def menu():
usage = """
-host To scan the open ports of the Host
-sh Specific Host Detective Example: -sh 127.0.0.1
-ah All alive Hosts Find all alive alive hosts Example: -ah 192.168.1.1-255
--h To show help information
"""
parser = argparse.ArgumentParser()
parser.add_argument('-host', dest='host', help='-h To scan the open ports of the Host')
parser.add_argument('-ah', dest='ah', help='Specific Host Detective Example: -sh 127.0.0.1 ')
parser.add_argument('-sh', dest='sh', help='All alive Hosts Find all alive alive hosts Example: -ah 192.168.1.1-255')
parser.add_argument('--h', action="store_true", help='To show help information')
options = parser.parse_args()
if options.host:
s = options.host
scan_host_ports(s)
elif options.sh:
global ports
flag=False
ip_addr = options.sh
for port in ports:
if(scan_specific_hosts(ip_addr,port)==True):
flag=True
break
if flag==True:
s1="[+] "+str(ip_addr)+"存活"
printc.printf(s1,"green")
else:
s1 = "[+] " + str(ip_addr) + "关闭"
printc.printf(s1, "darkred")
elif options.ah:
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
else:
helpInfo()
def menu():
global nThread, ports, PortList, response
tool = Tool()
address = ""
usage = """
-host To scan the open ports of the Host Default scanning ports are most usual ports
-sh Specific Host Detective Example: -sh 127.0.0.1
-ah All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255 Default ports is 80 443
-t Threads(1-200) Default is 80
-r Read hosts file Example: -r "hosts.txt"
-p Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports
-o Output file address Example: -o recoder.txt or -o D:\\recoder.txt
-dir Scanning visible background directory Example: -dir http://127.0.0.1
-add Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt
-sdn Subdomain names Example: -sdn baidu.com -types 3 -sdn pku.edu.cn -types 1
-pro Protocol Example: -pro https Default Protocol is http
-types Using different dictionary txt file 1 2 3 means school gov company website,it can make the result more reliable
-url Butian SRC list url Example: -url https://butian.net/Reward/pub -page 1-10
-page Butian SRC Pages Default is 10 Example: -url https://butian.net/Reward/pub -page 1-10
-help To show help information
"""
parser = argparse.ArgumentParser()
parser.add_argument(
'-host',
dest='host',
help=
'-h To scan the open ports of the Host Default scanning ports are most usual ports '
)
parser.add_argument(
'-sh',
dest='sh',
help=
'Specific Host Detective Example: -sh 127.0.0.1 '
)
parser.add_argument(
'-ah',
dest='ah',
help=
'All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255'
)
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 80')
parser.add_argument(
'-r',
dest='r',
help=
'Read hosts file Example: -r "hosts.txt"'
)
parser.add_argument(
'-p',
dest='p',
help=
'Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports'
)
parser.add_argument(
'-o',
dest='o',
help=
'Output file address Example: -o recoder.txt or -o D:\\recoder.txt'
)
parser.add_argument(
'-dir',
dest='dir',
help=
'Scanning visible background directory Example: -dir http://127.0.0.1'
)
parser.add_argument(
'-add',
dest='add',
help=
'Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt'
)
parser.add_argument(
'-sdn',
dest='sdn',
help=
'Subdomain names Example: -sdn baidu.com -types 3 -sdn pku.edu.cn -types 1 -sdn cn.gov.cn -types 2 '
)
parser.add_argument(
'-pro',
dest='pro',
help=
'Protocol Example: -pro https Default Protocol is http '
)
parser.add_argument(
'-types',
dest='types',
help=
'Using different dictionary txt file 1 2 3 means school government company website,it can make the result more reliable'
)
parser.add_argument(
'-url',
dest='url',
help=
'Butian SRC list url Example: -url https://butian.net/Reward/pub'
)
parser.add_argument(
'-page',
dest='page',
help=
'Butian SRC Pages Default is 10 Example: -url https://butian.net/Reward/pub'
)
parser.add_argument('-help',
action="store_true",
help='To show help information')
options = parser.parse_args()
if options.host:
# if options.r:
# address = str(options.r) 待完成功能
# host_list = tools.content2List(address)
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
if len(PortList) < 50:
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
s = tool.standardUrl(options.host)
ip = tools.getIPByName(s)
info = "[+]Starting scanning:" + str(s) + "({ip})".format(ip=ip)
printc.printf(info, 'yellow')
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
#print(msg2)
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add = options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "存活"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "关闭"
printc.printf(s1, "darkred")
elif options.dir:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
host = options.dir
if tool.isStandard(host) == True:
res = tool.Requests(host)
response = tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add = options.add
else:
#Windows和Linux平台文件目录稍有差别
if "Windows" in systeminfo:
add = str(os.getcwd()) + "\\dict\\directory.txt"
elif "Linux" in systeminfo:
add = str(os.getcwd()) + "/dict/directory.txt"
scanDir(host, add)
tool.printIfExist(address)
else:
printc.printf(
