def rsync_creak(self,ip,port):
try:
for data in self.lines:
username=data.split(':')[0]
password=data.split(':')[1]
flag=self.rsync_connect(ip,username,password,port)
if flag==3:
self.lock.acquire()
printRed("fail!!bacaues can't find any module\r\n")
self.lock.release()
break
if flag==2:
self.lock.acquire()
printRed("fail!!bacaues modulename is error\r\n")
self.lock.release()
break
if flag==1:
self.lock.acquire()
printGreen("%s rsync at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password))
self.result.append("%s rsync at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password))
self.lock.release()
break
else:
self.lock.acquire()
print "%s rsync service 's %s:%s login fail " %(ip,username,password)
self.lock.release()
except Exception,e:
print e
def rsync_creak(ip,port):
try:
d=open('conf/rsync.conf','r')
data=d.readline().strip('\r\n')
while(data):
username=data.split(':')[0]
password=data.split(':')[1]
flag=rsync_connect(ip,username,password,port)
if flag==3:
lock.acquire()
printRed("fail!!bacaues can't find any module\r\n")
lock.release()
break
if flag==2:
lock.acquire()
printRed("fail!!bacaues modulename is error\r\n")
lock.release()
break
if flag==1:
lock.acquire()
printGreen("%s rsync at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password))
result.append("%s rsync at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password))
lock.release()
break
else:
lock.acquire()
print "%s rsync service 's %s:%s login fail " %(ip,username,password)
lock.release()
data=d.readline().strip('\r\n')
except Exception,e:
print e
def hit_hb(s,ip,port):
s.send(hb)
while True:
typ, ver, pay = recvmsg(s)
if typ is None:
lock.acquire()
print 'No heartbeat response received, %s ssl at %s likely not vulnerable' %(ip,port)
lock.release()
return False
if typ == 24:
if len(pay) > 3:
lock.acquire()
printRed('WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n' %(ip,port))
result.append('WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n' %(ip,port))
lock.release()
else:
lock.acquire()
printRed('%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n' %(ip,port))
result.append('%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n' %(ip,port))
lock.release()
return True
if typ == 21:
lock.acquire()
print 'Server returned error, likely not vulnerable'
lock.release()
return False
def mongoDB_connect(self, ip, username, password, port):
crack = 0
try:
connection = pymongo.Connection(ip, port)
db = connection.admin
db.collection_names()
self.lock.acquire()
printRed(
'%s mongodb service at %s allow login Anonymous login!!\r\n' %
(ip, port))
self.result.append(
'%s mongodb service at %s allow login Anonymous login!!\r\n' %
(ip, port))
self.lock.release()
crack = 1
except Exception, e:
if e[0] == 'database error: not authorized for query on admin.system.namespaces':
try:
r = db.authenticate(username, password)
if r != False:
crack = 2
else:
self.lock.acquire()
crack = 3
print "%s mongodb service 's %s:%s login fail " % (
ip, username, password)
self.lock.release()
except Exception, e:
pass
def mongoDB_connect(self,ip,username,password,port):
crack=0
try:
connection=pymongo.Connection(ip,port)
db=connection.admin
db.collection_names()
self.lock.acquire()
printRed('%s mongodb service at %s allow login Anonymous login!!\r\n' %(ip,port))
self.result.append('%s mongodb service at %s allow login Anonymous login!!\r\n' %(ip,port))
self.lock.release()
crack=1
except Exception,e:
if e[0]=='database error: not authorized for query on admin.system.namespaces':
try:
r=db.authenticate(username,password)
if r!=False:
crack=2
else:
self.lock.acquire()
crack=3
print "%s mongodb service 's %s:%s login fail " %(ip,username,password)
self.lock.release()
except Exception,e:
pass
def mongoDB_connect(ip, username, password, port):
crack = 0
try:
connection = pymongo.Connection(ip, port)
db = connection.admin
db.collection_names()
lock.acquire()
