def index():
"""
index page for WebUI
Returns:
rendered HTML page
"""
filename = _builder(_core_config(), _core_default_config())["log_in_file"]
if version() == 2:
return render_template("index.html",
scan_method=__scan_methods(),
profile=__profiles(),
graphs=__graphs(),
languages=__languages(),
filename=filename,
method_args_list=load_all_method_args(
__language(), API=True).decode('utf-8'))
return render_template("index.html",
scan_method=__scan_methods(),
profile=__profiles(),
graphs=__graphs(),
languages=__languages(),
filename=filename,
method_args_list=load_all_method_args(__language(),
API=True))
def new_scan():
"""
new scan through the API
Returns:
a JSON message with scan details if success otherwise a JSON error
"""
_start_scan_config = {}
__api_key_check(app, flask_request, __language())
targetValue = __get_value(flask_request, "targets")
if (target_type(targetValue) == "UNKNOWN"):
return jsonify({"error": "Please input correct target"}), 400
for key in _core_default_config():
if __get_value(flask_request, key) is not None:
_start_scan_config[key] = escape(__get_value(flask_request, key))
_start_scan_config["backup_ports"] = __get_value(flask_request, "ports")
_start_scan_config = __rules(
__remove_non_api_keys(
_builder(_start_scan_config,
_builder(_core_config(), _core_default_config()))),
_core_default_config(), __language())
_p = multiprocessing.Process(target=__scan, args=[_start_scan_config])
_p.start()
# Sometimes method_args is too big!
_start_scan_config["methods_args"] = {"as_user_set": "set_successfully"}
return jsonify(_start_scan_config), 200
def load_file_path():
"""
load home path
Returns:
value of home path
"""
return _builder(_core_config(), _core_default_config())["home_path"]
def __check_external_modules():
"""
check external libraries if they are installed
Returns:
True if success otherwise None
"""
external_modules = ["argparse", "netaddr", "requests", "paramiko", "texttable", "socks", "win_inet_pton",
"flask", "sqlalchemy"]
for module in external_modules:
try:
__import__(module)
except Exception:
__die_failure("pip install -r requirements.txt ---> " +
module + " not installed!")
default_config = _builder(_core_config(), _core_default_config())
if not os.path.exists(default_config["home_path"]):
try:
os.mkdir(default_config["home_path"])
os.mkdir(default_config["tmp_path"])
os.mkdir(default_config["results_path"])
except Exception:
__die_failure("cannot access the directory {0}".format(
default_config["home_path"]))
if not os.path.exists(default_config["tmp_path"]):
try:
os.mkdir(default_config["tmp_path"])
except Exception:
__die_failure("cannot access the directory {0}".format(
default_config["results_path"]))
if not os.path.exists(default_config["results_path"]):
try:
os.mkdir(default_config["results_path"])
except Exception:
__die_failure("cannot access the directory {0}".format(
default_config["results_path"]))
if default_config["database_type"] == "sqlite":
try:
if os.path.isfile(default_config["home_path"]+"/"+default_config["database_name"]):
pass
else:
from database.sqlite_create import sqlite_create_tables
sqlite_create_tables()
except Exception:
__die_failure("cannot access the directory {0}".format(
default_config["home_path"]))
elif default_config["database_type"] == "mysql":
try:
from database.mysql_create import mysql_create_tables, mysql_create_database
mysql_create_database()
mysql_create_tables()
except Exception:
__die_failure(messages("en", "database_connection_failed"))
else:
__die_failure(messages("en", "invalid_database"))
return True
def index():
filename = _builder(_core_config(), _core_default_config())["log_in_file"]
return render_template("index.html",
scan_method=__scan_methods(),
profile=__profiles(),
graphs=__graphs(),
languages=__languages(),
filename=filename,
method_args_list=load_all_method_args(__language(),
API=True))
def __check_external_modules():
"""
check external libraries if they are installed
Returns:
True if success otherwise None
"""
external_modules = [
"argparse", "netaddr", "requests", "paramiko", "texttable", "socks",
"win_inet_pton", "flask", "sqlite3"
]
for module in external_modules:
try:
__import__(module)
except:
__die_failure("pip install -r requirements.txt ---> " + module +
" not installed!")
