def _start_api(api_host, api_port, api_debug_mode, api_access_key,
api_client_white_list, api_client_white_list_ips,
api_access_log, api_access_log_filename, language):
# Starting the API
write(messages(language, 156).format(api_access_key))
p = multiprocessing.Process(
target=__process_it,
args=(api_host, api_port, api_debug_mode, api_access_key,
api_client_white_list, api_client_white_list_ips, api_access_log,
api_access_log_filename, language))
p.start()
# Sometimes it's take much time to terminate flask with CTRL+C
# So It's better to use KeyboardInterrupt to terminate!
while 1:
try:
exitflag = True
if len(multiprocessing.active_children()) is not 0:
exitflag = False
time.sleep(0.3)
if exitflag:
break
except KeyboardInterrupt:
for process in multiprocessing.active_children():
process.terminate()
break
__die_success()
def logo():
from core.alert import write
write('''
_ _ _ _ _
| \ | | | | | | | |
| \| | ___| |_| |_ __ _ ___| | _____ _ __
| . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
| |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
\n\n''')
def load():
"""
load all ARGS, Apply rules and go for attacks
Returns:
True if success otherwise None
"""
write("\n\n")
options = check_all_required(load_all_args())
info(messages("scan_started"))
info(messages("loaded_modules").format(len(load_all_modules())))
exit_code = start_scan_processes(options)
info(messages("done"))
return exit_code
def logo():
from core.alert import write
write('''
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | |
\____/ \/ \/_/ \_\_____/|_|
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
\n\n''')
def logo():
from core.alert import write
from core import color
write('''
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | {2}Version {0}{3}
\____/ \/ \/_/ \_\_____/|_| {4}{1}{5}
_ _ _ _ _
| \ | | | | | | | |
{6}github.com/viraintel{7} | \| | ___| |_| |_ __ _ ___| | _____ _ __
{8}owasp.org{9} | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
{10}viraintel.com{11} | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
\n\n'''.format(__version__, __code_name__, color.color('red'), color.color('reset'), color.color('yellow'),
color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'),
color.color('reset'), color.color('cyan'), color.color('reset')))
def check_all_required(targets, targets_list, thread_number,
thread_number_host, log_in_file, scan_method,
exclude_method, users, users_list, passwds,
passwds_list, timeout_sec, ports, parser, module_names,
language, verbose_level, show_version, check_update,
socks_proxy, retries, graph_flag, help_menu_flag,
methods_args, method_args_list):
# Checking Requirements
# import libs
from core.color import finish
from core import compatible
# Check Help Menu
if help_menu_flag is True:
parser.print_help()
write('\n\n')
write(messages(language, 3))
finish()
sys.exit(0)
# Check if method args list called
if method_args_list is True:
from core.load_modules import load_all_method_args
load_all_method_args(language)
finish()
sys.exit(0)
# Check version
if show_version is True:
from core import color
info(
messages(language,
84).format(color.color('yellow'), compatible.__version__,
color.color('reset'), color.color('cyan'),
compatible.__code_name__, color.color('reset'),
color.color('green')))
finish()
sys.exit(0)
# Check update
if check_update is True:
from core.update import _update
_update(compatible.__version__, compatible.__code_name__, language)
finish()
sys.exit(0)
# Check the target(s)
if targets is None and targets_list is None:
parser.print_help()
write("\n")
error(messages(language, 26))
finish()
sys.exit(1)
else:
if targets is not None:
targets = list(set(targets.rsplit(",")))
elif targets_list is not None:
try:
targets = list(set(open(targets_list, "rb").read().rsplit()))
except:
error(messages(language, 27).format(targets_list))
finish()
sys.exit(1)
# Check thread number
if thread_number > 100 or thread_number_host > 100:
warn(messages(language, 28))
# Check timeout number
if timeout_sec is not None and timeout_sec >= 15:
warn(messages(language, 29).format(timeout_sec))
# Check scanning method
if scan_method is not None and scan_method == "all":
scan_method = module_names
scan_method.remove("all")
elif scan_method is not None and scan_method not in module_names:
if "," in scan_method:
scan_method = scan_method.rsplit(",")
for sm in scan_method:
if sm not in module_names:
error(messages(language, 30).format(sm))
finish()
sys.exit(1)
if sm == "all":
scan_method = module_names
scan_method.remove("all")
break
else:
error(messages(language, 31).format(scan_method))
finish()
sys.exit(1)
elif scan_method is None:
error(messages(language, 41))
finish()
sys.exit(1)
else:
scan_method = scan_method.rsplit()
if exclude_method is not None:
exclude_method = exclude_method.rsplit(",")
for exm in exclude_method:
if exm in scan_method:
if "all" == exm:
messages(language, 32)
finish()
sys.exit(1)
else:
scan_method.remove(exm)
if len(scan_method) is 0:
messages(language, 33)
finish()
sys.exit(1)
else:
messages(language, 34).format(exm)
finish()
sys.exit(1)
# Check port(s)
if type(ports) is not list and ports is not None and "-" in ports:
ports = ports.rsplit("-")
ports = range(int(ports[0]), int(ports[1]) + 1)
elif type(ports) is not list and ports is not None:
ports = ports.rsplit(",")
# Check user list
if users is not None:
users = list(set(users.rsplit(",")))
elif users_list is not None:
try:
users = list(set(
open(users_list).read().rsplit("\n"))) # fix later
except:
error(messages(language, 37).format(targets_list))
finish()
sys.exit(1)
# Check password list
if passwds is not None:
passwds = list(set(passwds.rsplit(",")))
if passwds_list is not None:
try:
passwds = list(set(
open(passwds_list).read().rsplit("\n"))) # fix later
except:
error(messages(language, 39).format(targets_list))
finish()
sys.exit(1)
# Check output file
try:
tmpfile = open(log_in_file, "w")
except:
error(messages(language, 40).format(log_in_file))
finish()
sys.exit(1)
# Check Graph
if graph_flag is not None:
if graph_flag not in load_all_graphs():
error(messages(language, 97).format(graph_flag))
finish()
sys.exit(1)
if not (log_in_file.endswith('.html') or log_in_file.endswith('.htm')):
warn(messages(language, 87))
graph_flag = None
# Check Socks
if socks_proxy is not None:
e = False
try:
if '://' in socks_proxy:
socks_proxy = socks_proxy.rsplit('://')[1].rsplit('/')[0]
if len(socks_proxy.rsplit(':')) is not 2 or socks_proxy.rsplit(
':')[1] == '':
e = True
except:
e = True
if e:
error(messages(language, 63))
finish()
sys.exit(1)
# Check Methods ARGS
if methods_args is not None:
new_methods_args = {}
methods_args = methods_args.rsplit('&')
for imethod_args in methods_args:
if len(imethod_args.rsplit('=')) is 2:
if imethod_args.rsplit('=')[1].startswith('read_from_file:'):
try:
read_data = list(
set(
open(
imethod_args.rsplit('=read_from_file:')
[1]).read().rsplit('\n')))
except:
error(messages(language, 36))
finish()
sys.exit(1)
new_methods_args[imethod_args.rsplit('=')[0]] = read_data
else:
new_methods_args[imethod_args.rsplit(
'=')[0]] = imethod_args.rsplit('=')[1].rsplit(',')
else:
new_methods_args[imethod_args.rsplit('=')[0]] = ""
methods_args = new_methods_args
# Return the values
return [
targets, targets_list, thread_number, thread_number_host, log_in_file,
scan_method, exclude_method, users, users_list, passwds, passwds_list,
timeout_sec, ports, parser, module_names, language, verbose_level,
show_version, check_update, socks_proxy, retries, graph_flag,
help_menu_flag, methods_args, method_args_list
]
def check_all_required(targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names,
language, verbose_level, show_version, check_update, socks_proxy,
retries, graph_flag, help_menu_flag, methods_args, method_args_list,
wizard_mode, profile):
# Checking Requirements
# import libs
from core import compatible
# Check Help Menu
if help_menu_flag:
parser.print_help()
write('\n\n')
write(messages(language, 3))
__die_success()
# Check if method args list called
if method_args_list:
from core.load_modules import load_all_method_args
load_all_method_args(language)
__die_success()
# Check version
if show_version:
from core import color
info(messages(language, 84).format(color.color('yellow'), compatible.__version__, color.color('reset'),
color.color('cyan'), compatible.__code_name__, color.color('reset'),
color.color('green')))
__die_success()
# Wizard mode
if wizard_mode:
(targets, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users,
passwds, timeout_sec, ports, verbose_level,
socks_proxy, retries, graph_flag) = \
__wizard(
targets, thread_number, thread_number_host,
log_in_file, module_names, exclude_method, users,
passwds, timeout_sec, ports, verbose_level,
socks_proxy, retries, load_all_graphs(), language
)
# Select a Profile
if profile is not None:
_all_profiles = _builder(get_profiles(), all_profiles())
