class Zoo_function(object):
output = O_Output()
njson = N_json()
def __init__(self, user, password):
login = Zoo_login(user, password)
token = login.get_token()
try:
tok = token["access_token"]
self.token = tok
except:
self.output.print_error(token['message'])
def host_search(self, query, page='1', facets=''):
headers = {"Authorization": "JWT " + self.token}
url = "http://api.zoomeye.org/host/search/?query=\"" + \
query + "\"&page=" + str(page) + "&facet=" + facets
res = self.njson.request(url, headers=headers, method="get")
return res
def web_search(self, query, page='1', facets=''):
headers = {"Authorization": "JWT " + self.token}
url = "https://api.zoomeye.org/web/search/?query=\"" + \
query + "\"&page=" + str(page) + "&facet=" + facets
# print url
res = self.njson.request(url, headers=headers, method="get")
return res
def __init__(self):
self.net = N_Request()
self.config = config()
self.db = DB()
self.output = CLIOutput()
self.output2 = O_Output()
self.exp = exp()
Cmd.__init__(self)
os.system("clear")
self.output.printYellow(
self.config.logo +
"Welcome To Auto-Exploit-Framework\nThe world Will Remember You Forever"
)
self.case_insensitive = False
self.prompt = self.config.default_console_words
self.isused = False
self.file = IO_File()
def __init__(self, user, password, host, port, db):
self.__output = O_Output()
self.__user = user
self.__password = password
self.__host = host
self.__port = port
self.__db = db
self.__isconnected = True
try:
self.__conn = MySQLdb.connect(
host=self.__host,
user=self.__user,
passwd=self.__password,
port=self.__port,
db=self.__db,
)
self.__cur = self.__conn.cursor()
except MySQLdb.Error, e:
self.__output.print_error("MySQL Error " + e.args[0] + ':' +
e.args[1])
self.__isconnected = False
class D_Mysql(object):
def __init__(self, user, password, host, port, db):
self.__output = O_Output()
self.__user = user
self.__password = password
self.__host = host
self.__port = port
self.__db = db
self.__isconnected = True
try:
self.__conn = MySQLdb.connect(
host=self.__host,
user=self.__user,
passwd=self.__password,
port=self.__port,
db=self.__db,
)
self.__cur = self.__conn.cursor()
except MySQLdb.Error, e:
self.__output.print_error(
"MySQL Error " + e.args[0] + ':' + e.args[1])
self.__isconnected = False
class AEFbase(object):
request = N_Request()
db = DB()
search = Search()
type = AEFType()
level = AEFLevel()
__output = O_Output()
def __init__(self):
self.info = {
"Type": self.type.other,
"Level": self.level.medium,
"Author": "",
"Desc": "",
"Name": "",
"Version": "1.0.0",
"Keyword": "",
}
super(AEFbase, self).__init__()
def __get_level(self, level):
level2 = ('low', 'medium', 'high')
return level2[level]
def print_desc(self):
name = []
value = []
temp = ['']
info = self.info
info['Level'] = self.__get_level(info['Level'])
for key in info:
name.append(key)
value.append(info[key])
temp[0] = value
value = temp
# print temp
self.__output.print_form(name, value)
def run(self):
pass
def print_error(self, content):
self.__output.print_error(content)
def print_info(self, content):
self.__output.print_default(content)
def print_warning(self, content):
self.__output.print_warning(content)
def __init__(self):
self.net = N_Request()
self.config = config()
self.db = DB()
self.output = CLIOutput()
self.output2 = O_Output()
self.exp = exp()
Cmd.__init__(self)
os.system("clear")
self.output.printYellow(self.config.logo +
"Welcome To Auto-Exploit-Framework\nThe world Will Remember You Forever")
self.case_insensitive = False
self.prompt = self.config.default_console_words
self.isused = False