default_config = _builder(_core_config(), _core_default_config())
if not os.path.exists(default_config["home_path"]):
try:
os.mkdir(default_config["home_path"])
os.mkdir(default_config["tmp_path"])
os.mkdir(default_config["results_path"])
except:
__die_failure("cannot access the directory {0}".format(
default_config["home_path"]))
if not os.path.exists(default_config["tmp_path"]):
try:
os.mkdir(default_config["tmp_path"])
except:
__die_failure("cannot access the directory {0}".format(
default_config["results_path"]))
if not os.path.exists(default_config["results_path"]):
try:
os.mkdir(default_config["results_path"])
except:
__die_failure("cannot access the directory {0}".format(
default_config["results_path"]))
if not os.path.isfile(default_config["api_db_name"]):
try:
copyfile(
os.path.dirname(inspect.getfile(api)) + '/database.sqlite3',
default_config["api_db_name"])
if not os.path.isfile(default_config["api_db_name"]):
__die_failure("cannot access the directory {0}".format(
default_config["api_db_name"]))
except:
__die_failure("cannot access the directory {0}".format(
default_config["api_db_name"]))
return True
def new_scan():
_start_scan_config = {}
language = app.config["OWASP_NETTACKER_CONFIG"]["language"]
__api_key_check(app, flask_request, language)
for key in _core_default_config():
if __get_value(flask_request, key) is not None:
_start_scan_config[key] = __get_value(flask_request, key)
_start_scan_config = __rules(__remove_non_api_keys(_builder(_start_scan_config,
_builder(_core_config(), _core_default_config()))),
_core_default_config(), language)
scan_id = "".join(random.choice("0123456789abcdef") for x in range(32))
scan_cmd = messages(language, 158)
_start_scan_config["scan_id"] = scan_id
p = multiprocessing.Process(target=__scan, args=[_start_scan_config, scan_id, scan_cmd])
p.start()
return jsonify(_start_scan_config)
def create_connection(language):
try:
# retries
for i in range(0, 100):
try:
return sqlite3.connect(
os.path.join(
os.path.dirname(os.path.dirname(__file__)),
_builder(_core_config(),
_core_default_config())["api_db_name"]))
except:
pass
time.sleep(0.01)
except:
warn(messages(language, 168))
return False
def new_scan():
_start_scan_config = {}
__api_key_check(app, flask_request, __language())
for key in _core_default_config():
if __get_value(flask_request, key) is not None:
_start_scan_config[key] = __get_value(flask_request, key)
_start_scan_config["backup_ports"] = __get_value(flask_request, "ports")
_start_scan_config = __rules(
__remove_non_api_keys(
_builder(_start_scan_config,
_builder(_core_config(), _core_default_config()))),
_core_default_config(), __language())
p = multiprocessing.Process(target=__scan, args=[_start_scan_config])
p.start()