if scan_method is None:
scan_method = ''
else:
scan_method += ','
if profile == 'all':
profile = ','.join(_all_profiles)
tmp_sm = scan_method
for pr in profile.rsplit(','):
try:
for sm in _all_profiles[pr]:
if sm not in tmp_sm.rsplit(','):
tmp_sm += sm + ','
except:
__die_failure(messages(language, 137).format(pr))
if tmp_sm[-1] == ',':
tmp_sm = tmp_sm[0:-1]
scan_method = ','.join(list(set(tmp_sm.rsplit(','))))
# Check Socks
if socks_proxy is not None:
e = False
if socks_proxy.startswith('socks://'):
socks_flag = 5
socks_proxy = socks_proxy.replace('socks://', '')
elif socks_proxy.startswith('socks5://'):
socks_flag = 5
socks_proxy = socks_proxy.replace('socks5://', '')
elif socks_proxy.startswith('socks4://'):
socks_flag = 4
socks_proxy = socks_proxy.replace('socks4://', '')
else:
socks_flag = 5
if '://' in socks_proxy:
socks_proxy = socks_proxy.rsplit('://')[1].rsplit('/')[0]
try:
if len(socks_proxy.rsplit(':')) < 2 or len(socks_proxy.rsplit(':')) > 3:
e = True
elif len(socks_proxy.rsplit(':')) is 2 and socks_proxy.rsplit(':')[1] == '':
e = True
elif len(socks_proxy.rsplit(':')) is 3 and socks_proxy.rsplit(':')[2] == '':
e = True
except:
e = True
if e:
__die_failure(messages(language, 63))
if socks_flag is 4:
socks_proxy = 'socks4://' + socks_proxy
if socks_flag is 5:
socks_proxy = 'socks5://' + socks_proxy
# Check update
if check_update:
from core.update import _update
_update(compatible.__version__, compatible.__code_name__, language, socks_proxy)
__die_success()
# Check the target(s)
if targets is None and targets_list is None:
parser.print_help()
write("\n")
__die_failure(messages(language, 26))
else:
if targets is not None:
targets = list(set(targets.rsplit(",")))
elif targets_list is not None:
try:
targets = list(set(open(targets_list, "rb").read().rsplit()))
except:
__die_failure(messages(language, 27).format(targets_list))
# Check thread number
if thread_number > 100 or thread_number_host > 100:
warn(messages(language, 28))
# Check timeout number
if timeout_sec is not None and timeout_sec >= 15:
warn(messages(language, 29).format(timeout_sec))
# Check scanning method
if scan_method is not None and scan_method == "all":
scan_method = module_names
scan_method.remove("all")
elif scan_method is not None and scan_method not in module_names:
if "*_" in scan_method:
scan_method = scan_method.rsplit(',')
tmp_scan_method = scan_method[:]
for sm in scan_method:
if sm.startswith('*_'):
scan_method.remove(sm)
found_flag = False
for mn in module_names:
if mn.endswith('_' + sm.rsplit('*_')[1]):
scan_method.append(mn)
found_flag = True
if found_flag is False:
__die_failure(messages(language, 117).format(sm))
scan_method = ','.join(scan_method)
if "," in scan_method:
scan_method = scan_method.rsplit(",")
for sm in scan_method:
if sm not in module_names:
__die_failure(messages(language, 30).format(sm))
if sm == "all":
scan_method = module_names
scan_method.remove("all")
break
else:
__die_failure(messages(language, 31).format(scan_method))
elif scan_method is None:
__die_failure(messages(language, 41))
else:
scan_method = scan_method.rsplit()
# Check for exluding scanning method
if exclude_method is not None:
exclude_method = exclude_method.rsplit(",")
for exm in exclude_method:
if exm in scan_method:
if "all" == exm:
__die_failure(messages(language, 32))
else:
scan_method.remove(exm)
if len(scan_method) is 0:
__die_failure(messages(language, 33))
else:
__die_failure(messages(language, 34).format(exm))
# Check port(s)
if type(ports) is not list and ports is not None and "-" in ports:
ports = ports.rsplit("-")
ports = range(int(ports[0]), int(ports[1]) + 1)
elif type(ports) is not list and ports is not None:
ports = ports.rsplit(",")
# Check user list
if users is not None:
users = list(set(users.rsplit(",")))
elif users_list is not None:
try:
users = list(set(open(users_list).read().rsplit("\n"))) # fix later
except:
__die_failure(messages(language, 37).format(targets_list))
# Check password list
if passwds is not None:
passwds = list(set(passwds.rsplit(",")))
if passwds_list is not None:
try:
passwds = list(set(open(passwds_list).read().rsplit("\n"))) # fix later
except:
__die_failure(messages(language, 39).format(targets_list))
# Check output file
try:
tmpfile = open(log_in_file, "w")
except:
__die_failure(messages(language, 40).format(log_in_file))
# Check Graph
if graph_flag is not None:
if graph_flag not in load_all_graphs():
__die_failure(messages(language, 97).format(graph_flag))
if not (log_in_file.endswith('.html') or log_in_file.endswith('.htm')):
warn(messages(language, 87))
graph_flag = None
# Check Methods ARGS
if methods_args is not None:
new_methods_args = {}
methods_args = methods_args.rsplit('&')
for imethod_args in methods_args:
if len(imethod_args.rsplit('=')) is 2:
if imethod_args.rsplit('=')[1].startswith('read_from_file:'):
try:
read_data = list(set(open(imethod_args.rsplit('=read_from_file:')[1]).read().rsplit('\n')))
except:
__die_failure(messages(language, 36))
new_methods_args[imethod_args.rsplit('=')[0]] = read_data
else:
new_methods_args[imethod_args.rsplit('=')[0]] = imethod_args.rsplit('=')[1].rsplit(',')
else:
new_methods_args[imethod_args.rsplit('=')[0]] = ""
methods_args = new_methods_args
# Return the values
return [targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names,
language, verbose_level, show_version, check_update, socks_proxy,
retries, graph_flag, help_menu_flag, methods_args, method_args_list,
wizard_mode, profile]
def sort_logs(log_in_file, language, graph_flag, scan_id, scan_cmd, verbose_level, api_flag, profile, scan_method,
ports):
"""
sort all events, create log file in HTML/TEXT/JSON and remove old logs
Args:
log_in_file: output filename
language: language
graph_flag: graph name
scan_id: scan hash id
scan_cmd: scan cmd
verbose_level: verbose level number
api_flag: API flag
profile: profiles
scan_method: module names
ports: ports
Returns:
True if success otherwise None
"""
_HOST = messages(language, "HOST")
_USERNAME = messages(language, "USERNAME")
_PASSWORD = messages(language, "PASSWORD")
_PORT = messages(language, "PORT")
_TYPE = messages(language, "TYPE")
_DESCRIPTION = messages(language, "DESCRIPTION")
_TIME = messages(language, "TIME")
events_num = 0
report_type = ""
JSON_FROM_DB = __logs_by_scan_id(scan_id, language)
JSON_Data = sorted(JSON_FROM_DB, key=sorted)
if compatible.version() is 2:
import sys
reload(sys)
sys.setdefaultencoding('utf8')
if (len(log_in_file) >= 5 and log_in_file[-5:] == '.html') or (
len(log_in_file) >= 4 and log_in_file[-4:] == '.htm'):
report_type = "HTML"
data = sorted(JSON_FROM_DB, key=lambda x: sorted(x.keys()))
# if user want a graph
_graph = ''
if graph_flag is not None:
_graph = build_graph(graph_flag, language, data, 'HOST', 'USERNAME', 'PASSWORD', 'PORT', 'TYPE',
'DESCRIPTION')
from lib.html_log import _log_data
_css = _log_data.css_1
_table = _log_data.table_title.format(_graph, _css, _HOST, _USERNAME, _PASSWORD, _PORT, _TYPE, _DESCRIPTION,
_TIME)
for value in data:
_table += _log_data.table_items.format(value['HOST'], value['USERNAME'], value['PASSWORD'],
value['PORT'], value['TYPE'], value['DESCRIPTION'], value['TIME'])
events_num += 1
_table += _log_data.table_end + '<p class="footer">' + messages(language, "nettacker_version_details") \
.format(compatible.__version__, compatible.__code_name__, now()) + '</p>'
__log_into_file(log_in_file, 'w' if type(_table) ==
str else 'wb', _table, language, final=True)
elif len(log_in_file) >= 5 and log_in_file[-5:] == '.json':
graph_flag = ""
report_type = "JSON"
data = json.dumps(JSON_Data)
events_num = len(JSON_Data)
__log_into_file(log_in_file, 'w', data, language, final=True)
else:
graph_flag = ""
report_type = "TEXT"
data, events_num = __build_texttable(JSON_FROM_DB, _HOST, _USERNAME, _PASSWORD, _PORT, _TYPE,
_DESCRIPTION, _TIME, language)
__log_into_file(log_in_file, 'wb', data, language, final=True)
data = data if report_type == "TEXT" else __build_texttable(JSON_FROM_DB, _HOST, _USERNAME, _PASSWORD, _PORT, _TYPE,
_DESCRIPTION, _TIME, language)[0]
info(messages(language, "updating_database"))
category = []
for sm in scan_method:
if sm.rsplit("_")[-1] not in category:
category.append(sm.rsplit("_")[-1])
category = ",".join(list(set(category)))
scan_method = ",".join(scan_method)
if ports is None:
ports = "default"
submit_report_to_db(now(), scan_id, log_in_file, events_num, 0 if verbose_level is 0 else 1, api_flag, report_type,
graph_flag, category, profile, scan_method, language, scan_cmd, ports)
info(messages(language, "removing_logs_db"))
hosts = []
for log in JSON_Data:
if log["HOST"] not in hosts:
hosts.append(log["HOST"])
for host in hosts:
for sm in scan_method.rsplit(','):
remove_old_logs(host, sm, scan_id, language)
# info(messages(language,"inserting_logs_db"))
# for log in JSON_Data:
# submit_logs_to_db(language, log)
if events_num:
info(messages(language, "summary_report"))
