHeader().result(kwargs.get("AgentHeader"))  #获取随机头
    Proxies = kwargs.get("Proxies")
    Command = kwargs.get("Command")
    Sid = kwargs.get("Sid")
    Uid = kwargs.get("Uid")

    try:
        ExploitModuleList[Module](Url,
                                  RandomAgent,
                                  Proxies,
                                  Command=Command,
                                  Sid=Sid,
                                  Uid=Uid)  # 调用列表里面的值

    except:  # 如果传入非法字符串会调用出错
        print(
            "\033[31m[ ! ] Please enter the correct command to execute the module name\033[0m"
        )
        os._exit(0)  # 直接退出整个函数
Exemple #7
0
    def WebDir(self, url):
        scheme, self.url, port = UrlProcessing().result(url)
        if port is None and scheme == 'https':
            port = 443
        elif port is None and scheme == 'http':
            port = 80
        else:
            port = port
        for dir in self.dirs:
            payload = scheme + "://" + self.url + ":" + str(port) + "/" + dir
            self.headers = {
                'Accept-Encoding': 'gzip, deflate',
                'Accept': '*/*',
                'User-Agent': AgentHeader().result("chrome"),
            }

            self.threa_list.append(
                threading.Thread(target=self.resp,
                                 args=(
                                     payload,
                                     self.headers,
                                 )))  #调用自生的函数,以便开启多线程
        for t in tqdm(self.threa_list,
                      ascii=True,
                      desc="{}th iteration scan directory:".format(
                          self.Number)):  # 开启列表中的多线程
            t.setDaemon(True)
            t.start()
            while True:
                # 判断正在运行的线程数量,如果小于5则退出while循环,
                # 进入for循环启动新的进程.否则就一直在while循环进入死循环
                if (len(threading.enumerate()) < self.ThreadNumber):
                    break
        for t in self.threa_list:
            t.join()
        self.Iterative()  #调用一次迭代函数后他会自己继续迭代