def verify_poc(scan_data): plugin_name = scan_data['plugin_name'] plugin_filename = scan_data['plugin_filename'] target = scan_data['target'] info = {"pocname": plugin_name, "pocstring": open(plugin_filename, 'r').read(), "mode": 'verify' } try: invoker = Cannon(target, info) result = invoker.run() if result[-3][0] == 1: scan_result = { "plugin_filename": scan_data['plugin_filename'], "plugin_name": scan_data['plugin_name'], "plugin_id": scan_data['plugin_id'], "plugin_type": scan_data['plugin_type'], "plugin_app": scan_data['plugin_app'], "plugin_version": scan_data['plugin_version'], "target": scan_data['target'], "task_id": scan_data['task_id'], "task_name": scan_data['task_name'], "scan_result": result[-1], "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "tag": "" } connectiondb(vul_db).insert(scan_result) except Exception as e: raise e
def config(): connectiondb(config_db).drop() subdomain_dict = [] subdomain_dict_path = os.getcwd() + '/tests/domain.dict' try: with open(subdomain_dict_path) as file_read: for i in file_read: subdomain_dict.append(i.strip()) except Exception as e: print(e) subdomain_dict = ['www', 'mail', 'test'] config_data = { 'poc_thread': 50, 'discovery_thread': 52, 'subdomain_thread': 53, 'port_thread': 54, 'config_name': config_name, 'poc_frequency': 15, 'port_list': [20, 21, 22, 23, 80, 81, 443, 445, 544, 873, 1080, 1433, 1434, 1521, 2100, 3306, 3389, 4440, 5671, 5672, 5900, 5984, 6379, 7001, 8080, 8081, 8089, 8888, 9090, 9200, 11211, 15672, 27017, 50070], 'subdomain_dict_2': subdomain_dict, 'subdomain_dict_3': ['www', 'mail', 'test'], 'username_dict': ['admin', 'root', 'administrators'], 'password_dict': ['123456', 'password', '12345678', 'admin', 'admin123'], 'auth_tester_thread': 100, 'discovery_time': "11:00:00" } connectiondb(config_db).insert_one(config_data)
def multi_brute(self): data_save = [] result = [] self.resolver_ip = self.resolver_check() pool = Pool(processes=self.thread) for sub_domain in self.domain_handle(): result.append(pool.apply_async(resolution, (sub_domain, ))) pool.close() pool.join() for res in result: self.result = res.get() for subdomain in self.result: if self.result[subdomain] != self.resolver_ip: data = { "subdomain": subdomain, "domain": self.domain, "domain_id": self.domain_id, "date": datetime.now().strftime("%Y-%m-%d %H:%M:%S"), "result": self.result[subdomain], "title": '', } data_save.append(data) try: if data_save: connectiondb(subdomain_db).insert_many(data_save, ordered=True) except Exception as e: print("[!] %s Saved result error: %s" % (datetime.now().strftime("%Y-%m-%d %H:%M:%S"), e)) print("[*] %s %s Brute Done" % (datetime.now().strftime("%Y-%m-%d %H:%M:%S"), self.domain))
def multi_brute(self): start_date = datetime.now() self.resolver_ip = self.resolver_check() pool = Pool(processes=self.thread) result = [] for sub_domain in self.domain_handle(): result.append(pool.apply_async(resolution, (sub_domain,))) pool.close() pool.join() for res in result: self.result = res.get() for subdomain in self.result: if self.result[subdomain] != self.resolver_ip: data = { "subdomain": subdomain, "domain": self.domain, "domain_id": self.domain_id, "date": datetime.now().strftime("%Y-%m-%d %H:%M:%S"), "result": self.result[subdomain], "title": '', } lock.acquire() try: connectiondb(subdomain_db).insert_one(data) # print(self.result, var) except Exception as e: print("save_db error", e) lock.release() scan_time = datetime.now() - start_date print("++++++++++ Scan Done! ++++++++++", scan_time.total_seconds())
def verify_poc(scan_data): plugin_name = scan_data['plugin_name'] plugin_filename = scan_data['plugin_filename'] target = scan_data['target'] info = { "pocname": plugin_name, "pocstring": open(plugin_filename, 'r').read(), "mode": 'verify' } try: invoker = Cannon(target, info) result = invoker.run() if result[-3][0] == 1: scan_result = { "plugin_filename": scan_data['plugin_filename'], "plugin_name": scan_data['plugin_name'], "plugin_id": scan_data['plugin_id'], "plugin_type": scan_data['plugin_type'], "plugin_app": scan_data['plugin_app'], "plugin_version": scan_data['plugin_version'], "target": scan_data['target'], "task_id": scan_data['task_id'], "task_name": scan_data['task_name'], "scan_result": result[-1], "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "tag": "" } connectiondb(vul_db).insert(scan_result) except Exception as e: raise e
