def getSubDomains(self, host=None): if host == None: host = self.host services = {} services["host"] = host pl = PluginLoader(None, services) pl.runEachPlugin(BASEDIR + "/plugins/Info_Collect/subdomain.py") print pl.services subdomains = pl.services["subdomains"] return subdomains
def getSubDomains(self, host=None): if host == None: host = self.host services = {} services['host'] = host pl = PluginLoader(None, services) pl.runEachPlugin(PLUGINDIR + '/Info_Collect/subdomain.py') print pl.services subdomains = pl.services['subdomains'] return subdomains
def getSubDomains(self,host=None): if host == None: host = self.host services={} services['host'] = host pl = PluginLoader(None,services) pl.runEachPlugin(PLUGINDIR+'/Info_Collect/subdomain.py') print pl.services subdomains = pl.services['subdomains'] return subdomains
def getNeiboorHosts(self,ip=None): if ip == None: ip = self.ip services={} services['ip'] = ip pl = PluginLoader(None,services) pl.runEachPlugin(PLUGINDIR+'/Info_Collect/neighborhost.py') neighborhosts = [] if pl.services.has_key('neighborhosts'): neighborhosts = pl.services['neighborhosts'] return neighborhosts
def getNeiboorHosts(self, ip=None): if ip == None: ip = self.ip services = {} services["ip"] = ip pl = PluginLoader(None, services) pl.runEachPlugin(BASEDIR + "/plugins/Info_Collect/neighborhost.py") neighborhosts = [] if pl.services.has_key("neighborhosts"): neighborhosts = pl.services["neighborhosts"] return neighborhosts
def getNeiboorHosts(self, ip=None): if ip == None: ip = self.ip services = {} services['ip'] = ip pl = PluginLoader(None, services) pl.runEachPlugin(PLUGINDIR + '/Info_Collect/neighborhost.py') neighborhosts = [] if pl.services.has_key('neighborhosts'): neighborhosts = pl.services['neighborhosts'] return neighborhosts
def __init__(self, name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) for t in self.pluginOpts: o = t[0] v = t[1] if (v[0] == '[' and v[-1] == ']') or (v[0] == '{' and v[-1] == '}'): v = eval(v) self.services[o] = v
def scan(self): ''' ''' try: # Step 3 print '>>>Step3: run each sub task' self.pls = [] for each_service in self.services: pl = PluginLoader(None,each_service,self.target) self.pls.append(pl) results = [] # 改用map_async的方式 proPool = MyPool(10) p = proPool.map_async(procFunc,self.pls) try: results = p.get() except KeyboardInterrupt,e: # proPool.terminate() print "Caught KeyboardInterrupt, terminating workers" proPool.terminate() # newpls = [] # for res in results: # newpls.append(res) # self.pls = newpls # self._saveResultToFile() self._saveResultToWeb()
def getHttpPorts(self, ip=None): if ip == None: ip = self.ip services = {} services['ip'] = ip # get all opened ports pl = PluginLoader(None, services) pl.runEachPlugin(PLUGINDIR + '/Info_Collect/portscan.py') ports = {} if pl.services.has_key('port_detail'): ports = pl.services['port_detail'] # get http ports httpports = [] for eachport in ports.keys(): if ports[eachport]['name'] == 'http': httpports.append(eachport) print 'httpports:\t', httpports return httpports
def getHttpPorts(self, ip=None): if ip == None: ip = self.ip services = {} services["ip"] = ip # get all opened ports pl = PluginLoader(None, services) pl.runEachPlugin(BASEDIR + "/plugins/Info_Collect/portscan.py") ports = {} if pl.services.has_key("port_detail"): ports = pl.services["port_detail"] # get http ports httpports = [] for eachport in ports.keys(): if ports[eachport]["name"] == "http": httpports.append(eachport) print "httpports:\t", httpports return httpports
def getHttpPorts(self,ip=None): if ip == None: ip = self.ip services={} services['ip'] = ip # get all opened ports pl = PluginLoader(None,services) pl.runEachPlugin(PLUGINDIR+'/Info_Collect/portscan.py') ports = {} if pl.services.has_key('port_detail'): ports = pl.services['port_detail'] # get http ports httpports = [] for eachport in ports.keys(): if ports[eachport]['name'] == 'http': httpports.append(eachport) print 'httpports:\t',httpports return httpports
