Python load_all_graphs Exemples, core.load_modules.load_all_graphs Python Exemples

Exemple #1

0

Afficher le fichier

def __graphs():
    res = """<label><input id="none_graph" type="radio" class="radio"><a
                            class="label label-default">None</a></label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"""
    for graph in load_all_graphs():
        res += """<label><input id="{0}" type="radio" class="radio"><a
                            class="label label-default">{0}</a></label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;""".format(graph)
    return res

Exemple #2

0

Afficher le fichier

Fichier : api_core.py Projet : gnarly-cl0s/OWASP-Nettacker

def graphs():
    """
    all available graphs for API

    Returns:
        HTML content or available graphs
    """
    res = """<label><input id="" type="radio" name="graph_name" value="" class="radio"><a
                            class="label label-default">None</a></label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"""
    for graph in load_all_graphs():
        res += """<label><input id="{0}" type="radio" name="graph_name" value="{0}" class="radio"><a
                            class="label label-default">{0}</a></label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;""".format(graph)
    return res

Exemple #3

0

Afficher le fichier

def load():
    """
    load all ARGS, Apply rules and go for attacks

    Returns:
        True if success otherwise None
    """
    write("\n\n")
    # load all modules in lib/brute, lib/scan, lib/graph
    module_names = load_all_modules()
    graph_names = load_all_graphs()

    # Parse ARGVs
    try:
        parser, options, startup_update_flag = load_all_args(module_names, graph_names)
    except SystemExit:
        finish()
        sys.exit(1)
    # Filling Options
    check_ranges = options.check_ranges
    check_subdomains = options.check_subdomains
    targets = options.targets
    targets_list = options.targets_list
    thread_number = options.thread_number + 1
    thread_number_host = options.thread_number_host
    log_in_file = options.log_in_file
    scan_method = options.scan_method
    exclude_method = options.exclude_method
    users = options.users
    users_list = options.users_list
    passwds = options.passwds
    passwds_list = options.passwds_list
    timeout_sec = options.timeout_sec
    ports = options.ports
    time_sleep = options.time_sleep
    language = options.language
    verbose_level = options.verbose_level
    show_version = options.show_version
    check_update = options.check_update
    socks_proxy = options.socks_proxy
    retries = options.retries
    graph_flag = options.graph_flag
    help_menu_flag = options.help_menu_flag
    ping_flag = options.ping_flag
    methods_args = options.methods_args
    method_args_list = options.method_args_list
    wizard_mode = options.wizard_mode
    profile = options.profile
    start_api = options.start_api
    api_host = options.api_host
    api_port = options.api_port
    api_debug_mode = options.api_debug_mode
    api_access_key = options.api_access_key
    api_client_white_list = options.api_client_white_list
    api_client_white_list_ips = options.api_client_white_list_ips
    api_access_log = options.api_access_log
    api_access_log_filename = options.api_access_log_filename
    backup_ports = ports

    # Checking Requirements
    (targets, targets_list, thread_number, thread_number_host,
     log_in_file, scan_method, exclude_method, users, users_list,
     passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
     check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
     profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
     api_client_white_list_ips, api_access_log, api_access_log_filename) = \
        check_all_required(
            targets, targets_list, thread_number, thread_number_host,
            log_in_file, scan_method, exclude_method, users, users_list,
            passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
            check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
            profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
            api_client_white_list_ips, api_access_log, api_access_log_filename
        )

    info(messages(language, 0))
    # check for update
    if startup_update_flag:
        __version__, __code_name__ = _version_info()
        _check(__version__, __code_name__, language, socks_proxy)

    info(messages(language, 96).format(len(load_all_modules()) - 1 + len(load_all_graphs())))
    __go_for_attacks(targets, check_ranges, check_subdomains, log_in_file, time_sleep, language, verbose_level, retries,
                     socks_proxy, users, passwds, timeout_sec, thread_number, ports, ping_flag, methods_args,
                     backup_ports, scan_method, thread_number_host, graph_flag, profile, False)
    return True

Exemple #4

0

Afficher le fichier

Fichier : args_loader.py Projet : susantaroy2002/OWASP-Nettacker

def check_all_required(
        targets, targets_list, thread_number, thread_number_host, log_in_file,
        scan_method, exclude_method, users, users_list, passwds, passwds_list,
        timeout_sec, ports, parser, module_names, language, verbose_level,
        show_version, check_update, socks_proxy, retries, graph_flag,
        help_menu_flag, methods_args, method_args_list, wizard_mode, profile,
        start_api, api_host, api_port, api_debug_mode, api_access_key,
        api_client_white_list, api_client_white_list_ips, api_access_log,
        api_access_log_filename):
    # Checking Requirements
    # import libs
    from core import compatible
    # Check Help Menu
    if help_menu_flag:
        parser.print_help()
        write("\n\n")
        write(messages(language, 3))
        __die_success()
    # Check if method args list called
    if method_args_list:
        from core.load_modules import load_all_method_args
        load_all_method_args(language)
        __die_success()
    # Check version
    if show_version:
        from core import color
        info(
            messages(language,
                     84).format(color.color("yellow"), compatible.__version__,
                                color.color("reset"), color.color("cyan"),
                                compatible.__code_name__, color.color("reset"),
                                color.color("green")))
        __die_success()
    # API mode
    if start_api:
        from api.engine import _start_api
        from core.targets import target_type
        from core.ip import _generate_IPRange

        try:
            api_port = int(api_port)
        except:
            __die_failure(messages(language, 154))
        if api_client_white_list:
            if type(api_client_white_list_ips) != type([]):
                api_client_white_list_ips = list(
                    set(api_client_white_list_ips.rsplit(",")))
            hosts = []
            for data in api_client_white_list_ips:
                if target_type(data) == "SINGLE_IPv4":
                    if data not in hosts:
                        hosts.append(data)
                elif target_type(data) == "RANGE_IPv4":
                    for cidr in _generate_IPRange(data):
                        for ip in cidr:
                            if ip not in hosts:
                                hosts.append(ip)
                elif target_type(data) == "CIDR_IPv4":
                    for ip in _generate_IPRange(data):
                        if ip not in hosts:
                            hosts.append(str(ip))
                else:
                    __die_failure(messages(language, 155))
            api_client_white_list_ips = hosts[:]
        if api_access_log:
            try:
                f = open(api_access_log_filename, 'a')
            except:
                __die_failure(
                    messages(language, 40).format(api_access_log_filename))
        _start_api(api_host, api_port, api_debug_mode, api_access_key,
                   api_client_white_list, api_client_white_list_ips,
                   api_access_log, api_access_log_filename, language)
    # Wizard mode
    if wizard_mode:
        (targets, thread_number, thread_number_host,
         log_in_file, scan_method, exclude_method, users,
         passwds, timeout_sec, ports, verbose_level,
         socks_proxy, retries, graph_flag) = \
            __wizard(
                targets, thread_number, thread_number_host,
                log_in_file, module_names, exclude_method, users,
                passwds, timeout_sec, ports, verbose_level,
                socks_proxy, retries, load_all_graphs(), language
            )
    # Select a Profile
    if profile is not None:
        _all_profiles = _builder(_profiles(), default_profiles())
        if scan_method is None:
            scan_method = ""
        else:
            scan_method += ","
        if profile == "all":
            profile = ",".join(_all_profiles)
        tmp_sm = scan_method
        for pr in profile.rsplit(","):
            try:
                for sm in _all_profiles[pr]:
                    if sm not in tmp_sm.rsplit(","):
                        tmp_sm += sm + ","
            except:
                __die_failure(messages(language, 137).format(pr))
        if tmp_sm[-1] == ",":
            tmp_sm = tmp_sm[0:-1]
        scan_method = ",".join(list(set(tmp_sm.rsplit(","))))
    # Check Socks
    if socks_proxy is not None:
        e = False
        if socks_proxy.startswith("socks://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks://", "")
        elif socks_proxy.startswith("socks5://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks5://", "")
        elif socks_proxy.startswith("socks4://"):
            socks_flag = 4
            socks_proxy = socks_proxy.replace("socks4://", "")
        else:
            socks_flag = 5
        if "://" in socks_proxy:
            socks_proxy = socks_proxy.rsplit("://")[1].rsplit("/")[0]
        try:
            if len(socks_proxy.rsplit(":")) < 2 or len(
                    socks_proxy.rsplit(":")) > 3:
                e = True
            elif len(socks_proxy.rsplit(":")) is 2 and socks_proxy.rsplit(
                    ":")[1] == "":
                e = True
            elif len(socks_proxy.rsplit(":")) is 3 and socks_proxy.rsplit(
                    ":")[2] == "":
                e = True
        except:
            e = True
        if e:
            __die_failure(messages(language, 63))
        if socks_flag is 4:
            socks_proxy = "socks4://" + socks_proxy
        if socks_flag is 5:
            socks_proxy = "socks5://" + socks_proxy
    # Check update
    if check_update:
        from core.update import _update
        _update(compatible.__version__, compatible.__code_name__, language,
                socks_proxy)
        __die_success()
    # Check the target(s)
    if targets is None and targets_list is None:
        parser.print_help()
        write("\n")
        __die_failure(messages(language, 26))
    else:
        if targets is not None:
            targets = list(set(targets.rsplit(",")))
        elif targets_list is not None:
            try:
                targets = list(set(open(targets_list, "rb").read().rsplit()))
            except:
                __die_failure(messages(language, 27).format(targets_list))
    # Check thread number
    if thread_number > 101 or thread_number_host > 101:
        warn(messages(language, 28))
    # Check timeout number
    if timeout_sec is not None and timeout_sec >= 15:
        warn(messages(language, 29).format(timeout_sec))
    # Check scanning method
    if scan_method is not None and scan_method == "all":
        scan_method = module_names
        scan_method.remove("all")
    elif scan_method is not None and scan_method not in module_names:
        if "*_" in scan_method:
            scan_method = scan_method.rsplit(",")
            tmp_scan_method = scan_method[:]
            for sm in scan_method:
                if sm.startswith("*_"):
                    scan_method.remove(sm)
                    found_flag = False
                    for mn in module_names:
                        if mn.endswith("_" + sm.rsplit("*_")[1]):
                            scan_method.append(mn)
                            found_flag = True
                    if found_flag is False:
                        __die_failure(messages(language, 117).format(sm))
            scan_method = ",".join(scan_method)
        if "," in scan_method:
            scan_method = scan_method.rsplit(",")
            for sm in scan_method:
                if sm not in module_names:
                    __die_failure(messages(language, 30).format(sm))
                if sm == "all":
                    scan_method = module_names
                    scan_method.remove("all")
                    break
        else:
            __die_failure(messages(language, 31).format(scan_method))
    elif scan_method is None:
        __die_failure(messages(language, 41))
    else:
        scan_method = scan_method.rsplit()
    # Check for exluding scanning method
    if exclude_method is not None:
        exclude_method = exclude_method.rsplit(",")
        for exm in exclude_method:
            if exm in scan_method:
                if "all" == exm:
                    __die_failure(messages(language, 32))
                else:
                    scan_method.remove(exm)
                    if len(scan_method) is 0:
                        __die_failure(messages(language, 33))
            else:
                __die_failure(messages(language, 34).format(exm))
    # Check port(s)
    if type(ports) is not list and ports is not None and "-" in ports:
        ports = ports.rsplit("-")
        ports = range(int(ports[0]), int(ports[1]) + 1)
    elif type(ports) is not list and ports is not None:
        ports = ports.rsplit(",")
    # Check user list
    if users is not None:
        users = list(set(users.rsplit(",")))
    elif users_list is not None:
        try:
            users = list(set(
                open(users_list).read().rsplit("\n")))  # fix later
        except:
            __die_failure(messages(language, 37).format(targets_list))
    # Check password list
    if passwds is not None:
        passwds = list(set(passwds.rsplit(",")))
    if passwds_list is not None:
        try:
            passwds = list(set(
                open(passwds_list).read().rsplit("\n")))  # fix later
        except:
            __die_failure(messages(language, 39).format(targets_list))
    # Check output file
    try:
        tmpfile = open(log_in_file, "w")
    except:
        __die_failure(messages(language, 40).format(log_in_file))
    # Check Graph
    if graph_flag is not None:
        if graph_flag not in load_all_graphs():
            __die_failure(messages(language, 97).format(graph_flag))
        if not (log_in_file.endswith(".html") or log_in_file.endswith(".htm")):
            warn(messages(language, 87))
            graph_flag = None
    # Check Methods ARGS
    if methods_args is not None:
        new_methods_args = {}
        methods_args = methods_args.rsplit("&")
        for imethod_args in methods_args:
            if len(imethod_args.rsplit("=")) is 2:
                if imethod_args.rsplit("=")[1].startswith("read_from_file:"):
                    try:
                        read_data = list(
                            set(
                                open(
                                    imethod_args.rsplit("=read_from_file:")
                                    [1]).read().rsplit("\n")))
                    except:
                        __die_failure(messages(language, 36))
                    new_methods_args[imethod_args.rsplit("=")[0]] = read_data
                else:
                    new_methods_args[imethod_args.rsplit(
                        "=")[0]] = imethod_args.rsplit("=")[1].rsplit(",")
            else:
                new_methods_args[imethod_args.rsplit("=")[0]] = ""
        methods_args = new_methods_args
    # Return the values
    return [
        targets, targets_list, thread_number, thread_number_host, log_in_file,
        scan_method, exclude_method, users, users_list, passwds, passwds_list,
        timeout_sec, ports, parser, module_names, language, verbose_level,
        show_version, check_update, socks_proxy, retries, graph_flag,
        help_menu_flag, methods_args, method_args_list, wizard_mode, profile,
        start_api, api_host, api_port, api_debug_mode, api_access_key,
        api_client_white_list, api_client_white_list_ips, api_access_log,
        api_access_log_filename
    ]