write(data)
else:
info(messages(language, "no_event_found"))
info(messages(language, "file_saved").format(log_in_file))
return True
def load():
write('\n\n')
# load libs
from core.color import finish
# load all modules in lib/brute, lib/scan, lib/graph
module_names = load_all_modules()
graph_names = load_all_graphs()
# Parse ARGVs
try:
parser, options, startup_update_flag = load_all_args(
module_names, graph_names)
except SystemExit:
finish()
sys.exit(1)
# Filling Options
check_ranges = options.check_ranges
check_subdomains = options.check_subdomains
targets = options.targets
targets_list = options.targets_list
thread_number = options.thread_number
thread_number_host = options.thread_number_host
log_in_file = options.log_in_file
scan_method = options.scan_method
exclude_method = options.exclude_method
users = options.users
users_list = options.users_list
passwds = options.passwds
passwds_list = options.passwds_list
timeout_sec = options.timeout_sec
ports = options.ports
time_sleep = options.time_sleep
language = options.language
verbose_level = options.verbose_level
show_version = options.show_version
check_update = options.check_update
proxies = options.proxies
proxies_file = options.proxies_file
retries = options.retries
graph_flag = options.graph_flag
help_menu_flag = options.help_menu_flag
ping_flag = options.ping_flag
methods_args = options.methods_args
method_args_list = options.method_args_list
# Checking Requirements
(targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag, methods_args, method_args_list) = \
check_all_required(
targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag, methods_args, method_args_list
)
info(messages(language, 0))
# check for update
if startup_update_flag is True:
__version__, __code_name__ = _version_info()
_check(__version__, __code_name__, language)
info(
messages(
language,
96).format(len(load_all_modules()) - 1 + len(load_all_graphs())))
suff = str(datetime.datetime.now()).replace(' ', '_').replace(
':', '-') + '_' + ''.join(
random.choice(string.ascii_uppercase + string.digits)
for _ in range(10))
subs_temp = 'tmp/subs_temp_%s' % (suff)
range_temp = 'tmp/ranges_%s' % (suff)
total_targets = -1
for total_targets, _ in enumerate(
analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, show_version, check_update, proxies,
retries)):
pass
total_targets += 1
total_targets = total_targets * len(scan_method)
targets = analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, show_version, check_update, proxies,
retries)
threads = []
trying = 0
for target in targets:
for sm in scan_method:
trying += 1
t = threading.Thread(
target=start_attack,
args=(str(target).rsplit()[0], trying, total_targets, sm,
users, passwds, timeout_sec, thread_number, ports,
log_in_file, time_sleep, language, verbose_level,
show_version, check_update, proxies, retries, ping_flag,
methods_args))
threads.append(t)
t.start()
while 1:
n = 0
for thread in threads:
if thread.isAlive() is True:
n += 1
else:
threads.remove(thread)
if n >= thread_number_host:
time.sleep(0.01)
else:
break
while 1:
try:
n = True
for thread in threads:
if thread.isAlive() is True:
n = False
time.sleep(0.01)
if n is True:
break
except KeyboardInterrupt:
break
info(messages(language, 42))
os.remove(subs_temp)
os.remove(range_temp)
info(messages(language, 43))
sort_logs(log_in_file, language, graph_flag)
write('\n')
info(messages(language, 44))
write('\n\n')
finish()
def __go_for_attacks(targets,
check_ranges,
check_subdomains,
log_in_file,
time_sleep,
language,
verbose_level,
retries,
socks_proxy,
users,
passwds,
timeout_sec,
thread_number,
ports,
ping_flag,
methods_args,
backup_ports,
scan_method,
thread_number_host,
graph_flag,
profile,
api_flag,
scan_id=None):
"""
preparing for attacks and managing multi-processing for host
Args:
targets: list of calculated targets
check_ranges: check IP range flag
check_subdomains: check subdomain flag
log_in_file: output filename
time_sleep: time sleep seconds
language: language
verbose_level: verbose level number
retries: retries number
socks_proxy: socks proxy address
users: usernames
passwds: passwords
timeout_sec: timeout seconds
thread_number: thread numbers
ports: port numbers
ping_flag: ping before scan flag
methods_args: method args for modules
backup_ports: port numbers (backup)
scan_method: selected module names
thread_number_host: threads for hosts scan
graph_flag: graph name
profile: profile name
api_flag: API flag
Returns:
True when it ends
"""
suff = now(model="%Y_%m_%d_%H_%M_%S") + "".join(
random.choice(string.ascii_lowercase) for x in range(10))
subs_temp = "{}/tmp/subs_temp_".format(load_file_path()) + suff
range_temp = "{}/tmp/ranges_".format(load_file_path()) + suff
total_targets = -1
for total_targets, _ in enumerate(
analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, retries, socks_proxy, True)):
pass
total_targets += 1
total_targets = total_targets * len(scan_method)
try:
os.remove(range_temp)
except:
pass
range_temp = "{}/tmp/ranges_".format(load_file_path()) + suff
targets = analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, retries, socks_proxy, False)
trying = 0
if scan_id is None:
scan_id = "".join(random.choice("0123456789abcdef") for x in range(32))
scan_cmd = messages(language, "through_API") if api_flag else " ".join(
sys.argv)
for target in targets:
for sm in scan_method:
trying += 1
p = multiprocessing.Process(
target=start_attack,
args=(str(target).rsplit()[0], trying, total_targets, sm,
users, passwds, timeout_sec, thread_number, ports,
log_in_file, time_sleep, language, verbose_level,
socks_proxy, retries, ping_flag, methods_args, scan_id,
scan_cmd))
p.name = str(target) + "->" + sm
p.start()
while 1:
n = 0
processes = multiprocessing.active_children()
for process in processes:
if process.is_alive():
n += 1
else:
processes.remove(process)
if n >= thread_number_host:
time.sleep(0.01)
else:
break
_waiting_for = 0
while 1:
try:
exitflag = True
if len(multiprocessing.active_children()) is not 0:
exitflag = False
_waiting_for += 1
if _waiting_for > 3000:
_waiting_for = 0
info(
messages(language, "waiting").format(", ".join(
[p.name for p in multiprocessing.active_children()])))
time.sleep(0.01)
if exitflag:
break
except KeyboardInterrupt:
for process in multiprocessing.active_children():
process.terminate()
break
info(messages(language, "remove_temp"))
os.remove(subs_temp)
os.remove(range_temp)
info(messages(language, "sorting_results"))
sort_logs(log_in_file, language, graph_flag, scan_id, scan_cmd,
verbose_level, 0, profile, scan_method, backup_ports)
write("\n")
info(messages(language, "done"))
write("\n\n")
finish()
return True
def check_all_required(targets, targets_list, thread_number,
thread_number_host, log_in_file, scan_method,
exclude_method, users, users_list, passwds,
passwds_list, timeout_sec, ports, parser, module_names,
language, verbose_level, show_version, check_update,
proxies, retries):
# Checking Requirements
# Check the target(s)
if targets is None and targets_list is None:
parser.print_help()
write("\n")
sys.exit(error(messages(language, 26)))
else:
if targets is not None:
targets = list(set(targets.rsplit(",")))
elif targets_list is not None:
try:
targets = list(set(open(targets_list, "rb").read().rsplit()))
except:
sys.exit(error(messages(language, 27).format(targets_list)))
# Check thread number
if thread_number > 100 or thread_number_host > 100:
warn(messages(language, 28))
# Check timeout number
if timeout_sec is not None and timeout_sec >= 15:
warn(messages(language, 29).format(timeout_sec))
# Check scanning method
if scan_method is not None and scan_method == "all":
scan_method = module_names
scan_method.remove("all")
elif scan_method is not None and scan_method not in module_names:
if "," in scan_method:
scan_method = scan_method.rsplit(",")
for sm in scan_method:
if sm not in module_names:
sys.exit(error(messages(language, 30).format(sm)))
if sm == "all":
scan_method = module_names
scan_method.remove("all")
break
else:
sys.exit(error(messages(language, 31).format(scan_method)))
elif scan_method is None:
sys.exit(error(messages(language, 41)))
else:
scan_method = scan_method.rsplit()
if exclude_method is not None:
exclude_method = exclude_method.rsplit(",")
for exm in exclude_method:
if exm in scan_method:
if "all" == exm:
sys.exit(messages(language, 32))
else:
scan_method.remove(exm)
if len(scan_method) is 0:
sys.exit(messages(language, 33))
else:
sys.exit(messages(language, 34).format(exm))
# Check port(s)
if ports is None:
sys.exit(error(messages(language, 35)))
if type(ports) is not list and "-" in ports:
ports = ports.rsplit("-")
ports = range(int(ports[0]), int(ports[1]) + 1)
elif type(ports) is not list:
ports = ports.rsplit(",")
# Check user list
if users is None and users_list is None and scan_method is not None:
for imethod in scan_method:
if "_brute" in imethod:
sys.exit(error(messages(language, 36)))
