def send_one_ping(my_socket, dest_addr, id, psize):
"""
Send one ping to the given >dest_addr<.
"""
try:
dest_addr = socket.gethostbyname(dest_addr)
except:
return None
# Remove header size from packet size
psize = psize - 8
# Header is type (8), code (8), checksum (16), id (16), sequence (16)
my_checksum = 0
# Make a dummy heder with a 0 checksum.
header = struct.pack("bbHHh", ICMP_ECHO_REQUEST, 0, my_checksum, id, 1)
bytes = struct.calcsize("d")
data = (psize - bytes) * "Q"
data = struct.pack("d", time.time(
)) + data if version() is 2 else struct.pack("d", time.time()) + data.encode()
# Calculate the checksum on the data and the dummy header.
my_checksum = checksum_py2(
header + data) if version() is 2 else checksum_py3(header + data)
# Now that we have the right checksum, we put that in. It's just easier
# to make up a new header than to stuff it into the dummy.
header = struct.pack(
"bbHHh", ICMP_ECHO_REQUEST, 0, socket.htons(my_checksum), id, 1
)
packet = header + data
my_socket.sendto(packet, (dest_addr, 1)) # Don't know about the 1
def start(shellcode):
chars = string.digits + string.ascii_letters
shellcode = 'xor %edx,%edx\n' + shellcode.replace(
'push $0xb\npop %eax\ncltd', '').replace(
'push %ebx\nmov %esp,%ecx', 'push %ebx\nmov %esp,%ecx' +
'\n' + 'push $0xb\npop %eax\ncltd')
t = True
eax = str('0xb')
while t:
if version() == 2:
eax_1 = binascii.b2a_hex(''.join(
random.choice(chars) for i in range(1)))
if version() == 3:
eax_1 = (binascii.b2a_hex((''.join(
random.choice(chars)
for i in range(1))).encode('latin-1'))).decode('latin-1')
eax_1 = str('0') + str(eax_1[1])
eax_2 = "%x" % (int(eax, 16) - int(eax_1, 16))
if eax > eax_1:
if '00' not in str(eax_1) and '0' not in str(eax_2):
t = False
A = 0
eax = 'push $%s' % (str(eax))
if '-' in eax_2:
A = 1
eax_2 = eax_2.replace('-', '')
eax_add = 'push $0x%s\npop %%eax\nneg %%eax\nadd $0x%s,%%eax\n' % (
eax_2, eax_1)
if A == 0:
eax_add = 'push $0x%s\npop %%eax\nadd $0x%s,%%eax\n' % (eax_2, eax_1)
shellcode = shellcode.replace('push $0xb\npop %eax\ncltd',
eax_add + '\ncltd\n')
for line in shellcode.rsplit('\n'):
if 'push' in line and '$0x' in line and ',' not in line and len(
line) > 14:
data = line.rsplit('push')[1].rsplit('$0x')[1]
t = True
while t:
if version() == 2:
ebx_1 = binascii.b2a_hex(''.join(
random.choice(chars) for i in range(4)))
if version() == 3:
ebx_1 = (binascii.b2a_hex(
(''.join(random.choice(chars) for i in range(4))
).encode('latin-1'))).decode('latin-1')
ebx_2 = "%x" % (int(data, 16) - int(ebx_1, 16))
if str('00') not in str(ebx_1) and str('00') not in str(
ebx_2) and '-' in ebx_2 and len(ebx_2) >= 7 and len(
ebx_1) >= 7 and '-' not in ebx_1:
ebx_2 = ebx_2.replace('-', '')
command = '\npush $0x%s\npop %%ebx\npush $0x%s\npop %%eax\nneg %%eax\nadd %%ebx,%%eax\npush %%eax\n' % (
str(ebx_1), str(ebx_2))
shellcode = shellcode.replace(line, command)
t = False
return shellcode
def obf_code(lang, encode, filename, content,cli):
if version() is 3:
content = content.decode('utf-8')
start = getattr(
__import__('lib.encoder.%s.%s' % (lang, encode),
fromlist=['start']),
'start') #import endoing module
