def cmspoc_check(cmsurl):
poc_class = pocdb_pocs(cmsurl)
poc_dict = poc_class.cmspocdict
cprint(">>>CMS漏洞扫描URL: "+cmsurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
cmspool.map(cmsprint, poc_dict.keys())
print("\r")
results = cmspool.map(cmscheck, poc_dict.values())
cmspool.close()
cmspool.join()
def hardware_check(hardwareurl):
poc_class = pocdb_pocs(hardwareurl)
poc_dict = poc_class.hardwarepocdict
cprint(">>>Hardware漏洞扫描URL: "+hardwareurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
hardwarepool.map(hardwareprint, poc_dict.keys())
print("\r")
results = hardwarepool.map(hardwarecheck, poc_dict.values())
hardwarepool.close()
hardwarepool.join()
def informationpoc_check(informationurl):
poc_class = pocdb_pocs(informationurl)
poc_dict = poc_class.informationpocdict
cprint(">>>Information漏洞扫描URL: "+informationurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
informationpool.map(informationprint, poc_dict.keys())
print("\r")
results = informationpool.map(informationcheck, poc_dict.values())
informationpool.close()
informationpool.join()
def cmspoc_check(cmsurl):
poc_class = pocdb_pocs(cmsurl)
poc_dict = poc_class.cmspocdict
cprint(">>>CMS漏洞扫描URL: "+cmsurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
cmspool.map(cmsprint, poc_dict.keys())
print("\r")
results = cmspool.map(cmscheck, poc_dict.values())
cmspool.close()
cmspool.join()
def system_check(systemurl):
poc_class = pocdb_pocs(systemurl)
poc_dict = poc_class.systempocdict
cprint(">>>System漏洞扫描URL: "+systemurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
systempool.map(systemprint, poc_dict.keys())
print("\r")
results = systempool.map(systemcheck, poc_dict.values())
systempool.close()
systempool.join()
def informationpoc_check(informationurl):
poc_class = pocdb_pocs(informationurl)
poc_dict = poc_class.informationpocdict
cprint(">>>Information漏洞扫描URL: "+informationurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
informationpool.map(informationprint, poc_dict.keys())
print("\r")
results = informationpool.map(informationcheck, poc_dict.values())
informationpool.close()
informationpool.join()
def hardware_check(hardwareurl):
poc_class = pocdb_pocs(hardwareurl)
poc_dict = poc_class.hardwarepocdict
cprint(">>>Hardware漏洞扫描URL: "+hardwareurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
hardwarepool.map(hardwareprint, poc_dict.keys())
print("\r")
results = hardwarepool.map(hardwarecheck, poc_dict.values())
hardwarepool.close()
hardwarepool.join()
def system_check(systemurl):
poc_class = pocdb_pocs(systemurl)
poc_dict = poc_class.systempocdict
cprint(">>>System漏洞扫描URL: "+systemurl+"\t可用POC个数["+str(len(poc_dict))+"]", "magenta")
systempool.map(systemprint, poc_dict.keys())
print("\r")
results = systempool.map(systemcheck, poc_dict.values())
systempool.close()
systempool.join()
---------------------------------------------------
Usage: python3 AngelSword.py -u http://www.example.com 对url执行所有poc检测(暴力)
1.python3 AngelSword.py -l 列出所有poc
2.python3 AngelSword.py -s live800 搜索出live800的相关poc
3.python3 AngelSword.py -m live800_downlog_filedownload -t http://www.example.com 单一目标执行live800 download任意文件下载漏洞检测
4.python3 AngelSword.py -m live800_downlog_filedownload -f vuln.txt 对vuln.txt中的所有url执行live800 downlog任意文件下载漏洞检测
6.python3 AngelSword.py -r all -t http://www.example.com 对搜索出来的poc进行指定范围批量测试。 使用前需要利用-s搜索。
7.python3 AngelSword.py -m live800_downlog_filedownload -e 调用系统中的vim编辑poc文件
8.python3 AngelSword.py -v 显示静态统计
9.python3 AngelSword.py -c poc路径校验
'''%VERSION
if len(sys.argv) < 2 or sys.argv[1]=="-h":
cprint(usage, "cyan")
elif sys.argv[1] == "-l":
#列出CMS POC名称
pocclass = pocdb_pocs('')
cmsclass = pocclass.cmspocdict
print("\t\t\tCMS POC")
for cms in cmsclass:
print("|"+cms+"\t|\t"+split_string(str(cmsclass.get(cms).__str__)))
print("|-------------------------------------------------------------------------------------------------------------|")
print("\r")
#列出industrial POC名称
pocclass = pocdb_pocs('')
industrialclass = pocclass.industrialpocdict
print("\t\t\tIndustrial POC")
for industrial in industrialclass:
print("|"+industrial+"\t|\t"+split_string(str(industrialclass.get(industrial).__str__)))
print("|-------------------------------------------------------------------------------------------------------------|")
print("\r")
---------------------------------------------------
Usage: python3 AngelSword.py -u http://www.example.com 对url执行所有poc检测(暴力)
1.python3 AngelSword.py -l 列出所有poc
2.python3 AngelSword.py -s live800 搜索出live800的相关poc
3.python3 AngelSword.py -m live800_downlog_filedownload -t http://www.example.com 单一目标执行live800 download任意文件下载漏洞检测
4.python3 AngelSword.py -m live800_downlog_filedownload -f vuln.txt 对vuln.txt中的所有url执行live800 downlog任意文件下载漏洞检测
6.python3 AngelSword.py -r all -t http://www.example.com 对搜索出来的poc进行指定范围批量测试。 使用前需要利用-s搜索。
7.python3 AngelSword.py -m live800_downlog_filedownload -e 调用系统中的vim编辑poc文件
8.python3 AngelSword.py -v 显示静态统计
9.python3 AngelSword.py -c poc路径校验
'''%VERSION
if len(sys.argv) < 2 or sys.argv[1]=="-h":
cprint(usage, "cyan")
elif sys.argv[1] == "-l":
#列出CMS POC名称
pocclass = pocdb_pocs('')
cmsclass = pocclass.cmspocdict
print("\t\t\tCMS POC")
for cms in cmsclass:
print("|"+cms+"\t|\t"+split_string(str(cmsclass.get(cms).__str__)))
print("|-------------------------------------------------------------------------------------------------------------|")
print("\r")
#列出industrial POC名称
pocclass = pocdb_pocs('')
industrialclass = pocclass.industrialpocdict
print("\t\t\tIndustrial POC")
for industrial in industrialclass:
print("|"+industrial+"\t|\t"+split_string(str(industrialclass.get(industrial).__str__)))
print("|-------------------------------------------------------------------------------------------------------------|")
print("\r")