def start_scan(self): tmp_result = [] args = self.args connectiondb(auth_db).update_one({"_id": self.task_id}, {"$set": {"status": "Processing"}}) for service in self.service_list: # Filter online host pool_a = Pool(processes=self.processes) args_check = self._args_parse(service, 'check') for args in args_check: tmp_result.append(pool_a.apply_async(host_check, (args,))) pool_a.close() pool_a.join() for res_a in tmp_result: if res_a.get(): self.online_target.append(res_a.get()) # start crack pool_b = Pool(processes=self.processes) args_crack = self._args_parse(service, 'crack') for args in args_crack: self.result.append(pool_b.apply_async(hydra_scanner, (args,))) pool_b.close() pool_b.join() self.online_target = [] for res_b in self.result: if res_b.get(): target = res_b.get()['target'] service = res_b.get()['service'] username = res_b.get()['username'] password = res_b.get()['password'] self.save_result(target, service, username, password) connectiondb(auth_db).update_one({"_id": self.task_id}, {"$set": { "status": "Completed", "week_count": self.week_count, }})
def multi_brute(self): start_date = datetime.now() self.resolver_ip = self.resolver_check() pool = Pool(processes=self.thread) result = [] for sub_domain in self.domain_handle(): result.append(pool.apply_async(resolution, (sub_domain, ))) pool.close() pool.join() for res in result: self.result = res.get() for subdomain in self.result: if self.result[subdomain] != self.resolver_ip: data = { "subdomain": subdomain, "domain": self.domain, "domain_id": self.domain_id, "date": datetime.now().strftime("%Y-%m-%d %H:%M:%S"), "result": self.result[subdomain], "title": '', } lock.acquire() try: connectiondb(subdomain_db).insert_one(data) # print(self.result, var) except Exception as e: print("save_db error", e) lock.release() scan_time = datetime.now() - start_date print("++++++++++ Scan Done! ++++++++++", scan_time.total_seconds())
def __init__(self, task_id): self.task_id = task_id self.tasks_db_cursor = connectiondb(tasks_db).find_one({"_id": self.task_id}) self.target_list = parse_target(self.tasks_db_cursor['scan_target']) self.plugin_id_list = self.tasks_db_cursor['plugin_id'] self.result_tmp = [] self.result = [] self.processes = connectiondb(config_db).find_one({"config_name": config_name})['poc_thread']
def __init__(self, asset_id): self.asset_id = asset_id self.result_tmp = [] self.result = [] self.port_list = connectiondb(config_db).find_one({"config_name": config_name})['port_list'] self.processes = connectiondb(config_db).find_one({"config_name": config_name})['discovery_thread'] self.asset_name = connectiondb(asset_db).find_one({"_id": self.asset_id})['asset_name'] self.host_list = parse_target(connectiondb(asset_db).find_one({"_id": self.asset_id})['asset_host'])
def start_scan(self): connectiondb(auth_db).update_one({"_id": self.task_id}, {"$set": {"status": "Processing"}}) # start host check tmp_result = [] check_time = datetime.now() print("[*] %s %s Service Check..." % (check_time.strftime("%Y-%m-%d %H:%M:%S"), self.task_name)) for service in self.service_list: # Filter online host pool_a = Pool(processes=self.processes) for target in self.target_list: tmp_result.append(pool_a.apply_async(service_check, (target, service, self.args))) pool_a.close() pool_a.join() for res_a in tmp_result: if res_a.get(): target = res_a.get()['target'] check_res = res_a.get()['result'] if check_res: username = check_res['username'] password = check_res['password'] if not username: username = "******" if not password: password = "******" self.save_result(target, service, username, password) else: self.online_target.append(target) self.check_result[service] = self.online_target self.online_target = [] tmp_result = [] check_end_time = datetime.now() print("[*] %s %s Service Check