else:
if users is not None:
users = list(set(users.rsplit(",")))
if users_list is not None:
try:
users = list(set(
open(users_list).read().rsplit("\n"))) # fix later
except:
sys.exit(error(messages(language, 37).format(targets_list)))
# Check password list
if passwds is None and passwds_list is None and scan_method is not None:
for imethod in scan_method:
if "_brute" in imethod:
sys.exit(error(messages(language, 38)))
else:
if passwds is not None:
passwds = list(set(passwds.rsplit(",")))
if passwds_list is not None:
try:
passwds = list(set(
open(passwds_list).read().rsplit("\n"))) # fix later
except:
sys.exit(error(messages(language, 39).format(targets_list)))
# Check output file
try:
tmpfile = open(log_in_file, "a")
except:
sys.exit(error(messages(language, 40).format(log_in_file)))
# Return the values
return [
targets, targets_list, thread_number, thread_number_host, log_in_file,
scan_method, exclude_method, users, users_list, passwds, passwds_list,
timeout_sec, ports, parser, module_names, language, verbose_level,
show_version, check_update, proxies, retries
]
def load():
write("\n\n")
# load libs
from core.color import finish
# load all modules in lib/brute, lib/scan, lib/graph
module_names = load_all_modules()
graph_names = load_all_graphs()
# Parse ARGVs
try:
parser, options, startup_update_flag = load_all_args(
module_names, graph_names)
except SystemExit:
finish()
sys.exit(1)
# Filling Options
check_ranges = options.check_ranges
check_subdomains = options.check_subdomains
targets = options.targets
targets_list = options.targets_list
thread_number = options.thread_number + 1
thread_number_host = options.thread_number_host
log_in_file = options.log_in_file
scan_method = options.scan_method
exclude_method = options.exclude_method
users = options.users
users_list = options.users_list
passwds = options.passwds
passwds_list = options.passwds_list
timeout_sec = options.timeout_sec
ports = options.ports
time_sleep = options.time_sleep
language = options.language
verbose_level = options.verbose_level
show_version = options.show_version
check_update = options.check_update
socks_proxy = options.socks_proxy
retries = options.retries
graph_flag = options.graph_flag
help_menu_flag = options.help_menu_flag
ping_flag = options.ping_flag
methods_args = options.methods_args
method_args_list = options.method_args_list
wizard_mode = options.wizard_mode
profile = options.profile
start_api = options.start_api
api_host = options.api_host
api_port = options.api_port
api_debug_mode = options.api_debug_mode
api_access_key = options.api_access_key
api_client_white_list = options.api_client_white_list
api_client_white_list_ips = options.api_client_white_list_ips
api_access_log = options.api_access_log
api_access_log_filename = options.api_access_log_filename
# Checking Requirements
(targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
api_client_white_list_ips, api_access_log, api_access_log_filename) = \
check_all_required(
targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
api_client_white_list_ips, api_access_log, api_access_log_filename
)
info(messages(language, 0))
# check for update
if startup_update_flag:
__version__, __code_name__ = _version_info()
_check(__version__, __code_name__, language, socks_proxy)
info(
messages(
language,
96).format(len(load_all_modules()) - 1 + len(load_all_graphs())))
suff = now(model="%Y_%m_%d_%H_%M_%S") + "".join(
random.choice(string.ascii_lowercase) for x in range(10))
subs_temp = "tmp/subs_temp_" + suff
range_temp = "tmp/ranges_" + suff
total_targets = -1
for total_targets, _ in enumerate(
analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, retries, socks_proxy, True)):
pass
total_targets += 1
total_targets = total_targets * len(scan_method)
try:
os.remove(range_temp)
except:
pass
range_temp = "tmp/ranges_" + suff
targets = analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, retries, socks_proxy, False)
trying = 0
scan_id = "".join(random.choice("0123456789abcdef") for x in range(32))
scan_cmd = " ".join(sys.argv)
for target in targets:
for sm in scan_method:
trying += 1
p = multiprocessing.Process(
target=start_attack,
args=(str(target).rsplit()[0], trying, total_targets, sm,
users, passwds, timeout_sec, thread_number, ports,
log_in_file, time_sleep, language, verbose_level,
socks_proxy, retries, ping_flag, methods_args, scan_id,
scan_cmd))
p.name = str(target) + "->" + sm
p.start()
while 1:
n = 0
processes = multiprocessing.active_children()
for process in processes:
if process.is_alive():
n += 1
else:
processes.remove(process)
if n >= thread_number_host:
time.sleep(0.01)
else:
break
_waiting_for = 0
while 1:
try:
exitflag = True
if len(multiprocessing.active_children()) is not 0:
exitflag = False
_waiting_for += 1
if _waiting_for > 3000:
_waiting_for = 0
info(
messages(language, 138).format(", ".join(
[p.name for p in multiprocessing.active_children()])))
time.sleep(0.01)
if exitflag:
break
except KeyboardInterrupt:
for process in multiprocessing.active_children():
process.terminate()
break
info(messages(language, 42))
os.remove(subs_temp)
os.remove(range_temp)
info(messages(language, 43))
sort_logs(log_in_file, language, graph_flag)
write("\n")
info(messages(language, 44))
write("\n\n")
finish()
def load():
write('\n\n')
# load all modules in lib/brute and lib/scan
module_names = load_all_modules()
# Parse ARGVs
parser, (options, args) = load_all_args(module_names)
# Filling Options
check_ranges = options.check_ranges
check_subdomains = options.check_subdomains
targets = options.targets
targets_list = options.targets_list
thread_number = options.thread_number
thread_number_host = options.thread_number_host
log_in_file = options.log_in_file
scan_method = options.scan_method
exclude_method = options.exclude_method
users = options.users
users_list = options.users_list
passwds = options.passwds
passwds_list = options.passwds_list
timeout_sec = options.timeout_sec
ports = options.ports
time_sleep = options.time_sleep
language = options.language
verbose_level = options.verbose_level
show_version = options.show_version
check_update = options.check_update
proxies = options.proxies
proxies_file = options.proxies_file
retries = options.retries
info(messages("en", 0))
# Checking Requirements
(targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, proxies, proxies_file, retries) = \
check_all_required(
targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, proxies, proxies_file, retries
)
suff = str(datetime.datetime.now()).replace(' ', '_').replace(
':', '-') + '_' + ''.join(
random.choice(string.ascii_uppercase + string.digits)
for _ in range(10))
subs_temp = 'tmp/subs_temp_%s' % (suff)
range_temp = 'tmp/ranges_%s' % (suff)
total_targets = -1
for total_targets, _ in enumerate(
analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, show_version, check_update, proxies,
retries)):
pass
total_targets += 1
total_targets = total_targets * len(scan_method)
targets = analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, show_version, check_update, proxies,
retries)
threads = []
trying = 0
for target in targets:
for sm in scan_method:
trying += 1
t = threading.Thread(
target=start_attack,
args=(str(target).rsplit()[0], trying, total_targets, sm,
users, passwds, timeout_sec, thread_number, ports,
log_in_file, time_sleep, language, verbose_level,
show_version, check_update, proxies, retries))
threads.append(t)
t.start()
while 1:
n = 0
for thread in threads:
if thread.isAlive() is True:
n += 1
else:
threads.remove(thread)
if n >= thread_number_host:
time.sleep(0.1)
else:
break
while 1:
n = True
for thread in threads:
if thread.isAlive() is True:
n = False
time.sleep(0.1)
if n is True:
break
info(messages(language, 42))
os.remove(subs_temp)
os.remove(range_temp)
info(messages(language, 43))
sort_logs(log_in_file, language)
write('\n')
info(messages(language, 44))
write('\n\n')
def __scan(config, scan_id, scan_cmd):
# Setting Variables
targets = config["targets"]
check_ranges = config["check_ranges"]
check_subdomains = config["check_subdomains"]
log_in_file = config["log_in_file"]
time_sleep = config["time_sleep"]
language = config["language"]
verbose_level = config["verbose_level"]
retries = config["retries"]
socks_proxy = config["socks_proxy"]
scan_method = config["scan_method"]
users = config["users"]
passwds = config["passwds"]
timeout_sec = config["timeout_sec"]
thread_number = config["thread_number"]
ports = config["ports"]
ping_flag = config["ping_flag"]
methods_args = config["methods_args"]
thread_number_host = config["thread_number_host"]
graph_flag = config["graph_flag"]
suff = now(model="%Y_%m_%d_%H_%M_%S") + "".join(
random.choice(string.ascii_lowercase) for x in range(10))
subs_temp = "tmp/subs_temp_" + suff
range_temp = "tmp/ranges_" + suff
total_targets = -1
for total_targets, _ in enumerate(
analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, retries, socks_proxy, True)):
