moved the run attacks function to the settings file

This commit is contained in:
ekultek 2017-11-09 08:26:29 -06:00
parent 0151d26449
commit d258803efc
2 changed files with 119 additions and 119 deletions

View file

@ -28,8 +28,17 @@ from lxml import etree
import bin.unzip_gecko
import lib.core.errors
from lib.attacks.admin_panel_finder import main
from lib.attacks.xss_scan import main_xss
from lib.attacks.whois_lookup.whois import whois_lookup_main
from lib.attacks.clickjacking_scan import clickjacking_main
from lib.attacks.sqlmap_scan.sqlmap_opts import SQLMAP_API_OPTIONS
from lib.attacks.nmap_scan.nmap_opts import NMAP_API_OPTS
from lib.attacks import (
nmap_scan,
sqlmap_scan,
intel_me
)
try:
raw_input # Python 2
@ -44,7 +53,7 @@ PATCH_ID = str(subprocess.check_output(["git", "rev-parse", "origin/master"]))[:
CLONE = "https://github.com/ekultek/zeus-scanner.git"
# current version <major.minor.commit.patch ID>
VERSION = "1.1.24".format(PATCH_ID)
VERSION = "1.1.25".format(PATCH_ID)
# colors to output depending on the version
VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30}
@ -509,7 +518,7 @@ def write_to_log_file(data_to_write, path, filename):
log.write(etree.tostring(data_to_write, pretty_print=True))
except TypeError:
return write_to_log_file(data_to_write, path, new_filename)
elif amount > 0:
elif amount > 0 and "url-log" not in filename:
return write_to_log_file(data_to_write, path, new_filename)
else:
if isinstance(data_to_write, list):
@ -804,3 +813,104 @@ def deprecation(target_version, function, *args, **kwargs):
)
)
return function(args, kwargs)
def run_attacks(url, **kwargs):
"""
run the attacks if any are requested
"""
nmap = kwargs.get("nmap", False)
sqlmap = kwargs.get("sqlmap", False)
intel = kwargs.get("intel", False)
xss = kwargs.get("xss", False)
admin = kwargs.get("admin", False)
verbose = kwargs.get("verbose", False)
whois = kwargs.get("whois", False)
clickjacking = kwargs.get("clickjacking", False)
auto_start = kwargs.get("auto_start", False)
sqlmap_arguments = kwargs.get("sqlmap_args", None)
nmap_arguments = kwargs.get("nmap_args", None)
run_ip_address = kwargs.get("run_ip", False)
show_all = kwargs.get("show_all", False)
do_threading = kwargs.get("do_threading", False)
batch = kwargs.get("batch", False)
tamper_script = kwargs.get("tamper_script", None)
timeout = kwargs.get("timeout", None)
forwarded = kwargs.get("xforward", None)
proxy = kwargs.get("proxy", None)
agent = kwargs.get("agent", None)
__enabled_attacks = {
"sqlmap": sqlmap,
"port": nmap,
"xss": xss,
"admin": admin,
"intel": intel,
"whois": whois,
"clickjacking": clickjacking
}
enabled = set()
for key in __enabled_attacks.keys():
if __enabled_attacks[key] is True:
enabled.add(key)
if len(enabled) > 1:
logger.error(set_color(
"it appears that you have enabled multiple attack types, "
"as of now only 1 attack is supported at a time, choose "
"your attack and try again. You can use the -f flag if "
"you do not want to complete an entire search again "
"(IE -f /home/me/zeus-scanner/log/url-log/url-log-1.log)...", level=40
))
shutdown()
if not batch:
question = prompt(
"would you like to process found URL: '{}'".format(url), opts=["y", "N"]
)
else:
question = "y"
if question.lower().startswith("y"):
if sqlmap:
return sqlmap_scan.sqlmap_scan_main(
url.strip(), verbose=verbose,
opts=create_arguments(sqlmap=True, sqlmap_args=sqlmap_arguments), auto_start=auto_start)
elif nmap:
url_ip_address = replace_http(url.strip())
return nmap_scan.perform_port_scan(
url_ip_address, verbose=verbose,
opts=create_arguments(nmap=True, nmap_args=nmap_arguments)
)
elif intel:
url = get_true_url(url)
return deprecation(
"1.2", intel_me.main_intel_amt, url,
verbose=verbose, proxy=proxy,
do_ip=run_ip_address
)
elif admin:
main(
url, show=show_all,
verbose=verbose, do_threading=do_threading, batch=batch
)
elif xss:
if check_for_protection(PROTECTED, "xss"):
main_xss(
url, verbose=verbose, proxy=proxy,
agent=agent, tamper=tamper_script, batch=batch
)
elif whois:
whois_lookup_main(
url, verbose=verbose, timeout=timeout
)
elif clickjacking:
if check_for_protection(PROTECTED, "clickjacking"):
clickjacking_main(url, agent=agent, proxy=proxy,
forward=forwarded, batch=batch)
else:
pass
else:
logger.warning(set_color(
"skipping '{}'...".format(url), level=30
))