Done..." % (check_end_time.strftime("%Y-%m-%d %H:%M:%S"), self.task_name)) print("[*] %s Service check used time: %ss" % (self.task_name, (check_end_time - check_time).seconds)) # start crack print("[*] %s %s Crack Start..." % (datetime.now().strftime("%Y-%m-%d %H:%M:%S"), self.task_name)) pool_b = Pool(processes=self.processes) for service, target_list in self.check_result.items(): # print(service, target_list) self.result.append(pool_b.apply_async(hydra_scanner, (target_list, service, self.username_list, self.password_list, self.args))) pool_b.close() pool_b.join() print("[*] %s %s Crack Done..." % (datetime.now().strftime("%Y-%m-%d %H:%M:%S"), self.task_name)) for res_b in self.result: if res_b.get(): for i in res_b.get(): target = i['target'] service = i['service'] username = i['username'] password = i['password'] self.save_result(target, service, username, password) print("[*] %s Crack used time: %ss" % (self.task_name, (datetime.now() - check_time).seconds)) print("[*] %s %s Saving result..." % (datetime.now().strftime("%Y-%m-%d %H:%M:%S"), self.task_name)) connectiondb(auth_db).update_one({"_id": self.task_id}, {"$set": { "status": "Completed", "week_count": self.week_count, }}) print("[*] %s %s Save result done..." % (datetime.now().strftime("%Y-%m-%d %H:%M:%S"), self.task_name))
def __init__(self, task_id): self.task_id = task_id self.tasks_db_cursor = connectiondb(tasks_db).find_one( {"_id": self.task_id}) self.target_list = parse_target(self.tasks_db_cursor['scan_target']) self.plugin_id_list = self.tasks_db_cursor['plugin_id'] self.result_tmp = [] self.result = [] self.processes = connectiondb(config_db).find_one( {"config_name": config_name})['poc_thread']
def port_result(self): self.result.append(self.scan().command_line()) for i in self.scan().csv().split('\r\n'): self.result.append(i) self.result.pop(1) connectiondb(port_db).update_one({"_id": self.scan_id}, {'$set': { 'status': 'Done', 'detail': self.result }}) return self.result
def save_result(self): if connectiondb(server_db).find_one({"asset_id": self.asset_id}): connectiondb(server_db).update({"asset_id": self.asset_id}, {"$set": {"tag": "delete"}}, multi=True) for res in self.result: res['asset_name'] = self.asset_name res['asset_id'] = self.asset_id res['tag'] = "" res['date'] = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) connectiondb(server_db).insert(res, check_keys=False) print(self.asset_id, "Discovery done...")
def __init__(self, domain, domain_id): self.domain = domain self.domain_id = domain_id self.sub_domain = [] self.third_domain = connectiondb(domain_db).find_one({"_id": domain_id})['third_domain'] self.resolver_ip = '' self.result = '' self.thread = int(connectiondb(config_db).find_one({"config_name": config_name})['subdomain_thread']) self.subdomain_dict_2 = connectiondb(config_db).find_one({"config_name": config_name})['subdomain_dict_2'] self.subdomain_dict_3 = connectiondb(config_db).find_one({"config_name": config_name})['subdomain_dict_3'] self.random_subdomain = ''.join(sample(digits + ascii_lowercase, 10)) + '.' + domain
def start_domain_brute(domain, domain_id): connectiondb(domain_db).update_one({"_id": domain_id}, {"$set": { "status": "Running" }}) for i in domain: start_brute = DomainBrute(i, domain_id) start_brute.multi_brute() connectiondb(domain_db).update_one({"_id": domain_id}, {"$set": { "status": "Done" }}) get_domain_title(domain_id)
def start_loop_scan(self): connectiondb(weekpasswd_db).update({"task_id": self.task_id}, {"$set": {"tag": "delete"}}, multi=True) connectiondb(auth_db).update_one({"_id": self.task_id}, {"$set": { "status": "Queued", "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "week_count": 0, }}) scanner = AuthCrack(self.task_id) if scanner: t1 = Thread(target=scanner.start_scan, args=()) t1.start() return True
def port_result(self): self.result.append(self.scan().command_line()) for i in self.scan().csv().split('\r\n'): self.result.append(i) self.result.pop(1) connectiondb(port_db).update_one( {"_id": self.scan_id}, {'$set': { 'status': 'Done', 'detail': self.result }}) return self.result
