def init_spider(self): for k, v in self.hash_pycode_Lists.iteritems(): pluginObj = self._load_module(v) pluginObj.task_push = self.task_push pluginObj.curl = miniCurl.Curl() pluginObj.security_note = self._security_note pluginObj.security_info = self._security_info pluginObj.security_warning = self._security_warning pluginObj.security_hole = self._security_hole pluginObj.security_set = self._security_set pluginObj.debug = self._debug pluginObj.util = until pluginObj._G = self._TargetScanAnge pluginObj.hackhttp = hackhttp.hackhttp() pluginObj.ThreadPool = w8_threadpool try: pluginObj_tuple = pluginObj.assign("spider_file", "") if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组 pluginObj_tuple = pluginObj.assign("spider_end", "") if not isinstance(pluginObj_tuple, tuple): continue bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1] if bool_value: pconf = {} pconf["pluginObj"] = pluginObj pconf["service"] = "spider_file" w9_hash_pycode.setdefault(k, pconf) except Exception as err_info: raise ToolkitMissingPrivileges( "load spider plugins error! " + err_info)
def load_modules(self, service, url): # 内部载入所有模块,并且判断服务名是否正确 for k, v in self.hash_pycode_Lists.iteritems(): pluginObj = self._load_module(v) pluginObj.task_push = self.task_push pluginObj.curl = miniCurl.Curl() pluginObj.security_note = self._security_note pluginObj.security_info = self._security_info pluginObj.security_warning = self._security_warning pluginObj.security_hole = self._security_hole pluginObj.debug = self._debug pluginObj.util = until pluginObj._G = self._TargetScanAnge pluginObj.hackhttp = hackhttp.hackhttp() pluginObj.ThreadPool = w8_threadpool try: pluginObj_tuple = pluginObj.assign(service, url) if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组 continue bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1] if bool_value: threadConf = dict() threadConf["filename"] = k threadConf["service"] = service threadConf["agrs"] = agrs threadConf["pluginObj"] = pluginObj self._print( "[***] load plugin %s for service '%s'" % (threadConf["filename"], threadConf["service"])) # self.task_queue.put_nowait(threadConf) self.th.push(threadConf) except Exception as err_info: self._print("[!!!] load error:", service, k, err_info)
def load_modules(self, service, url): # 内部载入所有模块,并且判断服务名是否正确 for k, v in self.hash_pycode_Lists.iteritems(): try: pluginObj = self._load_module(v) for each in ESSENTIAL_MODULE_METHODS: if not hasattr(pluginObj, each): errorMsg = "Can't find essential method:'{}' in current script,Please modify your {}.".format( each, k) logger.error(errorMsg) continue pluginObj.task_push = self.task_push pluginObj.curl = miniCurl.Curl() pluginObj.security_note = self._security_note pluginObj.security_info = self._security_info pluginObj.security_warning = self._security_warning pluginObj.security_hole = self._security_hole pluginObj.security_set = self._security_set pluginObj.debug = self._debug pluginObj.util = until pluginObj._G = self._TargetScanAnge pluginObj.ThreadPool = Ajatar_threadpool if Ajconfig.TimeOut is None: Ajconfig.TimeOut = 10 if Ajconfig.Cookie is None: Ajconfig.Cookie = "" socket.setdefaulttimeout(Ajconfig.TimeOut) conpool = hackhttp.httpconpool(20, timeout=Ajconfig.TimeOut) pluginObj.hackhttp = hackhttp.hackhttp( conpool=conpool, cookie_str=Ajconfig.Cookie, user_agent=Ajconfig.UserAgent, headers=Ajconfig.headers) pluginObj_tuple = pluginObj.assign(service, url) if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组 continue bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1] if bool_value: threadConf = dict() threadConf["filename"] = k threadConf["service"] = service threadConf["agrs"] = agrs threadConf["pluginObj"] = pluginObj self._print( "load plugin %s for service '%s'" % (threadConf["filename"], threadConf["service"])) self.th.push(threadConf) except Exception as err_info: logger.error("load plugin error:%s service:%s filename:%s" % (err_info, service, k))
