def run(scan_id="", scan_target="", scan_args=[]):
all = []
target = str(".".join(scan_target.split(".")[1:]))
keywords = [{
"word": "{0}+smtp".format(target)
}, {
"word": "{0}+password".format(target)
}, {
"word": "{0}+pwd".format(target)
}]
if len(scan_args) > 0:
for key in scan_args:
keywords.append({"word": "{0}+{1}".format(target, key)})
for keyword in keywords:
print keyword['word']
rs = query(keyword['word'])
if len(rs) > 0:
all = all + rs
for item in all:
bug_detail = str(item).replace(
"href=\"", "target=\"_blank\" href=\"https://www.github.com")
task_result = {
"scan_id": scan_id,
"model": "github",
"bug_author": "bing",
"bug_detail": bug_detail
}
redis_task.sadd("github_result", task_result)
print task_result
final_result = {"status": 1, "scan_id": scan_id, "model": "github"}
redis_task.sadd("github_result", final_result)
print final_result
def run(self):
ThreadList = []
#扫描队列
SingleQueue = GetQueue(self.target)
#存储结果队列
resultQueue = Queue.Queue()
#启动200线程并发
for i in range(0, 200):
t = ScanThread(SingleQueue, resultQueue)
ThreadList.append(t)
for t in ThreadList:
t.start()
for t in ThreadList:
#设置守护进程,这样设置结束世界那越早,有时候程序延迟会造成无法获取到到结果
t.join(0.5)
data = {}
while not resultQueue.empty():
result = resultQueue.get()
task_result = {
"scan_id": self.scan_id,
"model": "pscan",
"bug_author": "bing",
"bug_name": result[0],
"bug_summary": result[1]
}
redis_task.sadd("pscan_result", task_result)
print task_result
#任务最终结束
final_result = {"status": 1, "scan_id": self.scan_id, "model": "pscan"}
redis_task.sadd("pscan_result", final_result)
print final_result
def run(self):
ThreadList = []
poc_list = get_web_poc("brute", self.scan_type) #查找子域名类型的爆破POC
#print poc_list
if len(poc_list) > 0:
#任务队列
TaskQueue = GetQueue(self.target, poc_list)
#结果队列
resultQueue = Queue.Queue()
#fork出20个线程
for i in range(0, 50):
t = ScanThread(TaskQueue, resultQueue)
ThreadList.append(t)
for t in ThreadList:
t.start()
if "qqmail" == str(self.scan_type):
for t in ThreadList:
t.join(50)
else:
for t in ThreadList:
t.join(5)
data = {}
while not resultQueue.empty():
result = resultQueue.get()
#result为字典,默认result["bug_detail"]返回的结果都为数组
if len(result["bug_detail"]) > 0:
for line in result["bug_detail"]:
data["scan_id"] = self.scan_id
data["model"] = "web"
data["scan_type"] = self.scan_type
data["bug_author"] = result["bug_author"]
data["bug_name"] = result["bug_name"]
data["bug_summary"] = result["bug_summary"]
data["bug_level"] = result["bug_level"]
data["bug_detail"] = line
data["bug_repair"] = result["bug_repair"]
#self.back_fn(result) 回掉给api
redis_task.sadd("brute_result", data)
print data
#任务最终结束
final_result = {
"status": 1,
"scan_id": self.scan_id,
"model": "brute"
}
redis_task.sadd("brute_result", final_result)
print final_result
def run(self):
ThreadList = []
poc_list = get_web_poc("web", self.scan_type)
#print poc_list
if len(poc_list) > 0:
#任务队列
TaskQueue = GetQueue(self.target, poc_list)
#结果队列
resultQueue = Queue.Queue()
#fork出20个线程
for i in range(0, 50):
t = ScanThread(TaskQueue, resultQueue)
ThreadList.append(t)
for t in ThreadList:
t.start()
for t in ThreadList:
#设置守护进程,这样设置结束世界那越早,有时候程序延迟会造成无法获取到到结果
t.join(5) #t.join(5)
data = {}
while not resultQueue.empty():
result = resultQueue.get()
#result为字典,默认result["bug_detail"]返回的结果都为数组
if len(result["bug_detail"]) > 0:
for line in result["bug_detail"]:
data["scan_id"] = self.scan_id
data["model"] = "web"