def save_result(self, target, service, username, password): data = { "target": target, "service": service, "username": username, "password": password, "date": datetime.now().strftime("%Y-%m-%d %H:%M:%S"), "task_id": self.task_id, "task_name": self.task_name, "tag": "" } self.week_count += 1 connectiondb(weekpasswd_db).insert_one(data)
def __init__(self, asset_id): self.asset_id = asset_id self.result_tmp = [] self.result = [] self.port_list = connectiondb(config_db).find_one( {"config_name": config_name})['port_list'] self.processes = connectiondb(config_db).find_one( {"config_name": config_name})['discovery_thread'] self.asset_name = connectiondb(asset_db).find_one( {"_id": self.asset_id})['asset_name'] self.host_list = parse_target( connectiondb(asset_db).find_one({"_id": self.asset_id})['asset_host'])
def local_install(): print("[*]Processing...") connectiondb(plugin_db).drop() path = os.getcwd() + '/pocsuite_plugin/' files = os.listdir(path) for file_name in files: plugin_info = parse_plugin(path + file_name.strip()) if plugin_info is None: pass else: db_insert = connectiondb(plugin_db).insert_one( plugin_info).inserted_id print("[*]Processing Completed!")
def config(): subdomain_dict = [] subdomain_dict_path = os.getcwd() + '/tests/domain.dict' try: with open(subdomain_dict_path) as file_read: for i in file_read: subdomain_dict.append(i.strip()) except Exception as e: print(e) subdomain_dict = ['www', 'mail', 'test'] if not connectiondb(config_db).find_one({"config_name": config_name}): config_data = { 'poc_thread': 50, 'discovery_thread': 50, 'subdomain_thread': 50, 'port_thread': 50, 'config_name': config_name, 'poc_frequency': 15, 'port_list': [ 20, 21, 22, 23, 80, 81, 443, 445, 544, 873, 1080, 1433, 1434, 1521, 2100, 3306, 3389, 4440, 5671, 5672, 5900, 5984, 6379, 7001, 8080, 8081, 8089, 8888, 9090, 9200, 11211, 15672, 27017, 50070 ], 'subdomain_dict_2': subdomain_dict, 'subdomain_dict_3': ['www', 'mail', 'test'], 'username_dict': ['admin', 'root', 'administrators'], 'password_dict': ['123456', 'password', '12345678', 'admin', 'admin123'], 'auth_tester_thread': 50, 'discovery_time': "10:30:00", 'auth_service': [ 'asterisk', 'cisco', 'cisco-enable', 'cvs', 'firebird', 'ftp', 'ftps', 'http-proxy', 'http-proxy-urlenum', 'icq', 'imap', 'irc', 'ldap2', 'mssql', 'mysql', 'nntp', 'oracle-listener', 'oracle-sid', 'pcanywhere', 'pcnfs', 'pop3', 'postgres', 'rdp', 'redis', 'rexec', 'rlogin', 'rsh', 's7-300', 'sip', 'smb', 'smtp', 'smtp-enum', 'snmp', 'socks5', 'ssh', 'sshkey', 'svn', 'teamspeak', 'telnet', 'vmauthd', 'vnc', 'xmpp' ], } connectiondb(config_db).insert_one(config_data)
def set_scanner(self): connectiondb(tasks_db).update_one({'_id': ObjectId(self.task_id)}, {'$set': {'task_status': 'Processing'}}) if connectiondb(vul_db).find_one({"task_id": self.task_id}): connectiondb(vul_db).update({'task_id': self.task_id}, {"$set": {"tag": "delete"}}, multi=True) pool_scanner = Pool(processes=self.processes) for target in self.target_list: for plugin_id in self.plugin_id_list: plugin_cursor = connectiondb(plugin_db).find_one({"_id": ObjectId(plugin_id)}) scan_data = { "plugin_filename": plugin_cursor['plugin_filename'].encode("UTF-8"), "plugin_name": plugin_cursor['plugin_name'].encode("UTF-8"), "plugin_id": plugin_cursor['_id'], "plugin_type": plugin_cursor['plugin_type'], "plugin_app": plugin_cursor['plugin_app'], "plugin_version": plugin_cursor['plugin_version'], "target": target, "task_id": self.task_id, "task_name": self.tasks_db_cursor['task_name'], } pool_scanner.apply_async(verify_poc, (scan_data,)) pool_scanner.close() pool_scanner.join() connectiondb(tasks_db).update_one({'_id': ObjectId(self.task_id)}, { '$set': { 'task_status': 'Completed', 'end_date': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) } })
