def set_es_conn(): if db_set.get("es_open"): try: client = connections.create_connection( hosts=db_set.get("es_addr"), http_auth=db_set.get("es_auth"), timeout=10) info = client.info() if "You Know, for Search" in str(info): if int(info.get("version").get("number").replace(".", "")) > 700: logger.info("Success connect es : {}".format( db_set.get("es_addr"))) others.es_conn = client set_httpinfo() else: logger.warning("Your es version should be > 7.0.0") sys.exit() except Exception as ex: logger.warning( "es conn get error :{} , will exit program".format(ex)) logger.warning( "if you don't want to use elasticsearch .please config 'es_open':False, in config.py" .format(ex)) sys.exit()
def http_md5(self, dictdata): ''' return bool ''' method = dictdata.get("request").get("method") name, value = self.getallargs(dictdata) if db_set.get("es_uniq"): hashstr = getmd5( "{protocol}-{host}-{port}-{method}-{path}-{argsname}".format(argsname="".join(name), method=method, **dictdata.get("url"))) else: hashstr = getmd5( "{protocol}-{host}-{port}-{method}-{path}-{argsname}-{value}".format( argsname="".join(name), value="".join(value), method=method, **dictdata.get("url"))) return hashstr
def init_options(): # 打补丁 pathch_urlencode() cmd_line_options.update(cmd_line_parser().__dict__) # 判断banner if cmd_line_options.show_version: print(banner()) sys.exit() print(banner()) # 判断check-reveres if cmd_line_options.check_reverse: check_reverse() sys.exit() if cmd_line_options.command == "reverse": return # 此处需要改进,添加判读,容错,和sock代理等 if cmd_line_options.proxy: host_port = cmd_line_options.proxy cmd_line_options.proxy = {"http": "http://{}".format(host_port), "https": "https://{}".format(host_port), } else: cmd_line_options.proxy = {} if cmd_line_options.verbose == 0: logger.logger.setLevel(logging.DEBUG) elif cmd_line_options.verbose == 1: logger.logger.setLevel(logging.INFO) elif cmd_line_options.verbose == 2: logger.logger.setLevel(logging.WARNING) elif cmd_line_options.verbose == 3: logger.logger.setLevel(logging.CRITICAL) # 验证DNS_Servers,添加到全局变量 if db_set.get("es_open"): servers = find_dns_server().find_dnsservers() logger.info("Found dns_servers:{}".format(servers)) if servers == []: logger.warning("Not Found dns_servers, Check your Networks or edit data/common/dns_servers.txt") sys.exit() others.dns_servers = servers # 处理html-output logger.info("Vuln results will output to: {}".format(cmd_line_options.html_output)) cmd_line_options.allow_poc = [] cmd_line_options.allow_plugin = {} cmd_line_options.pocs_perfile = [] cmd_line_options.pocs_perfoler = [] cmd_line_options.pocs_perscheme = [] cmd_line_options.pocs_perserver = [] cmd_line_options.pocs_load_moudle = { "perfile": {}, "perfolder": {}, "perscheme": {}, "perserver": {} } poc_keys = { "perfile": cmd_line_options.pocs_perfile, "perfolder": cmd_line_options.pocs_perfoler, "perscheme": cmd_line_options.pocs_perscheme, "perserver": cmd_line_options.pocs_perserver } if cmd_line_options.command == "webscan": cmd_line_options.poc_folders = ["perfile", "perfolder", "perscheme"] if cmd_line_options.command == "hostscan": cmd_line_options.poc_folders = ["perserver"] if "all" not in cmd_line_options.disable: if cmd_line_options.disable: cmd_line_options.enable = None for _dir in cmd_line_options.poc_folders: # old way # path_dir = os.path.join(paths.MYSCAN_POCS_PATH, _dir) # exists_poc_with_ext = list( # filter(lambda x: not x.startswith("__"), os.listdir(path_dir))) # temp = copy.deepcopy(exists_poc_with_ext) # for disable in