"\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",
'yellow')
elif options.url:
url = options.url
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.page:
page = options.page
else:
# url="https://butian.net/Reward/pub"
# page=10
page = 10
butianInfo.get_src_name(url, page)
tool.printIfExist(address)
elif options.sdn:
domain = options.sdn
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.pro:
protocol = options.pro
else:
protocol = "http"
if options.types:
types = int(options.types)
else:
types = 0
subdomains.getSubdomainName(nThread, types, domain, protocol)
#subdomains.getSubdomainName(300,1,"ncu.edu.cn","http")
tool.printIfExist(address)
if options.help:
helpInfo()
def menu():
global nThread,ports,PortList,response
tool=Tool()
address=""
usage = """
-host To scan the open ports of the Host Default scanning ports are most usual ports
-sh Specific Host Detective Example: -sh 127.0.0.1
-ah All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255 Default ports is 80 443
-t Threads(1-200) Default is 80
-r Read hosts file Example: -r "hosts.txt"
-p Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports
-o Output file address Example: -o recoder.txt or -o D:\\recoder.txt
-dir Scanning visible background directory Example: -dir http://127.0.0.1
-add Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt
-url Butian SRC list url Example: -url https://butian.360.cn/Home/Active/company -page 10
-page Butian SRC Pages Default is 10 Example: -url https://butian.360.cn/Home/Active/company -page 10
-help To show help information
"""
parser = argparse.ArgumentParser()
parser.add_argument('-host', dest='host', help='-h To scan the open ports of the Host Default scanning ports are most usual ports ')
parser.add_argument('-sh', dest='sh', help='Specific Host Detective Example: -sh 127.0.0.1 ')
parser.add_argument('-ah', dest='ah', help='All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255')
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 80')
parser.add_argument('-r', dest='r', help='Read hosts file Example: -r "hosts.txt"')
parser.add_argument('-p', dest='p', help='Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports')
parser.add_argument('-o', dest='o', help='Output file address Example: -o recoder.txt or -o D:\\recoder.txt')
parser.add_argument('-dir', dest='dir', help='Scanning visible background directory Example: -dir http://127.0.0.1' )
parser.add_argument('-add', dest='add', help='Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt' )
parser.add_argument('-url', dest='url', help='Butian SRC list url Example: -url https://butian.360.cn/Home/Active/company' )
parser.add_argument('-page', dest='page', help='Butian SRC Pages Default is 10 Example: -url https://butian.360.cn/Home/Active/company' )
parser.add_argument('-help', action="store_true", help='To show help information')
options = parser.parse_args()
if options.host:
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList=tool.changeList(tool.split2List(options.p))
msg1=msg2=''
if len(PortList)<50:
for i in PortList:
msg1+=str(i)+' '
msg2="[*] Scanning Ports :"+msg1
printc.printf(msg2,"skyblue")
s = tool.standardUrl(options.host)
ip= tools.getIPByName(s)
info="[+]Starting scanning:"+str(s)+"({ip})".format(ip=ip)
printc.printf(info,'yellow')
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah :
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add=options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "存活"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "关闭"
printc.printf(s1, "darkred")
elif options.dir:
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
host=options.dir
if tool.isStandard(host) ==True:
res=tool.Requests(host)
response=tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add=options.add
else:
add=str(os.getcwd())+"\\dict\\directory.txt"
scanDir(host,add)
tool.printIfExist(address)
else:
printc.printf("\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",'yellow')
elif options.url:
url=options.url
if options.o:
address=tool.address(options.o)
tool.output(address)
if options.page:
page=options.page
else:
# url="https://butian.360.cn/Home/Active/company"
# page=10
page=10
butianInfo.get_src_name(url,page)
tool.printIfExist(address)
if options.help:
helpInfo()
def menu():
usage = """-m MD5 encryption
-s SH1 encryption
--h Show help information
-b64 Base64 encode
-b32 Base32 encode
-b16 Base16 encode
-db64 Base64 decode
-db32 Base32 decode
-db16 Base16 decode
-urlen URL encode
-urlde URL decode
-unien Unicode Encode Example: -unien "A" Result: \\u0061
-unide Unicode Decode Example: -unide "\\u0061" Result: A
-hten HTML Encode Example: -hten "A" Result: a
-htde HTML Decode Example: -htde "a" Result: A
-bin Binary To Decimal
-octal Octal Decimal to Decimal
-hex Hexadecimal to Decimal
-dbin Decimal To Binary
-doctal Decimal to Octal
-dhex Decimal to Hexadecimal
-ord Letter To ASCII attention Example: -ord asdfasfa -ord="dfafs afasfa asfasf"
-chr ASCII To Letters Example: -chr 105 -chr = "102 258 654"
-roten Rot Encode Example: -roten dafsdfa -offset 13 Means rot_13 Encode
-rotde Rot Decode Example: -rotde dafsdfa -offset 13 Means rot_13 Decode
