def GoogleSearch(query, limit, offset=0): key = ConfigFileParser().GoogleDeveloperKey() engine = ConfigFileParser().GoogleEngine() if not key or not engine: sys.exit() try: service = build("customsearch", "v1", http=_initHttpClient(), developerKey=key) result_info = service.cse().list(q=query, cx=engine).execute() msg = 'Max query results: %s' % str(result_info['searchInformation']['totalResults']) logger.info(msg) ans = set() limit += offset for i in range(int(offset / 10), int((limit + 10 - 1) / 10)): result = service.cse().list(q=query, cx=engine, num=10, start=i * 10 + 1).execute() if 'items' in result: for url in result['items']: ans.add(url['link']) return ans except SocketError: sys.exit(logger.error('Unable to connect Google, maybe agent/proxy error.')) except ServerHttpDenied, e: logger.warning('It seems like Google-Server denied this request.') sys.exit(logger.error(getSafeExString(e)))
def handle_censys(query, limit, offset): global UID global SECRET UID = ConfigFileParser().censys_UID() SECRET = ConfigFileParser().censys_SECRET() msg = '[+] Trying to login with credentials in config file: {}.'.format( paths.CONFIG_PATH) colorprint.green(msg) if not can_auto_login(): err_msg = '[-] Automatic authorization failed.\n[*] Please input your censys API Key (https://censys.io/account/api).' colorprint.cyan(err_msg) UID = input('[*] UID > ').strip() SECRET = input('[*] SECRET > ').strip() if not can_auto_login(): err_msg = "[-] authorization failed" colorprint.red(err_msg) sys.exit() page_start = int(offset / 100) + 1 page_stop = page_start + int(limit / 100) + 1 for page in range(page_start, page_stop): get_ip(query, page) # the last loop dont need sleep if page < page_stop - 1: time.sleep(3)
def _initHttpClient(): if conf.GOOGLE_PROXY: proxy_str = conf.GOOGLE_PROXY elif ConfigFileParser().GoogleProxy(): proxy_str = ConfigFileParser().GoogleProxy() else: proxy_str = None if not proxy_str: return Http() msg = 'Proxy: %s' % proxy_str logger.info(msg) proxy = proxy_str.strip().split(' ') if len(proxy) != 3: msg = 'SyntaxError in GoogleProxy string, Please check your args or config file.' sys.exit(logger.error(msg)) if proxy[0].lower() == 'http': type = PROXY_TYPE.HTTP elif proxy[0].lower() == 'sock5': type = PROXY_TYPE.SOCKS5 elif proxy[0].lower() == 'sock4': type = PROXY_TYPE.SOCKS4 else: msg = 'Invalid proxy-type in GoogleProxy string, Please check your args or config file.' sys.exit(logger.error(msg)) try: port = int(proxy[2]) except ValueError: msg = 'Invalid port in GoogleProxy string, Please check your args or config file.' sys.exit(logger.error(msg)) else: http_client = Http(proxy_info=ProxyInfo(type, proxy[1], port)) return http_client
def handle_censys(query, limit, offset): global UID global SECRET UID = ConfigFileParser().censys_UID() SECRET = ConfigFileParser().censys_SECRET() if not can_auto_login(): err_msg = '[-] Automatic authorization failed.\n\ [*] Please input your Shodan API Key (https://account.shodan.io/).' colorprint.cyan(err_msg) UID = input('[*] UID > ').strip() SECRET = input('[*] UID > ').strip() if not can_auto_login(UID, SECRET): err_msg = "[-] authorization failed" colorprint.red(err_msg) else: pass else: page_start = int(offset / 160) + 1 page_stop = page_start + int(limit / 160) + 1 for page in range(page_start, page_stop): ip_list = get_ip(query, page) # the last loop dont need sleep if page < page_stop - 1: time.sleep(3)
