|
| 1 | +# -*- coding:'utf-8' -*- |
| 2 | +#@欢迎加入即刻安全交流群:307283889 |
| 3 | +import os |
| 4 | +import time |
| 5 | +print('_!_!_!_!_!_!_!_!_!_!_!_!_!_') |
| 6 | +print( '!_!_!_!_!_!_!_!_!_!_!_!_!_!') |
| 7 | +print( ' !——!——!——!') |
| 8 | +print( '!!——!——!') |
| 9 | +print('1.进行一系列脚本扫描') |
| 10 | +print('2.进行DDOS') |
| 11 | +print('3.使用nmap 利用已知的漏洞入侵系统') |
| 12 | +print('4.使用nmap 探测目标机是否感染了病毒、开启了后门等信息') |
| 13 | +print('5.使用nmap 对系统进行安全检查') |
| 14 | +print('6.更新nmap脚本数据库') |
| 15 | +print('7.使用nmap检测MS-17-010') |
| 16 | +print('8.生成metasploit自动攻击模块要用的rc') |
| 17 | +print('9.安装nmap高级漏洞扫描模块') |
| 18 | +print('10.调用高级漏洞扫描模块') |
| 19 | +print('11.自己写的web信息收集器') |
| 20 | +print('12.使用metasploit自动攻击模块') |
| 21 | +gs=input('请输入你要执行的步骤:') |
| 22 | +def nmap(): |
| 23 | + try: |
| 24 | + g=input('目标IP:') |
| 25 | + print('[+]一般枚举') |
| 26 | + nmap1=os.system('nmap -vv -Pn -sC -sS -T4 -p {}'.format(g)) |
| 27 | + print(nmap1) |
| 28 | + print('====================================================') |
| 29 | + nmap2=os.system('nmap -v -sS -A -T4 {}'.format(g)) |
| 30 | + print(nmap2) |
| 31 | + print('====================================================') |
| 32 | + print('[*]Verbose,SYN Stealth,版本信息和针对服务的脚本。') |
| 33 | + nmap3=os.system('nmap -v -p 445 --script=smb-check-vulns --script-args=unsafe=1 {}'.format(g)) |
| 34 | + print(nmap3) |
| 35 | + print('====================================================') |
| 36 | + print('[*]进行信息挖掘') |
| 37 | + nmap4=os.system('nmap -sS --script discovery {}'.format(g)) |
| 38 | + print(nmap4) |
| 39 | + print('====================================================') |
| 40 | + print('[*]进行利用第三方的数据库或资源进行信息收集或者攻击') |
| 41 | + nmap5=os.system('nmap -sS --script external {}'.format(g)) |
| 42 | + print(nmap5) |
| 43 | + print('====================================================') |
| 44 | + print('[*]进行模糊测试,发送异常的包到目标机,探测出潜在漏洞 ') |
| 45 | + nmap6=os.system('nmap -sS --script fuzzer {}'.format(g)) |
| 46 | + print(nmap6) |
| 47 | + print('====================================================') |
| 48 | + print('[*]对目标机进行检查是否存在常见的漏洞') |
| 49 | + nmap7=os.system('nmap -sS --script vuln {}'.format(g)) |
| 50 | + print(nmap7) |
| 51 | + except: |
| 52 | + print('[-]出现了错误') |
| 53 | + exit() |
| 54 | + |
| 55 | +def ddos(): |
| 56 | + try: |
| 57 | + print('[*]进行拒绝服务攻击') |
| 58 | + g1=input('请输入目标IP:') |
| 59 | + nmap8=os.system('nmap --script dos {}'.format(g1)) |
| 60 | + print(nmap8) |
| 61 | + except: |
| 62 | + print('[-]出现了错误') |
| 63 | + exit() |
| 64 | +def exploit(): |
| 65 | + try: |
| 66 | + print('[*]利用已知的漏洞入侵系统') |
| 67 | + g2=input('请输入目标IP:') |
| 68 | + nmap9=os.system('nmap --script exploit {}'.format(g2)) |
| 69 | + print(nmap9) |
| 70 | + except: |
| 71 | + print('[-]出现了错误') |
| 72 | + exit() |
| 73 | +def malware(): |
| 74 | + try: |
| 75 | + print('[*]探测目标机是否感染了病毒、开启了后门等信息') |
| 76 | + g3=input('请输入目标IP:') |
