def run():
init_engine()
free_conf_memory()
if th.thread_mode:
# set lock for multi_threaded mode
set_threadLock()
colorprint.green('[+] Set working way Multi-Threaded mode')
colorprint.green('[+] Set the number of thread: %d' %
th.concurrent_num)
for i in range(th.concurrent_num):
t = threading.Thread(target=scan, name=str(i))
t.setDaemon(True)
t.start()
# It can quit with Ctrl-C
while th.concurrent_count > 0 and th.is_continue:
time.sleep(0.01)
# Coroutine mode
else:
colorprint.green('[+] Set working way Coroutine mode')
colorprint.green('[+] Set the number of Coroutine: %d' %
th.concurrent_num)
gevent.joinall(
[gevent.spawn(scan) for i in range(0, th.concurrent_num)])
# save result to output file
output2file(th.result)
print_progress()
if 'err_msg' in th:
colorprint.red(th.err_msg)
def engine_register(args):
# if the engine mode is conflicting
if args.engine_thread and args.engine_gevent:
colorprint.red(
"Cannot use Multi-Threaded mode and Coroutine mode at the same time"
)
colorprint.red(
'Use [-eT] to set Multi-Threaded mode or [-eG] to set Coroutine mode'
)
sys.exit()
# else if engine mode is Multi-Threaded mode
elif args.engine_thread:
conf.engine_mode = "multi_threaded"
# set threads num
if args.thread_num > 200 or args.thread_num < 1:
msg = '[*] Invalid input in [-t](range: 1 to 200), has changed to default(30)'
colorprint.cyan(msg)
conf.thread_num = 30
return
conf.thread_num = args.thread_num
# else if engine mode is Coroutine mode
else:
conf.engine_mode = 'coroutine'
def handle_censys(query, limit, offset):
global UID
global SECRET
UID = ConfigFileParser().censys_UID()
SECRET = ConfigFileParser().censys_SECRET()
if not can_auto_login():
err_msg = '[-] Automatic authorization failed.\n\
[*] Please input your Shodan API Key (https://account.shodan.io/).'
colorprint.cyan(err_msg)
UID = input('[*] UID > ').strip()
SECRET = input('[*] UID > ').strip()
if not can_auto_login(UID, SECRET):
err_msg = "[-] authorization failed"
colorprint.red(err_msg)
else:
pass
else:
page_start = int(offset / 160) + 1
page_stop = page_start + int(limit / 160) + 1
for page in range(page_start, page_stop):
ip_list = get_ip(query, page)
# the last loop dont need sleep
if page < page_stop - 1:
time.sleep(3)
def proxy_regester(args):
# if define proxy
if args.proxy:
proxy = args.proxy
else:
proxy = ConfigFileParser().proxy()
if proxy:
# check proxy format
try:
# check protocol
protocol = proxy.split("://")[0].lower()
if protocol not in ("socks4",'socks5','http'):
raise Exception("proxy protocol format error, please check your proxy (socks4|socks5|http)")
# check ip addr
ip = proxy.split("://")[1].split(":")[0]
compile_ip=re.compile('^(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|[1-9])\.(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|\d)\.(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|\d)\.(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|\d)$')
if not compile_ip.match(ip):
raise Exception("proxy ip format error, please check your proxy")
# check port
port = int(proxy.split("://")[1].split(":")[1])
if not 0 <= port <= 65535:
raise Exception("proxy port format error, please check your proxy")
except Exception as e:
colorprint.red(e)
sys.exit()
msg = "[+] setting proxy: {}://{}:{}".format(protocol, ip, port)
colorprint.green(msg)
conf.proxy = (protocol, ip, port)
else:
conf.proxy = None
def handle_zoomeye(query, limit, type, offset):
z = ZoomEye()
z.auto_login()
info = z.resources_info().get('resources')
if info:
msg = '[+] Available ZoomEye search: (search:%s)' % (info.get('search', 'NO FOUND'))
colorprint.green(msg)
else:
msg = '[-] ZoomEye API authorization failed, Please re-run it and enter a new token.'
