├── .DS_Store ├── README.md ├── run.py ├── run.pyc └── wechat ├── .DS_Store ├── __init__.py ├── __init__.pyc ├── mode ├── .DS_Store ├── __init__.py ├── __init__.pyc ├── queryData.py ├── scanPort.py ├── scanPort.pyc ├── sendSMS.py └── sendSMS.pyc ├── wechatConfig.py └── wechatConfig.pyc /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/.DS_Store -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | #README 2 | 3 | ###初衷: 4 | 江湖之大,武器繁多。只在PC上发展,很少有APP。有了app还需要下载,不如公众号方便,无需下载 随时进行管理攻击。为了解决各大同僚的方便之举,特写。 5 | 6 | ###准备: 7 | - 微信公众号(需申请,个人订阅号即可 `不会申请,请自行百度`) 8 | - python - flask (采用flask web框架进行编写,全程采用 RESTful API 标准协议) 9 | - linux服务器一台 (无服务器,也可以采用新浪云服务的python环境) 10 | 11 | ###目标: 12 | - [x]短信攻击 13 | - [x]社工库 14 | - [x]端口扫描 15 | - 网站扫描 16 | - IP定位 17 | - MD5破解 18 | - xss平台 19 | - ...... (有什么需要添加的,请留言) 20 | - (透露下,如果没有意外可能会加入`手机号定位功能`) 21 | 22 | ###关于代码: 23 | >本套代码,将会在github 开源(采用 MIT 许可协议,可放心集成于商业产品中)。 24 | 25 | 26 | **目录:** 27 | 28 | ``` 29 | * 代表此次修改文件 30 | |-- run.py #启动文件 31 | |-- wechat #微信配置目录 32 | |---- __init__.py 33 | |---- wechatConfig.py #微信配置验证,模块加载接口 * 34 | |---- mode #模块目录 35 | |------ __init__.py 36 | |------ scanPort.py #端口扫描模块 37 | |------ sendSMS.py #短信攻击模块 38 | |------ queryData.py #社工库 * 39 | ``` 40 | 41 | 42 | -------------------------------------------------------------------------------- /run.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | import time 4 | from flask import Flask,g,request,make_response 5 | import hashlib 6 | import xml.etree.ElementTree as ET 7 | from wechat import wechatConfig 8 | 9 | app = Flask(__name__) 10 | 11 | @app.route('/tools',methods=['GET','POST']) 12 | def tools(): 13 | if request.method == 'GET': 14 | token='wechat' 15 | return wechatConfig.wechat_auth(token,request.args) 16 | else: 17 | req = request.stream.read() 18 | resultData = ET.fromstring(req) 19 | 20 | toUser = resultData.find('ToUserName').text 21 | fromUser = resultData.find('FromUserName').text 22 | content = resultData.find('Content').text 23 | 24 | resultContent = wechatConfig.wechat_mode(content) 25 | 26 | formData = "%s0" 27 | response = make_response(formData % (fromUser,toUser,str(int(time.time())),'text', resultContent)) 28 | response.content_type='application/xml' 29 | return response 30 | 31 | #if __name__ == '__main__': 32 | # app.run(host="127.0.0.1",port=8001, debug=True) 33 | -------------------------------------------------------------------------------- /run.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/run.pyc -------------------------------------------------------------------------------- /wechat/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/.DS_Store -------------------------------------------------------------------------------- /wechat/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/__init__.py -------------------------------------------------------------------------------- /wechat/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/__init__.pyc -------------------------------------------------------------------------------- /wechat/mode/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/mode/.DS_Store -------------------------------------------------------------------------------- /wechat/mode/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/mode/__init__.py -------------------------------------------------------------------------------- /wechat/mode/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/mode/__init__.pyc -------------------------------------------------------------------------------- /wechat/mode/queryData.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | import urllib2 4 | import urllib 5 | import lxml.html 6 | import sys 7 | 8 | reload(sys) 9 | sys.setdefaultencoding( "utf-8" ) 10 | 11 | def init(email): 12 | data = {} 13 | data['search'] = email 14 | data['vip'] = 1 15 | data['Bkeys'] = 'd26ac15646a0513e36f19c5a053660e2' 16 | data['Atokens'] = '250b0cd46ca9d483726035e1fc7536e9' 17 | #定义post的地址 18 | url = 'http://www.sheyuns.com/ajax/ajax.php' 19 | post_data = urllib.urlencode(data) 20 | #提交,发送数据 21 | try: 22 | request = urllib2.Request(url) 23 | request.add_header('Accept', '*/*') 24 | request.add_header('Accept-Language', 'zh-CN,zh;q=0.8') 25 | request.add_header('Connection', 'keep-alive') 26 | request.add_header('Content-Length', '112') 27 | request.add_header('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8') 28 | request.add_header('Cookie', '__cfduid=d650c8d4c1e38ab68006b5c0cf11056881456913233; yunsuo_session_verify=5ddc8d1822ee97207d314be51482706f; PHPSESSID=nnb3lct30v12p555eltlgq0an7; CNZZDATA1256243452=1877644279-1456910436-%7C1456910436') 29 | request.add_header('Host', 'www.sheyuns.com') 30 | request.add_header('Origin', 'http://www.sheyuns.com') 31 | request.add_header('Referer', 