124
zeus.py
View file

@ -15,22 +15,13 @@ from var import blackwidow
from var.google_search import search
from var.auto_issue.github import request_issue_creation
from lib.header_check import main_header_check
from lib.attacks.admin_panel_finder import main
from lib.attacks.xss_scan import main_xss
from lib.attacks.nmap_scan.nmap_opts import NMAP_API_OPTS
from lib.attacks.sqlmap_scan.sqlmap_opts import SQLMAP_API_OPTIONS
from lib.attacks.whois_lookup.whois import whois_lookup_main
from lib.attacks.clickjacking_scan import clickjacking_main
from lib.core.errors import (
InvalidInputProvided,
InvalidProxyType
)
from lib.attacks import (
nmap_scan,
sqlmap_scan,
intel_me
)
from lib.core.settings import (
setup,
BANNER,
@ -41,7 +32,6 @@ from lib.core.settings import (
get_latest_log_file,
CURRENT_LOG_FILE_PATH,
URL_LOG_PATH,
replace_http,
prompt,
get_random_dork,
update_zeus,
@ -49,16 +39,12 @@ from lib.core.settings import (
URL_REGEX, URL_QUERY_REGEX,
NMAP_MAN_PAGE_URL,
SQLMAP_MAN_PAGE_URL,
get_true_url,
fix_log_file,
SPIDER_LOG_PATH,
config_headers,
config_search_engine,
find_running_opts,
create_arguments,
PROTECTED,
check_for_protection,
deprecation
run_attacks,
)
@ -259,106 +245,6 @@ if __name__ == "__main__":
))
http_client.HTTPConnection.debuglevel = 1
def __choose_attack(choice, attacks):
while True:
if int(choice) in range(len(attacks)):
return int(choice)
else:
logger.warning(set_color(
"{} is not a valid choice...".format(choice)
))
def __run_attacks(url, **kwargs):
"""
run the attacks if any are requested
"""
nmap = kwargs.get("nmap", False)
sqlmap = kwargs.get("sqlmap", False)
intel = kwargs.get("intel", False)
xss = kwargs.get("xss", False)
admin = kwargs.get("admin", False)
verbose = kwargs.get("verbose", False)
whois = kwargs.get("whois", False)
clickjacking = kwargs.get("clickjacking", False)
batch = kwargs.get("batch", False)
auto_start = kwargs.get("auto_start", False)
__enabled_attacks = {
"sqlmap": opt.runSqliScan,
"port": opt.runPortScan,
"xss": opt.runXssScan,
"admin": opt.adminPanelFinder,
"intel": opt.intelCheck,
"whois": opt.performWhoisLookup,
"clickjacking": opt.performClickjackingScan
}
enabled = set()
for key in __enabled_attacks.keys():
if __enabled_attacks[key] is True:
enabled.add(key)
if len(enabled) > 1:
logger.error(set_color(
"it appears that you have enabled multiple attack types, "
"as of now only 1 attack is supported at a time, choose "
"your attack and try again. You can use the -f flag if "
"you do not want to complete an entire search again "
"(IE -f /home/me/zeus-scanner/log/url-log/url-log-1.log)...", level=40
))
shutdown()
if not batch:
question = prompt(
"would you like to process found URL: '{}'".format(url), opts=["y", "N"]
)
else:
question = "y"
if question.lower().startswith("y"):
if sqlmap:
return sqlmap_scan.sqlmap_scan_main(
url.strip(), verbose=verbose,
opts=create_arguments(sqlmap=True, sqlmap_args=opt.sqlmapArguments), auto_start=auto_start)
elif nmap:
url_ip_address = replace_http(url.strip())
return nmap_scan.perform_port_scan(
url_ip_address, verbose=verbose,
opts=create_arguments(nmap=True, nmap_args=opt.nmapArguments)
)
elif intel:
url = get_true_url(url)
return deprecation(
"1.2", intel_me.main_intel_amt, url,
verbose=opt.runInVerbose, proxy=proxy_to_use,
do_ip=opt.runAgainstIpAddress
)
elif admin:
main(
url, show=opt.showAllConnections,
verbose=verbose, do_threading=opt.threadPanels, batch=opt.runInBatch
)
elif xss:
if check_for_protection(PROTECTED, "xss"):
main_xss(
url, verbose=verbose, proxy=proxy_to_use,
agent=agent_to_use, tamper=opt.tamperXssPayloads, batch=opt.runInBatch
)
elif whois:
whois_lookup_main(
url, verbose=opt.runInVerbose, timeout=opt.controlTimeout
)
elif clickjacking:
if check_for_protection(PROTECTED, "clickjacking"):
clickjacking_main(url, agent=agent_to_use, proxy=proxy_to_use,
forward=opt.forwardedForRandomIP, batch=opt.runInBatch)
else:
pass
else:
logger.warning(set_color(
"skipping '{}'...".format(url), level=30
))
def __run_attacks_main():
"""
@ -401,14 +287,18 @@ if __name__ == "__main__":
url, verbose=opt.runInVerbose, agent=agent_to_use,
proxy=proxy_to_use, xforward=opt.forwardedForRandomIP
)
__run_attacks(
run_attacks(
url.strip(),
sqlmap=opt.runSqliScan, nmap=opt.runPortScan,
intel=opt.intelCheck, xss=opt.runXssScan,
whois=opt.performWhoisLookup, admin=opt.adminPanelFinder,
clickjacking=opt.performClickjackingScan,
verbose=opt.runInVerbose, batch=opt.runInBatch,
auto_start=opt.autoStartSqlmap
auto_start=opt.autoStartSqlmap, xforward=opt.forwardedForRandomIP,
sqlmap_args=opt.sqlmapArguments, nmap_args=opt.nmapArguments,
run_ip=opt.runAgainstIpAddress, show_all=opt.showAllConnections,
do_threading=opt.threadPanels, tamper_script=opt.tamperXssPayloads,
timeout=opt.controlTimeout, proxy=proxy_to_use, agent=agent_to_use
)