-offset Rot Encode or Decode Offset
-gqr Generate QRcode images Example: -gqr = "I love you"
-pqr Parse QRcode images Example: -pqr = "C:\QR.png"
"""
#在使用ord 和chr命令的时候要注意如果输入的字符和数字不包含空格则直接实用例子前面的命令如果包含空格则使用后面的命令
parser = argparse.ArgumentParser()
parser.add_argument('-m', dest='md', help='MD5 encryption')
parser.add_argument('-s', dest='sh', help='SH1 encryption')
parser.add_argument('--h',
action="store_true",
help='Show help information')
parser.add_argument('-b64', dest='b64', help='Base64 encode')
parser.add_argument('-b32', dest='b32', help='Base32 encode')
parser.add_argument('-b16', dest='b16', help='Base16 encode')
parser.add_argument('-db64', dest='db64', help='Base64 decode')
parser.add_argument('-db32', dest='db32', help='Base32 decode')
parser.add_argument('-db16', dest='db16', help='Base16 decode')
parser.add_argument('-urlen', dest='urlen', help='URL encode')
parser.add_argument('-urlde', dest='urlde', help='URL decode')
parser.add_argument('-unien', dest='unien', help='Unicode Encode')
parser.add_argument('-unide', dest='unide', help='Unicode Decode ')
parser.add_argument('-hten', dest='hten', help='HTML Encode')
parser.add_argument('-htde', dest='htde', help='HTML Decode ')
parser.add_argument('-bin', dest='bin', help='Binary To Decimal')
parser.add_argument('-octal', dest='octal', help='Octal to Decimal')
parser.add_argument('-hex', dest='hex', help='Hexadecimal to Decimal')
parser.add_argument('-dbin', dest='dbin', help='Decimal To Binary ')
parser.add_argument('-doctal', dest='doctal', help='Decimal to Octal ')
parser.add_argument('-dhex', dest='dhex', help='Decimal to Hexadecimal')
parser.add_argument(
'-ord',
dest='ord',
help=
"Letter To ASCII Example: -ord aaaaaa , -ord=\"aaa aaa\""
)
parser.add_argument(
'-chr',
dest='chr',
help=
"ASCII To Letter Example: -chr 105 , -chr = \"101 101\" "
)
parser.add_argument(
'-roten',
dest='roten',
help=
'Rot Encode Example: -roten dafsdfa -offset 13 Means rot_13 Encode'
)
parser.add_argument(
'-rotde',
dest='rotde',
help=
'Rot Decode Example: -rotde dafsdfa -offset 13 Means rot_13 Decode'
)
parser.add_argument(
'-gqr',
dest='gqr',
help='Generate QRcode images Example: -gqr = "I love you"')
parser.add_argument(
'-pqr',
dest='pqr',
help='Parse QRcode images Example: -pqr = "C:\QR.png"')
parser.add_argument('-offset', dest='offset', type=int, help=' ')
options = parser.parse_args()
if options.md:
s = options.md
md5(s)
elif options.sh:
s = options.sh
sh1(s)
elif options.b64:
s = options.b64.encode()
stringToB64(s)
elif options.b32:
s = options.b32.encode()
stringToB32(s)
elif options.b16:
s = options.b16.encode()
stringToB16(s)
elif options.db64:
s = options.db64.encode()
b64ToString(s)
elif options.db32:
s = options.db32.encode()
b32ToString(s)
elif options.db16:
s = options.db16.encode()
b16ToString(s)
elif options.urlen:
s = options.urlen
urlEncode(s)
elif options.urlde:
s = options.urlde
urlDecode(s)
elif options.bin:
s = options.bin
binToDec(s)
elif options.octal:
s = options.octal
octToDec(s)
elif options.hex:
s = options.hex
hexToDec(s)
elif options.dbin:
s = options.dbin
decToBin(s)
elif options.doctal:
s = options.doctal
decToOct(s)
elif options.dhex:
s = options.dhex
decToHex(s)
elif options.doctal:
s = options.doctal
decToOct(s)
elif options.dhex:
s = options.dhex
decToHex(s)
elif options.ord:
s = options.ord
lettToASCII(s)
elif options.chr:
s = options.chr
asciiToLett(s)
elif options.roten and options.offset:
s = options.roten
offset = options.offset
print("Origina :" + s)
print("Rot{offset} Encode:".format(offset=offset) +
rotEncode(s, offset))
elif options.rotde and options.offset:
s = options.rotde
offset = options.offset
print("Rot_{offset} Encode:".format(offset=offset) + s)
print("Rot_{offset} Decode:".format(offset=offset) +
str(rotDecode(s, offset)))
elif options.gqr:
print()
s = options.gqr
generateQR(s)
elif options.pqr:
print()
s = options.pqr
parseQR(s)
elif options.unien:
print()
s = options.unien
uniencode(s)
elif options.unide:
print()
s = options.unide
unidecode(s)
elif options.hten:
print()
s = options.hten
htmlencode(s)
elif options.htde:
print()
s = options.htde
htmldecode(s)
else:
helpInfo()
def menu():
global nThread, ports, PortList
tool = Tool()
address = ""
usage = """
-host To scan the open ports of the Host
-sh Specific Host Detective Example: -sh 127.0.0.1
-ah All alive Hosts Find all alive alive hosts Example: -ah 192.168.1.1-255
-t Threads(1-200) Default is 80
-r Read hosts file Example: -r "hosts.txt"
-p Port ping special ports,It was used to detective alive hosts Example: -p="80,8080,443" default was 80 443
-o Output file address Example: -o recoder.txt or -o D:\\recoder.txt
-help To show help information
"""
parser = argparse.ArgumentParser()
parser.add_argument('-host',
dest='host',
help='-h To scan the open ports of the Host')
parser.add_argument(
'-sh',
dest='sh',
help=
'Specific Host Detective Example: -sh 127.0.0.1 '
)
parser.add_argument(
'-ah',
dest='ah',
help=
'All alive Hosts Find all alive alive hosts Example: -ah 192.168.1.1-255'
)
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 30')
parser.add_argument(
