Пример #1
0
class WPSeku(object):
	out = wpprint.wpprint()
	def banner(self):
		print
	def usage(self,ext=False):
		path = os.path.basename(sys.argv[0])
		self.banner()
		print "Usage: {} [options]\n".format(path)
		print "\t-t --target\tTarget URL (eg: http://site.com)"
		print "\t-b --brute\tBruteforce login via xmlrpc"
		print "\t-u --user\tSet username, (df=admin)"
		print "\t-p --proxy\tSet proxy, (host:port)"
		print "\t-c --cookie\tSet cookie, (--cookie=\"COOKIE\")"
		print "\t-a --agent\tSet user-agent, (--agent=\"AGENT\")"
		print "\t-r --ragent\tSet random user-agent"
		print "\t-f --redirect\tRedirect target url, (df=true)"
		print "\t-m --timeout\tSet timeout, (df=None)"
		print "\t-w --wordlist\tSet wordlist, (df=db/wordlist.txt)"
		print "\t-h --help\tShow this help and exit\n"
		print "Examples:"
		print "\t{} -t http://site.com".format(path)
		print "\t{} -t http://site.com -b -w wlist.txt".format(path)
		print "\t{} -t http://site.com/wordpress/ --redirect".format(path)
		print "\t{} -t http://site.com -b -u test -w wlist.txt\n".format(path)
		if ext:
			exit()

	brute = False
	user = "******"
	cookie = None
	agent = "Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0"
	redirect = True
	wordlist = "db/wordlist.txt"
	proxy = None
	timeout = None

	def main(self,kw):
		if len(sys.argv) <= 2:
			self.usage(True)
		try:
			opts,args = getopt.getopt(kw,"t:u:p:c:a:m:w:frbh:",["target=","brute",
				"user="******"proxy=","cookie=","timeout=","agent=","ragent","redirect","wordlist=","help"]
				)
		except getopt.error,e:
			self.usage(True)
		for opt,arg in opts:
			if opt in ('-t','--target'):
				self.target = self.check(arg)
			if opt in ('-b','--brute'):
				self.brute = True
			if opt in ('-u','--user'):
				self.user = arg
			if opt in ('-p','--proxy'):
				self.proxy = arg
			if opt in ('-c','--cookie'):
				self.cookie = arg
			if opt in ('-a','--agent'):
				self.agent = arg
			if opt in ('-r','--ragent'):
				pass
			if opt in ('-m','--timeout'):
				self.timeout = arg
			if opt in ('-f','--redirect'):
				self.redirect = False
			if opt in ('-w','--wordlist'):
				self.wordlist = arg
			if opt in ('-h','--help'):
				self.usage(True)
		# starting 
		self.init()
		if self.brute == True:
			wpxmlrpc.wpxmlrpc(agent=self.agent,proxy=self.proxy,
				redir=self.redirect,time=self.timeout,url=self.target,
				cookie=self.cookie,wlist=self.wordlist,user=self.user).run()
			exit()
		# fingerprint 
		fingerprint.fingerprint(agent=self.agent,proxy=self.proxy,
			redir=self.redirect,time=self.timeout,url=self.target,
			cookie=self.cookie).run()
		# discovery
		discovery.discovery().run(agent=self.agent,proxy=self.proxy,
			redir=self.redirect,time=self.timeout,url=self.target,
			cookie=self.cookie)
Пример #2
0
 def Main(self):
     if len(sys.argv) <= 2:
         self.Usage(True)
     try:
         opts, args = getopt.getopt(
             self.kwargs, "t:x=:s=:l=:b=:h=:q:u:p:m:c:w:a:r:", [
                 'target=', 'xss', 'sql', 'lfi', 'query=', 'brute', 'user='******'proxy=', 'method=', 'cookie=', 'wordlist=', 'agent=',
                 'redirect=', 'help'
             ])
     except getopt.error as error:
         pass
     for o, a in opts:
         if o in ('-t', '--target'):
             self.target = self.CheckTarget(a)
         if o in ('-x', '--xss'):
             self.xss = True
         if o in ('-s', '--sql'):
             self.sql = True
         if o in ('-l', '--lfi'):
             self.lfi = True
         if o in ('-q', '--query'):
             self.query = a
         if o in ('-b', '--brute'):
             self.brute = True
         if o in ('-u', '--user'):
             self.user = a
         if o in ('-p', '--proxy'):
             self.proxy = a
         if o in ('-m', '--method'):
             self.method = a
         if o in ('-c', '--cookie'):
             self.cookie = a
         if o in ('-w', '--wordlist'):
             self.wordlist = a
         if o in ('-a', '--agent'):
             self.agent = a
         if o in ('-r', '--redirect'):
             self.redirect = a
         if o in ('-h', '--help'):
             self.Usage(True)
     self.Banner()
     self.printf.plus('Target: %s' % self.target)
     self.printf.plus('Starting: %s\n' %
                      (time.strftime('%d/%m/%Y %H:%M:%S')))
     print self.agent
     if not self.agent: self.agent = 'Mozilla/5.0'
     if not self.proxy: self.proxy = None
     if not self.cookie: self.cookie = None
     if not self.redirect: self.redirect = False
     if not self.user: self.user = "******"
     # xss attack
     if self.xss == True:
         if not self.method:
             sys.exit(self.printf.erro('Method not exisits!'))
         if not self.query: sys.exit(self.printf.erro('Not found query'))
         wpxss.wpxss(self.agent, self.proxy, self.redirect, self.target,
                     self.method, self.query).run()
         sys.exit()
     # sql attack
     if self.sql == True:
         if not self.method:
             sys.exit(self.printf.erro('Method not exisits!'))
         if not self.query: sys.exit(self.printf.erro('Not found query'))
         wpsql.wpsql(self.agent, self.proxy, self.redirect, self.target,
                     self.method, self.query).run()
         sys.exit()
     # lfi attack
     if self.lfi == True:
         if not self.method:
             sys.exit(self.printf.erro('Method not exisits!'))
         if not self.query: sys.exit(self.printf.erro('Not found query'))
         wplfi.wplfi(self.agent, self.proxy, self.redirect, self.target,
                     self.method, self.query).run()
         sys.exit()
     # attack bruteforce
     if self.brute == True:
         if not self.wordlist:
             sys.exit(self.printf.erro('Not found wordlist!'))
         wpxmlrpc.wpxmlrpc(self.agent, self.proxy, self.redirect,
                           self.target, self.cookie, self.wordlist,
                           self.user).run()
         sys.exit()
     # discovery
     if self.target:
         self._.run(self.agent, self.proxy, self.redirect, self.target)