colorprint.red(msg)
sys.exit()
# 开始爬取
result_count = 0
is_continue = True
page = 0
while is_continue:
data = z.dork_search(query, page=page, resource=type)
if data:
for i in data:
ip_str = i.get('ip')
if 'portinfo' in i:
ip_str = ip_str + ':' + str(i.get('portinfo').get('port'))
result_count += 1
if result_count >= offset:
conf.target.add(ip_str)
if len(conf.target) >= limit:
is_continue = False
break
page += 1
else:
break
def engine_register(args):
# if the engine mode is conflicting
if args.engine_thread and args.engine_gevent:
colorprint.red(
"Cannot use Multi-Threaded mode and Coroutine mode at the same time"
)
colorprint.red(
'Use [-eT] to set Multi-Threaded mode or [-eG] to set Coroutine mode'
)
sys.exit()
# else if engine mode is Multi-Threaded mode
elif args.engine_thread:
conf.engine_mode = "multi_threaded"
# else if engine mode is Coroutine mode
else:
conf.engine_mode = 'coroutine'
# set concurrent num
if args.concurrent_num > 1000 or args.concurrent_num < 1:
warn_msg = "setting concurrent num {}. Maybe it's too much, continue? [y/N] (default y): ".format(
args.concurrent_num)
colorprint.cyan(warn_msg, end='')
flag = input()
if flag.lower() in ('y', 'yes', ''):
conf.concurrent_num = args.concurrent_num
else:
msg = '[-] User quit!'
colorprint.cyan(msg)
sys.exit()
conf.concurrent_num = args.concurrent_num
def handle_censys(query, limit, offset):
global UID
global SECRET
UID = ConfigFileParser().censys_UID()
SECRET = ConfigFileParser().censys_SECRET()
msg = '[+] Trying to login with credentials in config file: {}.'.format(
paths.CONFIG_PATH)
colorprint.green(msg)
if not can_auto_login():
err_msg = '[-] Automatic authorization failed.\n[*] Please input your censys API Key (https://censys.io/account/api).'
colorprint.cyan(err_msg)
UID = input('[*] UID > ').strip()
SECRET = input('[*] SECRET > ').strip()
if not can_auto_login():
err_msg = "[-] authorization failed"
colorprint.red(err_msg)
sys.exit()
page_start = int(offset / 100) + 1
page_stop = page_start + int(limit / 100) + 1
for page in range(page_start, page_stop):
get_ip(query, page)
# the last loop dont need sleep
if page < page_stop - 1:
time.sleep(3)
def handle_fofa(query, limit, offset=0):
try:
msg = '[+] Trying to login with credentials in config file: {}.'.format(
paths.CONFIG_PATH)
colorprint.green(msg)
email = ConfigFileParser().fofa_email()
key = ConfigFileParser().fofa_key()
#print(key)
if check(email, key):
pass
else:
raise Exception(
"Automatic authorization failed") # will go to except block
except Exception as e:
logger.debug(e)
msg = '[*] Automatic authorization failed.'
colorprint.cyan(msg)
msg = '[*] Please input your FoFa Email and API Key below.'
colorprint.cyan(msg)
email = input("[*] Fofa Email: ").strip()
key = input('[*] Fofa API Key: ').strip()
if not check(email, key):
msg = '[-] Fofa API authorization failed, Please re-run it and enter a valid key.'
colorprint.red(msg)
sys.exit()
query = base64.b64encode(query.encode('utf-8')).decode('utf-8')
# count how many result to search
size = limit + offset
url = f"https://fofa.so/api/v1/search/all?email={email}&key={key}&qbase64={query}&size={size}"
try:
response = request.get(url).text
resp = json.loads(response)
if not resp["error"]:
for item in resp.get('results')[offset:]:
#print(type(item[0]))
if 'https:' not in item[0]:
try:
requests.get("http://" + item[0],
timeout=5,
verify=False)
conf.target.add("http://" + item[0])
print("http://" + item[0])
except:
pass
else:
try:
requests.get(item[0], timeout=5, verify=False)
conf.target.add(item[0])
print(item[0])
except:
pass
except Exception as e:
colorprint.red(e)
sys.exit()
def check_environment():
try:
os.path.isdir(module_path())
except Exception:
err_msg = "your system does not properly handle non-ASCII paths. "
err_msg += "Please move the pocsuite's directory to the other location"
colorprint.red(err_msg)
raise SystemExit
def manual_login(self):
msg = '[*] Please input your ZoomEye Email and Password below.'
colorprint.cyan(msg)
self.username = input('[*] ZoomEye Username(Email): ').strip()
self.password = input('[*] ZoomEye Password: '******'[-] Error ZoomEye username or password.'
colorprint.red(msg)
sys.exit()
def script_register(args):
conf.module_path = []
# handle no scripts
if not args.script_name:
msg = '[-] Use -s to load script. Example: [-s spider] or [-s ./script/spider.py]'
colorprint.red(msg)
sys.exit()
if args.script_name == "all":
module_name_list = os.listdir(paths.SCRIPT_PATH)
for script_name in module_name_list:
# only useful scripts
if script_name not in [
'__init__.py', 'test.py'
] and os.path.splitext(script_name)[1] == '.py':
_path = os.path.abspath(
os.path.join(paths.SCRIPT_PATH, script_name))
conf.module_path.append(_path)
return
for script_name in args.script_name.split(","):
# handle input: "-s ./script/spider.py"
if os.path.split(script_name)[0]:
if os.path.exists(script_name):
if os.path.isfile(script_name):
if script_name.endswith('.py'):
conf.module_path.append(os.path.abspath(script_name))
else:
msg = '[-] [{}] not a Python file. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red('[-] ' + msg)
sys.exit()
else:
msg = '[-] [{}] not a file. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red(msg)
sys.exit()
else:
msg = '[-] [{}] not found. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red(msg)
sys.exit()
# handle input: "-s spider" "-s spider.py"
else:
if not script_name.endswith('.py'):
script_name += '.py'
_path = os.path.abspath(
os.path.join(paths.SCRIPT_PATH, script_name))
if os.path.isfile(_path):
conf.module_path.append(os.path.abspath(_path))
else:
msg = '[-] Script [{}] not exist. Use [--show] to view all available script in ./scripts/'.format(
script_name)
colorprint.red(msg)
sys.exit()
def script_register(args):
conf.module_path = []
# handle no scripts
if not args.script_name:
msg = '[-] Use -s to load script. Example: [-s spider] or [-s ./script/spider.py]'
colorprint.red(msg)
sys.exit()
for script_name in args.script_name.split(","):
# handle input: "-s ./script/spider.py"
if os.path.exists(script_name):
if os.path.exists(script_name):
if os.path.isfile(script_name):
if script_name.endswith('.py'):
conf.module_path.append(os.path.abspath(script_name))
else:
msg = '[-] [{}] not a Python file. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red('[-] ' + msg)
sys.exit()
elif os.path.isdir(script_name):
for (root, _, files) in os.walk(script_name):
files = filter(
lambda x: not x.startswith("__") and x.endswith(
".py"), files)
conf.module_path.extend(
map(lambda x: os.path.join(root, x), files))
else:
msg = '[-] [{}] not a file. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red(msg)
sys.exit()
else:
msg = '[-] [{}] not found. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red(msg)
sys.exit()
# handle input: "-s spider" "-s spider.py"
else:
if not script_name.endswith('.py'):
script_name += '.py'
_path = os.path.abspath(
os.path.join(paths.SCRIPT_PATH, script_name))
if os.path.isfile(_path):
conf.module_path.append(os.path.abspath(_path))
else:
msg = '[-] Script [{}] not exist. Use [--show] to view all available script in ./scripts/'.format(
script_name)
colorprint.red(msg)
sys.exit()
def account_info(self):
try:
if not self.api_key:
colorprint.red("[-] Shodan api cant not be Null")
sys.exit()
api = Shodan(self.api_key)
account_info = api.info()
msg = "[+] Available Shodan query credits: %d" % account_info.get(
'query_credits')
colorprint.green(msg)
except APIError as e:
colorprint.red(e)
sys.exit()
return True
def conf_path_add(module_path, script_name):
# handle input: "-s ./script/spider.py"
if os.path.split(script_name)[0]:
if os.path.exists(script_name):
if os.path.isfile(script_name):
if script_name.endswith('.py'):
module_path.append(os.path.abspath(script_name))
else:
msg = '[-] [{}] not a Python file. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red('[-] ' + msg)
sys.exit()
else:
msg = '[-] [{}] not a file. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red(msg)
sys.exit()
else:
msg = '[-] [{}] not found. Example: [-s spider] or [-s ./scripts/spider.py]'.format(
script_name)
colorprint.red(msg)
sys.exit()
# handle input: "-s spider" "-s spider.py"
else:
if not script_name.endswith('.py'):
script_name += '.py'
_path = os.path.abspath(os.path.join(paths.SCRIPT_PATH, script_name))
if os.path.isfile(_path):
module_path.append(os.path.abspath(_path))
else:
msg = '[-] Script [{}] not exist. Use [--show] to view all available script in ./scripts/'.format(
script_name)
colorprint.red(msg)
sys.exit()
def logger_lever_set(args):
if args.logging_level == 1:
logger.setLevel(logging.ERROR)
elif args.logging_level == 2:
logger.setLevel(logging.WARNING)
elif args.logging_level == 3:
logger.setLevel(logging.INFO)
elif args.logging_level == 4:
logger.setLevel(logging.DEBUG)
elif args.logging_level == 5:
logger.setLevel(logging.NOTSET)
else:
msg = 'something error when setting logger lever, please check it!'
colorprint.red('[-] ' + msg)
sys.exit()
def api_query(self):
try:
api = Shodan(self.api_key)
result = api.search(query=self.query,
offset=self.offset,
limit=self.limit)
except APIError as e:
colorprint.red(e)
sys.exit()
if 'matches' in result:
for match in result.get('matches'):
conf.target.add(
match.get('ip_str') + ':' + str(match.get('port')))
else:
pass
def handle_fofa(query, limit, offset=0):
try:
msg = '[+] Trying to login with credentials in config file: {}.'.format(
paths.CONFIG_PATH)
colorprint.green(msg)
email = ConfigFileParser().fofa_email()
key = ConfigFileParser().fofa_key()
if check(email, key):
pass
else:
raise Exception(
"Automatic authorization failed") # will go to except block
except Exception as e:
logger.debug(e)
msg = '[*] Automatic authorization failed.'
colorprint.cyan(msg)
msg = '[*] Please input your FoFa Email and API Key below.'
colorprint.cyan(msg)
email = input("[*] Fofa Email: ").strip()
key = input('[*] Fofa API Key: ').strip()
if not check(email, key):
msg = '[-] Fofa API authorization failed, Please re-run it and enter a valid key.'
colorprint.red(msg)
sys.exit()
query = base64.b64encode(query.encode('utf-8')).decode('utf-8')
# count how many result to search
size = limit + offset
url = f"https://fofa.info/api/v1/search/all?email={email}&key={key}&qbase64={query}&size={size}&fields=host,ip,protocol,port"
try:
response = request.get(url).text
resp = json.loads(response)
if not resp["error"]:
for item in resp.get('results')[offset:]:
host = item[0]
protocol = item[2]
# 下面根据host,ip, protocal, port来组装,一般用host就够了,但是对于http/https还需要处理一下
if protocol == "https" or protocol == "http":
if not host.startswith("http"):
host = protocol + "://" + host
conf.target.add(host)
except Exception as e:
colorprint.red(e)
sys.exit()
def load_poc():
conf.poc_module = []
for module_path in conf.module_path:
try:
module_name = os.path.basename(module_path).split(".")[0]
module_spec = importlib.util.spec_from_file_location(module_name, module_path)
module = importlib.util.module_from_spec(module_spec)
module_spec.loader.exec_module(module)
# module.__name__ == module_name
msg = '[+] Load custom script: {}'.format(os.path.basename(module_path))
colorprint.green(msg)
conf.poc_module.append(module)
except:
msg = "[-] Your current script [{}] caused this exception\n[-] Error Msg:\n{}".format(os.path.basename(module_path),traceback.format_exc())
colorprint.red(msg)
sys.exit(0)
def load_module():
global scan_module
try:
module_spec = importlib.util.spec_from_file_location(
ESSENTIAL_MODULE_METHODS, conf.module_path)
module = importlib.util.module_from_spec(module_spec)
module_spec.loader.exec_module(module)
# bug here how to change poc-->ESSENTIAL_MODULE_METHODS
scan_module = module.poc
msg = '[+] Load custom script: %s' % os.path.basename(conf.module_path)
colorprint.green(msg)
except Exception as e:
msg = "[-] Your current script [%s.py] caused this exception\n%s\n%s" \
% (os.path.basename(conf.module_path), '[Error Msg]: ' + str(e),\
'Maybe you can download this module from pip or easy_install')
colorprint.red(msg)
sys.exit(0)
def script_register(args):
conf.module_path = []
# handle no scripts
if not args.script_name:
msg = '[-] Use -s to load script. Example: [-s spider] or [-s ./script/spider.py]'
colorprint.red(msg)
sys.exit()
"""添加功能:加载所有poc"""
if args.script_name is '*':
script_list = os.listdir(paths.SCRIPT_PATH)
for script_name in script_list:
if script_name not in [
'__init__.py', 'test.py', 'urltest.py'
] and os.path.splitext(script_name)[1] == '.py':
conf_path_add(conf.module_path, script_name)
else:
for script_name in args.script_name.split(","):
conf_path_add(conf.module_path, script_name)
def handle_fofa(query, limit, offset=0):
try:
msg = '[+] Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH
colorprint.green(msg)
email = ConfigFileParser().fofa_email()
key = ConfigFileParser().fofa_key()
if check(email, key):
pass
else:
raise SystemExit # will go to except block
except Exception as e:
logger.debug(e)
msg = '[*] Automatic authorization failed.'
colorprint.cyan(msg)
msg = '[*] Please input your FoFa Email and API Key below.'
colorprint.cyan(msg)
email = input("[*] Fofa Email: ").strip()
key = input('[*] Fofa API Key: ').strip()
if not check(email, key):
msg = '[-] Fofa API authorization failed, Please re-run it and enter a valid key.'