Exemple #5

0

Afficher le fichier

Fichier : args_loader.py Projet : exploitcollection/OWASP-Nettacker

def check_all_required(targets, targets_list, thread_number,
                       thread_number_host, log_in_file, scan_method,
                       exclude_method, users, users_list, passwds,
                       passwds_list, timeout_sec, ports, parser, module_names,
                       language, verbose_level, show_version, check_update,
                       socks_proxy, retries, graph_flag, help_menu_flag,
                       methods_args, method_args_list):
    # Checking Requirements
    # import libs
    from core.color import finish
    from core import compatible
    # Check Help Menu
    if help_menu_flag is True:
        parser.print_help()
        write('\n\n')
        write(messages(language, 3))
        finish()
        sys.exit(0)
    # Check if method args list called
    if method_args_list is True:
        from core.load_modules import load_all_method_args
        load_all_method_args(language)
        finish()
        sys.exit(0)
    # Check version
    if show_version is True:
        from core import color
        info(
            messages(language,
                     84).format(color.color('yellow'), compatible.__version__,
                                color.color('reset'), color.color('cyan'),
                                compatible.__code_name__, color.color('reset'),
                                color.color('green')))
        finish()
        sys.exit(0)
    # Check update
    if check_update is True:
        from core.update import _update
        _update(compatible.__version__, compatible.__code_name__, language)
        finish()
        sys.exit(0)
    # Check the target(s)
    if targets is None and targets_list is None:
        parser.print_help()
        write("\n")
        error(messages(language, 26))
        finish()
        sys.exit(1)
    else:
        if targets is not None:
            targets = list(set(targets.rsplit(",")))
        elif targets_list is not None:
            try:
                targets = list(set(open(targets_list, "rb").read().rsplit()))
            except:
                error(messages(language, 27).format(targets_list))
                finish()
                sys.exit(1)
    # Check thread number
    if thread_number > 100 or thread_number_host > 100:
        warn(messages(language, 28))
    # Check timeout number
    if timeout_sec is not None and timeout_sec >= 15:
        warn(messages(language, 29).format(timeout_sec))
    # Check scanning method
    if scan_method is not None and scan_method == "all":
        scan_method = module_names
        scan_method.remove("all")
    elif scan_method is not None and scan_method not in module_names:
        if "," in scan_method:
            scan_method = scan_method.rsplit(",")
            for sm in scan_method:
                if sm not in module_names:
                    error(messages(language, 30).format(sm))
                    finish()
                    sys.exit(1)
                if sm == "all":
                    scan_method = module_names
                    scan_method.remove("all")
                    break
        else:
            error(messages(language, 31).format(scan_method))
            finish()
            sys.exit(1)
    elif scan_method is None:
        error(messages(language, 41))
        finish()
        sys.exit(1)
    else:
        scan_method = scan_method.rsplit()
    if exclude_method is not None:
        exclude_method = exclude_method.rsplit(",")
        for exm in exclude_method:
            if exm in scan_method:
                if "all" == exm:
                    messages(language, 32)
                    finish()
                    sys.exit(1)
                else:
                    scan_method.remove(exm)
                    if len(scan_method) is 0:
                        messages(language, 33)
                        finish()
                        sys.exit(1)
            else:
                messages(language, 34).format(exm)
                finish()
                sys.exit(1)
    # Check port(s)
    if type(ports) is not list and ports is not None and "-" in ports:
        ports = ports.rsplit("-")
        ports = range(int(ports[0]), int(ports[1]) + 1)
    elif type(ports) is not list and ports is not None:
        ports = ports.rsplit(",")
    # Check user list
    if users is not None:
        users = list(set(users.rsplit(",")))
    elif users_list is not None:
        try:
            users = list(set(
                open(users_list).read().rsplit("\n")))  # fix later
        except:
            error(messages(language, 37).format(targets_list))
            finish()
            sys.exit(1)
    # Check password list
    if passwds is not None:
        passwds = list(set(passwds.rsplit(",")))
    if passwds_list is not None:
        try:
            passwds = list(set(
                open(passwds_list).read().rsplit("\n")))  # fix later
        except:
            error(messages(language, 39).format(targets_list))
            finish()
            sys.exit(1)
    # Check output file
    try:
        tmpfile = open(log_in_file, "w")
    except:
        error(messages(language, 40).format(log_in_file))
        finish()
        sys.exit(1)
    # Check Graph
    if graph_flag is not None:
        if graph_flag not in load_all_graphs():
            error(messages(language, 97).format(graph_flag))
            finish()
            sys.exit(1)
        if not (log_in_file.endswith('.html') or log_in_file.endswith('.htm')):
            warn(messages(language, 87))
            graph_flag = None
    # Check Socks
    if socks_proxy is not None:
        e = False
        try:
            if '://' in socks_proxy:
                socks_proxy = socks_proxy.rsplit('://')[1].rsplit('/')[0]
            if len(socks_proxy.rsplit(':')) is not 2 or socks_proxy.rsplit(
                    ':')[1] == '':
                e = True
        except:
            e = True
        if e:
            error(messages(language, 63))
            finish()
            sys.exit(1)
    # Check Methods ARGS
    if methods_args is not None:
        new_methods_args = {}
        methods_args = methods_args.rsplit('&')
        for imethod_args in methods_args:
            if len(imethod_args.rsplit('=')) is 2:
                if imethod_args.rsplit('=')[1].startswith('read_from_file:'):
                    try:
                        read_data = list(
                            set(
                                open(
                                    imethod_args.rsplit('=read_from_file:')
                                    [1]).read().rsplit('\n')))
                    except:
                        error(messages(language, 36))
                        finish()
                        sys.exit(1)
                    new_methods_args[imethod_args.rsplit('=')[0]] = read_data
                else:
                    new_methods_args[imethod_args.rsplit(
                        '=')[0]] = imethod_args.rsplit('=')[1].rsplit(',')
            else:
                new_methods_args[imethod_args.rsplit('=')[0]] = ""
        methods_args = new_methods_args
    # Return the values
    return [
        targets, targets_list, thread_number, thread_number_host, log_in_file,
        scan_method, exclude_method, users, users_list, passwds, passwds_list,
        timeout_sec, ports, parser, module_names, language, verbose_level,
        show_version, check_update, socks_proxy, retries, graph_flag,
        help_menu_flag, methods_args, method_args_list
    ]