pass
total_targets += 1
total_targets = total_targets * len(scan_method)
try:
os.remove(range_temp)
except:
pass
range_temp = "tmp/ranges_" + suff
targets = analysis(targets, check_ranges, check_subdomains, subs_temp,
range_temp, log_in_file, time_sleep, language,
verbose_level, retries, socks_proxy, False)
trying = 0
for target in targets:
for sm in scan_method:
trying += 1
p = multiprocessing.Process(
target=start_attack,
args=(str(target).rsplit()[0], trying, total_targets, sm,
users, passwds, timeout_sec, thread_number, ports,
log_in_file, time_sleep, language, verbose_level,
socks_proxy, retries, ping_flag, methods_args, scan_id,
scan_cmd))
p.name = str(target) + "->" + sm
p.start()
while 1:
n = 0
processes = multiprocessing.active_children()
for process in processes:
if process.is_alive():
n += 1
else:
processes.remove(process)
if n >= thread_number_host:
time.sleep(0.01)
else:
break
_waiting_for = 0
while 1:
try:
exitflag = True
if len(multiprocessing.active_children()) is not 0:
exitflag = False
_waiting_for += 1
if _waiting_for > 3000:
_waiting_for = 0
info(
messages(language, 138).format(", ".join(
[p.name for p in multiprocessing.active_children()])))
time.sleep(0.01)
if exitflag:
break
except KeyboardInterrupt:
for process in multiprocessing.active_children():
process.terminate()
break
info(messages(language, 42))
os.remove(subs_temp)
os.remove(range_temp)
info(messages(language, 43))
sort_logs(log_in_file, language, graph_flag)
write("\n")
info(messages(language, 44))
write("\n\n")
finish()
return True
def check_all_required(parser, api_forms=None):
"""
check all rules and requirements for ARGS
Args:
parser: parser from argparse
api_forms: values from API
Returns:
all ARGS with applied rules
"""
# Checking Requirements
options = parser.parse_args() if not api_forms else api_forms
modules_list = load_all_modules(full_details=True)
profiles_list = load_all_profiles()
# Check Help Menu
if options.show_help_menu:
parser.print_help()
write("\n\n")
write(messages("license"))
die_success()
# Check version
if options.show_version:
info(
messages("current_version").format(
color("yellow"),
version_info()[0],
color("reset"),
color("cyan"),
version_info()[1],
color("reset"),
color("green"),
)
)
die_success()
if options.show_all_modules:
messages("loading_modules")
for module in modules_list:
info(
messages("module_profile_full_information").format(
module,
", ".join(
[
"{key}: {value}".format(
key=key, value=modules_list[module][key]
) for key in modules_list[module]
]
)
)
)
die_success()
if options.show_all_profiles:
messages("loading_profiles")
for profile in profiles_list:
info(
messages("module_profile_full_information").format(
profile,
", ".join(profiles_list[profile])
)
)
die_success()
# API mode
if options.start_api_server:
if '--start-api' in sys.argv and api_forms:
die_failure(messages("cannot_run_api_server"))
from api.engine import start_api_server
if options.api_client_whitelisted_ips:
if type(options.api_client_whitelisted_ips) == str:
options.api_client_whitelisted_ips = options.api_client_whitelisted_ips.split(',')
whielisted_ips = []
for ip in options.api_client_whitelisted_ips:
from core.ip import (is_single_ipv4,
is_single_ipv6,
is_ipv4_cidr,
is_ipv6_range,
is_ipv6_cidr,
is_ipv4_range,
generate_ip_range)
if is_single_ipv4(ip) or is_single_ipv6(ip):
whielisted_ips.append(ip)
elif is_ipv4_range(ip) or is_ipv6_range(ip) or is_ipv4_cidr(ip) or is_ipv6_cidr(ip):
whielisted_ips += generate_ip_range(ip)
options.api_client_whitelisted_ips = whielisted_ips
start_api_server(options)
# Check the target(s)
if not (options.targets or options.targets_list) or (options.targets and options.targets_list):
parser.print_help()
write("\n")
die_failure(messages("error_target"))
if options.targets:
options.targets = list(set(options.targets.split(",")))
if options.targets_list:
try:
options.targets = list(set(open(options.targets_list, "rb").read().decode().split()))
except Exception:
die_failure(
messages("error_target_file").format(
options.targets_list
)
)
# check for modules
if not (options.selected_modules or options.profiles):
die_failure(messages("scan_method_select"))
if options.selected_modules:
if options.selected_modules == 'all':
options.selected_modules = modules_list
del options.selected_modules['all']
else:
options.selected_modules = list(set(options.selected_modules.split(',')))
for module_name in options.selected_modules:
if module_name not in modules_list:
die_failure(
messages("scan_module_not_found").format(
module_name
)
)
if options.profiles:
if not options.selected_modules:
options.selected_modules = []
if options.profiles == 'all':
options.selected_modules = modules_list
del options.selected_modules['all']
else:
options.profiles = list(set(options.profiles.split(',')))
for profile in options.profiles:
if profile not in profiles_list:
die_failure(
messages("profile_404").format(
profile
)
)
for module_name in profiles_list[profile]:
if module_name not in options.selected_modules:
options.selected_modules.append(module_name)
# threading & processing
if options.set_hardware_usage not in ['low', 'normal', 'high', 'maximum']:
die_failure(
messages("wrong_hardware_usage")
)
options.set_hardware_usage = select_maximum_cpu_core(options.set_hardware_usage)
options.thread_per_host = int(options.thread_per_host)
if not options.thread_per_host >= 1:
options.thread_per_host = 1
options.parallel_module_scan = int(options.parallel_module_scan)
if not options.parallel_module_scan >= 1:
options.parallel_module_scan = 1
# Check for excluding modules
if options.excluded_modules:
options.excluded_modules = options.excluded_modules.split(",")
if 'all' in options.excluded_modules:
die_failure(messages("error_exclude_all"))
for excluded_module in options.excluded_modules:
if excluded_module in options.selected_modules:
del options.selected_modules[excluded_module]
# Check port(s)
if options.ports:
tmp_ports = []
for port in options.ports.split(","):
try:
if "-" in port:
for port_number in range(int(port.split('-')[0]), int(port.split('-')[1]) + 1):
if port_number not in tmp_ports:
tmp_ports.append(port_number)
else:
if int(port) not in tmp_ports:
tmp_ports.append(int(port))
except Exception:
die_failure(messages("ports_int"))
options.ports = tmp_ports
if options.user_agent == 'random_user_agent':
options.user_agents = open(
nettacker_global_config()['nettacker_paths']['web_browser_user_agents']
).read().split('\n')
# Check user list
if options.usernames:
options.usernames = list(set(options.usernames.split(",")))
elif options.usernames_list:
try:
options.usernames = list(set(open(options.usernames_list).read().split("\n")))
except Exception:
die_failure(
messages("error_username").format(options.usernames_list)
)
# Check password list
if options.passwords:
options.passwords = list(set(options.passwords.split(",")))
elif options.passwords_list:
try:
options.passwords = list(set(open(options.passwords_list).read().split("\n")))
except Exception:
die_failure(
messages("error_passwords").format(options.passwords_list)
)
# Check output file
try:
temp_file = open(options.report_path_filename, "w")
temp_file.close()
except Exception:
die_failure(
messages("file_write_error").format(options.report_path_filename)
)
# Check Graph
if options.graph_name:
if options.graph_name not in load_all_graphs():
die_failure(
messages("graph_module_404").format(options.graph_name)
)
if not (options.report_path_filename.endswith(".html") or options.report_path_filename.endswith(".htm")):
warn(messages("graph_output"))
options.graph_name = None
# check modules extra args
if options.modules_extra_args:
all_args = {}
for args in options.modules_extra_args.split("&"):
all_args[args.split('=')[0]] = args.split('=')[1]
options.modules_extra_args = all_args
options.timeout = float(options.timeout)
options.time_sleep_between_requests = float(options.time_sleep_between_requests)
options.retries = int(options.retries)
return options
def check_all_required(
targets, targets_list, thread_number, thread_number_host, log_in_file,
scan_method, exclude_method, users, users_list, passwds, passwds_list,
timeout_sec, ports, parser, module_names, language, verbose_level,
show_version, check_update, socks_proxy, retries, graph_flag,
help_menu_flag, methods_args, method_args_list, wizard_mode, profile,
start_api, api_host, api_port, api_debug_mode, api_access_key,
api_client_white_list, api_client_white_list_ips, api_access_log,
api_access_log_filename):
# Checking Requirements
# import libs
from core import compatible
# Check Help Menu
if help_menu_flag:
parser.print_help()
write("\n\n")
write(messages(language, 3))
__die_success()
# Check if method args list called
if method_args_list:
from core.load_modules import load_all_method_args
load_all_method_args(language)
__die_success()
# Check version
if show_version:
from core import color
info(
messages(language,
84).format(color.color("yellow"), compatible.__version__,
color.color("reset"), color.color("cyan"),
compatible.__code_name__, color.color("reset"),
color.color("green")))
__die_success()
# API mode
if start_api:
from api.engine import _start_api
from core.targets import target_type
from core.ip import _generate_IPRange
try:
api_port = int(api_port)
except:
__die_failure(messages(language, 154))
if api_client_white_list:
if type(api_client_white_list_ips) != type([]):
api_client_white_list_ips = list(
set(api_client_white_list_ips.rsplit(",")))
hosts = []
for data in api_client_white_list_ips:
if target_type(data) == "SINGLE_IPv4":
if data not in hosts:
hosts.append(data)
elif target_type(data) == "RANGE_IPv4":
for cidr in _generate_IPRange(data):
for ip in cidr:
if ip not in hosts:
hosts.append(ip)
elif target_type(data) == "CIDR_IPv4":
for ip in _generate_IPRange(data):
if ip not in hosts:
hosts.append(str(ip))
else:
__die_failure(messages(language, 155))
api_client_white_list_ips = hosts[:]
if api_access_log:
try:
f = open(api_access_log_filename, 'a')
except:
__die_failure(
messages(language, 40).format(api_access_log_filename))
_start_api(api_host, api_port, api_debug_mode, api_access_key,
api_client_white_list, api_client_white_list_ips,
api_access_log, api_access_log_filename, language)
# Wizard mode
if wizard_mode:
(targets, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users,
passwds, timeout_sec, ports, verbose_level,
socks_proxy, retries, graph_flag) = \
__wizard(
targets, thread_number, thread_number_host,
log_in_file, module_names, exclude_method, users,
passwds, timeout_sec, ports, verbose_level,
socks_proxy, retries, load_all_graphs(), language
)
# Select a Profile
if profile is not None:
_all_profiles = _builder(_profiles(), default_profiles())
if scan_method is None:
scan_method = ""
else:
scan_method += ","
if profile == "all":
profile = ",".join(_all_profiles)
tmp_sm = scan_method
for pr in profile.rsplit(","):
try:
for sm in _all_profiles[pr]:
if sm not in tmp_sm.rsplit(","):
tmp_sm += sm + ","
except:
__die_failure(messages(language, 137).format(pr))
if tmp_sm[-1] == ",":
tmp_sm = tmp_sm[0:-1]
scan_method = ",".join(list(set(tmp_sm.rsplit(","))))
# Check Socks
if socks_proxy is not None:
e = False
if socks_proxy.startswith("socks://"):
socks_flag = 5
socks_proxy = socks_proxy.replace("socks://", "")
elif socks_proxy.startswith("socks5://"):
socks_flag = 5
socks_proxy = socks_proxy.replace("socks5://", "")
elif socks_proxy.startswith("socks4://"):
socks_flag = 4
socks_proxy = socks_proxy.replace("socks4://", "")
else:
socks_flag = 5
if "://" in socks_proxy:
socks_proxy = socks_proxy.rsplit("://")[1].rsplit("/")[0]
try:
if len(socks_proxy.rsplit(":")) < 2 or len(
socks_proxy.rsplit(":")) > 3:
e = True
elif len(socks_proxy.rsplit(":")) is 2 and socks_proxy.rsplit(
":")[1] == "":
e = True
elif len(socks_proxy.rsplit(":")) is 3 and socks_proxy.rsplit(
":")[2] == "":
e = True
except:
e = True
if e:
__die_failure(messages(language, 63))
if socks_flag is 4:
socks_proxy = "socks4://" + socks_proxy
if socks_flag is 5:
socks_proxy = "socks5://" + socks_proxy
# Check update
if check_update:
from core.update import _update
_update(compatible.__version__, compatible.__code_name__, language,
socks_proxy)
__die_success()
# Check the target(s)
if targets is None and targets_list is None:
parser.print_help()
write("\n")
__die_failure(messages(language, 26))
else:
if targets is not None:
targets = list(set(targets.rsplit(",")))
elif targets_list is not None:
try:
targets = list(set(open(targets_list, "rb").read().rsplit()))
except:
__die_failure(messages(language, 27).format(targets_list))
# Check thread number
if thread_number > 101 or thread_number_host > 101:
warn(messages(language, 28))
# Check timeout number
if timeout_sec is not None and timeout_sec >= 15:
warn(messages(language, 29).format(timeout_sec))
# Check scanning method
if scan_method is not None and scan_method == "all":
scan_method = module_names
scan_method.remove("all")
elif scan_method is not None and scan_method not in module_names:
if "*_" in scan_method:
scan_method = scan_method.rsplit(",")
tmp_scan_method = scan_method[:]
for sm in scan_method:
if sm.startswith("*_"):
scan_method.remove(sm)
found_flag = False
for mn in module_names:
if mn.endswith("_" + sm.rsplit("*_")[1]):
scan_method.append(mn)
found_flag = True
if found_flag is False:
__die_failure(messages(language, 117).format(sm))
scan_method = ",".join(scan_method)
if "," in scan_method:
scan_method = scan_method.rsplit(",")
for sm in scan_method:
if sm not in module_names:
__die_failure(messages(language, 30).format(sm))
if sm == "all":
scan_method = module_names
scan_method.remove("all")
break
else:
__die_failure(messages(language, 31).format(scan_method))
elif scan_method is None:
__die_failure(messages(language, 41))
else:
scan_method = scan_method.rsplit()
# Check for exluding scanning method
if exclude_method is not None:
exclude_method = exclude_method.rsplit(",")
for exm in exclude_method:
if exm in scan_method:
if "all" == exm:
__die_failure(messages(language, 32))
else:
scan_method.remove(exm)
if len(scan_method) is 0:
__die_failure(messages(language, 33))
else:
__die_failure(messages(language, 34).format(exm))
# Check port(s)
if type(ports) is not list and ports is not None and "-" in ports:
ports = ports.rsplit("-")
ports = range(int(ports[0]), int(ports[1]) + 1)
elif type(ports) is not list and ports is not None:
ports = ports.rsplit(",")
# Check user list
if users is not None:
users = list(set(users.rsplit(",")))
elif users_list is not None:
try:
users = list(set(
open(users_list).read().rsplit("\n"))) # fix later
except:
__die_failure(messages(language, 37).format(targets_list))
# Check password list
if passwds is not None:
passwds = list(set(passwds.rsplit(",")))
if passwds_list is not None:
try:
passwds = list(set(
open(passwds_list).read().rsplit("\n"))) # fix later
except:
__die_failure(messages(language, 39).format(targets_list))
# Check output file
try:
tmpfile = open(log_in_file, "w")
except:
__die_failure(messages(language, 40).format(log_in_file))
# Check Graph
if graph_flag is not None:
if graph_flag not in load_all_graphs():
__die_failure(messages(language, 97).format(graph_flag))
if not (log_in_file.endswith(".html") or log_in_file.endswith(".htm")):
warn(messages(language, 87))
graph_flag = None
# Check Methods ARGS
if methods_args is not None:
new_methods_args = {}
methods_args = methods_args.rsplit("&")
for imethod_args in methods_args:
if len(imethod_args.rsplit("=")) is 2:
if imethod_args.rsplit("=")[1].startswith("read_from_file:"):
try:
read_data = list(
set(
open(
imethod_args.rsplit("=read_from_file:")
[1]).read().rsplit("\n")))
except:
__die_failure(messages(language, 36))
new_methods_args[imethod_args.rsplit("=")[0]] = read_data
else:
new_methods_args[imethod_args.rsplit(
"=")[0]] = imethod_args.rsplit("=")[1].rsplit(",")
else:
new_methods_args[imethod_args.rsplit("=")[0]] = ""
methods_args = new_methods_args
# Return the values
return [
targets, targets_list, thread_number, thread_number_host, log_in_file,
scan_method, exclude_method, users, users_list, passwds, passwds_list,
timeout_sec, ports, parser, module_names, language, verbose_level,
show_version, check_update, socks_proxy, retries, graph_flag,
help_menu_flag, methods_args, method_args_list, wizard_mode, profile,
start_api, api_host, api_port, api_debug_mode, api_access_key,
api_client_white_list, api_client_white_list_ips, api_access_log,
api_access_log_filename
]
def load():
"""
load all ARGS, Apply rules and go for attacks
Returns:
True if success otherwise None
"""
write("\n\n")
# load all modules in lib/brute, lib/scan, lib/graph
module_names = load_all_modules()
graph_names = load_all_graphs()
# Parse ARGVs
try:
parser, options, startup_update_flag = load_all_args(module_names, graph_names)
except SystemExit:
finish()
sys.exit(1)
# Filling Options
check_ranges = options.check_ranges
check_subdomains = options.check_subdomains
targets = options.targets
targets_list = options.targets_list
thread_number = options.thread_number + 1
thread_number_host = options.thread_number_host
log_in_file = options.log_in_file
scan_method = options.scan_method
exclude_method = options.exclude_method
users = options.users
users_list = options.users_list
passwds = options.passwds
passwds_list = options.passwds_list
timeout_sec = options.timeout_sec
ports = options.ports
time_sleep = options.time_sleep
language = options.language
verbose_level = options.verbose_level
show_version = options.show_version
check_update = options.check_update
socks_proxy = options.socks_proxy
retries = options.retries
graph_flag = options.graph_flag
help_menu_flag = options.help_menu_flag
ping_flag = options.ping_flag
methods_args = options.methods_args
method_args_list = options.method_args_list
