delete nmap modul

2019-01-17 21:46:02 +08:00
parent 6f7f94ac37
commit 2abc4e2068
9 changed files with 21 additions and 112 deletions
--- a/README.md
+++ b/README.md
@@ -1,48 +1,48 @@
 # vulnerability-list
 一个的漏洞检测工具。     
  
-  Tomcat：  
+  ## Tomcat：  
  CVE_2017_12615 / CVE_2017_12617  
  tomcat_weakpassword  
  example_vulnerability(检测tomcat的examples等目录是否存在)  
-  moon.py -u tomcat http://xx.xx.xx.xx:xxxx
+  > moon.py -u tomcat http://xx.xx.xx.xx:xxxx
  
-  Fckeditor:  
+  ## Fckeditor:  
  获取版本及常见上传页面检测  
  fck<=2.4版本上传直接上传asa文件getshell  
-  moon.py -u fck http://xx.xx.xx.xx/fckxx  
+  > moon.py -u fck http://xx.xx.xx.xx/fckxx  
  
-  Weblogic：  
+  ## Weblogic：  
  CVE_2017_10271 #利用方法参考：https://vulhub.org  
  weblogic_ssrf_cve-2014-4210  
  weblogic_weakpassword  
-  moon.py -u weblogic http://xx.xx.xx.xx:xxxx   
+  > moon.py -u weblogic http://xx.xx.xx.xx:xxxx   
  
-  IP归属查询：  
+  ## IP归属查询：  
  能简单查一下IP的归属地  
-  moon.py -u ip http://www.xxx.com  
+  > moon.py -u ip http://www.xxx.com  
  
-  IIS：  
+  ## IIS：  
  短文件名泄露 #来自 lijiejie/IIS_shortname_Scanner  
-  moon.py -u iis http://xx.xx.xx.xx  
+  > moon.py -u iis http://xx.xx.xx.xx  
  
-  Docker：  
+  ## Docker：  
  docker_daemon_api未授权访问  
-  moon.py -u docker http://xx.xx.xx.xx:xxxx  
+  > moon.py -u docker http://xx.xx.xx.xx:xxxx  
  
-  Redis： 
+  ## Redis： 
  redis未授权访问  
-  moon.py -u redis http://xx.xx.xx.xx:xxxx or moon.py -u redis xx.xx.xx.xx:xxxx  
+  > moon.py -u redis http://xx.xx.xx.xx:xxxx or moon.py -u redis xx.xx.xx.xx:xxxx  
  
-  Zabbix:  
+  ## Zabbix:  
  zabbix_sql_CVE_2016_10134      #有参考独自等待的脚本  
-  moon.py -u zabbix http://xx.xx.xx.xx:xxxx  
+  > moon.py -u zabbix http://xx.xx.xx.xx:xxxx  
  
-  Navigate:  
+  ## Navigate:  
  navigate_Unauthenticated_Remote_Code_Execution  #利用方法参考  https://www.exploit-db.com/exploits/45561/  
-  moon.py -u navigate http://xx.xx.xx.xx:xxxx  
+  > moon.py -u navigate http://xx.xx.xx.xx:xxxx  
  
-  Gatepass:  
+  ## Gatepass:  
  Gate Pass Management System 2.1 - 'login' SQL Injection      #参考  https://www.exploit-db.com/exploits/45766/  
-  moon.py -u gatepass http://xx.xx.xx.xx:xxxx
+  > moon.py -u gatepass http://xx.xx.xx.xx:xxxx
  
--- a/moon.py
+++ b/moon.py
@@ -12,7 +12,6 @@ import navigate_vuln.Main_navigate
 import gatepass_vuln.Main_gatepass
 import ipq.Main_ipq
 import spring_vuln.Main_spring
-import nmap_br.Main_nmap

 if __name__ == "__main__":

@@ -60,8 +59,7 @@ modul：ip ipq
            spring_vuln.Main_spring.exec(sys.argv[3])
        elif sys.argv[2] == 'ipq':
            ipq.Main_ipq.exec(sys.argv[3])
-        elif sys.argv[2] == 'nmap':
-            nmap_br.Main_nmap.exec(sys.argv[3],sys.argv[4])
+