Exemple #6

0

Afficher le fichier

Fichier : args_loader.py Projet : khagoyos22/OWASP-Nettacker

def check_all_required(targets, targets_list, thread_number, thread_number_host,
                       log_in_file, scan_method, exclude_method, users, users_list,
                       passwds, passwds_list, timeout_sec, ports, parser, module_names,
                       language, verbose_level, show_version, check_update, socks_proxy,
                       retries, graph_flag, help_menu_flag, methods_args, method_args_list,
                       wizard_mode, profile):
    # Checking Requirements
    # import libs
    from core import compatible
    # Check Help Menu
    if help_menu_flag:
        parser.print_help()
        write('\n\n')
        write(messages(language, 3))
        __die_success()
    # Check if method args list called
    if method_args_list:
        from core.load_modules import load_all_method_args
        load_all_method_args(language)
        __die_success()
    # Check version
    if show_version:
        from core import color
        info(messages(language, 84).format(color.color('yellow'), compatible.__version__, color.color('reset'),
                                           color.color('cyan'), compatible.__code_name__, color.color('reset'),
                                           color.color('green')))
        __die_success()
    # Wizard mode
    if wizard_mode:
        (targets, thread_number, thread_number_host,
         log_in_file, scan_method, exclude_method, users,
         passwds, timeout_sec, ports, verbose_level,
         socks_proxy, retries, graph_flag) = \
            __wizard(
                targets, thread_number, thread_number_host,
                log_in_file, module_names, exclude_method, users,
                passwds, timeout_sec, ports, verbose_level,
                socks_proxy, retries, load_all_graphs(), language
            )
    # Select a Profile
    if profile is not None:
        _all_profiles = _builder(get_profiles(), all_profiles())
        if scan_method is None:
            scan_method = ''
        else:
            scan_method += ','
        if profile == 'all':
            profile = ','.join(_all_profiles)
        tmp_sm = scan_method
        for pr in profile.rsplit(','):
            try:
                for sm in _all_profiles[pr]:
                    if sm not in tmp_sm.rsplit(','):
                        tmp_sm += sm + ','
            except:
                __die_failure(messages(language, 137).format(pr))
        if tmp_sm[-1] == ',':
            tmp_sm = tmp_sm[0:-1]
        scan_method = ','.join(list(set(tmp_sm.rsplit(','))))
    # Check Socks
    if socks_proxy is not None:
        e = False
        if socks_proxy.startswith('socks://'):
            socks_flag = 5
            socks_proxy = socks_proxy.replace('socks://', '')
        elif socks_proxy.startswith('socks5://'):
            socks_flag = 5
            socks_proxy = socks_proxy.replace('socks5://', '')
        elif socks_proxy.startswith('socks4://'):
            socks_flag = 4
            socks_proxy = socks_proxy.replace('socks4://', '')
        else:
            socks_flag = 5
        if '://' in socks_proxy:
            socks_proxy = socks_proxy.rsplit('://')[1].rsplit('/')[0]
        try:
            if len(socks_proxy.rsplit(':')) < 2 or len(socks_proxy.rsplit(':')) > 3:
                e = True
            elif len(socks_proxy.rsplit(':')) is 2 and socks_proxy.rsplit(':')[1] == '':
                e = True
            elif len(socks_proxy.rsplit(':')) is 3 and socks_proxy.rsplit(':')[2] == '':
                e = True
        except:
            e = True
        if e:
            __die_failure(messages(language, 63))
        if socks_flag is 4:
            socks_proxy = 'socks4://' + socks_proxy
        if socks_flag is 5:
            socks_proxy = 'socks5://' + socks_proxy
    # Check update
    if check_update:
        from core.update import _update
        _update(compatible.__version__, compatible.__code_name__, language, socks_proxy)
        __die_success()
    # Check the target(s)
    if targets is None and targets_list is None:
        parser.print_help()
        write("\n")
        __die_failure(messages(language, 26))
    else:
        if targets is not None:
            targets = list(set(targets.rsplit(",")))
        elif targets_list is not None:
            try:
                targets = list(set(open(targets_list, "rb").read().rsplit()))
            except:
                __die_failure(messages(language, 27).format(targets_list))
    # Check thread number
    if thread_number > 100 or thread_number_host > 100:
        warn(messages(language, 28))
    # Check timeout number
    if timeout_sec is not None and timeout_sec >= 15:
        warn(messages(language, 29).format(timeout_sec))
    # Check scanning method
    if scan_method is not None and scan_method == "all":
        scan_method = module_names
        scan_method.remove("all")
    elif scan_method is not None and scan_method not in module_names:
        if "*_" in scan_method:
            scan_method = scan_method.rsplit(',')
            tmp_scan_method = scan_method[:]
            for sm in scan_method:
                if sm.startswith('*_'):
                    scan_method.remove(sm)
                    found_flag = False
                    for mn in module_names:
                        if mn.endswith('_' + sm.rsplit('*_')[1]):
                            scan_method.append(mn)
                            found_flag = True
                    if found_flag is False:
                        __die_failure(messages(language, 117).format(sm))
            scan_method = ','.join(scan_method)
        if "," in scan_method:
            scan_method = scan_method.rsplit(",")
            for sm in scan_method:
                if sm not in module_names:
                    __die_failure(messages(language, 30).format(sm))
                if sm == "all":
                    scan_method = module_names
                    scan_method.remove("all")
                    break
        else:
            __die_failure(messages(language, 31).format(scan_method))
    elif scan_method is None:
        __die_failure(messages(language, 41))
    else:
        scan_method = scan_method.rsplit()
    # Check for exluding scanning method
    if exclude_method is not None:
        exclude_method = exclude_method.rsplit(",")
        for exm in exclude_method:
            if exm in scan_method:
                if "all" == exm:
                    __die_failure(messages(language, 32))
                else:
                    scan_method.remove(exm)
                    if len(scan_method) is 0:
                        __die_failure(messages(language, 33))
            else:
                __die_failure(messages(language, 34).format(exm))
    # Check port(s)
    if type(ports) is not list and ports is not None and "-" in ports:
        ports = ports.rsplit("-")
        ports = range(int(ports[0]), int(ports[1]) + 1)
    elif type(ports) is not list and ports is not None:
        ports = ports.rsplit(",")
    # Check user list
    if users is not None:
        users = list(set(users.rsplit(",")))
    elif users_list is not None:
        try:
            users = list(set(open(users_list).read().rsplit("\n")))  # fix later
        except:
            __die_failure(messages(language, 37).format(targets_list))
    # Check password list
    if passwds is not None:
        passwds = list(set(passwds.rsplit(",")))
    if passwds_list is not None:
        try:
            passwds = list(set(open(passwds_list).read().rsplit("\n")))  # fix later
        except:
            __die_failure(messages(language, 39).format(targets_list))
    # Check output file
    try:
        tmpfile = open(log_in_file, "w")
    except:
        __die_failure(messages(language, 40).format(log_in_file))
    # Check Graph
    if graph_flag is not None:
        if graph_flag not in load_all_graphs():
            __die_failure(messages(language, 97).format(graph_flag))
        if not (log_in_file.endswith('.html') or log_in_file.endswith('.htm')):
            warn(messages(language, 87))
            graph_flag = None
    # Check Methods ARGS
    if methods_args is not None:
        new_methods_args = {}
        methods_args = methods_args.rsplit('&')
        for imethod_args in methods_args:
            if len(imethod_args.rsplit('=')) is 2:
                if imethod_args.rsplit('=')[1].startswith('read_from_file:'):
                    try:
                        read_data = list(set(open(imethod_args.rsplit('=read_from_file:')[1]).read().rsplit('\n')))
                    except:
                        __die_failure(messages(language, 36))
                    new_methods_args[imethod_args.rsplit('=')[0]] = read_data
                else:
                    new_methods_args[imethod_args.rsplit('=')[0]] = imethod_args.rsplit('=')[1].rsplit(',')
            else:
                new_methods_args[imethod_args.rsplit('=')[0]] = ""
        methods_args = new_methods_args
    # Return the values
    return [targets, targets_list, thread_number, thread_number_host,
            log_in_file, scan_method, exclude_method, users, users_list,
            passwds, passwds_list, timeout_sec, ports, parser, module_names,
            language, verbose_level, show_version, check_update, socks_proxy,
            retries, graph_flag, help_menu_flag, methods_args, method_args_list,
            wizard_mode, profile]

Exemple #7

0

Afficher le fichier

def __rules(config, defaults, language):
    # Check Ranges
    config["check_ranges"] = True if config[
        "check_ranges"] is not False else False
    # Check Subdomains
    config["check_subdomains"] = True if config[
        "check_subdomains"] is not False else False
    # Check Graph
    config["graph_flag"] = config["graph_flag"] if config[
        "graph_flag"] in load_all_graphs() else None
    # Check Language
    config["language"] = config["language"] if config["language"] in [
        lang for lang in messages(-1, 0)
    ] else "en"
    # Check Targets
    if config["targets"] is not None:
        config["targets"] = list(set(config["targets"].rsplit(",")))
    else:
        abort(400, messages(language, 26))
    # Check Log File
    try:
        f = open(config["log_in_file"], "a")
        f.close()
    except:
        abort(400, messages(language, 40).format(config["log_in_file"]))
    # Check Method ARGS
    methods_args = config["methods_args"]
    if methods_args is not None:
        new_methods_args = {}
        methods_args = methods_args.rsplit("&")
        for imethod_args in methods_args:
            if len(imethod_args.rsplit("=")) is 2:
                new_methods_args[imethod_args.rsplit("=")
                                 [0]] = imethod_args.rsplit("=")[1].rsplit(",")
            else:
                new_methods_args[imethod_args.rsplit("=")[0]] = ""
        methods_args = new_methods_args
    config["methods_args"] = methods_args

    # Check Passwords
    config["passwds"] = config["passwds"].rsplit(
        ',') if config["passwds"] is not None else None
    # Check Ping Before Scan
    config["ping_flag"] = True if config["ping_flag"] is not False else False
    # Check Ports
    ports = config["ports"]
    if type(ports) is not list and ports is not None:
        tmp_ports = []
        for port in ports.rsplit(','):
            try:
                if '-' not in port:
                    if int(port) not in tmp_ports:
                        tmp_ports.append(int(port))
                else:
                    t_ports = range(int(port.rsplit('-')[0]),
                                    int(port.rsplit('-')[1]) + 1)
                    for p in t_ports:
                        if p not in tmp_ports:
                            tmp_ports.append(p)
            except:
                abort(400, messages(language, 157))
        if len(tmp_ports) is 0:
            ports = None
        else:
            ports = tmp_ports[:]
    config["ports"] = ports
    # Check Profiles
    if config["profile"] is not None:
        _all_profiles = _builder(_profiles(), default_profiles())
        if config["scan_method"] is None:
            config["scan_method"] = ""
        else:
            config["scan_method"] += ","
        if "all" in config["profile"].rsplit(","):
            config["profile"] = ",".join(_all_profiles)
        tmp_sm = config["scan_method"]
        for pr in config["profile"].rsplit(","):
            try:
                for sm in _all_profiles[pr]:
                    if sm not in tmp_sm.rsplit(","):
                        tmp_sm += sm + ","
            except:
                abort(400, messages(language, 137).format(pr))
        if tmp_sm[-1] == ",":
            tmp_sm = tmp_sm[0:-1]
        config["scan_method"] = ",".join(list(set(tmp_sm.rsplit(","))))

    # Check retries
    try:
        config["retries"] = int(config["retries"])
    except:
        config["retries"] = defaults["retries"]
    # Check Scanning Method
    if config["scan_method"] is not None and "all" in config[
            "scan_method"].rsplit(","):
        config["scan_method"] = load_all_modules()
        config["scan_method"].remove("all")
    elif len(config["scan_method"].rsplit(
            ",")) is 1 and "*_" not in config["scan_method"]:
        if config["scan_method"] in load_all_modules():
            config["scan_method"] = config["scan_method"].rsplit()
        else:
            abort(400, messages(language, 30).format(config["scan_method"]))
    else:
        if config["scan_method"] is not None:
            if config["scan_method"] not in load_all_modules():
                if "*_" in config["scan_method"] or "," in config[
                        "scan_method"]:
                    config["scan_method"] = config["scan_method"].rsplit(",")
                    scan_method_tmp = config["scan_method"][:]
                    for sm in scan_method_tmp:
                        scan_method_error = True
                        if sm.startswith("*_"):
                            config["scan_method"].remove(sm)
                            found_flag = False
                            for mn in load_all_modules():
                                if mn.endswith("_" + sm.rsplit("*_")[1]):
                                    config["scan_method"].append(mn)
                                    scan_method_error = False
                                    found_flag = True
                            if found_flag is False:
                                abort(400, messages(language, 117).format(sm))
                        elif sm == "all":
                            config["scan_method"] = load_all_modules()
                            scan_method_error = False
                            config["scan_method"].remove("all")
                            break
                        elif sm in load_all_modules():
                            scan_method_error = False
                        elif sm not in load_all_modules():
                            abort(400, messages(language, 30).format(sm))
                else:
                    scan_method_error = True
            if scan_method_error:
                abort(400,
                      messages(language, 30).format(config["scan_method"]))
        else:
            abort(400, messages(language, 41))
        config["scan_method"] = list(set(config["scan_method"]))

