def exploit(self):
ip = []
is_cdn = False
logger.warn('DNS resolve starting of target {}'.format(self.target_netloc))
match_result = re.compile('flightHandler\((.*?)\)')
url = 'http://ping.aizhan.com/?r=site/PingResult&callback=flightHandler&type=ping&id={}'
data = requests.get(url.format(self.target_netloc)).content
result = match_result.findall(data)
if not result:
logger.critical('Failed to get ping result of target {}'.format(self.target_netloc))
return
result = json.loads(result[0])
if 'status' in result and result['status'] == 500:
logger.critical('Failed to get ping result of target {}'.format(self.target_netloc))
return
for i in result:
logger.info(u'IP address of {} ({}): {}'.format(self.target_netloc, result[i]['monitor_name'],
result[i]['ip']))
ip.append(result[i]['ip'])
if len(set(ip)) > 2:
logger.warn('It seems target use CDN according to the result'.format(self.target_netloc))
is_cdn = True
return {'result': {'is_cdn': is_cdn, 'ip': ip}, 'status': True}
def exploit(self):
ip = []
is_cdn = False
logger.warn('DNS resolve starting of target {}'.format(
self.target_netloc))
match_result = re.compile('flightHandler\((.*?)\)')
url = 'http://ping.aizhan.com/?r=site/PingResult&callback=flightHandler&type=ping&id={}'
data = requests.get(url.format(self.target_netloc)).content
result = match_result.findall(data)
if not result:
logger.critical('Failed to get ping result of target {}'.format(
self.target_netloc))
return
result = json.loads(result[0])
if 'status' in result and result['status'] == 500:
logger.critical('Failed to get ping result of target {}'.format(
self.target_netloc))
return
for i in result:
logger.info(u'IP address of {} ({}): {}'.format(
self.target_netloc, result[i]['monitor_name'],
result[i]['ip']))
ip.append(result[i]['ip'])
if len(set(ip)) > 2:
logger.warn(
'It seems target use CDN according to the result'.format(
self.target_netloc))
is_cdn = True
return {'result': {'is_cdn': is_cdn, 'ip': ip}, 'status': True}
def abort(filename):
logger = logging.getLogger(get_all_caller())
logger.critical('You quit!')
header = "type,x-pos,y-pos,z-pos,first scan time" + ",time_%s"*(len(data[0,:])-5) %tuple(range((len(data[0,:])-5)))
np.savetxt("%s%s_abort.txt" %(savedir,filename), data,fmt='%s', delimiter=",", header=header)
logger.info('Aborted file saved as %s%s_abort.txt' %(savedir,filename))
sys.exit(0)
def on_message(client, userdata, msg):
# logger.debug('Received {} from Keyboard'.format(msg.payload))
stub = userdata['stub']
vehicle = userdata['vehicle']
command = map(int, msg.payload.split(','))
if oa.STOP in command:
# print 'brake'
client.publish('ACK', 'ack')
vehicle.brake()
return
userdata['semi_id'] = userdata['semi_id'] + 1
message = {'id': userdata['semi_id'], 'actions': command}
logger.debug('Send {} to Lidar'.format(message))
try:
id, actions = stub.SemiAuto(message)
logger.debug('Received id:{} actions:{} from Lidar'.format(
id, actions))
if id != userdata['semi_id']:
logger.error('ID not match.Note:ExceptID:{} ReceiveID:{}'.format(
userdata['semi_id'], id))
return
exe_actions(vehicle, actions)
except grpc.RpcError, e:
logger.critical(e)
def open_serial(portname, baudrate, timeout=None):
while True:
try:
# print("port:{0},baudrate:{1}".format(portname, baudrate))
com = serial.Serial(portname, baudrate, timeout=timeout)
return com
except serial.SerialException, e:
logger.critical(e)
time.sleep(1)
def single_mode(self):
# TODO: 多线程什么鬼的..要改要改
result = exploit.run('dns_resolve', target=self.target)
if not result.get('status'):
logger.error('Something wrong, do you want to continue?[y/N]:')
if not raw_input().lower() == 'y':
logger.critical('User abort, quit.')