# Sometimes method_args is too big!
_start_scan_config["methods_args"] = {"as_user_set": "set_successfully"}
return jsonify(_start_scan_config), 200
def create_connection(language):
"""
a function to create sqlite3 connections to db, it retries 100 times if connection returned an error
Args:
language: language
Returns:
sqlite3 connection if success otherwise False
"""
try:
# retries
for i in range(0, 100):
try:
return sqlite3.connect(
os.path.join(
os.path.dirname(os.path.dirname(__file__)),
_builder(_core_config(),
_core_default_config())["api_db_name"]))
except:
time.sleep(0.01)
except:
warn(messages(language, "database_connect_fail"))
return False
def load_all_args(module_names, graph_names):
# Language Options
# import libs
default_config = _builder(_core_config(), _core_default_config())
_all_profiles = [key for key in _builder(_profiles(), default_profiles())]
_all_profiles.append("all")
language_list = [lang for lang in messages(-1, 0)]
if "-L" in sys.argv or "--language" in sys.argv:
try:
index = sys.argv.index("-L") + 1
except:
index = sys.argv.index("--language") + 1
else:
index = -1
if index is -1:
language = "en"
else:
_error_flag = False
try:
language = sys.argv[index]
except:
_error_flag = True
if _error_flag or language not in language_list:
__die_failure("Please select one of these languages {0}".format(
language_list))
# Check if compatible
check(language)
finish()
# Start Parser
parser = argparse.ArgumentParser(prog="Nettacker", add_help=False)
# parser = OptionParser(usage=messages(language, 1),
# description=messages(language, 2),
# epilog=messages(language, 3))
# Engine Options
engineOpt = parser.add_argument_group(messages(language, 4),
messages(language, 5))
engineOpt.add_argument("-L",
"--language",
action="store",
dest="language",
default=default_config["language"],
help=messages(language, 6).format(language_list))
engineOpt.add_argument("-v",
"--verbose",
action="store",
dest="verbose_level",
default=default_config["verbose_level"],
help=messages(language, 59))
engineOpt.add_argument("-V",
"--version",
action="store_true",
default=default_config["show_version"],
dest="show_version",
help=messages(language, 60))
engineOpt.add_argument("-c",
"--update",
action="store_true",
default=default_config["check_update"],
dest="check_update",
help=messages(language, 61))
engineOpt.add_argument("-o",
"--output",
action="store",
default=default_config["log_in_file"],
dest="log_in_file",
help=messages(language, 11))
engineOpt.add_argument("--graph",
action="store",
default=default_config["graph_flag"],
dest="graph_flag",
help=messages(language, 86).format(graph_names))
engineOpt.add_argument("-h",
"--help",
action="store_true",
default=default_config["help_menu_flag"],
dest="help_menu_flag",
help=messages(language, 2))
engineOpt.add_argument("-W",
"--wizard",
action="store_true",
default=default_config["wizard_mode"],
dest="wizard_mode",
help=messages(language, 107))
engineOpt.add_argument("--profile",
action="store",
default=default_config["profile"],
dest="profile",
help=messages(language, 136).format(_all_profiles))
# Target Options
target = parser.add_argument_group(messages(language, 12),
messages(language, 13))
target.add_argument("-i",
"--targets",
action="store",
dest="targets",
default=default_config["targets"],
help=messages(language, 14))
target.add_argument("-l",
"--targets-list",
action="store",
dest="targets_list",
default=default_config["targets_list"],
help=messages(language, 15))
# Exclude Module Name
exclude_names = module_names[:]
exclude_names.remove("all")
# Methods Options
method = parser.add_argument_group(messages(language, 142),
messages(language, 16))
method.add_argument("-m",
"--method",
action="store",
dest="scan_method",
default=default_config["scan_method"],
help=messages(language, 17).format(module_names))
method.add_argument("-x",
"--exclude",
action="store",
dest="exclude_method",
default=default_config["exclude_method"],
help=messages(language, 18).format(exclude_names))
method.add_argument("-u",
"--usernames",
action="store",
dest="users",
default=default_config["users"],
help=messages(language, 19))
method.add_argument("-U",
"--users-list",
action="store",
dest="users_list",
default=default_config["users_list"],
help=messages(language, 20))
