Exemplo n.º 1
0
def delete_1(path, name):
    cmd1 = f'cd {path} && git rm {name}'
    cmd2 = f'cd {path} && git commit -m "remove {name}"'
    c1 = commands__(cmd1)
    c2 = commands__(cmd2)
    if not c1 or not c2:
        red('[-]没有路径.')
        red('[-]没有文件名.')
Exemplo n.º 2
0
def add(path, filename='.'):
    if filename == '.':
        cmd1 = f'cd {path} && git add -A -- .'
    else:
        cmd1 = f'cd {path} && git add {filename}'
    c1 = commands__(cmd1)
    if not c1:
        red('[-]没有路径.')
Exemplo n.º 3
0
    def POC_T(self, **kwargs):
        for args in kwargs:
            if 'sqli' == args:
                ke1 = kwargs['sqli']

        self.Install_POC_T()
        helps = poc_t_helps
        print_("""
######
POC_T
######
[1].批量POC验证.
[2].单个POC验证.
[h].帮助.
[0].返回菜单.
        """)
        f1, f2, f3 = get_POC_T_script()
        ipt1 = input_('>')

        if ipt1 is '1':
            if not ke1:
                ipt3 = input_('指纹名称>')
            else:
                ipt3 = ke1
            f1, f2, f3 = get_POC_T_script()
            for sf1 in f1:
                with open('{}lib/script_name.txt'.format(self.root),
                          'a+') as w:
                    w.write(sf1 + '\n')
            search_r = _grep(keyword=ipt3,
                             path='{}lib/script_name.txt'.format(self.root))
            print('')
            print('')
            red('----------------------------')
            print('')
            for s1 in search_r:
                line_number, line_content = s1
                print(line_content)
            green('----------------------------')
            ipt4 = input_('选择脚本>')
            ipt5 = input_('ZSearch_keyword>')
            ipt6 = input_('页数>')
            self.commands__(
                cmd=
                'python2 {}POC-T/POC-T.py -s {} -aZ "{}" --limit {} -luz {} -lup {}'
                .format(self.root, ipt4, ipt5, ipt6, username_z, password_z))
            self.main()

        if ipt1 is '2':
            pass

        if ipt1 is 'h':
            print_(helps)
        if ipt1 is '0':
            self.main()
Exemplo n.º 4
0
def ip_or_domain_result_handle():
    from main import Run
    r1 = Run()
    main = r1.main

    print_("""
########
处理结果
########
1.查看结果.
2.结果提交到nmap扫描. 
0.返回菜单.
    """)

    ipt1 = input_('>')

    if ipt1 is '0':
        main()

    if ipt1 is '1':
        filenames = get_filename(path=f'{root}lib/fping')

        if not filenames:
            red('[Error] fping 没有结果.')
            return False

        i = 1
        for filename in filenames:
            print_(str(i) + '. ' + filename)
            i += 1

        ipt1 = input_('>')

        i = 1
        for filename in filenames:
            if str(i) == ipt1:
                ipt1 = str(filename.replace(' ', '').replace('\n', ''))
                break
            i += 1

        with open(f'{ipt1}', 'r') as r:
            for line in r.readlines():
                if re.findall(f'({regular(1)})(\.+)*', line):
                    ip = str(line.strip().replace(' ', '').replace('\n', ''))
                    if ip:
                        data = _red(ip)
                        print(data)

    if ipt1 is '2':
        filenames = get_filename(path=f'{root}lib/fping')

        if not filenames:
            red('[Error] fping 没有结果.')
            return False

        i = 1
        for filename in filenames:
            print_(str(i) + '. ' + filename)
            i += 1

        ipt1 = input_('>')

        i = 1
        for filename in filenames:
            if str(i) == ipt1:
                ipt1 = str(filename.replace(' ', '').replace('\n', ''))
                break
            i += 1

        with open(f'{ipt1}', 'r') as r:
            for line in r.readlines():
                if re.findall(f'({regular(1)})(\.+)*', line):
                    ip = str(line.strip().replace(' ', '').replace('\n', ''))
                    if ip:
                        thread1 = Thread(target=port_scan, args=(ip, ip))
                        thread1.start()
Exemplo n.º 5
0
    def main(self):
        content1 = """
{}