self.file = IO_File()
class C_Base(Cmd):
def __init__(self):
self.net = N_Request()
self.config = config()
self.db = DB()
self.output = CLIOutput()
self.output2 = O_Output()
self.exp = exp()
Cmd.__init__(self)
os.system("clear")
self.output.printYellow(
self.config.logo +
"Welcome To Auto-Exploit-Framework\nThe world Will Remember You Forever"
)
self.case_insensitive = False
self.prompt = self.config.default_console_words
self.isused = False
self.file = IO_File()
def do_help(self, arg):
self.output.printYellow("[Command]")
print " use [exp] : use exploit"
print " show exploit : show the info of exploit"
print " del [exp] : del exploit"
print " load exploit : load exploit"
print " proxysearch [page] : Search Proxy"
print " subdimain [domain] : Search Subdimain"
self.output.printYellow("[System]")
print " exit : exit the system"
self.output.printYellow("[Web]")
print " runserver : start server"
self.output.printYellow("[Exploit]")
print " run : run exploit"
print " show config : show the config of exploit"
print " config [var] [value] : set the var's value"
self.output.printYellow("[Help]")
print " help [command] : show help"
def do_proxysearch(self, arg):
page = int(arg)
pro = D_Proxy()
re = pro.get(page)
name = ['IP', 'PORT']
self.output2.print_form(name, re)
def do_use(self, arg):
if arg:
try:
exploit = self.exp.load_exp(arg)
self.exploit = exploit
self.exploit.print_desc()
self.isused = True
except:
self.output2.print_error('Failed to load exploit')
def do_show(self, arg):
if not arg:
pass
elif arg == 'exp' or arg == 'exploit':
self.case_insensitive = True
exploit = self.db.get_exp()
name = ['id', 'name', 'desc', 'level', 'author']
exploit = list(exploit)
for i in range(len(exploit)):
exploit[i] = list(exploit[i])
exploit[i][3] = self.__get_level(exploit[i][3])
self.output2.print_form(name, exploit)
elif arg == "config":
self.do_config(None)
def do_run(self, arg):
if self.isused:
self.exploit.run()
else:
self.output2.print_warning('Please Use an Exploit')
def do_config(self, arg):
if arg != None:
if self.isused:
try:
key = arg.split()[0]
value = arg.split()[1]
self.exploit.var[key] = value
except:
self.output2.print_error("Must Be 2 Arguements")
else:
if self.isused:
try:
value = []
var = self.exploit.var
keys = var.keys()
for key in keys:
value.append(var[key])
temp = ['']
temp[0] = value
value = temp
# progress data
self.output2.print_form(keys, value)
except:
self.output2.print_error(
"This Exploit Can't Be Configured")
def do_load(self, arg):
if not arg:
pass
else:
# print self.config.path+'exploit/'+arg+'.py'
if self.file.check_file(self.config.path + 'exploit/' + arg +
'.py'):
exp = self.exp.load_exp(arg)
# print arg
if arg == exp.info['Name']:
self.db.insert_exp(exp.info['Name'], exp.info['Desc'],
exp.info['Level'], exp.info['Author'])
else:
self.output2.print_error("Exploit Name != File Name")
else:
self.output2.print_error('Please Move You Exploit To /exploit')
def do_del(self, arg):
self.db.del_exp(arg)
pass
def do_exit(self, arg):
quit()
pass
def __get_level(self, level):
a = ['low', 'medium', 'high']
return a[level]
def default(self, line):
pass
def do_subdomain(self, domain):
d = DNSBrute(target=domain,
names_file=self.config.default_subdomainfix,
ignore_intranet=False,
threads_num=10)
d.run()
def do_runserver(self, arg):
create_server(self.config.host, self.config.api_port)
def emptyline(self):
self.default('')
@get("/del/exp/:id")
def del_exp(id):
pass
@post("/edit/exp")
def edit_exp():
text = request.forms.get("text")
name = request.forms.get("name")
pass
@get("/test")
def test():
return "test"
