def San(OutFileName, Url, Values, ProxyIp):
# try:
# Weblogic.WeblogicMain.Main(Url)#调用weblogic主函数
# except:
# print("WeblogicSanExcept")
try:
Struts2Main.Main(Url, OutFileName, Values, ProxyIp) # 调用Struts2主函数
except:
pass
try:
ConfluenceMain.Main(Url, OutFileName, Values,
ProxyIp) # 调用 Confluence主函数
except:
pass
try:
NginxMain.Main(Url, OutFileName, Values, ProxyIp) # 调用 Confluence主函数
except:
pass
try:
ApacheMian.Main(Url, OutFileName, Values, ProxyIp) # 调用Apache主函数
except:
pass
try:
PhpMain.Main(Url, OutFileName, Values, ProxyIp) # 调用Php主函数
except:
pass
try:
CmsMian.Main(Url, OutFileName, Values, ProxyIp) # 调用Cms主函数
except:
pass
try:
OaMian.Main(Url, OutFileName, Values, ProxyIp) # 调用OA主函数
except:
pass
def independent(url, value): #单个组件扫描接口
OutFileName = None
Values = None
ProxyIp = None
if value.find('nmap') != -1:
NmapScan(url)
elif value.find('struts') != -1:
Struts2Main.Main(url, OutFileName, Values, ProxyIp) # 调用Struts2主函数
elif value.find('confluence') != -1:
ConfluenceMain.Main(url, OutFileName, Values,
ProxyIp) # 调用 Confluence主函数
elif value.find('nginx') != -1:
NginxMain.Main(url, OutFileName, Values, ProxyIp) #调用Nginx主函数
elif value.find('apache') != -1:
ApacheMain.Main(url, OutFileName, Values, ProxyIp) # 调用Apache主函数
elif value.find('php') != -1:
PhpMain.Main(url, OutFileName, Values, ProxyIp) # 调用Php主函数
elif value.find('cms') != -1:
CmsMain.Main(url, OutFileName, Values, ProxyIp) # 调用Cms主函数
elif value.find('OA') != -1:
OaMian.Main(url, OutFileName, Values, ProxyIp) # 调用OA主函数
elif value.find('information') != -1:
InformationDisclosureMain.Main(url, OutFileName, Values,
ProxyIp) # 调用信息泄露主函数
elif value.find('jenkins') != -1:
JenkinsMain.Main(url, OutFileName, Values, ProxyIp) # 调用Jenkins主函数
elif value.find('solr') != -1:
SolrMain.Main(url, OutFileName, Values, ProxyIp) # 调用Solr主函数
elif value.find('js') != -1:
JSCrawling(url)
def San(ThreadPool,Url,Values,ProxyIp):
#POC模块存进多线程池,这样如果批量扫描会变快很多
Struts2Main.Main(ThreadPool,Url,Values,ProxyIp)# 调用Struts2主函数
ConfluenceMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用 Confluence主函数
NginxMain.Main(ThreadPool,Url,Values,ProxyIp)#调用Nginx主函数
ApacheMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用Apache主函数
PhpMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用Php主函数
CmsMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用Cms主函数
OaMian.Main(ThreadPool,Url,Values,ProxyIp)# 调用OA主函数
JenkinsMain.Main(ThreadPool,Url,Values,ProxyIp) # 调用Jenkins主函数
SolrMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用Solr主函数
RailsMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用RailsMain主函数
KibanaMain.Main(ThreadPool,Url,Values,ProxyIp) # 调用KibanaMain主函数
CitrixMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用CitrixMain主函数
MongoMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用MongoMain主函数
SpringMain.Main(ThreadPool,Url,Values,ProxyIp)# 调用SpringMain主函数
def BotScan(ThreadPool, url, Values, token):
Struts2.Main(ThreadPool, url, Values, token) # 调用Struts2主函数
ConfluenceMain.Main(ThreadPool, url, Values, token) # 调用 Confluence主函数
NginxMain.Main(ThreadPool, url, Values, token) # 调用Nginx主函数
ApacheMain.Main(ThreadPool, url, Values, token) # 调用Apache主函数
PHPStudy.Main(ThreadPool, url, Values, token) # 调用Php主函数
CmsMain.Main(ThreadPool, url, Values, token) # 调用Cms主函数
OaMian.Main(ThreadPool, url, Values, token) # 调用OA主函数
JenkinsMain.Main(ThreadPool, url, Values, token) # 调用Jenkins主函数
Harbor.Main(ThreadPool, url, Values, token) # 调用Harbor主函数
RailsMain.Main(ThreadPool, url, Values, token) # 调用RailsMain主函数
KibanaMain.Main(ThreadPool, url, Values, token) # 调用KibanaMain主函数
CitrixMain.Main(ThreadPool, url, Values, token) # 调用CitrixMain主函数
MongoMain.Main(ThreadPool, url, Values, token) # 调用MongoMain主函数
SpringMain.Main(ThreadPool, url, Values, token) # 调用SpringMain主函数