printRed("%s mongodb service at %s allow login Anonymous login!!\r\n" % (ip, port))
result.append("%s mongodb service at %s allow login Anonymous login!!\r\n" % (ip, port))
lock.release()
crack = 1
except Exception, e:
if e[0] == "database error: not authorized for query on admin.system.namespaces":
try:
db.authenticate(username, password)
crack = 2
except Exception, e:
lock.acquire()
print "%s mongodb service 's %s:%s login fail " % (ip, username, password)
lock.release()
crack = 3
def hit_hb(self,s,ip,port):
s.send(self.hb)
while True:
typ, ver, pay = self.recvmsg(s)
if typ is None:
return False
if typ == 24:
if len(pay) > 3:
self.lock.acquire()
printRed('WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n' %(ip,port))
self.result.append('WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n' %(ip,port))
self.lock.release()
else:
self.lock.acquire()
printRed('%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n' %(ip,port))
self.result.append('%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n' %(ip,port))
self.lock.release()
return True
if typ == 21:
return False
def hit_hb(s, ip, port):
s.send(hb)
while True:
typ, ver, pay = recvmsg(s)
if typ is None:
lock.acquire()
print 'No heartbeat response received, %s ssl at %s likely not vulnerable' % (
ip, port)
lock.release()
return False
if typ == 24:
if len(pay) > 3:
lock.acquire()
printRed(
'WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n'
% (ip, port))
result.append(
'WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n'
% (ip, port))
lock.release()
else:
lock.acquire()
printRed(
'%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n'
% (ip, port))
result.append(
'%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n'
% (ip, port))
lock.release()
return True
if typ == 21:
lock.acquire()
print 'Server returned error, likely not vulnerable'
lock.release()
return False
def rsync_creak(self, ip, port):
try:
for data in self.lines:
username = data.split(':')[0]
password = data.split(':')[1]
flag = self.rsync_connect(ip, username, password, port)
if flag == 3:
self.lock.acquire()
printRed("fail!!bacaues can't find any module\r\n")
self.lock.release()
break
if flag == 2:
self.lock.acquire()
printRed("fail!!bacaues modulename is error\r\n")
self.lock.release()
break
if flag == 1:
self.lock.acquire()
printGreen(
"%s rsync at %s has weaken password!!-------%s:%s\r\n"
% (ip, port, username, password))
self.result.append(
"%s rsync at %s has weaken password!!-------%s:%s\r\n"
% (ip, port, username, password))
self.lock.release()
break
else:
self.lock.acquire()
print "%s rsync service 's %s:%s login fail " % (
ip, username, password)
self.lock.release()
except Exception, e:
print e
lock.release()
crack = 1
except Exception, e:
if e[0] == "database error: not authorized for query on admin.system.namespaces":
try:
db.authenticate(username, password)
crack = 2
except Exception, e:
lock.acquire()
print "%s mongodb service 's %s:%s login fail " % (ip, username, password)
lock.release()
crack = 3
else:
printRed("%s mongodb service at %s not connect" % (ip, port))
crack = 4
return crack
def mongoDB(ip, port):
try:
d = open("conf/mongodb.conf", "r")
data = d.readline().strip("\r\n")
while data:
username = data.split(":")[0]
password = data.split(":")[1]
flag = mongoDB_connect(ip, username, password, port)
if flag in [1, 4]:
break
lock.release()
crack=1
except Exception,e:
if e[0]=='database error: not authorized for query on admin.system.namespaces':
try:
db.authenticate(username,password)
crack=2
except Exception,e:
lock.acquire()
print "%s mongodb service 's %s:%s login fail " %(ip,username,password)
lock.release()
crack=3
else:
printRed('%s mongodb service at %s not connect' %(ip,port))
crack=4
return crack
def mongoDB(ip,port):
try:
d=open('conf/mongodb.conf','r')
data=d.readline().strip('\r\n')
while(data):
username=data.split(':')[0]
password=data.split(':')[1]
flag=mongoDB_connect(ip,username,password,port)
if flag in [1,4]:
break