[1].信息收集.
[2].Web程序.
[3].黑盒测试工具包.
[4].Linux 工具.
[5].漏洞验证(POC).
[6].漏洞测试(FUZZ).
[7].note.
[8].内网攻击工具.
[9].内网扫描.
[10].漏洞分析.
[11].字典构造.
[12].Exploits.
[i].INIT.
[c].Clear.
[n].记录线索.
[0].退出.
        """.format(logo)
        print_(content1)
        ipt1 = input_('>')
        if not ipt1:
            self.main()

        if ipt1 is '1':
            content2 = """
########
信息收集
########
1.子域名爆破.
2.URL采集.
3.Web目录扫描.
4.尝试找出cdn背后的真实ip.
5.九世信息收集工具.
6.指纹识别.
7.ABC段扫描.
0.返回菜单.
            """
            print_(content2)
            ipt2 = input_('>')
            if not ipt2:
                self.main()
            if ipt2 is '1':
                self.Run_subdns()
            if ipt2 is '2':
                self.Run_DiscoverTarget()
            if ipt2 is '3':
                print_("""
#######
选择工具
#######
1.dirmap.
2.DirBrute.
0.返回菜单.
                """)
                ipt3 = input_('>')
                if not ipt3:
                    self.main()
                if ipt3 is '1':
                    self.Run_dirmap()
                if ipt3 is '2':
                    self.Run_DirBrute()
                if ipt3 is '0':
                    self.main()
            if ipt2 is '4':
                if system_platform == 'kali':
                    self.Run_xcdn()
                else:
                    red('[Error] xcdn run for kali.')
                    self.main()
            if ipt2 is '5':
                ipt1 = input_('URL>')
                ipt2 = input_('Domain>')
                c1 = jiushixxsj(url=ipt1, domain=ipt2)
                if c1:
                    print_('九世信息收集工具配置完成...')
                else:
                    print_('九世信息收集工具配置失败...')
                self.commands__(
                    cmd='cd "{}信息收集工具" && python3 ./main.py'.format(self.root))
            if ipt2 is '6':
                print_("""
1.TideFinger.
2.whatweb.
0.返回菜单.
                """)
                ipt1 = input_('>')
                if ipt1 == '1':
                    self.TideFinger()
                    self.main()
                if ipt1 == '2':
                    self.whatweb()
                    self.main()
                if ipt1 == '0':
                    self.main()
            if ipt2 is '7':
                print_("""
[A].A段扫描.
[B].B段扫描.
[C].C段扫描.
[r].查看结果.
                """)
                ipt2 = input_('>')
                if ipt2 is 'r':
                    if ip_or_domain_result_handle():
                        time.sleep(3)
                        self.main()
                    else:
                        time.sleep(3)
                        self.main()

                content1 = """
A段 前缀 8.
B段 前缀 16.
C段 前缀 24.
                """
                a1 = grep(f'{ipt2}', content1)
                print(a1)
                ipt3 = input_('IP>')
                ipt4 = input_('前缀>')
                # self.commands__(f'fping -a -g "{ipt3}/{ipt4}" > {self.root}lib/fping_result.txt')
                self.commands__(
                    f'fping -a -g "{ipt3}/{ipt4}" > {self.root}lib/fping_result.txt'
                )
                datas = _grep(f'({regular(1)})(\.+)*',
                              f'{self.root}lib/fping_result.txt',
                              regex=1,
                              highlight=0)
                for data in datas:
                    line_number, line_content = data
                    if 'ICMP Host Unreachable from' not in line_content:
                        print(line_content.replace('\n', '').strip())
                        s1 = line_content.replace('\n', '').strip()
                        with open(f'{self.root}lib/fping/{ipt3}_{ipt4}.txt',
                                  'a+') as w:
                            w.write(s1 + '\n')

                self.commands__(f'rm -rf {self.root}lib/{ipt3}_{ipt4}.txt')
                self.commands__(f'rm -rf {self.root}lib/fping_result.txt')
                time.sleep(3)
                self.main()

            if ipt2 is '0':
                self.main()