FastJson.Main(ThreadPool, url, Values, token) # 调用FastJson主函数
Windows.Main(ThreadPool, url, Values, token) # 调用Windwos主函数
def San(ThreadPool, Url, Values, ProxyIp):
#POC模块存进多线程池,这样如果批量扫描会变快很多
Struts2Main.Main(ThreadPool, Url, Values, ProxyIp) # 调用Struts2主函数
ConfluenceMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用 Confluence主函数
NginxMain.Main(ThreadPool, Url, Values, ProxyIp) #调用Nginx主函数
ApacheMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用Apache主函数
PhpMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用Php主函数
CmsMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用Cms主函数
OaMian.Main(ThreadPool, Url, Values, ProxyIp) # 调用OA主函数
JenkinsMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用Jenkins主函数
Harbor.Main(ThreadPool, Url, Values, ProxyIp) # 调用Harbor主函数
RailsMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用RailsMain主函数
KibanaMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用KibanaMain主函数
CitrixMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用CitrixMain主函数
MongoMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用MongoMain主函数
SpringMain.Main(ThreadPool, Url, Values, ProxyIp) # 调用SpringMain主函数
FastJson.Main(ThreadPool, Url, Values, ProxyIp) # 调用FastJson主函数
ThreadPool.Start(ThreadNumber) #启动多线程
def San(ThreadPool,Url,agentHeader,UnixTimestamp,Module):
#POC模块存进多线程池,这样如果批量扫描会变快很多
ModName=["Struts2","Confluence","Nginx","Apache","PHPStudy","Cms","Oa","Jenkins","Harbor","Rails","Kibana","Citrix","Mongo","Spring","FastJson","Windows"]
if Module==None:
print("\033[1;40;32m[ + ] Scanning across modules:\033[0m" + "\033[1;40;35m AllMod \033[0m")
Struts2.Main(ThreadPool, Url, agentHeader, UnixTimestamp)# 调用Struts2主函数
ConfluenceMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用 Confluence主函数
NginxMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)#调用Nginx主函数
ApacheMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用Apache主函数
PHPStudy.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用Php主函数
CmsMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用Cms主函数
OaMian.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用OA主函数
JenkinsMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp) # 调用Jenkins主函数
Harbor.Main(ThreadPool, Url, agentHeader, UnixTimestamp)# 调用Harbor主函数
RailsMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用RailsMain主函数
KibanaMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp) # 调用KibanaMain主函数
CitrixMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用CitrixMain主函数
MongoMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用MongoMain主函数
SpringMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用SpringMain主函数
FastJson.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用FastJson主函数
Windows.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用Windwos主函数
elif Module != None and Module in ModName:
print("\033[1;40;32m[ + ] The separate scan module is:\033[0m"+"\033[1;40;35m {} \033[0m".format(Module))
if Module == "Struts2":
Struts2.Main(ThreadPool, Url, agentHeader, UnixTimestamp) # 调用Struts2主函数
if Module == "Confluence":
ConfluenceMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用 Confluence主函数
if Module == "Nginx":
NginxMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)#调用Nginx主函数
if Module == "Apache":
ApacheMain.Main(ThreadPool, Url, agentHeader, UnixTimestamp) # 调用Apache主函数
if Module == "PHPStudy":
PHPStudy.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用Php主函数
if Module == "Cms":
CmsMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用Cms主函数
if Module=="Oa":
OaMian.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用OA主函数
if Module=="Jenkins":
JenkinsMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp) # 调用Jenkins主函数
if Module=="Harbor":
Harbor.Main(ThreadPool, Url, agentHeader, UnixTimestamp)# 调用Harbor主函数
