def gener(): f = open('output.log', 'a', encoding='utf-8') webinfo = Sqldb(dbname).query('select domain,ipaddr,title,server,apps,waf,os from webinfo') for i in webinfo: domain, ipaddr, title, server, apps, waf, os = i print('\n' + '*' * 40 + ' ' + domain + ' ' + '*' * 40) f.write('\n' + '*' * 40 + ' ' + domain + ' ' + '*' * 40 + '\n') print('{}|{}|{}|{}|{}'.format(domain, ipaddr, title, server, waf)) f.write('{}|{}|{}|{}|{}'.format(domain, ipaddr, title, server, waf) + '\n') print('指纹:' + str(apps)) f.write('指纹:' + str(apps) + '\n') print('操作系统:' + str(os)) f.write('操作系统:' + str(os) + '\n') ports = Sqldb(dbname).query(f"select ipaddr,service,port from ports where ipaddr = '{domain}'") for port in ports: domain, server, port = port print(domain, server, port) f.write('{}\t{}\t{}'.format(domain, server, port) + '\n') urls = Sqldb(dbname).query(f"select title,url,contype,rsp_len,rsp_code from urls where domain = '{domain}'") for url in urls: title, url, contype, rsp_len, rsp_code = url print('{}\t{}\t{}\t{}t{}'.format(title, url, contype, rsp_len, rsp_code)) f.write('{}\t{}\t{}\t{}t{}'.format(title, url, contype, rsp_len, rsp_code) + '\n') vulns = Sqldb(dbname).query(f"select vuln from vuln where domain = '{ipaddr}'") for vuln in vulns: print(vuln[0]) f.write(vuln[0] + '\n')
class ActiveCheck(): def __init__(self, hosts): self.hosts = hosts self.out = [] def check_db(self, hosts): self.out = Sqldb('result').query_db(hosts) def check(self, url): loc = parse.urlparse(url) if getattr(loc, 'netloc'): host = loc.netloc else: host = loc.path try: if not re.search(r'\d+\.\d+\.\d+\.\d+', host): dns.resolver.query(host, 'A') if PING: try: if platform.system() == 'Windows': subprocess.check_output( ['ping', '-n', '2', '-w', '1', host]) else: subprocess.check_output(['ping', '-c 2', '-W 1', host]) self.out.append(url) except subprocess.CalledProcessError: console('PING', host, "is not alive\n") return False except Exception as e: logging.exception(e) else: self.out.append(url) except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN): console('DnsCheck', host, "No A record\n") except Exception as e: logging.exception(e) return False def disable(self): # 求生欲名单 # 禁止扫描所有gov.cn与edu.cn结尾的域名,遵守法律!!! for i in self.out: if re.search(r'gov\.cn|edu\.cn$', i): console('Disable', i, "Do not scan this domain\n") sys.exit(1) def pool(self): with concurrent.futures.ThreadPoolExecutor(max_workers=20) as executor: executor.map(self.check, self.hosts) if CHECK_DB: self.check_db(list(set(self.out))) self.disable() return self.out
def run(self): scripts = [] try: for _ in glob.glob('script/*.py'): script_name = os.path.basename(_).replace('.py', '') vuln = importlib.import_module('script.%s' % script_name) scripts.append(vuln) # 随机打乱脚本加载顺序 random.shuffle(scripts) with concurrent.futures.ThreadPoolExecutor( max_workers=20) as executor: vulns = { executor.submit(self.vuln, script): script for script in scripts } for future in concurrent.futures.as_completed(vulns, timeout=3): future.result() self.out = list(filter(None, self.out)) for i in self.out: console('Vuln', self.ip, i + '\n') Sqldb(self.dbname).get_vuln(self.ip, self.out) except (EOFError, concurrent.futures._base.TimeoutError): pass except Exception as e: logging.exception(e)
def gen_ports(): tableData = [] sql = 'select time,ipaddr,service,port,banner from ports' try: res = Sqldb(dbname).query(sql) for i in res: time, ipaddr, service, port, banner = i ports = { "time": time, "ip": ipaddr, "port": port, "service": service, "banner": banner } tableData.append(ports) column = [ { "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "ip", "title": "IP", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "port", "title": "PORT", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "service", "title": "SERVICE", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "banner", "title": "Banner", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, ] data = {"name": "Ports", "tableData": tableData, "columns": column} return data except TypeError: pass except Exception as e: logging.exception(e)
