def configure_hostname(hostname):
"""
Configures /etc/hostname and /etc/hosts
:param hostname: Hostname
:return: Whether the operation was successful
"""
return (write_file(FILE_HOSTNAME, "{}\n".format(hostname))
and write_file(FILE_HOSTS, CONFIG_HOSTS.format(hostname)))
def configure_networking():
"""
Configures networking in the given chroot using systemd-networkd and
systemd-resolved
:param chroot: Filesystem root
:return: Whether the operation was successful
"""
success = systemd_enable("dbus")
if success:
logging.info("Configuring systemd-networkd...")
success = (write_file(FILE_NETWORKD_DEFAULT, CONFIG_DHCP) and success
and systemd_enable("systemd-networkd"))
if success:
logging.info("Configuring systemd-resolved...")
try:
os.makedirs(DIR_RESOLVCONF, mode=0o755, exist_ok=True)
success = (run_cmd("cp {} {}".format(FILE_RESOLVCONF_ETC,
FILE_RESOLVCONF_RUN))
and unmount_device(FILE_RESOLVCONF_ETC))
os.remove(FILE_RESOLVCONF_ETC)
except Exception as e:
logging.error("Error copying systemd-resolved files: {}".format(e))
success = False
if success:
try:
os.symlink(FILE_RESOLVCONF_RUN, FILE_RESOLVCONF_ETC)
except Exception as e:
logging.error("Error symlinking resolvconf: {}".format(e))
success = False
if success:
success = systemd_enable("systemd-resolved")
if success:
ssh_config = read_file(FILE_SSHD)
try:
ssh_config = re.sub(
r"# +(?=PermitRootLogin\s+yes|no|prohibit-password)$", "",
ssh_config, re.MULTILINE)
except Exception as e:
logging.error("Error formatting ssh config: {}".format(e))
success = False
if success:
success = (write_file(FILE_SSHD, ssh_config)
and systemd_enable("ssh"))
return success
def configure_apt(url="http://deb.debian.org/debian",
distrib="stable",
components=("main", "contrib", "non-free")):
"""
Writes /etc/apt/source.list
:param url: Repo url
:param distrib: stable, unstable, stretch, buster, etc...
:param components: main, contrib, non-free
:return: Whether the operation was successful
"""
sources_content = "deb {} {} {}\n".format(url, distrib,
" ".join(components))
return (write_file(FILE_APT_CONFIG, CONFIG_APT_SUGGESTS)
and write_file(FILE_APT_SOURCES, sources_content)
and run_cmd("apt-get update"))
def write_fstab(boot_uuid, root_uuid):
"""
Writes rpi fstab using boot_uuid and root_uuid
:param boot_uuid: Boot partition uuid
:param root_uuid: Root partition uuid
:return: Whether the operation was successful
"""
return write_file(FILE_FSTAB, CONFIG_FSTAB.format(boot_uuid, root_uuid))
def configure_locale(locale):
"""
Configure /etc/default/locale
:param locale: Locale
:return: Whether the operation was successful
"""
return (write_file(FILE_LOCALES, CONFIG_LANG.format(locale))
and run_cmd("locale-gen --purge {}".format(locale)))
def configure_sshd():
"""
Configures SSHD to allow root logins
:return: Whether the operation was successful
"""
sshd_config = read_file(FILE_SSHD)
re.sub(r"^#?\s*PermitRootLogin\s+(no|prohibit-password)$",
"PermitRootLogin yes",
sshd_config,
flags=re.MULTILINE)
return write_file(FILE_SSHD, sshd_config)
def change_rootpw(passwd):
"""
Changes the system root password
:param passwd: New root password
:return: Whether the operation was successful
"""
shadow_contents = read_file(FILE_PASSWD)
if shadow_contents is not None:
shadow_contents = re.sub(r"(?<=^root:)\*(?=:)",
crypt.crypt(passwd, salt=crypt.METHOD_SHA256),
shadow_contents)
return write_file(FILE_PASSWD, shadow_contents)
def main(args_options):
search_engines = args_options.engines
