From Zoomeye to Bugscan, to Tangscan, large poc/exp platforms are becoming more and more, and various scanners are emerging. The threshold for web security is getting higher, and the infiltration of automation has become a trend. I have always dreamed that in the future, when infiltration, the first to open their own various automation tools, input targets, and then drink coffee, brush know, and finally only need to put the analysis of the tools to organize the report can be. In fact, now the scanner is also developing in this direction, looking forward to a key getshell that day.
This is the first article in this series, and we first talk about using Python for information gathering. Before I wrote a scan of C section, collect the website title and banners, detect the open port of the lightweight scanner, mainly for the C-segment rapid detection, quickly determine the target. Of course also can be used in the exploration of internal network equipment.
Title can be obtained directly by BeautifulSoup. In addition, after obtaining the response header, you can add a module, using the device fingerprint can identify some network cameras, routers or switches and other networking devices, which can be expanded as needed.
The way I use the detection port is to try to establish a connection directly using the socket:
1 defPort_scan (self, IP, p):2 ifP:3Sock =Socket.socket (socket.af_inet, socket. SOCK_STREAM)4n =05 forPortinchself.port_list:6 Try:7 sock.connect ((IP, port))8Mess1 ="[*][%s]%s:%s =====>> open!\n"%(CTime (), IP, port)9Self.set_color (Mess1, 0x0a)TenSock =Socket.socket (socket.af_inet, socket. SOCK_STREAM) Onen + = 1 A exceptSocket.error: - #Self.set_color ("[*][%s]%s:%s =====>> close!\n"% (CTime (), Ip,port), 0x01) - Pass
This tool is in the http://pan.baidu.com/share/init?shareid=3045207390&uk=2837989663 password: rzv0
Python Automation infiltration