def handle_fofa(query, limit, offset=0): try: msg = '[+] Trying to login with credentials in config file: {}.'.format( paths.CONFIG_PATH) colorprint.green(msg) email = ConfigFileParser().fofa_email() key = ConfigFileParser().fofa_key() #print(key) if check(email, key): pass else: raise Exception( "Automatic authorization failed") # will go to except block except Exception as e: logger.debug(e) msg = '[*] Automatic authorization failed.' colorprint.cyan(msg) msg = '[*] Please input your FoFa Email and API Key below.' colorprint.cyan(msg) email = input("[*] Fofa Email: ").strip() key = input('[*] Fofa API Key: ').strip() if not check(email, key): msg = '[-] Fofa API authorization failed, Please re-run it and enter a valid key.' colorprint.red(msg) sys.exit() query = base64.b64encode(query.encode('utf-8')).decode('utf-8') # count how many result to search size = limit + offset url = f"https://fofa.so/api/v1/search/all?email={email}&key={key}&qbase64={query}&size={size}" try: response = request.get(url).text resp = json.loads(response) if not resp["error"]: for item in resp.get('results')[offset:]: #print(type(item[0])) if 'https:' not in item[0]: try: requests.get("http://" + item[0], timeout=5, verify=False) conf.target.add("http://" + item[0]) print("http://" + item[0]) except: pass else: try: requests.get(item[0], timeout=5, verify=False) conf.target.add(item[0]) print(item[0]) except: pass except Exception as e: colorprint.red(e) sys.exit()
def auto_login(self): msg = '[+] Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH colorprint.green(msg) try: self.username = ConfigFileParser().ZoomEyeEmail() self.password = ConfigFileParser().ZoomEyePassword() except: pass if bool(self.username and self.password): if self.get_token(): return msg = '[*] Automatic authorization failed.' colorprint.cyan(msg) self.manual_login()
def proxy_regester(args): # if define proxy if args.proxy: proxy = args.proxy else: proxy = ConfigFileParser().proxy() if proxy: # check proxy format try: # check protocol protocol = proxy.split("://")[0].lower() if protocol not in ("socks4",'socks5','http'): raise Exception("proxy protocol format error, please check your proxy (socks4|socks5|http)") # check ip addr ip = proxy.split("://")[1].split(":")[0] compile_ip=re.compile('^(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|[1-9])\.(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|\d)\.(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|\d)\.(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|\d)$') if not compile_ip.match(ip): raise Exception("proxy ip format error, please check your proxy") # check port port = int(proxy.split("://")[1].split(":")[1]) if not 0 <= port <= 65535: raise Exception("proxy port format error, please check your proxy") except Exception as e: colorprint.red(e) sys.exit() msg = "[+] setting proxy: {}://{}:{}".format(protocol, ip, port) colorprint.green(msg) conf.proxy = (protocol, ip, port) else: conf.proxy = None
def auto_login(self): msg = 'Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH logger.info(msg) try: self.username = ConfigFileParser().ZoomEyeEmail() self.password = ConfigFileParser().ZoomEyePassword() except: pass if bool(self.username and self.password): if self.get_token(): return msg = 'Automatic authorization failed.' logger.warning(msg) self.manual_login()
def BaiduSearch(query, limit=10, offset=0): urllist = {''} regex = str(ConfigFileParser().UrlFilter()) try: while len(urllist) < limit: url = "http://www.baidu.com/s?{}".format( urllib.urlencode({ 'wd': query, 'pn': str(offset) + '0', 'tn': 'baidurt', 'ie': 'utf-8', 'bsst': '1' })) request = urllib2.Request(url) response = urllib2.urlopen(request) html = response.read() soup = BS(html, "lxml") td = soup.find_all(class_='f') for t in td: if regex: after_url = re.findall(regex, t.h3.a['href']) if after_url: urllist.add(after_url[0]) else: after_url = iterate_path(t.h3.a['href']) for each_url in after_url: urllist.add(each_url) offset = offset + 1 return urllist except urllib2.URLError, e: logger.warning('It seems like URL is wrong') sys.exit(logger.error(getSafeExString(e)))
