def delete_1(path, name):
cmd1 = f'cd {path} && git rm {name}'
cmd2 = f'cd {path} && git commit -m "remove {name}"'
c1 = commands__(cmd1)
c2 = commands__(cmd2)
if not c1 or not c2:
red('[-]没有路径.')
red('[-]没有文件名.')
def add(path, filename='.'):
if filename == '.':
cmd1 = f'cd {path} && git add -A -- .'
else:
cmd1 = f'cd {path} && git add {filename}'
c1 = commands__(cmd1)
if not c1:
red('[-]没有路径.')
def POC_T(self, **kwargs):
for args in kwargs:
if 'sqli' == args:
ke1 = kwargs['sqli']
self.Install_POC_T()
helps = poc_t_helps
print_("""
######
POC_T
######
[1].批量POC验证.
[2].单个POC验证.
[h].帮助.
[0].返回菜单.
""")
f1, f2, f3 = get_POC_T_script()
ipt1 = input_('>')
if ipt1 is '1':
if not ke1:
ipt3 = input_('指纹名称>')
else:
ipt3 = ke1
f1, f2, f3 = get_POC_T_script()
for sf1 in f1:
with open('{}lib/script_name.txt'.format(self.root),
'a+') as w:
w.write(sf1 + '\n')
search_r = _grep(keyword=ipt3,
path='{}lib/script_name.txt'.format(self.root))
print('')
print('')
red('----------------------------')
print('')
for s1 in search_r:
line_number, line_content = s1
print(line_content)
green('----------------------------')
ipt4 = input_('选择脚本>')
ipt5 = input_('ZSearch_keyword>')
ipt6 = input_('页数>')
self.commands__(
cmd=
'python2 {}POC-T/POC-T.py -s {} -aZ "{}" --limit {} -luz {} -lup {}'
.format(self.root, ipt4, ipt5, ipt6, username_z, password_z))
self.main()
if ipt1 is '2':
pass
if ipt1 is 'h':
print_(helps)
if ipt1 is '0':
self.main()
def ip_or_domain_result_handle():
from main import Run
r1 = Run()
main = r1.main
print_("""
########
处理结果
########
1.查看结果.
2.结果提交到nmap扫描.
0.返回菜单.
""")
ipt1 = input_('>')
if ipt1 is '0':
main()
if ipt1 is '1':
filenames = get_filename(path=f'{root}lib/fping')
if not filenames:
red('[Error] fping 没有结果.')
return False
i = 1
for filename in filenames:
print_(str(i) + '. ' + filename)
i += 1
ipt1 = input_('>')
i = 1
for filename in filenames:
if str(i) == ipt1:
ipt1 = str(filename.replace(' ', '').replace('\n', ''))
break
i += 1
with open(f'{ipt1}', 'r') as r:
for line in r.readlines():
if re.findall(f'({regular(1)})(\.+)*', line):
ip = str(line.strip().replace(' ', '').replace('\n', ''))
if ip:
data = _red(ip)
print(data)
if ipt1 is '2':
filenames = get_filename(path=f'{root}lib/fping')
if not filenames:
red('[Error] fping 没有结果.')
return False
i = 1
for filename in filenames:
print_(str(i) + '. ' + filename)
i += 1
ipt1 = input_('>')
i = 1
for filename in filenames:
if str(i) == ipt1:
ipt1 = str(filename.replace(' ', '').replace('\n', ''))
break
i += 1
with open(f'{ipt1}', 'r') as r:
for line in r.readlines():
if re.findall(f'({regular(1)})(\.+)*', line):
ip = str(line.strip().replace(' ', '').replace('\n', ''))
if ip:
thread1 = Thread(target=port_scan, args=(ip, ip))
thread1.start()
def main(self):
content1 = """
{}
[1].信息收集.
[2].Web程序.
[3].黑盒测试工具包.
[4].Linux 工具.
[5].漏洞验证(POC).
[6].漏洞测试(FUZZ).
[7].note.
[8].内网攻击工具.
[9].内网扫描.