colorprint.red(msg)
sys.exit()
query = base64.b64encode(query)
request = "https://fofa.so/api/v1/search/all?email={0}&key={1}&qbase64={2}".format(
email, key, query)
try:
response = requests.get(request)
resp = response.readlines()[0]
resp = json.loads(resp)
if resp["error"] is None:
for item in resp.get('results'):
conf.target.append(item[0])
if resp.get('size') >= 100:
colorprint.cyan(
"{0} items found! just 100 returned....".format(
resp.get('size')))
except Exception as e:
colorprint.red(e)
sys.exit()
def load_poc():
conf.poc_module = []
for module_path in conf.module_path:
try:
module_name = os.path.basename(module_path).split(".")[0]
module_spec = importlib.util.spec_from_file_location(
module_name, module_path)
module = importlib.util.module_from_spec(module_spec)
module_spec.loader.exec_module(module)
# module.__name__ == module_name
msg = '[+] Load custom script: {}'.format(
os.path.basename(module_path))
colorprint.green(msg)
conf.poc_module.append(module)
except Exception as e:
msg = "[-] Your current script [{}.py] caused this exception\n{}\n{}" \
.format((os.path.basename(conf.module_path), '[Error Msg]: ' + str(e), \
'Maybe you can download this module from pip or easy_install'))
colorprint.red(msg)
sys.exit(0)
def script_register(args):
# handle no scripts
if not args.script_name:
msg = '[-] Use -s to load script. Example: [-s spider] or [-s ./script/spider.py]'
colorprint.red(msg)
sys.exit()
# handle input: "-s ./script/spider.py"
if os.path.split(args.script_name)[0]:
if os.path.exists(args.script_name):
if os.path.isfile(args.script_name):
if args.script_name.endswith('.py'):
conf.module_path = os.path.abspath(args.script_name)
else:
msg = '[-] [%s] not a Python file. Example: [-s spider] or [-s ./scripts/spider.py]' % args.script_name
colorprint.red('[-] ' + msg)
sys.exit()
else:
msg = '[-] [%s] not a file. Example: [-s spider] or [-s ./scripts/spider.py]' % args.script_name
colorprint.red(msg)
sys.exit()
else:
msg = '[-] [%s] not found. Example: [-s spider] or [-s ./scripts/spider.py]' % args.script_name
colorprint.red(msg)
sys.exit()
# handle input: "-s spider" "-s spider.py"
else:
if not args.script_name.endswith('.py'):
args.script_name += '.py'
_path = os.path.abspath(
os.path.join(paths.SCRIPT_PATH, args.script_name))
if os.path.isfile(_path):
conf.module_path = os.path.abspath(_path)
else:
msg = '[-] Script [%s] not exist. Use [--show] to view all available script in ./scripts/' % args.script_name
colorprint.red(msg)
sys.exit()
def get_ip(query, page):
'''
Return ips and total amount when doing query
'''
data = {"query": query, "page": page, "fields": ["ip", "protocols"]}
try:
res = request.post(API_URL + "/search/ipv4",
data=json.dumps(data),
auth=(UID, SECRET))
results = res.json()
if res.status_code != 200:
colorprint.red("error occurred: %s" % results["error"])
sys.exit(1)
# add result in some specific form
for result in results["results"]:
conf.target.add(result["ip"])
except Exception as e:
colorprint.red(e)
def handle_zoomeye(query, limit=50, type='host', offset=0):
z = ZoomEye()
z.auto_login()
info = z.resources_info().get('resources')
if info:
msg = '[+] Available ZoomEye search: (search:%s)' % (info.get(
'search', 'NO FOUND'))
colorprint.green(msg)
else:
msg = '[-] ZoomEye API authorization failed, Please re-run it and enter a new token.'
colorprint.red(msg)
sys.exit()
# 开始爬取
limit += offset
for page_n in range(int(offset / 10), int((limit + 9) / 10)):
data = z.dork_search(query, page=page_n, resource=type)
if data:
for i in data:
ip_str = i.get('ip')
if 'portinfo' in i:
ip_str = ip_str + ':' + str(i.get('portinfo').get('port'))
conf.target.put(ip_str)
else:
break
def handle_google(query, limit, offset=0):
key = ConfigFileParser().google_developer_key()
engine = ConfigFileParser().google_engine()
if not key or not engine:
msg = "[-] Please config your 'developer_key' and 'search_enging' at saucerfram.conf"
colorprint.red(msg)
sys.exit()
try:
service = build("customsearch",
"v1",
http=_initHttpClient(),
developerKey=key)
result_info = service.cse().list(q=query, cx=engine).execute()
msg = '[+] Max query results: %s' % str(
result_info.get('searchInformation', {}).get('totalResults'))
colorprint.green(msg)
ans = set()
limit += offset
for i in range(int(offset / 10), int((limit + 10 - 1) / 10)):
result = service.cse().list(q=query,
cx=engine,
num=10,
start=i * 10 + 1).execute()
if 'items' in result:
for url in result.get('items'):
ans.add(url.get('link'))
for t in ans:
conf.target.put(t)
except SocketError:
colorprint.red(
'[-] Unable to connect Google, maybe agent/proxy error.')