'http://www.sheyuns.com/') 32 | request.add_header('User-Agent', 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36') 33 | request.add_header('X-Requested-With', 'XMLHttpRequest') 34 | req = urllib2.urlopen(request, post_data) 35 | html=req.read() 36 | url = lxml.html.fromstring(html) 37 | result = url.xpath('//td') 38 | resultList=[] 39 | for r in result: 40 | isType=r.text 41 | if isType=='None': 42 | print 1 43 | elif isType=='[SheYun-WSD]': 44 | print 1 45 | elif isType=='[AD]': 46 | print 1 47 | elif isType is None: 48 | print 1 49 | else: 50 | print resultList.append(isType) 51 | return resultList 52 | except: 53 | print '异常' 54 | #获取提交后返回的信息 55 | #print req.read() 56 | 57 | def queryData(data): 58 | result=init(data) 59 | info='' 60 | for r in result: 61 | info+=r+'\n' 62 | return info 63 | 64 | 65 | -------------------------------------------------------------------------------- /wechat/mode/scanPort.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | import socket #socket包 4 | import threading #线程包 5 | 6 | #全局变量 7 | RESULT=[] 8 | IP='' 9 | 10 | #判断端口是否存在 11 | def isPort(port): 12 | sk = socket.socket(socket.AF_INET, socket.SOCK_STREAM) #AF_INET 是 IPv4 网络协议的套接字类型 SOCK_STREAM即TCP协议 13 | sk.settimeout(1) #超时时间 14 | try: 15 | sk.connect((IP,port)) #开始连接 16 | RESULT.append(port) 17 | except Exception: 18 | return '没有此端口!' 19 | sk.close() #关闭 20 | 21 | #创建线程,需要多少端口就创立多少线程,速度抗抗的 22 | def main(ports): 23 | threadpool=[] #线程数组 24 | 25 | for p in ports: 26 | th = threading.Thread(target= isPort,args= [p]) #target 方法名字 args 单个参数 可以用 [p] or (p,) 多个参数(p,a,b) 27 | threadpool.append(th) #线程数组添加线程 28 | 29 | for th in threadpool: 30 | th.setDaemon(True) #守护线程 31 | th.start() #启动线程 32 | 33 | for th in threadpool: 34 | threading.Thread.join(th) 35 | 36 | def init(ip): 37 | IP=ip 38 | del RESULT[:] 39 | ports=[80,8080,3128,8081,3306,9080,1080,21,23,443,69,22,25,110,7001,9090,3389,1521,1158,2100,1433] #扫描端口 40 | main(ports) 41 | return RESULT 42 | 43 | -------------------------------------------------------------------------------- /wechat/mode/scanPort.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/mode/scanPort.pyc -------------------------------------------------------------------------------- /wechat/mode/sendSMS.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | import urllib2 4 | import urllib 5 | mobile=[] 6 | def sendServer1(phone): 7 | data = {} 8 | data['mobile'] = phone 9 | #定义post的地址 10 | url = 'http://www.xxxx.com/' 11 | post_data = urllib.urlencode(data) 12 | #提交,发送数据 13 | try: 14 | req = urllib2.urlopen(url, post_data) 15 | except: 16 | print '异常' 17 | #获取提交后返回的信息 18 | #print req.read() 19 | 20 | def sendSMS(phone): 21 | if phone in mobile: 22 | return '每个手机号只可以发送一次' 23 | else: 24 | #sendServer1(phone) 25 | #mobile.append(phone); 26 | #return '暂不支持短信攻击!' 27 | return '因国家法律问题,暂关闭短信攻击模块!' 28 | -------------------------------------------------------------------------------- /wechat/mode/sendSMS.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/mode/sendSMS.pyc -------------------------------------------------------------------------------- /wechat/wechatConfig.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | from flask import make_response 4 | import hashlib 5 | from mode import scanPort,sendSMS,queryData 6 | 7 | def wechat_auth(token,data): 8 | signature = data.get('signature','') 9 | timestamp = data.get('timestamp','') 10 | nonce = data.get('nonce','') 11 | echostr = data.get('echostr','') 12 | s = [timestamp,nonce,token] 13 | s.sort() 14 | s = ''.join(s) 15 | if (hashlib.sha1(s).hexdigest() == signature): 16 | return make_response(echostr) 17 | 18 | def wechat_mode(content): 19 | if content==u"攻击": 20 | return "G1:端口扫描\nG2:短信攻击\nG3:社工库\n\n攻击格式:编号&目标\n列如:G1&127.0.0.1\n列如:G2&188****1111\n列如:G3&mail(QQ|mail|phone):test@163.com" 21 | elif "G1&" in content: 22 | arr=content.split('&') 23 | return "你扫描的IP端口为:"+str(scanPort.init(arr[1])) 24 | elif "G2&" in content: 25 | arr=content.split('&') 26 | return "系统提示:"+str(sendSMS.sendSMS(arr[1])) 27 | elif "G3&" in content: 28 | arr=content.split('&') 29 | arrss='' 30 | if "QQ:" in arr[1]: 31 | arrs=arr[1].split(':') 32 | arrss=arrs[1] 33 | elif "mail" in arr[1]: 34 | arrs=arr[1].split(':') 35 | arrss=arrs[1] 36 | elif "phone" in arr[1]: 37 | arrs=arr[1].split(':') 38 | arrss=arrs[1] 39 | 40 | return "你的丢失数据有:"+str(queryData.queryData(arrss)) 41 | else: 42 | return "感谢你的留言!" 43 | -------------------------------------------------------------------------------- /wechat/wechatConfig.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kunting520/wechat_hack/cd15383d372a19b50905f1d7ef12382a9f427384/wechat/wechatConfig.pyc --------------------------------------------------------------------------------