def add_task():
if request.method == 'POST':
if request.form.get('finger').find('.') != -1:
result = FingerPrint(request.form.get('finger'),
request.form.get('protocol')).run()
flash(result.split(' ')[:-1])
return redirect('/index')
def get_wallet():
file = request.files['finger']
filename = UPLOAD_FOLDER + "/" + file.filename
file.save(os.getcwd() + "/" + filename)
finger_module = FingerPrint(filename)
seed_phrase = finger_module.get_seed_phrase()
private_key, public_key = crypto.generate_wallet(seed_phrase)
response_data = json.dumps({
"seed": seed_phrase,
"private_key": private_key,
"public_key": public_key,
"balance": crypto.get_balance(public_key)
})
response = Response(response_data, mimetype="application/json")
response.headers['Access-Control-Allow-Origin'] = '*'
return response, 200
class OnlineSearch:
""" la classe de recherche enligne des failles """
def __init__(self):
self.fprint = FingerPrint()
def site_search(self,com):
"""recherche des informatation sur les composants sur packetstorm.org"""
sere = self.fprint.get_cont("http://packetstormsecurity.org/search/files/?q="+com+"&s=files")
if (re.search(r"No Results Found",sere)):
print "No Results Found in packetstormsecurity.org"
else:
linex1 = re.compile(r'<a class="ico text-plain" href="(.+)" title="Size: (.+) KB">(.*?)</a>')
dir1 = self.fprint.copy(linex1.findall(sere))
for elem in dir1:
print "Link : packetstormsecurity.org"+elem[0]
print "Size : "+elem[1]+" KB"
print "Title : "+elem[2]
print "\n"
print "---------------------------------------------------------"
class OnlineSearch:
""" Online search for vulns """
def __init__(self):
self.fprint = FingerPrint()
def site_search(self,com):
"""search on packetstorm.org"""
sere = self.fprint.get_cont("http://packetstormsecurity.org/search/files/?q="+com+"&s=files")
if (re.search(r"No Results Found",sere)):
print "No Results Found in packetstormsecurity.org"
else:
linex1 = re.compile(r'<a class="ico text-plain" href="(.+)" title="Size: (.+) KB">(.*?)</a>')
dir1 = self.fprint.copy(linex1.findall(sere))
for elem in dir1:
print "Link : packetstormsecurity.org"+elem[0]
print "Size : "+elem[1]+" KB"
print "Title : "+elem[2]
print "\n"
print "---------------------------------------------------------"
def exploit_db_search(self,keyword):
print "-v --vuln enumerer les plugins vulnerables"
print "-c --vulnt enumerer les themes vulnerables"
print "-h --help afficher ce message d'aide"
help()
try:
opts, args = getopt.getopt(
sys.argv[1:], "hu:t:e:m:vc", ["help", "url=", "type=", "enumerate=", "theme=", "vuln", "vulnt"]
)
except getopt.GetoptError as err:
print (err)
help()
sys.exit(2)
fp = FingerPrint()
ic = InfoCollector()
ts = Tester()
os = OnlineSearch()
svn = SvnParser()
for o, u in opts:
if o in ("-h", "--help"):
help()
elif o in ("-u", "--url"):
url = fp.adrstrip(u)
t = fp.detect_cms(url)
# tes = fp.check_if_exist("http://www.123algeriasport.com/wp-content/plugins/social-discussions/")
print "[!] CMS installed is : " + t
if t == "wordpress":
print "[x] Searching for plugins or themes in the code (passive search): \n"
ic.get_info_passive(url, t)
def __init__(self): self.fprint = FingerPrint()