output = args_options.output
urls_queue = multiprocessing.Manager().list() # url队列
supported_engines = {
'baidu': baidu.Baidu_enum,
'google': google.Google_enum,
'yahoo': yahoo.Yahoo_enum,
'ecosia': ecosia.Ecosia_enum,
'teoma': teoma.Teoma_enum,
'360': qihu.Qihu360_enum,
'hotbot': hotbot.Hotbot_enum,
}
chosen_enums = []
if search_engines is None:
chosen_enums = [
baidu.Baidu_enum, google.Google_enum, yahoo.Yahoo_enum,
ecosia.Ecosia_enum, teoma.Teoma_enum, qihu.Qihu360_enum,
hotbot.Hotbot_enum
]
else:
engines = search_engines.split(',')
for engine in engines:
if engine.lower() in supported_engines:
chosen_enums.append(
supported_engines[engine.lower()]) # 选择搜索引擎
enums = [enum(args_options, q=urls_queue)
for enum in chosen_enums] # 列表生成式生成搜索引擎类的实例
for enum in enums:
enum.start() # 启动搜索引擎爬取url
for enum in enums:
enum.join()
urls = set(urls_queue) # set对url去重
write_file(output, urls)
def configure_keyboard(xkblayout,
xkbmodel="pc105",
xkbvariant="",
xkboptions="",
backspace="guess"):
"""
Configure /etc/default/keyboard
:param xkblayout: Keyboard layout
:param xkbmodel: Keyboard model
:param xkbvariant: Keyboard variant
:param xkboptions: Keyboard options
:param backspace: Backspace option
:return: Whether the operation was successful
"""
keyboard_config = CONFIG_KEYBOARD.format(xkbmodel, xkblayout, xkbvariant,
xkboptions, backspace)
return write_file(FILE_KEYBOARD, keyboard_config)
urlparse.urlparse(newurl).hostname,
key_domain=urlparse.urlparse(newurl).hostname)
except Exception, e:
# print traceback.format_exc()
pass
weakuri = []
try:
weakuri = dirscan(newurl)
except Exception, e:
# print traceback.format_exc()
pass
weakuri = baidu_status + github_status + weakuri
try:
write_file(
'<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s b</td><td>%s</td><td><font color="blue">%s%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n'
% (newurl, newurl, ip, code, newtitle, lenth, [
dirpath_key
for dirpath_key in set(dirpaths + weakuri)
], baidu_dirs, alllinks, emails, ips), output_file)
except Exception, e:
# print traceback.format_exc()
print '[!] output_error'
write_file(newurl,
handle_ext(output_file) + output_error_file)
pass
else:
print '[!] Filter title'
write_file(newurl, handle_ext(output_file) + title_filter_file)
except Exception, e:
# print traceback.format_exc()
pass
def checkDir(url, target, module):
'''
Main requests function with Portscan && Dirscan
'''
output_file = report_filename(target, module)
url = url_handle(url)
try:
if url not in filter_urls and filter_list(module=url,
filter_list=sub_filter_list):
filter_urls.append(url)
ip, open_ports, baidu_status, github_status = url, [], [], []
print '[*] Now scanning: ' + url
if module in ['autoscan', 'dirscan', 'single']: # Handle c_ip scan
if baidu_engine:
print '[*] Check Baidu site: %s' % urlparse.urlparse(
url).hostname
baidu_status = baidu_check(url)
if github_engine:
print '[*] Check Github status: %s' % urlparse.urlparse(
url).hostname
github_status = github_check(url)
try:
ip = url2ip(url)
if not is_internal_ip(ip) and ip not in filter_ips.keys(
) and ip != '': # filter internal_ip
print '[+] Get url2ip: ' + ip
open_ports = portscan(ip)
filter_ips[ip] = open_ports
write_file(
str(ip) + ',' +
str(open_ports).replace('[', '').replace(']', ''),
handle_ext(output_file) + portscan_opens_file)
if len(open_ports) > openports_maxnum:
print '[!] Maybe got port waf'
write_file(
ip,
handle_ext(output_file) + portscan_maxnum_file)
open_ports = []