sys.exit()
except ServerHttpDenied as e:
colorprint.cyan('[-] It seems like Google-Server denied this request.')
colorprint.red(e)
sys.exit()
def _initHttpClient():
if conf.google_proxy:
proxy_str = conf.google_proxy
elif ConfigFileParser().google_proxy():
proxy_str = ConfigFileParser().google_proxy()
else:
proxy_str = None
if not proxy_str:
return Http()
msg = 'Proxy: %s' % proxy_str
colorprint.white(msg)
proxy = proxy_str.strip().split(' ')
if len(proxy) != 3:
msg = '[-] SyntaxError in GoogleProxy string, Please check your args or config file.'
colorprint.red(msg)
sys.exit()
if proxy[0].lower() == 'http':
type = PROXY_TYPE.HTTP
elif proxy[0].lower() == 'sock5':
type = PROXY_TYPE.SOCKS5
elif proxy[0].lower() == 'sock4':
type = PROXY_TYPE.SOCKS4
else:
msg = '[-] Invalid proxy-type in GoogleProxy string, Please check your args or config file.'
colorprint.red(msg)
sys.exit()
try:
port = int(proxy[2])
except ValueError:
msg = '[-] Invalid port in GoogleProxy string, Please check your args or config file.'
colorprint.red(msg)
sys.exit()
else:
http_client = Http(proxy_info=ProxyInfo(type, proxy[1], port))
return http_client
def target_register(args):
# init target queue
conf.target = set()
# single target to queue
if args.target_single:
msg = '[+] Load target : {}'.format(args.target_single)
colorprint.green(msg)
conf.target.add(args.target_single)
# file target to queue
if args.target_file:
if not os.path.isfile(args.target_file):
msg = '[-] TargetFile not found: {}'.format(args.target_file)
colorprint.red(msg)
sys.exit()
msg = '[+] Load targets from : {}'.format(args.target_file)
colorprint.green(msg)
with open(args.target_file, 'r', encoding='utf8') as f:
targets = f.readlines()
for target in targets:
conf.target.add(target.strip('\n'))
# range of ip target to queue .e.g. 192.168.1.1-192.168.1.100
if args.target_range:
try:
lists = gen_ip(args.target_range)
if (len(lists)) > 100000:
warn_msg = "[*] Loading {} targets, Maybe it's too much, continue? [y/N]".format(
(len(lists)))
colorprint.cyan(warn_msg, end='')
flag = input()
if flag in ('Y', 'y', 'yes', 'YES', 'Yes'):
pass
else:
msg = '[-] User quit!'
colorprint.cyan(msg)
sys.exit()
msg = '[+] Load targets from : {}'.format(args.target_range)
colorprint.green(msg)
# save to conf
for target in lists:
conf.target.add(target)
except: # Exception as e:
# colorprint.red(e)
err_msg = "Invalid input in [-iR], Example: -iR 192.168.1.1-192.168.1.100"
colorprint.red(err_msg)
sys.exit()
# ip/mask e.g. 192.168.1.2/24
if args.target_network:
try:
ip_range = ipaddress.ip_network(args.target_network, strict=False)
for ip in ip_range.hosts():
conf.target.add(ip)
except: # Exception as e:
# colorprint.red(e)
msg = "[-] Invalid input in [-iN], Example: -iN 192.168.1.0/24"
colorprint.red(msg)
sys.exit()
msg = '[+] Load targets from : {}'.format(args.target_network)
colorprint.green(msg)
# set search limit of api
if args.api_limit <= 0:
err_msg = 'Invalid input in [-limit] (can not be negative number)'
colorprint.red(err_msg)
sys.exit()
if args.api_limit > 10000:
warn_msg = "Loading {} targets, Maybe it's too much, continue? [y/N]".format(
args.api_limit)
colorprint.cyan(warn_msg)
flag = input()
if flag in ('Y', 'y', 'yes', 'YES', 'Yes'):
pass
else:
msg = 'User quit!'
