def format_url(self):
for url in self.arguments.urlList:
result = re.search(
r'(([01]{0,1}\d{0,1}\d|2[0-4]\d|25[0-5])\.){3}([01]{0,1}\d{0,1}\d|2[0-4]\d|25[0-5])',
url)
if result:
url = result.group()
http_url = url_parse(url).get_http_url() #
yield http_url
elif url.startswith('http'):
yield url
else:
# 判断域名是否已经扫描过,包括含有http这类的链接
scanned_status = False
compile = '^[http://|https://]*' + url + '$'
for u in self.scanned_domains:
if re.findall(compile, u):
print("{} had in scanned_domains list .".format(url))
scanned_status = True
break
if scanned_status:
continue
# 判断是否是二级域名,
if url.count('.') >= 2:
is_subdomain = True
for suffix in [
".com.cn",
".edu.cn",
".net.cn",
".org.cn",
".co.jp",
".gov.cn",
".co.uk",
"ac.cn",
]:
if suffix in url:
is_subdomain = False
break
# 二级域名的话跳过,不再爆破三级域名
if is_subdomain:
yield url_parse(url).get_http_url()
continue
# 域名当作url先扫描
yield url_parse(url).get_http_url()
# 遍历子域名并扫描
domains_list = OneForAll(url).scan()
domains_list = sorted(set(domains_list),
key=domains_list.index) # 去重 保持顺序
for domains in domains_list:
http_url = url_parse(domains).get_http_url() #
yield http_url
continue
def format_url(self):
for url in self.arguments.urlList:
result = re.search(
r'(([01]{0,1}\d{0,1}\d|2[0-4]\d|25[0-5])\.){3}([01]{0,1}\d{0,1}\d|2[0-4]\d|25[0-5])',
url)
if result:
url = result.group()
else:
domains_list = OneForAll(url).scan()
for domains in domains_list:
http_url = url_parse(domains).get_http_url() #
yield http_url
http_url = url_parse(url).get_http_url() #
yield http_url
def assign_task(self):
self.init_report()
self.xray = xray.Xray()
self.xray.scan()
for http_url in self.format_url():
print("scanning : ", http_url)
if http_url.count(":") < 2 and http_url.count(
"/"
) < 3: # if like http://a.com:8080 or http://xx.com/1.php ,do self.url_scan()
ip = get_ip_from_url(http_url)
if not ip:
continue
open_ports = masscan.Masscan(ip).open_ports
if not open_ports or len(open_ports) > 20:
self.url_scan(http_url)
continue
http_open_ports = nmap.Nmap(
url_parse(http_url).get_netloc(), open_ports
).http_open_ports #use domain not ip in order to report
if http_open_ports:
for port in http_open_ports:
http_url_with_port = http_url + ":" + port
self.url_scan(http_url_with_port)
else:
print("nmap not found http server port at : ", http_url)
else:
self.url_scan(http_url)
def __init__(self, target):
super().__init__()
self.target = target
self.report_name = url_parse(self.target).get_report_name()
self.username = "******"
self.password = "******" #Test123...
self.base_url = "https://127.0.0.1:3443" #awvs server ip
self.session = requests.session()
self.headers = {
'User-Agent':
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0)',
'Content-Type': 'application/json; charset=utf8',
'X-Auth': "",
'cookie': "",
}
self.get_api_key_and_set(
) # it will auto login and get X-Auth and cookie value ,then set them in self.headers
#self.target_id = ""
self.scan_session_id = ""
self.scan_id = ""
self.target_id = ""
self.scan()
def format_url(self):
for url in self.arguments.urlList:
http_url = url_parse(url).get_http_url() #
yield http_url