else:
open_ports = filter_ips[ip]
except Exception, e:
# print traceback.format_exc()
write_file(url, handle_ext(output_file) + url2ip_error_file)
pass
print '[+] Get open ports: ' + str(open_ports)
if open_ports == []: #or 80 not in open_ports
try:
newtitle, code, lenth, content = '', '', '', ''
try:
newtitle, code, lenth, content = getitle(url)
except Exception, e:
# print traceback.format_exc()
pass
if code in range(
200, 405
) and code != 401: # add Do not scan 401 status_code
try:
print '[+] Get title: %s,status_code: %s,content lenth: %s' % (
newtitle, code, lenth)
except:
pass
write_file(
url,
handle_ext(output_file) +
'/%s_alive_urls.txt' % handle_ext_old(target))
if title_filter not in newtitle and filter_list(
module=newtitle,
filter_list=title_filter_list):
alllink, alllinks, emails, ips = [], [], [], []
try:
alllink, alllinks, emails, ips = getallink(
url, content)
except Exception, e:
# print traceback.format_exc()
pass
dirpaths = []
try:
dir_urls = scandir_again(url, alllink)
if len(dir_urls) < link_maxnum:
for dir_url in dir_urls:
dirpaths += weakfile(dir_url)
except Exception, e:
# print traceback.format_exc()
pass
if len(dirpaths) > dirpaths_maxnum:
dirpaths = ["more_path"]
weakuri = []
try:
weakuri = dirscan(url)
except Exception, e:
# print traceback.format_exc()
pass
baidu_dirs = ''
if baidu_dir_engine and module in [
'autoscan', 'dirscan', 'single'
]:
try:
baidu_dirs = baidu_dir(
command='site:%s' %
urlparse.urlparse(url).hostname,
key_domain=urlparse.urlparse(
url).hostname)
except Exception, e:
# print traceback.format_exc()
pass
weakuri = baidu_status + github_status + weakuri
try:
write_file(
'<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s b</td><td>%s</td><td><font color="blue">%s%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n'
% (url, url, ip, code, newtitle, lenth, [
dirpath_key
for dirpath_key in set(dirpaths +
weakuri)
], alllinks, baidu_dirs, emails, ips),
output_file)
except Exception, e:
# print traceback.format_exc()
print '[!] output_error'
write_file(
url,
handle_ext(output_file) +
output_error_file)
pass
def checkFast(url,target,module):
'''
Main requests function no Dirscan
'''
output_file = report_filename(target,module)
url = url_handle(url)
try:
if url not in filter_urls and filter_list(module=url,filter_list=sub_filter_list):
filter_urls.append(url)
print '[*] Now scanning: ' + url
ip,open_ports = url,[]
try:
ip = url2ip(url)
if not is_internal_ip(ip) and ip not in filter_ips.keys() and ip != '':# filter internal_ip
print '[+] Get url2ip: ' + ip
open_ports = portscan(ip)
filter_ips[ip] = open_ports
write_file(str(ip)+','+str(open_ports).replace('[','').replace(']',''),handle_ext(output_file)+portscan_opens_file)
if len(open_ports) > openports_maxnum:
print '[!] Maybe got port waf'
write_file(ip,handle_ext(output_file)+portscan_maxnum_file)
open_ports = []
else:
open_ports = filter_ips[ip]
except Exception,e:
# print traceback.format_exc()
write_file(url,handle_ext(output_file)+url2ip_error_file)
pass
print '[+] Get open ports: ' + str(open_ports)
if open_ports == []:#or 80 not in open_ports
try:
newtitle,code,lenth,content = '','','',''
try:
newtitle,code,lenth,content = getitle(url)
except Exception,e:
# print traceback.format_exc()
pass
if code in range(200,405):
try:
print '[+] Get title: %s,status_code: %s,content lenth: %s' % (newtitle,code,lenth)
except:pass
write_file(url,handle_ext(output_file)+'/%s_alive_urls.txt' % handle_ext_old(target)) # save alive `host:port` to dirsearch
