├── banner └── banner.py ├── frogAuth.py ├── httpx ├── httpx_linux └── httpx_win.exe ├── img.png ├── ip.txt ├── pocs ├── const.py ├── pocs.py └── springboot.py ├── ports ├── naabu_linux └── naabu_win.exe ├── readme.md └── requirements.txt /banner/banner.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding:utf8 -*- 3 | 4 | 5 | def banner(): 6 | ''' 7 | print(" ⣿⣿⣿⣿⣿⣿⢟⣡⣴⣶⣶⣦⣌⡛⠟⣋⣩⣬⣭⣭⡛⢿⣿⣿⣿⣿ ") 8 | print(" ⣿⣿⣿⣿⠋⢰⣿⣿⠿⣛⣛⣙⣛⠻⢆⢻⣿⠿⠿⠿⣿⡄⠻⣿⣿⣿ ") 9 | print(" ⣿⣿⣿⠃⢠⣿⣿⣶⣿⣿⡿⠿⢟⣛⣒⠐⠲⣶⡶⠿⠶⠶⠦⠄⠙⢿ ") 10 | print(" ⣿⠋⣠⠄⣿⣿⣿⠟⡛⢅⣠⡵⡐⠲⣶⣶⣥⡠⣤⣵⠆⠄⠰⣦⣤⡀ ") 11 | print(" ⠇⣰⣿⣼⣿⣿⣧⣤⡸⢿⣿⡀⠂⠁⣸⣿⣿⣿⣿⣇⠄⠈⢀⣿⣿⠿ ") 12 | print(" ⣰⣿⣿⣿⣿⣿⣿⣿⣷⣤⣈⣙⠶⢾⠭⢉⣁⣴⢯⣭⣵⣶⠾⠓⢀⣴ ") 13 | print(" ⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣉⣤⣴⣾⣿⣿⣦⣄⣤⣤⣄⠄⢿⣿ ") 14 | print(" ⣿⣿⣿⣿⣿⣿⣿⣿⠿⠿⠿⠿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣇⠈⢿ ") 15 | print(" ⣿⣿⣿⣿⣿⣿⡟⣰⣞⣛⡒⢒⠤⠦⢬⣉⣉⣉⣉⣉⣉⣉⡥⠴⠂⢸ ") 16 | print(" ⠻⣿⣿⣿⣿⣏⠻⢌⣉⣉⣩⣉⡛⣛⠒⠶⠶⠶⠶⠶⠶⠶⠶⠂⣸⣿ ") 17 | print(" ⣥⣈⠙⡻⠿⠿⣷⣿⣿⣿⣿⣿⣿⣿⣿⣿⣾⣿⠿⠛⢉⣠⣶⣶⣿⣿ ") 18 | ''' 19 | print(" _ _ _ _ ") 20 | print(" /\ \ /\ \ /\ \ /\ \ ") 21 | print(" / \ \ / \ \ / \ \ / \ \ ") 22 | print(" / /\ \ \ / /\ \ \ / /\ \ \ / /\ \_\ ") 23 | print(" / / /\ \_\ / / /\ \_\ / / /\ \ \ / / /\/_/ ") 24 | print(" / /_/_ \/_// / /_/ / / / / / \ \_\ / / / ______ ") 25 | print(" / /____/\ / / /__\/ / / / / / / // / / /\_____\ ") 26 | print(" / /\____\/ / / /_____/ / / / / / // / / \/____ / ") 27 | print(" / / / / / /\ \ \ / / /___/ / // / /_____/ / / ") 28 | print("/ / / / / / \ \ \/ / /____\/ // / /______\/ / ") 29 | print("\/_/ \/_/ \_\/\/_________/ \/___________/ ") -------------------------------------------------------------------------------- /frogAuth.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # -*- coding:utf8 -*- 3 | import subprocess 4 | import sys 5 | import argparse 6 | import os 7 | from random import shuffle 8 | from pocs import const 9 | from banner import banner 10 | from concurrent.futures import ThreadPoolExecutor,wait, ALL_COMPLETED 11 | 12 | naabu = 'naabu_linux' 13 | httpxname = 'httpx_linux' 14 | 15 | 16 | #读取文件输出list 17 | def readf(fname): 18 | li = [] 19 | try: 20 | f = open(fname) 21 | for text in f.readlines(): 22 | data1 = text.strip('\n') 23 | if data1 != '': 24 | li.append(data1) 25 | f.close() 26 | except: 27 | return None 28 | return li 29 | 30 | 31 | #设置两种系统 32 | def getsys(sys0): 33 | global naabu 34 | global httpxname 35 | if sys0.lower() == 'linux': 36 | naabu = 'naabu_linux' 37 | httpxname = 'httpx_linux' 38 | if sys0.lower() == 'win': 39 | naabu = 'naabu_win.exe' 40 | httpxname = 'httpx_win.exe' 41 | 42 | #写入 43 | def prefil(strw): 44 | try: 45 | f = open('tmp.txt','a') 46 | f.write(strw) 47 | f.write('\n') 48 | finally: 49 | f.close() 50 | 51 | 52 | #写入 53 | def pFile(strw): 54 | try: 55 | f = open('ports.txt','a') 56 | f.write(strw) 57 | f.write('\n') 58 | finally: 59 | f.close() 60 | 61 | 62 | #写入 63 | def hFile(strw): 64 | try: 65 | f = open('http.txt','a') 66 | f.write(strw) 67 | f.write('\n') 68 | finally: 69 | f.close() 70 | 71 | # 从文件读取扫描结果 72 | def getresult(filename): 73 | file = open(filename,'r',encoding='utf-8') 74 | s = file.readlines() 75 | s=[x.strip() for x in s if x.strip()!=''] 76 | return s 77 | 78 | 79 | 80 | #端口扫描 81 | def port_scan(file_name): 82 | portL = [] 83 | cmd = ["./ports/"+naabu, "-iL", file_name, "-p", const.all_ports, "-no-color", "-silent", "-ping", "false", "-rate", "1000", "-stats"] 84 | #print(cmd) 85 | print("Ports Scanning.") 86 | try: 87 | output = subprocess.check_output(cmd) 88 | except Exception as e: 89 | print(e) 90 | sys.exit(1) 91 | print("Finish Ports Scan.") 92 | portL = str(output).split("\\n") 93 | try: 94 | portL[0] = portL[0].split("'")[1] 95 | del portL[-1] 96 | except: 97 | pass 98 | for pl in portL: 99 | pFile(pl) 100 | 101 | return portL 102 | 103 | #httpx扫描 104 | def httpx(target): 105 | cmd = ["./httpx/"+ httpxname, "-l", target, "-ports", "80,443,8080,8090,8443,9090,8880,2052,2082,2086,2095,2053,2083,2087,2096", "-mc","200","-threads", "600", "-silent", "-no-color", "-follow-redirects"] 106 | print("Httpx Scanning.") 