content = start(content,cli) #encoded content as returned value
if version() is 3:
content = bytes(content, 'utf-8')
return content
def obf_code(lang,encode,filename,content):
if version() is 3:
content = content.decode('utf-8')
start = getattr(__import__('lib.encoder.%s.%s'%(lang,encode), fromlist=['start']), 'start') #import endoing module
content = start(content) #encoded content as returned value
if version() is 3:
content = bytes(content, 'utf-8')
f = open(filename,'wb') #writing content
f.write(content)
f.close()
info('file "%s" encoded successfully!\n'%filename)
return
def obf_code(lang,encode,filename,content):
if version() is 3:
content = content.decode('utf-8')
start = getattr(__import__('lib.encoder.%s.%s'%(lang,encode), fromlist=['start']), 'start') #import endoing module
content = start(content) #encoded content as returned value
if version() is 3:
content = bytes(content, 'utf-8')
f = open(filename,'wb') #writing content
f.write(content)
f.close()
info('file "%s" encoded successfully!\n'%filename)
return
def write(content):
if is_not_run_from_api():
if version() is 2:
sys.stdout.write(content.encode('utf8'))
else:
sys.stdout.buffer.write(bytes(content, 'utf8'))
return
def __log_into_file(filename, mode, data, language, final=False):
if version() is 2:
if _builder(_paths(), default_paths())["tmp_path"] in filename:
if not final:
flock = lockfile.FileLock(filename)
flock.acquire()
with open(filename, mode) as save:
save.write(data + '\n')
if not final:
flock.release()
else:
if final:
with open(filename, mode) as save:
save.write(data + '\n')
else:
submit_logs_to_db(language, data)
else:
if _builder(_paths(), default_paths())["tmp_path"] in filename:
if not final:
flock = lockfile.FileLock(filename)
flock.acquire()
with open(filename, mode, encoding='utf-8') as save:
save.write(data + '\n')
if not final:
flock.release()
else:
if final:
with open(filename, mode, encoding='utf-8') as save:
save.write(data + '\n')
else:
submit_logs_to_db(language, data)
def messages(language, msg_id):
"""
load a message from message library with specified language
Args:
language: language
msg_id: message id
Returns:
the message content in the selected language if message found otherwise return message in English
"""
# Returning selected langauge
if language is -1:
return list(
set([
langs.rsplit('_')[1].rsplit('.')[0] for langs in os.listdir(
os.path.dirname(os.path.abspath(__file__)).replace(
'\\', '/') + '/../lib/language/')
if langs != 'readme.md'
and langs.rsplit('_')[1].rsplit('.')[0] != ''
]))
# Importing messages
try:
msgs = getattr(
__import__('lib.language.messages_{0}'.format(language),
fromlist=['all_messages']),
'all_messages')()[str(msg_id)]
except:
msgs = getattr(
__import__('lib.language.messages_en', fromlist=['all_messages']),
'all_messages')()[str(msg_id)]
if version() is 2:
return msgs.decode('utf8')
return msgs
def __log_into_file(filename, mode, data, language, final=False):
"""
write a content into a file (support unicode) and submit logs in database. if final=False its writing log in
the database.
Args:
filename: the filename
mode: writing mode (a, ab, w, wb, etc.)