class InfoCollector:
def __init__(self):
self.fprint = FingerPrint()
def get_admin(self,url):
""" Brute Force the admin link """
f = open("doc/admin.txt")
cont = f.read()
list = cont.split("\n")
for elem in list:
if (self.fprint.check_if_exist(url+"/"+elem)):
print "[!] Found this directory "+elem+"\n"
def get_info_passive(self,url,type):
""" Passive templates and Plugins enumeration """
if (type == "joomla"):
content = self.fprint.get_cont(self,url)
linex1 = re.compile("option,(.*?)/")
linex2 = re.compile('option=(.*?)(&|&|")')
linex3 = re.compile('/component/(.*?)/')
linex4 = re.compile('/templates/(.*?)/')
dir1 = self.fprint.copy(linex1.findall(content))
dir2 = self.fprint.copy(linex2.findall(content))
dir3 = self.fprint.copy(linex3.findall(content))
dir4 = self.fprint.copy(linex4.findall(content))
print "[!] Plugins Found From passive detection: \n"
for elem in dir1:
print elem
for elem in dir2:
print elem
for elem in dir3:
print elem
print "[!] Templates Found from passive detection:\n"
for elem in dir4:
print elem
if (type == "wordpress"):
content = self.fprint.get_cont(url)
linex = re.compile("/plugins/(.*?)/")
linex2 = re.compile("/themes/(.*?)/")
dir = self.fprint.copy(linex.findall(content))
dir2 = self.fprint.copy(linex2.findall(content))
print "[!] Plugins Found From passive detection: \n"
for elem in dir:
print elem
print "[!] Themes Found From passive detection: \n"
for elem in dir2:
print elem
def get_info_aggressive(self,url,mode,item):
""" Agressive Templates and PLugins enumeration """
if (item == "plugins"):
if (mode == "full"):
print "[!] Enumerating All installed Plugins in "+url+"\n"
full = open("doc/plugins_full.txt","r")
cont = full.read()
list = cont.split("\n")
for elem in list:
#print "Test"
#print "[!] Testing"+elem
if (self.fprint.check_if_exist(url+"/wp-content/plugins/"+elem)):
content = self.fprint.get_cont(url+"/wp-content/plugins/"+elem+"/"+"readme.txt")
regex = re.compile('Stable tag: (.+)')
version = regex.findall(content)
if (len(version)!=0):
print "[!] Found "+elem+" Version "+version[0]
else:
print "[!] Found "+elem+" Version ?"
if (mode == "top"):
print "[!] Enumerating Most Downloaded installed Plugins in "+url+"\n"
top = open("doc/plugins.txt","r")
cont = top.read()
list = cont.split("\n")
for elem in list:
#print "[x] Testing : "+elem
if (self.fprint.check_if_exist(url+"/wp-content/plugins/"+elem)):
content = self.fprint.get_cont(url+"/wp-content/plugins/"+elem+"/"+"readme.txt")
regex = re.compile('Stable tag: (.+)')
version = regex.findall(content)
if (len(version)!=0):
print "[!] Found "+elem+" Version "+version[0]
else:
print "[!] Found "+elem+" Version ?"
if (item == "themes"):
if (mode == "full"):
print "[!] Enumerating All installed Themes in "+url+"\n"
full = open("doc/themes_full.txt","r")
cont = full.read()
list = cont.split("\n")
for elem in list:
#print "Test"
#print "[!] Testing"+elem
if (self.fprint.check_if_exist(url+"/wp-content/themes/"+elem)):
print "[!] Found "+elem+" Theme"
if (mode == "top"):
print "[!] Enumerating Most Downloaded installed Themes in "+url+"\n"
top = open("doc/themes.txt","r")
cont = top.read()
list = cont.split("\n")