'-r',
dest='r',
help=
'Read hosts file Example: -r "hosts.txt"'
)
parser.add_argument(
'-p',
dest='p',
help=
'Port ping special ports,It was used to detective alive hosts Example: -p="80,8080,443" default was 80 443'
)
parser.add_argument(
'-o',
dest='o',
help=
'Output file address Example: -o recoder.txt or -o D:\\recoder.txt'
)
parser.add_argument('-help',
action="store_true",
help='To show help information')
options = parser.parse_args()
#如果用户输入了线程数,改变线程数
#if options.t:
#tool.nThreads(options.t)
if options.host:
#address=tool.address(options.o)
if options.o:
address = tool.address(options.o)
tool.output(address)
# add=""
# tool.output(add)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
s = options.host
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add = options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "存活"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "关闭"
printc.printf(s1, "darkred")
# 如果用户没有输入线程数则按默认nThreas=80来执行
#if not options.t:
# if options.host:
# s = options.host
# scan_host_ports(s)
# if options.ah:
# ip_addr = options.ah
# scan_all_hosts(str(ip_addr))
# elif options.r:
# file_add=options.r
# scan_all_hosts_from_file(file_add)
# if options.sh:
# flag = False
# ip_addr = options.sh
# for port in ports:
# if (scan_specific_hosts(ip_addr, port) == True):
# flag = True
# break
# if flag == True:
# s1 = "[+] " + str(ip_addr) + "存活"
# printc.printf(s1, "green")
# else:
# s1 = "[+] " + str(ip_addr) + "关闭"
# printc.printf(s1, "darkred")
if options.help:
helpInfo()
def menu():
global nThread, ports, PortList
tool = Tool()
address = ""
usage = """
-host To scan the open ports of the Host
-sh Specific Host Detective Example: -sh 127.0.0.1
-ah All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255
-t Threads(1-200) Default is 80
-r Read hosts file Example: -r "hosts.txt"
-p Port. Ping special ports,It was used to detective alive hosts Example: -p="80,8080,443" default was 80 443
-o Output file address Example: -o recoder.txt or -o D:\\recoder.txt
-dir Scanning visible background directory Example: -dir http://127.0.0.1
-add Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt
-help To show help information
"""
parser = argparse.ArgumentParser()
parser.add_argument('-host',
dest='host',
help='-h To scan the open ports of the Host')
parser.add_argument(
'-sh',
dest='sh',
help=
'Specific Host Detective Example: -sh 127.0.0.1 '
)
parser.add_argument(
'-ah',
dest='ah',
help=
'All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255'
)
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 80')
parser.add_argument(
'-r',
dest='r',
help=
'Read hosts file Example: -r "hosts.txt"'
)
parser.add_argument(
'-p',
dest='p',
help=
'Port.Ping special ports,It was used to detective alive hosts Example: -p="80,8080,443" default was 80 443'
)
parser.add_argument(
'-o',
dest='o',
help=
'Output file address Example: -o recoder.txt or -o D:\\recoder.txt'
)
parser.add_argument(
'-dir',
dest='dir',
help=
'Scanning visible background directory Example: -dir http://127.0.0.1'
)
parser.add_argument(
'-add',
dest='add',
help=
'Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt'
)
parser.add_argument('-help',
action="store_true",
help='To show help information')
options = parser.parse_args()
if options.host:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
s = tool.standardUrl(options.host)
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add = options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "存活"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "关闭"
printc.printf(s1, "darkred")
elif options.dir:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
host = options.dir
if tool.isStandard(host) == True:
#dirList=tool.content2List()
if options.add:
add = options.add
else:
add = str(os.getcwd()) + "\\dict\\directory.txt"
scanDir(host, add)
tool.printIfExist(address)
else:
printc.printf(
"\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",
'yellow')
if options.help:
helpInfo()
def menu():
#在使用ord 和chr命令的时候要注意如果输入的字符和数字不包含空格则直接实用例子前面的命令如果包含空格则使用后面的命令
parser = argparse.ArgumentParser()
#Encoding&Decoding
parser.add_argument('-m', dest='md', help='MD5 encryption')
parser.add_argument('-s', dest='sh', help='SH1 encryption')
parser.add_argument('-help',
action="store_true",
help='To show help information')
parser.add_argument('-b64', dest='b64', help='Base64 encode')
parser.add_argument('-b32', dest='b32', help='Base32 encode')
parser.add_argument('-b16', dest='b16', help='Base16 encode')
parser.add_argument('-db64', dest='db64', help='Base64 decode')
parser.add_argument('-db32', dest='db32', help='Base32 decode')
parser.add_argument('-db16', dest='db16', help='Base16 decode')
parser.add_argument('-urlen', dest='urlen', help='URL encode')
parser.add_argument('-urlde', dest='urlde', help='URL decode')
parser.add_argument('-unien', dest='unien', help='Unicode Encode')
parser.add_argument('-unide', dest='unide', help='Unicode Decode ')
parser.add_argument('-hten', dest='hten', help='HTML Encode')
parser.add_argument('-htde', dest='htde', help='HTML Decode ')
parser.add_argument('-bin', dest='bin', help='Binary To Decimal')
