예제 #1
0
def fastDir(newurl, target, module):
    '''
	FastDir scan without portscan
	'''
    output_file = report_filename(target, module)
    newurl = url_handle(newurl)
    ip, baidu_status, github_status = '', [], []
    print '[*] Scan new_url: ' + newurl
    if baidu_engine:
        print '[*] Check Baidu site: %s' % urlparse.urlparse(newurl).hostname
        baidu_status = baidu_check(newurl)
    if github_engine:
        print '[*] Check Github status: %s' % urlparse.urlparse(
            newurl).hostname
        github_status = github_check(newurl)
    try:
        newtitle, code, lenth, content = '', '', '', ''
        try:
            newtitle, code, lenth, content = getitle(url=newurl)
        except Exception, e:
            # print traceback.format_exc()
            pass
        if code in range(
                200, 405) and code != 401:  # add Do not scan 401 status_code
            try:
                print '[+] Get title: %s,status_code: %s,content lenth: %s' % (
                    newtitle, code, lenth)
            except:
                pass
            alllink, alllinks, emails, ips = [], [], [], []
            if title_filter not in newtitle and filter_list(
                    module=newtitle, filter_list=title_filter_list):
                try:
                    alllink, alllinks, emails, ips = getallink(newurl, content)
                except Exception, e:
                    # print traceback.format_exc()
                    pass
                dirpaths = []
                try:
                    dir_urls = scandir_again(newurl, alllink)
                    if len(dir_urls) < link_maxnum:  # Pass num
                        for dir_url in dir_urls:
                            dirpaths += weakfile(dir_url)
                except Exception, e:
                    # print traceback.format_exc()
                    pass
                if len(dirpaths) > dirpaths_maxnum:  # Check num
                    dirpaths = ["more_path"]
                baidu_dirs = ''
                if baidu_dir_engine:
                    try:
                        baidu_dirs = baidu_dir(
                            command='site:%s' %
                            urlparse.urlparse(newurl).hostname,
                            key_domain=urlparse.urlparse(newurl).hostname)
                    except Exception, e:
                        # print traceback.format_exc()
                        pass
예제 #2
0
 if port not in filter_ports:
     if url[-1:] == '/':
         url = url[:-1]
     newurl = url + ':' + str(port)
     if newurl not in filter_urls:
         filter_urls.append(newurl)
         if newurl.split(':')[-1] == '80':
             newurl = newurl.replace('https://', 'http://')
         if newurl.split(':')[-1] == '443':
             newurl = newurl.replace(':443', '').replace(
                 'http://', 'https://')
         print '[*] Scan new_url: ' + newurl
         try:
             newtitle, code, lenth, content = '', '', '', ''
             try:
                 newtitle, code, lenth, content = getitle(
                     newurl)
             except Exception, e:
                 # print traceback.format_exc()
                 pass
             if code in range(
                     200, 405
             ) and code != 401:  # add Do not scan 401 status_code
                 try:
                     print '[+] Get title: %s,status_code: %s,content lenth: %s' % (
                         newtitle, code, lenth)
                 except:
                     pass
                 write_file(
                     newurl,
                     handle_ext(output_file) +
                     '/%s_alive_urls.txt' %
예제 #3
0
def checkDir(url, target, module):
    '''
	Main requests function with Portscan && Dirscan
	'''
    output_file = report_filename(target, module)
    url = url_handle(url)
    try:
        if url not in filter_urls and filter_list(module=url,
                                                  filter_list=sub_filter_list):
            filter_urls.append(url)
            ip, open_ports, baidu_status, github_status = url, [], [], []
            print '[*] Now scanning: ' + url
            if module in ['autoscan', 'dirscan', 'single']:  # Handle c_ip scan
                if baidu_engine:
                    print '[*] Check Baidu site: %s' % urlparse.urlparse(
                        url).hostname
                    baidu_status = baidu_check(url)
                if github_engine:
                    print '[*] Check Github status: %s' % urlparse.urlparse(
                        url).hostname
                    github_status = github_check(url)
            try:
                ip = url2ip(url)
                if not is_internal_ip(ip) and ip not in filter_ips.keys(
                ) and ip != '':  # filter internal_ip
                    print '[+] Get url2ip: ' + ip
                    open_ports = portscan(ip)
                    filter_ips[ip] = open_ports
                    write_file(
                        str(ip) + ',' +
                        str(open_ports).replace('[', '').replace(']', ''),
                        handle_ext(output_file) + portscan_opens_file)
                    if len(open_ports) > openports_maxnum:
                        print '[!] Maybe got port waf'
                        write_file(
                            ip,
                            handle_ext(output_file) + portscan_maxnum_file)
                        open_ports = []
                else:
                    open_ports = filter_ips[ip]
            except Exception, e:
                # print traceback.format_exc()
                write_file(url, handle_ext(output_file) + url2ip_error_file)
                pass
            print '[+] Get open ports: ' + str(open_ports)
            if open_ports == []:  #or 80 not in open_ports
                try:
                    newtitle, code, lenth, content = '', '', '', ''
                    try:
                        newtitle, code, lenth, content = getitle(url)
                    except Exception, e:
                        # print traceback.format_exc()
                        pass
                    if code in range(
                            200, 405
                    ) and code != 401:  # add Do not scan 401 status_code
