def initUI(self): p = Panel(self) self._target_notebook = nb(p) self.build_target_notebook(self._target_notebook) self.main_notebook = nb(p) page1 = self.build_page1(self.main_notebook) page2 = self.build_page2(self.main_notebook) page3 = self.build_page3(self.main_notebook) page4 = self.build_page4(self.main_notebook) page5 = self.build_page5(self.main_notebook) page6 = self.build_page6(self.main_notebook) self.main_notebook.AddPage(page1, '选项区(1)') self.main_notebook.AddPage(page2, '输出区(2)') self.main_notebook.AddPage(page3, '日志区(3)') self.main_notebook.AddPage(page4, 'API区(4)') self.main_notebook.AddPage(page5, '帮助(H)') self.main_notebook.AddPage(page6, '关于') vbox = BoxSizer(VERTICAL) vbox.Add(self._target_notebook, flag = EXPAND) vbox.Add(self.main_notebook, proportion = 1, flag = EXPAND) p.SetSizer(vbox) _frame_sz = BoxSizer() _frame_sz.Add(p, proportion = 1, flag = EXPAND) # 使用SetSizerAndFit方法使frame拥有最小size self.SetSizerAndFit(_frame_sz)
def build_page1_other(self, layout): p = Panel(self) # p = Scroll(self) # 总有一个标签会被掩盖widget, 只能使用_dummy m = self.m self.build_page1_other_general(p, m) self.build_page1_other_misc(p, m) vbox = layout.other_sizer() # p.SetSizerAndFit(vbox), 没用~, 最后一个widget还是会被掩盖 p.SetSizer(vbox) # p.SetupScrolling(scroll_x = False) return p
def build_page1_file(self, layout): p = Panel(self) m = self.m self._page1_file_note_label = st(p, label='注: 存在Stacked queries(堆查询注入)时, ' '才能使用该标签下的功能(udf功能除外)!') self.build_page1_file_read(p, m) self.build_page1_file_write(p, m) self.build_page1_file_os_access(p, m) self.build_page1_file_os_registry(p, m) vbox = layout.file_sizer() p.SetSizer(vbox) return p
def build_page1_enumeration(self, layout): p = Panel(self) m = self.m self.build_page1_enumeration_enum(p, m) self.build_page1_enumeration_dump(p, m) self.build_page1_enumeration_limit(p, m) self.build_page1_enumeration_blind(p, m) self.build_page1_enumeration_meta(p, m) self.build_page1_enumeration_runsql(p, m) self.build_page1_enumeration_brute_force(p, m) vbox = layout.enumeration_sizer() p.SetSizer(vbox) return p
def build_page1_file(self, layout): p = Panel(self) m = self.m self._page1_file_note_label = st(p, label = 'Note: only if stacked query(堆查询注入) worked, ' 'these functions below can be used except udf!') self.build_page1_file_read(p, m) self.build_page1_file_write(p, m) self.build_page1_file_os_access(p, m) self.build_page1_file_registry(p, m) vbox = layout.file_sizer() p.SetSizer(vbox) return p
def build_page4(self, parent): p = Panel(parent) m = self.m border = SizerFlags().Border(LEFT | RIGHT, 5).Align(ALIGN_CENTER) proportion_border = SizerFlags(1).Border(LEFT | RIGHT, 5).Align(ALIGN_CENTER) row1, row2 = (BoxSizer() for _ in range(2)) m._page4_api_server_label.Create(p, label = 'REST-JSON API server:') m._page4_api_server_entry.Create(p, value = '127.0.0.1:8775') m._page4_admin_token_label.Create(p, label = 'Admin (secret) token:') m._page4_admin_token_entry.Create(p) m._page4_admin_token_entry.SetMaxLength(32) row1.Add(m._page4_api_server_label, border) row1.Add(m._page4_api_server_entry, proportion_border) row1.Add(m._page4_admin_token_label, border) row1.Add(m._page4_admin_token_entry, proportion_border) m._page4_task_new_btn.Create(p, label = '创建任务') m._page4_admin_list_btn.Create(p, label = '显示任务') m._page4_admin_flush_btn.Create(p, label = '删除所有任务') m._page4_clear_task_view_btn.Create(p, label = '清空反馈的结果') m._page4_username_label.Create(p, label = '用户名:') m._page4_username_entry.Create(p) m._page4_password_label.Create(p, label = '密码:') m._page4_password_entry.Create(p) _arrow_down = wx.ArtProvider.GetBitmap(wx.ART_GO_DOWN, wx.ART_BUTTON) m._page4_admin_list_btn.SetBitmap(_arrow_down, dir = RIGHT) m._page4_task_new_btn.Bind(EVT_BUTTON, self._handlers.api.task_new) m._page4_admin_list_btn.Bind(EVT_BUTTON, self._handlers.api.admin_list) m._page4_admin_flush_btn.Bind(EVT_BUTTON, self._handlers.api.admin_flush) m._page4_clear_task_view_btn.Bind(EVT_BUTTON, self._handlers.clear_task_view_buffer) row2.Add(m._page4_task_new_btn, border) row2.Add(m._page4_admin_list_btn, border) row2.Add(m._page4_admin_flush_btn, border) row2.Add(m._page4_clear_task_view_btn, border) row2.Add(m._page4_username_label, flag = ALIGN_CENTER | LEFT, border = 200) row2.Add(m._page4_username_entry, proportion_border) row2.Add(m._page4_password_label, border) row2.Add(m._page4_password_entry, proportion_border) row3 = SplitterWindow(p, style = wx.SP_LIVE_UPDATE | wx.BORDER_SUNKEN) # 不能放在SplitVertically后面, 不然gravity会无效 # row3.SetSashGravity(0.5) row3.SetMinimumPaneSize(400) lpane = Scroll(row3) self._api_admin_list_rows = lpane lpane.SetSizer(BoxSizer(VERTICAL)) rpane = Panel(row3) _rbox = BoxSizer(VERTICAL) m._page4_option_get_entry.Create(rpane, value = 'url risk level') _page4_option_set_view_tip = st(rpane, label = '所有选项见sqlmap目录中的optiondict.py') _options_example = ("{\n" " 'url': 'http://www.site.com/vuln.php?id=1',\n" " 'level': 1, 'risk': 1,\n\n" "}\n") m._page4_option_set_view.Create(rpane, value = _options_example, style = wx.TE_MULTILINE) _rbox.Add(m._page4_option_get_entry, flag = EXPAND | ALL, border = 2) _rbox.Add(_page4_option_set_view_tip, flag = ALL, border = 2) _rbox.Add(m._page4_option_set_view, proportion = 1, flag = EXPAND | ALL, border = 2) rpane.SetSizer(_rbox) row3.SplitVertically(lpane, rpane) # win下, lpane是灰色的, 将row3设下颜色, 又是兼容代码... row3.SetBackgroundColour(m._page4_option_set_view.GetBackgroundColour()) row3.SetSashPosition(lpane.GetMinWidth()) m._page4_task_view.Create(p, value = '此处显示反馈的结果:\n', style = wx.TE_MULTILINE | wx.TE_READONLY) vbox = BoxSizer(VERTICAL) vbox.Add(row1, flag = EXPAND | ALL, border = 5) vbox.Add(row2, flag = EXPAND | ALL, border = 5) vbox.Add(row3, proportion = 1, flag = EXPAND | LEFT | RIGHT, border = 10) vbox.Add(m._page4_task_view, proportion = 1, flag = EXPAND | ALL, border = 10) p.SetSizerAndFit(vbox) return p
def build_target_notebook(self, parent): m = self.m m._url_combobox.Create(parent, choices = ['http://www.site.com/vuln.php?id=1']) # style = wx.CB_DROPDOWN p2 = Panel(parent) hbox2 = BoxSizer() m._burp_logfile.Create(p2) m._burp_logfile_chooser.Create(p2, label = '打开') m._burp_logfile_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._burp_logfile]: self._handlers.set_file_entry_text(evt, data)) hbox2.Add(m._burp_logfile, proportion = 1, flag = EXPAND) hbox2.Add(m._burp_logfile_chooser, flag = EXPAND) p2.SetSizer(hbox2) p3 = Panel(parent) hbox3 = BoxSizer() m._request_file.Create(p3) m._request_file_chooser.Create(p3, label = '打开') m._request_file_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._request_file]: self._handlers.set_file_entry_text(evt, data)) hbox3.Add(m._request_file, proportion = 1, flag = EXPAND) hbox3.Add(m._request_file_chooser, flag = EXPAND) p3.SetSizer(hbox3) p4 = Panel(parent) hbox4 = BoxSizer() m._bulkfile.Create(p4) m._bulkfile_chooser.Create(p4, label = '打开') m._bulkfile_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._bulkfile]: self._handlers.set_file_entry_text(evt, data)) hbox4.Add(m._bulkfile, proportion = 1, flag = EXPAND) hbox4.Add(m._bulkfile_chooser, flag = EXPAND) p4.SetSizer(hbox4) p5 = Panel(parent) hbox5 = BoxSizer() m._configfile.Create(p5) m._configfile_chooser.Create(p5, label = '打开') m._configfile_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._configfile]: self._handlers.set_file_entry_text(evt, data)) hbox5.Add(m._configfile, proportion = 1, flag = EXPAND) hbox5.Add(m._configfile_chooser, flag = EXPAND) p5.SetSizer(hbox5) m._sitemap_url.Create(parent) m._google_dork.Create(parent) parent.AddPage(m._url_combobox, '目标url') parent.AddPage(p2, 'burp日志') parent.AddPage(p3, 'HTTP请求') parent.AddPage(p4, 'BULKFILE') parent.AddPage(p5, 'ini文件') parent.AddPage(m._sitemap_url, 'xml_url') parent.AddPage(m._google_dork, 'GOOGLEDORK')
def build_target_notebook(self, parent): m = self.m m._url_combobox.Create(parent, choices = ['http://www.site.com/vuln.php?id=1']) # style = wx.CB_DROPDOWN p2 = Panel(parent) hbox2 = BoxSizer() m._burp_logfile.Create(p2) m._burp_logfile_chooser.Create(p2, label = '打开') m._burp_logfile_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._burp_logfile]: self._handlers.set_file_entry_text(evt, data)) hbox2.Add(m._burp_logfile, proportion = 1, flag = EXPAND) hbox2.Add(m._burp_logfile_chooser, flag = EXPAND) p2.SetSizer(hbox2) p3 = Panel(parent) hbox3 = BoxSizer() m._request_file.Create(p3) m._request_file_chooser.Create(p3, label = '打开') m._request_file_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._request_file]: self._handlers.set_file_entry_text(evt, data)) hbox3.Add(m._request_file, proportion = 1, flag = EXPAND) hbox3.Add(m._request_file_chooser, flag = EXPAND) p3.SetSizer(hbox3) p4 = Panel(parent) hbox4 = BoxSizer() m._bulkfile.Create(p4) m._bulkfile_chooser.Create(p4, label = '打开') m._bulkfile_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._bulkfile]: self._handlers.set_file_entry_text(evt, data)) hbox4.Add(m._bulkfile, proportion = 1, flag = EXPAND) hbox4.Add(m._bulkfile_chooser, flag = EXPAND) p4.SetSizer(hbox4) p5 = Panel(parent) hbox5 = BoxSizer() m._configfile.Create(p5) m._configfile_chooser.Create(p5, label = '打开') m._configfile_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._configfile]: self._handlers.set_file_entry_text(evt, data)) hbox5.Add(m._configfile, proportion = 1, flag = EXPAND) hbox5.Add(m._configfile_chooser, flag = EXPAND) p5.SetSizer(hbox5) m._google_dork.Create(parent) m._direct_connect.Create(parent, value = 'mysql://*****:*****@DBMS_IP:DBMS_PORT/DATABASE_NAME or ' 'access://DATABASE_FILEPATH') parent.AddPage(m._url_combobox, '目标url') parent.AddPage(p2, 'burp日志') parent.AddPage(p3, 'HTTP请求') parent.AddPage(p4, 'BULKFILE') parent.AddPage(p5, 'ini文件') parent.AddPage(m._google_dork, 'GOOGLEDORK') parent.AddPage(m._direct_connect, '-d DIRECT')