parser.add_argument('-octal', dest='octal', help='Octal to Decimal')
parser.add_argument('-hex', dest='hex', help='Hexadecimal to Decimal')
parser.add_argument('-dbin', dest='dbin', help='Decimal To Binary ')
parser.add_argument('-doctal', dest='doctal', help='Decimal to Octal ')
parser.add_argument('-dhex', dest='dhex', help='Decimal to Hexadecimal')
parser.add_argument(
'-roten',
dest='roten',
help=
'Rot Encode Example: -roten dafsdfa -offset 13 Means rot_13 Encode'
)
parser.add_argument(
'-rotde',
dest='rotde',
help=
'Rot Decode Example: -rotde dafsdfa -offset 13 Means rot_13 Decode'
)
#Useful
parser.add_argument('-ip2int',
dest='ip2int',
help='Convert IP to Decimal ')
parser.add_argument('-int2ip',
dest='int2ip',
help='Convert Decimal to IP ')
parser.add_argument(
'-ord',
dest='ord',
help=
"Letter To ASCII Example: -ord aaaaaa , -ord=\"aaa aaa\""
)
parser.add_argument(
'-chr',
dest='chr',
help=
"ASCII To Letter Example: -chr 105 , -chr = \"101 101\" "
)
parser.add_argument(
'-gqr',
dest='gqr',
help='Generate QRcode images Example: -gqr = "I love you"')
parser.add_argument(
'-pqr',
dest='pqr',
help='Parse QRcode images Example: -pqr = "C:\\QR.png"')
parser.add_argument(
'-delete',
dest='delete',
help='Delete File\'s repeated info Example: -delete "C:\\1.txt" '
)
parser.add_argument(
'-i2r',
dest='i2r',
help='Convert Image to RGB txt Example: -i2r = "C:\\png.png"')
parser.add_argument(
'-r2i',
dest='r2i',
help=
'Convert RGB txt to Images Example: -r2i = "C:\\rgb.txt" -x 100 -y 200 '
)
parser.add_argument('-monitor', dest='monitor', help='File monitor')
parser.add_argument('-x', dest='x', help='X')
parser.add_argument('-y', dest='y', help='y')
parser.add_argument(
'-rename',
dest='rename',
help=
'Rename files with 1 same extension to new one Example : -rename C:\\test -old_ext txt -new_ext php'
)
parser.add_argument('-old_ext', dest='old_ext', help='Old file extension')
parser.add_argument('-new_ext', dest='new_ext', help='New file extension')
parser.add_argument('-offset', dest='offset', type=int, help=' ')
# try:
options = parser.parse_args()
if options.md:
s = options.md
md5(s)
elif options.sh:
s = options.sh
sh1(s)
elif options.b64:
s = options.b64
stringToB64(s)
elif options.b32:
s = options.b32
stringToB32(s)
elif options.b16:
s = options.b16
stringToB16(s)
elif options.db64:
s = options.db64
b64ToString(s)
elif options.db32:
s = options.db32
b32ToString(s)
elif options.db16:
s = options.db16
b16ToString(s)
elif options.urlen:
s = options.urlen
urlEncode(s)
elif options.urlde:
s = options.urlde
urlDecode(s)
elif options.bin:
s = options.bin
binToDec(s)
elif options.octal:
s = options.octal
octToDec(s)
elif options.hex:
s = options.hex
hexToDec(s)
elif options.dbin:
s = options.dbin
decToBin(s)
elif options.doctal:
s = options.doctal
decToOct(s)
elif options.dhex:
s = options.dhex
decToHex(s)
elif options.ip2int:
ip = options.ip2int
ip_int = ip2Int.ip2int(ip)
msg1 = "IP:" + str(ip)
msg2 = "Decimal:" + str(ip_int)
printc.printf(msg1, 'green')
printc.printf(msg2, 'green')
elif options.int2ip:
decimal = options.int2ip
ip = ip2Int.int2ip(str(decimal))
msg1 = "Decimal:" + str(decimal)
msg2 = "IP:" + str(ip)
printc.printf(msg1, 'green')
printc.printf(msg2, 'green')
elif options.ord:
s = options.ord
lettToASCII(s)
elif options.chr:
s = options.chr
asciiToLett(s)
elif options.roten and options.offset:
s = options.roten
offset = options.offset
msg1 = "\nOrigina :" + s
msg2 = "Rot{offset} Encode:".format(offset=offset) + rotEncode(
s, offset)
printc.printf(msg1, 'green')
printc.printf(msg2, 'green')
elif options.rotde and options.offset:
s = options.rotde
offset = options.offset
msg1 = "\nRot_{offset} Encode:".format(offset=offset) + s
msg2 = "Rot_{offset} Decode:".format(offset=offset) + str(
rotDecode(s, offset))
printc.printf(msg1, "green")
printc.printf(msg2, "green")
elif options.gqr:
print()
s = options.gqr
generateQR(s)
elif options.pqr:
print()
s = options.pqr
parseQR(s)
elif options.unien:
print()
s = options.unien
uniencode(s)
elif options.unide:
print()
s = options.unide
unidecode(s)
elif options.hten:
print()
s = options.hten
htmlencode(s)
elif options.htde:
print()
s = options.htde
htmldecode(s)
elif options.i2r:
file_add = options.i2r
png2rgb(file_add)
elif options.delete:
add = options.delete
tools.delUseless(add)
elif options.r2i:
file_add = options.r2i
if options.x:
x = options.x
if options.y:
y = options.y
rgb2png(int(x), int(y), file_add)
else:
info1 = "\n[-] 您需要输入生成图片的尺寸y参数"
printc.printf(info1, 'red')
else:
info1 = "\n[-] 您需要输入生成图片的尺寸x参数"
printc.printf(info1, 'red')
elif options.monitor:
path = options.monitor
fileMonitor.showChangeInfo(path)
elif options.rename:
path = options.rename
old_ext = new_ext = ''
if options.old_ext:
old_ext = str(options.old_ext)
else:
msg = "Please input correct file extension"
printc.printf(msg, "red")
if options.new_ext:
new_ext = str(options.new_ext)
else:
msg = "Please input correct file extension"
printc.printf(msg, "red")
tools.rename(path, old_ext, new_ext)
else:
helpInfo()
def menu():
global nThread, ports, PortList, response
tool = Tool()
address = ""