def start_scan(self): tmp_result = [] args = self.args connectiondb(auth_db).update_one({"_id": self.task_id}, {"$set": { "status": "Processing" }}) for service in self.service_list: # Filter online host pool_a = Pool(processes=self.processes) args_check = self._args_parse(service, 'check') for args in args_check: tmp_result.append(pool_a.apply_async(host_check, (args, ))) pool_a.close() pool_a.join() for res_a in tmp_result: if res_a.get(): target = res_a.get()['target'] check_res = res_a.get()['result'] if check_res: username = check_res['username'] password = check_res['password'] if not username: username = "******" if not password: password = "******" self.save_result(target, service, username, password) else: self.online_target.append(target) # start crack pool_b = Pool(processes=self.processes) args_crack = self._args_parse(service, 'crack') for args in args_crack: self.result.append(pool_b.apply_async(hydra_scanner, (args, ))) pool_b.close() pool_b.join() self.online_target = [] for res_b in self.result: if res_b.get(): target = res_b.get()['target'] service = res_b.get()['service'] username = res_b.get()['username'] password = res_b.get()['password'] self.save_result(target, service, username, password) connectiondb(auth_db).update_one( {"_id": self.task_id}, {"$set": { "status": "Completed", "week_count": self.week_count, }})
def save_result(self): if connectiondb(server_db).find_one({"asset_id": self.asset_id}): connectiondb(server_db).update({"asset_id": self.asset_id}, {"$set": { "tag": "delete" }}, multi=True) for res in self.result: res['asset_name'] = self.asset_name res['asset_id'] = self.asset_id res['tag'] = "" res['date'] = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) connectiondb(server_db).insert(res, check_keys=False) print(self.asset_id, "Discovery done...")
def __init__(self, task_id): self.task_id = task_id self.db_cursor = connectiondb(auth_db).find_one({"_id": self.task_id}) self.processes = connectiondb(config_db).find_one({"config_name": config_name})['auth_tester_thread'] self.task_name = self.db_cursor['task_name'] self.username_list = self.db_cursor['username'] self.password_list = self.db_cursor['password'] self.target_list = parse_target(self.db_cursor['target']) self.online_target = [] self.service_list = self.db_cursor['service'] self.args = self.db_cursor['args'] self.result_pool = [] self.result = [] self.week_count = 0
def __init__(self, task_id): self.task_id = task_id self.db_cursor = connectiondb(auth_db).find_one({"_id": self.task_id}) self.processes = connectiondb(config_db).find_one( {"config_name": config_name})['auth_tester_thread'] self.task_name = self.db_cursor['task_name'] self.username_list = self.db_cursor['username'] self.password_list = self.db_cursor['password'] self.target_list = parse_target(self.db_cursor['target']) self.online_target = [] self.service_list = self.db_cursor['service'] self.args = self.db_cursor['args'] self.result_pool = [] self.result = [] self.week_count = 0
def save_result(self): if connectiondb(server_db).find_one({"asset_id": self.asset_id}): connectiondb(server_db).update({"asset_id": self.asset_id}, {"$set": { "tag": "delete" }}, multi=True) for res in self.result: res['asset_name'] = self.asset_name res['asset_id'] = self.asset_id res['tag'] = "" res['date'] = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) try: connectiondb(server_db).insert_one(res) except Exception as e: print("[!] Save discovery result error %s" % e)
def get_domain_title(domain_id): pool = Pool(processes=50) result = [] for i in connectiondb(subdomain_db).find({"domain_id": domain_id}): result.append(pool.apply_async(get_title, (i['subdomain'], i['_id']))) pool.close() pool.join() for res in result: lock.acquire() try: connectiondb(subdomain_db).update_one({"_id": res.get()["_id"]}, {"$set": { "title": res.get()['title'] }}) except Exception as e: print("update title error", e) lock.release()