for elem in list:
#print "[x] Testing : "+elem
if (self.fprint.check_if_exist(url+"/wp-content/themes/"+elem)):
print "[!] Found "+elem+" Theme"
# map.py
import sys
import re
import string
from fingerprint import FingerPrint
f = FingerPrint()
for line in sys.stdin:
try:
print "%s\t%s" % (f.fingerprint(line), line.strip())
except Exception as e:
print e
pass
def __init__(self):
self.fprint = FingerPrint()
print "-t (type) --type= specifier le type de CMS (wordpress,joomla)"
print "-e (mode) --enumerate enumerer les plugins (just pour wordpress) mode : full(la liste complete) / top(liste des plugins les plus telecharges)"
print "-m (mode) --theme enumerer les themes (just pour wordpress) mode : full(la liste complete) / top(liste des themess les plus telecharges)"
print "-v --vuln enumerer les plugins vulnerables"
print "-c --vulnt enumerer les themes vulnerables"
print "-h --help afficher ce message d'aide"
help()
try:
opts, args = getopt.getopt(sys.argv[1:], "hu:t:e:m:vc",["help","url=","type=","enumerate=","theme=","vuln","vulnt"])
except getopt.GetoptError as err:
print(err)
help()
sys.exit(2)
fp = FingerPrint()
ic = InfoCollector()
ts = Tester()
os = OnlineSearch()
svn = SvnParser()
for o,u in opts:
if o in ("-h","--help"):
help()
elif o in ("-u","--url"):
url = fp.adrstrip(u)
t = fp.detect_cms(url)
print "[!] CMS installed is : "+t
if (t == "wordpress"):
print "[x] Searching for plugins or themes in the code (passive search): \n"
ic.get_info_passive(url,t)
print "[x] Fingerprinting using readme.html \n"
# map.py
import sys
import re
import string
from fingerprint import FingerPrint
f = FingerPrint()
for line in sys.stdin:
label, text = line.split('\t')
try:
text = text.decode('ascii', 'replace').replace(u'\ufffd', '_')
print "%s\t%s" % (f.fingerprint(text), text.strip())
except:
pass
import sys
from fingerprint import FingerPrint
f = FingerPrint()
for line in sys.stdin:
try:
print "%s\t%s" % (f.bigram_fingerprint(line), line.strip())
except:
pass
import sys
import os
import csv
import json
from fingerprint import FingerPrint
inputpath = "input"
f = FingerPrint()
for txtfile in os.listdir(inputpath):
csvfile = csv.DictReader(open(inputpath + "/" + txtfile, 'rb'), )
for record in csvfile:
print "\t".join([
f.bigram_fingerprint(record['company_name']),
record['company_name'], txtfile,
json.dumps(record)
])
import sys
import re
import string
from nltk import bigrams
from fingerprint import FingerPrint
f = FingerPrint()
for line in sys.stdin:
cols = line.split("\t")
try:
print "%s\t%s\t%s" % (f.bigram_fingerprint_num(cols[2]),cols[0],cols[2])
except:
pass
print "-v --vuln enumerer les plugins vulnerables"
print "-c --vulnt enumerer les themes vulnerables"
print "-h --help afficher ce message d'aide"
help()
try:
opts, args = getopt.getopt(
sys.argv[1:], "hu:t:e:m:vc",
["help", "url=", "type=", "enumerate=", "theme=", "vuln", "vulnt"])
except getopt.GetoptError as err:
print(err)
help()
sys.exit(2)
fp = FingerPrint()
ic = InfoCollector()
ts = Tester()
os = OnlineSearch()
svn = SvnParser()
for o, u in opts:
if o in ("-h", "--help"):
help()
elif o in ("-u", "--url"):
url = fp.adrstrip(u)
t = fp.detect_cms(url)