return
if result.get('result').get('is_cdn'):
logger.warn('Target is using CDN, port scan skipped.')
def AI_Auto(self, request, context):
CancelWatcher = True
id = request.id
if lidar is None:
logger.critical('Lidar object is not initialized')
result = False
else:
# result = self.lidar.Auto()
self.pool.apply_async(self.lidar.Auto)
result = True
response = {'id': id, 'ack': result}
return mc_rpc_pb2.response(**response)
def run(exploit, target, port=None, **extra_arg):
if not exploit:
raise Exception('No exploit script to run')
if not os.path.exists('scripts/{}.py'.format(exploit)):
raise ImportError('scripts.{}'.format(exploit))
module = __import__('scripts.{}'.format(exploit))
exp = module.__dict__[exploit]
if 'Exploit' not in exp.__dict__:
raise Exception('Exploit class not exist')
try:
exp = exp.Exploit(target=target, port=port, **extra_arg)
return exp.run()
except Exception, e:
traceback.print_exc()
logger.critical('Exploit script RuntimeError: {}'.format(str(e)))
class Lidar(object):
__metaclass__ = Singleton
def __init__(self, vehicle):
self.full_id = 0
self.semi_id = 0
self.Epsilon_Min = 20
self.vehicle = vehicle
self.stub = OA_Stub()
userdata = {
'stub': self.stub,
'semi_id': self.semi_id,
'vehicle': vehicle
}
self.client = init_mqtt(userdata)
self.client.loop_start()
def full_auto(self):
watcher = CancelWatcher()
interval = 2
radius = self.vehicle.radius
try:
target = self.vehicle.get_target()
CLocation = self.vehicle.get_location()
CYaw = self.vehicle.get_heading()
angle = angle_heading_target(CLocation, target, CYaw)
self.vehicle.condition_yaw(angle)
except AssertionError, e:
logger.error(e)
self.vehicle.brake()
return False
logger.info('vehicle turn compelet')
retry_times = 0
while not watcher.IsCancel() and retry_times < 5:
try:
context = self.full_auto_context(self.vehicle._state)
logger.debug('Send to lidar {}'.format(context))
if context == True:
logger.info("Reached Target!")
self.vehicle.brake()
return True
except AssertionError, e:
logger.error(e)
self.vehicle.brake()
return False
try:
id, actions = self.stub.FullAuto(context)
logger.debug('Receive from lidar {}'.format(actions))
except grpc.RpcError, e:
logger.critical(e)
self.vehicle.brake()
return False
def semi_auto(self, command):
if command not in [
oa.LEFT_ROLL, oa.RIGHT_ROLL, oa.FORWARD, oa.BACKWARD
]:
logger.error('command:{} is invalid'.format(command))
return
self.semi_id = self.semi_id + 1
message = {'id': self.semi_id, 'actions': [command]}
logger.debug('Send {} to Lidar'.format(message))
try:
id, actions = self.stub.SemiAuto(message)
logger.debug('Received id:{} actions:{} from Lidar'.format(
id, actions))
if id != self.semi_id:
logger.error(
'ID not match.Note:ExpectID:{} ReceiveID:{}'.format(
self.semi_id, id))
return
exe_actions(self.vehicle, actions)
except grpc.RpcError, e:
logger.critical(e)
datefmt='%Y-%m-%d %H:%M:%S'
)
stdout_log = logging.StreamHandler(sys.stdout)
stdout_log.setFormatter(formatter)
logger.addHandler(stdout_log)
args = docopt(__doc__)
ip_addrs = args['<ip>']
if args['--input-file']:
try:
with open(args['--input-file'], 'r') as _f:
ip_addrs = [ip.strip() for ip in _f.readlines()]
except IOError as exc:
logger.critical(exc)
sys.exit(0)
# проверка ip адресов
not_valid_ip = False
for ip in ip_addrs:
if not ip_validate(ip):
logger.error(
'Not valid ip address - %s' % ip
)
not_valid_ip = True
if not_valid_ip:
logger.critical(
'Some ip addresses not valid'
)
def dump(self):
"""Dumps the list of endpoints registered with the mapper
listening at addr. self.__remoteName is a valid host name or IP
address in string format.
