def guideRegister(args): if args.u and not args.plugin: # for params -u inputUrl = args.u urlconfig.url.append(makeurl(inputUrl)) printMessage('[Prompt] URL has been loaded:%d' % len(urlconfig.url)) urlconfig.diyPlugin = ["find_service", "whatcms"] printMessage("[Prompt] You select the plugins:%s" % (' '.join(urlconfig.diyPlugin))) urlconfig.scanport = False urlconfig.find_service = True return True if args.u and args.plugin: return False inputUrl = raw_input('[1] Input url > ') if inputUrl == '': raise ToolkitSystemException("You have to enter the url") if inputUrl.startswith("@"): urlconfig.mutiurl = True fileName = inputUrl[1:] try: o = open(fileName, "r").readlines() for url in o: urlconfig.url.append(makeurl(url.strip())) except IOError: raise ToolkitSystemException("Filename:'%s' open faild" % fileName) if len(o) == 0: raise ToolkitSystemException("The target address is empty") else: urlconfig.url.append(makeurl(inputUrl)) printMessage('[Prompt] URL has been loaded:%d' % len(urlconfig.url)) printMessage("[Prompt] You can select these plugins (%s) or select all" % (' '.join(LIST_PLUGINS))) diyPlugin = raw_input("[2] Please select the required plugins > ") if diyPlugin.lower() == 'all': urlconfig.diyPlugin = LIST_PLUGINS else: urlconfig.diyPlugin = diyPlugin.strip().split(' ') printMessage("[Prompt] You select the plugins:%s" % (' '.join(urlconfig.diyPlugin))) urlconfig.scanport = False urlconfig.find_service = False if 'find_service' in urlconfig.diyPlugin: urlconfig.find_service = True input_scanport = raw_input( '[2.1] Need you scan all ports ?(Y/N) (default N)> ') if input_scanport.lower() in ("y", "yes"): urlconfig.scanport = True
def successHandle(tgt,successInfo): try: if isinstance(successInfo, str): runtime['allResult'].add(successInfo) # 加操作 elif isinstance(successInfo, list): successInfo=map(str,successInfo) runtime['allResult'].update(set(successInfo)) # 并操作 else: successInfo=str(successInfo) runtime['allResult'].add(successInfo) except Exception as e: logger.debug('The target [%s] detection result was successful, but an exception occurred when more information about the target was converted to string type.'%tgt) return 0 if runtime['showMode']: infoMsg = "%-20s %s"%('['+str(tgt)+']',successInfo) printMessage(infoMsg)
def webScan(): startTime = time.clock() e = Exploit_run(urlconfig.threadNum) for url in urlconfig.url: printMessage('[***] ScanStart Target:%s' % url) e.setCurrentUrl(url) e.load_modules("www",url) e.run() if not urlconfig.mutiurl: e.init_spider() s = crawler.SpiderMain(url) s.craw() time.sleep(0.01) endTime = time.clock() urlconfig.runningTime = endTime - startTime e.report()
def pluginScanRegister(args): if args.u and args.plugin: url = args.u urlconfig.mutiurl = True urlconfig.plugin = args.plugin if url.startswith("@"): fileName = url[1:] try: o = open(fileName,"r").readlines() for u in o: urlconfig.url.append(makeurl(u.strip())) except IOError: raise ToolkitMissingPrivileges("Filename:'%s' open faild"%fileName) if len(o) == 0: raise ToolkitMissingPrivileges("The target address is empty") printMessage(urlconfig.url) else: urlconfig.url.append(makeurl(url))