def _get_task(self): for task_info in connectiondb(auth_db).find(): self.recursion = task_info['recursion'] self.status = task_info['status'] self.scan_date = task_info['date'] self.task_id = task_info['_id'] start_date = datetime.strptime(self.scan_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.now() - start_date).total_seconds() if self.recursion == 0: pass # every day elif self.recursion == 1 and "Completed" in self.status: if plan_time > 60 * 60 * 24 * 1: if self.start_loop_scan(): print( "[*] Every Day Task Start...", time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) # every week elif self.recursion == 7 and "Completed" in self.status: if plan_time > 60 * 60 * 24 * 7: if self.start_loop_scan(): print( "[*] Every Week Task Start...", time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) # every month elif self.recursion == 30 and "Completed" in self.status: if plan_time > 60 * 60 * 24 * 30: if self.start_loop_scan(): print( "[*] Every Month Task Start...", time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()))
def _get_task(self): for task_info in connectiondb(auth_db).find(): self.recursion = task_info['recursion'] self.status = task_info['status'] self.scan_date = task_info['date'] self.task_id = task_info['_id'] start_date = datetime.strptime(self.scan_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.now() - start_date).total_seconds() if self.recursion == 0: pass # every day elif self.recursion == 1 and "Completed" in self.status: if plan_time > 60 * 60 * 24 * 1: if self.start_loop_scan(): print("[*] Every Day Task Start...", time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) # every week elif self.recursion == 7 and "Completed" in self.status: if plan_time > 60 * 60 * 24 * 7: if self.start_loop_scan(): print("[*] Every Week Task Start...", time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) # every month elif self.recursion == 30 and "Completed" in self.status: if plan_time > 60 * 60 * 24 * 30: if self.start_loop_scan(): print("[*] Every Month Task Start...", time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()))
def __init__(self, target_list, username_list, password_list, plugin): self.target_list = target_list self.username_list = username_list self.password_list = password_list self.plugin = plugin self.result = [] self.result_tmp = [] self.processes = connectiondb(config_db).find_one({"config_name": config_name})['auth_tester_thread']
def __init__(self, target_list, password_list): self.target_list = target_list self.password_list = password_list self.redis_target = [] self.result_check = [] self.result_auth = [] self.result = [] self.processes = connectiondb(config_db).find_one({"config_name": config_name})['auth_tester_thread']
def __init__(self, domain, domain_id): self.domain = domain self.domain_id = domain_id self.sub_domain = [] self.third_domain = connectiondb(domain_db).find_one( {"_id": domain_id})['third_domain'] self.resolver_ip = '' self.result = '' self.thread = int( connectiondb(config_db).find_one({"config_name": config_name })['subdomain_thread']) self.subdomain_dict_2 = connectiondb(config_db).find_one( {"config_name": config_name})['subdomain_dict_2'] self.subdomain_dict_3 = connectiondb(config_db).find_one( {"config_name": config_name})['subdomain_dict_3'] self.random_subdomain = ''.join(sample(digits + ascii_lowercase, 10)) + '.' + domain
def get_domain_title(domain_id): pool = Pool(processes=50) result = [] for i in connectiondb(subdomain_db).find({"domain_id": domain_id}): result.append(pool.apply_async(get_title, (i['subdomain'], i['_id']))) pool.close() pool.join() for res in result: lock.acquire() try: connectiondb(subdomain_db).update_one( {"_id": res.get()["_id"]}, {"$set": { "title": res.get()['title'] }}) except Exception as e: print("update title error", e) lock.release()
def __init__(self, domain, domain_id): print("[*] %s %s Brute Start" % (datetime.now().strftime("%Y-%m-%d %H:%M:%S"), domain)) self.domain = domain self.domain_id = domain_id self.sub_domain = [] self.third_domain = connectiondb(domain_db).find_one( {"_id": domain_id})['third_domain'] self.resolver_ip = '' self.result = '' self.thread = int( connectiondb(config_db).find_one({"config_name": config_name })['subdomain_thread']) self.subdomain_dict_2 = connectiondb(config_db).find_one( {"config_name": config_name})['subdomain_dict_2'] self.subdomain_dict_3 = connectiondb(config_db).find_one( {"config_name": config_name})['subdomain_dict_3'] self.random_subdomain = ''.join(sample(digits + ascii_lowercase, 10)) + '.' + domain