"""
logger.info('Retrieving endpoint list from %s' % self.__remoteName)
entries = []
stringbinding = self.KNOWN_PROTOCOLS[
self.__port]['bindstr'] % self.__remoteName
logger.debug('StringBinding %s' % stringbinding)
rpctransport = transport.DCERPCTransportFactory(stringbinding)
rpctransport.set_dport(self.__port)
if self.KNOWN_PROTOCOLS[self.__port]['set_host']:
rpctransport.setRemoteHost(self.__remoteHost)
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.__username, self.__password,
self.__domain, self.__lmhash,
self.__nthash)
try:
entries = self.__fetchList(rpctransport)
except Exception as e:
logger.critical('Protocol failed: %s' % e)
# Display results.
endpoints = {}
# Let's groups the UUIDS
for entry in entries:
binding = epm.PrintStringBinding(entry['tower']['Floors'],
rpctransport.getRemoteHost())
tmpUUID = str(entry['tower']['Floors'][0])
if (tmpUUID in endpoints) is not True:
endpoints[tmpUUID] = {}
endpoints[tmpUUID]['Bindings'] = list()
if uuid.uuidtup_to_bin(
uuid.string_to_uuidtup(tmpUUID))[:18] in epm.KNOWN_UUIDS:
endpoints[tmpUUID]['EXE'] = epm.KNOWN_UUIDS[
uuid.uuidtup_to_bin(uuid.string_to_uuidtup(tmpUUID))[:18]]
else:
endpoints[tmpUUID]['EXE'] = 'N/A'
endpoints[tmpUUID]['annotation'] = entry['annotation'][:-1].decode(
'utf-8')
endpoints[tmpUUID]['Bindings'].append(binding)
if tmpUUID[:36] in epm.KNOWN_PROTOCOLS:
endpoints[tmpUUID]['Protocol'] = epm.KNOWN_PROTOCOLS[
tmpUUID[:36]]
else:
endpoints[tmpUUID]['Protocol'] = "N/A"
# print "Transfer Syntax: %s" % entry['Tower']['Floors'][1]
for endpoint in list(endpoints.keys()):
print("Protocol: %s " % endpoints[endpoint]['Protocol'])
print("Provider: %s " % endpoints[endpoint]['EXE'])
print("UUID : %s %s" %
(endpoint, endpoints[endpoint]['annotation']))
print("Bindings: ")
for binding in endpoints[endpoint]['Bindings']:
print(" %s" % binding)
print("")
if entries:
num = len(entries)
if 1 == num:
logger.info('Received one endpoint.')
else:
logger.info('Received %d endpoints.' % num)
else:
logger.info('No endpoints found.')
def run(self):
runner = self.__class__.__dict__.get('{}_mode'.format(self.mode))
if not runner:
logger.critical('Mode {} not exist, quit.'.format(self.mode))
return
runner(self)
fmt='%(asctime)s %(levelname)-8s %(message)s',
datefmt='%Y-%m-%d %H:%M:%S')
stdout_log = logging.StreamHandler(sys.stdout)
stdout_log.setFormatter(formatter)
logger.addHandler(stdout_log)
args = docopt(__doc__)
ip_addrs = args['<ip>']
if args['--input-file']:
try:
with open(args['--input-file'], 'r') as _f:
ip_addrs = [ip.strip() for ip in _f.readlines()]
except IOError as exc:
logger.critical(exc)
sys.exit(0)
# проверка ip адресов
not_valid_ip = False
for ip in ip_addrs:
if not ip_validate(ip):
logger.error('Not valid ip address - %s' % ip)
not_valid_ip = True
if not_valid_ip:
logger.critical('Some ip addresses not valid')
sys.exit(1)
if args['get-conf']:
if not args['--output']:
