def __run_attacks_main():
which_log_to_use = {
"dork": URL_LOG_PATH,
"spider": SPIDER_LOG_PATH
}
options = (opt.useRandomDork, opt.dorkToUse, opt.dorkFileToUse)
to_use = which_log_to_use["dork"] if any(options) is True else which_log_to_use["spider"]
try:
urls_to_use = get_latest_log_file(to_use)
except TypeError:
urls_to_use = None
if urls_to_use is None:
logger.error(set_color(
"unable to run attacks appears that no file was created for the retrieved data...", level=40
))
shutdown()
if opt.runSqliScan or opt.runPortScan or opt.intelCheck or opt.adminPanelFinder or opt.runXssScan:
with open(urls_to_use) as urls:
for url in urls.readlines():
__run_attacks(
url.strip(),
sqlmap=opt.runSqliScan, nmap=opt.runPortScan, intel=opt.intelCheck, xss=opt.runXssScan,
admin=opt.adminPanelFinder, given_path=opt.givenSearchPath,
auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch
)
def request_issue_creation():
question = prompt(
"would you like to create an anonymous issue and post it to Zeus's Github",
opts="yN")
if question.lower().startswith("n"):
logger.error(
set_color(
"Zeus has experienced an internal error and cannot continue, shutting down...",
level=40))
shutdown()
fix_log_file()
logger.info(
set_color(
"Zeus got an unexpected error and will automatically create an issue for this error, please wait..."
))
def __extract_stacktrace(file_data):
logger.info(set_color("extracting traceback from log file..."))
retval, buff_mode, _buffer = [], False, ""
with open(file_data, "r+") as log:
for line in log:
if "Traceback" in line:
buff_mode = True
if line and len(line) < 5:
buff_mode = False
retval.append(_buffer)
_buffer = ""
if buff_mode:
if len(line) > 400:
line = line[:400] + "...\n"
_buffer += line
return "".join(retval)
logger.info(set_color("getting authorization..."))
encoded = __get_encoded_string()
n = get_decode_num(encoded)
token = decode(n, encoded)
current_log_file = get_latest_log_file(CURRENT_LOG_FILE_PATH)
stacktrace = __extract_stacktrace(current_log_file)
issue_title = stacktrace.split("\n")[-2]
issue_data = {
"title":
issue_title,
"body":
"Zeus version:\n`{}`\n\n"
"Error info:\n```{}````\n\n"
"Running details:\n`{}`\n\n"
"Commands used:\n`{}`\n\n"
"Log file info:\n```{}```".format(VERSION, str(stacktrace),
str(platform.platform()),
" ".join(sys.argv),
open(current_log_file).read()),
}
_json_data = json.dumps(issue_data)
if sys.version_info > (3, ):
_json_data = _json_data.encode("utf-8")
try:
req = urllib2.Request(
url="https://api.github.com/repos/ekultek/zeus-scanner/issues",
data=_json_data,
headers={"Authorization": "token {}".format(token)})
urllib2.urlopen(req, timeout=10).read()
logger.info(
set_color(
"issue has been created successfully with the following name '{}'..."
.format(issue_title)))
except Exception as e:
logger.exception(
set_color("failed to auto create the issue, got exception '{}', "
"you may manually create an issue...".format(e),
level=50))
"""
opts_being_used = []
for o, v in opt.__dict__.items():
if v is not None:
opts_being_used.append((o, v))
return dict(opts_being_used)
if opt.runInVerbose:
being_run = __find_running_opts()
logger.debug(set_color(
"running with options '{}'...".format(being_run), level=10
))
logger.info(set_color(
"log file being saved to '{}'...".format(get_latest_log_file(CURRENT_LOG_FILE_PATH))
))
if opt.showRequestInfo:
logger.debug(set_color(
"showing all HTTP requests because --show-requests flag was used...", level=10
))
http_client.HTTPConnection.debuglevel = 1
def __choose_attack(choice, attacks):
while True:
if int(choice) in range(len(attacks)):
return int(choice)
else:
logger.warning(set_color(
"{} is not a valid choice...".format(choice)
"""
opts_being_used = []
for o, v in opt.__dict__.items():
if v is not None:
opts_being_used.append((o, v))
return dict(opts_being_used)
if opt.runInVerbose:
being_run = __find_running_opts()
logger.debug(set_color(
"running with options '{}'...".format(being_run), level=10
))
logger.info(set_color(
"log file being saved to '{}'...".format(get_latest_log_file(CURRENT_LOG_FILE_PATH))
))
if opt.showRequestInfo:
logger.debug(set_color(
"showing all HTTP requests because --show-requests flag was used...", level=10
))
http_client.HTTPConnection.debuglevel = 1
def __choose_attack(choice, attacks):
while True:
if int(choice) in range(len(attacks)):
return int(choice)
else:
logger.warning(set_color(
"{} is not a valid choice...".format(choice)
"""
opts_being_used = []
for o, v in opt.__dict__.items():
if v is not None:
opts_being_used.append((o, v))
return dict(opts_being_used)
if opt.runInVerbose:
being_run = __find_running_opts()
logger.debug(
set_color("running with options '{}'...".format(being_run),
level=10))
logger.info(
set_color("log file being saved to '{}'...".format(
get_latest_log_file(CURRENT_LOG_FILE_PATH))))
if opt.showRequestInfo:
logger.debug(
set_color(
"showing all HTTP requests because --show-requests flag was used...",
level=10))
http_client.HTTPConnection.debuglevel = 1
def __config_headers():
"""
configure the request headers, this will configure user agents and proxies
"""
if opt.proxyConfig is not None:
proxy = opt.proxyConfig
elif opt.proxyFileRand is not None: