diff --git a/cli.py b/cli.py new file mode 100644 index 0000000..3675747 --- /dev/null +++ b/cli.py @@ -0,0 +1,189 @@ +import sys +import time +import os +import re +from common.colors import end,W,R,B,bannerblue2 +from common.banner import banner +from common.requestUp import random_UserAgent +from common.uriParser import parsing_url +from modules.wpExploits import( wp_wysija, + wp_blaze, + wp_catpro, + wp_cherry, + wp_dm, + wp_fromcraft, + wp_jobmanager, + wp_showbiz, + wp_synoptic, + wp_shop, + wp_powerzoomer, + wp_revslider, + wp_adsmanager, + wp_inboundiomarketing, + wp_levoslideshow, + wp_adblockblocker, + ) + +headers = { +'host' : 'google.com', +'User-Agent' : random_UserAgent(), +'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', +'Accept-Language': 'en-US,en;q=0.5', +'Connection': 'keep-alive',} + +history = [] + +variables = { + "URL":'', + "TIMEOUT":'', + "URL":'', + "COMMAND":'', + "FILE_PATH":'', + "USERNAME":'', + "PASSWORD":'' +} + +W_UL= "\033[4m" +RED_U='\033[1;1;91m' + + +vulnresults = set() # results of vulnerability exploits. [success or failed] +grabinfo = set() # return cms_detected the version , themes , plugins , user .. +subdomains = set() # return subdomains & ip. +hostinfo = set() # host info +data = [ vulnresults, grabinfo, subdomains , hostinfo] + +data_names = ['vulnresults', 'grabinfo', 'subdomains' , 'hostinfo'] + +data = { + 'vulnresults':list(vulnresults), + 'grabinfo':list(grabinfo), + 'subdomains':list(subdomains), +} + +class Cli(): + #banner_function + banner() + + def __runExploits(self,url,headers): + wp_wysija(url,headers,vulnresults) + wp_blaze(url,headers,vulnresults) + wp_catpro(url,headers,vulnresults) + wp_cherry(url,headers,vulnresults) + wp_dm(url,headers,vulnresults) + wp_fromcraft(url,headers,vulnresults) + wp_shop(url,headers,vulnresults) + wp_revslider(url,headers,vulnresults) + wp_adsmanager(url,headers,vulnresults) + wp_inboundiomarketing(url,headers,vulnresults) + wp_levoslideshow(url,headers,vulnresults) + wp_adblockblocker(url,headers,vulnresults) + + @staticmethod + def _general_help(): + generalhelp=print(""" + Command Description + -------- ------------- + help/? Show this help menu. + clear/cls clear the vulnx screen + use Use an variable. + info Get information about an available variable. + set Sets a context-specific variable to a value to use while using vulnx. + variables Prints all previously specified variables. + banner Display banner. + history Display command-line most important history from the beginning. + makerc Save command-line history to a file. + os Execute a system command without closing the vulnx-mode + exit/quit Exit the vulnx-mode + """) + return generalhelp + + @staticmethod + def _url_action_help(): + urlactions=print(""" + Command Description + -------- ------------- + ? \t\tHelp menu + timeout \t\tset timeout + ports \t\tscan ports + domain \t\tget domains & sub domains + cms info \t\tget cms info (version , user ..) + web info \t\tget web info + dump dns \t\tdump dns get sub domains [mx-server..] + run exploit\t\trun exploits corresponding to cms + back \t\tmove back from current context + """) + return urlactions + + @staticmethod + def _dorks_action_help(): + print(""" + Command Description + -------- ------------- + ? \t\tHelp menu + list \t\tset timeout + use \t\tscan ports + num page \t\tget domains & sub domains + run \t\tget cms info (version , user ..) + back \t\tmove back from current context + """) + + @staticmethod + def _clearscreen(): + return os.system('clear') + + @staticmethod + def _generalCLI(url): + regex=r'^set url (.+)' + url=re.search(re.compile(regex),url).group(1) + if url: + return url#ParseURL(url) + else: + print("need (help) (?)") + + def send_commands(self,cmd): + regxpr=re.compile(r'^set url') + + while True: + cmd = input("%s%svulnx%s > "% (bannerblue2,W_UL,end)) + dork_command="dorks" + + if regxpr.search(cmd): + # url target + while True: + cmd_interpreter=input("%s%svulnx%s%s target(%s%s%s) > %s" %(bannerblue2,W_UL,end,W,R,Cli._generalCLI(cmd),W,end)) + if cmd_interpreter == 'back': + break + elif cmd_interpreter == 'run exploit': + print('\n%s[*]%s Running exploits..' %(B,end)) + root = Cli._generalCLI(cmd) + if root.startswith('http'): + url_root = root + else: + url_root = 'http://'+url_root + self.