-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.py
121 lines (99 loc) · 3.94 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/usr/bin/env python
# -*- encoding: utf-8 -*-
'''
@File : main.py
@Time : 2020/03/29 00:00:33
@Author : w-devin
@Version : 1.0
@Contact : [email protected]
@License : None
@Desc : None
'''
import sys
import click
from constant import OPERATE, DEFAULT_THREAD_NUM, DEFAULT_REPORT_PATH
from constant import DEFAULT_HOST, DEFAULT_URL, DEFAULT_SCAN_PORT
from constant import PORT_SCAN, WEB_DIR_SCAN, SQL_VUL_SCAN, XSS_VUL_SCAN, GET_FINGER_PRINT, VUL_SPIDER
from tools.RePorter import write_html
from tools.PortScan import port_scan
from tools.WebDirScan import web_dir_scan
from tools.WebCMS import get_finger_print
from tools.SQLScan import sql_vul_scan
from tools.XSSScan import xss_vul_scan
from tools.Spider import spider
def get_ports(ports):
if isinstance(ports, (unicode, str)):
if '-' in ports:
ports = ports.split('-')
if len(ports) != 2:
print('[!] not sport this ports format, use 80 or 80-1080')
return None
try:
ports = range(int(ports[0]), int(ports[1]) + 1)
except Exception:
print('[!] not sport this ports format, use 80 or 80-1080')
return None
else:
try:
ports = [int(ports)]
except Exception:
print('[!] not sport this ports format, use 80 or 80-1080')
return None
if not isinstance(ports, list):
print('[!] not sport this ports format, use 80 or 80-1080')
return None
return ports
def get_hosts(host):
hosts = list()
if isinstance(host, (unicode, str)):
host = host.split('.')
if len(host) != 4:
print('[!] not sport this ports format, use 192.168.0.1 or 192.168.0.1-255')
return list()
try:
for x in range(3): int(host[x])
except Exception:
print('[!] not sport this ports format, use 192.168.0.1 or 192.168.0.1-255')
return list()
_range = list()
if '-' in host[3]:
_range = host[3].split('-')
if len(_range) != 2:
print('[!] not sport this ports format, use 192.168.0.1 or 192.168.0.1-255')
return list()
try:
_range = range(int(_range[0]), int(_range[1]))
except Exception:
print('[!] not sport this ports format, use 192.168.0.1 or 192.168.0.1-255')
return list()
elif host[3].isdigit():
_range = [int(host[3])]
hosts = ['.'.join(host[:3] + [str(x)]) for x in _range]
return hosts
@click.command()
@click.option('-o', '--operate', type=click.Choice(OPERATE))
@click.option('-h', '--host', type=click.STRING, default=DEFAULT_HOST)
@click.option('-u', '--url', type=click.STRING, default=DEFAULT_URL)
@click.option('-p', '--ports', type=click.STRING, default=DEFAULT_SCAN_PORT)
@click.option('-t', '--threadNum', type=click.IntRange(0, 50), default=DEFAULT_THREAD_NUM)
@click.option('-f', '--filename', type=click.STRING, default=DEFAULT_REPORT_PATH)
def run(operate, host, url, ports, threadnum, filename):
ret = dict()
if operate == PORT_SCAN:
ret = port_scan(hosts=get_hosts(host), ports=get_ports(ports), threadNum=threadnum)
elif operate == WEB_DIR_SCAN:
ret = web_dir_scan(root=url, threadNum=threadnum)
elif operate == GET_FINGER_PRINT:
ret = get_finger_print(url=url, threadNum=threadnum)
elif operate == XSS_VUL_SCAN:
ret = xss_vul_scan(url=url)
elif operate == SQL_VUL_SCAN:
ret = sql_vul_scan(url=url)
elif operate == VUL_SPIDER:
ret = spider.craw(url=url, threadNum=threadnum)
write_html(filename, ret)
if __name__ == '__main__':
if len(sys.argv) <= 1:
print('[!] --help to get help message')
exit(0)
run()