def scan(cls, cmd):
'''
Nmap scan.
output:
a list of host, each host has attribute 'ip' 'port' 'protocol'
'''
result = list()
if "-oX" not in cmd:
cmd = cmd + " -oX -"
if CONF.nmap:
cmd.replace("nmap", CONF.nmap)
popen = Popen(cmd, shell=True, stdout=PIPE, stderr=STDOUT)
scanResult = popen.stdout.read()
#parse the nmap scan result
xmlDoc = BeautifulStoneSoup(scanResult)
hosts = xmlDoc.findAll("host")
for host in hosts:
if isinstance(
host, NavigableString
) or host.name != "host" or host.status['state'] != "up":
continue
ip = host.address['addr']
#url = host.hostnames.hostname['name']
try:
ports = host.ports.contents
except AttributeError:
result.append(Dict(**{'ip': ip}))
continue
else:
for port in ports:
if isinstance(
port, NavigableString
) or port.name != "port" or port.state['state'] != "open":
continue
result.append(
Dict(ip=ip,
port=port['portid'],
protocol=port.service['name']))
return result
def _parseHtml(self, document):
document = BeautifulSoup(document)
attrs = {"class": "b_algo"}
relist = document.findAll("li", attrs=attrs)
if not relist:
raise StopIteration()
for line in relist:
title = "".join([x.string for x in line.h2.a.contents])
url = line.h2.a["href"]
brief = "".join([x.string for x in line.contents[1].p.contents])
yield Dict(title=title, url=url, brief=brief)
def _parseHtml(self, document):
document = BeautifulSoup(document)
attrs = {"class": "f"}
relist = document.findAll("td", attrs=attrs)
if not relist:
raise StopIteration()
for line in relist:
title = "".join([x.string for x in line.a.font.contents])
url = line.a["href"]
briefDoc = line.a.nextSibling.nextSibling.contents
brief = briefDoc[0].string + (briefDoc[1].string
if briefDoc[1].string else "")
yield Dict(title=title, url=url, brief=brief)
def brute(self):
#partDoman示例:aaa.com partDomain为aaa,aaa.com.cn partDomain为aaa
pos = self.domain.rfind(".com.cn")
if pos == -1: pos = self.domain.rfind(".")
partDomain = self.domain if pos == -1 else self.domain[0:pos]
if self.bruteTopDomain:
dlist = os.path.join("data", "wordlist", "toplevel.txt")
for line in DictFileEnum(dlist):
domain = partDomain + "." + line
ip = self.checkDomain(domain)
if ip:
yield Dict(url=domain,
ip=ip,
description="Generated by dnsbrute plugin.")
for dlist in self.dictfiles:
for line in DictFileEnum(dlist):
domain = line + "." + self.domain
ip = self.checkDomain(domain)
if ip:
yield Dict(url=domain,
ip=ip,
description="Generated by dnsbrute plugin.")
def __init__(self, ptype=0, **kwargs):
try:
with open(os.path.join("plugin", "config", "portmapping.yaml"),
"r") as fd:
self.portDict = yaml.load(fd)
except IOError:
raise PluginError(
"cannot load portmapping configure file 'portmapping.yaml'")
if ptype == 1:
self.cmd = ""
elif ptype == 2:
self.cmd = "nmap -n -Pn -oX - "
elif ptype == 3:
self.cmd = "nmap -n -Pn -p1-65535 -oX - "
else:
portList = [key for key in self.portDict]
portStr = ",".join([str(x) for x in portList])
self.cmd = "nmap -n -Pn -p{ports} -oX - ".format(ports=portStr)
self.type = ptype
self.host = Dict(**kwargs)
#requests.packages.urllib3.disable_warnings()
self.httpTimeout = CONF.http.timeout
# @Author : xxc727xxc ([email protected]) # @Version : 1.0.0 import functools import logging from jinja2 import Environment, FileSystemLoader import core.common.utils as utils from config import configs, Dict logger = logging.getLogger(__name__) options = Dict( autoescape=True, block_start_string='{%', block_end_string='%}', variable_start_string='{{', variable_end_string='}}', auto_reload=True, ) def jinja_filter(filter_name): if not isinstance(filter_name, str) or len(filter_name) <= 0: raise ValueError('jinja_filter not named') def decorator(func): @functools.wraps(func) def wrapper(*args, **kw): return func(*args, **kw) wrapper.__filter_name__ = filter_name
def formatParam(originParam, options):
'''
Description : Check param.
Usage : params = formatParam(originParam, options)
Parameters:
options:
descript the param
((name,type,range),
example:
(("ip","ip",""),
("url","url",""),
("level","integer","1-5000"),
("title","string","1-100"))
type:
ip, url, email, string, int, text
range:
if null, means everything
integer: the number range
string: the length range
param:
the parameters
'''
ipPattern = re.compile(
r"^((?:(?:(?:2[0-4]\d)|(?:25[0-5])|(?:[01]?\d\d?))\.){3}(?:(?:2[0-4]\d)|(?:25[0-5])|(?:[01]?\d\d?))(?:\:\d+)?)$"
)
urlPattern = re.compile(
r"^(?:http(?:s)?\://)?((?:[-0-9a-zA-Z_~!=]+\.)+(?:[-0-9a-zA-Z_~!=]+)(?:\:\d+)?)"
)
emailPattern = re.compile(
r"^((?:[-0-9a-zA-Z_!=:.%+])+@(?:[-0-9a-zA-Z_!=:]+\.)+(?:[-0-9a-zA-Z_!=:]+))$"
)
params = Dict()
for option in options:
if option[1] == "ip":
try:
value = originParam[option[0]].strip()
except KeyError:
raise ParamError("missing parameter '{0}'".format(option[0]))
if not value and not option[2]:
params[option[0]] = value
else:
match = ipPattern.match(value)
if not match:
raise ParamError("IP parameter '{0}' format error".format(
option[0]))
params[option[0]] = match.groups()[0]
elif option[1] == "url":
try:
value = originParam[option[0]].strip()
except KeyError:
raise ParamError("missing parameter '{0}'".format(option[0]))
if not value and not option[2]:
params[option[0]] = value
else:
match = urlPattern.match(value)
if not match:
raise ParamError(
"URL parameter '{0}' format error!".format(option[0]))
params[option[0]] = match.groups()[0]
elif option[1] == "email":
try:
value = originParam[option[0]].strip()
except KeyError:
raise ParamError("missing parameter '{0}'".format(option[0]))
if not value and not option[2]:
params[option[0]] = value
else:
match = emailPattern.match(value)
if not match:
raise ParamError(
"Email parameter '{0}' format error!".format(
option[0]))
params[option[0]] = match.groups()[0]
elif option[1] == "string":
try:
value = originParam[option[0]].strip()
except KeyError:
raise ParamError("missing parameter '{0}'".format(option[0]))
if option[2]:
try:
l, g = [int(x) for x in option[2].split("-")]
except ValueError:
raise ParamError("range option define error '{0}'!".format(
option[2]))
if len(value) > g or len(value) < l:
raise ParamError(
"string parameter '{0}' out of range!".format(
option[0]))
params[option[0]] = addSlashes(value)
else:
params[option[0]] = addSlashes(value)
elif option[1] == "integer":
try:
value = int(originParam[option[0]].strip())
except KeyError:
raise ParamError("missing parameter '{0}'".format(option[0]))
except ValueError:
if originParam[option[0]]:
raise ParamError(
"integer parameter '{0}' format error!".format(
option[0]))
elif option[2]:
raise ParamError(
"integer parameter '{0}' must not null!".format(
option[0]))
elif not option[2]:
params[option[0]] = ""
if option[2]:
try:
l, g = [int(x) for x in option[2].split("-")]
except ValueError:
raise ParamError("range option define error '{0}'!".format(
option[2]))
if l == g == 0:
params[option[0]] = str(value)
elif value > g or value < l:
raise ParamError(
"Integer parameter '{0}' out of range!".format(
option[0]))
params[option[0]] = str(value)
else:
params[option[0]] = str(value)
elif option[1] == "text":
try:
value = originParam[option[0]].strip()
except KeyError:
raise ParamError("missing parameter '{0}'".format(option[0]))
params[option[0]] = addSlashes(value)
else:
raise ParamError("option type '{0}' is not recognized!".format(
option[1]))
return params