parser = argparse.ArgumentParser()
parser.add_argument(
'-host',
dest='host',
help=
'-h To scan the open ports of the Host Default scanning ports are most usual ports '
)
parser.add_argument(
'-telnet',
dest='telnet',
help=
'Telnet Scanning Example: -telnet 127.0.0.1 -p ="22,33,44" or -telnet target.txt'
)
parser.add_argument(
'-sh',
dest='sh',
help=
'Specific Host Detective Example: -sh 127.0.0.1 '
)
parser.add_argument(
'-ah',
dest='ah',
help=
'All alive Hosts .Find all alive hosts Example: -ah 192.168.1.1-255'
)
parser.add_argument('-t', dest='t', help='Threads(1-200) Default is 80')
parser.add_argument(
'-r',
dest='r',
help=
'Read hosts file Example: -r "hosts.txt"'
)
parser.add_argument(
'-p',
dest='p',
help=
'Ports Example: -p="80,8080,443" or -p 1-255 default are most usual ports'
)
parser.add_argument(
'-o',
dest='o',
help=
'Output file address Example: -o recoder.txt or -o D:\\recoder.txt'
)
parser.add_argument(
'-dir',
dest='dir',
help=
'Scanning visible background directory Example: -dir http://127.0.0.1'
)
parser.add_argument(
'-add',
dest='add',
help=
'Dictionary File Address Example: -dir http://127.0.0.1 -add C:\dic.txt'
)
parser.add_argument(
'-sdn',
dest='sdn',
help=
'Subdomain names Example: -sdn baidu.com -types 3 -sdn pku.edu.cn -types 1 -sdn cn.gov.cn -types 2 '
)
parser.add_argument(
'-pro',
dest='pro',
help=
'Protocol Example: -pro https Default Protocol is http '
)
parser.add_argument(
'-types',
dest='types',
help=
'Using different dictionary txt file 1 2 3 means school government company website,it can make the result more reliable'
)
parser.add_argument(
'-url',
dest='url',
help=
'Butian SRC list url Example: -url https://butian.net/Reward/pub'
)
parser.add_argument(
'-page',
dest='page',
help=
'Butian SRC Pages Default is 10 Example: -urldetect baidu.com or -urldetect urls.txt'
)
parser.add_argument(
'-urldetect',
dest='urldetect',
help=
'url Detective Example: -url https://butian.net/Reward/pub'
)
parser.add_argument(
'-ip',
dest='ip',
help=
'Find ip information Example: -urldetect baidu.com or -urldetect urls.txt'
)
parser.add_argument('-help',
action="store_true",
help='To show help information')
options = parser.parse_args()
if options.host:
# if options.r:
# address = str(options.r) 待完成功能
# host_list = tools.content2List(address)
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
if len(PortList) < 50:
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
#进行单个ip以及批量域名扫描
res_host = tools.input2result(str(options.host))
if type(res_host) == type([]):
for host in res_host:
s = tool.standardUrl(host)
ip = tools.getIPByName(s)
info = "[+]Starting scanning:" + str(s) + "({ip})".format(
ip=ip)
printc.printf(info, 'yellow')
scan_host_ports(s)
tool.printIfExist(address)
else:
s = tool.standardUrl(res_host)
ip = tools.getIPByName(s)
info = "[+]Starting scanning:" + str(s) + "({ip})".format(ip=ip)
printc.printf(info, 'yellow')
scan_host_ports(s)
tool.printIfExist(address)
elif options.ah:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
#print(msg2)
ip_addr = options.ah
scan_all_hosts(str(ip_addr))
tool.printIfExist(address)
elif options.r:
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.p:
PortList = tool.changeList(tool.split2List(options.p))
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in PortList:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
file_add = options.r
scan_all_hosts_from_file(file_add)
tool.printIfExist(address)
elif options.sh:
if options.p:
ports = tool.changeList(tool.split2List(options.p))
msg1 = msg2 = ''
for i in ports:
msg1 += str(i) + ' '
msg2 = "[*] Scanning Ports :" + msg1
printc.printf(msg2, "skyblue")
flag = False
ip_addr = options.sh
for port in ports:
if (scan_specific_hosts(ip_addr, port) == True):
flag = True
break
if flag == True:
s1 = "[+] " + str(ip_addr) + "UP"
printc.printf(s1, "green")
else:
s1 = "[+] " + str(ip_addr) + "Down"
printc.printf(s1, "darkred")
elif options.dir:
start_time = time.time()
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
#根据用户输入的数据来返回不同的结果,如果用户输入的是http://www.baidu.com则直接返回结果,如果用户输入的是txt文件地址则将结果返回list
res_host = tools.input2result(str(options.dir))
if type(res_host) == type([]):
for host in res_host:
# host=options.dir
if tool.isStandard(host) == True:
res = tool.Requests(host)
response = tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add = options.add
else:
#Windows和Linux平台文件目录稍有差别
if "Windows" in systeminfo:
add = str(os.getcwd()) + "\\dict\\directory.txt"
# elif "Linux" in systeminfo:
else:
add = str(os.getcwd()) + "/dict/directory.txt"
scanDir(host, add)
# tool.printIfExist(address)
else:
printc.printf(
"\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",
'yellow')
else:
host = res_host
if tool.isStandard(host) == True:
res = tool.Requests(host)
response = tool.set2utf8cont(res)
#dirList=tool.content2List()
if options.add:
add = options.add
else:
#Windows和Linux平台文件目录稍有差别
if "Windows" in systeminfo:
add = str(os.getcwd()) + "\\dict\\directory.txt"
#elif "Linux" in systeminfo:
else:
add = str(os.getcwd()) + "/dict/directory.txt"
scanDir(host, add)
# tool.printIfExist(address)
else:
printc.printf(