class ActiveCheck(): def __init__(self, hosts): self.hosts = hosts self.out = [] def check_db(self, hosts): self.out = Sqldb('result').query_db(hosts) def check(self, url): loc = parse.urlparse(url) if getattr(loc, 'netloc'): host = loc.netloc else: host = loc.path try: if not re.search(r'\d+\.\d+\.\d+\.\d+', host): dns.resolver.query(host, 'A') if PING: try: if platform.system() == 'Windows': subprocess.check_output( ['ping', '-n', '2', '-w', '1', host]) else: subprocess.check_output(['ping', '-c 2', '-W 1', host]) self.out.append(url) except Exception as e: sys.stdout.write(bcolors.OKGREEN + "{} is not alive\n".format(host) + bcolors.ENDC) return False else: self.out.append(url) except Exception as e: return False def pool(self): sys.stdout.write(bcolors.RED + "Start Ping ...\n\n" + bcolors.ENDC) with concurrent.futures.ThreadPoolExecutor(max_workers=20) as executor: executor.map(self.check, self.hosts) if CHECK_DB: self.check_db(list(set(self.out))) return self.out
def gen_urls(): tableData = [] sql = 'select time,domain,url,contype,rsp_code from urls' #命令 try: res = Sqldb(dbname).query(sql) #命令执行 if res: for i in res: time, domain, url, contype, rsp_code = i urls = { "time": time, "domain": domain, "url": url, "contype": contype, "rsp_code": rsp_code } tableData.append(urls) #添加 column = [{ "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "domain", "title": "Domain", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "url", "title": "URL", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "contype", "title": "ConType", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "rsp_code", "title": "rsp_code", "width": 100, "tilteAlign": "center", "columnAlign": "center" }] data = {"name": "URLS", "tableData": tableData, "columns": column} return data #信息返回 except TypeError: pass except Exception as e: pass
def pool(self): result = self.parse_html(self.host) with concurrent.futures.ThreadPoolExecutor(max_workers=30) as executor: executor.map(self.parse_html, result) jslink = JsLeaks().pool(self.js) self.result.extend(jslink) self.links = dedup_link(self.links) self.links = list(map(lambda x: 'Dynamic: ' + x, self.links)) self.result.extend(self.links) self.result = list(set(self.result)) for i in self.result: console('Crawl', self.host, i + '\n') Sqldb('result').get_crawl(self.domain, self.result)
def query(): print(Bcolors.RED + '网站数量:' + Bcolors.ENDC) sql = 'select count(*) from webinfo' _ = Sqldb(dbname).query(sql) print(_[0][0]) sql = 'select service,count(service) as num from ports group by service order by num DESC' service = Sqldb(dbname).query(sql) print(Bcolors.RED + '服务统计:' + Bcolors.ENDC) for i in service: print(i[0], i[1]) print(Bcolors.RED + 'Webinfo:' + Bcolors.ENDC) sql = 'select apps from webinfo where apps is not null' webinfo = Sqldb(dbname).query(sql) result = [] for i in webinfo: result.extend(i[0].split(' , ')) out = get_top(result) for j in out: cms,count = j.split('|') print(cms,count) print(Bcolors.RED + '端口统计:' + Bcolors.ENDC) sql = 'select port,count(port) as num from ports group by port order by num DESC limit 0,20' ports = Sqldb(dbname).query(sql) for i in ports: print(i[0], i[1]) print(Bcolors.RED + 'C段统计:' + Bcolors.ENDC) cidrs = [] sql = 'select ipaddr from webinfo order by ipaddr' cidr = Sqldb(dbname).query(sql) for i in cidr: cidrs.append(i[0]) get_cidr(cidrs) print(Bcolors.RED + '可疑URL:' + Bcolors.ENDC) sql = "select domain,title,url,contype,rsp_len,rsp_code from urls where contype!='html' and contype !='vnd.microsoft.icon' and contype !='plain'" urls = Sqldb(dbname).query(sql) for i in urls: domain, title, url, contype, rsp_len, rsp_code = i if rsp_code == '200' and contype != 'None': print(domain, title, url, contype, rsp_len, rsp_code) print(Bcolors.RED + 'WAF:' + Bcolors.ENDC) sql = 'select waf,count(waf) as num from webinfo where waf is not NULL group by waf order by num DESC' waf = Sqldb(dbname).query(sql) for i in waf: print(i[0], i[1]) print(Bcolors.RED + '地区分布:' + Bcolors.ENDC) sql = 'select address,count(address) as num from webinfo where address is not NULL group by address order by num DESC limit 0,20' country = Sqldb(dbname).query(sql) for i in country: print(i[0], i[1])