method.add_argument("-p",
"--passwords",
action="store",
dest="passwds",
default=default_config["passwds"],
help=messages(language, 21))
method.add_argument("-P",
"--passwords-list",
action="store",
dest="passwds_list",
default=default_config["passwds_list"],
help=messages(language, 22))
method.add_argument("-g",
"--ports",
action="store",
dest="ports",
default=default_config["ports"],
help=messages(language, 23))
method.add_argument("-T",
"--timeout",
action="store",
dest="timeout_sec",
default=default_config["timeout_sec"],
type=float,
help=messages(language, 24))
method.add_argument("-w",
"--time-sleep",
action="store",
dest="time_sleep",
default=default_config["time_sleep"],
type=float,
help=messages(language, 25))
method.add_argument("-r",
"--range",
action="store_true",
default=default_config["check_ranges"],
dest="check_ranges",
help=messages(language, 7))
method.add_argument("-s",
"--sub-domains",
action="store_true",
default=default_config["check_subdomains"],
dest="check_subdomains",
help=messages(language, 8))
method.add_argument("-t",
"--thread-connection",
action="store",
default=default_config["thread_number"],
type=int,
dest="thread_number",
help=messages(language, 9))
method.add_argument("-M",
"--thread-hostscan",
action="store",
default=default_config["thread_number_host"],
type=int,
dest="thread_number_host",
help=messages(language, 10))
method.add_argument("-R",
"--socks-proxy",
action="store",
dest="socks_proxy",
default=default_config["socks_proxy"],
help=messages(language, 62))
method.add_argument("--retries",
action="store",
dest="retries",
type=int,
default=default_config["retries"],
help=messages(language, 64))
method.add_argument("--ping-before-scan",
action="store_true",
dest="ping_flag",
default=default_config["ping_flag"],
help=messages(language, 99))
method.add_argument("--method-args",
action="store",
dest="methods_args",
default=default_config["methods_args"],
help=messages(language, 35))
method.add_argument("--method-args-list",
action="store_true",
dest="method_args_list",
default=default_config["method_args_list"],
help=messages(language, 111))
# API Options
api = parser.add_argument_group(messages(language, 143),
messages(language, 144))
api.add_argument("--start-api",
action="store_true",
dest="start_api",
default=default_config["start_api"],
help=messages(language, 145))
api.add_argument("--api-host",
action="store",
dest="api_host",
default=default_config["api_host"],
help=messages(language, 146))
api.add_argument("--api-port",
action="store",
dest="api_port",
default=default_config["api_port"],
help=messages(language, 147))
api.add_argument("--api-debug-mode",
action="store_true",
dest="api_debug_mode",
default=default_config["api_debug_mode"],
help=messages(language, 148))
api.add_argument("--api-access-key",
action="store",
dest="api_access_key",
default=default_config["api_access_key"],
help=messages(language, 149))
api.add_argument("--api-client-white-list",
action="store_true",
dest="api_client_white_list",
default=default_config["api_client_white_list"],
help=messages(language, 150))
api.add_argument("--api-client-white-list-ips",
action="store",
dest="api_client_white_list_ips",
default=default_config["api_client_white_list_ips"],
help=messages(language, 151))
api.add_argument("--api-access-log",
action="store_true",
dest="api_access_log",
default=default_config["api_access_log"],
help=messages(language, 152))
api.add_argument("--api-access-log-filename",
action="store",
dest="api_access_log_filename",
default=default_config["api_access_log_filename"],
help=messages(language, 153))
# Return Options
return [
parser,
parser.parse_args(), default_config["startup_check_for_update"]
]
def load_all_args(module_names, graph_names):
"""
create the ARGS and help menu
Args:
module_names: all module names
graph_names: all graph names
Returns:
the parser, the ARGS
"""
# Language Options
# import libs
default_config = _builder(_core_config(), _core_default_config())
_all_profiles = [key for key in _builder(_profiles(), default_profiles())]
_all_profiles.append("all")
language_list = [lang for lang in messages(-1, 0)]
if "-L" in sys.argv or "--language" in sys.argv:
try:
index = sys.argv.index("-L") + 1
except Exception:
index = sys.argv.index("--language") + 1
else:
index = -1
if index == -1:
language = "en"
else:
_error_flag = False
try:
language = sys.argv[index]
except Exception:
_error_flag = True
if _error_flag or language not in language_list:
__die_failure(
"Please select one of these languages {0}".format(
language_list
)
)
# Check if compatible
check(language)
finish()
# Start Parser
parser = argparse.ArgumentParser(prog="Nettacker", add_help=False)
# parser = OptionParser(usage=messages(language,"options"),
# description=messages(language,"help_menu"),
# epilog=messages(language,"license"))
# Engine Options
engineOpt = parser.add_argument_group(
messages(language, "engine"), messages(language, "engine_input")
)
engineOpt.add_argument(
"-L",
"--language",
action="store",
dest="language",
default=default_config["language"],
help=messages(language, "select_language").format(language_list),
)
engineOpt.add_argument(
"-v",
"--verbose",
action="store",
type=int,
dest="verbose_level",
default=default_config["verbose_level"],
help=messages(language, "verbose_level"),
)
engineOpt.add_argument(
"-V",
"--version",
action="store_true",
default=default_config["show_version"],
dest="show_version",
help=messages(language, "software_version"),
)
engineOpt.add_argument(
"-c",
"--update",
action="store_true",
default=default_config["check_update"],
dest="check_update",
help=messages(language, "check_updates"),
)
engineOpt.add_argument(
"-o",
"--output",
action="store",
default=default_config["log_in_file"],
dest="log_in_file",
help=messages(language, "save_logs"),
)
engineOpt.add_argument(
"--graph",
action="store",
default=default_config["graph_flag"],
dest="graph_flag",
help=messages(language, "available_graph").format(graph_names),
)
engineOpt.add_argument(
"-h",
"--help",
action="store_true",
default=default_config["help_menu_flag"],
dest="help_menu_flag",
help=messages(language, "help_menu"),
)
engineOpt.add_argument(
"-W",
"--wizard",
action="store_true",
default=default_config["wizard_mode"],
dest="wizard_mode",
help=messages(language, "wizard_mode"),
)
engineOpt.add_argument(
"--profile",
action="store",
default=default_config["profile"],
dest="profile",
help=messages(language, "select_profile").format(_all_profiles),
)
# Target Options
target = parser.add_argument_group(
messages(language, "target"), messages(language, "target_input")
)
target.add_argument(
"-i",
"--targets",
action="store",
dest="targets",
default=default_config["targets"],
help=messages(language, "target_list"),
)
target.add_argument(
"-l",
"--targets-list",
action="store",
dest="targets_list",
default=default_config["targets_list"],
help=messages(language, "read_target"),
)
# Exclude Module Name
exclude_names = module_names[:]
exclude_names.remove("all")
# Methods Options
method = parser.add_argument_group(
messages(language, "Method"), messages(language, "scan_method_options")
)
method.add_argument(
"-m",
"--method",
action="store",
dest="scan_method",
default=default_config["scan_method"],
help=messages(language, "choose_scan_method").format(module_names),
)
method.add_argument(
"-x",
"--exclude",
action="store",
dest="exclude_method",
default=default_config["exclude_method"],
help=messages(language, "exclude_scan_method").format(exclude_names),
)
method.add_argument(
"-u",
"--usernames",
action="store",
dest="users",
default=default_config["users"],
help=messages(language, "username_list"),
)
method.add_argument(
"-U",
"--users-list",
action="store",
dest="users_list",
default=default_config["users_list"],
help=messages(language, "username_from_file"),
)
method.add_argument(
"-p",
"--passwords",
action="store",
dest="passwds",
default=default_config["passwds"],
help=messages(language, "password_seperator"),
)
method.add_argument(
"-P",
"--passwords-list",
action="store",
dest="passwds_list",
default=default_config["passwds_list"],
help=messages(language, "read_passwords"),
)
method.add_argument(
"-g",
"--ports",
action="store",
dest="ports",
default=default_config["ports"],
help=messages(language, "port_seperator"),
)
method.add_argument(
"-T",
"--timeout",
action="store",
dest="timeout_sec",
default=default_config["timeout_sec"],
type=float,
help=messages(language, "read_passwords"),
)
method.add_argument(
"-w",
"--time-sleep",