    # Check Socks Proxy
    socks_proxy = config["socks_proxy"]
    if socks_proxy is not None:
        e = False
        if socks_proxy.startswith("socks://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks://", "")
        elif socks_proxy.startswith("socks5://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks5://", "")
        elif socks_proxy.startswith("socks4://"):
            socks_flag = 4
            socks_proxy = socks_proxy.replace("socks4://", "")
        else:
            socks_flag = 5
        if "://" in socks_proxy:
            socks_proxy = socks_proxy.rsplit("://")[1].rsplit("/")[0]
        try:
            if len(socks_proxy.rsplit(":")) < 2 or len(
                    socks_proxy.rsplit(":")) > 3:
                e = True
            elif len(socks_proxy.rsplit(":")) is 2 and socks_proxy.rsplit(
                    ":")[1] == "":
                e = True
            elif len(socks_proxy.rsplit(":")) is 3 and socks_proxy.rsplit(
                    ":")[2] == "":
                e = True
        except:
            e = True
        if e:
            abort(400, messages(language, 63))
        if socks_flag is 4:
            socks_proxy = "socks4://" + socks_proxy
        if socks_flag is 5:
            socks_proxy = "socks5://" + socks_proxy
    config["socks_proxy"] = socks_proxy
    # Check thread numbers
    try:
        config["thread_number"] = int(config["thread_number"])
    except:
        config["thread_number"] = defaults["thread_number"]
    # Check thread number for hosts
    try:
        config["thread_number_host"] = int(config["thread_number_host"])
    except:
        config["thread_number_host"] = defaults["thread_number_host"]
    # Check time sleep
    try:
        config["time_sleep"] = float(config["time_sleep"])
    except:
        config["time_sleep"] = defaults["time_sleep"]
    # Check timeout sec
    try:
        config["timeout_sec"] = int(config["timeout_sec"])
    except:
        config["thread_number_host"] = defaults["thread_number_host"]
    # Check users
    config["users"] = config["users"].rsplit(
        ',') if config["users"] is not None else None
    return config

Exemple #8

0

Afficher le fichier

Fichier : parse.py Projet : camel32bit/OWASP-Nettacker

def load():
    write('\n\n')
    # load libs
    from core.color import finish
    # load all modules in lib/brute, lib/scan, lib/graph
    module_names = load_all_modules()
    graph_names = load_all_graphs()

    # Parse ARGVs
    try:
        parser, options, startup_update_flag = load_all_args(
            module_names, graph_names)
    except SystemExit:
        finish()
        sys.exit(1)
    # Filling Options
    check_ranges = options.check_ranges
    check_subdomains = options.check_subdomains
    targets = options.targets
    targets_list = options.targets_list
    thread_number = options.thread_number
    thread_number_host = options.thread_number_host
    log_in_file = options.log_in_file
    scan_method = options.scan_method
    exclude_method = options.exclude_method
    users = options.users
    users_list = options.users_list
    passwds = options.passwds
    passwds_list = options.passwds_list
    timeout_sec = options.timeout_sec
    ports = options.ports
    time_sleep = options.time_sleep
    language = options.language
    verbose_level = options.verbose_level
    show_version = options.show_version
    check_update = options.check_update
    proxies = options.proxies
    proxies_file = options.proxies_file
    retries = options.retries
    graph_flag = options.graph_flag
    help_menu_flag = options.help_menu_flag
    ping_flag = options.ping_flag
    methods_args = options.methods_args
    method_args_list = options.method_args_list

    # Checking Requirements
    (targets, targets_list, thread_number, thread_number_host,
     log_in_file, scan_method, exclude_method, users, users_list,
     passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
     check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag, methods_args, method_args_list) = \
        check_all_required(
            targets, targets_list, thread_number, thread_number_host,
            log_in_file, scan_method, exclude_method, users, users_list,
            passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
            check_update, proxies, proxies_file, retries, graph_flag, help_menu_flag, methods_args, method_args_list
        )

    info(messages(language, 0))
    # check for update
    if startup_update_flag is True:
        __version__, __code_name__ = _version_info()
        _check(__version__, __code_name__, language)

    info(
        messages(
            language,
            96).format(len(load_all_modules()) - 1 + len(load_all_graphs())))
    suff = str(datetime.datetime.now()).replace(' ', '_').replace(
        ':', '-') + '_' + ''.join(
            random.choice(string.ascii_uppercase + string.digits)
            for _ in range(10))
    subs_temp = 'tmp/subs_temp_%s' % (suff)
    range_temp = 'tmp/ranges_%s' % (suff)
    total_targets = -1
    for total_targets, _ in enumerate(
            analysis(targets, check_ranges, check_subdomains, subs_temp,
                     range_temp, log_in_file, time_sleep, language,
                     verbose_level, show_version, check_update, proxies,
                     retries)):
        pass
    total_targets += 1
    total_targets = total_targets * len(scan_method)
    targets = analysis(targets, check_ranges, check_subdomains, subs_temp,
                       range_temp, log_in_file, time_sleep, language,
                       verbose_level, show_version, check_update, proxies,
                       retries)
    threads = []
    trying = 0
    for target in targets:
        for sm in scan_method:
            trying += 1
            t = threading.Thread(
                target=start_attack,
                args=(str(target).rsplit()[0], trying, total_targets, sm,
                      users, passwds, timeout_sec, thread_number, ports,
                      log_in_file, time_sleep, language, verbose_level,
                      show_version, check_update, proxies, retries, ping_flag,
                      methods_args))
            threads.append(t)
            t.start()
            while 1:
                n = 0
                for thread in threads:
                    if thread.isAlive() is True:
                        n += 1
                    else:
                        threads.remove(thread)
                if n >= thread_number_host:
                    time.sleep(0.01)
                else:
                    break

    while 1:
        try:
            n = True
            for thread in threads:
                if thread.isAlive() is True:
                    n = False
            time.sleep(0.01)
            if n is True:
                break
        except KeyboardInterrupt:
            break
    info(messages(language, 42))
    os.remove(subs_temp)
    os.remove(range_temp)
    info(messages(language, 43))
    sort_logs(log_in_file, language, graph_flag)
    write('\n')
    info(messages(language, 44))
    write('\n\n')
    finish()

Exemple #9

0

Afficher le fichier

def check_all_required(targets, targets_list, thread_number,
                       thread_number_host, log_in_file, scan_method,
                       exclude_method, users, users_list, passwds,
                       passwds_list, timeout_sec, ports, parser, module_names,
                       language, verbose_level, show_version, check_update,
                       proxies, proxies_file, retries, graph_flag,
                       help_menu_flag):
    # Checking Requirements
    # Check Help Menu
    if help_menu_flag is True:
        parser.print_help()
        from core.color import finish
        finish()
        sys.exit(0)
    # Check version
    if show_version is True:
        from core import compatible
        from core import color
        info(
            messages(language,
                     84).format(color.color('yellow'), compatible.__version__,
                                color.color('reset'), color.color('cyan'),
                                compatible.__code_name__, color.color('reset'),
                                color.color('green')))
        from core.color import finish
        finish()
        sys.exit(0)
    # Check update
    if check_update is True:
        info(messages(language, 85))
        from core.color import finish
        finish()
        sys.exit(0)
    # Check the target(s)
    if targets is None and targets_list is None:
        parser.print_help()
        write("\n")
        error(messages(language, 26))
        from core.color import finish
        finish()
        sys.exit(1)
    else:
        if targets is not None:
            targets = list(set(targets.rsplit(",")))
        elif targets_list is not None:
            try:
                targets = list(set(open(targets_list, "rb").read().rsplit()))
            except:
                error(messages(language, 27).format(targets_list))
                from core.color import finish
                finish()
                sys.exit(1)
    # Check thread number
    if thread_number > 100 or thread_number_host > 100:
        warn(messages(language, 28))
    # Check timeout number
    if timeout_sec is not None and timeout_sec >= 15:
        warn(messages(language, 29).format(timeout_sec))
    # Check scanning method
    if scan_method is not None and scan_method == "all":
        scan_method = module_names
        scan_method.remove("all")
    elif scan_method is not None and scan_method not in module_names:
        if "," in scan_method:
            scan_method = scan_method.rsplit(",")
            for sm in scan_method:
                if sm not in module_names:
                    error(messages(language, 30).format(sm))
                    from core.color import finish
                    finish()
                    sys.exit(1)
                if sm == "all":
                    scan_method = module_names
                    scan_method.remove("all")
                    break
        else:
            error(messages(language, 31).format(scan_method))
            from core.color import finish
            finish()
            sys.exit(1)
    elif scan_method is None:
        error(messages(language, 41))
        from core.color import finish
        finish()
        sys.exit(1)
    else:
        scan_method = scan_method.rsplit()
    if exclude_method is not None:
        exclude_method = exclude_method.rsplit(",")
        for exm in exclude_method:
            if exm in scan_method:
                if "all" == exm:
                    messages(language, 32)
                    from core.color import finish
                    finish()
                    sys.exit(1)
                else:
                    scan_method.remove(exm)
                    if len(scan_method) is 0:
                        messages(language, 33)
                        from core.color import finish
                        finish()
                        sys.exit(1)
            else:
                messages(language, 34).format(exm)
                from core.color import finish
                finish()
                sys.exit(1)
    # Check port(s)
    if ports is None:
        error(messages(language, 35))
        from core.color import finish
        finish()
        sys.exit(1)
    if type(ports) is not list and "-" in ports:
        ports = ports.rsplit("-")
        ports = range(int(ports[0]), int(ports[1]) + 1)
    elif type(ports) is not list:
        ports = ports.rsplit(",")
    # Check user list
    if users is None and users_list is None and scan_method is not None:
        for imethod in scan_method:
            if "_brute" in imethod:
                error(messages(language, 36))
                from core.color import finish
                finish()
                sys.exit(1)
    else:
        if users is not None:
            users = list(set(users.rsplit(",")))
        if users_list is not None:
            try:
                users = list(set(
                    open(users_list).read().rsplit("\n")))  # fix later
            except:
                error(messages(language, 37).format(targets_list))
                from core.color import finish
                finish()
                sys.exit(1)
    # Check password list
    if passwds is None and passwds_list is None and scan_method is not None:
        for imethod in scan_method:
            if "_brute" in imethod:
                error(messages(language, 38))
                from core.color import finish
                finish()
                sys.exit(1)
    else:
        if passwds is not None:
            passwds = list(set(passwds.rsplit(",")))
        if passwds_list is not None:
            try:
                passwds = list(set(
                    open(passwds_list).read().rsplit("\n")))  # fix later
            except:
                error(messages(language, 39).format(targets_list))
                from core.color import finish
                finish()
                sys.exit(1)
    # Check output file
    try:
        tmpfile = open(log_in_file, "w")
    except:
        error(messages(language, 40).format(log_in_file))
        from core.color import finish
        finish()
        sys.exit(1)
    # Check Proxies
    if proxies is not None:
        proxies = list(set(proxies.rsplit(',')))
    elif proxies_file is not None:
        if os.path.isfile(proxies_file):
            try:
                proxies = list(set(open(proxies_file).read().rsplit()))
            except:
                error(messages(language, 82).format(proxies_file))
                from core.color import finish
                finish()
                sys.exit(1)
        else:
            error(messages(language, 83).format(proxies_file))
            from core.color import finish
            finish()
            sys.exit(1)
    # Check Graph
    if graph_flag is not None:
        if not (len(log_in_file) >= 5 and log_in_file[-5:] == '.html') or (
                not len(log_in_file) >= 4 and log_in_file[-4:] == '.htm'):
            error(messages(language, 87))
            from core.color import finish
            finish()
            sys.exit(1)
        if graph_flag not in load_all_graphs():
            error(messages(language, 97).format(graph_flag))
            from core.color import finish
            finish()
            sys.exit(1)