data: content
language: language
final: True if it's final report otherwise False (default False)
Returns:
True if success otherwise None
"""
log = ''
if version() is 2:
if isinstance(data, str):
try:
log = json.loads(data)
except ValueError:
log = ''
if isinstance(log, dict):
if final:
with open(filename, mode) as save:
save.write(data + '\n')
else:
submit_logs_to_db(language, data)
else:
if not final:
flock = lockfile.FileLock(filename)
flock.acquire()
with open(filename, mode) as save:
save.write(data + '\n')
if not final:
flock.release()
else:
if isinstance(data, str):
try:
log = json.loads(data)
except ValueError:
log = ''
if isinstance(log, dict):
if final:
with open(filename, mode, encoding='utf-8') as save:
save.write(data + '\n')
else:
submit_logs_to_db(language, data)
else:
if not final:
flock = lockfile.FileLock(filename)
flock.acquire()
with open(filename, mode, encoding='utf-8') as save:
save.write(data + '\n')
if not final:
flock.release()
return True
def __input(msg, default):
"""
get input in CLI
Args:
msg: a message to alert
default: default value if user entered (empty)
Returns:
user input content
"""
if version() == 2:
try:
data = moves.input(__input_msg(msg))
if data == "":
data = default
except Exception:
data = default
except KeyboardInterrupt:
print("\n")
exit(1)
else:
try:
data = moves.input(__input_msg(msg))
if data == "":
data = default
except Exception:
data = default
except KeyboardInterrupt:
print("\n")
exit(1)
return data
def _check(__version__, __code_name__, language, socks_proxy):
"""
check for update
Args:
__version__: version number
__code_name__: code name
language: language
socks_proxy: socks proxy
Returns:
True if success otherwise None
"""
try:
if socks_proxy is not None:
socks_version = socks.SOCKS5 if socks_proxy.startswith(
'socks5://') else socks.SOCKS4
socks_proxy = socks_proxy.rsplit('://')[1]
socks.set_default_proxy(socks_version,
str(socks_proxy.rsplit(':')[0]),
int(socks_proxy.rsplit(':')[1]))
socket.socket = socks.socksocket
socket.getaddrinfo = getaddrinfo
data = requests.get(url, headers={
"User-Agent": "OWASP Nettacker"
}).content
if version() is 3:
data = data.decode("utf-8")
if __version__ + ' ' + __code_name__ == data.rsplit('\n')[0]:
info(messages(language, "last_version"))
else:
warn(messages(language, "not_last_version"))
except:
warn(messages(language, "cannot_update"))
return True
def error(content):
"""
build the error message
Args:
content: content of the message
Returns:
the message in error structure - None
"""
if is_not_run_from_api():
if version() is 2:
sys.stdout.write(
color.color("red") +
"[X] [{0}] ".format(now()) +
color.color("yellow") +
content.encode("utf8") +
color.color("reset") +
"\n"
)
else:
sys.stdout.buffer.write(
(
color.color("red") +
"[X] [{0}] ".format(now()) +
color.color("yellow") +
content + color.color("reset") +
"\n"
).encode("utf8")
)
sys.stdout.flush()
return
def messages(language, msg_id):
"""
load a message from message library with specified language
Args:
language: language
msg_id: message id
Returns:
the message content in the selected language if message found otherwise return message in English
"""
# Returning selected language
if language is -1:
return list(
set([
langs.rsplit("_")[1].rsplit(".")[0] for langs in os.listdir(
os.path.dirname(os.path.abspath(__file__)).replace(
"\\", "/") + "/../lib/language/")
if langs != "readme.md"
and langs.rsplit("_")[1].rsplit(".")[0] != ""
]))
# Importing messages
try:
msgs = getattr(
__import__("lib.language.messages_{0}".format(language),
fromlist=["all_messages"]),
"all_messages")()[str(msg_id)]
except Exception as _:
msgs = getattr(
__import__("lib.language.messages_en", fromlist=["all_messages"]),
"all_messages")()[str(msg_id)]
if version() is 2:
return msgs.decode("utf8")
return msgs