server_output = O_Output()
def create_server(host, port):
try:
run(host=host, port=int(port))
except Exception, e:
server_output.print_error("Unable to create server: " + str(e))
return 1
if __name__ == "__main__":
pass
class C_Base(Cmd):
def __init__(self):
self.net = N_Request()
self.config = config()
self.db = DB()
self.output = CLIOutput()
self.output2 = O_Output()
self.exp = exp()
Cmd.__init__(self)
os.system("clear")
self.output.printYellow(self.config.logo +
"Welcome To Auto-Exploit-Framework\nThe world Will Remember You Forever")
self.case_insensitive = False
self.prompt = self.config.default_console_words
self.isused = False
self.file = IO_File()
def do_help(self, arg):
self.output.printYellow("[Command]")
print " use [exp] : use exploit"
print " show exploit : show the info of exploit"
print " del [exp] : del exploit"
print " load exploit : load exploit"
print " proxysearch [page] : Search Proxy"
print " subdimain [domain] : Search Subdimain"
self.output.printYellow("[System]")
print " exit : exit the system"
self.output.printYellow("[Web]")
print " runserver : start server"
self.output.printYellow("[Exploit]")
print " run : run exploit"
print " show config : show the config of exploit"
print " config [var] [value] : set the var's value"
self.output.printYellow("[Help]")
print " help [command] : show help"
def do_proxysearch(self, arg):
page = int(arg)
pro = D_Proxy()
re = pro.get(page)
name = ['IP', 'PORT']
self.output2.print_form(name, re)
def do_use(self, arg):
if arg:
try:
exploit = self.exp.load_exp(arg)
self.exploit = exploit
self.exploit.print_desc()
self.isused = True
except:
self.output2.print_error('Failed to load exploit')
def do_show(self, arg):
if not arg:
pass
elif arg == 'exp' or arg == 'exploit':
self.case_insensitive = True
exploit = self.db.get_exp()
name = ['id', 'name', 'desc', 'level', 'author']
exploit = list(exploit)
for i in range(len(exploit)):
exploit[i] = list(exploit[i])
exploit[i][3] = self.__get_level(exploit[i][3])
self.output2.print_form(name, exploit)
elif arg == "config":
self.do_config(None)
def do_run(self, arg):
if self.isused:
self.exploit.run()
else:
self.output2.print_warning('Please Use an Exploit')
def do_config(self, arg):
if arg != None:
if self.isused:
try:
key = arg.split()[0]
value = arg.split()[1]
self.exploit.var[key] = value
except:
self.output2.print_error("Must Be 2 Arguements")
else:
if self.isused:
try:
value = []
var = self.exploit.var
keys = var.keys()
for key in keys:
value.append(var[key])
temp = ['']
temp[0] = value
value = temp
# progress data
self.output2.print_form(keys, value)
except:
self.output2.print_error("This Exploit Can't Be Configured")
def do_load(self, arg):
if not arg:
pass
else:
# print self.config.path+'exploit/'+arg+'.py'
if self.file.check_file(self.config.path + 'exploit/' + arg + '.py'):
exp = self.exp.load_exp(arg)
# print arg
if arg == exp.info['Name']:
self.db.insert_exp(exp.info['Name'], exp.info['Desc'], exp.info[
'Level'], exp.info['Author'])
else:
self.output2.print_error("Exploit Name != File Name")
else:
self.output2.print_error('Please Move You Exploit To /exploit')
def do_del(self, arg):
self.db.del_exp(arg)
pass
def do_exit(self, arg):
quit()
pass
def __get_level(self, level):
a = ['low', 'medium', 'high']
return a[level]
def default(self, line):
pass
def do_subdomain(self, domain):
d = DNSBrute(target=domain,
names_file=self.config.default_subdomainfix,
ignore_intranet=False,
threads_num=10)
d.run()
def do_runserver(self, arg):
create_server(self.config.host, self.config.api_port)
def emptyline(self):
self.default('')