    # Return the values
    return [
        targets, targets_list, thread_number, thread_number_host, log_in_file,
        scan_method, exclude_method, users, users_list, passwds, passwds_list,
        timeout_sec, ports, parser, module_names, language, verbose_level,
        show_version, check_update, proxies, proxies_file, retries, graph_flag,
        help_menu_flag
    ]

Exemple #10

0

Afficher le fichier

def check_all_required(targets, targets_list, thread_number, thread_number_host,
                       log_in_file, scan_method, exclude_method, users, users_list,
                       passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level,
                       show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args,
                       method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode,
                       api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log,
                       api_access_log_filename, api_cert, api_cert_key):
    """
    check all rules and requirements for ARGS

    Args:
        targets: targets from CLI
        targets_list: targets_list from CLI
        thread_number: thread numbers from CLI
        thread_number_host: thread number for hosts from CLI
        log_in_file: output file from CLI
        scan_method: modules from CLI
        exclude_method: exclude modules from CLI
        users: usernames from CLI
        users_list: username file from CLI
        passwds: passwords from CLI
        passwds_list: passwords file from CLI
        timeout_sec: timeout seconds from CLI
        ports: ports from CLI
        parser: parser (argparse)
        module_names: all module names
        language: language from CLI
        verbose_level: verbose level from CLI
        show_version: show version flag from CLI
        check_update: check for update flag from CLI
        socks_proxy: socks proxy from CLI
        retries: retries from from CLI
        graph_flag: graph name from CLI
        help_menu_flag: help menu flag from CLI
        methods_args: modules ARGS flag from CLI
        method_args_list: modules ARGS from CLI
        wizard_mode: wizard mode flag from CLI
        profile: profiles from CLI
        start_api: start API flag from CLI
        api_host: API host from CLI
        api_port: API port from CLI
        api_debug_mode: API debug mode flag from CLI
        api_access_key: API access key from CLI
        api_client_white_list: API client white list flag from CLI
        api_client_white_list_ips: API client white list IPs from CLI
        api_access_log: API access log log flag from CLI
        api_access_log_filename: API access log filename from CLI

    Returns:
        all ARGS with applied rules
    """
    # Checking Requirements
    # import libs
    from core import compatible

    # Check Help Menu
    if help_menu_flag:
        parser.print_help()
        write("\n\n")
        write(messages(language, "license"))
        __die_success()
    # Check if method args list called
    if method_args_list:
        from core.load_modules import load_all_method_args

        load_all_method_args(language)
        __die_success()
    # Check version
    if show_version:
        from core import color

        info(
            messages(language, "current_version").format(
                color.color("yellow"),
                compatible.__version__,
                color.color("reset"),
                color.color("cyan"),
                compatible.__code_name__,
                color.color("reset"),
                color.color("green"),
            )
        )
        __die_success()
    # API mode
    if start_api:
        from api.engine import _start_api
        from core.targets import target_type
        from core.ip import _generate_IPRange

        try:
            api_port = int(api_port)
        except Exception:
            __die_failure(messages(language, "API_port_int"))
        if api_client_white_list:
            if type(api_client_white_list_ips) != type([]):
                api_client_white_list_ips = list(
                    set(api_client_white_list_ips.rsplit(","))
                )
            hosts = []
            for data in api_client_white_list_ips:
                if target_type(data) == "SINGLE_IPv4":
                    if data not in hosts:
                        hosts.append(data)
                elif target_type(data) == "RANGE_IPv4":
                    for cidr in _generate_IPRange(data):
                        for ip in cidr:
                            if ip not in hosts:
                                hosts.append(ip)
                elif target_type(data) == "CIDR_IPv4":
                    for ip in _generate_IPRange(data):
                        if ip not in hosts:
                            hosts.append(str(ip))
                else:
                    __die_failure(messages(language, "unknown_ip_input"))
            api_client_white_list_ips = hosts[:]
        if api_access_log:
            try:
                open(api_access_log_filename, "a")
            except Exception:
                write_to_api_console(
                    " * "
                    + messages(language, "file_write_error").format(
                        api_access_log_filename
                    )
                    + "\n"
                )
                __die_failure("")

        _start_api(api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
                   api_client_white_list_ips, api_access_log, api_access_log_filename, api_cert, api_cert_key, language)
    # Wizard mode
    if wizard_mode:
        (
            targets,
            thread_number,
            thread_number_host,
            log_in_file,
            scan_method,
            exclude_method,
            users,
            passwds,
            timeout_sec,
            ports,
            verbose_level,
            socks_proxy,
            retries,
            graph_flag,
        ) = __wizard(
            targets,
            thread_number,
            thread_number_host,
            log_in_file,
            module_names,
            exclude_method,
            users,
            passwds,
            timeout_sec,
            ports,
            verbose_level,
            socks_proxy,
            retries,
            load_all_graphs(),
            language,
        )
    # Check the target(s)
    if targets is None and targets_list is None:
        parser.print_help()
        write("\n")
        __die_failure(messages(language, "error_target"))
    # Select a Profile
    if scan_method is None and profile is None:
        __die_failure(messages(language, "scan_method_select"))
    if profile is not None:
        if scan_method is None:
            scan_method = ""
        else:
            scan_method += ","
        _all_profiles = _builder(_profiles(), default_profiles())
        if "all" in profile.rsplit(","):
            profile = ",".join(_all_profiles)
        tmp_sm = scan_method
        for pr in profile.rsplit(","):
            try:
                for sm in _all_profiles[pr]:
                    if sm not in tmp_sm.rsplit(","):
                        tmp_sm += sm + ","
            except Exception:
                __die_failure(messages(language, "profile_404").format(pr))
        if tmp_sm[-1] == ",":
            tmp_sm = tmp_sm[0:-1]
        scan_method = ",".join(list(set(tmp_sm.rsplit(","))))
    # Check Socks
    if socks_proxy is not None:
        e = False
        if socks_proxy.startswith("socks://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks://", "")
        elif socks_proxy.startswith("socks5://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks5://", "")
        elif socks_proxy.startswith("socks4://"):
            socks_flag = 4
            socks_proxy = socks_proxy.replace("socks4://", "")
        else:
            socks_flag = 5
        if "://" in socks_proxy:
            socks_proxy = socks_proxy.rsplit("://")[1].rsplit("/")[0]
        try:
            if (
                len(socks_proxy.rsplit(":")) < 2
                or len(socks_proxy.rsplit(":")) > 3
            ):
                e = True
            elif (
                len(socks_proxy.rsplit(":")) == 2
                and socks_proxy.rsplit(":")[1] == ""
            ):
                e = True
            elif (
                len(socks_proxy.rsplit(":")) == 3
                and socks_proxy.rsplit(":")[2] == ""
            ):
                e = True
        except Exception:
            e = True
        if e:
            __die_failure(messages(language, "valid_socks_address"))
        if socks_flag == 4:
            socks_proxy = "socks4://" + socks_proxy
        if socks_flag == 5:
            socks_proxy = "socks5://" + socks_proxy
    # Check update
    if check_update and _update_check(language):
        from core.update import _update

        _update(
            compatible.__version__,
            compatible.__code_name__,
            language,
            socks_proxy,
        )
        __die_success()
    else:
        if targets is not None:
            targets = list(set(targets.rsplit(",")))
        elif targets_list is not None:
            try:
                targets = list(set(open(targets_list, "rb").read().rsplit()))
            except Exception:
                __die_failure(
                    messages(language, "error_target_file").format(
                        targets_list
                    )
                )
    # Check thread number
    if thread_number > 101 or thread_number_host > 101:
        warn(messages(language, "thread_number_warning"))
    # Check timeout number
    if timeout_sec is not None and timeout_sec >= 15:
        warn(messages(language, "set_timeout").format(timeout_sec))
    # Check scanning method
    if scan_method is not None and "all" in scan_method.rsplit(","):
        scan_method = module_names
        scan_method.remove("all")
    elif (
        scan_method is not None
        and len(scan_method.rsplit(",")) == 1
        and "*_" not in scan_method
    ):
        if scan_method in module_names:
            scan_method = scan_method.rsplit()
        else:
            __die_failure(
                messages(language, "scan_module_not_found").format(scan_method)
            )
    else:
        if scan_method is not None:
            if scan_method not in module_names:
                if "*_" in scan_method or "," in scan_method:
                    scan_method = scan_method.rsplit(",")
                    scan_method_tmp = scan_method[:]
                    for sm in scan_method_tmp:
                        scan_method_error = True
                        if sm.startswith("*_"):
                            scan_method.remove(sm)
                            found_flag = False
                            for mn in module_names:
                                if mn.endswith("_" + sm.rsplit("*_")[1]):
                                    scan_method.append(mn)
                                    scan_method_error = False
                                    found_flag = True
                            if found_flag is False:
                                __die_failure(
                                    messages(
                                        language, "module_pattern_404"
                                    ).format(sm)
                                )
                        elif sm == "all":
                            scan_method = module_names
                            scan_method_error = False
                            scan_method.remove("all")
                            break
                        elif sm in module_names:
                            scan_method_error = False
                        elif sm not in module_names:
                            __die_failure(
                                messages(
                                    language, "scan_module_not_found"
                                ).format(sm)
                            )
                else:
                    scan_method_error = True
            if scan_method_error:
                __die_failure(
                    messages(language, "scan_module_not_found").format(
                        scan_method
                    )
                )
        else:
            __die_failure(messages(language, "scan_method_select"))
    scan_method = list(set(scan_method))
    # Check for exluding scanning method
    if exclude_method is not None:
        exclude_method = exclude_method.rsplit(",")
        for exm in exclude_method:
            if exm in scan_method:
                if "all" == exm:
                    __die_failure(messages(language, "error_exclude_all"))
                else:
                    scan_method.remove(exm)
                    if len(scan_method) == 0:
                        __die_failure(messages(language, "error_exclude_all"))
            else:
                __die_failure(
                    messages(language, "exclude_module_error").format(exm)
                )
    # Check port(s)
    if type(ports) is not list and ports is not None:
        tmp_ports = []
        for port in ports.rsplit(","):
            try:
                if "-" not in port:
                    if int(port) not in tmp_ports:
                        tmp_ports.append(int(port))
                else:
                    t_ports = range(
                        int(port.rsplit("-")[0]), int(port.rsplit("-")[1]) + 1
                    )
                    for p in t_ports:
                        if p not in tmp_ports:
                            tmp_ports.append(p)
            except Exception:
                __die_failure(messages(language, "ports_int"))
        if len(tmp_ports) == 0:
            ports = None
        else:
            ports = tmp_ports[:]
    # Check user list
    if users is not None:
        users = list(set(users.rsplit(",")))
    elif users_list is not None:
        try:
            # fix later
            users = list(set(open(users_list).read().rsplit("\n")))
        except Exception:
            __die_failure(
                messages(language, "error_username").format(targets_list)
            )
    # Check password list
    if passwds is not None:
        passwds = list(set(passwds.rsplit(",")))
    if passwds_list is not None:
        try:
            passwds = list(
                set(open(passwds_list).read().rsplit("\n"))
            )  # fix later
        except Exception:
            __die_failure(
                messages(language, "error_password_file").format(targets_list)
            )
    # Check output file
    try:
        open(log_in_file, "w")
    except Exception:
        __die_failure(
            messages(language, "file_write_error").format(log_in_file)
        )
    # Check Graph
    if graph_flag is not None:
        if graph_flag not in load_all_graphs():
            __die_failure(
                messages(language, "graph_module_404").format(graph_flag)
            )
        if not (log_in_file.endswith(".html") or log_in_file.endswith(".htm")):
            warn(messages(language, "graph_output"))
            graph_flag = None
    # Check Methods ARGS
    if methods_args is not None:
        new_methods_args = {}
        methods_args = methods_args.rsplit("&")
        for imethod_args in methods_args:
            if len(imethod_args.rsplit("=")) == 2:
                if imethod_args.rsplit("=")[1].startswith("read_from_file:"):
                    try:
                        read_data = list(
                            set(
                                open(
                                    imethod_args.rsplit("=read_from_file:")[1]
                                )
                                .read()
                                .rsplit("\n")
                            )
                        )
                    except Exception:
                        __die_failure(messages(language, "error_reading_file"))
                    new_methods_args[imethod_args.rsplit("=")[0]] = read_data
                else:
                    new_methods_args[
                        imethod_args.rsplit("=")[0]
                    ] = imethod_args.rsplit("=")[1].rsplit(",")
            else:
                new_methods_args[imethod_args] = ["True"]
        methods_args = new_methods_args
    # Return the values

