diff --git a/README.md b/README.md index 8520cd6..7b84718 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,36 @@ # pythonwebhack -用python 2.7实现的web框架建立的在线渗透平台 -web框架是flask 前端框架是amazeUI -需要支持 flask +> 用python 2.7实现的web框架建立的在线渗透平台 +> web框架是flask 前端框架是amazeUI -pip install flask -pip install requests +## 安装 +`pip install flask` -输入 python myweb.py 就可以运行了 +`pip install requests` -10.25更新 加入了社会工程学密码生成和whois查询 -10.21更新 加入了CMS在线识别 +`pip install MySQLdb ` + + +[usage]: python `myweb.py ` + +乌云数据库文件安装 链接: http://pan.baidu.com/s/1hrKYy8W 密码: yrrr + +## 更新 + +- 12.7 更新 加入乌云漏洞库忽略漏洞查询 +- 11.22 更新 集成了乌云漏洞查询 [搭建教程][3] +- 11.7 更新 加入了在线社工库 调用的接口~ +- 10.25 更新 加入了社会工程学密码生成和whois查询 +- 10.21 更新 加入了CMS在线识别 + + +## 学习教程 +每一步都记录了 [编写记录][1] + + + 用新浪云搭建了下 [http://systeminfo.applinzi.com/][2] + + + [1]: http://bbs.ichunqiu.com/forum.php?mod=collection&action=view&ctid=65 + [2]: http://systeminfo.applinzi.com/ + [3]: http://bbs.ichunqiu.com/forum.php?mod=viewthread&tid=15744&page=1&extra=#pid261144 diff --git a/myweb.py b/myweb.py index 5fecd63..6b4a0df 100644 --- a/myweb.py +++ b/myweb.py @@ -8,12 +8,20 @@ import cms import sys import whois +import skg + +import MySQLdb +import sys reload(sys) sys.setdefaultencoding('utf-8') -app = Flask(__name__) +app = Flask(__name__) +#连接数据库操作 +db = MySQLdb.connect("127.0.0.1","root","","pyhack",charset='utf8' ) +cursor = db.cursor() + @app.route('/',methods=["get","post"]) def index(): return render_template('ip.html') @@ -48,6 +56,7 @@ def webdna(): @app.route('/password',methods=["get","post"]) def password_build(): if request.method == 'POST': + from flask import make_response birthday = request.form.get("birthday","") fullname = request.form.get("fullname","") nickname = request.form.get("nickname","") @@ -62,7 +71,12 @@ def password_build(): keynumbers = request.form.get("keynumbers","") pwgen = PasswdGenerator(fullname=fullname,nickname=nickname,englishname=englishname,partnername=partnername,phone=phone,qq=qq,company=company,domain=domain,oldpasswd=oldpasswd,keywords=keywords,keynumbers=keynumbers,birthday=birthday) wordlist = pwgen.generate() - return render_template('password.html',data=wordlist,title="社工密码生成") + content = '\n'.join(wordlist) + #content = "long text" + response = make_response(content) + response.headers["Content-Disposition"] = "attachment; filename=pass.txt" + return response + #return render_template('password.html',data=wordlist,title="社工密码生成") else: return render_template('password.html',title="社工密码生成") @@ -76,5 +90,64 @@ def whoisa(): else: return render_template('whois.html',title="Whois查询") +#调用外部社工库进行查询 +@app.route('/pass',methods=["get","post"]) +def findpass(): + if request.method == 'POST': + info = request.form.get("search") + data = skg.findpass(info) + return render_template('skg.html',data=data,title="社工库查询") + else: + return render_template('skg.html',title="社工库查询") + +#集成wooyun漏洞平台 +@app.route('/wooyun',methods=["get","post"]) +@app.route('/wooyun/',methods=["get","post"]) +def wooyun(pages = 0): + searchword = request.args.get('key', '').strip() + log_id = request.args.get('id', '').strip() + data = {} + table = list() + if log_id: + # 使用execute方法执行SQL语句 + cursor.execute(MySQLdb.escape_string("SELECT * from emlog_blog where gid=%s"%log_id)) + # 使用 fetchone() 方法获取一条数据库。 + results = cursor.fetchone() + data["id"] = results[0] + data["text"] = results[2] + data["title"] = results[1] + if searchword: + sql = 'SELECT gid,title from emlog_blog where title like "%%%s%%"'%(searchword) + cursor.execute(sql) + #cursor.execute('SELECT * from emlog_blog limit 10') + results = cursor.fetchall() + + for rows in results: + tdata = {} + tdata["id"] = rows[0] + tdata["title"] = rows[1] + table.append(tdata) + return render_template("wooyun.html",title="乌云漏洞查询",data=data,table=table) + +#集成wooyun漏洞平台 -被忽略的漏洞 +@app.route('/wooyun1',methods=["get","post"]) +@app.route('/wooyun1/',methods=["get","post"]) +def wooyun1(pages=0): + if pages is None: + pages = 0 + if pages < 0: + pages = 0 + sql = 'SELECT gid,title from emlog_blog where content like "%%%s%%" limit %d,%d'%("无影响厂商忽略",pages*20,20) + print sql + cursor.execute(sql) + results = cursor.fetchall() + table = list() + for rows in results: + tdata = {} + tdata["id"] = rows[0] + tdata["title"] = rows[1] + table.append(tdata) + return render_template("wooyun.html",title="乌云忽略漏洞查询",table=table,next=pages+1,prev=pages-1) + if __name__ == '__main__': app.run(debug=True) diff --git a/skg.py b/skg.py new file mode 100644 index 0000000..b33013a --- /dev/null +++ b/skg.py @@ -0,0 +1,33 @@ +#!/usr/bin/env python +# coding=utf-8 + +""" +社工库调用 +""" + +import requests +import json + +def findpass(username): + payload = {'q':username} + headers = {"Accept":"application/json, text/javascript, */*; q=0.01", + "User-Agent":"Mozilla/5.0 (Windows NT 9.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36", + "Referer":"http://www.fangzhuangku.com/pwd"} + r = requests.post("http://www.fangzhuangku.com/function/pwdsearch.php",data = payload,headers=headers) + s = json.loads(r.text) + sdata = s["data"] + dict = list() + if len(sdata): + for key in sdata: + for key1 in sdata[key]: + ls_data = {'u':'','p':'','e':'','s':key} + if 'u' in key1.keys(): + ls_data["u"] = key1["u"] + if 'p' in key1.keys(): + ls_data["p"] = key1["p"] + if 'e' in key1.keys(): + ls_data["e"] = key1["e"] + dict.append(ls_data) + return dict +if __name__ == '__main__': + pass \ No newline at end of file diff --git a/templates/base.html b/templates/base.html index e9248b7..f770704 100644 --- a/templates/base.html +++ b/templates/base.html @@ -167,6 +167,16 @@

  • CMS识别
  • 密码生成
  • whois查询
    • +
  • 社工库
    • +
  • + + 漏洞bugs + + +
  • 开启全屏
    • diff --git a/templates/skg.html b/templates/skg.html new file mode 100644 index 0000000..aae89e2 --- /dev/null +++ b/templates/skg.html @@ -0,0 +1,58 @@ +{% extends "base.html" %} +{% block content %} +
    +
    +
    +

    社工库在线查询

    +
    +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    +
    +
    + +
    +
    +
    +
    + {% if data %} + + + + + + + + + + + {%for pass in data %} + + + + + + + {%endfor%} + +
    用户名密码邮箱来源
    {{pass.u}}{{pass.p}}{{pass.e}}{{pass.s}}
    + {% endif %} + + +
    +
    +
    +
    +
    + +
    +{% endblock %} diff --git a/templates/wooyun.html b/templates/wooyun.html new file mode 100644 index 0000000..76ce071 --- /dev/null +++ b/templates/wooyun.html @@ -0,0 +1,64 @@ +{% extends "base.html" %} +{% block content %} +
    +
    +
    +

    WooYun漏洞查询

    +
    +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    +
    +
    + +
    +
    +
    +
    + {% if table %} + + + + + + + + + + {% for foo in table %} + + + + + + {% endfor %} + +
    id标题查看
    {{foo.id}}{{foo.title}}查看
    + {% if next %} + + {% endif %} + {% endif %} + {% if data %} +

    {{data.title}}

    + {{data.text|safe}} + {% endif %} +
    +
    +
    +
    +
    + +
    +{% endblock %} \ No newline at end of file