#tes = fp.check_if_exist("http://www.123algeriasport.com/wp-content/plugins/social-discussions/")
print "[!] CMS installed is : " + t
if (t == "wordpress"):
print "[x] Searching for plugins or themes in the code (passive search): \n"
ic.get_info_passive(url, t)
import sys import os import csv import json from fingerprint import FingerPrint inputpath = "input" f = FingerPrint() for txtfile in os.listdir(inputpath): csvfile = csv.DictReader(open(inputpath + "/" + txtfile,'rb'),) for record in csvfile: print "\t".join([f.bigram_fingerprint(record['company_name']),record['company_name'], txtfile, json.dumps(record)])
else:
from common2 import *
import common2 as common
import util
import DNS
import threadpool
from functools import partial
from fingerprint import FingerPrint
from dnslog import DNSLog
import hackhttp
import hackhttp as hh
hackhttp = hh.hackhttp()
fingerprint = FingerPrint()
_G = {
'scanport': False,
'subdomain': False,
'target': 'www.abc.com',
'disallow_ip': ['127.0.0.1'],
'kv': {},
'udomain': "test",
# 'user_dict':'http://192.168.0.158/1.txt'
# 'pass_dict':'http://192.168.0.158/1.txt'
"custom_dict": {}
}
util._G = _G
class Tester:
""" La classe des tests de vulnirabilites """
def __init__(self):
self.fprint = FingerPrint()
def wp_vulns(self,version):
""" detection Vuln. dans le corps de WP """
tree = xml.etree.ElementTree.parse("doc/wp_vulns.xml")
p = tree.findall("wordpress")
#print p
#p2 = tree.findall("hash/file")
for ele in p:
vrs = ele.attrib["version"]
#print vrs
if (vrs == version):
s = ele.getchildren()
for elem in s:
r = elem.getchildren()
#print "test"
print "Title : "+r[0].text
print "Reference : "+r[1].text
print "Type : "+r[2].text
def wp_plugins_vulns(self,url):
"""detection des vuln. dans les plugins"""
tree = xml.etree.ElementTree.parse("doc/plugin_vulns.xml")
p = tree.findall("plugin")
#cmp = lambda x, y: StrictVersion(x).__cmp__(y)
vregex = re.compile("[\d.]*\d+")
found = 0
for ele in p:
dir = ele.attrib["name"]
if (self.fprint.check_if_exist(url+"/wp-content/plugins/"+dir)):
rdm = self.fprint.get_cont(url+"/wp-content/plugins/"+dir+"/readme.txt")
regex = re.compile('Stable tag: ([\d.]*\d+)')
iversion1 = self.fprint.copy(regex.findall(rdm))
#print iversion1
if (iversion1[0]):
iversion = iversion1[0]
else:
iversion = "?"
#print iversion
s = ele.getchildren()
for elem in s :
r = elem.getchildren()
version = self.fprint.copy(vregex.findall(r[0].text))
#print version
if (version[0]):
v = version[0]
else:
v = "?"
#print v
if (len(r) == 3):
#found = 1
print "[!] Title : "+r[0].text
print "[!] Ref. : "+r[1].text
print "[!] Type : "+r[2].text
if (len(r) == 4):
print "[!] Title : "+r[0].text
print "[!] Ref.1 : "+r[1].text
print "[!] Ref.2 : "+r[2].text
print "[!] Type : "+r[3].text
if ( (v == "?") or (iversion == "?")):
print "[x] You need to check we could not detect the version"
else:
#print StrictVersion(v).__cmp__(iversion)
if ((StrictVersion(v).__cmp__(iversion) == 0) or (StrictVersion(iversion).__cmp__(v) == -1)):
print "[x] Your CMS is infected with this vuln."
found = 1
else :
print "[x] Your CMS is Safe From this vuln."
if (found == 0):
print "[!] No Vuln. Plugin was found !"
