def config_view():
'''显示配置页面
'''
if request.method == 'GET':
return render_template('config.html')
config_data = load_config()
return jsonify(config_data)
def config_save_whatweb_view():
'''保存whatweb设置
'''
whatweb_config = {'bin': request.form.get('whatweb_bin')}
config_jsondata = load_config()
config_jsondata.update(whatweb=whatweb_config)
save_config(config_jsondata)
return jsonify({'status': 'success'})
def config_save_nmap_view():
'''保存NMAP设置
'''
nmap_config = {'nmap_bin': request.form.get('nmap_bin'), 'masscan_bin': request.form.get('masscan_bin'),'port': request.form.get('nmap_port'),
'tech': request.form.get('nmap_tech'), 'rate': request.form.get('nmap_rate'),
'ping': _str2bool(request.form.get('nmap_ping'))}
config_jsondata = load_config()
config_jsondata.update(nmap=nmap_config)
save_config(config_jsondata)
return jsonify({'status': 'success'})
def __init__(self):
super().__init__()
# 任务名称
self.task_name = 'whatweb'
# 任务描述
self.task_description = '调用whatweb获取CMS指纹'
# 参数
self.source = 'whatweb'
self.result_attr_keys = ('whatweb', 'title', 'server')
self.threads = 5
self.whatweb_threads = 5
# 默认的参数
config_jsondata = load_config()
self.whatweb_bin = config_jsondata['whatweb']['bin']
def __init__(self):
super().__init__()
# 任务名称
self.task_name = 'masscan'
# 任务描述
self.task_description = '调用masscan进行端口扫描'
# 参数
self.org_id = None
self.source = 'portscan'
# 默认的参数
self.target = []
config_datajson = load_config()
self.port = config_datajson['nmap']['port']
self.rate = config_datajson['nmap']['rate']
self.masscan_bin = config_datajson['nmap']['masscan_bin']
def __get_top_ports_by_nmap(self, top_number):
'''调用nmap获得--top-ports的定义
'''
config_datajson = load_config()
with NamedTemporaryFile('w+t') as f:
nmap_bin = [config_datajson['nmap']['nmap_bin'], '-v', '-oG', f.name,
'--top-ports', str(top_number)]
# 调用nmap
child = subprocess.Popen(nmap_bin, stdout=subprocess.PIPE)
child.wait()
# 读取结果
p_re = r'TCP\(' + str(top_number) + r';(.+?)\)'
m = re.findall(p_re, ''.join(f.read()))
if m:
return m[0]
# top 100 port:
return '7,9,13,21-23,25-26,37,53,79-81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157'
def __init__(self):
super().__init__()
# 任务名称
self.task_name = 'nmap'
# 任务描述
self.task_description = '调用nmap进行端口扫描'
# 参数
self.org_id = None
self.source = 'portscan'
self.result_attr_keys = ('service', 'banner')
# 默认的参数
self.target = []
config_datajson = load_config()
self.port = config_datajson['nmap']['port']
self.rate = config_datajson['nmap']['rate']
self.tech = config_datajson['nmap']['tech']
self.ping = config_datajson['nmap']['ping']
self.nmap_bin = config_datajson['nmap']['nmap_bin']
def __init__(self):
super().__init__()
# 任务名称
self.task_name = 'ipportbase'
# 任务描述
self.task_description = '端口扫描'
# 参数
self.source = 'ipportbase'
self.result_attr_keys = ('service', 'banner')
# 默认的参数
config_datajson = load_config()
self.port = config_datajson['nmap']['port']
self.rate = config_datajson['nmap']['rate']
self.tech = config_datajson['nmap']['tech']
self.ping = config_datajson['nmap']['ping']
self.nmap_bin = config_datajson['nmap']['nmap_bin']
self.masscan_bin = config_datajson['nmap']['masscan_bin']
self.exclude = None
def __init__(self):
super().__init__()
# 任务名称
self.task_name = 'whatweb'
# 任务描述
self.task_description = '调用whatweb获取CMS指纹'
# 参数
self.org_id = None
self.source = 'whatweb'
self.result_attr_keys = ('whatweb', 'title', 'server')
self.threads = 5
self.whatweb_threads = 5
# 默认的参数
self.target = []
config_jsondata = load_config()
self.whatweb_bin = config_jsondata['whatweb']['bin']