    return [targets, targets_list, thread_number, thread_number_host,
            log_in_file, scan_method, exclude_method, users, users_list,
            passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level,
            show_version, check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args,
            method_args_list, wizard_mode, profile, start_api, api_host, api_port, api_debug_mode,
            api_access_key, api_client_white_list, api_client_white_list_ips, api_access_log,
            api_access_log_filename, api_cert, api_cert_key]

Exemple #11

0

Afficher le fichier

Fichier : api_core.py Projet : withshubh/Nettacker

def __rules(config, defaults, language):
    """
    Load ARGS from API requests and apply the rules

    Args:
        config: all user config
        defaults: default config
        language: language

    Returns:
        config with applied rules
    """
    # Check Ranges
    config["check_ranges"] = True if config[
        "check_ranges"] is not False else False
    # Check Subdomains
    config["check_subdomains"] = True if config[
        "check_subdomains"] is not False else False
    # Check Graph
    config["graph_flag"] = config["graph_flag"] if config[
        "graph_flag"] in load_all_graphs() else None
    # Check Language
    config["language"] = config["language"] if config["language"] in list(
        messages(-1, 0)) else "en"
    # Check Targets
    if config["targets"] is not None:
        config["targets"] = list(set(config["targets"].rsplit(",")))
    else:
        abort(400, messages(language, "error_target"))
    # Check Log File
    try:
        f = open(config["log_in_file"], "a")
        f.close()
    except:
        abort(
            400,
            messages(language,
                     "file_write_error").format(config["log_in_file"]))
    # Check Method ARGS
    methods_args = config["methods_args"]
    if methods_args is not None:
        new_methods_args = {}
        methods_args = methods_args.rsplit("&")
        for imethod_args in methods_args:
            if len(imethod_args.rsplit("=")) == 2:
                new_methods_args[imethod_args.rsplit("=")
                                 [0]] = imethod_args.rsplit("=")[1].rsplit(",")
            else:
                new_methods_args[imethod_args] = ["True"]
        methods_args = new_methods_args
    config["methods_args"] = methods_args

    # Check Passwords
    config["passwds"] = config["passwds"].rsplit(
        ',') if config["passwds"] is not None else None
    # Check Ping Before Scan
    config["ping_flag"] = True if config["ping_flag"] is not False else False
    # Check Ports
    ports = config["ports"]
    if type(ports) is not list and ports is not None:
        tmp_ports = []
        for port in ports.rsplit(','):
            try:
                if '-' not in port:
                    if int(port) not in tmp_ports:
                        tmp_ports.append(int(port))
                else:
                    t_ports = range(int(port.rsplit('-')[0]),
                                    int(port.rsplit('-')[1]) + 1)
                    for p in t_ports:
                        if p not in tmp_ports:
                            tmp_ports.append(p)
            except:
                abort(400, messages(language, "ports_int"))
        if len(tmp_ports) == 0:
            ports = None
        else:
            ports = tmp_ports[:]
    config["ports"] = ports
    # Check Profiles
    if config["profile"] is not None:
        _all_profiles = _builder(_profiles(), default_profiles())
        synonyms = _synonym_profile().keys()
        for synonym in synonyms:
            del (_all_profiles[synonym])
        if config["scan_method"] is None:
            config["scan_method"] = ""
        else:
            config["scan_method"] += ","
        if "all" in config["profile"].rsplit(","):
            config["profile"] = ",".join(_all_profiles)
        tmp_sm = config["scan_method"]
        for pr in config["profile"].rsplit(","):
            try:
                for sm in _all_profiles[pr]:
                    if sm not in tmp_sm.rsplit(","):
                        tmp_sm += sm + ","
            except:
                abort(400, messages(language, "profile_404").format(pr))
        if tmp_sm[-1] == ",":
            tmp_sm = tmp_sm[0:-1]
        config["scan_method"] = ",".join(list(set(tmp_sm.rsplit(","))))
    # Check retries
    try:
        config["retries"] = int(config["retries"])
    except:
        config["retries"] = defaults["retries"]
    # Check Scanning Method
    if config["scan_method"] is not None and "all" in config[
            "scan_method"].rsplit(","):
        config["scan_method"] = load_all_modules()
        config["scan_method"].remove("all")
    elif config["scan_method"] is not None and len(
            config["scan_method"].rsplit(
                ",")) == 1 and "*_" not in config["scan_method"]:
        if config["scan_method"] in load_all_modules():
            config["scan_method"] = config["scan_method"].rsplit()
        else:
            abort(
                400,
                messages(language, "scan_module_not_found").format(
                    config["scan_method"]))
    else:
        if config["scan_method"] is not None:
            if config["scan_method"] not in load_all_modules():
                if "*_" in config["scan_method"] or "," in config[
                        "scan_method"]:
                    config["scan_method"] = config["scan_method"].rsplit(",")
                    scan_method_tmp = config["scan_method"][:]
                    for sm in scan_method_tmp:
                        scan_method_error = True
                        if sm.startswith("*_"):
                            config["scan_method"].remove(sm)
                            found_flag = False
                            for mn in load_all_modules():
                                if mn.endswith("_" + sm.rsplit("*_")[1]):
                                    config["scan_method"].append(mn)
                                    scan_method_error = False
                                    found_flag = True
                            if found_flag is False:
                                abort(
                                    400,
                                    messages(language,
                                             "module_pattern_404").format(sm))
                        elif sm == "all":
                            config["scan_method"] = load_all_modules()
                            scan_method_error = False
                            config["scan_method"].remove("all")
                            break
                        elif sm in load_all_modules():
                            scan_method_error = False
                        elif sm not in load_all_modules():
                            abort(
                                400,
                                messages(language,
                                         "scan_module_not_found").format(sm))
                else:
                    scan_method_error = True
            if scan_method_error:
                abort(
                    400,
                    messages(language, "scan_module_not_found").format(
                        config["scan_method"]))
        else:
            abort(400, messages(language, "scan_method_select"))
        config["scan_method"] = list(set(config["scan_method"]))

    # Check Socks Proxy
    socks_proxy = config["socks_proxy"]
    if socks_proxy is not None:
        e = False
        if socks_proxy.startswith("socks://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks://", "")
        elif socks_proxy.startswith("socks5://"):
            socks_flag = 5
            socks_proxy = socks_proxy.replace("socks5://", "")
        elif socks_proxy.startswith("socks4://"):
            socks_flag = 4
            socks_proxy = socks_proxy.replace("socks4://", "")
        else:
            socks_flag = 5
        if "://" in socks_proxy:
            socks_proxy = socks_proxy.rsplit("://")[1].rsplit("/")[0]
        try:
            if len(socks_proxy.rsplit(":")) < 2 or len(
                    socks_proxy.rsplit(":")) > 3:
                e = True
            elif len(socks_proxy.rsplit(":")) == 2 and socks_proxy.rsplit(
                    ":")[1] == "":
                e = True
            elif len(socks_proxy.rsplit(":")) == 3 and socks_proxy.rsplit(
                    ":")[2] == "":
                e = True
        except:
            e = True
        if e:
            abort(400, messages(language, "valid_socks_address"))
        if socks_flag == 4:
            socks_proxy = "socks4://" + socks_proxy
        if socks_flag == 5:
            socks_proxy = "socks5://" + socks_proxy
    config["socks_proxy"] = socks_proxy
    # Check thread numbers
    try:
        config["thread_number"] = int(config["thread_number"])
    except:
        config["thread_number"] = defaults["thread_number"]
    # Check thread number for hosts
    try:
        config["thread_number_host"] = int(config["thread_number_host"])
    except:
        config["thread_number_host"] = defaults["thread_number_host"]
    # Check time sleep
    try:
        config["time_sleep"] = float(config["time_sleep"])
    except:
        config["time_sleep"] = defaults["time_sleep"]
    # Check timeout sec
    try:
        config["timeout_sec"] = int(config["timeout_sec"])
    except:
        config["thread_number_host"] = defaults["thread_number_host"]
    # Check users
    config["users"] = config["users"].rsplit(
        ',') if config["users"] is not None else None
    return config

Exemple #12

0

Afficher le fichier

Fichier : parse.py Projet : ravindra1307/OWASP-Nettacker

def load():
    write("\n\n")
    # load libs
    from core.color import finish
    # load all modules in lib/brute, lib/scan, lib/graph
    module_names = load_all_modules()
    graph_names = load_all_graphs()