action="store",
dest="time_sleep",
default=default_config["time_sleep"],
type=float,
help=messages(language, "time_to_sleep"),
)
method.add_argument(
"-r",
"--range",
action="store_true",
default=default_config["check_ranges"],
dest="check_ranges",
help=messages(language, "range"),
)
method.add_argument(
"-s",
"--sub-domains",
action="store_true",
default=default_config["check_subdomains"],
dest="check_subdomains",
help=messages(language, "subdomains"),
)
method.add_argument(
"-t",
"--thread-connection",
action="store",
default=default_config["thread_number"],
type=int,
dest="thread_number",
help=messages(language, "thread_number_connections"),
)
method.add_argument(
"-M",
"--thread-hostscan",
action="store",
default=default_config["thread_number_host"],
type=int,
dest="thread_number_host",
help=messages(language, "thread_number_hosts"),
)
method.add_argument(
"-R",
"--socks-proxy",
action="store",
dest="socks_proxy",
default=default_config["socks_proxy"],
help=messages(language, "outgoing_proxy"),
)
method.add_argument(
"--retries",
action="store",
dest="retries",
type=int,
default=default_config["retries"],
help=messages(language, "connection_retries"),
)
method.add_argument(
"--ping-before-scan",
action="store_true",
dest="ping_flag",
default=default_config["ping_flag"],
help=messages(language, "ping_before_scan"),
)
method.add_argument(
"--method-args",
action="store",
dest="methods_args",
default=default_config["methods_args"],
help=messages(language, "method_inputs"),
)
method.add_argument(
"--method-args-list",
action="store_true",
dest="method_args_list",
default=default_config["method_args_list"],
help=messages(language, "list_methods"),
)
# API Options
api = parser.add_argument_group(
messages(language, "API"), messages(language, "API_options"))
api.add_argument("--start-api", action="store_true",
dest="start_api", default=default_config["start_api"],
help=messages(language, "start_API"))
api.add_argument("--api-host", action="store",
dest="api_host", default=default_config["api_host"],
help=messages(language, "API_host"))
api.add_argument("--api-port", action="store",
dest="api_port", default=default_config["api_port"],
help=messages(language, "API_port"))
api.add_argument("--api-debug-mode", action="store_true",
dest="api_debug_mode", default=default_config["api_debug_mode"],
help=messages(language, "API_debug"))
api.add_argument("--api-access-key", action="store",
dest="api_access_key", default=default_config["api_access_key"],
help=messages(language, "API_access_key"))
api.add_argument("--api-client-white-list", action="store_true",
dest="api_client_white_list", default=default_config["api_client_white_list"],
help=messages(language, "white_list_API"))
api.add_argument("--api-client-white-list-ips", action="store",
dest="api_client_white_list_ips", default=default_config["api_client_white_list_ips"],
help=messages(language, "define_whie_list"))
api.add_argument("--api-access-log", action="store_true",
dest="api_access_log", default=default_config["api_access_log"],
help=messages(language, "gen_API_access_log"))
api.add_argument("--api-access-log-filename", action="store",
dest="api_access_log_filename", default=default_config["api_access_log_filename"],
help=messages(language, "API_access_log_file"))
api.add_argument("--api-cert", action="store", dest="api_cert", help=messages(language, "API_cert"))
api.add_argument("--api-cert-key", action="store", dest="api_cert_key", help=messages(language, "API_cert_key"))
# Return Options
return [
parser,
parser.parse_args(),
default_config["startup_check_for_update"],
]
def load_file_path():
return _builder(_core_config(), _core_default_config())["home_path"]
def __wizard(targets, thread_number, thread_number_host, log_in_file,
scan_method, exclude_method, users, passwds, timeout_sec, ports,
verbose_level, socks_proxy, retries, graph_flag, language):
"""
start the framework in wizard mode
Args:
targets: targets (default value)
thread_number: thread number (default value)
thread_number_host: thread number for hosts (default value)
log_in_file: output filename (default value)
scan_method: module names (default value)
exclude_method: excluded module names (default value)
users: usernames (default value)
passwds: passwords (default value)
timeout_sec: timeout seconds (default value)
ports: port numbers (default value)
verbose_level: verbose level number (default value)
socks_proxy: socks proxy (default value)
retries: retries number (default value)
graph_flag: graph name (default value)
language: language
Returns:
an array with user inputs
"""
# default config
module_name = scan_method[:]
ex_module_name = scan_method[:]
ex_module_name.remove('all')
default_config = _builder(_core_config(), _core_default_config())
targets = __input(
messages(language,
"enter_default").format(messages(language, "all_targets"),
default_config["targets"]),
default_config["targets"])
thread_number = __input(
messages(language, "enter_default").format(
messages(language, "all_thread_numbers"),
default_config["thread_number"]), default_config["thread_number"])
try:
thread_number = int(thread_number)
except:
thread_number = default_config["thread_number"]
thread_number_host = __input(
messages(language, "enter_default").format(
messages(language, "thread_number_hosts"),
default_config["thread_number_host"]),
default_config["thread_number_host"])
try:
thread_number_host = int(thread_number_host)
except:
thread_number_host = default_config["thread_number_host"]
log_in_file = __input(
messages(language,
"enter_default").format(messages(language, "out_file"),
default_config["log_in_file"]),
default_config["log_in_file"])
scan_method = __input(
messages(language, "enter_choices_default").format(
messages(language, "all_scan_methods"), ', '.join(module_name),
default_config["scan_method"]), default_config["scan_method"])
exclude_method = __input(
messages(language, "enter_choices_default").format(
messages(language, "all_scan_methods_exclude"),
', '.join(ex_module_name), default_config["exclude_method"]),
default_config["exclude_method"])
users = __input(
messages(language,
"enter_default").format(messages(language, "all_usernames"),
default_config["users"]),
default_config["users"])
passwds = __input(
messages(language,
"enter_default").format(messages(language, "all_passwords"),
default_config["passwds"]),
default_config["passwds"])
timeout_sec = __input(
messages(language,
"enter_default").format(messages(language, "timeout_seconds"),
default_config["timeout_sec"]),
default_config["timeout_sec"])
try:
timeout_sec = int(timeout_sec)
except:
timeout_sec = default_config["timeout_sec"]
ports = __input(
messages(language,
"enter_default").format(messages(language, "all_ports"),
default_config["ports"]),
default_config["ports"])
verbose_level = __input(
messages(language, "enter_default").format(
messages(language, "all_verbose_level"),
default_config["verbose_level"]), default_config["verbose_level"])
socks_proxy = __input(
messages(language,
"enter_default").format(messages(language, "all_socks_proxy"),
default_config["socks_proxy"]),
default_config["socks_proxy"])
retries = __input(
messages(language,
"enter_default").format(messages(language, "retries_number"),
default_config["retries"]),
default_config["retries"])
try:
retries = int(retries)
except:
retries = default_config["retries"]
graph_flag = __input(
messages(language,
"enter_choices_default").format(messages(language, "graph"),
', '.join(graph_flag),
default_config["graph_flag"]),
default_config["graph_flag"])
return [
targets, thread_number, thread_number_host, log_in_file, scan_method,
exclude_method, users, passwds, timeout_sec, ports, verbose_level,
socks_proxy, retries, graph_flag
]
import nmap3, socket, shlex, json, re, sys
# Regular expression for catching open ports
regex = '[0-9]*\/(?:tcp|udp)\s*open.\s'
# Regular expression for catching every detailed vulnerability description
regex2 = '(?:\|\s*\[[0-9]*\]|\|\s*\[CVE\-.*?\]).*?Matches.*?http.*?\n'
# Regular expression for catching match score
regex3 = 'Matches:\s*(\S)'
# Global indicator for whether there is vulnerability found
test_has_vulnerability = False
# default config
default_config = _core_config()
# This function parse a string into json
def parse_to_json(s, target) -> 'Indicator 1,0 or -1':
"""Takes as input Vulscan output string, and a target IP address"""
my_dict = {}
my_dict['target'] = target
l1 = re.findall(regex, s)
if not l1:
print(
'Error finding all lines that match the regular expression pattern!'