def index():
"""
index page for WebUI
Returns:
rendered HTML page
"""
filename = _builder(_core_config(), _core_default_config())["log_in_file"]
if version() == 2:
return render_template("index.html",
scan_method=__scan_methods(),
profile=__profiles(),
graphs=__graphs(),
languages=__languages(),
filename=filename,
method_args_list=load_all_method_args(
__language(), API=True).decode('utf-8'))
return render_template("index.html",
scan_method=__scan_methods(),
profile=__profiles(),
graphs=__graphs(),
languages=__languages(),
filename=filename,
method_args_list=load_all_method_args(__language(),
API=True))
def submit_logs_to_db(language, log):
"""
this function created to submit new events into database
Args:
language: language
log: log event in JSON type
Returns:
True if success otherwise False
"""
if type(log) == str:
log = json.loads(log)
return send_submit_query(
"""
INSERT INTO hosts_log (
host, date, port, type, category,
description, username, password, scan_id, scan_cmd
)
VALUES (
"{0}", "{1}", "{2}", "{3}", "{4}",
"{5}", "{6}", "{7}", "{8}", "{9}"
);
""".format(
log["HOST"], log["TIME"], log["PORT"], log["TYPE"],
log["CATEGORY"], log["DESCRIPTION"].encode('utf8')
if version() is 2 else log["DESCRIPTION"], log["USERNAME"],
log["PASSWORD"], log["SCAN_ID"], log["SCAN_CMD"]), language)
def messages(language, msg_id):
# Returning selected langauge
if language is -1:
return list(
set([
langs.rsplit('_')[1].rsplit('.')[0] for langs in os.listdir(
os.path.dirname(os.path.abspath(__file__)).replace(
'\\', '/') + '/../lib/language/')
if langs != 'readme.md'
and langs.rsplit('_')[1].rsplit('.')[0] != ''
]))
# Importing messages
try:
msgs = getattr(
__import__('lib.language.messages_{0}'.format(language),
fromlist=['all_messages']),
'all_messages')()[str(msg_id)]
except:
msgs = getattr(
__import__('lib.language.messages_en'.format(language),
fromlist=['all_messages']),
'all_messages')()[str(msg_id)]
if version() is 2:
return msgs.decode('utf8')
return msgs
def submit_logs_to_db(language, log):
"""
this function created to submit new events into database
Args:
language: language
log: log event in JSON type
Returns:
True if success otherwise False
"""
if isinstance(log, str):
log = json.loads(log)
if isinstance(log, dict):
session = create_connection(language)
session.add(
HostsLog(host=log["HOST"],
date=log["TIME"],
port=log["PORT"],
type=log["TYPE"],
category=log["CATEGORY"],
description=log["DESCRIPTION"].encode('utf8')
if version() is 2 else log["DESCRIPTION"],
username=log["USERNAME"],
password=log["PASSWORD"],
scan_id=log["SCAN_ID"],
scan_cmd=log["SCAN_CMD"]))
return send_submit_query(session, language)
else:
warn(messages(language, "invalid_json_type_to_db").format(log))
return False
def __input(msg, default):
"""
get input in CLI
Args:
msg: a message to alert
default: default value if user entered (empty)
Returns:
user input content
"""
if version() is 2:
try:
data = raw_input(__input_msg(msg))
if data == '':
data = default
except:
data = default
else:
try:
data = input(__input_msg(msg))
if data == '':
data = default
except:
data = default
return data
def _check(__version__, __code_name__, language):
from core.compatible import version
if version() is 2:
from urllib import urlopen
if version() is 3:
from urllib.request import urlopen
try:
data = urlopen(url).read()
if version() is 3:
data = data.decode("utf-8")
if __version__ + ' ' + __code_name__ == data.rsplit('\n')[0]:
info(messages(language, 103))
else:
warn(messages(language, 101))
except:
warn(messages(language, 102))
return
def __input_msg(content):
if version() is 2:
return color.color('yellow') + '[+] ' + color.color('green') \
+ content.encode('utf8') + color.color('reset')
else:
return bytes(
color.color('yellow') + '[+] ' + color.color('green') + content +