def handle_fofa(query, limit, offset=0): try: msg = '[+] Trying to login with credentials in config file: {}.'.format( paths.CONFIG_PATH) colorprint.green(msg) email = ConfigFileParser().fofa_email() key = ConfigFileParser().fofa_key() if check(email, key): pass else: raise Exception( "Automatic authorization failed") # will go to except block except Exception as e: logger.debug(e) msg = '[*] Automatic authorization failed.' colorprint.cyan(msg) msg = '[*] Please input your FoFa Email and API Key below.' colorprint.cyan(msg) email = input("[*] Fofa Email: ").strip() key = input('[*] Fofa API Key: ').strip() if not check(email, key): msg = '[-] Fofa API authorization failed, Please re-run it and enter a valid key.' colorprint.red(msg) sys.exit() query = base64.b64encode(query.encode('utf-8')).decode('utf-8') # count how many result to search size = limit + offset url = f"https://fofa.info/api/v1/search/all?email={email}&key={key}&qbase64={query}&size={size}&fields=host,ip,protocol,port" try: response = request.get(url).text resp = json.loads(response) if not resp["error"]: for item in resp.get('results')[offset:]: host = item[0] protocol = item[2] # 下面根据host,ip, protocal, port来组装,一般用host就够了,但是对于http/https还需要处理一下 if protocol == "https" or protocol == "http": if not host.startswith("http"): host = protocol + "://" + host conf.target.add(host) except Exception as e: colorprint.red(e) sys.exit()
def _readKey(): msg = 'Trying to auth with credentials in config file: %s.' % paths.CONFIG_PATH logger.info(msg) try: key = ConfigFileParser().ShodanApikey() except: key = '' return key
def login(self): msg = 'Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH logger.info(msg) self.api_key = ConfigFileParser().ShodanApikey() if not self.api_key: msg = 'Automatic authorization failed.' logger.warning(msg) msg = 'Please input your Shodan API Key (https://account.shodan.io/).' logger.info(msg) self.api_key = raw_input('API KEY > ').strip()
def login(self): msg = '[+] Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH outputscreen.success(msg) self.api_key = ConfigFileParser().shodan_apikey() if not self.api_key: msg = '[*] Automatic authorization failed.' outputscreen.warning(msg) msg = '[*] Please input your Shodan API Key (https://account.shodan.io/).' outputscreen.warning(msg) self.api_key = input('[*] API KEY > ').strip()
def handle_fofa(query, limit, offset=0): try: msg = '[+] Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH colorprint.green(msg) email = ConfigFileParser().fofa_email() key = ConfigFileParser().fofa_key() if check(email, key): pass else: raise SystemExit # will go to except block except Exception as e: logger.debug(e) msg = '[*] Automatic authorization failed.' colorprint.cyan(msg) msg = '[*] Please input your FoFa Email and API Key below.' colorprint.cyan(msg) email = input("[*] Fofa Email: ").strip() key = input('[*] Fofa API Key: ').strip() if not check(email, key): msg = '[-] Fofa API authorization failed, Please re-run it and enter a valid key.' colorprint.red(msg) sys.exit() query = base64.b64encode(query) request = "https://fofa.so/api/v1/search/all?email={0}&key={1}&qbase64={2}".format( email, key, query) try: response = requests.get(request) resp = response.readlines()[0] resp = json.loads(resp) if resp["error"] is None: for item in resp.get('results'): conf.target.append(item[0]) if resp.get('size') >= 100: colorprint.cyan( "{0} items found! just 100 returned....".format( resp.get('size'))) except Exception as e: colorprint.red(e) sys.exit()
def handle_google(query, limit, offset=0): key = ConfigFileParser().google_developer_key() engine = ConfigFileParser().google_engine() if not key or not engine: msg = "[-] Please config your 'developer_key' and 'search_enging' at saucerfram.conf" outputscreen.error(msg) sys.exit() try: service = build("customsearch", "v1", http=_initHttpClient(), developerKey=key) result_info = service.cse().list(q=query, cx=engine).execute() msg = '[+] Max query results: %s' % str( result_info.get('searchInformation', {}).get('totalResults')) outputscreen.success(msg) ans = set() limit += offset for i in range(int(offset / 10), int((limit + 10 - 1) / 10)): result = service.cse().list(q=query, cx=engine, num=10, start=i * 10 + 1).execute() if 'items' in result: for url in result.get('items'): ans.add(url.get('link')) for t in ans: conf.target.put(t) except SocketError: outputscreen.error( '[-] Unable to connect Google, maybe agent/proxy error.') sys.exit() except ServerHttpDenied as e: outputscreen.warning( '[-] It seems like Google-Server denied this request.') outputscreen.error(e) sys.exit()
