-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathpppXray.py
137 lines (122 loc) · 4.75 KB
/
pppXray.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
import hashlib
import re
import time
import os
import click
import config
@click.command()
@click.option('-r', '--readfile',default='target.txt',help='xray批量扫描读取文件名,按行读取',type=str)
@click.option('--plugins',help='自定义xray插件 plugins')
def init(readfile,plugins):
"""pppXray : xray 批量扫描\n
https://github.com/Cl0udG0d/pppXray
"""
try:
if not os.path.exists(config.saveDir):
os.makedirs(config.saveDir)
config.targetFileName=readfile
if plugins:
config.plugins=plugins
click.echo("读取文件 {} ".format(readfile))
except Exception as e:
print(e)
pass
def advancedMergeReport(tempTypeResult,bugTypeSet):
pattern2 = re.compile(r'"plugin":"(.*?)"')
tempType = pattern2.findall(tempTypeResult)[0]
path = os.path.join(config.saveDir, tempType)
context = ""
if tempType not in bugTypeSet:
bugTypeSet.add(tempType)
os.makedirs(path)
with open("{}\\advancedModelFile.html".format(config.RootPath), 'r', encoding='utf-8') as f:
context += f.read()
result = "<script class=\'web-vulns\'>webVulns.push({})</script>".format(tempTypeResult)
context += result
with open("{}\\{}.html".format(path, tempType), 'w', encoding='utf-8') as f:
f.write(context)
else:
result = "<script class=\'web-vulns\'>webVulns.push({})</script>".format(tempTypeResult)
context += result
with open("{}\\{}.html".format(path, tempType), 'a+', encoding='utf-8') as f:
f.write(context)
def communityMergeReport(tempTypeResult,bugTypeSet):
pattern2 = re.compile(r'"plugin":"(.*?)"')
tempType = pattern2.findall(tempTypeResult)[0]
path = os.path.join(config.saveDir, tempType)
context = ""
if tempType not in bugTypeSet:
bugTypeSet.add(tempType)
os.makedirs(path)
with open("{}\\communityModelFile.html".format(config.RootPath), 'r', encoding='utf-8') as f:
context += f.read()
result = "<script class=\'web-vulns\'>webVulns.push({})</script>".format(tempTypeResult)
context += result
with open("{}\\{}.html".format(path, tempType), 'w', encoding='utf-8') as f:
f.write(context)
else:
result = "<script class=\'web-vulns\'>webVulns.push({})</script>".format(tempTypeResult)
context += result
with open("{}\\{}.html".format(path, tempType), 'a+', encoding='utf-8') as f:
f.write(context)
return
def assortReport():
'''
对 save 文件夹下的漏洞文件进行分类
依托 "plugin"
:return:
'''
bugTypeSet=set()
bugReportList=os.listdir(config.saveDir)
pattern = re.compile(r'<script class=\'web-vulns\'>webVulns.push\((.*?)\)</script>')
# pattern2 = re.compile(r'"plugin":"(.*?)"')
for tempReport in bugReportList:
tempReportPath=os.path.join(config.saveDir,tempReport)
with open(tempReportPath,'r',encoding='utf-8') as f:
temp=f.read()
result=pattern.findall(temp)
tempResult = eval(result[0])
if 'snapshot' in tempResult["detail"]:
for tempTypeResult in result:
communityMergeReport(tempTypeResult, bugTypeSet)
else:
for tempTypeResult in result:
advancedMergeReport(tempTypeResult, bugTypeSet)
def xrayScan(targeturl,outputfilename="test"):
scanCommand = "xray.exe webscan {} --basic-crawler {} --html-output {}\\{}.html".format('--plugins {}'.format(config.plugins) if config.plugins else '',targeturl, config.saveDir,
outputfilename)
print(scanCommand)
os.system(scanCommand)
return
def pppGet():
f = open(config.targetFileName)
lines = f.readlines()
pattern = re.compile(r'^http')
for line in lines:
try:
if not pattern.match(line.strip()):
targeturl="https://"+line.strip()
else:
targeturl=line.strip()
print(targeturl.strip())
outputfilename=hashlib.md5(targeturl.encode("utf-8"))
xrayScan(targeturl.strip(), outputfilename.hexdigest())
# print(type(line))
except Exception as e:
print(e)
pass
f.close()
print("Xray Scan End~")
return
def main():
try:
print(config.logo())
init.main(standalone_mode=False)
pppGet()
assortReport()
except Exception as e:
print(e)
pass
return
if __name__ == '__main__':
main()