"\n[-] 请在您输入的地址前面添加http或者https。http://127.0.0.1 或者 https://www.baidu.com 格式的地址",
'yellow')
s1 = '[*] The scanning is finished'
s2 = '[*] Time cost :' + str((time.time() - start_time)) + ' s'
printc.printf(s1, "yellow")
printc.printf(s2, "yellow")
tool.printIfExist(address)
elif options.url:
url = options.url
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.page:
page = options.page
else:
# url="https://butian.net/Reward/pub"
# page=10
page = 10
butianInfo.get_src_name(url, page)
tool.printIfExist(address)
elif options.sdn:
domain = options.sdn
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.t:
tool.nThreads(options.t)
if options.pro:
protocol = options.pro
else:
protocol = "http"
if options.types:
types = int(options.types)
else:
types = 0
subdomains.getSubdomainName(nThread, types, domain, protocol)
#subdomains.getSubdomainName(300,1,"ncu.edu.cn","http")
tool.printIfExist(address)
elif options.urldetect:
urls = options.urldetect
if options.o:
address = tools.address(options.o)
tools.output(address)
if options.t:
tool.nThreads(options.t)
if options.pro:
protocol = options.pro
else:
protocol = "http"
subdomains.urlDetect(urls, protocol=protocol, nThreads=nThread)
tool.printIfExist(address)
elif options.telnet: #Telnet扫描,既可以单个ip扫描,也支持从文件中读取目标站点进行扫描
ports = '' #端口默认为空
if options.o:
address = tool.address(options.o)
tool.output(address)
if options.p:
ports = options.p
#根据用户输入的数据来返回不同的结果,如果用户输入的是txt文件地址则将结果返回list,反之则原封不动返回输入结果
host = tools.input2result(str(options.telnet))
if type(host) == type([]):
for ip in host:
msg = "************Start telnet {target}************".format(
target=ip)
print(msg)
telnet.telnet(ip, ports)
else:
msg = "************Start telnet {target}************".format(
target=host)
print(msg)
telnet.telnet(host, ports)
tool.printIfExist(address)
elif options.ip:
if options.o:
address = tool.address(options.o)
tool.output(address)
ip = options.ip
tools.findAddressByIp(ip)
tool.printIfExist(address)
else:
helpInfo()
def menu():
global vulnerable_list
day = time.strftime("%Y-%m-%d",
time.localtime()).replace("-", "") #当前日期20190725
start_time = "{day}T220000+0800".format(day=day) #默认扫描任务是每天晚上10点
profile = "F" #默认是全类型漏洞扫描
speed = 's' #默认是慢扫描
protocol = "http" #默认是http
parser = argparse.ArgumentParser()
#AWVS区
parser.add_argument(
'-add',
dest='add',
help=
'The text file of targets Example: -add url.txt'
)
parser.add_argument(
'-pro',
dest='pro',
help=
'Protocol:https or http Default is http Example: -pro https '
)
parser.add_argument(
'-start',
dest='start',
help=
'The starting time of scanning! Default starting time is now Example: -start {time}'
.format(time=present_awvs_time))
parser.add_argument(
'-speed',
dest='speed',
help=
'Scanning speed(3 options:f,m,s) Default is s Slow scanning Example: -speed f'
)
parser.add_argument(
'-profile',
dest='profile',
help=
'Scaning Profile(6 options:H[High vul],W[Weak Password],C[Crawling],X[XSS],S[SQL],F[Full scan]) Default is F Full scanning'
)
parser.add_argument(
'-delete',
dest='delete',
help=
'Delete targets 4 options:1[NO vuln targets],2[NO vuln targets+low vuln targets],3[NO vuln targets+Medium vuln targets],4[All targets] Example: -delete 1'
)
parser.add_argument('-second',
dest='second',
help='second Example: -second 3600')
#vulnerability
parser.add_argument(
'-weblogic',
dest='weblogic',
help='Example: -weblogic /usrs/targets.txt or -weblogic 127.0.0.1')
parser.add_argument(
'-joomla',
dest='joomla',
help='Example: -joomla /usrs/targets.txt or -joomla 127.0.0.1')
parser.add_argument(
'-exploit',
dest='exploit',
help='Example: -exploit /usrs/targets.txt or -exploit 127.0.0.1')
parser.add_argument(
'-command',
dest='command',
help='Example: -command python2 poc.py -p 3389 -d /web/web.xml ')
parser.add_argument(
'-poc_add',
dest='poc_add',
help='Example: -poc_add="vulnerability,cve-2020-01-01,cve-2020-01-01.py'
)
parser.add_argument('-flag',
dest='flag',
help='Example: -flag="Refused,No Response"')
parser.add_argument('-time_out',
dest='time_out',
help='Example: -time_out 1 Default is 2')
parser.add_argument(
'-vuln_name',
dest='vuln_name',
help='Example: -vuln_name cve-2020-01-01 Default is NULL')
parser.add_argument(
'-ecology',
dest='ecology',
help='Example: -ecology baidu.com or -ecology /usrs/targets.txt')
parser.add_argument('-o', dest='o', help='Example: -o res.txt')
parser.add_argument('-help',
action="store_true",
help='To show help information')
options = parser.parse_args()
#批量添加扫描任务,可以自定义时间,扫描类型,扫描速度,默认是慢速扫描,全漏洞扫描,晚上十点开始扫描
if options.add:
second = seconds_default #默认是每隔10分钟开启一个新的扫描任务,主要是防止扫描器吃不消
add = options.add #存放目标站点的TXT文件
if options.pro:
protocol = options.pro #目标中没有协议时
if options.start:
start_time = options.start #开始扫描的时间,如果没有指定立即扫描
if options.profile:
profile = options.profile #扫描类型,默认扫描类型是全扫描
if options.speed:
speed = options.speed #扫描速度,默认是慢扫描
if options.second:
second = int(options.second)
target = tool.content2List(add) #获取扫描的目标,并将其内容转化为列表
tool.setSheetTitle(15, "URL", 6, "Start Time", 7, "Profile", 2,
"Speed", 20, "ID") #首先打印表格的标题
count = 0 # 每扫描1个任务,后面任务依次类推推迟1200s扫描
for address in target:
url_pattern = "(\w+[:/.\w-]+\.[a-z\d]{2,3}[:\w/]*)" #匹配有效的目标地址形如https://shbxwsb.nbhrss.gov.cn:8080/1212 或者 baidu.com
