def cache(software, version, response, cpe):
vulnerable = True
if 'Nothing found for Burpsuite search request' in response:
vulnerable = False
if cpe:
if software not in database['by_cpe']:
database['by_cpe'][software] = vulnerable
else:
if software not in database['by_version']:
database['by_version'][software] = {}
if version not in database['by_version'][software]:
database['by_version'][software][version] = vulnerable
write_json(file, database)
def gen_api_params(self):
utils.check_and_mkdir(self.FUZZY_GEN_PATH)
# test_file = self.service_file_mp["TvInputManager"]
# print(test_file)
# jp = JavaClassParser(test_file, "TvInputManager")
# print(jp.get_available_api())
self.__init_service_ctx_str()
for cls, path in self.service_file_mp.items():
print(path)
jp = JavaClassParser(path, cls)
svr = jp.get_available_api()
svr.atr_ctx_str = self.service_ctx_str[cls]
utils.write_json(svr.dump(),
CONFIG.local_path(f"data/fuzzy/{cls}.json"))
def __init_service_file_mp(self):
if os.path.exists(self.SERVICE_FILE_PATH):
utils.write_log("Load service path from cache: %s",
self.SERVICE_FILE_PATH)
self.service_file_mp = utils.load_json(self.SERVICE_FILE_PATH)
return
sr_cls = osp.join(CONFIG.DEFAULT_AOSP_PATH,
CONFIG.SERVICE_REGISTER_CLS)
service_manager = get_service_registers(sr_cls)
from core.JniAPIExtractor import SourceFileScanner
jni = SourceFileScanner(CONFIG.DEFAULT_AOSP_PATH)
java_files = jni.get_files(".java")
for jf in java_files:
for k, it in service_manager.items():
cls = it["cls"] + ".java"
fi = jf.split(os.sep).pop()
if fi == cls:
self.service_file_mp[it["cls"]] = jf
utils.write_json(self.service_file_mp, self.SERVICE_FILE_PATH)
masscan_saved = load_json(savefile)
if not masscan_saved:
file = open(savefile, 'w+')
file.close()
exclude = [host for host in masscan_saved]
if exclude:
exclude = ' --exclude ' + ','.join(exclude) + ' '
else:
exclude = ''
os.system('masscan%s-p%s --rate %i -oG %s %s %s >/dev/null 2>&1' % (host, ports_to_scan, args.rate, savefile, hostfile, exclude))
master_db = parse_masscan(savefile)
for host in masscan_saved:
master_db[host] = masscan_saved[host]
write_json(savefile, master_db)
print('%s Result saved to %s' % (info, savefile))
exclude = []
cached_hosts = load_json(savefile)
for host in cached_hosts:
for port in cached_hosts[host]:
if 'software' in cached_hosts[host][port]:
exclude.append(host)
break
count = 0
shodan_count = core.memory.config['max_shodan_credits'] * 20
shodan_eligible = []
for host in master_db:
if host not in exclude:
def process_cpp_files(self, files):
for fi in files:
self.__parser_jni_cpp_register_func(fi)
print(len(self.jni_bridge_map), self.jni_bridge_map)
utils.write_json(self.jni_bridge_map, CONFIG.local_path("data/jni.json"))
quit('%s No hosts to scan.' % bad)
if args.outname:
target_name = args.outname.split('/')[-1].split('.')[0]
savefile = args.outname if args.outname else cwd + '/result-' + target_name + '.json'
nmapfile = cwd + '/nmap-' + target_name + '.xml'
if input_file:
print('%s Resolving hostnames to IPs for masscan' % run)
targets = resolver(input_file)
cached_db = load_json(savefile)
if args.use_shodan:
result = shodan(targets, cached_db)
write_json(savefile, result)
print('%s Output saved to %s' % (info, savefile))
quit()
arg_dict = vars(args)
for key in arg_dict:
core.memory.global_vars[key] = arg_dict[key]
flat_targets = ','.join(targets)
hostfile = '-iL ' + input_file if args.input_file else ''
host = ' %s ' % flat_targets if not args.input_file else ' '
use_cpe = True if method == 'software' else False
ports_to_scan = '0-65535'
if quick: