├── README.md
├── crawl_result.txt
├── images
    ├── Process.png
    └── demo.png
├── launcher.py
├── launcher_new.py
├── serverjiang.py
├── start.sh
├── stop.sh
├── sub_domains.txt
└── targets.txt


/README.md:
--------------------------------------------------------------------------------
 1 | # **Xray_and_crwlergo_in_server**
 2 | 
 3 | ![xray](https://img.shields.io/badge/长亭-Xray-success.svg) ![crawlergo](https://img.shields.io/badge/360-crwlergo-yellowgreen.svg)![server酱](https://img.shields.io/badge/server酱-WeChat-blue.svg)
 4 | 
 5 | ### **简介**
 6 | 
 7 | xray与crwlergo联动
 8 | 
 9 | https://github.com/0Kee-Team/crawlergo
10 | 
11 | https://github.com/chaitin/xray
12 | 
13 | https://github.com/timwhitez/crawlergo_x_XRAY
14 | 
15 | server酱推送
16 | 
17 | http://sc.ftqq.com/
18 | 
19 | 
20 | 
21 | <img src="images/Process.png" alt="proess"  />
22 | 
23 | 雇一位免费的360工程师和一位长亭工程师为你挖洞，还有听话的server酱给你汇报
24 | 
25 | 
26 | 
27 | ### **使用**
28 | 
29 | crawlergo 只依赖chromium运行即可，前往[下载](https://www.chromium.org/getting-involved/download-chromium)新版本的chromium，或者直接[点击下载Linux79版本](https://storage.googleapis.com/chromium-browser-snapshots/Linux_x64/706915/chrome-linux.zip)。
30 | 前往[页面下载](https://github.com/0Kee-Team/crawlergo/releases)最新版本的crawlergo解压到任意目录，默认放在root目录。可更改launcher.py中的文件位置
31 | 
32 | 
33 |  chrome运行提示缺少 xxx.so 等依赖
34 | 
35 |   ```shell
36 |   // Ubuntu
37 |   apt-get install -yq --no-install-recommends \
38 |        libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 \
39 |        libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 \
40 |        libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 \
41 |        libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 libnss3
42 |        
43 |   // CentOS 7
44 |   sudo yum install pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 \
45 |        libXtst.x86_64 cups-libs.x86_64 libXScrnSaver.x86_64 libXrandr.x86_64 GConf2.x86_64 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 \
46 |        ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc -y
47 |   
48 |   sudo yum update nss -y
49 |   ```
50 | 
51 | 
52 | 
53 | git clone 项目 将xray和crwlergo文件放到根目录
54 | 
55 | 编辑serverjiang.py添加server酱的api
56 | 
57 | 添加需要扫描的url到targets.txt
58 | 
59 | 执行sh start.sh
60 | 
61 |  所有日志均在logs文件夹中，可分类查看！
62 | 
63 | ![](images/demo.png)
64 | 
65 | 
66 | 


--------------------------------------------------------------------------------
/crawl_result.txt:
--------------------------------------------------------------------------------
  1 | http://testphp.vulnweb.com/
  2 | https://testphp.vulnweb.com/
  3 | http://testphp.vulnweb.com/index.php
  4 | http://testphp.vulnweb.com/categories.php
  5 | http://testphp.vulnweb.com/artists.php
  6 | http://testphp.vulnweb.com/disclaimer.php
  7 | http://testphp.vulnweb.com/cart.php
  8 | http://testphp.vulnweb.com/guestbook.php
  9 | http://testphp.vulnweb.com/AJAX/index.php
 10 | http://testphp.vulnweb.com/login.php
 11 | http://testphp.vulnweb.com/userinfo.php
 12 | http://testphp.vulnweb.com/privacy.php
 13 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/
 14 | http://testphp.vulnweb.com/hpp/
 15 | http://testphp.vulnweb.com/search.php?test=query
 16 | http://testphp.vulnweb.com/search.php?test=query
 17 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/
 18 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/
 19 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/
 20 | http://testphp.vulnweb.com/hpp/?pp=12
 21 | http://testphp.vulnweb.com/userinfo.php
 22 | http://testphp.vulnweb.com/listproducts.php?cat=1
 23 | http://testphp.vulnweb.com/search.php?test=query
 24 | http://testphp.vulnweb.com/AJAX/artists.php
 25 | http://testphp.vulnweb.com/AJAX/categories.php
 26 | http://testphp.vulnweb.com/AJAX/titles.php
 27 | http://testphp.vulnweb.com/AJAX/showxml.php
 28 | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12
 29 | http://testphp.vulnweb.com/hpp/params.php?
 30 | http://testphp.vulnweb.com/hpp/params.php?aaaa%2F=Submit
 31 | http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg&size=160
 32 | http://testphp.vulnweb.com/AJAX/showxml.php
 33 | http://testphp.vulnweb.com/
 34 | https://testphp.vulnweb.com/
 35 | http://testphp.vulnweb.com/
 36 | https://testphp.vulnweb.com/
 37 | http://testphp.vulnweb.com/index.php
 38 | http://testphp.vulnweb.com/categories.php
 39 | http://testphp.vulnweb.com/artists.php
 40 | http://testphp.vulnweb.com/disclaimer.php
 41 | http://testphp.vulnweb.com/cart.php
 42 | http://testphp.vulnweb.com/guestbook.php
 43 | http://testphp.vulnweb.com/AJAX/index.php
 44 | http://testphp.vulnweb.com/login.php
 45 | http://testphp.vulnweb.com/userinfo.php
 46 | http://testphp.vulnweb.com/privacy.php
 47 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/
 48 | http://testphp.vulnweb.com/hpp/
 49 | http://testphp.vulnweb.com/search.php?test=query
 50 | http://testphp.vulnweb.com/search.php?test=query
 51 | http://testphp.vulnweb.com/hpp/?pp=12
 52 | http://testphp.vulnweb.com/AJAX/artists.php
 53 | http://testphp.vulnweb.com/AJAX/categories.php
 54 | http://testphp.vulnweb.com/AJAX/titles.php
 55 | http://testphp.vulnweb.com/AJAX/showxml.php
 56 | http://testphp.vulnweb.com/search.php?test=query
 57 | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12
 58 | http://testphp.vulnweb.com/hpp/params.php?
 59 | http://testphp.vulnweb.com/hpp/params.php?aaaa%2F=Submit
 60 | http://testphp.vulnweb.com/AJAX/showxml.php
 61 | http://testphp.vulnweb.com/
 62 | https://testphp.vulnweb.com/
 63 | http://testphp.vulnweb.com/
 64 | https://testphp.vulnweb.com/
 65 | http://testphp.vulnweb.com/index.php
 66 | http://testphp.vulnweb.com/categories.php
 67 | http://testphp.vulnweb.com/artists.php
 68 | http://testphp.vulnweb.com/disclaimer.php
 69 | http://testphp.vulnweb.com/cart.php
 70 | http://testphp.vulnweb.com/guestbook.php
 71 | http://testphp.vulnweb.com/AJAX/index.php
 72 | http://testphp.vulnweb.com/login.php
 73 | http://testphp.vulnweb.com/userinfo.php
 74 | http://testphp.vulnweb.com/privacy.php
 75 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/
 76 | http://testphp.vulnweb.com/hpp/
 77 | http://testphp.vulnweb.com/search.php?test=query
