Exemple #1
0
def pwd_get(request):
    url = request.GET['q']
    username = request.GET['p']
    r = result.result()
    bruteforce.bruteforce_wordpress(url, username, r)
    return render(request, 'peni/pwdcrack.html',
                  {'pwd': r.bruteforce_wordpress})
Exemple #2
0
def bug_scan(request):
    scan_url = request.GET['q']
    r = result.result()
    choose = request.GET['id']
    if choose == '1':
        return scan_wapiti(request, scan_url, r)
    elif choose == '2':
        return scan_openvas(request, scan_url, r)
    elif choose == '3':
        return scan_wps(request, scan_url, r)
Exemple #3
0
def bug_scan(request):
	scan_url = request.GET['q']
	r = result.result()
	choose = request.GET['id']
	if choose == '1':
		return scan_wapiti(request, scan_url, r)
	elif choose == '2':
		return scan_openvas(request, scan_url, r)
	elif choose == '3':
		return scan_wps(request, scan_url, r)
Exemple #4
0
def sql_getable(request):
    scan_url = request.GET['q']
    db_name = request.GET['db']
    r = result.result()
    exploit.sqlmap_findtables(scan_url, db_name, r)
    tablelist = r.sqlmap_tables
    content = '<table>'
    for item in tablelist[db_name]:
        content += '<tr><td>' + item + '<td/></tr>'
    content += '</table>'
    return HttpResponse(content)
Exemple #5
0
def sql_getable(request):
	scan_url = request.GET['q']
	db_name = request.GET['db']
	r= result.result()
	exploit.sqlmap_findtables(scan_url, db_name, r)
	tablelist = r.sqlmap_tables
	content = '<table>'
	for item in tablelist[db_name]:
		content += '<tr><td>' + item + '<td/></tr>'
	content += '</table>'
	return HttpResponse(content)
Exemple #6
0
def sql_getdb(request):
    scan_url = request.GET['q']
    r = result.result()
    exploit.sqlmap_finddbs(scan_url, r)
    dblist = r.sqlmap_dbs
    content = '<table>'
    for db in dblist:
        content += '<tr><td>' + db + '<td/></tr>'
    content += '</table>'
    #return dblist
    #return render(request, 'peni/sqlindex.html', {'dblist': dblist, 'url':scan_url})
    return HttpResponse(content)
Exemple #7
0
def sql_getdb(request):
	scan_url = request.GET['q']
	r = result.result()
	exploit.sqlmap_finddbs(scan_url, r)
	dblist = r.sqlmap_dbs
	content = '<table>'
	for db in dblist:
		content += '<tr><td>' + db + '<td/></tr>'
	content += '</table>'
	#return dblist
	#return render(request, 'peni/sqlindex.html', {'dblist': dblist, 'url':scan_url})
	return HttpResponse(content)
Exemple #8
0
def sql_getfiles(request):
	scan_url = request.GET['q']
	db_name = request.GET['db']
	table_name = request.GET['table']
	r= result.result()
	exploit.sqlmap_dumptables(scan_url, db_name, table_name, r)
	path_list = r.sqlmap_dumpfiles
	content = '<table>'
	for path in path_list:
		fobj = open(path)
		content += '<tr><td>' + fobj.read().replace('\n', '<br>') + '</td></tr>'
	content += '</table>'
	return HttpResponse(content)
Exemple #9
0
def sql_getfiles(request):
    scan_url = request.GET['q']
    db_name = request.GET['db']
    table_name = request.GET['table']
    r = result.result()
    exploit.sqlmap_dumptables(scan_url, db_name, table_name, r)
    path_list = r.sqlmap_dumpfiles
    content = '<table>'
    for path in path_list:
        fobj = open(path)
        content += '<tr><td>' + fobj.read().replace('\n',
                                                    '<br>') + '</td></tr>'
    content += '</table>'
    return HttpResponse(content)
Exemple #10
0
def search(request):
    search_url = request.GET['q']
    r = result.result()
    information_gathering.nmap(search_url, r)
    information_gathering.whatweb(search_url, r)
    target = PortTarget()
    target.sys_info = r.operatingsystem
    target.ip = search_url
    target.save()
    for item in r.webinformation:
        info = WebInfo()
        info.target = target
        info.info = item
        info.save()
    for key in r.portservice:
        port = Port()
        port.target = target
        port.number = key
        port.details = r.portservice[key]
        port.save()
    return render(request, 'peni/detail.html', {'target': target})
Exemple #11
0
def search(request):
	search_url = request.GET['q']
	r = result.result()
	information_gathering.nmap(search_url, r)
	information_gathering.whatweb(search_url, r)
	target = PortTarget()
	target.sys_info = r.operatingsystem
	target.ip = search_url
	target.save()
	for item in r.webinformation:
		info = WebInfo()
		info.target = target
		info.info = item
		info.save()
	for key in r.portservice:
		port = Port()
		port.target = target
		port.number = key
		port.details = r.portservice[key]
		port.save()
	return render(request, 'peni/detail.html', {'target': target})
Exemple #12
0
def md5_crack(request):
    md5_string = request.GET['q']
    r = result.result()
    bruteforce.md5_crack(md5_string, r)
    return render(request, 'peni/pwdcrack.html', {'md5': r.bruteforce_md5})
Exemple #13
0
def search_bug(request):
    param = request.GET['q']
    r = result.result()
    exploit.exploit_db(param, r)
    return render(request, 'peni/bugdetail.html', {'content': r.exploit_db})
Exemple #14
0
def md5_crack(request):
	md5_string = request.GET['q']
	r = result.result()
	bruteforce.md5_crack(md5_string, r)
	return render(request, 'peni/pwdcrack.html', {'md5': r.bruteforce_md5})
Exemple #15
0
def pwd_get(request):
	url = request.GET['q']
	username = request.GET['p']
	r = result.result()
	bruteforce.bruteforce_wordpress(url, username, r)
	return render(request, 'peni/pwdcrack.html', {'pwd': r.bruteforce_wordpress})
Exemple #16
0
def search_bug(request):
	param = request.GET['q']
	r = result.result()
	exploit.exploit_db(param, r)
	return render(request, 'peni/bugdetail.html', {'content': r.exploit_db})