def gen_ports(): tableData = [] sql = 'select time,ipaddr,service,port from ports' #命令 try: res = Sqldb(dbname).query(sql) #命令执行 for i in res: time, ipaddr, service, port = i ports = { "time": time, "ip": ipaddr, "port": port, "service": service, } #端口信息 tableData.append(ports) #信息添加到列表 column = [ { "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "ip", "title": "IP", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "port", "title": "PORT", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "service", "title": "SERVICE", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, ] data = {"name": "Ports", "tableData": tableData, "columns": column} return data #返回信息 except TypeError: pass except Exception as e: pass
def gen_crawl(): tableData = [] sql = 'select time, domain, type,leaks from crawl' try: res = Sqldb(dbname).query(sql) for i in res: time, domain, type, leaks = i vuln = { "time": time, "domain": domain, "type": type, "leaks": leaks } tableData.append(vuln) column = [ { "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "domain", "title": "DOMAIN", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "type", "title": "TYPE", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "leaks", "title": "Leaks", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, ] data = {"name": "Crawl", "tableData": tableData, "columns": column} return data except TypeError: pass except Exception as e: logging.exception(e)
def get_port(ipaddr): #获得Ip端口 try: sql = "select port from ports where ipaddr='{}'".format(ipaddr) #命令 getport = Sqldb(dbname).query(sql) #命令执行 if getport: result = [] for i in getport: #遍历端口 result.append(i[0]) result = list(map(int, result)) #强制转换 result = sorted(result) result = list(map(str, result)) ports = ' , '.join(result) return ports #元组 except Exception as e: pass
def get_port(ipaddr): try: sql = "select port from ports where ipaddr='{}'".format(ipaddr) getport = Sqldb(dbname).query(sql) if getport: result = [] for i in getport: result.append(i[0]) result = list(map(int, result)) result = sorted(result) result = list(map(str, result)) ports = ' , '.join(result) return ports except Exception as e: logging.exception(e)
def run(self): scripts = [] try: for _ in glob.glob('script/*.py'): script_name = os.path.basename(_).replace('.py', '') vuln = importlib.import_module('script.%s' % script_name) scripts.append(vuln) with concurrent.futures.ThreadPoolExecutor( max_workers=20) as executor: executor.map(self.vuln, scripts) self.out = list(filter(None, self.out)) for i in self.out: console('Vuln', self.ip, i + '\n') brute_result = Crack().pool(self.ip, self.ports) if brute_result: self.out.extend(brute_result) Sqldb('result').get_vuln(self.ip, self.out) except Exception as e: logging.exception(e)
def gen_vuln(): tableData = [] sql = 'select time, domain, vuln from vuln' try: res = Sqldb(dbname).query(sql) for i in res: time, ip, vuln = i vuln = {"time": time, "ip": ip, "vuln": vuln} tableData.append(vuln) column = [ { "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "ip", "title": "IP", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "vuln", "title": "VULN", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, ] data = {"name": "Vuln", "tableData": tableData, "columns": column} return data except TypeError: pass except Exception as e: logging.exception(e)