[10].漏洞分析.
[11].字典构造.
[12].Exploits.
[i].INIT.
[c].Clear.
[n].记录线索.
[0].退出.
""".format(logo)
print_(content1)
ipt1 = input_('>')
if not ipt1:
self.main()
if ipt1 is '1':
content2 = """
########
信息收集
########
1.子域名爆破.
2.URL采集.
3.Web目录扫描.
4.尝试找出cdn背后的真实ip.
5.九世信息收集工具.
6.指纹识别.
7.ABC段扫描.
0.返回菜单.
"""
print_(content2)
ipt2 = input_('>')
if not ipt2:
self.main()
if ipt2 is '1':
self.Run_subdns()
if ipt2 is '2':
self.Run_DiscoverTarget()
if ipt2 is '3':
print_("""
#######
选择工具
#######
1.dirmap.
2.DirBrute.
0.返回菜单.
""")
ipt3 = input_('>')
if not ipt3:
self.main()
if ipt3 is '1':
self.Run_dirmap()
if ipt3 is '2':
self.Run_DirBrute()
if ipt3 is '0':
self.main()
if ipt2 is '4':
if system_platform == 'kali':
self.Run_xcdn()
else:
red('[Error] xcdn run for kali.')
self.main()
if ipt2 is '5':
ipt1 = input_('URL>')
ipt2 = input_('Domain>')
c1 = jiushixxsj(url=ipt1, domain=ipt2)
if c1:
print_('九世信息收集工具配置完成...')
else:
print_('九世信息收集工具配置失败...')
self.commands__(
cmd='cd "{}信息收集工具" && python3 ./main.py'.format(self.root))
if ipt2 is '6':
print_("""
1.TideFinger.
2.whatweb.
0.返回菜单.
""")
ipt1 = input_('>')
if ipt1 == '1':
self.TideFinger()
self.main()
if ipt1 == '2':
self.whatweb()
self.main()
if ipt1 == '0':
self.main()
if ipt2 is '7':
print_("""
[A].A段扫描.
[B].B段扫描.
[C].C段扫描.
[r].查看结果.
""")
ipt2 = input_('>')
if ipt2 is 'r':
if ip_or_domain_result_handle():
time.sleep(3)
self.main()
else:
time.sleep(3)
self.main()
content1 = """
A段 前缀 8.
B段 前缀 16.
C段 前缀 24.
"""
a1 = grep(f'{ipt2}', content1)
print(a1)
ipt3 = input_('IP>')
ipt4 = input_('前缀>')
# self.commands__(f'fping -a -g "{ipt3}/{ipt4}" > {self.root}lib/fping_result.txt')
self.commands__(
f'fping -a -g "{ipt3}/{ipt4}" > {self.root}lib/fping_result.txt'
)
datas = _grep(f'({regular(1)})(\.+)*',
f'{self.root}lib/fping_result.txt',
regex=1,
highlight=0)
for data in datas:
line_number, line_content = data
if 'ICMP Host Unreachable from' not in line_content:
print(line_content.replace('\n', '').strip())
s1 = line_content.replace('\n', '').strip()
with open(f'{self.root}lib/fping/{ipt3}_{ipt4}.txt',
'a+') as w:
w.write(s1 + '\n')
self.commands__(f'rm -rf {self.root}lib/{ipt3}_{ipt4}.txt')
self.commands__(f'rm -rf {self.root}lib/fping_result.txt')
time.sleep(3)
self.main()
if ipt2 is '0':
self.main()
if ipt1 is '2':
print_("""
########
web程序
########
1.xwaf waf自动化绕过工具.
0.返回菜单.
""")
ipt2 = input_('>')
if ipt2 is '1':
if system_platform == 'kali':
self.Run_xwaf()
self.main()
else:
red('[Error] xwaf run for kali.')
self.main()
if ipt2 is '0':
self.main()
if ipt1 is '3':
print_("""
1.Fsociety.
0.返回菜单.
