Awvs11批量添加、批量删除脚本多线程版(多线程学习)

前言

声明:该脚本的作者是jamesj老哥于 2017-5-24 12:03在吾爱上发布的,我拿到脚本后用了一段时间,觉得有些问题,趁着学习python的这段时间,修改下源码练练手。

正文

有的时候当拿到单位给的大量网站进行漏扫(已授权)但又没买专业扫描器时,人工检测效率太低,就只能靠着网上的免(po)费(jie)扫描器混吃等死。。。

改动如下:

1.多线程添加扫描任务
2.删除原程序不常用的功能(删除所有扫描任务、查看已存在任务)
3.多线程删除已添加任务(由于awvs每次只返回100个任务,原代码每次只能删出一百条,需要重复输入)

附上代码:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
# -*- coding:utf-8 -*-
import urllib2
import ssl
import json
import time
import threading
thread_max = 20 # 程序线程
threads = []
del_int = 10 #循环删除次数
URL_FILE = 'url.txt'#要扫描的url列表(不加http://)
'''
----------改动---------
1.多线程添加扫描任务
2.删除原程序不常用的功能(删除所有扫描任务、查看已存在任务)
3.多线程删除已添加任务(由于awvs每次只返回100个任务,原代码每次只能删出一百条,需要重复输入)
----------改动---------
'''
#The second revision comes from GuoKer
__author = "jamesj"
# localhost:3443全部替换为awvs所在的服务器及端口
username = 'guokers@gov.cn'
# 账号邮箱
pw = 'a50ce9f2d32efac35d30e962bd6e08899e3f0aece837b0198ac55b86fd85e199'
# sha256加密后的密码。
try:
_create_unverified_https_context = ssl._create_unverified_context
except AttributeError:
pass
else:
ssl._create_default_https_context = _create_unverified_https_context

url_login = "https://localhost:3443/api/v1/me/login"
send_headers_login = {
'Host': 'localhost:3443',
'Accept': 'application/json, text/plain, */*',
'Accept-Language': 'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3',
'Accept-Encoding': 'gzip, deflate, br',
'Content-Type': 'application/json;charset=utf-8'
}

data_login = '{"email":"' + username + '","password":"' + pw + '","remember_me":false}'

req_login = urllib2.Request(url_login, headers=send_headers_login)
response_login = urllib2.urlopen(req_login, data_login)
xauth = response_login.headers['X-Auth']
COOOOOOOOkie = response_login.headers['Set-Cookie']
#print"当前验证信息如下\r\n cookie : %r \r\n X-Auth : %r " % (COOOOOOOOkie, xauth)
send_headers2 = {
'Host': 'localhost:3443',
'Accept': 'application/json, text/plain, */*',
'Accept-Language': 'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3',
'Content-Type': 'application/json;charset=utf-8',
'X-Auth': xauth,
'Cookie': COOOOOOOOkie
}
# 以上代码实现登录(获取cookie)和校验值
#-------------------------------------------------------------------------
url = "https://localhost:3443/api/v1/targets"
def add_exec_scan(url_txt):
target_url = 'http://' + url_txt
data = '{"description":"222","address":"' + target_url + '","criticality":"10"}'
# data = urllib.urlencode(data)由于使用json格式所以不用添加
req = urllib2.Request(url, headers=send_headers2)
response = urllib2.urlopen(req, data)
jo = json.loads(response.read())
target_id = jo['target_id'] # 获取添加后的任务ID
# 以上代码实现批量添加

url_scan = "https://localhost:3443/api/v1/scans"
headers_scan = {
'Host': 'localhost:3443',
'Accept': 'application/json, text/plain, */*',
'Accept-Language': 'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3',
'Accept-Encoding': 'gzip, deflate, br',
'Content-Type': 'application/json;charset=utf-8',
'X-Auth': xauth,
'Cookie': COOOOOOOOkie,
}
data_scan = '{"target_id":' + '\"' + target_id + '\"' + ',"profile_id":"11111111-1111-1111-1111-111111111111","schedule":{"disable":false,"start_date":null,"time_sensitive":false},"ui_session_id":"66666666666666666666666666666666"}'
req_scan = urllib2.Request(url_scan, headers=headers_scan)
response_scan = urllib2.urlopen(req_scan,str(data_scan))
print target_url + "添加成功!"
threads.pop(0)#线程序结束标志


def count():
url_count = "https://localhost:3443/api/v1/notifications/count"
req_count = urllib2.Request(url_count, headers=send_headers2)
response_count = urllib2.urlopen(req_count)
print"当前存在%r个通知!" % json.loads(response_count.read())['count']
print"-" * 20
# print"已存在以下任务"
url_info = "https://localhost:3443/api/v1/scans"
req_info = urllib2.Request(url_info, headers=send_headers2)
response_info = urllib2.urlopen(req_info)
all_info = json.loads(response_info.read())
num = 0
for website in all_info.get("scans"):
num += 1
# print
# website.get("target").get("address") + "\n target_id:" + website.get("scan_id")
print"共 %r个扫描任务(最多显示100个))" % num
# count()
# scan、target、notification!
def del_targets():
url_info = "https://localhost:3443/api/v1/targets"
req_info = urllib2.Request(url_info, headers=send_headers2)
response_info = urllib2.urlopen(req_info)
all_info = json.loads(response_info.read())
for website in all_info["targets"]:
while True:
if thread_max > len(threads):
threads.append(threading.Thread(target=del_tmp,args=(website,)).start())#启动子线程
break

# del_targets()
def del_tmp(website): #删除任务
if (website.get("description")) == "222":
try:
url_scan_del = "https://localhost:3443/api/v1/targets/" + str(website["target_id"])
req_del = urllib2.Request(url_scan_del, headers=send_headers2)
req_del.get_method = lambda: 'DELETE'
response_del = urllib2.urlopen(req_del)
print "ok!"
threads.pop(0)#线程序结束标志
except:
exit()

if __name__ == "__main__":
print "-" * 20
count()
print"""
1、添加扫描任务并执行请输入1
2、删除所有使用该脚本添加的任务请输入2
"""
choice = raw_input(">")
# print type(choice)

if choice == "1":
start_time = time.time()
for url_txt in open(URL_FILE,'r').read().split():
while True:
if thread_max > len(threads):
threads.append(threading.Thread(target=add_exec_scan,args=(url_txt,)).start())#启动线程
break
count()
all_time = time.time() - start_time
print '共用时',all_time
elif choice == "2":
for i in range(del_int):
del_targets()
count()
else:
print
"请重新运行并请输入1、2选择。"

- -

交个朋友
  • 版权声明: 本博客所有文章除特别声明外,著作权归作者所有。转载请注明出处!

吹吹牛吗?

微信