107 | try: 108 | output = subprocess.check_output(cmd) 109 | print(output) 110 | except Exception as e: 111 | print(e) 112 | sys.exit(1) 113 | print("Finish Httpx Scan.") 114 | portL = str(output).split("\\n") 115 | httpL = [] 116 | try: 117 | portL[0] = portL[0].split("'")[1] 118 | del portL[-1] 119 | except: 120 | pass 121 | for i in portL: 122 | if i is not None: 123 | i = i.split("//")[1].strip("/") 124 | httpL.append(i) 125 | for pl in httpL: 126 | hFile(pl) 127 | return httpL 128 | 129 | 130 | 131 | #low level 132 | def unauth_low(target): 133 | port = str(target.split(":")[1]) 134 | for dl in const.dic_list_low: 135 | if port in dl["port"]: 136 | dl["func"](target) 137 | 138 | 139 | 140 | #mid level 141 | def unauth_mid(target): 142 | port = str(target.split(":")[1]) 143 | for dl in const.dic_list_mid: 144 | if port in dl["port"]: 145 | dl["func"](target) 146 | 147 | 148 | #high level 149 | def unauth_high(target): 150 | port = str(target.split(":")[1]) 151 | for dl in const.dic_list_high: 152 | if port in dl["port"]: 153 | dl["func"](target) 154 | 155 | #high level 156 | def springb(target): 157 | port = str(target.split(":")[1]) 158 | for dl in const.dic_springboot: 159 | if port in dl["port"]: 160 | dl["func"](target) 161 | #high level 162 | def vulnscan(target): 163 | port = str(target.split(":")[1]) 164 | for dl in const.dic_vuln: 165 | if port in dl["port"]: 166 | dl["func"](target) 167 | 168 | #删除文件 169 | def delf(fname): 170 | try: 171 | os.remove(fname) 172 | except: 173 | return 174 | 175 | 176 | if __name__ == '__main__': 177 | banner.banner() 178 | if len(sys.argv) == 1: 179 | print('\n') 180 | print("Usage: python3 frogAuth.py win/linux -f ip.txt") 181 | exit() 182 | else: 183 | parser = argparse.ArgumentParser() 184 | parser.add_argument('os', help='win/linux') 185 | parser.add_argument('-m',help='scan/file',default='scan') 186 | parser.add_argument('-f', help='filename', default='ip.txt') 187 | args = parser.parse_args() 188 | getsys(args.os) 189 | file = args.f 190 | module = args.m 191 | delf("tmp.txt") 192 | # 获取扫描结果 193 | if module == 'file': 194 | port_res = getresult(file) 195 | else: 196 | port_res = port_scan(file) 197 | #对扫描结果进行打乱 198 | port_res = list(set(port_res)) 199 | shuffle(port_res) 200 | 201 | fileL = readf(file) 202 | 203 | for f in fileL: 204 | try: 205 | if f.split(".")[-1].isalpha() and args.m == 'scan': 206 | prefil(f) 207 | except: 208 | continue 209 | if os.path.exists("tmp.txt"): 210 | http_res = httpx("tmp.txt") 211 | http_res = list(set(http_res)) 212 | shuffle(http_res) 213 | else: 214 | http_res = [''] 215 | 216 | print("unauth Scanning Low.") 217 | with ThreadPoolExecutor(max_workers=100) as pool: 218 | all_task = [pool.submit(unauth_low, target) for target in port_res] 219 | all_task = [pool.submit(unauth_low, target) for target in http_res] 220 | wait(all_task, return_when=ALL_COMPLETED) 221 | print('Finished Low.') 222 | 223 | print("unauth Scanning Mid.") 224 | with ThreadPoolExecutor(max_workers=100) as pool: 225 | all_task = [pool.submit(unauth_mid, target) for target in port_res] 226 | all_task = [pool.submit(unauth_mid, target) for target in http_res] 227 | wait(all_task, return_when=ALL_COMPLETED) 228 | print('Finished Mid.') 229 | 230 | print("unauth Scanning High.") 231 | with ThreadPoolExecutor(max_workers=100) as pool: 232 | all_task = [pool.submit(unauth_high, target) for target in port_res] 233 | all_task = [pool.submit(unauth_high, target) for target in http_res] 234 | wait(all_task, return_when=ALL_COMPLETED) 235 | print('Finished High.') 236 | 237 | print("Springboot Scanning.") 238 | with ThreadPoolExecutor(max_workers=100) as pool: 239 | all_task = [pool.submit(springb, target) for target in port_res] 240 | all_task = [pool.submit(springb, target) for target in http_res] 241 | wait(all_task, return_when=ALL_COMPLETED) 242 | print('Finished Springboot Scan.') 243 | delf("tmp.txt") 244 | -------------------------------------------------------------------------------- /httpx/httpx_linux: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/timwhitez/Frog-Auth/0fcc9bf9d2da3d02ccf7c8e7263b502f6046b735/httpx/httpx_linux -------------------------------------------------------------------------------- /httpx/httpx_win.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/timwhitez/Frog-Auth/0fcc9bf9d2da3d02ccf7c8e7263b502f6046b735/httpx/httpx_win.exe -------------------------------------------------------------------------------- /img.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/timwhitez/Frog-Auth/0fcc9bf9d2da3d02ccf7c8e7263b502f6046b735/img.png -------------------------------------------------------------------------------- /ip.txt: -------------------------------------------------------------------------------- 1 | 49.234.49.218 2 | 84.252.114.51 3 | 121.5.158.176 4 | 5 | -------------------------------------------------------------------------------- /pocs/const.