        if ipt1 is '2':
            print_("""
########
web程序
########
1.xwaf waf自动化绕过工具.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                if system_platform == 'kali':
                    self.Run_xwaf()
                    self.main()
                else:
                    red('[Error] xwaf run for kali.')
                    self.main()
            if ipt2 is '0':
                self.main()
        if ipt1 is '3':
            print_("""
1.Fsociety.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if not ipt2:
                self.main()
            if ipt2 is '1':
                if system_platform == 'kali':
                    self.Run_fsociety()
                else:
                    red('[Error] fsociety run for kali.')
                    self.main()
            if ipt2 is '0':
                self.main()

        if ipt1 is '4':
            print_("""
##########
linux 工具
##########
    [1].输出艺术字.
    [2].获取工具的绝对路径.
    [3].History.
    [4].源配置.
    [5].配置x11 vnc server.
    [6].配置sftp.
    [0].返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                ipt3 = input_('内容>')
                self.commands__(cmd='figlet {}'.format(ipt3))
                self.commands__(cmd='toilet {}'.format(ipt3))
                self.main()
            if ipt2 is '2':
                ipt3 = input_('Tool name>')
                c1 = self.commands_(cmd='whereis {}'.format(ipt3))
                c2 = self.commands_(cmd='which {}'.format(ipt3))
                data1 = grep(ipt3, c1)
                data2 = grep(ipt3, c2)
                print(data1)
                print(data2)
            if ipt2 is '3':
                from os import popen
                ipt1 = input_('Keyword>')
                print_('history | grep "{}"'.format(ipt1))
            if ipt2 is '4':
                if system_platform == 'deepin':
                    print_('1.deepin 源配置.')
                    ipt1 = input_('>')
                    if ipt1 is '1':
                        c1 = self.commands__(
                            cmd=
                            f'sudo cp -v -r {self.root}bak/sources.list.deepin /etc/apt/sources.list'
                        )
                        c2 = self.commands__(cmd='sudo apt-get update')
                        if c1:
                            print_('deepin 源配置完成.')
                        else:
                            print_('deepin 源配置失败.')
                        self.main()
                if system_platform == 'kali':
                    print_('1.kali 源配置.')
                    ipt1 = input_('>')
                    if ipt1 is '1':
                        c1 = self.commands__(
                            cmd=
                            f'sudo cp -v -r {self.root}bak/sources.list.kali /etc/apt/sources.list'
                        )
                        c2 = self.commands__(cmd='sudo apt-get update')
                        if c1:
                            print_('kali 源配置完成.')
                        else:
                            print_('kali 源配置失败.')
                        self.main()

            if ipt2 is '5':
                self.commands__('sudo apt-get -y install x11vnc')
                self.commands__('x11vnc -storepasswd')
                self.commands__('ip address')
                self.commands__(
                    'x11vnc -auth guess -once -loop -noxdamage -repeat -rfbauth ~/.vnc/passwd -rfbport 5900 -shared'
                )

            if ipt2 is '6':
                self.commands__('sudo apt-get -y install ssh')

            if ipt2 is '0':
                self.main()

        if ipt1 is '5':
            print_("""
############
漏洞验证(POC)
############
1.Xss
2.Sqli
3.Csrf
4.POC-T
0.返回菜单
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                pass
            if ipt2 is '2':
                self.POC_T(sqli='sqli')
            if ipt2 is '3':
                pass
            if ipt2 is '4':
                self.POC_T()
            if ipt2 is '0':
                self.main()

        if ipt1 is '6':
            print_("""
#############
漏洞测试(FUZZ)
#############
1.Xss
2.Sqli
3.Csrf
0.返回菜单
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                print_("""
####
Xss
####
1.XSStrike.
0.返回菜单.
                """)
                ipt3 = input_('>')
                if ipt3 is '1':
                    self.xsstrike()
                    self.main()
                if ipt3 is '0':
                    self.main()

            if ipt2 is '0':
                self.main()

        if ipt1 is '7':
            from src._note import note
            note()
            self.main()

        if ipt1 is 'i':
            self.commands__('{}lib/INIT'.format(self.root))
            self.main()

        if ipt1 is '8':
            print_("""
############
内网攻击工具.
############
1.ARP欺骗.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                self.commands__(cmd='python2 {}src/arp.py'.format(self.root))
                self.main()
            if ipt2 is '0':
                self.main()

        if ipt1 is '9':
            print_("""
############
内网扫描工具.
############
1.nbtscan.
0.返回菜单.
            """)
            ipt2 = input_('>')

            if system_platform == 'kali':
                if ipt2 is '1':
                    print_('例子:192.168.1.1/24')
                    ipt3 = input_('输入扫描的IP段>')
                    self.commands__(f'nbtscan -r {ipt3}')
                    self.main()
            else:
                red('[Error] nbtscan run for kali.')