""")
ipt2 = input_('>')
if not ipt2:
self.main()
if ipt2 is '1':
if system_platform == 'kali':
self.Run_fsociety()
else:
red('[Error] fsociety run for kali.')
self.main()
if ipt2 is '0':
self.main()
if ipt1 is '4':
print_("""
##########
linux 工具
##########
[1].输出艺术字.
[2].获取工具的绝对路径.
[3].History.
[4].源配置.
[5].配置x11 vnc server.
[6].配置sftp.
[0].返回菜单.
""")
ipt2 = input_('>')
if ipt2 is '1':
ipt3 = input_('内容>')
self.commands__(cmd='figlet {}'.format(ipt3))
self.commands__(cmd='toilet {}'.format(ipt3))
self.main()
if ipt2 is '2':
ipt3 = input_('Tool name>')
c1 = self.commands_(cmd='whereis {}'.format(ipt3))
c2 = self.commands_(cmd='which {}'.format(ipt3))
data1 = grep(ipt3, c1)
data2 = grep(ipt3, c2)
print(data1)
print(data2)
if ipt2 is '3':
from os import popen
ipt1 = input_('Keyword>')
print_('history | grep "{}"'.format(ipt1))
if ipt2 is '4':
if system_platform == 'deepin':
print_('1.deepin 源配置.')
ipt1 = input_('>')
if ipt1 is '1':
c1 = self.commands__(
cmd=
f'sudo cp -v -r {self.root}bak/sources.list.deepin /etc/apt/sources.list'
)
c2 = self.commands__(cmd='sudo apt-get update')
if c1:
print_('deepin 源配置完成.')
else:
print_('deepin 源配置失败.')
self.main()
if system_platform == 'kali':
print_('1.kali 源配置.')
ipt1 = input_('>')
if ipt1 is '1':
c1 = self.commands__(
cmd=
f'sudo cp -v -r {self.root}bak/sources.list.kali /etc/apt/sources.list'
)
c2 = self.commands__(cmd='sudo apt-get update')
if c1:
print_('kali 源配置完成.')
else:
print_('kali 源配置失败.')
self.main()
if ipt2 is '5':
self.commands__('sudo apt-get -y install x11vnc')
self.commands__('x11vnc -storepasswd')
self.commands__('ip address')
self.commands__(
'x11vnc -auth guess -once -loop -noxdamage -repeat -rfbauth ~/.vnc/passwd -rfbport 5900 -shared'
)
if ipt2 is '6':
self.commands__('sudo apt-get -y install ssh')
if ipt2 is '0':
self.main()
if ipt1 is '5':
print_("""
############
漏洞验证(POC)
############
1.Xss
2.Sqli
3.Csrf
4.POC-T
0.返回菜单
""")
ipt2 = input_('>')
if ipt2 is '1':
pass
if ipt2 is '2':
self.POC_T(sqli='sqli')
if ipt2 is '3':
pass
if ipt2 is '4':
self.POC_T()
if ipt2 is '0':
self.main()
if ipt1 is '6':
print_("""
#############
漏洞测试(FUZZ)
#############
1.Xss
2.Sqli
3.Csrf
0.返回菜单
""")
ipt2 = input_('>')
if ipt2 is '1':
print_("""
####
Xss
####
1.XSStrike.
0.返回菜单.
""")
ipt3 = input_('>')
if ipt3 is '1':
self.xsstrike()
self.main()
if ipt3 is '0':
self.main()
if ipt2 is '0':
self.main()
if ipt1 is '7':
from src._note import note
note()
self.main()
if ipt1 is 'i':
self.commands__('{}lib/INIT'.format(self.root))
self.main()
if ipt1 is '8':
print_("""
############
内网攻击工具.
############
1.ARP欺骗.
0.返回菜单.
""")
ipt2 = input_('>')
if ipt2 is '1':
self.commands__(cmd='python2 {}src/arp.py'.format(self.root))
self.main()
if ipt2 is '0':
self.main()
if ipt1 is '9':
print_("""
############
内网扫描工具.
############
1.nbtscan.
0.返回菜单.