alllink,alllinks,emails,ips = [],[],[],[]
if title_filter not in newtitle and filter_list(module=newtitle,filter_list=title_filter_list):
try:
alllink,alllinks,emails,ips = getallink(url,content)
except Exception,e:
# print traceback.format_exc()
pass
try:
write_file('<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s b</td><td><font color="blue">%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n' % (url,url,ip,code,newtitle,lenth,alllinks,emails,ips),output_file)
except Exception,e:
# print traceback.format_exc()
print '[!] output_error'
write_file(url,handle_ext(output_file)+output_error_file)
pass
else:
print '[!] Filter title'
write_file(url,handle_ext(output_file)+title_filter_file)
except Exception,e:
# print traceback.format_exc()
pass
newurl = newurl.replace('https://','http://')
if newurl.split(':')[-1] == '443':
newurl = newurl.replace(':443','').replace('http://','https://')
print '[*] Scan new_url: ' + newurl
try:
newtitle,code,lenth,content = '','','',''
try:
newtitle,code,lenth,content = getitle(newurl)
except Exception,e:
# print traceback.format_exc()
pass
if code in range(200,405):
try:
print '[+] Get title: %s,status_code: %s,content lenth: %s' % (newtitle,code,lenth)
except:pass
write_file(newurl,handle_ext(output_file)+'/%s_alive_urls.txt' % handle_ext_old(target))
alllink,alllinks,emails,ips = [],[],[],[]
if title_filter not in newtitle and filter_list(module=newtitle,filter_list=title_filter_list):
try:
alllink,alllinks,emails,ips = getallink(newurl,content)
except Exception,e:
# print traceback.format_exc()
pass
try:
write_file('<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s b</td><td><font color="blue">%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n' % (newurl,newurl,ip,code,newtitle,lenth,alllinks,emails,ips),output_file)
except Exception,e:
# print traceback.format_exc()
print '[!] output_error'
write_file(newurl,handle_ext(output_file)+output_error_file)
pass
else:
def configure_vim():
"""
Writes my prefered vim config
:return: Whether the operation was successful
"""
return write_file(FILE_VIMRC, CONFIG_VIM)
checkDir(args.single, target=args.single, module='single')
output_filename = report_filename(target=args.single, argmodule='single')
result_paging(filename=output_filename, module='')
# -f
if args.fastscan:
handle_cmd = complete_use(args.fastscan)
domains = open_file(targets_path + handle_cmd)
print '[+] Get %d task.' % len(domains)
for domain in domains:
checkFast(domain, target=handle_cmd, module='fastscan')
output_filename = report_filename(target=handle_cmd, argmodule='fastscan')
portscan_opens_handle = ip_counter(filename=handle_ext(output_filename) +
portscan_opens_file)
write_file(
portscan_opens_handle,
'%s%s_cip.txt' % (targets_path, '.'.join(handle_cmd.split('.')[:-1])))
result_paging(filename=output_filename, module='fast')
# thread_run(domains,args_target=handle_cmd,module='fastscan',scanfunc=checkFast)
# -d
if args.dirscan:
handle_cmd = complete_use(args.dirscan)
domains = open_file(targets_path + handle_cmd)
print '[+] Get %d task.' % len(domains)
# thread_run(domains,args_target=handle_cmd,module='dirscan',scanfunc=checkDir)
for domain in domains:
checkDir(domain, target=handle_cmd, module='dirscan')
output_filename = report_filename(target=handle_cmd, argmodule='dirscan')
portscan_opens_handle = ip_counter(filename=handle_ext(output_filename) +
portscan_opens_file)