        else:
            print('''
--- a/nmap_br/Main_nmap.py
+++ b/nmap_br/Main_nmap.py
@@ -1,15 +0,0 @@
-# -*- coding: utf-8 -*-
-import os
-import nmap_br.nmap_n
-
-
-def exec(IP,PORT):
-    try:
-        nmap_br.nmap_n.attack(IP,PORT)
-    except:
-        print('userage: moon.py -u nmap port IP     port,IP为nmap格式。端口可为空 ''')
-
-
-
-if __name__ == "__main__":
-    exec()
--- a/nmap_br/init.py
+++ b/nmap_br/init.py
@@ -1 +0,0 @@
-# -*- coding: utf-8 -*-
--- a/nmap_br/pycache/Main_nmap.cpython-37.pyc
+++ b/nmap_br/pycache/Main_nmap.cpython-37.pyc
--- a/nmap_br/pycache/init.cpython-37.pyc
+++ b/nmap_br/pycache/init.cpython-37.pyc
--- a/nmap_br/pycache/nmap_n.cpython-37.pyc
+++ b/nmap_br/pycache/nmap_n.cpython-37.pyc
--- a/nmap_br/nmap_n.py
+++ b/nmap_br/nmap_n.py
@@ -1,73 +0,0 @@
-# -*- coding:utf-8 -*-
-import re
-from bs4 import BeautifulSoup
-import xlwt
-import os
-
-#将 -sn 输出的存活主机整理出来   针对xml文件
-def adjust_result1(file):
-    f = open("Live_IP.txt", "w",encoding='utf-8')
-    fopen = open(file, "r")
-    line = fopen.readlines()
-    num = len(line)
-    x = 0
-    while x < num:
-        if 'state="up"' in line[x]:
-            print(re.findall('<address addr="(.*?)" addrtype="ipv4"/>',line[x+1].strip(),flags=0)[0])
-            f.write(re.findall('<address addr="(.*?)" addrtype="ipv4"/>',line[x+1].strip(),flags=0)[0]+'\n')
-        x = x + 1
-    f.close()
-    print('Total:'+str(len(open("Live_IP.txt", "r").readlines()))+'个IP。文件创建完成。')
-
-#存活主机测试-遗漏可能超过50%
-def attack1(IP):
-    os.system(f'nmap -v -sn -PE -n --min-hostgroup 1024 --min-parallelism 1024 {IP} -oX result_liveip.xml')
-    adjust_result('result.xml')
-
-#将普通扫描结果整理成IP对应端口的形式。  针对xml文件  
-def adjust_result(file):
-    workbook = xlwt.Workbook(encoding = 'utf-8') # 创建一个workbook 设置编码
-    worksheet = workbook.add_sheet('result') # 创建一个worksheet,sheet页名称
-    worksheet.write(0,0, label ='Sequence number')
-    worksheet.write(0,1, label ='IP:PORT')
-    worksheet.write(0,2, label ='Reason')
-    worksheet.write(0,3, label ='State')
-    worksheet.write(0,4, label ='Service')
-    w = 1
-    fopen = open(file, "r")
-    soup = BeautifulSoup(fopen,"lxml")
-    for x in range(0,len(soup.find_all('host'))):
-        if soup.find_all('host')[x].find_all('status')[0].attrs['state'] == 'up':
-            for y in range(0,len(soup.find_all('host')[x].find_all('port'))):
-                worksheet.write(w,0, label =w)
-                #获取IP及其对应的端口
-                IP_PORT = re.findall('<address addr="(.*?)"',str(soup.find_all('host')[x].find_all('address')[0]),flags=0)[0]+':'+re.findall('<port portid="(.*?)" protocol="tcp"><s',str(soup.find_all('host')[x].find_all('port')[y]),flags=0)[0]
-                # print(re.findall('<address addr="(.*?)"',str(soup.find_all('host')[x].find_all('address')[0]),flags=0)[0]+':'+re.findall('<port portid="(.*?)" protocol="tcp"><s',str(soup.find_all('host')[x].find_all('port')[y]),flags=0)[0])
-                worksheet.write(w,1, label =re.findall('<address addr="(.*?)"',str(soup.find_all('host')[x].find_all('address')[0]),flags=0)[0]+':'+re.findall('<port portid="(.*?)" protocol="tcp"><s',str(soup.find_all('host')[x].find_all('port')[y]),flags=0)[0])
-                #获取连接状态
-                reason = soup.find_all('host')[x].find_all('port')[y].find_all('state')[0].attrs['reason']
-                # print(soup.find_all('host')[x].find_all('port')[y].find_all('state')[0].attrs['reason']) 
-                worksheet.write(w,2, label =soup.find_all('host')[x].find_all('port')[y].find_all('state')[0].attrs['reason'])
-                #获取端口开放情况
-                state = soup.find_all('host')[x].find_all('port')[y].find_all('state')[0].attrs['state']
-                # print(soup.find_all('host')[x].find_all('port')[y].find_all('state')[0].attrs['state'])   
-                worksheet.write(w,3, label =soup.find_all('host')[x].find_all('port')[y].find_all('state')[0].attrs['state'])
-                #获取端口服务
-                service = soup.find_all('host')[x].find_all('port')[y].find_all('service')[0].attrs['name']
-                # print(soup.find_all('host')[x].find_all('port')[y].find_all('service')[0].attrs['name'])  
-                worksheet.write(w,4, label =soup.find_all('host')[x].find_all('port')[y].find_all('service')[0].attrs['name'])
-                print(IP_PORT,reason,state,service)
-                w = w +1
-    workbook.save('result.xls')
-    print('创建文件完成！端口文件在nmap_br目录下。')
-
-#主机端口扫描
-def attack(IP,PORT):
-    os.system(f'nmap -sS -n -Pn -T4 -v --min-hostgroup 1024 {PORT} --initial-rtt-timeout 5s --host-timeout 3600s {IP} -oX result_port.xml')
-    adjust_result('result_port.xml')
-    os.remove('result_port.xml')
-
-
-if __name__ == "__main__":
-    attack()
-    
--- a/nmap_br/result.xls
+++ b/nmap_br/result.xls