data["scan_type"] = self.scan_type
data["bug_author"] = result["bug_author"]
data["bug_name"] = result["bug_name"]
data["bug_summary"] = result["bug_summary"]
data["bug_level"] = result["bug_level"]
data["bug_detail"] = line
data["bug_repair"] = result["bug_repair"]
#self.back_fn(result) 回掉给api
#写入到redis集群
redis_task.sadd("web_result", data)
print data
#任务最终结束
final_result = {
"status": 1,
"scan_id": self.scan_id,
"model": "web"
}
redis_task.sadd("web_result", final_result)
print final_result
def run(self):
result = self.awvs_add_task()
status = result["status"]
if status == 1 :
awvs_id = int(result["data"])
while True:
time.sleep(5)
awvs_process = self.awvs_process_status(awvs_id)
awvs_status = awvs_process["status"]
if awvs_status == 1 :
awvs_process_data = awvs_process["data"]
if awvs_process_data == 100 :
break
time.sleep(50) #推迟50秒,获取报告;awvs任务进程到100有部分延迟结束时间
awvs_report = self.awvs_report_task(self.scan_id,awvs_id)
awvs_report_status = awvs_report["status"]
if awvs_report_status == 1 :
awvs_report_data = awvs_report["data"]
data = []
for line in awvs_report_data :
task_result = {
"scan_id": self.scan_id ,
"model": "awvs" ,
"bug_author" : "bing" ,
"bug_name" : line["bug_name"] ,
"bug_level" : line["bug_level"] ,
"bug_summary" : line["bug_summary"] ,
"bug_detail" : line["bug_detail"] ,
"bug_repair" : line["bug_repair"]
}
redis_task.sadd("awvs_result",task_result)
print task_result
#任务最终结束
final_result = { "status" : 1 , "scan_id": self.scan_id , "model": "awvs" }
redis_task.sadd("awvs_result",final_result)
print final_result
else:
#任务最终结束
final_result = { "status" : 1 , "scan_id": self.scan_id , "model": "awvs" }
redis_task.sadd("awvs_result",final_result)
print final_result
elif status == 2 :
awvs_error = result["data"]
final_result = { "status" : 2 , "data" : awvs_error , "scan_id": self.scan_id , "model": "awvs" }
redis_task.sadd("awvs_result",final_result)
print final_result
def run(self):
result = self.nessus_add_task()
status = result["status"]
if status == 1:
nessus_id = int(result["data"])
while True:
time.sleep(5)
nessus_process = self.nessus_process_status(nessus_id)
nessus_status = nessus_process["status"]
if nessus_status == 1:
nessus_process_data = nessus_process["data"].encode("utf8")
if nessus_process_data == "completed":
break
time.sleep(20) #推迟20秒,获取报告;nessus任务进程到100有部分延迟结束时间
nessus_report = self.nessus_report_task(self.scan_id, nessus_id)
nessus_report_status = nessus_report["status"]
if nessus_report_status == 1:
nessus_report_data = nessus_report["data"]
data = []
for line in nessus_report_data:
task_result = {
"scan_id": self.scan_id,
"model": "nessus",
"bug_author": "bing",
"bug_name": line["bug_name"],
"bug_level": line["bug_level"],
"bug_summary": line["bug_summary"],
"bug_detail": line["bug_detail"],
"bug_repair": line["bug_repair"]
}
redis_task.sadd("nessus_result", task_result)
print task_result
#任务最终结束
final_result = {
"status": 1,
"scan_id": self.scan_id,
"model": "nessus"
}
redis_task.sadd("nessus_result", final_result)
print final_result
else:
#任务最终结束
final_result = {
"status": 1,
"scan_id": self.scan_id,
"model": "nessus"
}
redis_task.sadd("nessus_result", final_result)
print final_result
elif status == 2:
nessus_error = result["data"]
final_result = {
"status": 2,
"data": nessus_error,
"scan_id": self.scan_id,
"model": "nessus"
}
redis_task.sadd("nessus_result", final_result)
print final_result