def fastDir(newurl, target, module): ''' FastDir scan without portscan ''' output_file = report_filename(target, module) newurl = url_handle(newurl) ip, baidu_status, github_status = '', [], [] print '[*] Scan new_url: ' + newurl if baidu_engine: print '[*] Check Baidu site: %s' % urlparse.urlparse(newurl).hostname baidu_status = baidu_check(newurl) if github_engine: print '[*] Check Github status: %s' % urlparse.urlparse( newurl).hostname github_status = github_check(newurl) try: newtitle, code, lenth, content = '', '', '', '' try: newtitle, code, lenth, content = getitle(url=newurl) except Exception, e: # print traceback.format_exc() pass if code in range( 200, 405) and code != 401: # add Do not scan 401 status_code try: print '[+] Get title: %s,status_code: %s,content lenth: %s' % ( newtitle, code, lenth) except: pass alllink, alllinks, emails, ips = [], [], [], [] if title_filter not in newtitle and filter_list( module=newtitle, filter_list=title_filter_list): try: alllink, alllinks, emails, ips = getallink(newurl, content) except Exception, e: # print traceback.format_exc() pass dirpaths = [] try: dir_urls = scandir_again(newurl, alllink) if len(dir_urls) < link_maxnum: # Pass num for dir_url in dir_urls: dirpaths += weakfile(dir_url) except Exception, e: # print traceback.format_exc() pass if len(dirpaths) > dirpaths_maxnum: # Check num dirpaths = ["more_path"] baidu_dirs = '' if baidu_dir_engine: try: baidu_dirs = baidu_dir( command='site:%s' % urlparse.urlparse(newurl).hostname, key_domain=urlparse.urlparse(newurl).hostname) except Exception, e: # print traceback.format_exc() pass
if port not in filter_ports: if url[-1:] == '/': url = url[:-1] newurl = url + ':' + str(port) if newurl not in filter_urls: filter_urls.append(newurl) if newurl.split(':')[-1] == '80': newurl = newurl.replace('https://', 'http://') if newurl.split(':')[-1] == '443': newurl = newurl.replace(':443', '').replace( 'http://', 'https://') print '[*] Scan new_url: ' + newurl try: newtitle, code, lenth, content = '', '', '', '' try: newtitle, code, lenth, content = getitle( newurl) except Exception, e: # print traceback.format_exc() pass if code in range( 200, 405 ) and code != 401: # add Do not scan 401 status_code try: print '[+] Get title: %s,status_code: %s,content lenth: %s' % ( newtitle, code, lenth) except: pass write_file( newurl, handle_ext(output_file) + '/%s_alive_urls.txt' %
def checkDir(url, target, module): ''' Main requests function with Portscan && Dirscan ''' output_file = report_filename(target, module) url = url_handle(url) try: if url not in filter_urls and filter_list(module=url, filter_list=sub_filter_list): filter_urls.append(url) ip, open_ports, baidu_status, github_status = url, [], [], [] print '[*] Now scanning: ' + url if module in ['autoscan', 'dirscan', 'single']: # Handle c_ip scan if baidu_engine: print '[*] Check Baidu site: %s' % urlparse.urlparse( url).hostname baidu_status = baidu_check(url) if github_engine: print '[*] Check Github status: %s' % urlparse.urlparse( url).hostname github_status = github_check(url) try: ip = url2ip(url) if not is_internal_ip(ip) and ip not in filter_ips.keys( ) and ip != '': # filter internal_ip print '[+] Get url2ip: ' + ip open_ports = portscan(ip) filter_ips[ip] = open_ports write_file( str(ip) + ',' + str(open_ports).replace('[', '').replace(']', ''), handle_ext(output_file) + portscan_opens_file) if len(open_ports) > openports_maxnum: print '[!] Maybe got port waf' write_file( ip, handle_ext(output_file) + portscan_maxnum_file) open_ports = [] else: open_ports = filter_ips[ip] except Exception, e: # print traceback.format_exc() write_file(url, handle_ext(output_file) + url2ip_error_file) pass print '[+] Get open ports: ' + str(open_ports) if open_ports == []: #or 80 not in open_ports try: newtitle, code, lenth, content = '', '', '', '' try: newtitle, code, lenth, content = getitle(url) except Exception, e: # print traceback.format_exc() pass