Esempio n. 1
0
def start(target):
    host = parse_ip(target)
    url = verify_https(target)
    if url:
        isopen = True
    else:
        isopen = False
    if isopen:
        data, apps = web_info(url)
    else:
        data = ''
        apps = {}
    if iscdn(host):
        open_port = ScanPort(url).pool()
    else:
        open_port = ['CDN:0']
    Vuln(url, host, open_port, apps).run()
    if isopen:
        if CRAWL:
            crawl(url).pool()
        if SCANDIR:
            dirscan = DirScan('result', apps)
            dirscan.pool(url)
    if data:
        web_save(data)
Esempio n. 2
0
def start(target, dbname='result'):
    if dbname != 'result':
        dbname = re.sub(r'.db', '', dbname)
    title = 'test'
    host = parse_ip(target)
    url = verify_https(target)
    if url:
        isopen = True
    else:
        isopen = False
    if isopen:
        data, apps, title = web_info(url)
    else:
        data = ''
        apps = {}
    if iscdn(host):
        open_port = ScanPort(url, dbname).pool()
    else:
        open_port = ['CDN:0']

    # 调用POC
    Vuln(url, host, open_port, apps, dbname).run()

    if isopen:
        if CRAWL:
            Crawl(url, dbname).pool()
        if SCANDIR:
            dirscan = DirScan(dbname, apps, url, title)
            dirscan.pool()
    if data:
        web_save(data, dbname)
Esempio n. 3
0
def web_info(url):
    host = parse_host(url)
    ipaddr = parse_ip(host)
    url = url.strip('/')
    address = geoip(ipaddr)
    wafresult = checkwaf(url)
    req = Requests()
    # noinspection PyBroadException
    try:
        r = req.get(url)
        coding = chardet.detect(r.content).get('encoding')
        r.encoding = coding
        webinfo = WebPage(r.url, r.text, r.headers).info()
    except Exception as e:
        logging.exception(e)
        webinfo = {}
    if webinfo:
        console('Webinfo', host, 'title: {}\n'.format(webinfo.get('title')))
        console('Webinfo', host,
                'Fingerprint: {}\n'.format(webinfo.get('apps')))
        console('Webinfo', host, 'Server: {}\n'.format(webinfo.get('server')))
        console('Webinfo', host, 'WAF: {}\n'.format(wafresult))
    else:
        webinfo = {}
        wafresult = 'None'
    if iscdn(host):
        osname = osdetect(host)
    else:
        osname = None

    data = {
        host: {
            'WAF': wafresult,
            'Ipaddr': ipaddr,
            'Address': address,
            'Webinfo': webinfo,
            'OS': osname,
        }
    }

    return data, webinfo.get('apps'), webinfo.get('title')
Esempio n. 4
0
def web_info(url):
    host = parse_host(url)
    ipaddr = parse_ip(host)
    url = url.strip('/')
    address = geoip(ipaddr)
    wafresult = checkwaf(url)
    req = Requests()
    try:
        r = req.get(url)
        coding = chardet.detect(r.content).get('encoding')
        r.encoding = coding
        webinfo = WebPage(r.url, r.text, r.headers).info()
    except Exception as e:
        webinfo = {}
    if webinfo:
        console('Webinfo', host, 'Title: {}\n'.format(webinfo.get('title')))
        console('Webinfo', host, 'Fingerprint: {}\n'.format(webinfo.get('apps')))
        console('Webinfo', host, 'Server: {}\n'.format(webinfo.get('server')))
        console('Webinfo', host, 'WAF: {}\n'.format(wafresult))
    else:
        webinfo = {}
        wafresult = 'None'
    if iscdn(host):
        osname = osdetect(host)
    else:
        osname = None
    pdns = virustotal(host)
    reverseip = reverse_domain(host)
    webinfo.update({"pdns": pdns})
    webinfo.update({"reverseip": reverseip})
    data = {
        host: {
            'WAF': wafresult,
            'Ipaddr': ipaddr,
            'Address': address,
            'Webinfo': webinfo,
            'OS': osname,
        }
    }
    return data, webinfo.get('apps')
Esempio n. 5
0
def iscdn(host):
    result = True
    # noinspection PyBroadException
    try:
        if not re.search(r'\d+\.\d+\.\d+\.\d+', host):
            host = parse_ip(host)
        for cdn in cdns:
            if ipaddress.ip_address(host) in ipaddress.ip_network(cdn):
                result = False
    except Exception:
        pass

    # noinspection PyBroadException
    try:
        with geoip2.database.Reader('data/GeoLite2-ASN.mmdb') as reader:
            response = reader.asn(host)
            for i in ASNS:
                if response.autonomous_system_number == int(i):
                    result = False
    except Exception:
        pass
    return result
Esempio n. 6
0
def start(url):
    host = parse_host(url)
    ipaddr = parse_ip(host)
    url = url.strip('/')
    sys.stdout.write(bcolors.RED + '-' * 100 + '\n' + bcolors.ENDC)
    sys.stdout.write(bcolors.RED + 'Host: ' + host + '\n' + bcolors.ENDC)
    sys.stdout.write(bcolors.RED + '-' * 100 + '\n' + bcolors.ENDC)
    address = geoip(ipaddr)
    try:
        # 判断主域名是否开放
        req = Requests()
        r = req.get(url)
    except Exception as e:
        pass
    if 'r' in locals().keys():
        wafresult = checkwaf(host)
        try:
            coding = chardet.detect(r.content).get('encoding')
            r.encoding = coding
            webinfo = (WebPage(r.url, r.text, r.headers).info())
        except Exception as e:
            webinfo = {}
        if webinfo:
            sys.stdout.write(bcolors.RED + "Webinfo:\n" + bcolors.ENDC)
            sys.stdout.write(bcolors.OKGREEN +
                             '[+] Title: {}\n'.format(webinfo.get('title')) +
                             bcolors.ENDC)
            sys.stdout.write(
                bcolors.OKGREEN +
                '[+] Fingerprint: {}\n'.format(webinfo.get('apps')) +
                bcolors.ENDC)
            sys.stdout.write(bcolors.OKGREEN +
                             '[+] Server: {}\n'.format(webinfo.get('server')) +
                             bcolors.ENDC)
            sys.stdout.write(bcolors.OKGREEN +
                             '[+] WAF: {}\n'.format(wafresult) + bcolors.ENDC)
    else:
        webinfo = {}
        wafresult = 'None'
    pdns = virustotal(host)
    reverseip = reverse_domain(host)
    webinfo.update({"pdns": pdns})
    webinfo.update({"reverseip": reverseip})
    if iscdn(host):
        open_port = ScanPort(url).pool()
    else:
        open_port = ['CDN:0']
    osname = osdetect(host)
    data = {
        host: {
            'WAF': wafresult,
            'Ipaddr': ipaddr,
            'Address': address,
            'Webinfo': webinfo,
            'OS': osname,
        }
    }
    web_save(data)
    Vuln(host, open_port, webinfo.get('apps')).run()
    if 'r' in locals().keys() and not SCANDIR:
        dirscan = DirScan('result')
        dirscan.pool(url)