• 欢迎访问挑战自我博客网站,安全研究,web渗透,推荐使用最新版火狐浏览器和Chrome浏览器访问本网站,欢迎加入挑战自我博客网站 网站主页

基于web的信息探测-Httpscan-1.3

httpscan 挑战自我 1250次浏览 已收录 0个评论

Httpscan Version:1.3

更新功能:增加对多线程处理中的中断响应,(ctrl+c)实现柔和退出

 

Httpscan Version:1.2

更新功能:增加https页面的访问功能,原来的版本https页面访问从日志信息中发现一直报错

 

Httpscan Version:1.1

更新功能:增添日志输出功能,输出到程序目录的httpscan_log.txt文件中

 

Httpscan Version:1.0

申明:代码并非我原创,是网上综合改造的

功能:基于web的信息探测,支持从文件读取目标(IP或域名),支持IP地址探测,IP地址支持CIDR,文件中的目标不加http(s)://,程序会自动添加

演示

python xxx.py -f file.txt -t 20

python xxx.py 1.1.1.0/24 -t 20

 

 

To Do

有什么需求可以提交,我会着手改造!

1、https页面的访问问题,目前有些问题,其实就是证书相关的东西;(V-1.2版本已经解决)

2、增添对于访问目标后302跳转页面的输出以及日志记录功能;

3、添加对多线程处理中的中断响应(ctrl+c);(V-1.3版本已经解决)

4、添加域名解析、旁站解析、C段旁站解析;

 

QA

1、错误’ValueError: IP(‘1.1.1.1/24’) has invalid prefix length (24)’的解决办法

这个是由于IP地址的CIDR格式引起的,根据IPy的库规定,第一位必须是所在IP段的网络号,正确的写法如下:

1.1.1.0/24 : 1.1.1.0~1.1.1.255

1.1.1.128/25 : 1.1.1.128~1.1.1.255

1.1.1.64/26 : 1.1.1.64~1.1.1.127

1.1.1.32/27 : 1.1.1.32~1.1.1.63

1.1.1.16/28 : 1.1.1.16~1.1.1.31

#!/usr/bin/env python
#coding:utf-8
#Author: linxi0428
#Version: 1.3

import re
import sys
import Queue
import logging
import threading
import optparse
import requests
import ssl
import signal
from IPy import IP
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager

printLock = threading.Semaphore(1)    #lock Screen print
TimeOut = 5    #request timeout

logging.basicConfig(
    level=logging.DEBUG,
    format="[%(asctime)s] %(levelname)s: %(message)s",
    filename = 'httpscan_log.txt',
    filemode = 'w')

#User-Agent
header = {'User-Agent' : 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36','Connection':'close'}

class Ssl3HttpAdapter(HTTPAdapter):#Transport adapter" that allows us to use SSLv3
    def init_poolmanager(self, connections, maxsize, block=False):
        self.poolmanager = PoolManager(num_pools=connections,
                                       maxsize=maxsize,
                                       block=block,
                                       ssl_version=ssl.PROTOCOL_SSLv3)

class scan():
    def __init__(self,cidr,threads_num,file_source):
        self.threads_num = threads_num
        self.IPs = Queue.Queue()#build ip queue
        if file_source == None:
            self.cidr = IP(cidr)
            for ip in self.cidr:
                ip = str(ip)
                self.IPs.put("http://" + ip)
                self.IPs.put("https://" + ip)
        else:
            self.file_source = file_source
            file_ip = open(self.file_source,"r")
            for line in file_ip:
                self.IPs.put("http://" + line)
                self.IPs.put("https://" + line)
            file_ip.close()

    def request(self):
        with threading.Lock():
            while self.IPs.qsize() > 0:
                ip = self.IPs.get()
                try:
                    s = requests.Session()
                    s.mount('https://', Ssl3HttpAdapter())#Mount All Https to ssl.PROTOCOL_SSLV3
                    r = s.get(str(ip.strip()),headers=header,timeout=TimeOut)
                    status = r.status_code
                    title = re.search(r'(.*)', r.text) #get the title
                    if title:
                        title = title.group(1).strip().strip("\r").strip("\n")[:30]
                    else:
                        title = "None"
                    banner = ''
                    try:
                        banner += r.headers['Server'][:20] #get the server banner
                        printLock.acquire()
                        print "|%-33s|%-6s|%-14s|%-20s|" % (ip.strip(),status,banner,title)
                        print "+---------------------------------+------+--------------+--------------------+"
                    except:
                        printLock.acquire()
                        print "|%-33s|%-6s|%-14s|%-20s|" % (ip.strip(),status,banner,title)
                        print "+---------------------------------+------+--------------+--------------------+"
                except:
                    pass
                finally:
                    printLock.release()
    
    def run(self):#Multi thread
        signal.signal(signal.SIGINT, quit)
        signal.signal(signal.SIGTERM, quit)
        for i in range(self.threads_num):
            t = threading.Thread(target=self.request)
            t.setDaemon(True)
            t.start()
        while True:
            if not t.isAlive():
                break

def help():
    print "Example:"
    print "  python "+sys.argv[0]+" -f file.txt -t 20"
    print "  python "+sys.argv[0]+" 1.1.1.0/24 -t 20"

def print_head():
    print "+---------------------------------+------+--------------+--------------------+"
    print "|            IP                   |Status|     Server   |         Title      |"
    print "+---------------------------------+------+--------------+--------------------+"

def quit(signum, frame):#Judge Child Thread's Statue(Exit or Not)!
    print '\nYou choose to stop me!!'
    sys.exit()

if __name__ == "__main__":
    parser = optparse.OptionParser("Usage: %prog [target or file] [options] ")
    parser.add_option("-t", "--thread", dest = "threads_num",
        default = 20, help = "number of theads,default=20")
    parser.add_option("-f", "--file", dest = "file_source",
        help = "source of file,default=file.txt")
    (options, args) = parser.parse_args()

    if options.file_source == None:
        if len(args) < 1:
            parser.print_help()
            help()
            sys.exit(0)
        else:
            print_head()
            s = scan(cidr=args[0],threads_num=options.threads_num,file_source=None)
            s.run()
    else:
        print_head()
        s = scan(cidr=None,threads_num=options.threads_num,file_source=options.file_source)
        s.run()

挑战自我博客, 版权所有丨如未注明 , 均为原创丨本网站采用BY-NC-SA协议进行授权 , 转载请注明基于web的信息探测-Httpscan-1.3
喜欢 (5)
支付宝[]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址