Пример #1
0
 def verify(self):
     if not self.check_rule(self.dictdata, self.require):  # 检查是否满足测试条件
         return
     pwdfile = os.path.join("brute", "ssh_pass")
     userfile = os.path.join("brute", "ssh_user")
     pwds = [""]
     pwds += get_data_from_file(
         os.path.join(paths.MYSCAN_DATA_PATH, pwdfile))
     users = get_data_from_file(
         os.path.join(paths.MYSCAN_DATA_PATH, userfile))
     userpass = []
     for user in users:
         for pwd in pwds:
             userpass.append((user, pwd))
     userpass_ = [("oracle", "oracle"), ("postgresql", "postgresql")]
     userpass += userpass_
     # patch_banner_timeout()
     if "Authentication failed" in self.crack_ssh(
         (get_random_str(6).lower(), get_random_str(6).lower())):
         mythread(self.crack_ssh, userpass, 1)
         if self.right_pwd is not None:
             self.result.append({
                 "name":
                 self.name,
                 "url":
                 "tcp://{}:{}".format(self.addr, self.port),
                 "level":
                 self.level,  # 0:Low  1:Medium 2:High
                 "detail": {
                     "vulmsg": self.vulmsg,
                     "user/pwd": "/".join(self.right_pwd)
                 }
             })
Пример #2
0
 def verify(self):
     if not self.check_rule(self.dictdata, self.require):  # 检查是否满足测试条件
         return
     pwdfile = os.path.join("brute", "smb_pass")
     userfile = os.path.join("brute", "smb_user")
     pwds = [""]
     pwds += get_data_from_file(
         os.path.join(paths.MYSCAN_DATA_PATH, pwdfile))
     users = get_data_from_file(
         os.path.join(paths.MYSCAN_DATA_PATH, userfile))
     userpass = []
     for user in users:
         for pwd in pwds:
             userpass.append((user, pwd))
     mythread(self.crack_smb, userpass, cmd_line_options.threads)
     if self.right_pwd is not None:
         self.result.append({
             "name":
             self.name,
             "url":
             "tcp://{}:{}".format(self.addr, self.port),
             "level":
             self.level,  # 0:Low  1:Medium 2:High
             "detail": {
                 "vulmsg": self.vulmsg,
                 "user/pwd": "/".join(self.right_pwd)
             }
         })
Пример #3
0
 def verify(self):
     if not self.check_rule(self.dictdata, self.require):  # 检查是否满足测试条件
         return
     pwdfile = os.path.join("brute", "redis_pass")
     pwds = [None]
     pwds += get_data_from_file(
         os.path.join(paths.MYSCAN_DATA_PATH, pwdfile))
     mythread(self.crack_redis, pwds, cmd_line_options.threads)
     if self.right_pwd is not None:
         self.result.append({
             "name":
             self.name,
             "url":
             "tcp://{}:{}".format(self.addr, self.port),
             "level":
             self.level,  # 0:Low  1:Medium 2:High
             "detail": {
                 "vulmsg": self.vulmsg,
                 "password": self.right_pwd
             }
         })