def updateProgram():
success = False
if not os.path.exists(os.path.join(paths.w9scan_ROOT_PATH, ".git")):
errMsg = "not a git repository. Please checkout the 'boy-hack/w9scan' repository "
errMsg += "from GitHub (e.g. 'git clone --depth 1 https://github.com/boy-hack/w9scan.git w9scan')"
logger.critical(errMsg)
else:
infoMsg = "updating w9scan to the latest development version from the "
infoMsg += "GitHub repository"
logger.info("\r[%s] [INFO] %s" % (time.strftime("%X"), infoMsg))
debugMsg = "w9scan will try to update itself using 'git' command"
logger.info(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
try:
process = subprocess.Popen(
"git checkout . && git pull %s HEAD" % GIT_REPOSITORY,
shell=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
cwd=paths.w9scan_ROOT_PATH.encode(locale.getpreferredencoding())
) # Reference: http://blog.stastnarodina.com/honza-en/spot/python-unicodeencodeerror/
pollProcess(process, True)
stdout, stderr = process.communicate()
success = not process.returncode
except (IOError, OSError), ex:
success = False
stderr = getSafeExString(ex)
def main():
"""
Main function of w9scan when running from command line.
"""
try:
checkEnvironment() # 检测环境
setPaths(modulePath()) # 为一些目录和文件设置了绝对路径
banner()
urlconfig.url = raw_input('Input url > ')
urlconfig.url = makeurl(urlconfig.url)
urlconfig.scanport = False
input_scanport = raw_input('Need scan all ports ?(Y/N) (default N)> ')
if input_scanport.lower() in ("y", "yes"):
urlconfig.scanport = True
urlconfig.threadNum = raw_input(
'You need start number of thread(Recommendation number is 5) > ')
urlconfig.threadNum = int(urlconfig.threadNum)
e = Exploit_run(urlconfig.threadNum)
print '[***] ScanStart Target:%s' % urlconfig.url
e.load_modules("www", urlconfig.url)
e.run()
e.init_spider()
s = crawler.SpiderMain(urlconfig.url)
s.craw()
logger.report()
except KeyboardInterrupt:
logger.critical("[***] User Interrupt")
exit()
except Exception as info:
print "[xxx] MainError", info
exit()
def checkEnvironment():
try:
os.path.isdir(modulePath())
except UnicodeEncodeError:
errMsg = "your system does not properly handle non-ASCII paths. "
errMsg += "Please move the w9scan's directory to the other location"
logger.critical(errMsg)
raise SystemExit
if LooseVersion(VERSION) < LooseVersion("1.0"):
errMsg = "your runtime environment (e.g. PYTHONPATH) is "
errMsg += "broken. Please make sure that you are not running "
errMsg += "newer versions of w9scan with runtime scripts for older "
errMsg += "versions"
logger.critical(errMsg)
raise SystemExit
def checkEnvironment():
try:
os.path.isdir(modulePath())
except UnicodeEncodeError:
errMsg = "your system does not properly handle non-ASCII paths. "
errMsg += "Please move the w9scan's directory to the other location"
logger.critical(errMsg)
raise SystemExit
if LooseVersion(VERSION) < LooseVersion("1.0"):
errMsg = "your runtime environment (e.g. PYTHONPATH) is "
errMsg += "broken. Please make sure that you are not running "
errMsg += "newer versions of w9scan with runtime scripts for older "
errMsg += "versions"
logger.critical(errMsg)
raise SystemExit
def main():
"""
Main function of w9scan when running from command line.
"""
try:
checkEnvironment() # 检测环境
setPaths(modulePath()) # 为一些目录和文件设置了绝对路径
banner()
Test_Url = raw_input('Input url > ')
Test_Url = Test_Url.strip()
#Test_Url = "https://blog.hacking8.com/"
e = Exploit_run(Test_Url)
print '[***] ScanStart Target:%s' % Test_Url
e.load_modules("www", Test_Url)
logger.report()
except KeyboardInterrupt:
logger.critical("[***] UserInterrupt")
exit()
def main():
"""
Main function of w9scan when running from command line.
"""
try:
checkEnvironment() # 检测环境
setPaths(modulePath()) # 为一些目录和文件设置了绝对路径
banner()
Test_Url = raw_input('Input url > ')
Test_Url = Test_Url.strip()
#Test_Url = "https://blog.hacking8.com/"
e = Exploit_run(Test_Url)
print '[***] ScanStart Target:%s' % Test_Url
e.load_modules("www",Test_Url)
logger.report()
except KeyboardInterrupt:
logger.critical("[***] UserInterrupt")
exit()
def main():
"""
Main function of w9scan when running from command line.
"""
try:
checkEnvironment() # 检测环境
setPaths(modulePath()) # 为一些目录和文件设置了绝对路径
banner()
urlconfig.url = raw_input('Input url > ')
urlconfig.url = makeurl(urlconfig.url)
urlconfig.scanport = False
input_scanport = raw_input('Need scan all ports ?(Y/N) (default N)> ')
if input_scanport.lower() in ("y", "yes"):
urlconfig.scanport = True
urlconfig.threadNum = raw_input(
'You need start number of thread(Recommendation number is 5) > ')
urlconfig.threadNum = int(urlconfig.threadNum)
startTime = time.clock()
e = Exploit_run(urlconfig.threadNum)
print '[***] ScanStart Target:%s' % urlconfig.url
e.load_modules("www", urlconfig.url)
e.run()
e.init_spider()
s = crawler.SpiderMain(urlconfig.url)
time.sleep(0.5)
s.craw()
endTime = time.clock()
urlconfig.runningTime = endTime - startTime
e.report()
except KeyboardInterrupt:
logger.critical("[***] User Interrupt")
exit()
except Exception as info:
print "[xxx] MainError:", Exception, " :", info
errinfo = Get_lineNumber_fileName()
data = e.buildHtml.getData()
aax = "error:%s urlconfig:%s date:%s" % (errinfo, str(urlconfig), data)
createIssueForBlog(aax)
exit()
def main():
"""
Main function of w9scan when running from command line.
"""
try:
checkEnvironment() # 检测环境
setPaths(modulePath()) # 为一些目录和文件设置了绝对路径
banner()
# url config
urlconfig.url = raw_input('Input url > ')
urlconfig.url = urlconfig.url.strip()
urlconfig.scanport = False
input_scanport = raw_input('Need scan all ports ?(Y/N) (default N)> ')
if input_scanport.lower() in ("y", "yes"):
urlconfig.scanport = True
e = Exploit_run()
print '[***] ScanStart Target:%s' % urlconfig.url
e.load_modules("www", urlconfig.url)
logger.report()
except KeyboardInterrupt:
logger.critical("[***] UserInterrupt")
exit()
def main():
"""
Main function of w9scan when running from command line.
"""
checkEnvironment() # 检测环境
setPaths(modulePath()) # 为一些目录和文件设置了绝对路径
banner()
parser = argparse.ArgumentParser(description="w9scan scanner")
parser.add_argument("--update", help="update w9scan", action="store_true")
parser.add_argument("--guide", help="w9scan to guide", action="store_true")
parser.add_argument("-u", help="url")
parser.add_argument("-p", "--plugin", help="plugins")
parser.add_argument("-s", "--search", help="find infomation of plugin")
args = parser.parse_args()
urlconfig.mutiurl = False
urlconfig.url = []
if args.update:
updateProgram()
return 0
if args.search:
print(getPluginNum(args.search))
return 0
if args.u and args.plugin:
url = args.u
if url.startswith("@"):
urlconfig.mutiurl = True
fileName = url[1:]
try:
o = open(fileName, "r").readlines()
for u in o:
urlconfig.url.append(makeurl(u.strip()))
except IOError as error:
logger.critical("Filename:'%s' open faild" % fileName)
exit()
if len(o) == 0:
logger.critical("[xxx] The target address is empty")
exit()
print urlconfig.url
else:
urlconfig.url.append(makeurl(url))
urlconfig.scanport = False
urlconfig.find_service = False
urlconfig.threadNum = 5
urlconfig.deepMax = 100
urlconfig.diyPlugin = LIST_PLUGINS
startTime = time.clock()
e = Exploit_run(urlconfig.threadNum)
for u in urlconfig.url:
print('[***] ScanStart Target:%s' % u)
e.setCurrentUrl(u)
e.load_modules(args.plugin, u)
e.run()
time.sleep(0.01)
endTime = time.clock()
urlconfig.runningTime = endTime - startTime
e.report()
return 0
try:
inputUrl = raw_input('[1] Input url > ')
if inputUrl is '':
logger.critical("[xxx] You have to enter the url")
exit()
if inputUrl.startswith("@"):
urlconfig.mutiurl = True
fileName = inputUrl[1:]
try:
o = open(fileName, "r").readlines()
for url in o:
urlconfig.url.append(makeurl(url.strip()))
except IOError as error:
logger.critical("Filename:'%s' open faild" % fileName)
exit()
if len(o) == 0:
logger.critical("[xxx] The target address is empty")
exit()
print urlconfig.url
else:
urlconfig.url.append(makeurl(inputUrl))
print '[***] URL has been loaded:%d' % len(urlconfig.url)
print("[Tips] You can select these plugins (%s) or select all" %
(' '.join(LIST_PLUGINS)))
diyPlugin = raw_input("[2] Please select the required plugins > ")
if diyPlugin.lower() == 'all':
urlconfig.diyPlugin = LIST_PLUGINS
else:
urlconfig.diyPlugin = diyPlugin.strip().split(' ')
print "[***] You select the plugins:%s" % (' '.join(
urlconfig.diyPlugin))
urlconfig.scanport = False
urlconfig.find_service = False
if 'find_service' in urlconfig.diyPlugin:
urlconfig.find_service = True
input_scanport = raw_input(
'[2.1] Need you scan all ports ?(Y/N) (default N)> ')
if input_scanport.lower() in ("y", "yes"):
urlconfig.scanport = True
urlconfig.threadNum = raw_input(
'[3] You need start number of thread (default 5) > ')
if urlconfig.threadNum == '':
urlconfig.threadNum = 5
urlconfig.threadNum = int(urlconfig.threadNum)
urlconfig.deepMax = raw_input(
'[4] Set the depth of the crawler (default 200 | 0 don\'t use crawler ) > '
)
if urlconfig.deepMax == '':
urlconfig.deepMax = 100
startTime = time.clock()
e = Exploit_run(urlconfig.threadNum)
for url in urlconfig.url:
print('[***] ScanStart Target:%s' % url)
e.setCurrentUrl(url)
e.load_modules("www", url)
e.run()
if not urlconfig.mutiurl:
e.init_spider()
s = crawler.SpiderMain(url)
s.craw()
time.sleep(0.01)
endTime = time.clock()
urlconfig.runningTime = endTime - startTime
e.report()
except KeyboardInterrupt:
print("[***] User Interrupt")
exit()
except Exception as info:
logger.critical("[xxx] MainError: %s:%s" % (str(Exception), info))
data = e.buildHtml.getData()
aax = "error:%s urlconfig:%s date:%s" % (
str(Exception) + " " + str(info), str(urlconfig), data)
createIssueForBlog(aax)
exit()
def main():
"""
Main function of w9scan when running from command line.
"""
checkEnvironment() # 检测环境
setPaths(modulePath()) # 为一些目录和文件设置了绝对路径
banner()
parser = argparse.ArgumentParser(description="w9scan scanner")
parser.add_argument("--update", help="update w9scan", action="store_true")
parser.add_argument("--guide", help="w9scan to guide", action="store_true")
args = parser.parse_args()
if args.update:
updateProgram()
return 0
try:
urlconfig.url = raw_input('[1] Input url > ')
if urlconfig.url is '':
logger.critical("[xxx] You have to enter the url")
exit()
urlconfig.url = makeurl(urlconfig.url)
print '[***] ScanStart Target:%s' % urlconfig.url
print("[Tips] You can select these plugins (%s) or select all" %
(' '.join(LIST_PLUGINS)))
diyPlugin = raw_input("[2] Please select the required plugins > ")
if diyPlugin.lower() == 'all':
urlconfig.diyPlugin = LIST_PLUGINS
else:
urlconfig.diyPlugin = diyPlugin.strip().split(' ')
print "[***] You select the plugins:%s" % (' '.join(
urlconfig.diyPlugin))
urlconfig.scanport = False
if 'find_service' in urlconfig.diyPlugin:
input_scanport = raw_input(
'[2.1] Need you scan all ports ?(Y/N) (default N)> ')
if input_scanport.lower() in ("y", "yes"):
urlconfig.scanport = True
urlconfig.threadNum = raw_input(
'[3] You need start number of thread (default 5) > ')
if urlconfig.threadNum == '':
urlconfig.threadNum = 5
urlconfig.threadNum = int(urlconfig.threadNum)
urlconfig.deepMax = raw_input(
'[4] Set the depth of the crawler (default 200 | 0 don\'t use crawler ) > '
)
if urlconfig.deepMax == '':
urlconfig.deepMax = 200
startTime = time.clock()
e = Exploit_run(urlconfig.threadNum)
e.load_modules("www", urlconfig.url)
e.run()
e.init_spider()
s = crawler.SpiderMain(urlconfig.url)
time.sleep(0.5)
s.craw()
endTime = time.clock()
urlconfig.runningTime = endTime - startTime
e.report()
except KeyboardInterrupt:
logger.critical("[***] User Interrupt")
exit()
except Exception as info:
logger.critical("[xxx] MainError: %s:%s" % (str(Exception), info))
data = e.buildHtml.getData()
aax = "error:%s urlconfig:%s date:%s" % (
str(Exception) + " " + str(info), str(urlconfig), data)
createIssueForBlog(aax)
exit()
pollProcess(process, True)
stdout, stderr = process.communicate()
success = not process.returncode
except (IOError, OSError), ex:
success = False
stderr = getSafeExString(ex)
if success:
logger.info("\r[%s] [INFO] %s the latest revision '%s'" %
(time.strftime("%X"), "already at" if "Already" in stdout
else "updated to", getRevisionNumber()))
else:
if "Not a git repository" in stderr:
errMsg = "not a valid git repository. Please checkout the 'boy-hack/w9scan' repository "
errMsg += "from GitHub (e.g. 'git clone --depth 1 https://github.com/boy-hack/w9scan.git sqlmap')"
logger.critical(errMsg)
else:
logger.critical("update could not be completed ('%s')" %
re.sub(r"\W+", " ", stderr).strip())
if not success:
if subprocess.mswindows:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a GitHub for Windows client for updating "
infoMsg += "purposes (http://windows.github.com/) or just "
infoMsg += "download the latest snapshot from "
infoMsg += "https://github.com/boy-hack/w9scan"
else:
infoMsg = "for Linux platform it's required "
infoMsg += "to install a standard 'git' package (e.g.: 'sudo apt-get install git')"