                        try:
                            print '[+] Get title: %s,status_code: %s,content lenth: %s' % (
                                newtitle, code, lenth)
                        except:
                            pass
                        write_file(
                            url,
                            handle_ext(output_file) +
                            '/%s_alive_urls.txt' % handle_ext_old(target))
                        if title_filter not in newtitle and filter_list(
                                module=newtitle,
                                filter_list=title_filter_list):
                            alllink, alllinks, emails, ips = [], [], [], []
                            try:
                                alllink, alllinks, emails, ips = getallink(
                                    url, content)
                            except Exception, e:
                                # print traceback.format_exc()
                                pass
                            dirpaths = []
                            try:
                                dir_urls = scandir_again(url, alllink)
                                if len(dir_urls) < link_maxnum:
                                    for dir_url in dir_urls:
                                        dirpaths += weakfile(dir_url)
                            except Exception, e:
                                # print traceback.format_exc()
                                pass
                            if len(dirpaths) > dirpaths_maxnum:
                                dirpaths = ["more_path"]
                            weakuri = []
                            try:
                                weakuri = dirscan(url)
                            except Exception, e:
                                # print traceback.format_exc()
                                pass
                            baidu_dirs = ''
                            if baidu_dir_engine and module in [
                                    'autoscan', 'dirscan', 'single'
                            ]:
                                try:
                                    baidu_dirs = baidu_dir(
                                        command='site:%s' %
                                        urlparse.urlparse(url).hostname,
                                        key_domain=urlparse.urlparse(
                                            url).hostname)
                                except Exception, e:
                                    # print traceback.format_exc()
                                    pass
                            weakuri = baidu_status + github_status + weakuri
                            try:
                                write_file(
                                    '<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s&nbsp;b</td><td>%s</td><td><font color="blue">%s%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n'
                                    % (url, url, ip, code, newtitle, lenth, [
                                        dirpath_key
                                        for dirpath_key in set(dirpaths +
                                                               weakuri)
                                    ], alllinks, baidu_dirs, emails, ips),
                                    output_file)
                            except Exception, e:
                                # print traceback.format_exc()
                                print '[!] output_error'
                                write_file(
                                    url,
                                    handle_ext(output_file) +
                                    output_error_file)
                                pass
예제 #4
0
def checkFast(url,target,module):
	'''
	Main requests function no Dirscan
	'''
	output_file = report_filename(target,module)
	url = url_handle(url)
	try:
		if url not in filter_urls and filter_list(module=url,filter_list=sub_filter_list):
			filter_urls.append(url)
			print '[*] Now scanning: ' + url
			ip,open_ports = url,[]
			try:
				ip = url2ip(url)
				if not is_internal_ip(ip) and ip not in filter_ips.keys() and ip != '':# filter internal_ip
					print '[+] Get url2ip: ' + ip
					open_ports = portscan(ip)
					filter_ips[ip] = open_ports
					write_file(str(ip)+','+str(open_ports).replace('[','').replace(']',''),handle_ext(output_file)+portscan_opens_file)
					if len(open_ports) > openports_maxnum:
						print '[!] Maybe got port waf'
						write_file(ip,handle_ext(output_file)+portscan_maxnum_file)
						open_ports = []
				else:
					open_ports = filter_ips[ip]
			except Exception,e:
				# print traceback.format_exc()
				write_file(url,handle_ext(output_file)+url2ip_error_file)
				pass
			print '[+] Get open ports: ' + str(open_ports)
			if open_ports == []:#or 80 not in open_ports
				try:
					newtitle,code,lenth,content = '','','',''
					try:
						newtitle,code,lenth,content = getitle(url)
					except Exception,e:
						# print traceback.format_exc()
						pass
					if code in range(200,405):
						try:
							print '[+] Get title: %s,status_code: %s,content lenth: %s' % (newtitle,code,lenth)
						except:pass
						write_file(url,handle_ext(output_file)+'/%s_alive_urls.txt' % handle_ext_old(target)) # save alive `host:port` to dirsearch
						alllink,alllinks,emails,ips = [],[],[],[]
						if title_filter not in newtitle and filter_list(module=newtitle,filter_list=title_filter_list):
							try:
								alllink,alllinks,emails,ips = getallink(url,content)
							except Exception,e:
								# print traceback.format_exc()
								pass
							try:
								write_file('<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s&nbsp;b</td><td><font color="blue">%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n' % (url,url,ip,code,newtitle,lenth,alllinks,emails,ips),output_file)
							except Exception,e:
								# print traceback.format_exc()
								print '[!] output_error'
								write_file(url,handle_ext(output_file)+output_error_file)
								pass
						else:
							print '[!] Filter title'
							write_file(url,handle_ext(output_file)+title_filter_file)
				except Exception,e:
					# print traceback.format_exc()
					pass