def start_scan(self): connectiondb(auth_db).update_one({"_id": self.task_id}, {"$set": { "status": "Processing" }}) if self.plugin == "Redis Auth": scanner = redis_plugin.RedisPlugin(self.target_list, self.password_list) self.result = scanner.redis_scan() for i in self.result: self.save_result(i['target'], i['username'], i['password']) elif self.plugin == "Basic Auth": scanner = http_plugin.HttpPlugin(self.target_list, self.username_list, self.password_list, self.plugin) self.result = scanner.http_scan() for i in self.result: self.save_result(i['target'], i['username'], i['password']) elif self.plugin == "SSH Auth": scanner = ssh_plugin.SSHPlugin(self.target_list, self.username_list, self.password_list) self.result = scanner.ssh_scan() for i in self.result: self.save_result(i['target'], i['username'], i['password']) elif self.plugin == "MySQL Auth": scanner = mysql_plugin.MySQLPlugin(self.target_list, self.username_list, self.password_list) self.result = scanner.mysql_scan() for i in self.result: self.save_result(i['target'], i['username'], i['password']) connectiondb(auth_db).update_one( {"_id": self.task_id}, {"$set": { "status": "Completed", "week_count": self.week_count }})
def start_domain_brute(domain_list, domain_id): time_start = datetime.now() print("[*] %s Domain Brute start %s" % (time_start.strftime("%Y-%m-%d %H:%M:%S"), domain_id)) connectiondb(domain_db).update_one({"_id": domain_id}, {"$set": { "status": "Running" }}) for domain in domain_list: start_brute = DomainBrute(domain, domain_id) start_brute.multi_brute() connectiondb(domain_db).update_one({"_id": domain_id}, {"$set": { "status": "Done" }}) time_end = datetime.now() print("[*] %s Domain Brute Done %s" % (time_end.strftime("%Y-%m-%d %H:%M:%S"), domain_id)) print("[*] %s Used Time: %s" % (time_end.strftime("%Y-%m-%d %H:%M:%S"), (time_end - time_start).seconds)) get_domain_title(domain_id)
def _get_task(self): print("Discovery scheduler success") for asset_info in connectiondb(asset_db).find(): self.discover_option = asset_info['discover_option'] if self.discover_option == "Enable": self.asset_id = asset_info['_id'] try: AssetDiscovery(self.asset_id).set_discovery() except Exception as e: print(e) return e print("Discovery scheduler done")
def set_scanner(self): connectiondb(tasks_db).update_one( {'_id': ObjectId(self.task_id)}, {'$set': { 'task_status': 'Processing' }}) if connectiondb(vul_db).find_one({"task_id": self.task_id}): connectiondb(vul_db).update({'task_id': self.task_id}, {"$set": { "tag": "delete" }}, multi=True) pool_scanner = Pool(processes=self.processes) for target in self.target_list: for plugin_id in self.plugin_id_list: plugin_cursor = connectiondb(plugin_db).find_one( {"_id": ObjectId(plugin_id)}) scan_data = { "plugin_filename": plugin_cursor['plugin_filename'].encode("UTF-8"), "plugin_name": plugin_cursor['plugin_name'].encode("UTF-8"), "plugin_id": plugin_cursor['_id'], "plugin_type": plugin_cursor['plugin_type'], "plugin_app": plugin_cursor['plugin_app'], "plugin_version": plugin_cursor['plugin_version'], "target": target, "task_id": self.task_id, "task_name": self.tasks_db_cursor['task_name'], } pool_scanner.apply_async(verify_poc, (scan_data, )) pool_scanner.close() pool_scanner.join() connectiondb(tasks_db).update_one({'_id': ObjectId(self.task_id)}, { '$set': { 'task_status': 'Completed', 'end_date': time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) } })
def _get_task(self): # while thread_lock: for task_info in connectiondb(tasks_db).find(): self.recursion = int(task_info['task_recursion']) self.task_id = task_info['_id'] self.status = task_info['task_status'] self.end_date = task_info['end_date'] if self.recursion == 0: pass # every day task if self.recursion == 1: if "Processing" in self.status: pass else: start_date = datetime.datetime.strptime( self.end_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.datetime.now() - start_date).total_seconds() if plan_time > 60 * 60 * 24: print("Every day recursion start......") scanner = PocsuiteScanner(self.task_id) scanner.set_scanner() # every week task