| 77 | + nmap10=os.system('nmap --script malware {}'.format(g3)) |
| 78 | + print(nmap10) |
| 79 | + except: |
| 80 | + print('[-]出现了错误') |
| 81 | + exit() |
| 82 | +def safe(): |
| 83 | + try: |
| 84 | + print('[*]检测系统安全问题') |
| 85 | + g4=input('请输入目标IP:') |
| 86 | + nmap11=os.system('nmap --script safe {}'.format(g4)) |
| 87 | + print(nmap11) |
| 88 | + except: |
| 89 | + print('[-]出现了错误') |
| 90 | + exit() |
| 91 | +def update(): |
| 92 | + try: |
| 93 | + print('[*]更新脚本数据库') |
| 94 | + nmap12=os.system('nmap --script-update') |
| 95 | + print(nmap12) |
| 96 | + except: |
| 97 | + print('[-]出现了错误') |
| 98 | + exit() |
| 99 | +def ms17010(): |
| 100 | + try: |
| 101 | + print('[*]扫描MS17010的脚本') |
| 102 | + g5=input('请输入目标IP:') |
| 103 | + nmap13=os.system('nmap --script smb-vuln-ms17-010 {}'.format(g5)) |
| 104 | + print(nmap13) |
| 105 | + except: |
| 106 | + print('[-]出现了错误') |
| 107 | + exit() |
| 108 | +def scanner(): |
| 109 | + try: |
| 110 | + lid=input('请输入目标IP:') |
| 111 | + xc=input('请输入线程(最大不能超过10):') |
| 112 | + file=open('zdgj.rc','w') |
| 113 | + file.write('use auxiliary/scanner/portscan/tcp'+"\n") |
| 114 | + file.write('set RHOSTS {}'.format(lid)+"\n") |
| 115 | + file.write('set THREADS {}'.format(xc)+"\n") |
| 116 | + file.write('run'+"\n") |
| 117 | + except: |
| 118 | + print('[-]出现了错误') |
| 119 | + exit() |
| 120 | +def gjls(): |
| 121 | + try: |
| 122 | + print('[*]nmap安装高级漏洞扫描') |
| 123 | + print('[*]通过其程序Github或官网压缩包下载,解压后把其中的文件释放到以下Nmap文件夹内') |
| 124 | + print('[*]详细教程:http://www.tiaozhanziwo.com/archives/781.html') |
| 125 | + print('[*]详细教程2:http://www.52bug.cn/hacktool/3661.html') |
| 126 | + nmap14=os.system('git clone github:https://github.com/scipag/vulscan') |
| 127 | + print(nmap14) |
| 128 | + except: |
| 129 | + print('[-]出现了错误,请确认你安装了git') |
| 130 | +def gjldsm(): |
| 131 | + try: |
| 132 | + print('[*]执行高级漏洞扫描模块前请确认你安装了该模块') |
| 133 | + gs6=input('请输入目标IP:') |
| 134 | + nmap15=os.system('nmap -sS -sV --script=vulscan {}'.format(gs6)) |
| 135 | + print(nmap15) |
| 136 | + except: |
| 137 | + print('[-]出现了错误') |
| 138 | + exit() |
| 139 | +def chax(): |
| 140 | + print('[*]调用chaxw.py') |
| 141 | + import chaxw |
| 142 | +def msf(): |
| 143 | + metasploit = os.system('msfconsole -r /root/zdgj.rc') |
| 144 | + print(metasploit) |
| 145 | +if gs=='1': |
| 146 | + nmap() |
| 147 | +elif gs=='2': |
| 148 | + ddos() |
| 149 | +elif gs=='3': |
| 150 | + exploit() |
| 151 | +elif gs=='4': |
| 152 | + malware() |
| 153 | +elif gs=='5': |
| 154 | + safe() |
| 155 | +elif gs=='6': |
| 156 | + update() |
| 157 | +elif gs=='7': |
| 158 | + ms17010() |
| 159 | +elif gs=='8': |
| 160 | + scanner() |
| 161 | +elif gs=='9': |
| 162 | + gjls() |
| 163 | +elif gs=='10': |
| 164 | + gjldsm() |
| 165 | +elif gs=='11': |
| 166 | + chax() |
| 167 | +elif gs=='12': |
| 168 | + msf() |
0 commit comments