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # coding: utf-8 3 | from pocs import pocs 4 | from pocs import springboot 5 | 6 | https_ports = "443,2053,2083,2087,2096,8443,9443,18443" 7 | 8 | #端口扫描列表 9 | all_ports = "21,80,81,443,616,873,990,993,2181,2375,2376,2600,3000,3001,3306,3307,3310,3311,3312,3333,4040,4443,5000,5001,5060,5601,5984,5986,6006,6060,6066,6379,6699,6779,6969,7000,7001,7002,7402,7777,8000,8001,8010,8020,8025,8030,8042,8080,8081,8082,8083,8085,8086,8088,8089,8090,8099,8181,8443,8480,8886,8888,8983,9000,9002,9003,9080,9090,9200,9300,9443,9527,9870,9999,10000,11211,15000,15001,15002,18081,20000,27017,27018,28017,32768,50000,50030,50070,50075,50090,21502" 10 | 11 | #各种服务对应的端口 12 | RD = ["6379","7001","7002","7000","32768","7777","6969","6699","10000","6779","80","443","616"] 13 | MDB = ["27017", "28017", "20000", "27018", "10000"] 14 | MC = ["11211", "2600", "15000", "15001", "3000", "9002", "15002", "9003"] 15 | ES = ["9200", "80", "9527", "8090", "8080", "9300", "9000"] 16 | ZK = ["2181"] 17 | DK = ["2375", "80", "443", "8088", "8080", "8443"] 18 | HDP = ["50070", "50090", "9870", "50075", "50030", "80", "443", "8088", "8030", "9000", "8010", "8480", "8025", "8042", "8020"] 19 | RS = ["873"] 20 | FP = ["21", "990"] 21 | CDB = ["5984", "5986", "80", "443", "8088", "8080", "8443"] 22 | DKR = ["5000", "5001", "2375", "993", "9000", "9200", "80", "443", "8080", "2376"] 23 | HDY = ["8088", "8090", "8089", "8099", "3000", "3001", "4040", "8080"] 24 | IDB = ["8086", "8083", "3000", "80", "443", "8085", "8080", "9999"] 25 | DRD = ["8888", "8081", "8090", "443", "80", "8080", "8443", "9080", "9443"] 26 | JBS = ["80", "443", "8080", "8081", "8443", "9200", "5601", "8000", "8888", "9080", "9443"] 27 | JKS = ["8080", "443", "80", "50000", "8081", "9090", "8888", "8090", "8088", "9080", "9443"] 28 | MYS = ["3306", "3307", "3310", "3333", "3311", "3312"] 29 | KBN = ["5601", "443", "80", "8080"] 30 | KO = ["443", "80", "8000", "8001", "8443"] 31 | SPAPI = ["6066", "6066"] 32 | SP = ["8081", "8080", "443", "4040", "80", "18081"] 33 | TB = ["443", "80", "6006", "8080", "8888", "8000"] 34 | SB = ["80", "443", "8080", "8081", "8088", "9080", "9443","7000","21502"] 35 | ZBX = ["80","81","443","3000","4040","8080","8081","8090","8181","8081","8443","9090","4443","7402","5060","6060","9002","15001"] 36 | FL = ["8080","8081","8082","18081","80","443","8443","8083","8088","8089","8085"] 37 | SLR = ["8983","80","8090","8080","443","8886","8083","8081","8082","20000","8085","8888"] 38 | 39 | #端口与函数的对应 40 | dicRD = {"port":RD,"func":pocs.redis} 41 | dicMDB = {"port":MDB,"func":pocs.mongodb} 42 | dicMC = {"port":MC,"func":pocs.memcached} 43 | dicZK = {"port":ZK,"func":pocs.zookeeper} 44 | dicHDP = {"port":HDP,"func":pocs.Hadoop} 45 | dicDK = {"port":DK,"func":pocs.docker} 46 | #dicRS = {"port":RS,"func":pocs.rsync} 47 | 48 | 49 | dicMYS = {"port":MYS,"func":pocs.mysql} 50 | dicFP = {"port":FP,"func":pocs.ftp} 51 | dicSP = {"port":SP,"func":pocs.spark} 52 | dicKBN = {"port":KBN,"func":pocs.kibana} 53 | dicKO = {"port":KO,"func":pocs.kong} 54 | dicES = {"port":ES,"func":pocs.elasticsearch} 55 | dicCDB = {"port":CDB,"func":pocs.CouchDB} 56 | dicDKR = {"port":DKR,"func":pocs.docker_reg} 57 | 58 | dicIDB = {"port":IDB,"func":pocs.influxdb} 59 | dicHDY = {"port":HDY,"func":pocs.hadoop_yarn} 60 | dicJKS = {"port":JKS,"func":pocs.jenkins} 61 | dicDRD = {"port":DRD,"func":pocs.druid} 62 | dicSPAPI = {"port":SPAPI,"func":pocs.spark_api} 63 | dicTB = {"port":TB,"func":pocs.tensorboard} 64 | dicJBS = {"port":JBS,"func":pocs.jboss} 65 | 66 | dicSB = {"port":SB,"func":springboot.sb_Actuator} 67 | 68 | dicZBX = {"port":ZBX,"func":pocs.zabbix} 69 | dicFL = {"port":FL,"func":pocs.flink} 70 | dicSLR = {"port":SLR,"func":pocs.solr} 71 | 72 | 73 | dic_list_low = [dicRD,dicMDB,dicMC,dicZK,dicDK] 74 | #dic_list_low = [dicRD,dicMDB,dicMC,dicZK,dicDK,dicRS] 75 | dic_list_mid = [dicMYS,dicFP,dicSP,dicKBN,dicKO,dicES,dicCDB,dicDKR,dicZBX] 76 | dic_list_high = [dicIDB,dicHDY,dicJKS,dicDRD,dicSPAPI,dicTB,dicJBS,dicHDP,dicFL,dicSLR] 77 | dic_springboot = [dicSB] 78 | -------------------------------------------------------------------------------- /pocs/pocs.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # coding: utf-8 3 | import socket 4 | import pymongo 5 | import requests 6 | import ftplib 7 | import pymysql 8 | import logging 9 | logging.captureWarnings(True) 10 | from pocs import const 11 | from pyzabbix import ZabbixAPI 12 | 13 | HD = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"} 14 | 15 | #添加写入 16 | def rFile(strw): 17 | try: 18 | f = open('results.txt','a') 19 | f.write(strw) 20 | f.write('\n') 21 | finally: 22 | f.close() 23 | 24 | def redis(target): 25 | try: 26 | ip = target.split(":")[0] 27 | port = int(target.split(":")[1]) 28 | socket.setdefaulttimeout(10) 29 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 30 | s.connect((ip, port)) 31 | s.send(bytes("INFO\r\n", 'UTF-8')) 32 | result = s.recv(1024).decode() 33 | if "redis_version" in result: 34 | print(target + " redis未授权") 35 | rFile(str(target) + " redis未授权") 36 | s.close() 37 | except: 38 | return 39 | 40 | 41 | 42 | def mongodb(target): 43 | try: 44 | ip = target.split(":")[0] 45 | port = int(target.split(":")[1]) 46 | conn = pymongo.MongoClient(ip, port, socketTimeoutMS=4000) 47 | dbname = conn.list_database_names() 48 | print(target + " mongodb未授权") 49 | rFile(str(target) + " mongodb未授权") 50 | conn.close() 51 | except: 52 | return 53 | 54 | 55 | 56 | def memcached(target): 57 | try: 58 | ip = target.split(":")[0] 59 | port = int(target.split(":")[1]) 60 | socket.setdefaulttimeout(10) 61 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 62 | s.connect((ip, port)) 63 | s.send(bytes('stats\r\n', 'UTF-8')) 64 | if 'version' in s.recv(1024).decode(): 65 | print(target + " memcached未授权") 66 | rFile(str(target) + " memcached未授权") 67 | s.close() 68 | except: 69 | return 70 | 71 | 72 | def elasticsearch(target): 73 | try: 74 | ip = target.split(":")[0] 75 | port = int(target.split(":")[1]) 76 | if "443" in str(port) or str(port) in const.https_ports: 77 | url0 = 'https://'+str(target) +'/' 78 | url = 'https://'+str(target) +'/_cat' 79 | else: 80 | url0 = 'http://'+str(target) +'/' 81 | url = 'http://'+str(target) +'/_cat' 82 | r0 = requests.get(url0, headers = HD, timeout=10,verify=False, allow_redirects=False) 83 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 84 | if 'You Know, for Search' in r0.content.decode() and '/_cat/master' in r.content.decode(): 85 | print(url + " elasticsearch未授权") 86 | rFile(str(url) + " elasticsearch未授权") 87 | except: 88 | return 89 | 90 | 91 | def zookeeper(target): 92 | try: 93 | ip = target.split(":")[0] 94 | port = int(target.split(":")[1]) 95 | socket.setdefaulttimeout(10) 96 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 97 | s.connect((ip, port)) 98 | s.send(bytes('envi', 'UTF-8')) 99 | data = s.recv(1024).decode() 100 | s.close() 101 | if 'Environment' in data: 102 | print(target + " zookeeper未授权") 103 | rFile(str(target) + " zookeeper未授权") 104 | except: 105 | return 106 | 107 | 108 | def ftp(target): 109 | try: 110 | ip = target.split(":")[0] 111 | port = int(target.split(":")[1]) 112 | ftp = ftplib.FTP.connect(ip,port,timeout=10) 113 | ftp.login('anonymous', 'Aa@12345678') 114 | print(target + " FTP未授权") 115 | rFile(str(target) + " FTP未授权") 116 | except: 117 | return 118 | 119 | 120 | def CouchDB(target): 121 | try: 122 | ip = target.split(":")[0] 123 | port = target.split(":")[1] 124 | if "443" in str(port) or str(port) in const.https_ports: 125 | url = 'https://'+str(target) +'/_config' 126 | else: 127 | url = 'http://'+str(target) +'/_config' 128 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 129 | if 'httpd_design_handlers' in r.content.decode() and 'external_manager' in r.content.decode() and 'replicator_manager' in r.content.decode(): 130 | print(url + " CouchDB未授权") 131 | rFile(str(url) + " CouchDB未授权") 132 | except: 133 | return 134 | 135 | 136 | def docker(target): 137 | try: 138 | ip = target.split(":")[0] 139 | port = target.split(":")[1] 140 | if "443" in str(port) or str(port) in const.https_ports: 141 | url0 = 'https://'+str(target) +'/info' 142 | url = 'https://'+str(target) +'/version' 143 | else: 144 | url0 = 'http://'+str(target) +'/info' 145 | url = 'http://'+str(target) +'/version' 146 | r0 = requests.get(url0, headers = HD, timeout=10,verify=False, allow_redirects=False) 147 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 148 | if 'ApiVersion' in r.content.decode() and 'KernelVersion' in r0.content.decode() and 'RegistryConfig' in r0.content.decode(): 149 | print(url0 + " docker api未授权") 150 | rFile(str(url0) + " docker api未授权") 151 | except: 152 | return 153 | 154 | 155 | def Hadoop(target): 156 | try: 157 | ip = target.split(":")[0] 158 | port = target.split(":")[1] 159 | if "443" in str(port) or str(port) in const.https_ports: 160 | url = 'https://'+str(target) +'/dfshealth.html' 161 | else: 162 | url = 'http://'+str(target) +'/dfshealth.html' 163 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 164 | if 'hadoop.css' in r.content.decode(): 165 | print(url + " Hadoop未授权") 166 | rFile(str(url) + " Hadoop未授权") 167 | except: 168 | return 169 | 170 | 171 | 172 | def hadoop_yarn(target): 173 | try: 174 | ip = target.split(":")[0] 175 | port = target.split(":")[1] 176 | if "443" in str(port) or str(port) in const.https_ports: 177 | url = 'https://'+str(target) +'/ws/v1/cluster/info' 178 | else: 179 | url = 'http://'+str(target) +'/ws/v1/cluster/info' 180 | r = requests.get(url, headers = HD, timeout=10,verify=False) 181 | if 'resourceManagerVersionBuiltOn' in r.content.decode() and 'hadoopVersion'in r.content.decode(): 182 | print(url + " Hadoop yarn未授权") 183 | rFile(str(url) + " Hadoop yarn未授权") 184 | except: 185 | return 186 | 187 | 188 | 189 | 190 | 191 | def docker_reg(target): 192 | try: 193 | ip = target.split(":")[0] 194 | port = target.split(":")[1] 195 | if "443" in str(port) or str(port) in const.https_ports: 196 | url0 = 'https://'+str(target) +'/v2/' 197 | url = 'https://'+str(target) +'/v2/_catalog' 198 | else: 199 | url0 = 'http://'+str(target) +'/v2/' 200 | url = 'http://'+str(target) +'/v2/_catalog' 201 | r0 = requests.get(url0, headers = HD, timeout=10,verify=False, allow_redirects=False) 202 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 203 | if 'docker-distribution-api-version' in str(r0.headers) and 'repositories' in r.content.decode(): 204 | print(url0 + " docker-registry-api未授权") 205 | rFile(str(url0) + " docker-registry-api未授权") 206 | except: 207 | return 208 | 209 | def zabbix(target): 210 | try: 211 | ip = target.split(":")[0] 212 | port = target.split(":")[1] 213 | if "443" in str(port) or str(port) in const.https_ports: 214 | url0 = 'https://'+str(target) +'/zabbix' 215 | url = 'https://'+str(target) +'/' 216 | else: 217 | url0 = 'http://'+str(target) +'/zabbix' 218 | url = 'http://'+str(target) +'/' 219 | except: 220 | return 221 | try: 222 | r = requests.get(url0, headers = HD, timeout=10,verify=False, allow_redirects=True) 223 | r0 = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=True) 224 | except: 225 | return 226 | if "zabbix" in r.content.decode().lower() or "zabbix" in r0.content.decode().lower(): 227 | try: 228 | zapi = ZabbixAPI(url0) 229 | zapi.session.verify = False 230 | zapi.timeout = 10 231 | zapi.login("Admin", "zabbix") 232 | print(url0 + "zabbix默认密码Admin/zabbix") 233 | rFile(url0 + "zabbix默认密码Admin/zabbix") 234 | except: 235 | try: 236 | zapi = ZabbixAPI(url) 237 | zapi.session.verify = False 238 | zapi.timeout = 10 239 | zapi.login("Admin", "zabbix") 240 | print(url + "zabbix默认密码Admin/zabbix") 241 | rFile(url + "zabbix默认密码Admin/zabbix") 242 | except: 243 | return 244 | else: 245 | return 246 | 247 | 248 | def influxdb(target): 249 | try: 250 | ip = target.split(":")[0] 251 | port = target.split(":")[1] 252 | if "443" in str(port) or str(port) in const.https_ports: 253 | url0 = 'https://'+str(target) +'/ping' 254 | url = 'https://'+str(target) +'/query?q=show%20users' 255 | else: 256 | url0 = 'http://'+str(target) +'/ping' 257 | url = 'http://'+str(target) +'/query?q=show%20users' 258 | r0 = requests.get(url0, headers = HD, timeout=10,verify=False) 259 | r = requests.get(url, headers = HD, timeout=10,verify=False) 260 | if 'X-Influxdb-Version' in str(r0.headers) and 'columns' in r.content.decode() and 'user' in r.content.decode(): 261 | print(url + " influxdb未授权") 262 | rFile(str(url) + " influxdb未授权") 263 | except: 264 | return 265 | 266 | 267 | def druid(target): 268 | try: 269 | ip = target.split(":")[0] 270 | port = target.split(":")[1] 271 | if "443" in str(port) or str(port) in const.https_ports: 272 | url = 'https://'+str(target) +'/druid/index.html' 273 | else: 274 | url = 'http://'+str(target) +'/druid/index.html' 275 | r = requests.get(url, headers = HD, timeout=10,verify=False) 276 | if 'Druid Stat Index' in r.content.decode() and 'DruidVersion' in r.content.decode() and 'DruidDrivers' in r.content.decode(): 277 | print(url + " druid-monitor未授权") 278 | rFile(str(url) + " druid-monitor未授权") 279 | except: 280 | return 281 | 282 | 283 | def jboss(target): 284 | try: 285 | ip = target.split(":")[0] 286 | port = target.split(":")[1] 287 | if "443" in str(port) or str(port) in const.https_ports: 288 | url = 'https://'+str(target) +'/jmx-console/' 289 | else: 290 | url = 'http://'+str(target) +'/jmx-console/' 291 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 292 | if 'jboss.management.local' in r.content.decode() and 'jboss.web' in r.content.decode(): 293 | print(url + " jboss未授权") 294 | rFile(str(url) + " jboss未授权") 295 | except: 296 | return 297 | 298 | 299 | def jenkins(target): 300 | try: 301 | ip = target.split(":")[0] 302 | port = target.split(":")[1] 303 | if "443" in str(port) or str(port) in const.https_ports: 304 | url = 'https://'+str(target) +'/systemInfo' 305 | else: 306 | url = 'http://'+str(target) +'/systemInfo' 307 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 308 | if 'jenkins.war' in r.content.decode() and 'JENKINS_HOME' in r.content.decode(): 309 | print(url + " jenkins未授权") 310 | rFile(str(url) + " jenkins未授权") 311 | except: 312 | return 313 | 314 | 315 | 316 | def rsync(target): 317 | try: 318 | print(target + " 可能存在rsync未授权") 319 | rFile(str(target) + " 可能存在rsync未授权") 320 | except: 321 | pass 322 | 323 | 324 | def