)
print(
'Either there are no open ports discovered or regex find failed')
return None
def __wizard(targets, thread_number, thread_number_host, log_in_file,
scan_method, exclude_method, users, passwds, timeout_sec, ports,
verbose_level, socks_proxy, retries, graph_flag, language):
# default config
module_name = scan_method[:]
ex_module_name = scan_method[:]
ex_module_name.remove('all')
default_config = _builder(_core_config(), _core_default_config())
targets = __input(
messages(language, 118).format(messages(language, 120),
default_config["targets"]),
default_config["targets"])
thread_number = __input(
messages(language, 118).format(messages(language, 121),
default_config["thread_number"]),
default_config["thread_number"])
thread_number_host = __input(
messages(language, 118).format(messages(language, 122),
default_config["thread_number_host"]),
default_config["thread_number_host"])
log_in_file = __input(
messages(language, 118).format(messages(language, 123),
default_config["log_in_file"]),
default_config["log_in_file"])
scan_method = __input(
messages(language, 119).format(messages(language,
124), ', '.join(module_name),
default_config["scan_method"]),
default_config["scan_method"])
exclude_method = __input(
messages(language, 119).format(messages(language, 125),
', '.join(ex_module_name),
default_config["exclude_method"]),
default_config["exclude_method"])
users = __input(
messages(language, 118).format(messages(language, 126),
default_config["users"]),
default_config["users"])
passwds = __input(
messages(language, 118).format(messages(language, 127),
default_config["passwds"]),
default_config["passwds"])
timeout_sec = __input(
messages(language, 118).format(messages(language, 128),
default_config["timeout_sec"]),
default_config["timeout_sec"])
ports = __input(
messages(language, 118).format(messages(language, 129),
default_config["ports"]),
default_config["ports"])
verbose_level = __input(
messages(language, 118).format(messages(language, 130),
default_config["verbose_level"]),
default_config["verbose_level"])
socks_proxy = __input(
messages(language, 118).format(messages(language, 131),
default_config["socks_proxy"]),
default_config["socks_proxy"])
retries = __input(
messages(language, 118).format(messages(language, 132),
default_config["retries"]),
default_config["retries"])
graph_flag = __input(
messages(language, 119).format(messages(language,
133), ', '.join(graph_flag),
default_config["graph_flag"]),
default_config["graph_flag"])
return [
targets, thread_number, thread_number_host, log_in_file, scan_method,
exclude_method, users, passwds, timeout_sec, ports, verbose_level,
socks_proxy, retries, graph_flag
]
def discovery(target,
ports=None,
timeout=3,
thread_number=1000,
send_data=None,
time_sleep=0,
socks_proxy=None):
"""
Discover the service run on the port, it can detect real service names when users change default port number
Args:
target: target to scan
ports: ports in array, or if None it will test 1000 common ports
timeout: timeout seconds
thread_number: thread numbers
send_data: data to send by socket, if None it will send b"ABC\x00\r\n" * 10 by default
time_sleep: time to sleep between requests
socks_proxy: socks proxy
Returns:
discovered services and ports in JSON dict
"""
threads = []
if not send_data:
send_data = b"ABC\x00\r\n" * 10
if not ports:
from lib.scan.port.engine import extra_requirements_dict as port_scanner_default_ports
ports = port_scanner_default_ports()["port_scan_ports"]
for port in ports:
t = threading.Thread(target=discover_by_port,
args=(target, int(port), int(timeout), send_data,
socks_proxy))
threads.append(t)
t.start()
time.sleep(time_sleep)
while 1:
try:
if threading.activeCount() <= thread_number:
break
time.sleep(0.01)
except KeyboardInterrupt:
break
kill_switch = 0
while 1:
time.sleep(0.01)
kill_switch += 1
try:
if threading.activeCount() is 1 or int(kill_switch) is int(
timeout * 5 * 10):
break
except KeyboardInterrupt:
break
if _builder(_core_config(), _core_default_config())["send_diagnostics"]:
diagnostics_data = {}
diagnostics_data["services"] = json.dumps(result_dict)
diagnostics_data["timeout"] = timeout
diagnostics_data["thread_number"] = thread_number
diagnostics_data["send_data"] = binascii.b2a_base64(send_data)
diagnostics_data["target"] = target
send_service_scan_diagnostics(diagnostics_data)
return result_dict