wizard_mode = options.wizard_mode
profile = options.profile
start_api = options.start_api
api_host = options.api_host
api_port = options.api_port
api_debug_mode = options.api_debug_mode
api_access_key = options.api_access_key
api_client_white_list = options.api_client_white_list
api_client_white_list_ips = options.api_client_white_list_ips
api_access_log = options.api_access_log
api_access_log_filename = options.api_access_log_filename
backup_ports = ports
# Checking Requirements
(targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
api_client_white_list_ips, api_access_log, api_access_log_filename) = \
check_all_required(
targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
api_client_white_list_ips, api_access_log, api_access_log_filename
)
info(messages(language, 0))
# check for update
if startup_update_flag:
__version__, __code_name__ = _version_info()
_check(__version__, __code_name__, language, socks_proxy)
info(messages(language, 96).format(len(load_all_modules()) - 1 + len(load_all_graphs())))
__go_for_attacks(targets, check_ranges, check_subdomains, log_in_file, time_sleep, language, verbose_level, retries,
socks_proxy, users, passwds, timeout_sec, thread_number, ports, ping_flag, methods_args,
backup_ports, scan_method, thread_number_host, graph_flag, profile, False)
return True
def check_all_required(targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level,
show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args,
method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode,
api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log,
api_access_log_filename, api_cert, api_cert_key):
"""
check all rules and requirements for ARGS
Args:
targets: targets from CLI
targets_list: targets_list from CLI
thread_number: thread numbers from CLI
thread_number_host: thread number for hosts from CLI
log_in_file: output file from CLI
scan_method: modules from CLI
exclude_method: exclude modules from CLI
users: usernames from CLI
users_list: username file from CLI
passwds: passwords from CLI
passwds_list: passwords file from CLI
timeout_sec: timeout seconds from CLI
ports: ports from CLI
parser: parser (argparse)
module_names: all module names
language: language from CLI
verbose_level: verbose level from CLI
show_version: show version flag from CLI
check_update: check for update flag from CLI
socks_proxy: socks proxy from CLI
retries: retries from from CLI
graph_flag: graph name from CLI
help_menu_flag: help menu flag from CLI
methods_args: modules ARGS flag from CLI
method_args_list: modules ARGS from CLI
wizard_mode: wizard mode flag from CLI
profile: profiles from CLI
start_api: start API flag from CLI
api_host: API host from CLI
api_port: API port from CLI
api_debug_mode: API debug mode flag from CLI
api_access_key: API access key from CLI
api_client_white_list: API client white list flag from CLI
api_client_white_list_ips: API client white list IPs from CLI
api_access_log: API access log log flag from CLI
api_access_log_filename: API access log filename from CLI
Returns:
all ARGS with applied rules
"""
# Checking Requirements
# import libs
from core import compatible
# Check Help Menu
if help_menu_flag:
parser.print_help()
write("\n\n")
write(messages(language, "license"))
__die_success()
# Check if method args list called
if method_args_list:
from core.load_modules import load_all_method_args
load_all_method_args(language)
__die_success()
# Check version
if show_version:
from core import color
info(
messages(language, "current_version").format(
color.color("yellow"),
compatible.__version__,
color.color("reset"),
color.color("cyan"),
compatible.__code_name__,
color.color("reset"),
color.color("green"),
)
)
__die_success()
# API mode
if start_api:
from api.engine import _start_api
from core.targets import target_type
from core.ip import _generate_IPRange
try:
api_port = int(api_port)
except Exception:
__die_failure(messages(language, "API_port_int"))
if api_client_white_list:
if type(api_client_white_list_ips) != type([]):
api_client_white_list_ips = list(
set(api_client_white_list_ips.rsplit(","))
)
hosts = []
for data in api_client_white_list_ips:
if target_type(data) == "SINGLE_IPv4":
if data not in hosts:
hosts.append(data)
elif target_type(data) == "RANGE_IPv4":
for cidr in _generate_IPRange(data):
for ip in cidr:
if ip not in hosts:
hosts.append(ip)
elif target_type(data) == "CIDR_IPv4":
for ip in _generate_IPRange(data):
if ip not in hosts:
hosts.append(str(ip))
else:
__die_failure(messages(language, "unknown_ip_input"))
api_client_white_list_ips = hosts[:]
if api_access_log:
try:
open(api_access_log_filename, "a")
except Exception:
write_to_api_console(
" * "
+ messages(language, "file_write_error").format(
api_access_log_filename
)
+ "\n"
)
__die_failure("")
_start_api(api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
api_client_white_list_ips, api_access_log, api_access_log_filename, api_cert, api_cert_key, language)
# Wizard mode
if wizard_mode:
(
targets,
thread_number,
thread_number_host,
log_in_file,
scan_method,
exclude_method,
users,
passwds,
timeout_sec,
ports,
verbose_level,
socks_proxy,
retries,
graph_flag,
) = __wizard(
targets,
thread_number,
thread_number_host,
log_in_file,
module_names,
exclude_method,
users,
passwds,
timeout_sec,
ports,
verbose_level,
socks_proxy,
retries,
load_all_graphs(),
language,
)
# Check the target(s)
if targets is None and targets_list is None:
parser.print_help()
write("\n")
__die_failure(messages(language, "error_target"))
# Select a Profile
if scan_method is None and profile is None:
__die_failure(messages(language, "scan_method_select"))
if profile is not None:
if scan_method is None:
scan_method = ""
else:
scan_method += ","
_all_profiles = _builder(_profiles(), default_profiles())
if "all" in profile.rsplit(","):
profile = ",".join(_all_profiles)
tmp_sm = scan_method
for pr in profile.rsplit(","):
try:
for sm in _all_profiles[pr]:
if sm not in tmp_sm.rsplit(","):
tmp_sm += sm + ","
except Exception:
__die_failure(messages(language, "profile_404").format(pr))
if tmp_sm[-1] == ",":
tmp_sm = tmp_sm[0:-1]
scan_method = ",".join(list(set(tmp_sm.rsplit(","))))
# Check Socks
if socks_proxy is not None:
e = False
if socks_proxy.startswith("socks://"):
socks_flag = 5
socks_proxy = socks_proxy.replace("socks://", "")
elif socks_proxy.startswith("socks5://"):
socks_flag = 5
socks_proxy = socks_proxy.replace("socks5://", "")
elif socks_proxy.startswith("socks4://"):
socks_flag = 4
socks_proxy = socks_proxy.replace("socks4://", "")
else:
socks_flag = 5
if "://" in socks_proxy:
socks_proxy = socks_proxy.rsplit("://")[1].rsplit("/")[0]
try:
if (
len(socks_proxy.rsplit(":")) < 2
or len(socks_proxy.rsplit(":")) > 3
):
e = True
elif (
len(socks_proxy.rsplit(":")) == 2
and socks_proxy.rsplit(":")[1] == ""
):
e = True
elif (
len(socks_proxy.rsplit(":")) == 3
and socks_proxy.rsplit(":")[2] == ""
):
e = True
except Exception:
e = True
if e:
__die_failure(messages(language, "valid_socks_address"))
if socks_flag == 4:
socks_proxy = "socks4://" + socks_proxy
if socks_flag == 5:
socks_proxy = "socks5://" + socks_proxy
# Check update
if check_update and _update_check(language):
from core.update import _update
_update(
compatible.__version__,
compatible.__code_name__,
language,
socks_proxy,
)
__die_success()
else:
if targets is not None:
targets = list(set(targets.rsplit(",")))
elif targets_list is not None:
try:
targets = list(set(open(targets_list, "rb").read().rsplit()))
except Exception:
__die_failure(
messages(language, "error_target_file").format(
targets_list
)
)
# Check thread number
if thread_number > 101 or thread_number_host > 101:
warn(messages(language, "thread_number_warning"))
# Check timeout number
if timeout_sec is not None and timeout_sec >= 15:
warn(messages(language, "set_timeout").format(timeout_sec))
# Check scanning method
if scan_method is not None and "all" in scan_method.rsplit(","):
scan_method = module_names
scan_method.remove("all")
elif (
scan_method is not None
and len(scan_method.rsplit(",")) == 1
and "*_" not in scan_method
):
if scan_method in module_names:
scan_method = scan_method.rsplit()
else:
__die_failure(
messages(language, "scan_module_not_found").format(scan_method)
)
else:
if scan_method is not None:
if scan_method not in module_names:
if "*_" in scan_method or "," in scan_method:
scan_method = scan_method.rsplit(",")
scan_method_tmp = scan_method[:]
for sm in scan_method_tmp:
scan_method_error = True
if sm.startswith("*_"):
scan_method.remove(sm)
found_flag = False
for mn in module_names:
if mn.endswith("_" + sm.rsplit("*_")[1]):
scan_method.append(mn)
scan_method_error = False
found_flag = True
if found_flag is False:
__die_failure(
messages(
language, "module_pattern_404"
).format(sm)
)
elif sm == "all":
scan_method = module_names
scan_method_error = False
scan_method.remove("all")
break
elif sm in module_names:
scan_method_error = False
elif sm not in module_names:
__die_failure(
messages(
language, "scan_module_not_found"
).format(sm)
)
else:
scan_method_error = True
if scan_method_error:
__die_failure(
messages(language, "scan_module_not_found").format(
scan_method
)
)
else:
__die_failure(messages(language, "scan_method_select"))
scan_method = list(set(scan_method))
# Check for exluding scanning method
if exclude_method is not None:
exclude_method = exclude_method.rsplit(",")
for exm in exclude_method:
if exm in scan_method:
if "all" == exm:
__die_failure(messages(language, "error_exclude_all"))
else:
scan_method.remove(exm)
if len(scan_method) == 0:
__die_failure(messages(language, "error_exclude_all"))
else:
__die_failure(
messages(language, "exclude_module_error").format(exm)
)
# Check port(s)
if type(ports) is not list and ports is not None:
tmp_ports = []
for port in ports.rsplit(","):
try:
if "-" not in port:
if int(port) not in tmp_ports:
tmp_ports.append(int(port))
else:
t_ports = range(
int(port.rsplit("-")[0]), int(port.rsplit("-")[1]) + 1
)
for p in t_ports:
if p not in tmp_ports:
tmp_ports.append(p)
except Exception:
__die_failure(messages(language, "ports_int"))
if len(tmp_ports) == 0:
ports = None
else:
ports = tmp_ports[:]
# Check user list
if users is not None:
users = list(set(users.rsplit(",")))
elif users_list is not None:
try:
# fix later
users = list(set(open(users_list).read().rsplit("\n")))
except Exception:
__die_failure(
messages(language, "error_username").format(targets_list)
)
# Check password list
if passwds is not None:
passwds = list(set(passwds.rsplit(",")))
if passwds_list is not None:
try:
passwds = list(
set(open(passwds_list).read().rsplit("\n"))
) # fix later
except Exception:
__die_failure(
messages(language, "error_password_file").format(targets_list)
)
# Check output file
try:
open(log_in_file, "w")
except Exception:
__die_failure(
messages(language, "file_write_error").format(log_in_file)
)
# Check Graph
if graph_flag is not None:
if graph_flag not in load_all_graphs():
__die_failure(
messages(language, "graph_module_404").format(graph_flag)
)
if not (log_in_file.endswith(".html") or log_in_file.endswith(".htm")):
warn(messages(language, "graph_output"))
graph_flag = None
# Check Methods ARGS
if methods_args is not None:
new_methods_args = {}
methods_args = methods_args.rsplit("&")
for imethod_args in methods_args:
if len(imethod_args.rsplit("=")) == 2:
if imethod_args.rsplit("=")[1].startswith("read_from_file:"):
try:
read_data = list(
set(
open(
imethod_args.rsplit("=read_from_file:")[1]
)
.read()
.rsplit("\n")
)
)
except Exception:
__die_failure(messages(language, "error_reading_file"))
new_methods_args[imethod_args.rsplit("=")[0]] = read_data
else:
new_methods_args[
imethod_args.rsplit("=")[0]
] = imethod_args.rsplit("=")[1].rsplit(",")
else:
new_methods_args[imethod_args] = ["True"]
methods_args = new_methods_args
# Return the values
return [targets, targets_list, thread_number, thread_number_host,
log_in_file, scan_method, exclude_method, users, users_list,
passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level,
show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args,
method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode,
api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log,
api_access_log_filename, api_cert, api_cert_key]
def test_write_content(self):
msg_content = "Hello"
print("this test will spit the message_content in simple format")
write(msg_content)
def check_all_required(targets, targets_list, thread_number,
thread_number_host, log_in_file, scan_method,
exclude_method, users, users_list, passwds,
passwds_list, timeout_sec, ports, parser, module_names,
language, verbose_level, show_version, check_update,
proxies, proxies_file, retries, graph_flag,
help_menu_flag):
# Checking Requirements
# Check Help Menu
if help_menu_flag is True:
parser.print_help()
from core.color import finish
finish()
sys.exit(0)
# Check version
if show_version is True:
from core import compatible
from core import color
info(
messages(language,
84).format(color.color('yellow'), compatible.__version__,
color.color('reset'), color.color('cyan'),
compatible.__code_name__, color.color('reset'),
color.color('green')))
from core.color import finish
finish()
sys.exit(0)
# Check update
if check_update is True:
info(messages(language, 85))
from core.color import finish
finish()
sys.exit(0)
# Check the target(s)
if targets is None and targets_list is None:
parser.print_help()
write("\n")
error(messages(language, 26))
from core.color import finish
finish()
sys.exit(1)
else:
if targets is not None:
targets = list(set(targets.rsplit(",")))
elif targets_list is not None:
try:
targets = list(set(open(targets_list, "rb").read().rsplit()))
except:
error(messages(language, 27).format(targets_list))
from core.color import finish
finish()
sys.exit(1)
# Check thread number
if thread_number > 100 or thread_number_host > 100:
warn(messages(language, 28))
# Check timeout number
if timeout_sec is not None and timeout_sec >= 15:
warn(messages(language, 29).format(timeout_sec))
# Check scanning method
if scan_method is not None and scan_method == "all":
scan_method = module_names
scan_method.remove("all")
elif scan_method is not None and scan_method not in module_names:
if "," in scan_method:
scan_method = scan_method.rsplit(",")
for sm in scan_method:
if sm not in module_names:
error(messages(language, 30).format(sm))
from core.color import finish
finish()
sys.exit(1)
if sm == "all":
scan_method = module_names
scan_method.remove("all")
break
else:
error(messages(language, 31).format(scan_method))
from core.color import finish
finish()
sys.exit(1)
elif scan_method is None:
error(messages(language, 41))
from core.color import finish
finish()
sys.exit(1)
else:
scan_method = scan_method.rsplit()
if exclude_method is not None:
exclude_method = exclude_method.rsplit(",")
for exm in exclude_method:
if exm in scan_method:
if "all" == exm:
messages(language, 32)
from core.color import finish
finish()
sys.exit(1)
else:
scan_method.remove(exm)
if len(scan_method) is 0:
messages(language, 33)
from core.color import finish
finish()
sys.exit(1)
else:
messages(language, 34).format(exm)
from core.color import finish
finish()
sys.exit(1)
# Check port(s)
if ports is None:
error(messages(language, 35))
from core.color import finish
finish()
sys.exit(1)
if type(ports) is not list and "-" in ports:
ports = ports.rsplit("-")
ports = range(int(ports[0]), int(ports[1]) + 1)
elif type(ports) is not list:
ports = ports.rsplit(",")
# Check user list
if users is None and users_list is None and scan_method is not None:
for imethod in scan_method:
if "_brute" in imethod:
error(messages(language, 36))
from core.color import finish
finish()
sys.exit(1)
else:
if users is not None:
users = list(set(users.rsplit(",")))
if users_list is not None:
try:
users = list(set(
open(users_list).read().rsplit("\n"))) # fix later
except:
error(messages(language, 37).format(targets_list))
from core.color import finish
finish()
sys.exit(1)
# Check password list
if passwds is None and passwds_list is None and scan_method is not None:
for imethod in scan_method:
if "_brute" in imethod:
error(messages(language, 38))
from core.color import finish
finish()
sys.exit(1)
else:
if passwds is not None:
passwds = list(set(passwds.rsplit(",")))
if passwds_list is not None:
try:
passwds = list(set(
open(passwds_list).read().rsplit("\n"))) # fix later
except:
error(messages(language, 39).format(targets_list))
from core.color import finish
finish()
sys.exit(1)
# Check output file
try:
tmpfile = open(log_in_file, "w")
except:
error(messages(language, 40).format(log_in_file))
from core.color import finish
finish()
sys.exit(1)
# Check Proxies
if proxies is not None:
proxies = list(set(proxies.rsplit(',')))
elif proxies_file is not None:
if os.path.isfile(proxies_file):
try:
proxies = list(set(open(proxies_file).read().rsplit()))
except:
error(messages(language, 82).format(proxies_file))
from core.color import finish
finish()
sys.exit(1)
else:
error(messages(language, 83).format(proxies_file))
from core.color import finish
finish()
sys.exit(1)
# Check Graph
if graph_flag is not None:
if not (len(log_in_file) >= 5 and log_in_file[-5:] == '.html') or (
not len(log_in_file) >= 4 and log_in_file[-4:] == '.htm'):
error(messages(language, 87))
from core.color import finish
finish()
sys.exit(1)
if graph_flag not in load_all_graphs():
error(messages(language, 97).format(graph_flag))
from core.color import finish
finish()
sys.exit(1)
# Return the values
return [
targets, targets_list, thread_number, thread_number_host, log_in_file,
scan_method, exclude_method, users, users_list, passwds, passwds_list,
timeout_sec, ports, parser, module_names, language, verbose_level,
show_version, check_update, proxies, proxies_file, retries, graph_flag,
help_menu_flag
]