mysql(target): 325 | try: 326 | ip = target.split(":")[0] 327 | port0 = int(target.split(":")[1]) 328 | conn = pymysql.connect(host=ip, port=port0, user='root', password='', charset='utf8', autocommit=True) 329 | print(target + " 存在mysql空口令漏洞") 330 | rFile(target + " 存在mysql空口令漏洞") 331 | except: 332 | try: 333 | conn = pymysql.connect(host=ip, port=port0, user='root', password='root', charset='utf8', autocommit=True) 334 | print(target + " 存在mysql root:root口令漏洞") 335 | rFile(target + " 存在mysql root:root口令漏洞") 336 | except: 337 | pass 338 | return 339 | 340 | 341 | 342 | def kibana(target): 343 | try: 344 | ip = target.split(":")[0] 345 | port = target.split(":")[1] 346 | if "443" in str(port) or "5601" in str(port) or str(port) in const.https_ports: 347 | url = 'https://'+str(target) +'/app/kibana' 348 | else: 349 | url = 'http://'+str(target) +'/app/kibana' 350 | r = requests.get(url, headers = HD, timeout=10,verify=False, allow_redirects=False) 351 | if '.kibanaWelcomeView' in r.content.decode(): 352 | print(url + " kibana未授权") 353 | rFile(str(url) + " kibana未授权") 354 | except: 355 | return 356 | 357 | 358 | def kong(target): 359 | try: 360 | ip = target.split(":")[0] 361 | port = target.split(":")[1] 362 | if "443" in str(port) or str(port) in const.https_ports: 363 | url = 'https://'+str(target) +'/' 364 | url0 = 'https://'+str(target) +'/status' 365 | else: 366 | url = 'http://'+str(target) +'/' 367 | url0 = 'https://'+str(target) +'/status' 368 | r = requests.get(url, headers = HD, timeout=10,verify=False) 369 | r0 = requests.get(url0, headers = HD, timeout=10,verify=False) 370 | if 'kong_env' in r.content.decode() and 'kong_db_cache_miss' in r0.content.decode(): 371 | print(url0 + " kong未授权") 372 | rFile(str(url0) + " kong未授权") 373 | except: 374 | return 375 | 376 | 377 | def spark_api(target): 378 | try: 379 | ip = target.split(":")[0] 380 | port = target.split(":")[1] 381 | url0 = 'https://'+str(target) +'/v1/submissions' 382 | url = 'http://'+str(target) +'/v1/submissions' 383 | try: 384 | r0 = requests.get(url0, headers = HD, timeout=10,verify=False) 385 | if r0.status_code == 400 and 'serverSparkVersion' in r0.content.decode(): 386 | print(url0 + " spark_api未授权") 387 | rFile(str(url0) + " spark_api未授权") 388 | except: 389 | pass 390 | try: 391 | r = requests.get(url, headers = HD, timeout=10,verify=False) 392 | if r.status_code == 400 and 'serverSparkVersion' in r.content.decode(): 393 | print(url + " spark_api未授权") 394 | rFile(str(url) + " spark_api未授权") 395 | except: 396 | pass 397 | except: 398 | return 399 | 400 | 401 | def spark(target): 402 | try: 403 | ip = target.split(":")[0] 404 | port = target.split(":")[1] 405 | if "443" in str(port) or str(port) in const.https_ports: 406 | url = 'https://'+str(target) +'/' 407 | else: 408 | url = 'http://'+str(target) +'/' 409 | r = requests.get(url, headers = HD, timeout=10,verify=False) 410 | if 'Spark' in r.content.decode() and '<strong>URL:</strong> spark:' in r.content.decode(): 411 | print(url + " spark未授权") 412 | rFile(str(url) + " spark未授权") 413 | except: 414 | return 415 | 416 | 417 | def tensorboard(target): 418 | try: 419 | ip = target.split(":")[0] 420 | port = target.split(":")[1] 421 | if "443" in str(port) or str(port) in const.https_ports: 422 | url0 = 'https://'+str(target) +'/' 423 | url = 'https://'+str(target) +'/data/plugins_listing' 424 | else: 425 | url0 = 'http://'+str(target) +'/' 426 | url = 'https://'+str(target) +'/data/plugins_listing' 427 | r0 = requests.get(url0, headers = HD, timeout=10,verify=False) 428 | r = requests.get(url, headers = HD, timeout=10,verify=False) 429 | if 'The TensorFlow Authors. All Rights Reserved.' in r0.content.decode() and 'distributions' in r.content.decode() and 'profile' in r.content.decode(): 430 | print(url + " tensorboard未授权") 431 | rFile(str(url) + " tensorboard未授权") 432 | except: 433 | return 434 | 435 | 436 | 437 | def flink(target): 438 | try: 439 | ip = target.split(":")[0] 440 | port = target.split(":")[1] 441 | if "443" in str(port) or str(port) in const.https_ports: 442 | url = 'https://'+str(target) +'/jars/' 443 | else: 444 | url = 'http://'+str(target) +'/jars/' 445 | r = requests.get(url, headers = HD, timeout=10,verify=False) 446 | if r.status_code == 200 and "application/json" in r.headers['Content-Type'] and 'address' in r.content.decode(): 447 | print(url + " flink未授权") 448 | rFile(str(url) + " flink未授权") 449 | except: 450 | return 451 | 452 | 453 | 454 | def solr(target): 455 | solrpath=['/solr','/Solr','/'] 456 | for i in solrpath: 457 | try: 458 | ip = target.split(":")[0] 459 | port = target.split(":")[1] 460 | if "443" in str(port) or str(port) in const.https_ports: 461 | url = 'https://'+str(target) +i 462 | else: 463 | url = 'http://'+str(target) +i 464 | r = requests.get(url, headers = HD, timeout=10,verify=False) 465 | if r.status_code == 200 and ("<title>Solr Admin" in r.content.decode() or "app_config.solr_path" in r.content.decode() or "Solr Query Syntax" in r.content.decode()): 466 | print(url + " solr未授权") 467 | rFile(str(url) + " solr未授权") 468 | return 469 | except: 470 | pass 471 | -------------------------------------------------------------------------------- /pocs/springboot.