    # Parse ARGVs
    try:
        parser, options, startup_update_flag = load_all_args(
            module_names, graph_names)
    except SystemExit:
        finish()
        sys.exit(1)
    # Filling Options
    check_ranges = options.check_ranges
    check_subdomains = options.check_subdomains
    targets = options.targets
    targets_list = options.targets_list
    thread_number = options.thread_number + 1
    thread_number_host = options.thread_number_host
    log_in_file = options.log_in_file
    scan_method = options.scan_method
    exclude_method = options.exclude_method
    users = options.users
    users_list = options.users_list
    passwds = options.passwds
    passwds_list = options.passwds_list
    timeout_sec = options.timeout_sec
    ports = options.ports
    time_sleep = options.time_sleep
    language = options.language
    verbose_level = options.verbose_level
    show_version = options.show_version
    check_update = options.check_update
    socks_proxy = options.socks_proxy
    retries = options.retries
    graph_flag = options.graph_flag
    help_menu_flag = options.help_menu_flag
    ping_flag = options.ping_flag
    methods_args = options.methods_args
    method_args_list = options.method_args_list
    wizard_mode = options.wizard_mode
    profile = options.profile
    start_api = options.start_api
    api_host = options.api_host
    api_port = options.api_port
    api_debug_mode = options.api_debug_mode
    api_access_key = options.api_access_key
    api_client_white_list = options.api_client_white_list
    api_client_white_list_ips = options.api_client_white_list_ips
    api_access_log = options.api_access_log
    api_access_log_filename = options.api_access_log_filename

    # Checking Requirements
    (targets, targets_list, thread_number, thread_number_host,
     log_in_file, scan_method, exclude_method, users, users_list,
     passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
     check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
     profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
     api_client_white_list_ips, api_access_log, api_access_log_filename) = \
        check_all_required(
            targets, targets_list, thread_number, thread_number_host,
            log_in_file, scan_method, exclude_method, users, users_list,
            passwds, passwds_list, timeout_sec, ports, parser, module_names, language, verbose_level, show_version,
            check_update, socks_proxy, retries, graph_flag, help_menu_flag, methods_args, method_args_list, wizard_mode,
            profile, start_api, api_host, api_port, api_debug_mode, api_access_key, api_client_white_list,
            api_client_white_list_ips, api_access_log, api_access_log_filename
        )

    info(messages(language, 0))
    # check for update
    if startup_update_flag:
        __version__, __code_name__ = _version_info()
        _check(__version__, __code_name__, language, socks_proxy)

    info(
        messages(
            language,
            96).format(len(load_all_modules()) - 1 + len(load_all_graphs())))
    suff = now(model="%Y_%m_%d_%H_%M_%S") + "".join(
        random.choice(string.ascii_lowercase) for x in range(10))
    subs_temp = "tmp/subs_temp_" + suff
    range_temp = "tmp/ranges_" + suff
    total_targets = -1
    for total_targets, _ in enumerate(
            analysis(targets, check_ranges, check_subdomains, subs_temp,
                     range_temp, log_in_file, time_sleep, language,
                     verbose_level, retries, socks_proxy, True)):
        pass
    total_targets += 1
    total_targets = total_targets * len(scan_method)
    try:
        os.remove(range_temp)
    except:
        pass
    range_temp = "tmp/ranges_" + suff
    targets = analysis(targets, check_ranges, check_subdomains, subs_temp,
                       range_temp, log_in_file, time_sleep, language,
                       verbose_level, retries, socks_proxy, False)
    trying = 0
    scan_id = "".join(random.choice("0123456789abcdef") for x in range(32))
    scan_cmd = " ".join(sys.argv)
    for target in targets:
        for sm in scan_method:
            trying += 1
            p = multiprocessing.Process(
                target=start_attack,
                args=(str(target).rsplit()[0], trying, total_targets, sm,
                      users, passwds, timeout_sec, thread_number, ports,
                      log_in_file, time_sleep, language, verbose_level,
                      socks_proxy, retries, ping_flag, methods_args, scan_id,
                      scan_cmd))
            p.name = str(target) + "->" + sm
            p.start()
            while 1:
                n = 0
                processes = multiprocessing.active_children()
                for process in processes:
                    if process.is_alive():
                        n += 1
                    else:
                        processes.remove(process)
                if n >= thread_number_host:
                    time.sleep(0.01)
                else:
                    break
    _waiting_for = 0
    while 1:
        try:
            exitflag = True
            if len(multiprocessing.active_children()) is not 0:
                exitflag = False
                _waiting_for += 1
            if _waiting_for > 3000:
                _waiting_for = 0
                info(
                    messages(language, 138).format(", ".join(
                        [p.name for p in multiprocessing.active_children()])))
            time.sleep(0.01)
            if exitflag:
                break
        except KeyboardInterrupt:
            for process in multiprocessing.active_children():
                process.terminate()
            break
    info(messages(language, 42))
    os.remove(subs_temp)
    os.remove(range_temp)
    info(messages(language, 43))
    sort_logs(log_in_file, language, graph_flag)
    write("\n")
    info(messages(language, 44))
    write("\n\n")
    finish()

Exemple #13

0

Afficher le fichier

def check_all_required(parser, api_forms=None):
    """
    check all rules and requirements for ARGS

    Args:
        parser: parser from argparse
        api_forms: values from API

    Returns:
        all ARGS with applied rules
    """
    # Checking Requirements
    options = parser.parse_args() if not api_forms else api_forms
    modules_list = load_all_modules(full_details=True)
    profiles_list = load_all_profiles()

    # Check Help Menu
    if options.show_help_menu:
        parser.print_help()
        write("\n\n")
        write(messages("license"))
        die_success()

    # Check version
    if options.show_version:
        info(
            messages("current_version").format(
                color("yellow"),
                version_info()[0],
                color("reset"),
                color("cyan"),
                version_info()[1],
                color("reset"),
                color("green"),
            )
        )
        die_success()
    if options.show_all_modules:
        messages("loading_modules")
        for module in modules_list:
            info(
                messages("module_profile_full_information").format(
                    module,
                    ", ".join(
                        [
                            "{key}: {value}".format(
                                key=key, value=modules_list[module][key]
                            ) for key in modules_list[module]
                        ]
                    )
                )
            )
        die_success()
    if options.show_all_profiles:
        messages("loading_profiles")
        for profile in profiles_list:
            info(
                messages("module_profile_full_information").format(
                    profile,
                    ", ".join(profiles_list[profile])
                )
            )
        die_success()
    # API mode
    if options.start_api_server:
        if '--start-api' in sys.argv and api_forms:
            die_failure(messages("cannot_run_api_server"))
        from api.engine import start_api_server
        if options.api_client_whitelisted_ips:
            if type(options.api_client_whitelisted_ips) == str:
                options.api_client_whitelisted_ips = options.api_client_whitelisted_ips.split(',')
                whielisted_ips = []
                for ip in options.api_client_whitelisted_ips:
                    from core.ip import (is_single_ipv4,
                                         is_single_ipv6,
                                         is_ipv4_cidr,
                                         is_ipv6_range,
                                         is_ipv6_cidr,
                                         is_ipv4_range,
                                         generate_ip_range)
                    if is_single_ipv4(ip) or is_single_ipv6(ip):
                        whielisted_ips.append(ip)
                    elif is_ipv4_range(ip) or is_ipv6_range(ip) or is_ipv4_cidr(ip) or is_ipv6_cidr(ip):
                        whielisted_ips += generate_ip_range(ip)
                options.api_client_whitelisted_ips = whielisted_ips
        start_api_server(options)

    # Check the target(s)
    if not (options.targets or options.targets_list) or (options.targets and options.targets_list):
        parser.print_help()
        write("\n")
        die_failure(messages("error_target"))
    if options.targets:
        options.targets = list(set(options.targets.split(",")))
    if options.targets_list:
        try:
            options.targets = list(set(open(options.targets_list, "rb").read().decode().split()))
        except Exception:
            die_failure(
                messages("error_target_file").format(
                    options.targets_list
                )
            )

    # check for modules
    if not (options.selected_modules or options.profiles):
        die_failure(messages("scan_method_select"))
    if options.selected_modules:
        if options.selected_modules == 'all':
            options.selected_modules = modules_list
            del options.selected_modules['all']
        else:
            options.selected_modules = list(set(options.selected_modules.split(',')))
        for module_name in options.selected_modules:
            if module_name not in modules_list:
                die_failure(
                    messages("scan_module_not_found").format(
                        module_name
                    )
                )
    if options.profiles:
        if not options.selected_modules:
            options.selected_modules = []
        if options.profiles == 'all':
            options.selected_modules = modules_list
            del options.selected_modules['all']
        else:
            options.profiles = list(set(options.profiles.split(',')))
            for profile in options.profiles:
                if profile not in profiles_list:
                    die_failure(
                        messages("profile_404").format(
                            profile
                        )
                    )
                for module_name in profiles_list[profile]:
                    if module_name not in options.selected_modules:
                        options.selected_modules.append(module_name)
    # threading & processing
    if options.set_hardware_usage not in ['low', 'normal', 'high', 'maximum']:
        die_failure(
            messages("wrong_hardware_usage")
        )
    options.set_hardware_usage = select_maximum_cpu_core(options.set_hardware_usage)

    options.thread_per_host = int(options.thread_per_host)
    if not options.thread_per_host >= 1:
        options.thread_per_host = 1
    options.parallel_module_scan = int(options.parallel_module_scan)
    if not options.parallel_module_scan >= 1:
        options.parallel_module_scan = 1

    # Check for excluding modules
    if options.excluded_modules:
        options.excluded_modules = options.excluded_modules.split(",")
        if 'all' in options.excluded_modules:
            die_failure(messages("error_exclude_all"))
        for excluded_module in options.excluded_modules:
            if excluded_module in options.selected_modules:
                del options.selected_modules[excluded_module]
    # Check port(s)
    if options.ports:
        tmp_ports = []
        for port in options.ports.split(","):
            try:
                if "-" in port:
                    for port_number in range(int(port.split('-')[0]), int(port.split('-')[1]) + 1):
                        if port_number not in tmp_ports:
                            tmp_ports.append(port_number)
                else:
                    if int(port) not in tmp_ports:
                        tmp_ports.append(int(port))
            except Exception:
                die_failure(messages("ports_int"))
        options.ports = tmp_ports

    if options.user_agent == 'random_user_agent':
        options.user_agents = open(
            nettacker_global_config()['nettacker_paths']['web_browser_user_agents']
        ).read().split('\n')

