forked from kracer127/SiteScan
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.py
214 lines (195 loc) · 7.78 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
# -*- coding:utf-8 -*-
# by:kracer
# Version: 1.5
# 引入模块、包部分
from request import * # 获取返回内容
from common import *
from threading import Thread
from colorama import init
init(autoreset=True) # 让终端输出字体变色效果只对当前输出起作用
import warnings, signal
warnings.filterwarnings("ignore")
# 定义的常量、变量
t = [] # 线程组
logo = '''\033[1;32m
____ * _ ____
/___ | _ _| |_ ___ , /___ | ____ _____ _____
\_ \ | | |__ __| / ___, | \_ \ / ___/ / __\ \ | ___ \\
__) | | | | | | \__|_| __) | | (__ | |__| | | | | |
/____/ |_| |__| \_'____\ /____/ \____\ \ ____\ \ |_| |_|
\033[1;36mBy:kracer (basket_ball edit)
\033[1;36mGithub:https://github.com/kracer127 (https://github.com/basket-ball)\033[0m'''
# 对allDict的数据进行清空处理
def clearAll():
'''
allDict = {'nowIP': [], 'domain': [], 'ports': [], 'whois': [], 'beiAn': [], 'framework': [[], {}, {}], 'urlPATH': [], 'isCDN': [], 'pangZhan': [], 'historyIP': [], 'error': []}
'''
try:
allDict['nowIP'] = []
allDict['domain'] = []
allDict['ports'] = []
allDict['whois'] = []
allDict['beiAn'] = []
allDict['framework'] = [[], {}, {}]
allDict['urlPATH'] = []
allDict['isCDN'] = []
allDict['pangZhan'] = []
allDict['historyIP'] = []
allDict['error'] = []
except Exception as e:
pass
# 多线程解决批查询(暂未实现,不稳定)
def startMainThread(ip_url, ports, maxthread, proxy):
''' 判断网址是否有误 ''' ## 可改进地方 ##
test = processUrl(ip_url)
if test == []:
print('\033[1;31m[-] 网址输入有误,请检查后再试!\033[0m')
return None
''' 正确进入主函数查询 '''
url = processUrl(ip_url)[0]
subDomain = processUrl(ip_url)[-1]
if isIP(url): # 检测是否为IP地址
print('\033[1;35m[-] 检测 {} 为IP地址!\033[0m'.format(url))
allDict['nowIP'].append(url+'::')
request(url).pangZhan()
request(url).getPorts(ports, maxthread, proxy)
elif isAlive(url): # 检测用户输入网址是否有效
print('\033[1;35m[-] 检测 {} 为URL地址!\033[0m'.format(url))
main(url, subDomain, ports, maxthread)
else:
print('\033[1;35m[-] 当前网址 {0} 不可访问, 尝试根域名信息查询!!\033[0m'.format(url))
request(subDomain).IP138()
request(subDomain).Icp()
request(subDomain).getCrtDomain()
request(subDomain).Chaziyu()
request(subDomain).virusDomain()
# request(subDomain).googleHack()
print('\033[1;34m[-] 根域名 {0} 信息查询完毕!!\033[0m'.format(subDomain))
print('[*] 网址:{0} 所有检测任务完成, 开始生成检测报告......'.format(url))
all2HTML(url, allDict)
clearAll()
# 主函数入口
def main(url, subDomain, ports, maxthread):
tasks = []
print('[+] ============ 网址:{0} 检测任务开启, 预估需要3~5min ============'.format(url))
""" 入口一: 域名资产清查"""
# 1.进入<domain2ip函数>获取当前url的ip解析及粗略地理位置
t1 = request(url).domain2ip()
t1_1 = Thread(target=t1)
tasks.append(t1_1)
# 2.进入<IP138函数>获取备案、子域名、历史ip绑定信息
t2 = request(url).IP138()
t2_1 = Thread(target=t2)
tasks.append(t2_1)
# 3.进入<Icp函数>获取备案信息
t3 = request(subDomain).Icp()
t3_1 = Thread(target=t3)
tasks.append(t3_1)
# 4.进入<crt.sh函数>获取子域名信息
t4 = request(subDomain).getCrtDomain()
t4_1 = Thread(target=t4)
tasks.append(t4_1)
# 5.进入<virusTotal函数>获取子域名信息
t5 = request(subDomain).virusDomain()
t5_1 = Thread(target=t5)
tasks.append(t5_1)
# 6.进入<Chaziyu函数>获取子域名函数
t6 = request(subDomain).Chaziyu()
t6_1 = Thread(target=t6)
tasks.append(t6_1)
# 7.进入<isCDN函数>判断是否存在CDN信息
t7 = request(url).isCDN()
t7_1 = Thread(target=t7)
tasks.append(t7_1)
""" 入口二: 网站资产清查 """
# 1.进入<whatweb函数>获取网站的架构信息
t8 = request(url).whatWeb()
t8_1 = Thread(target=t8)
tasks.append(t8_1)
# 2.进入<JSfinder函数>获取子所有域名+url路径
t9 = request(url).jsFinder()
t9_1 = Thread(target=t9)
tasks.append(t9_1)
# 3.进入<GoogleHacking>函数 查找js文件及提取子域名
# t10 = request(url).googleHack()
# t10_1 = Thread(target=t10)
# tasks.append(t10_1)
# 4.进入<wafw00f>函数 侦探网站的waf
def mainDetect():
domain = allDict['urlPATH']
keyURL_list = []
for k in domain:
if ('=' in k) and ('?' in k):
keyURL_list.append(k)
if len(keyURL_list) >= 2:
request(keyURL_list[0]).detectWaf()
request(keyURL_list[1]).detectWaf()
elif len(keyURL_list) == 1:
request(keyURL_list[0]).detectWaf()
request(url).detectWaf()
else:
request(url).detectWaf()
if len(domain) > 0:
request(domain[0]).detectWaf()
print("\033[1;34m[*] 完成网站waf信息侦测, 共"+str(len(allDict['framework'][2]))+"条数据!!\033[0m")
t11 = mainDetect()
t11_1 = Thread(target=t11)
tasks.append(t11_1)
""" 入口三: 不存在CDN下网站IP资产清查 """
# 1.进入<PangZhan函数>获取当前域名IP下的同服务器网站
t12 = request(url).pangZhan()
t12_1 = Thread(target = t12)
tasks.append(t12_1)
# 2.进入<getPorts函数>获取网站开发端口信息
t13 = request(url).getPorts(ports, maxthread, proxy)
t13_1 = Thread(target=t13)
tasks.append(t13_1)
for i in tasks:
i.start()
for j in tasks:
j.join()
# 最终执行函数
if __name__ == '__main__':
signal.signal(signal.SIGINT, signal.SIG_DFL)
print(logo)
urlList = []
ports = default_ports
args = parse_args()
maxthread = default_thread
if args.proxy:
proxy = args.proxy.split(':')
proxy[1] = int(proxy[1])
proxy = tuple(proxy)
proxies['http'] = args.proxy
if args.url:
urlList.append(args.url)
if args.ports:
ports = []
if ',' in args.ports:
tmp_p = args.ports.split(',')
for p in tmp_p:
if '-' in p:
ports.extend([x for x in range(int(p.split('-')[0]), int(p.split('-')[1]) + 1)])
else:
ports.append(int(p))
elif '-' in args.ports:
ports = [x for x in range(int(args.ports.split('-')[0]), int(args.ports.split('-')[1]) + 1)]
else:
ports.append(int(args.ports))
if args.file:
try:
with open(args.file, 'r', encoding='utf-8') as u:
dataURL = u.readlines()
for i in dataURL:
urlList.append(i.strip())
if urlList == []: # 文件判空
print('\033[1;31m[-] 文件错误,请检查后再试!\033[0m')
except Exception as e:
print('\033[1;31m[-] 文件错误,请检查后再试!\033[0m')
if args.thread:
maxthread = args.thread
start = time.time()
for ip_url in urlList:
startMainThread(ip_url, ports, maxthread, proxy)
end = time.time()
print("\033[1;36m[*] 本次检测共消耗时间:{:.2f}s\033[0m".format(end - start))