""")
ipt2 = input_('>')
if system_platform == 'kali':
if ipt2 is '1':
print_('例子:192.168.1.1/24')
ipt3 = input_('输入扫描的IP段>')
self.commands__(f'nbtscan -r {ipt3}')
self.main()
else:
red('[Error] nbtscan run for kali.')
if ipt2 is '0':
self.main()
if ipt1 == '10':
print_("""
########
漏洞分析
########
1.apache-users.
2.scann.py.
3.nikto.
4.nmap.
5.lynis
6.sparta
7.unix-privesc-check
8.goLismero
9.awvs.py
0.返回菜单.
""")
ipt2 = input_('>')
if ipt2 is '1':
if system_platform == 'kali':
pass
else:
red('[Error] apache_users run for kali.')
if ipt2 is '2':
self.commands__(f'python3 {self.root}scann.py')
self.main()
if ipt2 is '3':
pass
if ipt2 is '4':
self.nmap_script_exploit()
if ipt2 is '5':
if system_platform == 'kali':
pass
else:
red('[Error] lynis run for kali.')
if ipt2 is '6':
if system_platform == 'kali':
pass
else:
red('[Error] sparta run for kali.')
if ipt2 is '7':
if system_platform == 'kali':
pass
else:
red('[Error] unix-privesc-check run for kali.')
if ipt2 is '8':
if system_platform == 'kali':
pass
else:
red('[Error] goLismero run for kali.')
if ipt2 == '9':
try:
a1 = _awvs()
a1.main()
except:
from src.awvs import awvs as _awvs
a1 = _awvs()
a1.main()
if ipt2 is '0':
self.main()
if ipt1 == '11':
print_("""
########
字典构造
########
1.crunch.
0.返回菜单.
""")
ipt2 = input_('>')
if ipt2 == '1':
if system_platform == 'kali':
self.crunch()
self.main()
else:
red('[Error] crunch run for kali.')
if ipt2 == '0':
self.main()
if ipt1 == '12':
print_("""
#########
Exploits
#########
1.exp_2019_7_16_baopo.py
0.返回菜单.
""")
ipt2 = input_('>')
if ipt2 == '1':
pass
if ipt2 == '0':
self.main()
if ipt1 is 'c':
self.commands__(cmd='clear')
self.main()
if ipt1 is 'n':
thread1 = threading.Thread(target=self.commands__,
args=('gedit', ))
thread1.start()
if ipt1 is '0':
c1 = self.commands_(cmd=[
'sudo chmod +x {}lib/pyc_clear && bash {}lib/pyc_clear'.format(
self.root, self.root)
])
print_(c1)
exit(0)
if ipt1:
self.commands__(f'{ipt1}')
ipt2 = input_('返回菜单[y/n]>')
if ipt2 is 'y':
self.main()
if \
ipt2 is 'n' or \
not ipt2 or \
ipt2[0] in 'abcdefghijklmnopqrstuvwsyz' or \
ipt2[0] in 'ABCDEFGHIJKLMNOPQRSTUVWSYZ':
self.main()
def add_dm(path, url):
cmd1 = f'cd {path} && git remote add origin {url}'
c1 = commands__(cmd1)
if not c1:
red('[-]没有路径.')
def clong(path, url):
cmd1 = f'cd {path} && git clone {url}'
c1 = commands__(cmd1)
if not c1:
red('[-]没有路径.')
def status(path):
cmd1 = f'cd {path} && git status'
c1 = commands__(cmd1)
if not c1:
red('[-]没有路径.')
def tb(path):
cmd1 = f'cd {path} && git pull --tags origin master'
c1 = commands__(cmd1)
if not c1:
red('[-]没有路径.')
def ts(path):
cmd1 = f'cd {path} && git push -u origin master'
c1 = commands__(cmd1)
if not c1:
red('[-]没有路径.')
def tj(path, content):
cmd1 = f'cd {path} && git commit -m "{content}"'
c1 = commands__(cmd1)
if not c1:
red('[-]没有路径.')