def pluginScan(): if not urlconfig.mutiurl: return False urlconfig.scanport = False urlconfig.find_service = False urlconfig.threadNum = 5 urlconfig.deepMax = 100 urlconfig.diyPlugin = LIST_PLUGINS startTime = time.clock() e = Exploit_run(urlconfig.threadNum) for u in urlconfig.url: printMessage('[***] ScanStart Target:%s' % u) e.setCurrentUrl(u) e.load_modules(urlconfig.plugin,u) e.run() time.sleep(0.01) endTime = time.clock() urlconfig.runningTime = endTime - startTime e.report() sys.exit()
def successHandle(tgt, successInfo): runtime['allSuccess'] += 1 try: if isinstance(successInfo, str): pass elif isinstance(successInfo, list): # 列表则拼接为字符串 successInfo = reduce(lambda x, y: str(x) + ',' + str(y), successInfo) else: uccessInfo = str(successInfo) except Exception as e: successInfo = 'The target [%s] detection result was successful, but an exception occurred when outputting more information.' % str( tgt) logger.debug(successInfo) stdMsg = "%s" % successInfo printMessage(stdMsg, 'red', True) # 输出成功数据到命令行 if runtime['outputMode'] == OUTPUT_MODE.ALL: fileMsg = "%-20s %s" % ('[' + str(tgt) + ']', successInfo) write2File(fileMsg) # 输出成功数据到文件 if runtime['singleMode']: # 如果是单结果模式 runtime['isContinue'] = False # 设置停止运行标识 printMessage('[single-mode] found!', 'red', True) # 打印提示
def urlRegister(args): #url处理 url = args.u urlconfig.usePlugin = True urlconfig.plugin = args.plugin urlconfig.diyPlugin = [urlconfig.plugin] if url.startswith("@"): #判断是否是文件 urlconfig.mutiurl = True filename = url[1:] #取文件名 try: o = open(filename, "r").readlines() for u in o: u = makeurl(u.strip()) #处理url urlconfig.url.append(u) printMessage(u) #获取url的信息 except IOError: raise ToolkitMissingPrivileges("Filename:'%s' open faild" % fileName) if len(o) == 0: raise ToolkitMissingPrivileges("The target address is empty") else: #单个url处理 urlconfig.url.append(makeurl(url))
def guideRegister(args): inputUrl = raw_input('[1] Input url > ') if inputUrl is '': raise ToolkitSystemException("You have to enter the url") if inputUrl.startswith("@"): urlconfig.mutiurl = True fileName = inputUrl[1:] try: o = open(fileName, "r").readlines() for url in o: urlconfig.url.append(makeurl(url.strip())) except IOError: raise ToolkitSystemException("Filename:'%s' open faild" % fileName) if len(o) == 0: raise ToolkitSystemException("The target address is empty") else: urlconfig.url.append(makeurl(inputUrl)) printMessage('[Prompt] URL has been loaded:%d' % len(urlconfig.url)) printMessage("[Prompt] You can select these plugins (%s) or select all" % (' '.join(LIST_PLUGINS))) diyPlugin = raw_input("[2] Please select the required plugins > ") if diyPlugin.lower() == 'all': urlconfig.diyPlugin = LIST_PLUGINS else: urlconfig.diyPlugin = diyPlugin.strip().split(' ') printMessage("[Prompt] You select the plugins:%s" % (' '.join(urlconfig.diyPlugin))) urlconfig.scanport = False urlconfig.find_service = False if 'find_service' in urlconfig.diyPlugin: urlconfig.find_service = True input_scanport = raw_input( '[2.1] Need you scan all ports ?(Y/N) (default N)> ') if input_scanport.lower() in ("y", "yes"): urlconfig.scanport = True urlconfig.threadNum = raw_input( '[3] You need start number of thread (default 5) > ') if urlconfig.threadNum == '': urlconfig.threadNum = 5 urlconfig.threadNum = int(urlconfig.threadNum) urlconfig.deepMax = raw_input( '[4] Set the depth of the crawler (default 100 | 0 don\'t use crawler ) > ' ) if urlconfig.deepMax == '': urlconfig.deepMax = 100
def _print(self, *args): # fix Typerror bug self.lock_output.acquire() printMessage(u''.join([str(i) for i in args])) self.lock_output.release()