 78 | http://testphp.vulnweb.com/search.php?test=query
 79 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/
 80 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/
 81 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/
 82 | http://testphp.vulnweb.com/search.php?test=query
 83 | http://testphp.vulnweb.com/listproducts.php?cat=1
 84 | http://testphp.vulnweb.com/guestbook.php
 85 | http://testphp.vulnweb.com/artists.php?artist=1
 86 | http://testphp.vulnweb.com/comment.php?aid=1
 87 | http://testphp.vulnweb.com/signup.php
 88 | http://testphp.vulnweb.com/userinfo.php
 89 | http://testphp.vulnweb.com/hpp/?pp=12
 90 | http://testphp.vulnweb.com/AJAX/artists.php
 91 | http://testphp.vulnweb.com/AJAX/categories.php
 92 | http://testphp.vulnweb.com/AJAX/titles.php
 93 | http://testphp.vulnweb.com/AJAX/showxml.php
 94 | http://testphp.vulnweb.com/userinfo.php
 95 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/
 96 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-1.html
 97 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/
 98 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/
 99 | http://testphp.vulnweb.com/guestbook.php
100 | http://testphp.vulnweb.com/listproducts.php?artist=1
101 | http://testphp.vulnweb.com/comment.php
102 | http://testphp.vulnweb.com/comment.php
103 | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12
104 | http://testphp.vulnweb.com/hpp/params.php?
105 | http://testphp.vulnweb.com/hpp/params.php?aaaa%2F=Submit
106 | http://testphp.vulnweb.com/secured/newuser.php
107 | http://testphp.vulnweb.com/secured/newuser.php
108 | http://testphp.vulnweb.com/AJAX/showxml.php
109 | http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg&size=160
110 | http://testphp.vulnweb.com/showimage.php?file=./pictures/4.jpg
111 | http://testphp.vulnweb.com/product.php?pic=1
112 | http://testphp.vulnweb.com/comment.php?pid=1
113 | http://testphp.vulnweb.com/comment.php
114 | http://testphp.vulnweb.com/secured/newuser.php
115 | http://testphp.vulnweb.com/comment.php
116 | http://testphp.vulnweb.com/comment.php
117 | http://testphp.vulnweb.com/cart.php
118 | http://testphp.vulnweb.com/
119 | https://testphp.vulnweb.com/
120 | http://testphp.vulnweb.com/index.php
121 | http://testphp.vulnweb.com/categories.php
122 | http://testphp.vulnweb.com/artists.php
123 | http://testphp.vulnweb.com/disclaimer.php
124 | http://testphp.vulnweb.com/cart.php
125 | http://testphp.vulnweb.com/guestbook.php
126 | http://testphp.vulnweb.com/AJAX/index.php
127 | http://testphp.vulnweb.com/login.php
128 | http://testphp.vulnweb.com/userinfo.php
129 | http://testphp.vulnweb.com/privacy.php
130 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/
131 | http://testphp.vulnweb.com/hpp/
132 | http://testphp.vulnweb.com/search.php?test=query
133 | http://testphp.vulnweb.com/search.php?test=query
134 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/
135 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/
136 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/
137 | http://testphp.vulnweb.com/artists.php?artist=1
138 | http://testphp.vulnweb.com/comment.php?aid=1
139 | http://testphp.vulnweb.com/search.php?test=query
140 | http://testphp.vulnweb.com/hpp/?pp=12
141 | http://testphp.vulnweb.com/AJAX/artists.php
142 | http://testphp.vulnweb.com/AJAX/categories.php
143 | http://testphp.vulnweb.com/AJAX/titles.php
144 | http://testphp.vulnweb.com/AJAX/showxml.php
145 | http://testphp.vulnweb.com/userinfo.php
146 | http://testphp.vulnweb.com/guestbook.php
147 | http://testphp.vulnweb.com/listproducts.php?cat=1
148 | http://testphp.vulnweb.com/signup.php
149 | http://testphp.vulnweb.com/userinfo.php
150 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/
151 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html
152 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/
153 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/
154 | http://testphp.vulnweb.com/listproducts.php?artist=1
155 | http://testphp.vulnweb.com/comment.php
156 | http://testphp.vulnweb.com/comment.php
157 | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12
158 | http://testphp.vulnweb.com/hpp/params.php?
159 | http://testphp.vulnweb.com/hpp/params.php?aaaa%2F=Submit
160 | http://testphp.vulnweb.com/guestbook.php
161 | http://testphp.vulnweb.com/AJAX/showxml.php
162 | http://testphp.vulnweb.com/secured/newuser.php
163 | http://testphp.vulnweb.com/secured/newuser.php
164 | http://testphp.vulnweb.com/userinfo.php
165 | http://testphp.vulnweb.com/comment.php
166 | http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg&size=160
167 | http://testphp.vulnweb.com/product.php?pic=1
168 | http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg
169 | http://testphp.vulnweb.com/comment.php?pid=1
170 | http://testphp.vulnweb.com/secured/newuser.php
171 | http://testphp.vulnweb.com/cart.php
172 | http://testphp.vulnweb.com/
173 | https://testphp.vulnweb.com/
174 | http://testphp.vulnweb.com/index.php
175 | http://testphp.vulnweb.com/categories.php
176 | http://testphp.vulnweb.com/artists.php
177 | http://testphp.vulnweb.com/disclaimer.php
178 | http://testphp.vulnweb.com/cart.php
179 | http://testphp.vulnweb.com/guestbook.php
180 | http://testphp.vulnweb.com/AJAX/index.php
181 | http://testphp.vulnweb.com/login.php
182 | http://testphp.vulnweb.com/userinfo.php
183 | http://testphp.vulnweb.com/privacy.php
184 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/
185 | http://testphp.vulnweb.com/hpp/
186 | http://testphp.vulnweb.com/search.php?test=query
187 | http://testphp.vulnweb.com/search.php?test=query
188 | http://testphp.vulnweb.com/search.php?test=query
189 | http://testphp.vulnweb.com/artists.php?artist=1
190 | http://testphp.vulnweb.com/comment.php?aid=1
191 | http://testphp.vulnweb.com/guestbook.php
192 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/
193 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/
194 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/
195 | http://testphp.vulnweb.com/listproducts.php?cat=1
196 | http://testphp.vulnweb.com/signup.php
197 | http://testphp.vulnweb.com/userinfo.php
198 | http://testphp.vulnweb.com/userinfo.php
199 | http://testphp.vulnweb.com/AJAX/artists.php
200 | http://testphp.vulnweb.com/AJAX/categories.php
201 | http://testphp.vulnweb.com/AJAX/titles.php
202 | http://testphp.vulnweb.com/AJAX/showxml.php
203 | http://testphp.vulnweb.com/hpp/?pp=12
204 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/
205 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html
206 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/
207 | http://testphp.vulnweb.com/listproducts.php?artist=1
208 | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/
209 | http://testphp.vulnweb.com/guestbook.php
210 | http://testphp.vulnweb.com/comment.php
211 | http://testphp.vulnweb.com/comment.php
212 | http://testphp.vulnweb.com/userinfo.php
213 | http://testphp.vulnweb.com/secured/newuser.php
214 | http://testphp.vulnweb.com/secured/newuser.php
215 | http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg&size=160
216 | http://testphp.vulnweb.com/product.php?pic=1
217 | http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg
218 | http://testphp.vulnweb.com/comment.php?pid=1
219 | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12
220 | http://testphp.vulnweb.com/hpp/params.php?
221 | http://testphp.vulnweb.com/hpp/params.php?aaaa%2F=Submit
222 | http://testphp.vulnweb.com/AJAX/showxml.php
223 | http://testphp.vulnweb.com/comment.php
224 | http://testphp.vulnweb.com/guestbook.php
225 | http://testphp.vulnweb.com/cart.php
226 | http://testphp.vulnweb.com/secured/newuser.php
227 | http://testphp.vulnweb.com/comment.php
228 | http://testphp.vulnweb.com/comment.php
229 | 


--------------------------------------------------------------------------------
/images/Process.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ox01024/Xray_and_crwlergo_in_server/cb6eb84d457013e2cd2ff5af11de49f4eb78c2ad/images/Process.png


--------------------------------------------------------------------------------
/images/demo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ox01024/Xray_and_crwlergo_in_server/cb6eb84d457013e2cd2ff5af11de49f4eb78c2ad/images/demo.png


--------------------------------------------------------------------------------
/launcher.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python3
 2 | # coding: utf-8
 3 | 
 4 | import queue
 5 | import simplejson
 6 | import threading
 7 | import subprocess
 8 | import requests
 9 | import warnings
10 | warnings.filterwarnings(action='ignore')
11 | 
12 | urls_queue = queue.Queue()
13 | tclose=0
14 | 
15 | def opt2File(paths):
16 | 	try:
17 | 		f = open('crawl_result.txt','a')
18 | 		f.write(paths + '\n')
19 | 	finally:
20 | 		f.close()
21 | 
22 | def opt2File2(subdomains):
23 | 	try:
24 | 		f = open('sub_domains.txt','a')
25 | 		f.write(subdomains + '\n')
26 | 	finally:
27 | 		f.close()
28 | 
29 | 
30 | 
31 | def request0():
32 | 	while tclose==0 or urls_queue.empty() == False:
33 | 		if(urls_queue.qsize()==0):
34 | 			continue
35 | 		print(urls_queue.qsize())
36 | 		req =urls_queue.get()
37 | 		proxies = {
38 | 		'http': 'http://127.0.0.1:7777',
39 | 		'https': 'http://127.0.0.1:7777',
40 | 		}
41 | 		urls0 =req['url']
42 | 		headers0 =req['headers']
43 | 		method0=req['method']
44 | 		data0=req['data']
45 | 		try:
46 | 			if(method0=='GET'):
47 | 				a = requests.get(urls0, headers=headers0, proxies=proxies,timeout=30,verify=False)
48 | 				opt2File(urls0)
49 | 			elif(method0=='POST'):
50 | 				a = requests.post(urls0, headers=headers0,data=data0, proxies=proxies,timeout=30,verify=False)
51 | 				opt2File(urls0)
52 | 		except:
53 | 			continue
54 | 	return
55 | 
56 | def main(data1):
57 | 	target = data1
58 | 	cmd = ["./crawlergo", "-c", "/root/chrome-linux/chrome","-t", "20","-f","smart","--fuzz-path", "--output-mode", "json", target]
59 | 	rsp = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
60 | 	output, error = rsp.communicate()
61 | 	try:
62 | 		result = simplejson.loads(output.decode().split("--[Mission Complete]--")[1])
63 | 	except:
64 | 		return
65 | 	req_list = result["req_list"]
66 | 	sub_domain = result["sub_domain_list"]
67 | 	print(data1)
68 | 	print("[crawl ok]")
69 | 	for subd in sub_domain:
70 | 		opt2File2(subd)
71 | 	for req in req_list:
72 | 		urls_queue.put(req)
73 | 	print("[scanning]")
74 | 
75 | 
76 | 
77 | if __name__ == '__main__':
78 | 	file = open("targets.txt")
79 | 	t = threading.Thread(target=request0)
80 | 	t.start()
81 | 	for text in file.readlines():
82 | 		data1 = text.strip('\n')
83 | 		main(data1)
84 | 	tclose=1
85 | 


