Directory
- Python3 Vulnerability Detection Tool--lance
- Screenshot
- Requirements
- Key code
- Usage
- Documents
- Readme
- Guide
- Change Log
- TODO List
- Any advice or sugggestions
- Directory structure
Python3 Vulnerability Detection Tool--lance
Lance, a simple version of the vulnerability detection framework based on PYTHON3.
A simple version of vulnerability detection framework based on PYTHON3--Lance
You can customize the POC or exp plug-in to specify the POC or exp to be loaded.
The logging module is added again to control the output, and the color output hints of the Linux platform are also supported.
The code has been uploaded to Github:https://github.com/b4zinga/lance
Screenshot
Requirements
Python
Key code
def loadplugin (URL, poc=none): "" "Load all plugins. "" "If"://"not in Url:url ="/http "+ URL url = url.strip ("/") Logger.info (" Target URL:%s "% URL) Plugin_path = Os.path.join (Os.path.dirname (Os.path.dirname (Os.path.realpath)), "__file__") if not Os.path.isdir (Plugin_path): Logger.warning ("%s is not a directory!"% Plugin_path) raise EnvironmentError Logger.info ("Plugin path:%s"% plugin_path) items = Os.listdir (Plugin_path) if Poc:logger.infxito ("L Oading%s plugins. "% poc" else:poc= "" for item in Items:if item.endswith (". Py") and not Item.starts With (' __ '): Plugin_name = item[:-3] If POC in Plugin_name:logger.info ("Loading Plugi N:%s "% plugin_name) module = Importlib.import_module (" plugins. "+ plugin_name) Try: result = Module.run (URL) if result:logger.suCcess (Result) else:logger.error ("Not vulnerable%s"% plugin_name) Except:logger.warning ("Connectionerror") else:continue Logger.info ( "Finished")
Usage
Please run for help python3 lance.py -h
.
[email protected]:~/lance# python3 lance.py usage: python lance.pylance. By [email protected]optional arguments: -h, --help show this help message and exitTarget: -u URL target url.Module: -m module poc or exp to be loaded. defaul is all.
Documentsreadme
Description Document: HTTPS://GITHUB.COM/B4ZINGA/LANCE/BLOB/MASTER/README.MD
Guide
Guide:https://github.com/b4zinga/lance/blob/master/docs/guide.md
Change Log
Changelog:https://github.com/b4zinga/lance/blob/master/docs/changelog.md
2018/07/20- 添加logging模块,支持日志- 添加彩色输出(目前支持Linux下Py3,Win下的Py3暂不支持颜色) 2018/07/18- 程序基本功能实现, 可以运行- 可以实现`-u URL`指定URl, `-m plugin`指定只加载含有"plugin"关键字的插件, 如"weblogic"
TODO List
Todolist:https://github.com/b4zinga/lance/blob/master/docs/todolist.md
Any advice or sugggestions
please mail to [email protected]
If you have POC or exp, mail me.
Directory structure
lance│ lance.py│ README.md│├─docs│ ChangeLog.md│ Guide.md│ screenshot1.png│ screenshot2.png│ TODOList.md│├─lib│ ansistrm.py│ cli.py│ cmdline.py│ convert.py│ data.py│ loader.py│ log.py│ __init__.py│└─plugins activemq_movefile.py activemq_putfile.py activemq_weakpwd.py discuz_faqsql.py elasticSearch_dir_traversal.py elasticSearch_dir_traversal2.py elasticSearch_remote_code_exec.py elasticSearch_remote_code_exec2.py redis_unauth.py struts2_053.py weblogic_ssrf.py weblogic_weakpasswd.py weblogic_xmldecoder.py __init__.py
The code has been uploaded to Github:https://github.com/b4zinga/lance
Python3 Vulnerability Scanning Tool (PYTHON3 plug-in framework)