def payloadverify(self, plug, host):
'''插件验证'''
#logging.info('check %s-%s-%s'%(plug.__class__,host.host,host.port))
filter = bool(self.args.get('filter', 1)) #是否需要过滤、
try:
socket.setdefaulttimeout(360)
if not filter or plug.filter(host):
logging.info(
'filter %s-%s-%s-%s' %
(plug.__class__, host.service, host.host, host.port))
for user, pwd in self.auths if plug.BRUTE else [(None,
'123456')]:
if user:
verify = plug.verify(host, user=user, pwd=pwd)
else:
verify = plug.verify(host, pwd=pwd)
if verify:
logging.warn(
'verify %s-%s-%s-%s-%s' %
(plug.__class__, host.host, host.port, user, pwd))
return self.callback_bug(plug)
except Exception as e:
type, value, tb = sys.exc_info()
e = '\n'.join(set(traceback.format_exception(type, value, tb)))
logging.error(str(e))
def scan(self):
result = {}
try:
result = self.parse_report(self.do_scan())
except NmapParserException as e:
logging.error("Exception raised while parsing scan: {0}".format(
e.msg))
return result
def httpscan(self):
while self.crawle.ISSTART or not self.crawle.ResQueue.empty():
try:
req, res = self.crawle.ResQueue.get(block=False)
req = copy.deepcopy(req)
res = copy.deepcopy(res)
for payload in BaseHttpPlugin.payloads():
payload.filter(self.crawle,req,res) \
and payload.verify(self.crawle,req,res) \
and self.callback_bug(payload)
except queue.Empty:
pass
except Exception as e:
logging.error(str(e))
def start(self):
self.Q.task_code = 'working'
self.Q.task_pid = str(os.getpid())
self.Q.save()
try:
self.auths = self.get_auth()
self.scan()
except Exception as e:
type,value,tb = sys.exc_info()
e = '\n'.join(set(traceback.format_exception(type,value,tb)))
logging.error(str(e))
finally:
self.Q.finishdate = datetime.datetime.now()
self.Q.task_pid = '0'
self.Q.task_code = 'finish'
self.Q.save()
def load(cls, path=None, not_import=[], newtable=True):
path = path or cls.__pluginpath
not_import = not_import or cls.__not_import
plugins = [p.split(os.sep)[-1] for p in glob.glob(path + '/' + '*.py')]
for plugin in plugins:
if plugin not in not_import:
fn = None
plug_name = '.'.join(plugin.split('.')[:-1])
try:
acquire_lock()
fn, filename, desc = find_module(plug_name, [path])
load_module(plug_name, fn, filename, desc)
except Exception as e:
logging.error(u"Plugin:%s Error:%s" % (plugin, e))
finally:
if fn: fn.close()
release_lock()
def httpscan(self):
while self.crawle.ISSTART or not self.crawle.ResQueue.empty():
try:
req, res = self.crawle.ResQueue.get(block=False)
#print(res.status_code,req.url)
req = copy.deepcopy(req)
res = copy.deepcopy(res)
for payload in BaseHttpPlugin.payloads():
payload.filter(self.crawle,req,res) \
and payload.verify(self.crawle,req,res) \
and self.callback_bug(payload)
except queue.Empty:
pass
except Exception as e:
type, value, tb = sys.exc_info()
e = '\n'.join(set(traceback.format_exception(type, value, tb)))
logging.error(str(e))
def request(self, req):
#req = self.session.prepare_request(req.prepare())
req = self.reqhook(req)
try:
#res = self.session.send(req,
# verify=False,
# proxies=self.settings['proxy'],
# timeout=self.settings['timeout'])
res = req.response()
self.ResQueue.put((req, res))
self.parse(res)
#app 识别
#for app in APP.find(res):
# self.website.content = app
except ConnectionError as e:
logging.warn(str(e))
time.sleep(self.settings['sleep'])
except Exception as e:
type, value, tb = sys.exc_info()
e = '\n'.join(set(traceback.format_exception(type, value, tb)))
logging.error(str(e))
def payloadverify(self, plug, host):
'''插件验证'''
logging.info('check %s-%s-%s' % (plug.__class__, host.host, host.port))
filter = int(self.args.get('filter', 1)) #是否需要过滤、
try:
socket.setdefaulttimeout(360)
if not filter or plug.filter(host):
logging.info('filter %s-%s-%s-%s-%s' %
(plug.__class__, host.host, host.port))
for user, pwd in self.auths if plug.BRUTE else [(None,
'123456')]:
if user:
verify = plug.verify(host, user=user, pwd=pwd)
else:
verify = plug.verify(host, pwd=pwd)
if verify:
logging.warn(
'verify %s-%s-%s-%s-%s' %
(plug.__class__, host.host, host.port, user, pwd))
return self.callback_bug(plug)
except Exception as e:
logging.error(str(e))