def scan(self): ''' ''' try: # Step 3 globalVar.mainlogger.info('[*][*] Step3: run each sub task') # globalVar.undone_targets = [] print 'globalVar.undone_targets=', globalVar.undone_targets print 'self.services=', pprint(self.services) self.pls = [] for each_service in self.services: pl = PluginLoader(None, each_service, self.targetname, self.pluginargs) self.pls.append(pl) results = [] # 改用map_async的方式 # proPool = multiprocessing.Pool(10) proPool = MyPool(self.threads) p = proPool.map_async(procFunc, self.pls) proPool.close() try: proPool.join() except KeyboardInterrupt, e: # print "Caught KeyboardInterrupt, terminating workers" # while True: # print '---------->>hahahaha main thread caught ctrl+c' globalVar.mainlogger.error( 'Caught KeyboardInterrupt, terminating workers') globalVar.mainlogger.info('[*] All Done') # # 改用map_async的方式 # proPool = MyPool(10) # p = proPool.map_async(procFunc,self.pls) # try: # results = p.get() # except KeyboardInterrupt,e: # # proPool.terminate() # print "Caught KeyboardInterrupt, terminating workers" # proPool.terminate() # newpls = [] # for res in results: # newpls.append(res) # self.pls = newpls # self._saveResultToFile() self._saveResultToWeb()
def __init__(self, name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) print self.pluginOpts self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) # for t in self.pluginOpts: # o=t[0] # v=t[1] # # print o,v # if type(v)!=int: # # print type(v) # if(v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): # v = eval(v) # # print v # self.services[o] = v # # print self.services self.services.update(self.pluginOpts)
def __init__(self,name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) for t in self.pluginOpts: o=t[0] v=t[1] if (v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): v = eval(v) self.services[o] = v
def __init__(self,name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) print self.pluginOpts self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) for t in self.pluginOpts: o=t[0] v=t[1] # print o,v if type(v)!=int: # print type(v) if(v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): v = eval(v) # print v self.services[o] = v # print self.services print 'done'
def __init__(self,name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) print self.pluginOpts self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) # for t in self.pluginOpts: # o=t[0] # v=t[1] # # print o,v # if type(v)!=int: # # print type(v) # if(v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): # v = eval(v) # # print v # self.services[o] = v # # print self.services self.services.update(self.pluginOpts)
def scan(self): ''' ''' try: globalVar.mainlogger.info('[*][*] Step3: run each sub task') proPool = MyPool(self.threads) for each_service in self.services: pl = PluginLoader(None,each_service,self.target) proPool.apply_async(procFunc,(pl,self.pluginfilepath)) # 改用map_async的方式 # proPool = multiprocessing.Pool(10) # proPool = MyPool(multiprocessing.cpu_count()) # p = proPool.map_async(procFunc,self.pls) proPool.close() try: proPool.join() except KeyboardInterrupt,e: globalVar.mainlogger.error('Caught KeyboardInterrupt, terminating workers') globalVar.mainlogger.info('[*] All Done') self._saveResultToWeb()
def infoGather(self,depth=1): try: # Step 2 print '>>>Step2: gathing info' for i in range(depth): print '>>>',i,'<<<' print globalVar.done_targets print 'id(globalVar.undone_targets)=\t',id(globalVar.undone_targets) print 'globalVar.undone_targets=',globalVar.undone_targets if globalVar.undone_targets: # Step1: services = [] pls = [] # print globalVar.undone_targets tmpundone = copy.deepcopy(globalVar.undone_targets) for each_target in tmpundone: # print tmpundone # print each_target service = {} service_type = self._getServiceType(each_target) # print service_type service[service_type] = each_target services.append(service) globalVar.target_lock.acquire() globalVar.undone_targets.remove(each_target) globalVar.done_targets.append(each_target) globalVar.target_lock.release() pprint(services) # sys.exit() for each_service in services: pl = PluginLoader(BASEDIR+'/plugins/Info_Collect',each_service,'_'+self.target) pls.append(pl) # globalVar.target_lock.acquire() # globalVar.done_targets += globalVar.undone_targets # globalVar.undone_targets = [] # globalVar.target_lock.release() # Step2: results = [] # 改用map_async的方式 proPool = MyPool(10) p = proPool.map_async(procFunc,pls) try: results = p.get() # while True: # print 'globalVar.undone_targets=',globalVar.undone_targets # time.sleep(1) # pass except KeyboardInterrupt,e: # proPool.terminate() print "Caught KeyboardInterrupt, terminating workers" proPool.terminate() newpls = [] for res in results: newpls.append(res) self.pls = self.pls + newpls for pl in self.pls: service = pl.services service['alreadyrun'] = True self.services.append(service) self.pls = [] for each_target in globalVar.undone_targets: service = {} service_type = self._getServiceType(each_target) # print service_type service[service_type] = each_target self.services.append(service) pprint(self.services)
class m: '''mst plugin's class''' def __init__(self,name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) print self.pluginOpts self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) # for t in self.pluginOpts: # o=t[0] # v=t[1] # # print o,v # if type(v)!=int: # # print type(v) # if(v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): # v = eval(v) # # print v # self.services[o] = v # # print self.services self.services.update(self.pluginOpts) # for key in self.pluginOpts: # if key in ('url','ip','host','timeout'): # self.services[key] = self.pluginOpts[key] # print 'done' def info(self): '''display plugin infos''' color.cprint("PLUGIN INFOS",YELLOW) color.cprint("============",GREY) color.cprint("PARAMETER VALUE",YELLOW) color.cprint("-"*15+" "+"-"*20,GREY) for key in self.pluginInfo.keys(): p=key v=self.pluginInfo[p] color.cprint("%-15s"%p,CYAN,0) color.cprint("%-s"%v,PURPLE) def opt(self): '''display plugin opts''' # print self.pluginOpts color.cprint("PLUGIN OPTS",YELLOW) color.cprint("===========",GREY) color.cprint("%-15s %-20s %-40s"%("PARAMETER","VALUE","DESCRIPTION"),YELLOW) color.cprint("%-15s %-20s %-40s"%("-"*15,"-"*20,"-"*40),GREY) # for n in self.pluginOpts: # p=n[0] # v=n[1] # d=n[2] # color.cprint("%-15s"%p,CYAN,0) # color.cprint("%-20s"%self.services[p],PURPLE,0) # color.cprint("%-40s"%d,GREEN) for key in self.pluginOpts.keys(): p=key color.cprint("%-15s"%p,CYAN,0) color.cprint("%-20s"%self.pluginOpts[p],PURPLE) def setp(self,p,v): '''set plugin par value''' # p=p.upper() if self.pluginOpts.has_key(p): color.cprint("[*] SET %s=>%s"%(p,v),YELLOW) value = eval(v) if (v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}') else v self.pluginOpts[p] = value self.services[p] = value print self.pluginOpts else: color.cprint("[*] NO PARA %s" % p,YELLOW) def run(self): '''start run !!''' try: color.cprint("[*] Start run..",YELLOW) self.plugin.runAudit(self.pluginPath, self.pluginOpts, self.services) except Exception,e: color.cprint("[!] Err:%s"%e,RED)
def infoGather(self, depth=None): if depth == None: depth = self.gatherdepth try: # Step 2 globalVar.mainlogger.info('[*][*] Step2: gathing info') self.services = [] for i in range(depth): globalVar.mainlogger.info('[*][*][-] >>> depth: %d <<<' % i) # print globalVar.done_targets # print 'id(globalVar.undone_targets)=\t',id(globalVar.undone_targets) globalVar.depth_now = globalVar.depth_now + 1 if globalVar.undone_targets: # Step1: services = [] pls = [] # print globalVar.undone_targets tmpundone = copy.deepcopy(globalVar.undone_targets) for each_target in tmpundone: # print tmpundone # print each_target service = {} service_type = self._getServiceType(each_target) # print service_type if globalVar.depth_now > self.gatherdepth: service['nogather'] = True service[service_type] = each_target services.append(service) globalVar.target_lock.acquire() globalVar.undone_targets.remove(each_target) globalVar.done_targets.append(each_target) globalVar.target_lock.release() # pprint(services) # sys.exit() for each_service in services: pl = PluginLoader(BASEDIR + '/plugins/Info_Collect', each_service, '_' + self.target) pls.append(pl) # globalVar.target_lock.acquire() # globalVar.done_targets += globalVar.undone_targets # globalVar.undone_targets = [] # globalVar.target_lock.release() # Step2: results = [] # 改用map_async的方式 # proPool = multiprocessing.Pool(10) proPool = MyPool(self.threads) p = proPool.map_async(procFunc, pls) proPool.close() try: proPool.join() except KeyboardInterrupt, e: print "Caught KeyboardInterrupt, terminating workers" results = p.get() for service in results: # print service service['alreadyrun'] = True self.services.append(service) print 'globalVar.undone_targets=', globalVar.undone_targets print 'self.services=', pprint(self.services) for each_target in globalVar.undone_targets: print each_target service = {} service_type = self._getServiceType(each_target) # print service_type service[service_type] = each_target service['nogather'] = True self.services.append(service) globalVar.mainlogger.info('Targets:') for service in self.services: globalVar.mainlogger.info('\t' + str(service))
class m: '''mst plugin's class''' def __init__(self,name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) for t in self.pluginOpts: o=t[0] v=t[1] if (v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): v = eval(v) self.services[o] = v def info(self): '''display plugin infos''' color.cprint("PLUGIN INFOS",YELLOW) color.cprint("============",GREY) color.cprint("PARAMETER VALUE",YELLOW) color.cprint("-"*15+" "+"-"*20,GREY) for key in self.pluginInfo.keys(): p=key v=self.pluginInfo[p] color.cprint("%-15s"%p,CYAN,0) color.cprint("%-s"%v,PURPLE) def opt(self): '''display plugin opts''' # print self.pluginOpts color.cprint("PLUGIN OPTS",YELLOW) color.cprint("===========",GREY) color.cprint("%-15s %-20s %-40s"%("PARAMETER","VALUE","DESCRIPTION"),YELLOW) color.cprint("%-15s %-20s %-40s"%("-"*15,"-"*20,"-"*40),GREY) for n in self.pluginOpts: p=n[0] v=n[1] d=n[2] color.cprint("%-15s"%p,CYAN,0) color.cprint("%-20s"%self.services[p],PURPLE,0) color.cprint("%-40s"%d,GREEN) def setp(self,p,v): '''set plugin par value''' # p=p.upper() if self.services.has_key(p): color.cprint("[*] SET %s=>%s"%(p,v),YELLOW) self.services[p]=eval(v) if (v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}') else v # print self.services else: color.cprint("[*] NO PARA %s" % p,YELLOW) def run(self): '''start run !!''' try: color.cprint("[*] Start run..",YELLOW) self.plugin.runAudit(self.pluginPath,self.services) except Exception,e: color.cprint("[!] Err:%s"%e,RED)
class m: '''mst plugin's class''' def __init__(self, name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) for t in self.pluginOpts: o = t[0] v = t[1] if (v[0] == '[' and v[-1] == ']') or (v[0] == '{' and v[-1] == '}'): v = eval(v) self.services[o] = v def info(self): '''display plugin infos''' color.cprint("PLUGIN INFOS", YELLOW) color.cprint("============", GREY) color.cprint("PARAMETER VALUE", YELLOW) color.cprint("-" * 15 + " " + "-" * 20, GREY) for key in self.pluginInfo.keys(): p = key v = self.pluginInfo[p] color.cprint("%-15s" % p, CYAN, 0) color.cprint("%-s" % v, PURPLE) def opt(self): '''display plugin opts''' # print self.pluginOpts color.cprint("PLUGIN OPTS", YELLOW) color.cprint("===========", GREY) color.cprint( "%-15s %-20s %-40s" % ("PARAMETER", "VALUE", "DESCRIPTION"), YELLOW) color.cprint("%-15s %-20s %-40s" % ("-" * 15, "-" * 20, "-" * 40), GREY) for n in self.pluginOpts: p = n[0] v = n[1] d = n[2] color.cprint("%-15s" % p, CYAN, 0) color.cprint("%-20s" % self.services[p], PURPLE, 0) color.cprint("%-40s" % d, GREEN) def setp(self, p, v): '''set plugin par value''' # p=p.upper() if self.services.has_key(p): color.cprint("[*] SET %s=>%s" % (p, v), YELLOW) self.services[p] = eval(v) if (v[0] == '[' and v[-1] == ']') or ( v[0] == '{' and v[-1] == '}') else v # print self.services else: color.cprint("[*] NO PARA %s" % p, YELLOW) def run(self): '''start run !!''' try: color.cprint("[*] Start run..", YELLOW) self.plugin.runAudit(self.pluginPath, self.services) except Exception, e: color.cprint("[!] Err:%s" % e, RED)
def startScan(self, services=None): ''' ''' try: print '>>>starting scan' self._noticeStartToWeb() self._initGlobalVar() # get subdomains print '>>>collecting subdomain info' subdomains = self.getSubDomains(self.host) print 'subdomains:\t', subdomains # get hosts hosts = {} print '>>>for each subdomain, collecting neiborhood host info' for eachdomain in subdomains: tmpip = socket.gethostbyname(eachdomain) if tmpip not in hosts.keys(): tmphosts = self.getNeiboorHosts(tmpip) hosts[tmpip] = tmphosts if eachdomain not in tmphosts: hosts[tmpip].append(eachdomain) else: if eachdomain not in hosts[tmpip]: hosts[tmpip].append(eachdomain) print 'hosts:\t', hosts # get urls urls = {} for eachip in hosts.keys(): ip_hosts = hosts[eachip] httpports = self.getHttpPorts(eachip) urls[eachip] = self.generateUrl(eachip, ip_hosts, httpports) # just for test # urls = {'106.185.36.44': ['http://www.hengtiansoft.com','http://www.leesec.com']} # urls = {'172.16.15.2': []} # urls = {'106.185.36.44': ['http://87.230.29.167:80']} self.urls = urls print 'urls\t', urls # get services print '>>>starting scan each host' pls = [] # ip type scan for eachip in urls.keys(): services = {} if eachip != self.ip: services['issubdomain'] = True services['ip'] = eachip pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services # http type scan for eachip in urls.keys(): for eachurl in urls[eachip]: services = {} # not subdomain if self.domain not in eachurl: services['isneighborhost'] = True services['url'] = eachurl pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services results = [] # for eachpl in pls: # results.append(proPool.apply_async(procFunc,(eachpl,))) # proPool.close() # try: # proPool.join() # except KeyboardInterrupt,e: # # isexit = raw_input('Sure to exit?yes/no') # # if isexit.lower() == 'y' or isexit.lower() == 'yes': # proPool.terminate() # 改用map_async的方式 proPool = multiprocessing.Pool(10) p = proPool.map_async(procFunc, pls) try: results = p.get(0xFFFF) except KeyboardInterrupt, e: print "Caught KeyboardInterrupt, terminating workers" newpls = [] for res in results: newpls.append(res) self.pls = newpls self._setResult(urls=self.urls, pls=newpls) #self._saveResultToFile(pls) self._saveResultToWeb()
class m: '''mst plugin's class''' def __init__(self, name): '''exec plugin code''' self.pluginPath = BASEDIR + '/' + name self.plugin = PluginLoader() self.services = {} self.pluginOpts = self.plugin.getPluginOpts(self.pluginPath) print self.pluginOpts self.pluginInfo = self.plugin.getPluginInfo(self.pluginPath) # for t in self.pluginOpts: # o=t[0] # v=t[1] # # print o,v # if type(v)!=int: # # print type(v) # if(v[0]=='[' and v[-1] == ']') or (v[0]=='{' and v[-1] == '}'): # v = eval(v) # # print v # self.services[o] = v # # print self.services self.services.update(self.pluginOpts) # for key in self.pluginOpts: # if key in ('url','ip','host','timeout'): # self.services[key] = self.pluginOpts[key] # print 'done' def info(self): '''display plugin infos''' color.cprint("PLUGIN INFOS", YELLOW) color.cprint("============", GREY) color.cprint("PARAMETER VALUE", YELLOW) color.cprint("-" * 15 + " " + "-" * 20, GREY) for key in self.pluginInfo.keys(): p = key v = self.pluginInfo[p] color.cprint("%-15s" % p, CYAN, 0) color.cprint("%-s" % v, PURPLE) def opt(self): '''display plugin opts''' # print self.pluginOpts color.cprint("PLUGIN OPTS", YELLOW) color.cprint("===========", GREY) color.cprint( "%-15s %-20s %-40s" % ("PARAMETER", "VALUE", "DESCRIPTION"), YELLOW) color.cprint("%-15s %-20s %-40s" % ("-" * 15, "-" * 20, "-" * 40), GREY) # for n in self.pluginOpts: # p=n[0] # v=n[1] # d=n[2] # color.cprint("%-15s"%p,CYAN,0) # color.cprint("%-20s"%self.services[p],PURPLE,0) # color.cprint("%-40s"%d,GREEN) for key in self.pluginOpts.keys(): p = key color.cprint("%-15s" % p, CYAN, 0) color.cprint("%-20s" % self.pluginOpts[p], PURPLE) def setp(self, p, v): '''set plugin par value''' # p=p.upper() if self.pluginOpts.has_key(p): color.cprint("[*] SET %s=>%s" % (p, v), YELLOW) value = eval(v) if (v[0] == '[' and v[-1] == ']') or ( v[0] == '{' and v[-1] == '}') else v self.pluginOpts[p] = value self.services[p] = value print self.pluginOpts else: color.cprint("[*] NO PARA %s" % p, YELLOW) def run(self): '''start run !!''' try: color.cprint("[*] Start run..", YELLOW) self.plugin.runAudit(self.pluginPath, self.pluginOpts, self.services) except Exception, e: color.cprint("[!] Err:%s" % e, RED)
def startScan(self, services=None): ''' ''' print '>>>starting scan' self._noticeStartToWeb() # get subdomains print '>>>collecting subdomain info' subdomains = self.getSubDomains(self.host) print 'subdomains:\t', subdomains # get hosts hosts = {} print '>>>for each subdomain, collecting neiborhood host info' for eachdomain in subdomains: tmp = {} tmpip = socket.gethostbyname(eachdomain) if tmpip not in hosts.keys(): tmphosts = self.getNeiboorHosts(tmpip) hosts[tmpip] = tmphosts if eachdomain not in tmphosts: hosts[tmpip].append(eachdomain) else: if eachdomain not in hosts[tmpip]: hosts[tmpip].append(eachdomain) print 'hosts:\t', hosts # get urls urls = {} for eachip in hosts.keys(): ip_hosts = hosts[eachip] httpports = self.getHttpPorts(eachip) urls[eachip] = self.generateUrl(eachip, ip_hosts, httpports) self.urls = urls print 'urls\t', urls # get services print '>>>starting scan each host' pls = [] # ip type scan for eachip in urls.keys(): services = {} if eachip != self.ip: services['issubdomain'] = True services['ip'] = eachip pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services # http type scan for eachip in urls.keys(): for eachurl in urls[eachip]: services = {} # not subdomain if self.domain not in eachurl: services['isneighborhost'] = True services['url'] = eachurl pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services self.pls = pls #print pls mthpls = [] for eachpl in pls: #print eachpl.services if eachpl.services.has_key('ip'): threadName = eachpl.services['ip'] elif eachpl.services.has_key('url'): threadName = eachpl.services['url'] else: threadName = 'Unknow' print 'An unknow scanner services found:\t', eachpl.services sys.exit(0) mthpl = MutiScanner(self.lock, threadName, eachpl) mthpls.append(mthpl) for eachmthpl in mthpls: eachmthpl.start() for eachmthpl in mthpls: eachmthpl.join() self.setResult(urls=self.urls, pls=pls) #self.saveResultToFile(pls) self._saveResultToWeb()
def startScan(self, services=None): ''' ''' print '>>>starting scan' self._noticeStartToWeb() # get subdomains print '>>>collecting subdomain info' subdomains = self.getSubDomains(self.host) print 'subdomains:\t', subdomains # get hosts hosts = {} print '>>>for each subdomain, collecting neiborhood host info' for eachdomain in subdomains: tmpip = socket.gethostbyname(eachdomain) if tmpip not in hosts.keys(): tmphosts = self.getNeiboorHosts(tmpip) hosts[tmpip] = tmphosts if eachdomain not in tmphosts: hosts[tmpip].append(eachdomain) else: if eachdomain not in hosts[tmpip]: hosts[tmpip].append(eachdomain) print 'hosts:\t', hosts # get urls urls = {} for eachip in hosts.keys(): ip_hosts = hosts[eachip] httpports = self.getHttpPorts(eachip) urls[eachip] = self.generateUrl(eachip, ip_hosts, httpports) # urls = {'106.185.36.44': []} self.urls = urls print 'urls\t', urls # get services print '>>>starting scan each host' pls = [] # ip type scan for eachip in urls.keys(): services = {} if eachip != self.ip: services['issubdomain'] = True services['ip'] = eachip pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services # http type scan for eachip in urls.keys(): for eachurl in urls[eachip]: services = {} # not subdomain if self.domain not in eachurl: services['isneighborhost'] = True services['url'] = eachurl pl = PluginLoader(None, services, outputpath=self.host) pls.append(pl) print 'scan start:\t', pl.services self.pls = pls results = [] proPool = multiprocessing.Pool(10) for eachpl in pls: results.append(proPool.apply_async(procFunc, (eachpl, ))) proPool.close() proPool.join() newpls = [] for res in results: newpls.append(res.get()) self.pls = newpls self.setResult(urls=self.urls, pls=newpls) #self.saveResultToFile(pls) self._saveResultToWeb()