def pool(self): result = self.parse_html(self.host) try: with concurrent.futures.ThreadPoolExecutor( max_workers=30) as executor: futures = [executor.submit(self.parse_html, i) for i in result] for future in concurrent.futures.as_completed(futures, timeout=3): future.result() except (EOFError, concurrent.futures._base.TimeoutError): pass except Exception as e: logging.exception(e) jslink = JsLeaks().pool(self.js) self.result.extend(jslink) self.result = list(set(self.result)) for i in self.result: console('Crawl', self.host, i + '\n') Sqldb(self.dbname).get_crawl(self.domain, self.result)
def check_db(self, hosts): self.out = Sqldb('result').query_db(hosts)
def gen_webinfo(): tableData = [] sql = 'select time,domain,waf,title,apps,server,address,ipaddr,os,pdns,reverseip from webinfo' try: res = Sqldb(dbname).query(sql) for i in res: time, domain, waf, title, apps, server, address, ipaddr, os, pdns, reverseip = i ports = get_port(domain) webinfo = { "time": time, "domain": domain, "waf": waf, "title": title, "apps": apps, "server": server, "address": address, "ipaddr": ipaddr, "ports": ports, "os": os, "reverseip": reverseip } tableData.append(webinfo) column = [ { "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "domain", "title": "domain", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "waf", "title": "waf", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "title", "title": "title", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "apps", "title": "apps", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "server", "title": "server", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "address", "title": "address", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "ipaddr", "title": "ipaddr", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "ports", "title": "ports", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "os", "title": "os", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, # {"field": "pdns", "title": "pdns", "width": 100, "tilteAlign": "center", "columnAlign": "center"}, { "field": "reverseip", "title": "reverseip", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, ] data = {"name": "webinfo", "tableData": tableData, "columns": column} return data except TypeError: pass except Exception as e: logging.exception(e)
def subdomain_save(data): Sqldb('result').get_subdomain(data) #保存到数据库
def save(self, ipaddr, result): Sqldb(self.dbname).get_ports(ipaddr, result) #将信息保存到数据库中
def gen_urls(): tableData = [] sql = 'select time,domain,title,url,contype,rsp_len,rsp_code from urls' try: res = Sqldb(dbname).query(sql) for i in res: time, domain, title, url, contype, rsp_len, rsp_code = i urls = { "time": time, "domain": domain, "title": title, "url": url, "contype": contype, "rsp_len": rsp_len, "rsp_code": rsp_code } tableData.append(urls) column = [{ "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "domain", "title": "domain", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "title", "title": "title", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "url", "title": "url", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "contype", "title": "contype", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "rsp_len", "title": "rsp_len", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "rsp_code", "title": "rsp_code", "width": 100, "tilteAlign": "center", "columnAlign": "center" }] data = {"name": "URLS", "tableData": tableData, "columns": column} return data except Exception as e: print(e)
def save(self, result): Sqldb('result').get_vuln(self.ip, result)
def web_save(webinfo, dbname): Sqldb(dbname).get_webinfo(webinfo) #保存到数据库
