示例#1
0
                        target_url, fqdn_list[idx],
                        path_list[idx].replace('/', ''), port_list[idx],
                        cloud_type, method_crawl, product_list, page_type,
                        comments, errors, server_header, log_file, print_date)

        # Check unnecessary contents using Google Hack.
        if opt_gcs:
            product_list = google_hack.execute_google_hack(
                cve_explorer, fqdn_list[idx], port_list[idx],
                path_list[idx].replace('/', ''), report)

        # Check unnecessary contents using Explore contents.
        if opt_explore:
            product_list.extend(
                content_explorer.content_explorer(
                    cve_explorer, protocol_list[idx], fqdn_list[idx],
                    path_list[idx].replace('/', ''), port_list[idx],
                    path_list[idx], report))

        # Execute exploitation.
        if opt_exploit:
            exploit = Exploit(utility)
            exploit_product = list(
                map(
                    list,
                    set(
                        map(tuple, [[products[1], products[2]]
                                    for products in product_list]))))
            exploit.exploit({
                'fqdn': fqdn_list[idx],
                'ip': utility.forward_lookup(fqdn_list[idx]),
                'port': int(port_list[idx]),
示例#2
0
                                              method_crawl, product_list,
                                              page_type, comments, errors,
                                              server_header, log_file,
                                              print_date)

        # Check unnecessary contents using Google Hack.
        if opt_gcs:
            product_list = google_hack.execute_google_hack(
                cve_explorer, fqdn_list[idx], port_list[idx], report,
                max_target_byte)

        # Check unnecessary contents using Explore contents.
        if opt_explore:
            product_list.extend(
                content_explorer.content_explorer(
                    cve_explorer, protocol_list[idx], fqdn_list[idx],
                    port_list[idx], path_list[idx], report, max_target_byte))

        # Execute exploitation.
        if opt_exploit:
            exploit = Exploit(utility)
            exploit_product = list(
                map(
                    list,
                    set(
                        map(tuple, [[products[1], products[2]]
                                    for products in product_list]))))
            exploit.exploit({
                'fqdn': fqdn_list[idx],
                'ip': utility.forward_lookup(fqdn_list[idx]),
                'port': int(port_list[idx]),
示例#3
0
                # Check unnecessary error messages.
                errors = error_checker.get_error_message(res_body)

                # Check login page.
                page_type = page_checker.judge_page_type(target_url, res_body)

                # Create report.
                report.create_report_body(target_url, fqdn_list[idx],
                                          port_list[idx], cloud_type,
                                          method_crawl, product_list,
                                          page_type, comments, errors,
                                          server_header, log_file, print_date)

        # Check CMS using Google Hack and Explore contents.
        #google_hack.execute_google_hack(cve_explorer, fqdn_list[idx], 'cms', report)
        content_explorer.content_explorer(cve_explorer, protocol_list[idx],
                                          fqdn_list[idx], port_list[idx],
                                          path_list[idx], 'cms', report)

        # Check unnecessary contents using Google Hack and Explore contents.
        #google_hack.execute_google_hack(cve_explorer, fqdn_list[idx], 'unfile', report)
        content_explorer.content_explorer(cve_explorer, protocol_list[idx],
                                          fqdn_list[idx], port_list[idx],
                                          path_list[idx], 'unfile', report)

        utility.write_log(20, 'End ' + msg)

    print(os.path.basename(__file__) + ' finish!!')
    utility.write_log(20, '[Out] GyoiThon [{}].'.format(file_name))