def wp_theme_vulns(self,url):
"""detection des vuln. dans les themes"""
tree = xml.etree.ElementTree.parse("doc/theme_vulns.xml")
p = tree.findall("theme")
found = 0
for ele in p:
dir = ele.attrib["name"]
if (self.fprint.check_if_exist(url+"/wp-content/themes/"+dir)):
found = 1
s = ele.getchildren()
for elem in s:
r = elem.getchildren()
print "[!] Title : "+r[0].text
print "[!] Ref. : "+r[1].text
print "[!] Type : "+r[2].text
if (found == 0):
print "[!] No Vlun. Theme Was Found "
class InfoCollector:
def __init__(self):
self.fprint = FingerPrint()
def get_admin(self, url):
""" Brute Force the admin link """
f = open("doc/admin.txt")
cont = f.read()
list = cont.split("\n")
for elem in list:
if (self.fprint.check_if_exist(url + "/" + elem)):
print "[!] Found this directory " + elem + "\n"
def get_info_passive(self, url, type):
""" Passive templates and Plugins enumeration """
if (type == "joomla"):
content = self.fprint.get_cont(self, url)
linex1 = re.compile("option,(.*?)/")
linex2 = re.compile('option=(.*?)(&|&|")')
linex3 = re.compile('/component/(.*?)/')
linex4 = re.compile('/templates/(.*?)/')
dir1 = self.fprint.copy(linex1.findall(content))
dir2 = self.fprint.copy(linex2.findall(content))
dir3 = self.fprint.copy(linex3.findall(content))
dir4 = self.fprint.copy(linex4.findall(content))
print "[!] Plugins Found From passive detection: \n"
for elem in dir1:
print elem
for elem in dir2:
print elem
for elem in dir3:
print elem
print "[!] Templates Found from passive detection:\n"
for elem in dir4:
print elem
if (type == "wordpress"):
content = self.fprint.get_cont(url)
linex = re.compile("/plugins/(.*?)/")
linex2 = re.compile("/themes/(.*?)/")
dir = self.fprint.copy(linex.findall(content))
dir2 = self.fprint.copy(linex2.findall(content))
print "[!] Plugins Found From passive detection: \n"
for elem in dir:
print elem
print "[!] Themes Found From passive detection: \n"
for elem in dir2:
print elem
def get_info_aggressive(self, url, mode, item):
""" Agressive Templates and PLugins enumeration """
if (item == "plugins"):
if (mode == "full"):
print "[!] Enumerating All installed Plugins in " + url + "\n"
full = open("doc/plugins_full.txt", "r")
cont = full.read()
list = cont.split("\n")
for elem in list:
#print "Test"
#print "[!] Testing"+elem
if (self.fprint.check_if_exist(url +
"/wp-content/plugins/" +
elem)):
content = self.fprint.get_cont(url +
"/wp-content/plugins/" +
elem + "/" +
"readme.txt")
regex = re.compile('Stable tag: (.+)')
version = regex.findall(content)
if (len(version) != 0):
print "[!] Found " + elem + " Version " + version[0]
else:
print "[!] Found " + elem + " Version ?"
if (mode == "top"):
print "[!] Enumerating Most Downloaded installed Plugins in " + url + "\n"
top = open("doc/plugins.txt", "r")
cont = top.read()
list = cont.split("\n")
for elem in list:
#print "[x] Testing : "+elem
if (self.fprint.check_if_exist(url +
"/wp-content/plugins/" +
elem)):
content = self.fprint.get_cont(url +
"/wp-content/plugins/" +
elem + "/" +
"readme.txt")
regex = re.compile('Stable tag: (.+)')
version = regex.findall(content)
if (len(version) != 0):
print "[!] Found " + elem + " Version " + version[0]
else:
print "[!] Found " + elem + " Version ?"
if (item == "themes"):
if (mode == "full"):
print "[!] Enumerating All installed Themes in " + url + "\n"
full = open("doc/themes_full.txt", "r")
cont = full.read()
list = cont.split("\n")
for elem in list:
#print "Test"
#print "[!] Testing"+elem
if (self.fprint.check_if_exist(url +
"/wp-content/themes/" +
elem)):
print "[!] Found " + elem + " Theme"
if (mode == "top"):
print "[!] Enumerating Most Downloaded installed Themes in " + url + "\n"
top = open("doc/themes.txt", "r")
cont = top.read()
list = cont.split("\n")
for elem in list:
#print "[x] Testing : "+elem
if (self.fprint.check_if_exist(url +
"/wp-content/themes/" +
elem)):
print "[!] Found " + elem + " Theme"
import sys import json from fingerprint import FingerPrint blkid = 0 f = FingerPrint() for line in sys.stdin: blkid+=1 data = json.loads(line) for k,v in data.iteritems(): for title in v: print "\t".join([f.bigram_fingerprint_num(title),str(blkid),title])