class ActiveCheck(): def __init__(self, hosts): self.hosts = hosts self.out = [] def check_db(self, hosts): self.out = Sqldb('result').query_db(hosts) def check(self, url): loc = parse.urlparse(url) if getattr(loc, 'netloc'): host = loc.netloc else: host = loc.path try: if not re.search(r'\d+\.\d+\.\d+\.\d+', host): # 验证DNS存活并且DNS不能是一些特殊IP(DNSIP、内网IP) resolver = dns.resolver.Resolver() resolver.nameservers = ['223.5.5.5', '1.1.1.1', '8.8.8.8'] a = resolver.query(host, 'A') for i in a.response.answer: for j in i.items: if hasattr(j, 'address'): if re.search( r'1\.1\.1\.1|8\.8\.8\.8|127\.0\.0\.1|114\.114\.114\.114', j.address): return False if PING: try: # Windows调用ping判断存活 Linux调用nmap来判断主机存活 # nmap判断存活会先进行ping然后连接80端口,这样不会漏掉 if platform.system() == 'Windows': subprocess.check_output( ['ping', '-n', '2', '-w', '1', host]) else: nm = nmap.PortScanner() result = nm.scan(hosts=host, arguments='-sP -n') for k, v in result.get('scan').items(): if not v.get('status').get('state') == 'up': console('PING', host, "is not alive\n") return False self.out.append(url) except subprocess.CalledProcessError: console('PING', host, "is not alive\n") return False except Exception as e: logging.exception(e) else: self.out.append(url) except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN, dns.resolver.NoNameservers): console('DnsCheck', host, "No A record\n") except dns.exception.Timeout: console('DnsCheck', host, "Timeout\n") except Exception as e: logging.exception(e) return False def disable(self): # 禁止扫描所有敏感域名,遵守法律!!! for i in self.out: if re.search( r'\.org\.cn|\.com\.cn|\.cn|gov\.cn|edu\.cn|\.mil|\.aero|\.int|\.go\.\w+$|\.ac\.\w+$', i): console('Disable', i, "Do not scan this domain\n\n") sys.exit(1) def pool(self): try: with concurrent.futures.ThreadPoolExecutor( max_workers=20) as executor: result = { executor.submit(self.check, i): i for i in self.hosts } for future in concurrent.futures.as_completed(result, timeout=3): future.result() except (EOFError, concurrent.futures._base.TimeoutError): pass except Exception as e: logging.exception(e) if CHECK_DB: self.check_db(list(set(self.out))) self.disable() return self.out
def save(self, urls): Sqldb(self.dbname).get_urls(urls)
class ActiveCheck: def __init__(self, hosts): self.hosts = hosts self.out = [] def check_db(self, hosts): self.out = Sqldb('result').query_db(hosts) def check(self, url): loc = parse.urlparse(url) if getattr(loc, 'netloc'): host = loc.netloc else: host = loc.path # 验证国家 if VERIFY_COUNTRY: if verify_country(host): console('Disable', host, "Disable Country\n") return False if re.search(r'\d+\.\d+\.\d+\.\d+', host): if not WhiteIP().checkip(host): console('Disable', host, "China IP\n") return False if re.search( r'\.org\.cn|\.com\.cn|\.cn|gov\.cn|edu\.cn|\.mil|\.aero|\.int|\.go\.\w+$|\.ac\.\w+$', host): console('Disable', host, "Do not scan this domain\n") return False try: # 判断是IP还是域名,域名的话需要检测域名解析 if not re.search(r'\d+\.\d+\.\d+\.\d+', host): # 验证DNS存活并且DNS解析不能是一些特殊IP(DNSIP、内网IP) console('Dnscheck', host, 'query dns a records\n') resolver = dns.resolver.Resolver() resolver.nameservers = ['1.1.1.1', '8.8.8.8'] a = resolver.query(host, 'A') for i in a.response.answer: for j in i.items: if hasattr(j, 'address'): # if re.search(r'\d+\.\d+\.\d+\.\d+', j.address): # if not WhiteIP().checkip(j.address): # console('Disable', j.address, "China IP\n") # return False if re.search( r'1\.1\.1\.1|8\.8\.8\.8|127\.0\.0\.1|114\.114\.114\.114|0\.0\.0\.0', j.address): return False if PING: try: # Windows调用ping判断存活 Linux调用nmap来判断主机存活 # nmap判断存活会先进行ping然后连接80端口,这样不会漏掉 if platform.system() == 'Windows': console('PING', host, 'Ping scan\n') subprocess.check_output( ['ping', '-n', '2', '-w', '1', host]) self.out.append(url) else: console('PING', host, 'Nmap Ping scan\n') nm = nmap.PortScanner() result = nm.scan(hosts=host, arguments='-sP -n') for k, v in result.get('scan').items(): if not v.get('status').get('state') == 'up': console('PING', host, "is not alive\n") return False else: self.out.append(url) except (AttributeError, subprocess.CalledProcessError, xml.etree.ElementTree.ParseError, nmap.nmap.PortScannerError): console('PING', host, "is