--------------------------------------------------------------------------------
/launcher_new.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python3
 2 | # coding: utf-8
 3 | import simplejson
 4 | import threading
 5 | import subprocess
 6 | import requests
 7 | import warnings
 8 | warnings.filterwarnings(action='ignore')
 9 | 
10 | 
11 | def opt2File(paths):
12 | 	try:
13 | 		f = open('crawl_result.txt','a')
14 | 		f.write(paths + '\n')
15 | 	finally:
16 | 		f.close()
17 | 
18 | def opt2File2(subdomains):
19 | 	try:
20 | 		f = open('sub_domains.txt','a')
21 | 		f.write(subdomains + '\n')
22 | 	finally:
23 | 		f.close()
24 | 
25 | 
26 | 
27 | def main(data1):
28 | 	target = data1
29 | 	cmd = ["./crawlergo", "-c", "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe","-t", "5","-f","smart","--fuzz-path", "--push-to-proxy", "http://127.0.0.1:7888/", "--push-pool-max", "10","--output-mode", "json" , target]
30 | 	rsp = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
31 | 	output, error = rsp.communicate()
32 | 	try:
33 | 		result = simplejson.loads(output.decode().split("--[Mission Complete]--")[1])
34 | 	except:
35 | 		return
36 | 	req_list = result["req_list"]
37 | 	sub_domain = result["sub_domain_list"]
38 | 	print(data1)
39 | 	print("[crawl ok]")
40 | 	for subd in sub_domain:
41 | 		opt2File2(subd)
42 | 	print("[scanning]")
43 | 
44 | 
45 | 
46 | if __name__ == '__main__':
47 | 	file = open("targets.txt")
48 | 	for text in file.readlines():
49 | 		data1 = text.strip('\n')
50 | 		main(data1)


--------------------------------------------------------------------------------
/serverjiang.py:
--------------------------------------------------------------------------------
 1 | from flask import Flask, request
 2 | import requests
 3 | import datetime
 4 | import logging
 5 | 
 6 | app = Flask(__name__)
 7 | 
 8 | 
 9 | def push_ftqq(content):
10 |     resp = requests.post("https://sc.ftqq.com/这里填你的server酱的kay.send",
11 |                   data={"text": "xray帮爹爹挖到洞了", "desp": content})
12 |     if resp.json()["errno"] != 0:
13 |         raise ValueError("push ftqq failed, %s" % resp.text)
14 | 
15 | @app.route('/webhook', methods=['POST'])
16 | def xray_webhook():
17 |     vuln = request.json
18 |     # 因为还会收到 https://chaitin.github.io/xray/#/api/statistic 的数据
19 |     if "vuln_class" not in vuln:
20 |         return "ok"
21 |     content = """## xray 发现了新漏洞
22 | 
23 | url: {url}
24 | 
25 | 插件: {plugin}
26 | 
27 | 漏洞类型: {vuln_class}
28 | 
29 | 发现时间: {create_time}
30 | 
31 | 爹爹请及时查看和处理
32 | """.format(url=vuln["target"]["url"], plugin=vuln["plugin"],
33 |            vuln_class=vuln["vuln_class"] or "Default",
34 |            create_time=str(datetime.datetime.fromtimestamp(vuln["create_time"] / 1000)))
35 |     try:
36 |         push_ftqq(content)
37 |     except Exception as e:
38 |         logging.exception(e)
39 |     return 'ok'
40 | 
41 | 
42 | if __name__ == '__main__':
43 |     app.run(
44 |         port=2333,
45 |         debug=True
46 |     )
47 | 


--------------------------------------------------------------------------------
/start.sh:
--------------------------------------------------------------------------------
1 | chmod +x crawlergo
2 | chmod +x xray_linux_amd64 
3 | nohup python3 -u serverjiang.py > logs/serverjiang.log 2>&1 &
4 | nohup ./xray_linux_amd64 webscan --listen 127.0.0.1:7777 --webhook-output http://127.0.0.1:2333/webhook > logs/xray.log 2>&1 &
5 | nohup python3 -u launcher.py > logs/launcher.log 2>&1 &
6 | 


--------------------------------------------------------------------------------
/stop.sh:
--------------------------------------------------------------------------------
1 | ps -ef |grep python3 |awk '{print $2}'|xargs kill -9
2 | ps -ef |grep xray |awk '{print $2}'|xargs kill -9
3 | 


--------------------------------------------------------------------------------
/sub_domains.txt:
--------------------------------------------------------------------------------
1 | testphp.vulnweb.com
2 | 


--------------------------------------------------------------------------------
/targets.txt:
--------------------------------------------------------------------------------
1 | http://testphp.vulnweb.com/


--------------------------------------------------------------------------------