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # _*_ coding:utf-8 _*_ 3 | 4 | ''' 5 | ____ _ _ _ _ __ __ _ 6 | | _ \ __ _| |__ | |__ (_) |_| \/ | __ _ ___| | __ 7 | | |_) / _` | '_ \| '_ \| | __| |\/| |/ _` / __| |/ / 8 | | _ < (_| | |_) | |_) | | |_| | | | (_| \__ \ < 9 | |_| \_\__,_|_.__/|_.__/|_|\__|_| |_|\__,_|___/_|\_\ 10 | ''' 11 | import requests 12 | from pocs import const 13 | 14 | pathlist=['/autoconfig','/beans','/configprops','/dump','/health','/info','/mappings','/metrics','/trace',] 15 | HD = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36", 16 | "Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"} 17 | 18 | requests.packages.urllib3.disable_warnings() 19 | 20 | def saveinfo(result): 21 | if result: 22 | fw=open('results.txt','a') 23 | fw.write(result+'\n') 24 | fw.close() 25 | 26 | 27 | #大多数Actuator仅支持GET请求并仅显示敏感的配置数据,如果使用了Jolokia端点,可能会产生XXE、甚至是RCE安全问题。 28 | #通过查看/jolokia/list 中存在的 Mbeans,是否存在logback 库提供的reloadByURL方法来进行判断。 29 | def Jolokiacheck(url): 30 | url_tar = url + '/jolokia/list' 31 | r = requests.get(url_tar, headers=HD, timeout=10, verify=False, allow_redirects=False) 32 | if r.status_code == 200: 33 | print("springboot-jolokia未授权:{}".format(url_tar)) 34 | saveinfo("springboot-jolokia未授权:{}".format(url_tar)) 35 | if 'reloadByURL' in r.text: 36 | print("springboot-jolokia存在reloadByURL方法,可进行XXE/RCE测试:{}".format(url_tar)) 37 | saveinfo("springboot-jolokia 端点存在reloadByURL方法,可进行XXE/RCE测试:{}".format(url_tar)) 38 | if 'createJNDIRealm' in r.text: 39 | print("springboot-jolokia存在createJNDIRealm方法,可进行JNDI注入RCE测试:{}".format(url_tar)) 40 | saveinfo("springboot-jolokia 端点存在createJNDIRealm方法,可进行JNDI注入RCE测试:{}".format(url_tar)) 41 | 42 | 43 | #Spring Boot env端点存在环境属性覆盖和XStream反序列化漏洞 44 | def Envcheck_1(url): 45 | url_tar = url + '/env' 46 | r = requests.get(url_tar, headers=HD, timeout=10, verify=False, allow_redirects=False) 47 | if r.status_code == 200: 48 | print("springboot-env未授权访问:{}".format(url_tar)) 49 | saveinfo("springboot-env未授权访问:{}".format(url_tar)) 50 | if 'spring.cloud.bootstrap.location' in r.text: 51 | print("springboot-env 端点spring.cloud.bootstrap.location属性开启,可进行环境属性覆盖RCE测试:{}".format(url_tar)) 52 | saveinfo("springboot-env 端点spring.cloud.bootstrap.location属性开启,可进行环境属性覆盖RCE测试:{}".format(url_tar)) 53 | if 'eureka.client.serviceUrl.defaultZone' in r.text: 54 | print("springboot-env 端点eureka.client.serviceUrl.defaultZone属性开启,可进行XStream反序列化RCE测试:{}".format(url_tar)) 55 | saveinfo("springboot-env 端点eureka.client.serviceUrl.defaultZone属性开启,可进行XStream反序列化RCE测试:{}".format(url_tar)) 56 | 57 | 58 | #Spring Boot 1.x版本端点在根URL下注册。 59 | def sb1_Actuator(url): 60 | key=0 61 | Envcheck_1(url) 62 | Jolokiacheck(url) 63 | for i in pathlist: 64 | url_tar = url+i 65 | r = requests.get(url_tar, headers=HD, timeout=10, verify=False, allow_redirects=False) 66 | if r.status_code==200: 67 | print("springboot-{} 端点的未授权访问:{}".format(i.replace('/',''),url_tar)) 68 | saveinfo("springboot-{} 端点的未授权访问:{}".format(i.replace('/',''),url_tar)) 69 | key=1 70 | return key 71 | 72 | #Spring Boot 2.x版本存在H2配置不当导致的RCE,目前非正则判断,测试阶段 73 | #另外开始我认为环境属性覆盖和XStream反序列化漏洞只有1.*版本存在 74 | #后来证实2.*也是存在的,data需要以json格式发送,这个我后边会给出具体exp 75 | def Envcheck_2(url): 76 | url_tar = url + '/actuator/env' 77 | r = requests.get(url_tar, headers=HD, timeout=10, verify=False, allow_redirects=False) 78 | if r.status_code == 200: 79 | print("springboot-env 未授权访问:{}".format(url_tar)) 80 | saveinfo("springboot-env 未授权访问:{}".format(url_tar)) 81 | if 'spring.cloud.bootstrap.location' in r.text: 82 | print("springboot-env 端点spring.cloud.bootstrap.location属性开启,可进行环境属性覆盖RCE测试:{}".format(url_tar)) 83 | saveinfo("springboot-env 端点spring.cloud.bootstrap.location属性开启,可进行环境属性覆盖RCE测试:{}".format(url_tar)) 84 | if 'eureka.client.serviceUrl.defaultZone' in r.text: 85 | print("springboot-env 端点eureka.client.serviceUrl.defaultZone属性开启,可进行XStream反序列化RCE测试:{}".format(url_tar)) 86 | saveinfo("springboot-env 端点eureka.client.serviceUrl.defaultZone属性开启,可进行XStream反序列化RCE测试:{}".format(url_tar)) 87 | headers["Cache-Control"]="max-age=0" 88 | rr = requests.post(url+'/actuator/restart', headers=headers, verify=False, timeout=10, allow_redirects=False) 89 | if rr.status_code == 200: 90 | print("springboot-env 端点支持restart端点访问,可进行H2 RCE测试:{}".format(url+'/actuator/restart')) 91 | saveinfo("springboot-env 端点支持restart端点访问,可进行H2 RCE测试:{}".format(url+'/actuator/restart')) 92 | 93 | 94 | 95 | #Spring Boot 2.x版本端点移动到/actuator/路径。 