def load_modules(self, service, url): # 内部载入所有模块,并且判断服务名是否正确 for k, v in self.hash_pycode_Lists.iteritems(): try: pluginObj = self._load_module(v) pluginObj.task_push = self.task_push pluginObj.curl = miniCurl.Curl() pluginObj.security_note = self._security_note pluginObj.security_info = self._security_info pluginObj.security_warning = self._security_warning pluginObj.security_hole = self._security_hole pluginObj.security_set = self._security_set pluginObj.debug = self._debug pluginObj.util = until pluginObj._G = self._TargetScanAnge pluginObj.ThreadPool = w8_threadpool if w9config.TimeOut is None: w9config.TimeOut = 10 if w9config.Cookie is None: w9config.Cookie = "" socket.setdefaulttimeout(w9config.TimeOut) conpool = hackhttp.httpconpool(20, timeout=w9config.TimeOut) pluginObj.hackhttp = hackhttp.hackhttp( conpool=conpool, cookie_str=w9config.Cookie, user_agent=w9config.UserAgent, headers=w9config.headers) pluginObj_tuple = pluginObj.assign(service, url) if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组 continue bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1] if bool_value: threadConf = dict() threadConf["filename"] = k threadConf["service"] = service threadConf["agrs"] = agrs threadConf["pluginObj"] = pluginObj self._print( "load plugin %s for service '%s'" % (threadConf["filename"], threadConf["service"])) self.th.push(threadConf) except Exception as err_info: logger.error("load plugin error:%s service:%s filename:%s" % (err_info, service, k))
def init_spider(self): #items() 迭代器 k exp文件 v 代码 for k, v in self.hash_pycode_Lists.iteritems(): pluginObj = self._load_module(v) #动态加载代码 for each in ESSENTIAL_MODULE_METHODS: #bugcsan插件的两个主要函数 if not hasattr(pluginObj, each): errorMsg = "Can't find essential method:'{}' in current script,Please modify your {}.".format( each, k) logger.error(errorMsg) continue pluginObj.task_push = self.task_push pluginObj.curl = miniCurl.Curl() #bugscan 旧版http #Bugscan 漏洞等级 pluginObj.security_note = self._security_note pluginObj.security_info = self._security_info pluginObj.security_warning = self._security_warning pluginObj.security_hole = self._security_hole pluginObj.security_set = self._security_set pluginObj.debug = self._debug pluginObj.util = until pluginObj._G = self._TargetScanAnge #目标信息 pluginObj.hackhttp = hackhttp.hackhttp() #bugscan http pluginObj.ThreadPool = Ajatar_threadpool #线程池 try: #判断是否为爬虫插件 xss那些.. pluginObj_tuple = pluginObj.assign("spider_file", "") # if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组 pluginObj_tuple = pluginObj.assign("spider_end", "") if not isinstance(pluginObj_tuple, tuple): continue bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1] if bool_value: #爬虫插件返回True pconf = {} pconf["pluginObj"] = pluginObj #保存爬虫插件对象 pconf["service"] = "spider_file" Ajatar_hash_pycode.setdefault(k, pconf) #保存文件名,对象 except Exception as err_info: raise ToolkitMissingPrivileges("load spider plugins error! " + err_info)
def init_spider(self): for k, v in self.hash_pycode_Lists.iteritems(): pluginObj = self._load_module(v) for each in ESSENTIAL_MODULE_METHODS: if not hasattr(pluginObj, each): errorMsg = "Can't find essential method:'{}' in current script,Please modify your {}.".format( each, k) logger.error(errorMsg) continue pluginObj.task_push = self.task_push pluginObj.curl = miniCurl.Curl() pluginObj.security_note = self._security_note pluginObj.security_info = self._security_info pluginObj.security_warning = self._security_warning pluginObj.security_hole = self._security_hole pluginObj.security_set = self._security_set pluginObj.debug = self._debug pluginObj.util = until pluginObj._G = self._TargetScanAnge pluginObj.hackhttp = hackhttp.hackhttp() pluginObj.ThreadPool = w8_threadpool try: pluginObj_tuple = pluginObj.assign("spider_file", "") if not isinstance(pluginObj_tuple, tuple): # 判断是否是元组 pluginObj_tuple = pluginObj.assign("spider_end", "") if not isinstance(pluginObj_tuple, tuple): continue bool_value, agrs = pluginObj_tuple[0], pluginObj_tuple[1] if bool_value: pconf = {} pconf["pluginObj"] = pluginObj pconf["service"] = "spider_file" w9_hash_pycode.setdefault(k, pconf) except Exception as err_info: raise ToolkitMissingPrivileges("load spider plugins error! " + err_info)
#!/usr/bin/env python # -*- coding: utf-8 -*- # package for test from thirdparty import miniCurl from thirdparty import ThreadPool from thirdparty import hackhttp from lib.utils import until def security_hole(msg,k = ''): print k,msg def security_info(msg,k = ''): print k,msg def security_note(msg,k = ''): print k,msg ThreadPool = ThreadPool.w8_threadpool curl = miniCurl.Curl() hackhttp = hackhttp.hackhttp() util = until