    # Check user list
    if options.usernames:
        options.usernames = list(set(options.usernames.split(",")))
    elif options.usernames_list:
        try:
            options.usernames = list(set(open(options.usernames_list).read().split("\n")))
        except Exception:
            die_failure(
                messages("error_username").format(options.usernames_list)
            )
    # Check password list
    if options.passwords:
        options.passwords = list(set(options.passwords.split(",")))
    elif options.passwords_list:
        try:
            options.passwords = list(set(open(options.passwords_list).read().split("\n")))
        except Exception:
            die_failure(
                messages("error_passwords").format(options.passwords_list)
            )
    # Check output file
    try:
        temp_file = open(options.report_path_filename, "w")
        temp_file.close()
    except Exception:
        die_failure(
            messages("file_write_error").format(options.report_path_filename)
        )
    # Check Graph
    if options.graph_name:
        if options.graph_name not in load_all_graphs():
            die_failure(
                messages("graph_module_404").format(options.graph_name)
            )
        if not (options.report_path_filename.endswith(".html") or options.report_path_filename.endswith(".htm")):
            warn(messages("graph_output"))
            options.graph_name = None
    # check modules extra args
    if options.modules_extra_args:
        all_args = {}
        for args in options.modules_extra_args.split("&"):
            all_args[args.split('=')[0]] = args.split('=')[1]
        options.modules_extra_args = all_args
    options.timeout = float(options.timeout)
    options.time_sleep_between_requests = float(options.time_sleep_between_requests)
    options.retries = int(options.retries)
    return options

Exemple #14

0

Afficher le fichier

def load_all_args():
    """
    create the ARGS and help menu

    Returns:
        the parser, the ARGS
    """

    nettacker_global_configuration = nettacker_global_config()

    # Language Options
    language = application_language()
    languages_list = load_all_languages()
    if language not in languages_list:
        die_failure(
            "Please select one of these languages {0}".format(
                languages_list
            )
        )

    reset_color()
    # Start Parser
    parser = argparse.ArgumentParser(prog="Nettacker", add_help=False)

    # Engine Options
    engineOpt = parser.add_argument_group(
        messages("engine"), messages("engine_input")
    )
    engineOpt.add_argument(
        "-L",
        "--language",
        action="store",
        dest="language",
        default=nettacker_global_configuration['nettacker_user_application_config']["language"],
        help=messages("select_language").format(languages_list),
    )
    engineOpt.add_argument(
        "-v",
        "--verbose",
        action="store_true",
        dest="verbose_mode",
        default=nettacker_global_configuration['nettacker_user_application_config']['verbose_mode'],
        help=messages("verbose_mode"),
    )
    engineOpt.add_argument(
        "--verbose-event",
        action="store_true",
        dest="verbose_event",
        default=nettacker_global_configuration['nettacker_user_application_config']['verbose_event'],
        help=messages("verbose_event"),
    )
    engineOpt.add_argument(
        "-V",
        "--version",
        action="store_true",
        default=nettacker_global_configuration['nettacker_user_application_config']['show_version'],
        dest="show_version",
        help=messages("software_version"),
    )
    engineOpt.add_argument(
        "-o",
        "--output",
        action="store",
        default=nettacker_global_configuration['nettacker_user_application_config']['report_path_filename'],
        dest="report_path_filename",
        help=messages("save_logs"),
    )
    engineOpt.add_argument(
        "--graph",
        action="store",
        default=nettacker_global_configuration['nettacker_user_application_config']["graph_name"],
        dest="graph_name",
        help=messages("available_graph").format(load_all_graphs()),
    )
    engineOpt.add_argument(
        "-h",
        "--help",
        action="store_true",
        default=nettacker_global_configuration['nettacker_user_application_config']["show_help_menu"],
        dest="show_help_menu",
        help=messages("help_menu"),
    )

    # Target Options
    target = parser.add_argument_group(
        messages("target"), messages("target_input")
    )
    target.add_argument(
        "-i",
        "--targets",
        action="store",
        dest="targets",
        default=nettacker_global_configuration['nettacker_user_application_config']["targets"],
        help=messages("target_list"),
    )
    target.add_argument(
        "-l",
        "--targets-list",
        action="store",
        dest="targets_list",
        default=nettacker_global_configuration['nettacker_user_application_config']["targets_list"],
        help=messages("read_target"),
    )

    # Exclude Module Name
    exclude_modules = list(load_all_modules(limit=10).keys())
    exclude_modules.remove("all")

    # Methods Options
    modules = parser.add_argument_group(
        messages("Method"), messages("scan_method_options")
    )
    modules.add_argument(
        "-m",
        "--modules",
        action="store",
        dest="selected_modules",
        default=nettacker_global_configuration['nettacker_user_application_config']["selected_modules"],
        help=messages("choose_scan_method").format(list(load_all_modules(limit=10).keys())),
    )
    modules.add_argument(
        "--modules-extra-args",
        action="store",
        dest="modules_extra_args",
        default=nettacker_global_configuration['nettacker_user_application_config']['modules_extra_args'],
        help=messages("modules_extra_args_help")
    )
    modules.add_argument(
        "--show-all-modules",
        action="store_true",
        dest="show_all_modules",
        default=nettacker_global_configuration['nettacker_user_application_config']["show_all_modules"],
        help=messages("show_all_modules"),
    )
    modules.add_argument(
        "--profile",
        action="store",
        default=nettacker_global_configuration['nettacker_user_application_config']["profiles"],
        dest="profiles",
        help=messages("select_profile").format(list(load_all_profiles(limit=10).keys())),
    )
    modules.add_argument(
        "--show-all-profiles",
        action="store_true",
        dest="show_all_profiles",
        default=nettacker_global_configuration['nettacker_user_application_config']["show_all_profiles"],
        help=messages("show_all_profiles"),
    )
    modules.add_argument(
        "-x",
        "--exclude-modules",
        action="store",
        dest="excluded_modules",
        default=nettacker_global_configuration['nettacker_user_application_config']["excluded_modules"],
        help=messages("exclude_scan_method").format(exclude_modules),
    )
    modules.add_argument(
        "-u",
        "--usernames",
        action="store",
        dest="usernames",
        default=nettacker_global_configuration['nettacker_user_application_config']["usernames"],
        help=messages("username_list"),
    )
    modules.add_argument(
        "-U",
        "--users-list",
        action="store",
        dest="usernames_list",
        default=nettacker_global_configuration['nettacker_user_application_config']["usernames_list"],
        help=messages("username_from_file"),
    )
    modules.add_argument(
        "-p",
        "--passwords",
        action="store",
        dest="passwords",
        default=nettacker_global_configuration['nettacker_user_application_config']["passwords"],
        help=messages("password_seperator"),
    )
    modules.add_argument(
        "-P",
        "--passwords-list",
        action="store",
        dest="passwords_list",
        default=nettacker_global_configuration['nettacker_user_application_config']["passwords_list"],
        help=messages("read_passwords"),
    )
    modules.add_argument(
        "-g",
        "--ports",
        action="store",
        dest="ports",
        default=nettacker_global_configuration['nettacker_user_application_config']["ports"],
        help=messages("port_seperator"),
    )
    modules.add_argument(
        "--user-agent",
        action="store",
        dest="user_agent",
        default=nettacker_global_configuration['nettacker_user_application_config']["user_agent"],
        help=messages("select_user_agent"),
    )
    modules.add_argument(
        "-T",
        "--timeout",
        action="store",
        dest="timeout",
        default=nettacker_global_configuration['nettacker_user_application_config']["timeout"],
        type=float,
        help=messages("read_passwords"),
    )
    modules.add_argument(
        "-w",
        "--time-sleep-between-requests",
        action="store",
        dest="time_sleep_between_requests",
        default=nettacker_global_configuration['nettacker_user_application_config']["time_sleep_between_requests"],
        type=float,
        help=messages("time_to_sleep"),
    )
    modules.add_argument(
        "-r",
        "--range",
        action="store_true",
        default=nettacker_global_configuration['nettacker_user_application_config']["scan_ip_range"],
        dest="scan_ip_range",
        help=messages("range"),
    )
    modules.add_argument(
        "-s",
        "--sub-domains",
        action="store_true",
        default=nettacker_global_configuration['nettacker_user_application_config']["scan_subdomains"],
        dest="scan_subdomains",
        help=messages("subdomains"),
    )
    modules.add_argument(
        "-t",
        "--thread-per-host",
        action="store",
        default=nettacker_global_configuration['nettacker_user_application_config']["thread_per_host"],
        type=int,
        dest="thread_per_host",
        help=messages("thread_number_connections"),
    )
    modules.add_argument(
        "-M",
        "--parallel-module-scan",
        action="store",
        default=nettacker_global_configuration['nettacker_user_application_config']["parallel_module_scan"],
        type=int,
        dest="parallel_module_scan",
        help=messages("thread_number_modules"),
    )
    modules.add_argument(
        "--set-hardware-usage",
        action="store",
        dest="set_hardware_usage",
        default=nettacker_global_configuration['nettacker_user_application_config']['set_hardware_usage'],
        help=messages("set_hardware_usage")
    )
    modules.add_argument(
        "-R",
        "--socks-proxy",
        action="store",
        dest="socks_proxy",
        default=nettacker_global_configuration['nettacker_user_application_config']["socks_proxy"],
        help=messages("outgoing_proxy"),
    )
    modules.add_argument(
        "--retries",
        action="store",
        dest="retries",
        type=int,
        default=nettacker_global_configuration['nettacker_user_application_config']["retries"],
        help=messages("connection_retries"),
    )
    modules.add_argument(
        "--ping-before-scan",
        action="store_true",
        dest="ping_before_scan",
        default=nettacker_global_configuration['nettacker_user_application_config']["ping_before_scan"],
        help=messages("ping_before_scan"),
    )
    # API Options
    api = parser.add_argument_group(
        messages("API"),
        messages("API_options")
    )
    api.add_argument(
        "--start-api",
        action="store_true",
        dest="start_api_server",
        default=nettacker_global_configuration['nettacker_api_config']["start_api_server"],
        help=messages("start_api_server")
    )
    api.add_argument(
        "--api-host",
        action="store",
        dest="api_hostname",
        default=nettacker_global_configuration['nettacker_api_config']["api_hostname"],
        help=messages("API_host")
    )
    api.add_argument(
        "--api-port",
        action="store",
        dest="api_port",
        default=nettacker_global_configuration['nettacker_api_config']["api_port"],
        help=messages("API_port")
    )
    api.add_argument(
        "--api-debug-mode",
        action="store_true",
        dest="api_debug_mode",
        default=nettacker_global_configuration['nettacker_api_config']["api_debug_mode"],
        help=messages("API_debug")
    )
    api.add_argument(
        "--api-access-key",
        action="store",
        dest="api_access_key",
        default=nettacker_global_configuration['nettacker_api_config']["api_access_key"],
        help=messages("API_access_key")
    )
    api.add_argument(
        "--api-client-whitelisted-ips",
        action="store",
        dest="api_client_whitelisted_ips",
        default=nettacker_global_configuration['nettacker_api_config']["api_client_whitelisted_ips"],
        help=messages("define_whie_list")
    )
    api.add_argument(
        "--api-access-log",
        action="store",
        dest="api_access_log",
        default=nettacker_global_configuration['nettacker_api_config']["api_access_log"],
        help=messages("API_access_log_file")
    )
    api.add_argument(
        "--api-cert",
        action="store",
        dest="api_cert",
        help=messages("API_cert")
    )
    api.add_argument(
        "--api-cert-key",
        action="store",
        dest="api_cert_key",
        help=messages("API_cert_key")
    )
    # Return Options
    return parser