colorprint.cyan(msg)
sys.exit()
conf.limit = args.api_limit
# set search offset of api
if args.api_offset < 0:
warn_msg = "Wrong offset setting, would you like to set it to 0? [y/N]".format(
args.api_limit)
colorprint.cyan(warn_msg)
flag = input()
if flag in ('Y', 'y', 'yes', 'YES', 'Yes'):
args.api_offset = 0
else:
msg = 'User quit!'
colorprint.cyan(msg)
sys.exit()
conf.offset = args.api_offset
if args.zoomeye_dork:
from lib.api.zoomeye.zoomeye import handle_zoomeye
# verify search_type for zoomeye
if args.search_type not in ['web', 'host']:
msg = '[-] Invalid value in [--search-type], show usage with [-h]'
colorprint.red(msg)
sys.exit()
conf.search_type = args.search_type
handle_zoomeye(query=args.zoomeye_dork,
limit=conf.limit,
type=conf.search_type,
offset=conf.offset)
if args.fofa_dork:
from lib.api.fofa.fofa import handle_fofa
handle_fofa(query=args.fofa_dork, limit=conf.limit, offset=conf.offset)
if args.shodan_dork:
from lib.api.shodan.shodan import handle_shodan
handle_shodan(query=args.shodan_dork,
limit=conf.limit,
offset=conf.offset)
if args.censys_dork:
from lib.api.censys.censys import handle_censys
handle_censys(query=args.censys_dork,
limit=conf.limit,
offset=conf.offset)
# verify targets number
if len(conf.target) == 0:
err_msg = 'No targets found\nPlease load targets with [-iU|-iF|-iR|-iN] or use API with [-aZ|-aS|-aG|-aF]'
colorprint.red(err_msg)
sys.exit()
# -*- coding: utf-8 -*-
"""
Copyright (c) saucerman (https://saucer-man.com)
See the file 'LICENSE' for copying permission
"""
import sys
import json
import base64
from lib.utils.config import ConfigFileParser
from lib.core.common import colorprint
from lib.core.data import paths, conf, logger
try:
import requests
except ImportError:
colorprint.red("[-] Can't import requests")
colorprint.cyan("[*] Try pip install requests")
sys.exit()
def check(email, key): # verify email and key
if email and key:
auth_url = "https://fofa.so/api/v1/info/my?email={0}&key={1}".format(
email, key)
try:
response = requests.get(auth_url)
if response.code == 200:
return True
except Exception as e:
return False
return False
Copyright (c) saucerman (https://saucer-man.com)
See the file 'LICENSE' for copying permission
"""
import sys
from lib.core.common import colorprint
from lib.core.enums import PROXY_TYPE
from lib.utils.config import ConfigFileParser
from lib.core.data import conf
from httplib2 import Http, ProxyInfo
from socket import error as SocketError
try:
from googleapiclient.discovery import build
from googleapiclient.errors import HttpError as ServerHttpDenied
except:
colorprint.red("[-] Can't import googleapiclient")
colorprint.cyan("[*] Try pip install google-api-python-client")
sys.exit()
def _initHttpClient():
if conf.google_proxy:
proxy_str = conf.google_proxy
elif ConfigFileParser().google_proxy():
proxy_str = ConfigFileParser().google_proxy()
else:
proxy_str = None
if not proxy_str:
return Http()