not alive\n") return False except Exception as e: logging.exception(e) return False else: self.out.append(url) except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN, dns.resolver.NoNameservers): console('DnsCheck', host, "No A record\n") except dns.exception.Timeout: console('DnsCheck', host, "Timeout\n") except Exception as e: logging.exception(e) return False def pool(self): try: with concurrent.futures.ThreadPoolExecutor( max_workers=20) as executor: result = { executor.submit(self.check, i): i for i in self.hosts } for future in concurrent.futures.as_completed(result, timeout=3): future.result() except (EOFError, concurrent.futures._base.TimeoutError): pass except Exception as e: logging.exception(e) if CHECK_DB: self.check_db(list(set(self.out))) return self.out
def handle(self): # 进行调度 try: dbname = 'result' banner() print('-' * 43) usage() print('-' * 43) while True: show = input(Bcolors.RED + '[JR]>> ' + Bcolors.ENDC) # 红色 if show in ['1', 'Information_Scan']: target = input(Bcolors.RED + '[JR/Information_Scan/Set_Target]>>' + Bcolors.ENDC) lives = add(target) for i in lives: start(i, dbname) elif show in ['2', 'POC_Scan']: poc_use() while True: command, keywords = input(Bcolors.RED + '[JR/POC_Scan/]>>' + Bcolors.ENDC).split() if command == 'search' and keywords: search(keywords) elif command == "show" and keywords == 'poc': show_poc() elif command == 'use' and keywords: target = input(Bcolors.RED + '[JR/POC_Scan/Set_Target]>>' + Bcolors.ENDC) lives = add(target) for live in lives: for i in use(keywords, live): Sqldb(dbname).get_vuln(i, keywords) elif command == 'back' and keywords == 'menu': break else: print(Bcolors.WARNING + '[-] 提示: 输入错误...' + Bcolors.ENDC) elif show in ['3', 'AWVS_Check']: awvs_check = awvs() awvs_check.usage() while True: command = input(Bcolors.RED + '[JR/AWVS_Check/]>>' + Bcolors.ENDC) if command == 'scan': awvs_check.scan() elif command == "stop": awvs_check.stop() elif command == 'delete': awvs_check.delete() elif command == 'view': awvs_check.view() elif command == 'back': break else: print(Bcolors.WARNING + '[-] 提示: 输入错误...' + Bcolors.ENDC) elif show in ['4', 'H5_Create']: gener() elif show in ['5', 'Help']: usage() elif show in ['6', 'exit']: break elif show == '': pass else: print(Bcolors.WARNING + '[-] 提示: 输入错误...' + Bcolors.ENDC) except KeyboardInterrupt as e: print(e)
def save(self, ipaddr, result): Sqldb('result').get_ports(ipaddr, result)
def web_save(webinfo): Sqldb('result').get_webinfo(webinfo)
def gen_subdomain(): tableData = [] sql = 'select time,domain,waf,title,apps,server,address,ipaddr,os from subdomain' try: res = Sqldb(dbname).query(sql) for i in res: time, domain, waf, title, apps, server, address, ipaddr, os = i webinfo = { "time": time, "domain": domain, "waf": waf, "title": title, "apps": apps, "server": server, "address": address, "ipaddr": ipaddr, "os": os, } tableData.append(webinfo) # 网站信息添加到列表 column = [ { "field": "time", "title": "TIME", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "domain", "title": "domain", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "waf", "title": "waf", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "title", "title": "title", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "apps", "title": "apps", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "server", "title": "server", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "address", "title": "address", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "ipaddr", "title": "ipaddr", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, { "field": "os", "title": "os", "width": 100, "tilteAlign": "center", "columnAlign": "center" }, ] data = { "name": "Subdomain", "tableData": tableData, "columns": column } # 字典格式写进网站 return data except TypeError: pass except Exception as e: pass