96 | def sb2_Actuator(url): 97 | Envcheck_2(url) 98 | Jolokiacheck(url+'/actuator') 99 | for i in pathlist: 100 | url_tar = url+'/actuator'+i 101 | r = requests.get(url_tar, headers=HD,timeout=10, verify=False, allow_redirects=False) 102 | if r.status_code==200: 103 | print("springboot-{}未授权访问:{}".format(i.replace('/',''),url_tar)) 104 | saveinfo("springboot-{}未授权访问:{}".format(i.replace('/', ''), url_tar)) 105 | 106 | 107 | 108 | def sbcheck(url): 109 | try: 110 | r = requests.get(url+ '/404', headers=HD, timeout=10,verify=False, allow_redirects=False) 111 | if r.status_code==404 or r.status_code==403: 112 | if 'Whitelabel Error Page' in r.text or 'There was an unexpected error'in r.text: 113 | return 1 114 | else: 115 | return 0 116 | else: 117 | return 0 118 | except requests.exceptions.ConnectTimeout: 119 | return 0 120 | except requests.exceptions.ConnectionError: 121 | return 0 122 | 123 | 124 | 125 | 126 | def sb_Actuator(target): 127 | ip = target.split(":")[0] 128 | port = target.split(":")[1] 129 | if "443" in str(port) or str(port) in const.https_ports: 130 | url = 'https://'+str(target) 131 | else: 132 | url = 'http://'+str(target) 133 | flag = 0 134 | flag = sbcheck(url) 135 | if flag != 1: 136 | return 137 | else: 138 | try: 139 | if sb1_Actuator(url)==0: 140 | sb2_Actuator(url) 141 | except: 142 | return 143 | -------------------------------------------------------------------------------- /ports/naabu_linux: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/timwhitez/Frog-Auth/0fcc9bf9d2da3d02ccf7c8e7263b502f6046b735/ports/naabu_linux -------------------------------------------------------------------------------- /ports/naabu_win.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/timwhitez/Frog-Auth/0fcc9bf9d2da3d02ccf7c8e7263b502f6046b735/ports/naabu_win.exe -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | ![Frog-Auth](https://socialify.git.ci/timwhitez/Frog-Auth/image?description=1&font=Raleway&forks=1&issues=1&language=1&logo=https%3A%2F%2Favatars1.githubusercontent.com%2Fu%2F36320909&owner=1&pattern=Circuit%20Board&stargazers=1&theme=Light) 2 | 3 | - 🐸Frog For Automatic Scan 4 | 5 | - 🐶Doge For Defense Evasion&Offensive Security 6 | 7 | - 本系列命名为Frog可能是因为这种生物的寿命长 🐸 🤓 +1s 8 | 9 | - Frog-Auth为Frog系列第二个项目🐸 10 | 11 | # 🐸Frog-Auth 12 | 13 | Frog-Auth未授权访问检测,采用python3实现,使用subprocess加载[naabu](https://github.com/projectdiscovery/naabu)端口扫描工具, 14 | 15 | 使用httpx进行二次web服务检测 16 | 17 | 配合全面的未授权访问pocs以及独特检测框架,支持ip/domain/CIDR输入。 18 | 19 | ## about 20 | 21 | 在对大量数据整理分析过后挑选了79个未授权访问服务对应的高频端口,使用naabu进行端口扫描, 22 | 23 | 扫描结果会按开放端口情况再进行分类后按需进行乱序检测, 24 | 25 | poc也被分成四类,大致依据我自己主观判断poc被ban的可能性。 26 | 27 | 目前有针对以下服务的未授权漏洞检测: 28 | 29 | ``` 30 | redis, mongodb, memcached, zookeeper, Hadoop, mysql, 31 | 32 | ftp, kibana, kong, elasticsearch, CouchDB, docker, 33 | 34 | docker registry api, influxdb, hadoop yarn api, 35 | 36 | jenkins, druid, spark, spark api, tensorboard, jboss 37 | 38 | springboot, zabbix, flink, solr 39 | ``` 40 | ## update log 41 | ``` 42 | 2020/11/09 43 | 44 | 加入httpx针对domain的检测以避免漏过cdn,修复部分判断逻辑错误, 45 | 46 | 新增zabbix默认密码、solr未授权、flink未授权检测,修改https对应端口 47 | 48 | 考虑到青蛙头banner在部分字体中会乱码,故删去 49 | ``` 50 | 51 | #### 感谢RabbitMask提供的springboot poc, xray社区的部分未授权访问poc, kingkk的建议, cwkiller的部分未授权访问poc 52 | 53 | ## 常用命令 54 | ``` 55 | python3 frogAuth.py linux -f ip.txt 56 | 57 | python3 frogAuth.py win -f ip.txt 58 | ``` 59 | ip.txt按行划分,支持ip/domain/CIDR格式 60 | 61 | ## Usage 62 | 若在linux下使用,请给 naabu_linux 和 httpx_linux 可执行权限 63 | ``` 64 | python3 -m pip install requirements.txt 65 | 66 | python3 frogAuth.py linux/win -f ip.txt 67 | 68 | ``` 69 | ## 运行截图 70 | ![image](https://raw.githubusercontent.com/timwhitez/Frog-Auth/main/img.png) 71 | 72 | ## todo 73 | 若有好的建议,新的未授权访问poc,程序的bug,欢迎提交issues 74 | 75 | ## 🚀Star Trend 76 | [![Stargazers over time](https://starchart.cc/timwhitez/Frog-Auth.svg)](https://starchart.cc/timwhitez/Frog-Auth) 77 | 78 | 79 | ## etc 80 | 1. 开源的样本大部分可能已经无法免杀,需要自行修改 81 | 82 | 2. 我认为基础核心代码的开源能够帮助想学习的人 83 | 84 | 3. 本人从github大佬项目中学到了很多 85 | 86 | 4. 若用本人项目去进行:HW演练/红蓝对抗/APT/黑产/恶意行为/违法行为/割韭菜,等行为,本人概不负责,也与本人无关 87 | 88 | 5. 本人已不参与大小HW活动的攻击方了,若溯源到timwhite id与本人无关 89 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | pymongo 2 | requests 3 | pymysql 4 | pyzabbix --------------------------------------------------------------------------------