# 设置port黑名单,避免无意义的浪费时间和资源
# 根据使用的结果统计的top-ports (包括custome)
# 7,9,13,17,19,21,22,23,25,53,79,80,81,85,88,100,106,110,111,113,119,143,144,179,199,389,427,
# 443,444,514,515,543,554,631,636,646,880,902,990,993,1000,1010,1025,1026,1027,1028,1029,1030,1054,1055,1080,
# 1111,1296,1322,1433,1556,1688,1723,1801,1900,1935,1947,2000,2001,2020,2049,2103,2105,2107,2121,2179,2200,2222,
# 2383,2869,3000,3128,3300,3301,3306,3476,4001,4242,5000,5003,5051,5060,5357,5432,5555,5800,5900,5989,
# 6000,6001,6006,6379,6543,6565,6667,6668,7000,7001,7002,7070,7443,7777,7778,7921,
# 8000,8008,8009,8010,8031,8042,8080,8081,8083,8084,8085,8086,8087,8088,8099,8100,8181,8291,8300,8443,8800,8888,
# 9001,9009,9010,9081,9090,9100,9878,9999,10000,10001,10002,10003,10004,10009,10012,10022,11111,11433,11521,12345,
# 13306,13307,13314,13315,13389,13782,14000,15432,15900,15901,16379,17001,17002,17003,17004,17005,17006,17007,17008,17009,17010,
# 18080,18081,18082,18083,18084,18085,18086,18087,18088,18089,19000,19001,19002,19003,19007,19008,19009,
# 19100,19101,19102,19103,19104,19108,19200,19207,19315,20000,20020,20021,20162,37017,37021,37024,
# 49152,49153,49154,49155,49156,49157,49158,49159,49160,49161,49163,49165,49167,49175,49176,50000,50500
self.black_port = [
'7', '9', '13', '17', '19', '21', '22', '23', '25', '26', '37',
'53', '100', '106', '110', '111', '113', '119', '135', '138',
'139', '143', '144', '145', '161', '179', '199', '389', '427',
'444', '445', '514', '515', '543', '554', '631', '636', '646',
'880', '902', '990', '993', '1433', '1521', '3306', '5432', '3389',
'5900', '5901', '5902', '49152', '49153', '49154', '49155',
'49156', '49157', '49158', '49159', '49160', '49161', '49163',
'49165', '49167', '49175', '49176', '13306', '11521', '15432',
'11433', '13389', '15900', '15901'
]
def task_start_portscan_view():
'''启动IP端口扫描任务
'''
taskapi = TaskAPI()
config_datajson = load_config()
try:
# 获取参数
target = request.form.get('target', default='')
portscan = request.form.get('portscan')
port = request.form.get(
'port', default=config_datajson['nmap']['port'])
org_id = request.form.get('org_id', type=int, default=None)
rate = request.form.get(
'rate', type=int, default=config_datajson['nmap']['rate'])
nmap_tech = request.form.get(
'nmap_tech', type=str, default=config_datajson['nmap']['tech'])
iplocation = request.form.get('iplocation')
ping = request.form.get('ping')
whatweb = request.form.get('whatweb')
fofasearch = request.form.get('fofasearch')
shodansearch = request.form.get('shodansearch')
subtask = request.form.get('subtask')
portscan_bin = request.form.get('bin')
httpx = request.form.get('httpx')
exclude = request.form.get('exclude')
if not target:
return jsonify({'status': 'fail', 'msg': 'no target or port'})
result = {'status': 'success', 'result': {'task-id': 0}}
# 格式化tatget
target = list(set([x.strip() for x in target.split('\n')]))
# 子任务模式,将每一个目标拆按行成分成多个目标分别启动
if _str2bool(subtask):
task_target = [[x] for x in target]
else:
task_target = [target]
for t in task_target:
# 任务选项options
options = {'target': t, 'port': port, 'bin': portscan_bin,
'org_id': org_id, 'rate': rate, 'ping': _str2bool(ping), 'tech': nmap_tech,
'iplocation': _str2bool(iplocation), 'exclude': exclude,
'whatweb': _str2bool(whatweb), 'httpx': _str2bool(httpx),
}
# 启动portscan任务
if _str2bool(portscan):
result = taskapi.start_task(
'portscan', kwargs={'options': deepcopy(options)})
# IP归属地:如果有portscan任务,则在portscan启动,否则单独启动任务
if _str2bool(iplocation) and not _str2bool(portscan):
result = taskapi.start_task(
'iplocation', kwargs={'options': deepcopy(options)})
# 启动FOFA搜索任务
if _str2bool(fofasearch):
result = taskapi.start_task(
'fofasearch', kwargs={'options': deepcopy(options)})
# 启动Shodan搜索任务
if _str2bool(shodansearch):
result = taskapi.start_task('shodansearch', kwargs={
'options': deepcopy(options)})
return jsonify(result)
except Exception as e:
logger.error(traceback.format_exc())
print(e)
return jsonify({'status': 'fail', 'msg': str(e)})