color.color('reset'), 'utf8')
def error(content):
if version() is 2:
sys.stdout.write(
color.color('red') + '[X] ' + color.color('yellow') +
content.encode('utf8') + color.color('reset') + "\n")
else:
data = color.color('red') + '[X] ' + color.color(
'yellow') + content + color.color('reset') + "\n"
sys.stdout.buffer.write(data.encode('utf8'))
return
def error(content):
if is_not_run_from_api():
if version() is 2:
sys.stdout.write(
color.color('red') + '[X] ' + color.color('yellow') +
content.encode('utf8') + color.color('reset') + '\n')
else:
data = color.color('red') + '[X] ' + color.color(
'yellow') + content + color.color('reset') + '\n'
sys.stdout.buffer.write(data.encode('utf8'))
return
def info(content):
if version() is 2:
sys.stdout.write(
color.color('yellow') + '[+] ' + color.color('green') +
content.encode('utf8') + color.color('reset') + "\n")
else:
sys.stdout.buffer.write(
bytes(
color.color('yellow') + '[+] ' + color.color('green') +
content + color.color('reset') + "\n", 'utf8'))
return
def error(content):
time.sleep(1.0000 * random.choice(range(0, 1000)) / 1000)
if version() is 2:
sys.stdout.write(
color.color('red') + '[X] ' + color.color('yellow') +
content.encode('utf8') + color.color('reset') + "\n")
else:
data = color.color('red') + '[X] ' + color.color(
'yellow') + content + color.color('reset') + "\n"
sys.stdout.buffer.write(data.encode('utf8'))
return
def warn(content):
if version() is 2:
sys.stdout.write(
color.color('blue') + '[!] ' + color.color('yellow') +
content.encode('utf8') + color.color('reset') + "\n")
else:
sys.stdout.buffer.write(
bytes(
color.color('blue') + '[!] ' + color.color('yellow') +
content + color.color('reset') + "\n"), 'utf8')
return
def info(content):
time.sleep(1.0000 * random.choice(range(0, 1000)) / 1000)
if version() is 2:
sys.stdout.write(
color.color('yellow') + '[+] ' + color.color('green') +
content.encode('utf8') + color.color('reset') + '\n')
else:
sys.stdout.buffer.write(
bytes(
color.color('yellow') + '[+] ' + color.color('green') +
content + color.color('reset') + '\n', 'utf8'))
return
def warn(content):
if is_not_run_from_api():
if version() is 2:
sys.stdout.write(
color.color('blue') + '[!] ' + color.color('yellow') +
content.encode('utf8') + color.color('reset') + '\n')
else:
sys.stdout.buffer.write(
bytes(
color.color('blue') + '[!] ' + color.color('yellow') +
content + color.color('reset') + '\n', 'utf8'))
return
def warn(content):
time.sleep(1.0000 * random.choice(range(0, 1000)) / 1000)
if version() is 2:
sys.stdout.write(
color.color('blue') + '[!] ' + color.color('yellow') +
content.encode('utf8') + color.color('reset') + "\n")
else:
sys.stdout.buffer.write(
bytes(
color.color('blue') + '[!] ' + color.color('yellow') +
content + color.color('reset') + "\n", 'utf8'))
return
def sort_logs(log_in_file, language, graph_flag):
_HOST = messages(language, 53)
_USERNAME = messages(language, 54)
_PASSWORD = messages(language, 55)
_PORT = messages(language, 56)
_TYPE = messages(language, 57)
_DESCRIPTION = messages(language, 58)
_TIME = messages(language, 115)
if compatible.version() is 2:
import sys
reload(sys)
sys.setdefaultencoding('utf8')
if (len(log_in_file) >= 5 and log_in_file[-5:] == '.html') or (
len(log_in_file) >= 4 and log_in_file[-4:] == '.htm'):
data = sorted(json.loads('[' + _get_log_values(log_in_file) + ']'), key=lambda x: sorted(x.keys()))
# if user want a graph
_graph = ''
if graph_flag is not None:
_graph = build_graph(graph_flag, language, data, 'HOST', 'USERNAME', 'PASSWORD', 'PORT', 'TYPE',
'DESCRIPTION')
from lib.html_log import _log_data
_css = _log_data.css_1
_table = _log_data.table_title.format(_graph, _css, _HOST, _USERNAME, _PASSWORD, _PORT, _TYPE, _DESCRIPTION,
_TIME)
for value in data:
_table += _log_data.table_items.format(value['HOST'], value['USERNAME'], value['PASSWORD'],
