Python3漏洞扫描工具 ( Python3 插件式框架 )

目录

• Python3 漏洞检测工具 -- lance
  • screenshot
  • requirements
  • 关键代码
  • usage
  • documents
    • README
    • Guide
    • Change Log
    • TODO list
  • Any advice or sugggestions
  • 目录结构

Python3 漏洞检测工具 -- lance

lance, a simple version of the vulnerability detection framework based on Python3.

基于Python3的简单版漏洞检测框架 -- lance

可以自定义poc或exp插件，可以 指定 要加载的poc或exp。

再次添加了logging模块来控制输出，同时也支持Linux平台的彩色输出提示。

代码已经上传到Github : https://github.com/b4zinga/lance

screenshot

requirements

python

关键代码

def loadPlugin(url, poc=None):
    """load all plugins.
    """
    if "://" not in url:
        url = "http://" + url
    url = url.strip("/")
    logger.info("Target url: %s" % url)

    plugin_path = os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))),"plugins")
    if not os.path.isdir(plugin_path):
        logger.warning("%s is not a directory! " % plugin_path)
        raise EnvironmentError
    logger.info("Plugin path: %s " % plugin_path)
    
    items = os.listdir(plugin_path)
    if poc:
        logger.infxito("Loading %s plugins." % poc)
    else:
        poc=""
    for item in items:
        if item.endswith(".py") and not item.startswith('__'):
            plugin_name = item[:-3]
            if poc in plugin_name:
                logger.info("Loading plugin: %s" % plugin_name)

                module = importlib.import_module("plugins." + plugin_name)

                try:
                    result = module.run(url)
                    if result:
                        logger.success(result)
                    else:
                        logger.error("Not Vulnerable %s " % plugin_name)
                except:
                    logger.warning("ConnectionError ")
            else:
                continue

    logger.info("Finished")

usage

please run python3 lance.py -h for help.

root@kali:~/lance# python3 lance.py 
usage: python lance.py

lance. By b4zinga@outlook.com

optional arguments:
  -h, --help  show this help message and exit

Target:
  -u URL      target url.

Module:
  -m module   poc or exp to be loaded. defaul is all.

documents

README

说明文档 : https://github.com/b4zinga/lance/blob/master/README.md

Guide

Guide : https://github.com/b4zinga/lance/blob/master/docs/Guide.md

Change Log

ChangeLog : https://github.com/b4zinga/lance/blob/master/docs/ChangeLog.md

 2018/07/20

- 添加logging模块，支持日志

- 添加彩色输出（目前支持Linux下Py3，Win下的Py3暂不支持颜色）


 2018/07/18

- 程序基本功能实现, 可以运行

- 可以实现`-u URL`指定URl, `-m plugin`指定只加载含有"plugin"关键字的插件, 如"weblogic"

TODO list

TODOList : https://github.com/b4zinga/lance/blob/master/docs/TODOList.md

• [] 添加多线程

• [x] 终端颜色区分结果

• [x] 添加日志

• [] more...

Any advice or sugggestions

Please mail to b4zinga@outlook.com

if you have poc or exp , mail me.

目录结构

lance
│  lance.py
│  README.md
│
├─docs
│      ChangeLog.md
│      Guide.md
│      screenshot1.png
│      screenshot2.png
│      TODOList.md
│
├─lib
│      ansistrm.py
│      cli.py
│      cmdline.py
│      convert.py
│      data.py
│      loader.py
│      log.py
│      __init__.py
│
└─plugins
        activemq_movefile.py
        activemq_putfile.py
        activemq_weakpwd.py
        discuz_faqsql.py
        elasticSearch_dir_traversal.py
        elasticSearch_dir_traversal2.py
        elasticSearch_remote_code_exec.py
        elasticSearch_remote_code_exec2.py
        redis_unauth.py
        struts2_053.py
        weblogic_ssrf.py
        weblogic_weakpasswd.py
        weblogic_xmldecoder.py
        __init__.py

代码已经上传到Github : https://github.com/b4zinga/lance