if Module=="Rails":
RailsMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用RailsMain主函数
if Module=="Kibana":
KibanaMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp) # 调用KibanaMain主函数
if Module=="Citrix":
CitrixMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用CitrixMain主函数
if Module == "Mongo":
MongoMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用MongoMain主函数
if Module == "Spring":
SpringMain.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用SpringMain主函数
if Module == "FastJson":
FastJson.Main(ThreadPool,Url,agentHeader,UnixTimestamp)# 调用FastJson主函数
if Module=="Windows":
Windows.Main(ThreadPool, Url, agentHeader, UnixTimestamp) # 调用Windwos主函数
else:
print("\033[1;40;31m[ ! ] Please enter the correct scan module name\033[0m")
os._exit(0) # 直接退出整个函数
ThreadPool.Start(ThreadNumber)#启动多线程
ClassCongregation.NumberOfLoopholes() # 输出扫描结果个数
def WebScan(ThreadPool, Url, Values, Token, Module):
ModName = [
"Struts2", "Confluence", "Nginx", "Apache", "PHPStudy", "Cms", "Oa",
"Jenkins", "Harbor", "Rails", "Kibana", "Citrix", "Mongo", "Spring",
"FastJson", "Windows"
]
if Module == "all":
Struts2.Main(ThreadPool, Url, Values, Token) # 调用Struts2主函数
ConfluenceMain.Main(ThreadPool, Url, Values, Token) # 调用 Confluence主函数
NginxMain.Main(ThreadPool, Url, Values, Token) # 调用Nginx主函数
ApacheMain.Main(ThreadPool, Url, Values, Token) # 调用Apache主函数
PHPStudy.Main(ThreadPool, Url, Values, Token) # 调用Php主函数
CmsMain.Main(ThreadPool, Url, Values, Token) # 调用Cms主函数
OaMian.Main(ThreadPool, Url, Values, Token) # 调用OA主函数
JenkinsMain.Main(ThreadPool, Url, Values, Token) # 调用Jenkins主函数
Harbor.Main(ThreadPool, Url, Values, Token) # 调用Harbor主函数
RailsMain.Main(ThreadPool, Url, Values, Token) # 调用RailsMain主函数
KibanaMain.Main(ThreadPool, Url, Values, Token) # 调用KibanaMain主函数
CitrixMain.Main(ThreadPool, Url, Values, Token) # 调用CitrixMain主函数
MongoMain.Main(ThreadPool, Url, Values, Token) # 调用MongoMain主函数
SpringMain.Main(ThreadPool, Url, Values, Token) # 调用SpringMain主函数
FastJson.Main(ThreadPool, Url, Values, Token) # 调用FastJson主函数
Windows.Main(ThreadPool, Url, Values, Token) # 调用Windwos主函数
return True
elif Module != None and Module in ModName:
if Module == "Struts2":
Struts2.Main(ThreadPool, Url, Values, Token) # 调用Struts2主函数
return True
elif Module == "Confluence":
ConfluenceMain.Main(ThreadPool, Url, Values,
Token) # 调用 Confluence主函数
return True
elif Module == "Nginx":
NginxMain.Main(ThreadPool, Url, Values, Token) #调用Nginx主函数
return True
elif Module == "Apache":
ApacheMain.Main(ThreadPool, Url, Values, Token) # 调用Apache主函数
return True
elif Module == "PHPStudy":
PHPStudy.Main(ThreadPool, Url, Values, Token) # 调用Php主函数
return True
elif Module == "Cms":
CmsMain.Main(ThreadPool, Url, Values, Token) # 调用Cms主函数
return True
elif Module == "Oa":
OaMian.Main(ThreadPool, Url, Values, Token) # 调用OA主函数
return True
elif Module == "Jenkins":
JenkinsMain.Main(ThreadPool, Url, Values, Token) # 调用Jenkins主函数
return True
elif Module == "Harbor":
Harbor.Main(ThreadPool, Url, Values, Token) # 调用Harbor主函数
return True
elif Module == "Rails":
RailsMain.Main(ThreadPool, Url, Values, Token) # 调用RailsMain主函数
return True
elif Module == "Kibana":
KibanaMain.Main(ThreadPool, Url, Values, Token) # 调用KibanaMain主函数
return True
elif Module == "Citrix":
CitrixMain.Main(ThreadPool, Url, Values, Token) # 调用CitrixMain主函数
return True
elif Module == "Mongo":
MongoMain.Main(ThreadPool, Url, Values, Token) # 调用MongoMain主函数
return True
elif Module == "Spring":
SpringMain.Main(ThreadPool, Url, Values, Token) # 调用SpringMain主函数
return True
elif Module == "FastJson":
FastJson.Main(ThreadPool, Url, Values, Token) # 调用FastJson主函数
return True
elif Module == "Windows":
Windows.Main(ThreadPool, Url, Values, Token) # 调用Windwos主函数
return True
else:
return False
else:
return False