def __profiles():
"""
all available profiles for API
Returns:
HTML content or available profiles
"""
profiles = _builder(_profiles(), default_profiles())
synonyms = _synonym_profile().keys()
for synonym in synonyms:
del (profiles[synonym])
res = ""
for profile in profiles:
label = "success" if (profile == "scan") else "warning" if (
profile == "brute") else "danger" if (
profile == "vulnerability") else "default"
res += """<label><input id="{0}" type="checkbox" class="checkbox checkbox-{0}"><a class="label
label-{1}">{0}</a></label> """.format(
profile, label)
return res
def __rules(config, defaults, language):
"""
Load ARGS from API requests and apply the rules
Args:
config: all user config
defaults: default config
language: language
Returns:
config with applied rules
"""
# Check Ranges
config["check_ranges"] = True if config[
"check_ranges"] is not False else False
# Check Subdomains
config["check_subdomains"] = True if config[
"check_subdomains"] is not False else False
# Check Graph
config["graph_flag"] = config["graph_flag"] if config[
"graph_flag"] in load_all_graphs() else None
# Check Language
config["language"] = config["language"] if config["language"] in list(
messages(-1, 0)) else "en"
# Check Targets
if config["targets"] is not None:
config["targets"] = list(set(config["targets"].rsplit(",")))
else:
abort(400, messages(language, "error_target"))
# Check Log File
try:
f = open(config["log_in_file"], "a")
f.close()
except:
abort(
400,
messages(language,
"file_write_error").format(config["log_in_file"]))
# Check Method ARGS
methods_args = config["methods_args"]
if methods_args is not None:
new_methods_args = {}
methods_args = methods_args.rsplit("&")
for imethod_args in methods_args:
if len(imethod_args.rsplit("=")) == 2:
new_methods_args[imethod_args.rsplit("=")
[0]] = imethod_args.rsplit("=")[1].rsplit(",")
else:
new_methods_args[imethod_args] = ["True"]
methods_args = new_methods_args
config["methods_args"] = methods_args
# Check Passwords
config["passwds"] = config["passwds"].rsplit(
',') if config["passwds"] is not None else None
# Check Ping Before Scan
config["ping_flag"] = True if config["ping_flag"] is not False else False
# Check Ports
ports = config["ports"]
if type(ports) is not list and ports is not None:
tmp_ports = []
for port in ports.rsplit(','):
try:
if '-' not in port:
if int(port) not in tmp_ports:
tmp_ports.append(int(port))
else:
t_ports = range(int(port.rsplit('-')[0]),
int(port.rsplit('-')[1]) + 1)
for p in t_ports:
if p not in tmp_ports:
tmp_ports.append(p)
except:
abort(400, messages(language, "ports_int"))
if len(tmp_ports) == 0:
ports = None
else:
ports = tmp_ports[:]
config["ports"] = ports
# Check Profiles
if config["profile"] is not None:
_all_profiles = _builder(_profiles(), default_profiles())
synonyms = _synonym_profile().keys()
for synonym in synonyms:
del (_all_profiles[synonym])
if config["scan_method"] is None:
config["scan_method"] = ""
else:
config["scan_method"] += ","
if "all" in config["profile"].rsplit(","):
config["profile"] = ",".join(_all_profiles)
tmp_sm = config["scan_method"]
for pr in config["profile"].rsplit(","):
try:
for sm in _all_profiles[pr]:
if sm not in tmp_sm.rsplit(","):
tmp_sm += sm + ","
except:
abort(400, messages(language, "profile_404").format(pr))
if tmp_sm[-1] == ",":
tmp_sm = tmp_sm[0:-1]
config["scan_method"] = ",".join(list(set(tmp_sm.rsplit(","))))
# Check retries
try:
config["retries"] = int(config["retries"])
except:
config["retries"] = defaults["retries"]
# Check Scanning Method
if config["scan_method"] is not None and "all" in config[
"scan_method"].rsplit(","):
config["scan_method"] = load_all_modules()
config["scan_method"].remove("all")
elif config["scan_method"] is not None and len(
config["scan_method"].rsplit(
",")) == 1 and "*_" not in config["scan_method"]:
if config["scan_method"] in load_all_modules():
config["scan_method"] = config["scan_method"].rsplit()
else:
abort(
400,
messages(language, "scan_module_not_found").format(
config["scan_method"]))
else:
if config["scan_method"] is not None:
if config["scan_method"] not in load_all_modules():
if "*_" in config["scan_method"] or "," in config[
"scan_method"]:
config["scan_method"] = config["scan_method"].rsplit(",")
scan_method_tmp = config["scan_method"][:]
for sm in scan_method_tmp:
scan_method_error = True
if sm.startswith("*_"):
config["scan_method"].remove(sm)
found_flag = False
for mn in load_all_modules():
if mn.endswith("_" + sm.rsplit("*_")[1]):
config["scan_method"].append(mn)
scan_method_error = False
found_flag = True
if found_flag is False:
abort(
400,
messages(language,
"module_pattern_404").format(sm))
elif sm == "all":
config["scan_method"] = load_all_modules()
scan_method_error = False
config["scan_method"].remove("all")
break
elif sm in load_all_modules():
scan_method_error = False
elif sm not in load_all_modules():
abort(
400,
messages(language,
"scan_module_not_found").format(sm))
else:
scan_method_error = True
if scan_method_error:
abort(
400,
messages(language, "scan_module_not_found").format(
config["scan_method"]))
else:
abort(400, messages(language, "scan_method_select"))
config["scan_method"] = list(set(config["scan_method"]))
# Check Socks Proxy
socks_proxy = config["socks_proxy"]
if socks_proxy is not None:
e = False
if socks_proxy.startswith("socks://"):
socks_flag = 5
socks_proxy = socks_proxy.replace("socks://", "")
elif socks_proxy.startswith("socks5://"):
socks_flag = 5
socks_proxy = socks_proxy.replace("socks5://", "")
elif socks_proxy.startswith("socks4://"):
socks_flag = 4
socks_proxy = socks_proxy.replace("socks4://", "")
else:
socks_flag = 5
if "://" in socks_proxy:
socks_proxy = socks_proxy.rsplit("://")[1].rsplit("/")[0]
try:
if len(socks_proxy.rsplit(":")) < 2 or len(
socks_proxy.rsplit(":")) > 3:
e = True
elif len(socks_proxy.rsplit(":")) == 2 and socks_proxy.rsplit(
":")[1] == "":
e = True
elif len(socks_proxy.rsplit(":")) == 3 and socks_proxy.rsplit(
":")[2] == "":
e = True
except:
e = True
if e:
abort(400, messages(language, "valid_socks_address"))
if socks_flag == 4:
socks_proxy = "socks4://" + socks_proxy
if socks_flag == 5:
socks_proxy = "socks5://" + socks_proxy
config["socks_proxy"] = socks_proxy
# Check thread numbers
try:
config["thread_number"] = int(config["thread_number"])
except:
config["thread_number"] = defaults["thread_number"]
# Check thread number for hosts
try:
config["thread_number_host"] = int(config["thread_number_host"])
except:
config["thread_number_host"] = defaults["thread_number_host"]
# Check time sleep
try:
config["time_sleep"] = float(config["time_sleep"])
except:
config["time_sleep"] = defaults["time_sleep"]
# Check timeout sec
try:
config["timeout_sec"] = int(config["timeout_sec"])
except:
config["thread_number_host"] = defaults["thread_number_host"]
# Check users
config["users"] = config["users"].rsplit(
',') if config["users"] is not None else None
return config