value['PORT'], value['TYPE'], value['DESCRIPTION'], value['TIME'])
_table += _log_data.table_end + '<p class="footer">' + messages(language, 93) \
.format(compatible.__version__, compatible.__code_name__, now()) + '</p>'
_table = _table.encode('utf8')
save = open(log_in_file, 'w' if type(_table) == str else 'wb')
save.write(_table)
save.close()
elif len(log_in_file) >= 5 and log_in_file[-5:] == '.json':
data = json.dumps(sorted(json.loads('[' + _get_log_values(log_in_file) + ']')))
save = open(log_in_file, 'wb')
save.write(data.encode('utf8'))
save.close()
else:
data = sorted(json.loads('[' + _get_log_values(log_in_file) + ']'))
_table = texttable.Texttable()
_table.add_rows([[_HOST, _USERNAME, _PASSWORD, _PORT, _TYPE, _DESCRIPTION, _TIME]])
for value in data:
_table.add_rows([[_HOST, _USERNAME, _PASSWORD, _PORT, _TYPE, _DESCRIPTION, _TIME],
[value['HOST'], value['USERNAME'], value['PASSWORD'], value['PORT'], value['TYPE'],
value['DESCRIPTION'], value['TYPE']]])
save = open(log_in_file, 'wb')
save.write(_table.draw().encode('utf8') + '\n\n' +
messages(language, 93).format(compatible.__version__, compatible.__code_name__,
now()).encode('utf8') + '\n\n')
save.close()
return 0
def _check(__version__, __code_name__, language):
try:
data = requests.get(url, headers={
"User-Agent": "OWASP Nettacker"
}).content
if version() is 3:
data = data.decode("utf-8")
if __version__ + ' ' + __code_name__ == data.rsplit('\n')[0]:
info(messages(language, 103))
else:
warn(messages(language, 101))
except:
warn(messages(language, 102))
return
def __log_into_file(filename, mode, data, language, final=False):
"""
write a content into a file (support unicode) and submit logs in database. if final=False its writing log in
the database.
Args:
filename: the filename
mode: writing mode (a, ab, w, wb, etc.)
data: content
language: language
final: True if it's final report otherwise False (default False)
Returns:
True if success otherwise None
"""
if version() is 2:
if _builder(_paths(), default_paths())["tmp_path"] in filename:
if not final:
flock = lockfile.FileLock(filename)
flock.acquire()
with open(filename, mode) as save:
save.write(data + '\n')
if not final:
flock.release()
else:
if final:
with open(filename, mode) as save:
save.write(data + '\n')
else:
submit_logs_to_db(language, data)
else:
if _builder(_paths(), default_paths())["tmp_path"] in filename:
if not final:
flock = lockfile.FileLock(filename)
flock.acquire()
with open(filename, mode, encoding='utf-8') as save:
save.write(data + '\n')
if not final:
flock.release()
else:
if final:
with open(filename, mode, encoding='utf-8') as save:
save.write(data + '\n')
else:
submit_logs_to_db(language, data)
return True
#!/usr/bin/env python
'''
OWASP ZSC
https://www.owasp.org/index.php/OWASP_ZSC_Tool_Project
https://github.com/zscproject/OWASP-ZSC
http://api.z3r0d4y.com/
https://groups.google.com/d/forum/owasp-zsc [ owasp-zsc[at]googlegroups[dot]com ]
'''
import binascii
import random
import string
from core.compatible import version
_version = version()
def encode(f):
var_name = ''.join(
random.choice(string.ascii_lowercase + string.ascii_uppercase)
for i in range(50))
if _version is 2:
rev_data = binascii.b2a_base64(f)[-2::-1]
data = var_name + ' = "' + str(rev_data) + '"'
if _version is 3:
rev_data = binascii.b2a_base64(f.encode('utf8')).decode('utf8')[-2::-1]
data = var_name + ' = "' + str(rev_data) + '"'
func_name = ''.join(
random.choice(string.ascii_lowercase + string.ascii_uppercase)
for i in range(50))
func_argv = ''.join(
random.choice(string.ascii_lowercase + string.ascii_uppercase)
def st(data):
if version() is 2:
return str(binascii.b2a_hex(data[::-1]))
if version() is 3:
return (binascii.b2a_hex(data[::-1].encode('latin-1'))).decode('latin-1')