elif self.recursion == 7: if "Processing" in self.status: pass else: start_date = datetime.datetime.strptime( self.end_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.datetime.now() - start_date).total_seconds() if plan_time > 60 * 60 * 24 * 7: print("Every week start...") scanner = PocsuiteScanner(self.task_id) scanner.set_scanner() # every month task elif self.recursion == 30: if "Processing" in self.status: pass else: start_date = datetime.datetime.strptime( self.end_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.datetime.now() - start_date).total_seconds() if plan_time > 60 * 60 * 24 * 30: print("Every month start...") scanner = PocsuiteScanner(self.task_id) scanner.set_scanner()
def _get_task(self): # while thread_lock: for task_info in connectiondb(tasks_db).find(): self.recursion = int(task_info['task_recursion']) self.task_id = task_info['_id'] self.status = task_info['task_status'] self.end_date = task_info['end_date'] if self.recursion == 0: pass # every day task if self.recursion == 1: if "Processing" in self.status: pass else: start_date = datetime.datetime.strptime(self.end_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.datetime.now() - start_date).total_seconds() if plan_time > 60 * 60 * 24: print("Every day recursion start......") scanner = PocsuiteScanner(self.task_id) scanner.set_scanner() # every week task elif self.recursion == 7: if "Processing" in self.status: pass else: start_date = datetime.datetime.strptime(self.end_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.datetime.now() - start_date).total_seconds() if plan_time > 60 * 60 * 24 * 7: print("Every week start...") scanner = PocsuiteScanner(self.task_id) scanner.set_scanner() # every month task elif self.recursion == 30: if "Processing" in self.status: pass else: start_date = datetime.datetime.strptime(self.end_date, "%Y-%m-%d %H:%M:%S") plan_time = (datetime.datetime.now() - start_date).total_seconds() if plan_time > 60 * 60 * 24 * 30: print("Every month start...") scanner = PocsuiteScanner(self.task_id) scanner.set_scanner()
def acunetix_view(): # scanner view if request.method == "GET": acunetix_task = connectiondb(acunetix_db).find() return render_template('acunetix-scanner.html', acunetix_task=acunetix_task) else: if request.form.get('source') == "new_scan": target_id = [] task_name = request.form.get('task_name') target_list = request.form.get('target_addr').split("\n") scan_type = request.form.get('scan_type') description_val = request.form.get('description_val') for target in parse_target(target_list): target_id.append(AcunetixScanner().start_task(target, description_val, scan_type)['target_id']) task_data = { "task_name": task_name, "target_list": target_list, "scan_type": scan_type, "description": description_val, "status": "", "target_id": target_id, "date": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), } connectiondb(acunetix_db).insert(task_data) # print(new_scan) return "success" elif request.form.get('source') == "delete_task": task_id = request.form.get('delete') target_id = connectiondb(acunetix_db).find_one({"_id": ObjectId(task_id)})['target_id'] if connectiondb(acunetix_db).remove({"_id": ObjectId(task_id)}): for t_id in target_id: AcunetixScanner().delete_target(t_id) return "success" else: return "warning" elif request.form.get('source') == "download_report": task_id = request.form.get('task_id') target_id = connectiondb(acunetix_db).find_one({"_id": ObjectId(task_id)})['target_id'] task_name = connectiondb(acunetix_db).find_one({"_id": ObjectId(task_id)})['task_name'] report_url = AcunetixScanner().reports(target_id, 'targets', task_name) if report_url: return jsonify({"html_url": report_url[0], "pdf_url": report_url[1]}) else: return "warning"
def __init__(self): self.sche_time = connectiondb(config_db).find_one({"config_name": config_name})['discovery_time'].split(":") self.asset_id = '' self.discover_option = ''
def __init__(self): self.sche_time = connectiondb(config_db).find_one( {"config_name": config_name})['discovery_time'].split(":") self.asset_id = '' self.discover_option = ''