加入了社工库

boy-hack · boy-hack · commit 636310c7ec3c · 2016-11-07T12:23:19.000+08:00
diff --git a/myweb.py b/myweb.py
@@ -8,6 +8,8 @@
 import cms
 import sys
 import whois
+import skg
+
 reload(sys)
 sys.setdefaultencoding('utf-8')
 
@@ -76,5 +78,15 @@ def whoisa():
     else:
         return render_template('whois.html',title="Whois查询")
 
+#调用外部社工库进行查询
+@app.route('/pass',methods=["get","post"])
+def findpass():
+    if request.method == 'POST':
+        info = request.form.get("search")
+        data = skg.findpass(info)
+        return render_template('skg.html',data=data,title="社工库查询")
+    else:
+        return render_template('skg.html',title="社工库查询")
+
 if __name__ == '__main__':
     app.run(debug=True)
diff --git a/skg.py b/skg.py
@@ -0,0 +1,33 @@
+#!/usr/bin/env python
+# coding=utf-8
+
+"""
+社工库调用
+"""
+
+import requests
+import json
+
+def findpass(username):
+    payload = {'q':username}
+    headers = {"Accept":"application/json, text/javascript, */*; q=0.01",
+               "User-Agent":"Mozilla/5.0 (Windows NT 9.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36",
+               "Referer":"http://www.fangzhuangku.com/pwd"}
+    r = requests.post("http://www.fangzhuangku.com/function/pwdsearch.php",data = payload,headers=headers)
+    s = json.loads(r.text)
+    sdata = s["data"]
+    dict = list()
+    if len(sdata):
+        for key in sdata:
+            for key1 in sdata[key]:
+                ls_data = {'u':'','p':'','e':'','s':key}
+                if 'u' in key1.keys():
+                    ls_data["u"] = key1["u"]
+                if 'p' in key1.keys():
+                    ls_data["p"] = key1["p"]
+                if 'e' in key1.keys():
+                    ls_data["e"] = key1["e"]
+                dict.append(ls_data)
+    return dict
+if __name__ == '__main__':
+    pass
diff --git a/templates/base.html b/templates/base.html
@@ -167,6 +167,7 @@ <h1 class="am-topbar-brand">
 		 <li><a href="/webdna"><span class="am-icon-windows"></span> CMS识别</a></li>
           <li><a href="/password"><span class="am-icon-cube"></span> 密码生成</a></li>
           <li><a href="/whois"><span class="am-icon-cube"></span> whois查询</a></li>
+          <li><a href="/pass"><span class="am-icon-cube"></span> 社工库</a></li>
           <li><a href="javascript:;" id="admin-fullscreen"><span class="am-icon-arrows-alt"></span> <span class="admin-fullText">开启全屏</span></a></li>
 
      </ul>
diff --git a/templates/skg.html b/templates/skg.html
@@ -0,0 +1,58 @@
+{% extends "base.html" %}
+{% block content %}
+<div class="get">
+  <div class="am-g">
+    <div class="am-u-lg-12">
+      <h1 class="get-title">社工库在线查询</h1>
+    </div>
+	    <div class="am-form-group">
+          <form action="/pass" method="POST">
+	      <div class="am-u-sm-5 am-u-sm-offset-3">
+	      <input id='search1' type="text" name="search" minchecked="3" class="am-form-field am-round" placeholder="请输入要查询的 qq email"/>
+	      </div>
+		<div class="am-u-sm-1">
+	      <button id='search' type="submit" class="am-btn am-btn-primary">查询</button>
+	      </div>
+
+		  	  <div class="box">
+						</div></form>
+	    </div>
+  </div>
+</div>
+
+<div class="about">
+  <div class="am-g am-container">
+	<div class="am-g doc-am-g">
+    <div class="am-form-group">
+        {% if data %}
+<table class="am-table am-table-bordered am-table-radius">
+    <thead>
+        <tr>
+            <th>用户名</th>
+            <th>密码</th>
+            <th>邮箱</th>
+            <th>来源</th>
+        </tr>
+    </thead>
+    <tbody>
+        {%for pass in data %}
+        <tr>
+            <td>{{pass.u}}</td>
+            <td>{{pass.p}}</td>
+            <td>{{pass.e}}</td>
+            <td>{{pass.s}}</td>
+        </tr>
+        {%endfor%}
+    </tbody>
+</table>
+        {% endif %}
+
+
+	  	  <div class="box">
+					</div>
+    </div>
+    </div>
+    </div>
+
+    </div>
+{% endblock %}