if code in range( 200, 405 ) and code != 401: # add Do not scan 401 status_code try: print '[+] Get title: %s,status_code: %s,content lenth: %s' % ( newtitle, code, lenth) except: pass write_file( url, handle_ext(output_file) + '/%s_alive_urls.txt' % handle_ext_old(target)) if title_filter not in newtitle and filter_list( module=newtitle, filter_list=title_filter_list): alllink, alllinks, emails, ips = [], [], [], [] try: alllink, alllinks, emails, ips = getallink( url, content) except Exception, e: # print traceback.format_exc() pass dirpaths = [] try: dir_urls = scandir_again(url, alllink) if len(dir_urls) < link_maxnum: for dir_url in dir_urls: dirpaths += weakfile(dir_url) except Exception, e: # print traceback.format_exc() pass if len(dirpaths) > dirpaths_maxnum: dirpaths = ["more_path"] weakuri = [] try: weakuri = dirscan(url) except Exception, e: # print traceback.format_exc() pass baidu_dirs = '' if baidu_dir_engine and module in [ 'autoscan', 'dirscan', 'single' ]: try: baidu_dirs = baidu_dir( command='site:%s' % urlparse.urlparse(url).hostname, key_domain=urlparse.urlparse( url).hostname) except Exception, e: # print traceback.format_exc() pass weakuri = baidu_status + github_status + weakuri try: write_file( '<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s b</td><td>%s</td><td><font color="blue">%s%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n' % (url, url, ip, code, newtitle, lenth, [ dirpath_key for dirpath_key in set(dirpaths + weakuri) ], alllinks, baidu_dirs, emails, ips), output_file) except Exception, e: # print traceback.format_exc() print '[!] output_error' write_file( url, handle_ext(output_file) + output_error_file) pass
def checkFast(url,target,module): ''' Main requests function no Dirscan ''' output_file = report_filename(target,module) url = url_handle(url) try: if url not in filter_urls and filter_list(module=url,filter_list=sub_filter_list): filter_urls.append(url) print '[*] Now scanning: ' + url ip,open_ports = url,[] try: ip = url2ip(url) if not is_internal_ip(ip) and ip not in filter_ips.keys() and ip != '':# filter internal_ip print '[+] Get url2ip: ' + ip open_ports = portscan(ip) filter_ips[ip] = open_ports write_file(str(ip)+','+str(open_ports).replace('[','').replace(']',''),handle_ext(output_file)+portscan_opens_file) if len(open_ports) > openports_maxnum: print '[!] Maybe got port waf' write_file(ip,handle_ext(output_file)+portscan_maxnum_file) open_ports = [] else: open_ports = filter_ips[ip] except Exception,e: # print traceback.format_exc() write_file(url,handle_ext(output_file)+url2ip_error_file) pass print '[+] Get open ports: ' + str(open_ports) if open_ports == []:#or 80 not in open_ports try: newtitle,code,lenth,content = '','','','' try: newtitle,code,lenth,content = getitle(url) except Exception,e: # print traceback.format_exc() pass if code in range(200,405): try: print '[+] Get title: %s,status_code: %s,content lenth: %s' % (newtitle,code,lenth) except:pass write_file(url,handle_ext(output_file)+'/%s_alive_urls.txt' % handle_ext_old(target)) # save alive `host:port` to dirsearch alllink,alllinks,emails,ips = [],[],[],[] if title_filter not in newtitle and filter_list(module=newtitle,filter_list=title_filter_list): try: alllink,alllinks,emails,ips = getallink(url,content) except Exception,e: # print traceback.format_exc() pass try: write_file('<tr><td><a href="%s" target=_blank />%s</a></td><td>%s</td><td><font color="blue">%s</font></td><td><font color="red">%s</font></td><td>%s b</td><td><font color="blue">%s</font></td><td><ul><li>%s</li><li>%s</li><ul/></td></tr>\n\n' % (url,url,ip,code,newtitle,lenth,alllinks,emails,ips),output_file) except Exception,e: # print traceback.format_exc() print '[!] output_error' write_file(url,handle_ext(output_file)+output_error_file) pass else: print '[!] Filter title' write_file(url,handle_ext(output_file)+title_filter_file) except Exception,e: # print traceback.format_exc() pass