            if ipt2 is '0':
                self.main()

        if ipt1 == '10':
            print_("""
########
漏洞分析
########
1.apache-users.
2.scann.py.
3.nikto.
4.nmap.
5.lynis
6.sparta
7.unix-privesc-check
8.goLismero
9.awvs.py
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 is '1':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] apache_users run for kali.')
            if ipt2 is '2':
                self.commands__(f'python3 {self.root}scann.py')
                self.main()

            if ipt2 is '3':
                pass
            if ipt2 is '4':
                self.nmap_script_exploit()
            if ipt2 is '5':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] lynis run for kali.')
            if ipt2 is '6':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] sparta run for kali.')
            if ipt2 is '7':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] unix-privesc-check run for kali.')
            if ipt2 is '8':
                if system_platform == 'kali':
                    pass
                else:
                    red('[Error] goLismero run for kali.')

            if ipt2 == '9':
                try:
                    a1 = _awvs()
                    a1.main()
                except:
                    from src.awvs import awvs as _awvs
                    a1 = _awvs()
                    a1.main()

            if ipt2 is '0':
                self.main()

        if ipt1 == '11':
            print_("""
########
字典构造
########
1.crunch.
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 == '1':
                if system_platform == 'kali':
                    self.crunch()
                    self.main()
                else:
                    red('[Error] crunch run for kali.')
            if ipt2 == '0':
                self.main()

        if ipt1 == '12':
            print_("""
#########
Exploits
#########
1.exp_2019_7_16_baopo.py
0.返回菜单.
            """)
            ipt2 = input_('>')
            if ipt2 == '1':
                pass
            if ipt2 == '0':
                self.main()

        if ipt1 is 'c':
            self.commands__(cmd='clear')
            self.main()

        if ipt1 is 'n':
            thread1 = threading.Thread(target=self.commands__,
                                       args=('gedit', ))
            thread1.start()

        if ipt1 is '0':
            c1 = self.commands_(cmd=[
                'sudo chmod +x {}lib/pyc_clear && bash {}lib/pyc_clear'.format(
                    self.root, self.root)
            ])
            print_(c1)
            exit(0)

        if ipt1:
            self.commands__(f'{ipt1}')
            ipt2 = input_('返回菜单[y/n]>')
            if ipt2 is 'y':
                self.main()
            if \
            ipt2 is 'n' or \
            not ipt2 or \
            ipt2[0] in 'abcdefghijklmnopqrstuvwsyz' or \
            ipt2[0] in 'ABCDEFGHIJKLMNOPQRSTUVWSYZ':
                self.main()
Exemplo n.º 6
0
def add_dm(path, url):
    cmd1 = f'cd {path} && git remote add origin {url}'
    c1 = commands__(cmd1)
    if not c1:
        red('[-]没有路径.')
Exemplo n.º 7
0
def clong(path, url):
    cmd1 = f'cd {path} && git clone {url}'
    c1 = commands__(cmd1)
    if not c1:
        red('[-]没有路径.')
Exemplo n.º 8
0
def status(path):
    cmd1 = f'cd {path} && git status'
    c1 = commands__(cmd1)
    if not c1:
        red('[-]没有路径.')
Exemplo n.º 9
0
def tb(path):
    cmd1 = f'cd {path} && git pull --tags origin master'
    c1 = commands__(cmd1)
    if not c1:
        red('[-]没有路径.')
Exemplo n.º 10
0
def ts(path):
    cmd1 = f'cd {path} && git push -u origin master'
    c1 = commands__(cmd1)
    if not c1:
        red('[-]没有路径.')
Exemplo n.º 11
0
def tj(path, content):
    cmd1 = f'cd {path} && git commit -m "{content}"'
    c1 = commands__(cmd1)
    if not c1:
        red('[-]没有路径.')