cmd_line_options.disable: # for poc in exists_poc_with_ext: # if disable in poc and poc in temp: # temp.remove(poc) # for x in temp: # poc_keys.get(_dir).append(os.path.join(path_dir, x)) # new way to get subdir for root, dirs, files in os.walk(os.path.join(paths.MYSCAN_POCS_PATH, _dir)): for file in files: if file.endswith(".py") and not file.startswith("__"): if not any([disable in file for disable in cmd_line_options.disable]): poc_keys.get(_dir).append(os.path.abspath(os.path.join(root, file))) else: for _dir in cmd_line_options.poc_folders: # path_dir = os.path.join(paths.MYSCAN_POCS_PATH, _dir) # exists_poc_with_ext = list( # filter(lambda x: (not x.startswith("__") and x.endswith(".py")), # os.listdir(path_dir))) # if "*" == cmd_line_options.enable: # for poc in exists_poc_with_ext: # poc_keys.get(_dir).append(os.path.join(path_dir, poc)) # else: # for disable in cmd_line_options.enable: # for poc in exists_poc_with_ext: # if disable in poc: # poc_keys.get(_dir).append(os.path.join(path_dir, poc)) for root, dirs, files in os.walk(os.path.join(paths.MYSCAN_POCS_PATH, _dir)): for file in files: if file.endswith(".py") and not file.startswith("__"): if not cmd_line_options.enable: poc_keys.get(_dir).append(os.path.abspath(os.path.join(root, file))) else: if any([enable in file for enable in cmd_line_options.enable]): poc_keys.get(_dir).append(os.path.abspath(os.path.join(root, file))) # # for enable in cmd_line_options.enable: # if enable in file: # poc_keys.get(_dir).append(os.path.abspath(os.path.join(root, file))) for _dir in cmd_line_options.poc_folders: logger.debug("{} total: {} pocs".format(_dir.capitalize(), len(list(set(poc_keys.get(_dir)))))) for poc in list(set(poc_keys.get(_dir))): logger.info("Load Pocs:{}".format(poc)) cmd_line_options.pocs_load_moudle[_dir][hash(poc)] = { "poc": poc, "class": load_file_to_module(poc) } if cmd_line_options.command == "webscan": if not (cmd_line_options.pocs_perfile or cmd_line_options.pocs_perfoler or cmd_line_options.pocs_perscheme): logger.warning("No Pocs ,please use --enable un_auth sqli") sys.exit() if cmd_line_options.command == "hostscan": if not cmd_line_options.pocs_perserver: logger.warning("No Pocs ,please use --enable brute ms17010") sys.exit() else: logger.warning("No Pocs Load!") # languages 插件参数处理 plugins_dir = os.path.join(paths.MYSCAN_PLUGINS_PATH, cmd_line_options.command) exists_poc_with_ext = list( filter(lambda x: not x.startswith("__"), os.listdir(plugins_dir))) if cmd_line_options.plugins: for openplugin in list(set(cmd_line_options.plugins)): for plugin in exists_poc_with_ext: if openplugin in plugin: plugin_path = os.path.join(plugins_dir, plugin) logger.info("Load Plugin:{}".format(plugin_path)) cmd_line_options.allow_plugin[hash(plugin_path)] = { "poc": plugin_path, "class": load_file_to_module(plugin_path) } if len(cmd_line_options.allow_plugin) == 0: logger.warning("No Plugins Load!") total_poc = 0 for x in cmd_line_options.pocs_load_moudle.values(): total_poc += len(x) others.total_pocs=total_poc if total_poc == 0 and len(cmd_line_options.allow_plugin) == 0: logger.warning("No Plugins Pocs Load! Check your arguments ,Program will exit") sys.exit() # 处理ssti全局变量 importssti() # 需要注册一下需要urlpath的插件 poc1 = os.path.join(paths.MYSCAN_POCS_PATH, "perfolder", "info", "myscan_dirscan.py") if poc1 in cmd_line_options.pocs_perfoler: get_dict() # 打补丁 # patch_banner_timeout() #好像没用 ipv6_patch() # 配置连接 set_es_conn() # 配置dishost host if cmd_line_options.host: cmd_line_options.dishost = []