def FofaSearch(query, limit=100, offset=0): # TODO 付费获取结果的功能实现 try: msg = 'Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH logger.info(msg) email = ConfigFileParser().FofaEmail() key = ConfigFileParser().FofaKey() if check(email, key): pass else: raise # will go to except block except: msg = 'Automatic authorization failed.' logger.warning(msg) msg = 'Please input your FoFa Email and API Key below.' logger.info(msg) email = raw_input("Fofa Email: ").strip() key = getpass.getpass(prompt='Fofa API Key: ').strip() if not check(email, key): msg = 'Fofa API authorization failed, Please re-run it and enter a valid key.' sys.exit(logger.error(msg)) query = base64.b64encode(query) request = "https://fofa.so/api/v1/search/all?email={0}&key={1}&qbase64={2}".format( email, key, query) result = [] try: response = urllib.urlopen(request) resp = response.readlines()[0] resp = json.loads(resp) if resp["error"] is None: for item in resp.get('results'): result.append(item[0]) if resp.get('size') >= 100: logger.info("{0} items found! just 100 returned....".format( resp.get('size'))) except Exception as e: sys.exit(logger.error(getSafeExString(e))) finally: return result
def initConfig(args): """初始化配置文件toolkit.conf""" if args.init_config: cf = ConfigFileParser() section = args.init_config option_keys = cf._get_options(section) update = True for key in option_keys: value = raw_input("please input %s:" % key) res = cf._set_option(section, key, value) if res == False: update = False logger.error("Update Toolkit.conf Fail!") if update: logger.info("Update Toolkit.conf Success!") sys.exit(0)
def loadConf(): """ 加载扫描配置(以后将使用参数,而非从文件加载) """ conf.recursive_scan = eval(ConfigFileParser().recursive_scan()) conf.recursive_status_code = eval( ConfigFileParser().recursive_status_code()) conf.exclude_subdirs = eval(ConfigFileParser().exclude_subdirs()) conf.dict_mode = eval(ConfigFileParser().dict_mode()) conf.dict_mode_load_single_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().dict_mode_load_single_dict())) conf.dict_mode_load_mult_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().dict_mode_load_mult_dict())) conf.blast_mode = eval(ConfigFileParser().blast_mode()) conf.blast_mode_min = eval(ConfigFileParser().blast_mode_min()) conf.blast_mode_max = eval(ConfigFileParser().blast_mode_max()) conf.blast_mode_az = eval(ConfigFileParser().blast_mode_az()) conf.blast_mode_num = eval(ConfigFileParser().blast_mode_num()) conf.blast_mode_custom_charset = eval( ConfigFileParser().blast_mode_custom_charset()) conf.blast_mode_resume_charset = eval( ConfigFileParser().blast_mode_resume_charset()) conf.crawl_mode = eval(ConfigFileParser().crawl_mode()) conf.crawl_mode_parse_robots = eval( ConfigFileParser().crawl_mode_parse_robots()) conf.crawl_mode_parse_html = eval( ConfigFileParser().crawl_mode_parse_html()) conf.crawl_mode_dynamic_fuzz = eval( ConfigFileParser().crawl_mode_dynamic_fuzz()) conf.fuzz_mode = eval(ConfigFileParser().fuzz_mode()) conf.fuzz_mode_load_single_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().fuzz_mode_load_single_dict())) conf.fuzz_mode_load_mult_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().fuzz_mode_load_mult_dict())) conf.fuzz_mode_label = eval(ConfigFileParser().fuzz_mode_label()) conf.request_headers = eval(ConfigFileParser().request_headers()) conf.request_header_ua = eval(ConfigFileParser().request_header_ua()) conf.request_header_cookie = eval( ConfigFileParser().request_header_cookie()) conf.request_header_401_auth = eval( ConfigFileParser().request_header_401_auth()) conf.request_timeout = eval(ConfigFileParser().request_timeout()) conf.request_delay = eval(ConfigFileParser().request_delay()) conf.request_limit = eval(ConfigFileParser().request_limit()) conf.request_max_retries = eval(ConfigFileParser().request_max_retries()) conf.request_persistent_connect = eval( ConfigFileParser().request_persistent_connect()) conf.request_method = eval(ConfigFileParser().request_method()) conf.redirection_302 = eval(ConfigFileParser().redirection_302()) conf.file_extension = eval(ConfigFileParser().file_extension()) conf.response_status_code = eval(ConfigFileParser().response_status_code()) conf.response_header_content_type = eval( ConfigFileParser().response_header_content_type()) conf.response_size = eval(ConfigFileParser().response_size()) conf.custom_404_page = eval(ConfigFileParser().custom_404_page()) conf.custom_503_page = eval(ConfigFileParser().custom_503_page()) conf.custom_response_page = eval(ConfigFileParser().custom_response_page()) conf.skip_size = eval(ConfigFileParser().skip_size()) conf.proxy_server = eval(ConfigFileParser().proxy_server()) conf.debug = eval(ConfigFileParser().debug()) conf.update = eval(ConfigFileParser().update())
def setUpClass(cls): cls.cf = ConfigFileParser() print("CONFIG PATH: %s" % paths.CONFIG_PATH)
return: {"status": "success", "data": {}} """ import random import requests import time from string import ascii_lowercase import sys, json sys.path.append('../') from lib.core.data import logger, paths # paths.CONFIG_PATH = "../toolkit.conf" from lib.utils.config import ConfigFileParser API_KEY = ConfigFileParser()._get_option("dnslog", "api_key") DNS_DOMAIN = ConfigFileParser()._get_option("dnslog", "dns_domain") DNS_IP = ConfigFileParser()._get_option("dnslog", "dns_ip") API_PORT = ConfigFileParser()._get_option("dnslog", "api_port") class Dnslog: def __init__(self, custom_preix="vuln"): self.dns_domain = DNS_DOMAIN self.dns_ip = DNS_IP self.api_key = API_KEY self.api_port = API_PORT self.custom_preix = custom_preix self.random = ''.join( [random.choice(ascii_lowercase) for _ in range(10)]) self.custom_domain = '%s.%s.%s' % (self.random, custom_preix,
def loadConf(): ''' @description: 加载扫描配置(以后将使用参数,而非从文件加载) @param {} @return: None ''' conf.dict_mode = eval(ConfigFileParser().dict_mode()) conf.dict_mode_load_dir_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().dict_mode_load_dir_dict())) conf.dict_mode_load_mult_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().dict_mode_load_mult_dict())) conf.fuzz_mode = eval(ConfigFileParser().fuzz_mode()) conf.fuzz_mode_load_main_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().fuzz_mode_load_main_dict())) conf.fuzz_mode_load_ext_dict = os.path.join( paths.DATA_PATH, eval(ConfigFileParser().fuzz_mode_load_ext_dict())) conf.request_headers = eval(ConfigFileParser().request_headers()) conf.request_header_ua = eval(ConfigFileParser().request_header_ua()) conf.request_header_cookie = eval( ConfigFileParser().request_header_cookie()) conf.request_header_401_auth = eval( ConfigFileParser().request_header_401_auth()) conf.request_timeout = eval(ConfigFileParser().request_timeout()) conf.request_delay = eval(ConfigFileParser().request_delay()) conf.request_limit = eval(ConfigFileParser().request_limit()) conf.request_persistent_connect = eval( ConfigFileParser().request_persistent_connect()) conf.request_method = eval(ConfigFileParser().request_method()) conf.redirection_302 = eval(ConfigFileParser().redirection_302()) conf.proxy_server = eval(ConfigFileParser().proxy_server())
except Exception: pass print c.verifyDNS(delay=0) print c.verifyHTTP(delay=0) print c.getDnsRecord(delay=0) print c.getHttpRecord(delay=0) """ import random import requests import time from string import ascii_lowercase from lib.utils.config import ConfigFileParser # load once for all thread key = ConfigFileParser().CloudEyeApikey() uniq_domain = ConfigFileParser().ColudEyePersonaldomain().split('.')[0] class CloudEye: def __init__(self): self.unique = uniq_domain self.random = ''.join( [random.choice(ascii_lowercase) for _ in range(10)]) def getRandomDomain(self, custom='poc'): """ full domain = [random].[custom].[unique].dnslog.info e.g. fezarvgo.poc.ee8a6f.dnslog.info """ self.custom = custom