address = re.findall(url_pattern, address, re.S)
if address:
count = count + 1
address = address[0]
# if "www" not in address:
# address = "www." + address
if re.findall(
"^http", address, re.S
) == []: #对于没有指定http或者https协议的url,默认加http头,当然也可以通过-pro参数来指定
address = protocol + "://" + str(address) #如果目标中没有协议则写入协议
if count != 1:
start_time = awvs.awvs2standardTime(
start_time
) #将awvs时间转化为标准时间 并返回字典的形式{"y":"2019","m":"07","d":"12","h":"12","m":"20","s":"00"}
start_time = awvs.nSecondLatter(
start_time, second) #每扫描1个任务,后面任务依次类推推迟300s扫描
start_time = awvs.time2awvstime(
start_time) #转化为awvs能够识别的时间20190805T123640+0800
# print(count)
awvs.add_tasks(address, address, "10", speed)
awvs.start_scan(address, profile, start_time, speed) #开启扫描
#批量删除没有发现漏洞的目标,-delete参数后面是一个存放url和ID的txt文件
elif options.delete:
types = int(options.delete)
print("\n")
if types == 1:
msg = " 开始删除扫描器中没有发现任何漏洞的扫描任务"
elif types == 2:
msg = " 开始删除扫描器中没有发现任何漏洞或者仅仅发现低危漏洞的扫描任务"
elif types == 3:
msg = " 开始删除扫描器中没有发现任何漏洞或者发现中危以及以下漏洞的扫描"
elif types == 4:
msg = " 开始删除扫描器中的所有扫描任务"
print(msg)
print("\n")
tool.setSheetTitle(15, "URL", 18, "ID", 20, "Status") #设置标题
awvs.deleteTask(types) #开始进行删除任务操作
#vulnerability区域
elif options.weblogic:
msg = address = ''
if options.o:
address = tool.address(options.o)
tool.output(address)
res = tool.input2result(str(options.weblogic))
#指定http协议时
if options.pro:
protocol = str(options.pro)
if type(res) == type([]):
for host in res:
host = tool.setDefaultPro(protocol=protocol, url=host)
weblogic_cve_2019_2729.check(host)
else:
host = tool.setDefaultPro(protocol=protocol, url=res)
weblogic_cve_2019_2729.check(host,
vulnerable_list=vulnerable_list)
#不指定时默认设定http协议
else:
if type(res) == type([]):
for host in res:
host = tool.setDefaultPro(url=host)
msg = "[+] Start detecting if {host} is vulnerable to CVE-2019-2729".format(
host=host)
print(msg)
weblogic_cve_2019_2729.check(host)
else:
host = tool.setDefaultPro(url=res)
msg = "[+] Start detecting if {host} is vulnerable to CVE-2019-2729".format(
host=host)
print(msg)
weblogic_cve_2019_2729.check(host)
# if vulnerable_list:
# msg="************** Below are vulnerable URL:******************"
# printc.printf(msg,'yellow')
# tool.printList(vulnerable_list,"green")
tool.printIfExist(address)
#检查joomla的RCE漏洞
elif options.joomla:
if options.o:
address = tool.address(options.o)
tool.output(address)
res = tool.input2result(str(options.joomla))
#print(res)
#指定http协议时
if options.pro:
protocol = str(options.pro)
if type(res) == type([]):
for host in res:
host = tool.setDefaultPro(protocol=protocol, url=host)
msg = "[+] Starting detecting {target}".format(target=host)
print(msg)
host = tool.setDefaultPro(protocol=protocol, url=host)
command = Joomla_3_4_6_RCE.command(host)
os.system(command)
else:
host = res
host = tool.setDefaultPro(protocol=protocol, url=res)
msg = "[+] Starting detecting {target}".format(target=res)
print(msg)
command = Joomla_3_4_6_RCE.command(res)
os.system(command)
else:
if type(res) == type([]):
for host in res:
host = tool.setDefaultPro(url=host)
msg = "[+] Starting detecting {target}".format(target=host)
print(msg)
host = tool.setDefaultPro(protocol=protocol, url=host)
command = Joomla_3_4_6_RCE.command(host)
os.system(command)
else:
host = res
host = tool.setDefaultPro(url=host)
msg = "[+] Starting detecting {target}".format(target=res)
print(msg)
command = Joomla_3_4_6_RCE.command(res)
os.system(command)
#任何poc只要放进到/find/vulnerability/按照一定规则就可以进行批量检测
elif options.exploit:
dataList = []
if options.o:
address = tool.address(options.o)
tool.output(address)
targets = tool.input2result(str(options.exploit))
if options.command:
command = options.command
else:
msg = "您必须输入原POC的完整验证命令。注意不需要加绝对路径,而且不许要输入目标,目标跟在-exploit参数后面"
print(msg)
if options.flag:
flag = options.flag.split(",")
else:
flag = [
"Operation timed out", "most recent call last",
'NotImplementedError'
]
if options.poc_add:
poc_add = options.poc_add.split(",")
else:
pass
if options.time_out:
time_out = options.time_out
else:
time_out = 2
if options.vuln_name:
vuln_name = options.vuln_name
else:
vuln_name = ""
if type(targets) == type([]):
for host in targets:
dataList.append(
exploit.exploit(target=host,
flag=flag,
poc_add=poc_add,
command=command,
vulnerability=vuln_name,
time_out=time_out))
else:
dataList.append(
exploit.exploit(target=targets,
flag=flag,
poc_add=poc_add,
command=command,
vulnerability=vuln_name,
time_out=time_out))
tool.setSheetTitle(t1_len=30,
title1='Target',
t2_len=8,
title2='Vulnerability',
t3_len=2,
title3='Vulnerable',
t4_len=10,
title4='Response')
for data in dataList:
tool.print2sheet(t1_len=30,
t1=data["target"],
title1='Target',
t2_len=8,
t2=data["vuln"],
title2='Vulnerability',
t3_len=2,
t3=data["isVuln"],
title3='Vulnerable',
t4_len=10,
t4=str(data['response']),
title4='Response')
#检测泛微OA数据库配置信息泄漏
elif options.ecology:
if options.o:
address = tool.address(options.o)
tool.output(address)
url = tool.input2result(str(options.ecology))
#print(res)
#指定http协议时
if options.pro:
protocol = str(options.pro)
ecology_OA_db_conf_leak.run(url, protocol)
else:
helpInfo()