class WebPathBruteService(ApiService):
def __init__(self):
self._db = Database('webpath-brute')
self.wordlist = Wordlist()
def _exploit(self):
self._db.set_status(RUNNING)
path_brute = WebPathBrute(
self._db.task['settings']['target'],
self.wordlist.pops(self._db.task['settings']['wordlist']))
path_brute.start()
self._db.reports['reports']['webpath'] = path_brute.web_paths
self._db.save_reports()
self._db.task['time']['end'] = str(datetime.datetime.now())
self._db.task['status'] = COMPLETE
self._db.update_task()
@route('/brute/webpath', methods=['POST'])
def webpath(self):
#{"name":"test", "description":"", "target":"http://172.16.81.173", "wordlist":"e5242135a6402b5de0e92a59890f4d7b"}
self._db.task['settings'] = request.json
self._db.task['time']['start'] = str(datetime.datetime.now())
id = self._db.save_task()
p = Process(target=self._exploit)
p.start()
Content.process_map[id] = p
return json.dumps({'id': id}), 201
class MasscanService(ApiService):
def __init__(self):
self._db = Database('masscan-scan')
def _exploit(self):
self._db.set_status(RUNNING)
self._db.reports['reports'] = Masscan().scan(
self._db.task['settings']['target'],
self._db.task['settings']['ports'],
'--rate=%d' % self._db.task['settings']['rate'] +
' '.join(self._db.task['settings']['option']))
self._db.save_reports()
self._db.task['time']['end'] = str(datetime.datetime.now())
self._db.task['status'] = COMPLETE
self._db.update_task()
@route('/scan/masscan', methods=['POST'])
def masscan(self):
#{"name":"test", "description":"", "target":"172.16.80.125", "ports":"22,443-2000", "rate":1000, "option":["--banner"]}
self._db.task['settings'] = request.json
self._db.task['time']['start'] = str(datetime.datetime.now())
id = self._db.save_task()
p = Process(target=self._exploit)
p.start()
Content.process_map[id] = p
return json.dumps({'id': id}), 201
class LoginBruteService(ApiService):
def __init__(self):
self._db = Database('login-brute')
self.wordlist = Wordlist()
def _exploit(self):
for protocol in self._db.task['settings']['protocols']:
for proto in protocol:
login_brute = LoginBrute(
proto,
target=self._db.task['settings']['target'],
users=self.wordlist.pops2(
self._db.task['settings']['wordlist']['users']),
passwds=self.wordlist.pops2(
self._db.task['settings']['wordlist']['passwds']),
port=protocol[proto])
login_brute.start()
self._db.reports['reports']['login'] = {}
self._db.reports['reports']['login'][
proto] = login_brute.successes
self._db.save_reports()
self._db.task['time']['end'] = str(datetime.datetime.now())
self._db.task['status'] = COMPLETE
self._db.update_task()
@route('/brute/login', methods=['POST'])
def login(self):
#{"name":"test", "description":"", "target":"172.16.81.173", "protocols":[{"mysql":3306}], "wordlist":{"users":"eeb6151104b9ebf2d4425b6b8ab3b218", "passwds":"3953d58dbd64c6f6627e887bc7d6ff60"}}
self._db.task['settings'] = request.json
self._db.task['time']['start'] = str(datetime.datetime.now())
id = self._db.save_task()
p = Process(target=self._exploit)
p.start()
Content.process_map[id] = p
return json.dumps({'id': id}), 201
class DnsService(ApiService):
def __init__(self):
self._db = Database('dns-brute')
self.wordlist = Wordlist()
def _exploit(self):
self._db.set_status(RUNNING)
dns_brute = DnsBrute(self._db.task['settings']['target'],
self.wordlist.pops(
self._db.task['settings']['wordlist']),
ex=self._db.task['settings']['extend'] == 'true')
dns_brute.start()
self._db.reports['reports']['dns'] = dns_brute.subdomains_soc
self._db.save_reports()
self._db.task['time']['end'] = str(datetime.datetime.now())
self._db.task['status'] = COMPLETE
self._db.update_task()
@route('/brute/dns', methods=['POST'])
def brute(self):
#{"name":"test", "description":"", "target":"baidu.com", "wordlist":"03391d79116b09c318e27fee0ed0eb73", "extend": "true"}
self._db.task['settings'] = request.json
self._db.task['time']['start'] = str(datetime.datetime.now())
id = self._db.save_task()
p = Process(target=self._exploit)
p.start()
Content.process_map[id] = p
return json.dumps({'id': id}), 201
#/dns/baidu.com/txt?dns=8.8.8.8&port=54&timeout=10
@route('/dns/<domain>/<type>')
@route('/dns/<domain>/')
def query(self, domain, type='ANY'):
type = type.upper()
if (type in query_types) is False:
return json.dumps({'error': '%s not supported' % type}), 200
dns_server = request.args.get('dns')
dns_port = request.args.get('port')
timeout = request.args.get('timeout')
dns_server = (dns_server is None) and '114.114.114.114' or dns_server
dns_port = (dns_port is None) and 53 or int(dns_port)
timeout = (timeout is None) and 5 or int(timeout)
try:
return json.dumps({
'dns': {
type:
query2(domain,
type,
dns_server=dns_server,
dns_port=dns_port,
timeout=timeout)
},
'error': ''
}), 200
except socket.timeout:
return json.dumps({'error': 'timeout'}), 200
@route('/dns/zonetransfer/<domain>')
def zonetransfer(self, domain):
return json.dumps({
'dns': {
'zonetransfer': zonetransfer(domain)
},
'error': ''
}), 200