__runExploits(url_root,headers) + elif cmd_interpreter == 'help' or cmd_interpreter == '?': + Cli._url_action_help() + elif cmd == 'quit' or cmd == 'exit': + sys.exit() + else: + print("you mean (cms info) or (web info) show more use help ?") + elif cmd == dork_command: + + while True: + cmd_interpreter=input("%svulnx (%sDorks%s)> %s" %(W,B,W,end)) + if cmd_interpreter == 'back': + break + if cmd_interpreter == 'run exploit': + print('\n%s[*]%s Running exploits..' %(B,end)) + if cmd_interpreter == 'help' or cmd_interpreter == '?': + self._dorks_action_help() + elif cmd == 'quit' or cmd == 'exit': + sys.exit() + elif cmd == 'help' or cmd == '?': + self._general_help() + elif cmd == 'clear' or cmd == 'cls': + Cli._clearscreen() + + else: + print("you mean (cms info) or (web info) show more use help ?") diff --git a/modules/dorkTable.py b/modules/dorkTable.py deleted file mode 100644 index 9a37af1..0000000 --- a/modules/dorkTable.py +++ /dev/null @@ -1,186 +0,0 @@ -from common.colors import R,W,end,info -def dorkslist(): - print (" %s lists of existing dorks" % (info)) - print ("""%s - +−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+ - | WordPress | Joomla | Drupal | Prestashop | Lokomedia | - +−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+%s - | blaze | comjce | | columnadverts | | - | catpro | comfabrik | | soopabanners | | - | cherry | comjdownloads | | vtslide | | - | dm | comfoxcontact | | simpleslideshow | | - | fromcraft | | | productpageadverts | | - | synoptic | | | productpageadvertsb | | - | shop | | | jro_homepageadvertise | | - | revslider | | | attributewizardpro | | - | adsmanager | | | oneattributewizardpro | | - | inboundiomarketing | | | attributewizardpro_old | | - | wysija | | | attributewizardpro_x | | - | powerzoomer | | | advancedslider | | - | showbiz | | | cartabandonmentpro | | - | jobmanager | | | cartabandonmentpro_old | | - | injection | | | videostab | | - | thumbslider | | | wg24themeadministration | | - | | | | fieldvmegamenu | | - | | | | wdoptionpanel | | - | | | | pk_flexmenu | | - | | | | pk_vertflexmenu | | - | | | | nvn_export_orders | | - | | | | tdpsthemeoptionpanel | | - | | | | masseditproduct | | - +----------------------+-----------------+------------------+----------------------------+-----------------+ - - """ %(W,end)) - print ('------------------------------------------------') - -def wp_dorkTable(): - print(" %s lists of wordpress dorks" % (info)) - print("""%s - +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ - | WordPress | - +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ - | blaze | - | catpro | - | cherry | - | dm | - | fromcraft | - | synoptic | - | shop | - | revslider | - | adsmanager | - | inboundiomarketing | - | wysija | - | powerzoomer | - | showbiz | - | jobmanager | - | injection | - | thumbslider | - | | - +----------------------------+%s - """%(W,end)) - print ('------------------------------------------------') - -def joo_dorkTable(): - print(" %s lists of wordpress dorks" % (info)) - print("""%s -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| Joomla | -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| comjce | -| comfabrik | -| comjdownloads | -| comfoxcontact | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -+----------------------------+%s - """%(W,end)) - print ('------------------------------------------------') - -def ps_dorkTable(): - print(" %s lists of wordpress dorks" % (info)) - print("""%s -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| Prestashop | -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| columnadverts | -| soopabanners | -| vtslide | -| simpleslideshow | -| productpageadverts | -| productpageadvertsb | -| jro_homepageadvertise | -| attributewizardpro | -| oneattributewizardpro | -| attributewizardpro_old | -| attributewizardpro_x | -| advancedslider | -| cartabandonmentpro | -| cartabandonmentpro_old | -| videostab | -| wg24themeadministration | -| fieldvmegamenu | -| wdoptionpanel | -| pk_flexmenu | -| pk_vertflexmenu | -| nvn_export_orders | -| tdpsthemeoptionpanel | -| masseditproduct | -+----------------------------+%s - """%(W,end)) - print ('------------------------------------------------') - -def loko_dorkTable(): - print(" %s lists of wordpress dorks" % (info)) - print("""%s -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| Lokomedia | -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -+----------------------------+%s - """%(W,end)) - print ('------------------------------------------------') - - -def dru_dorkTable(): - print(" %s lists of wordpress dorks" % (info)) - print("""%s -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| Drupal | -+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -| | -+----------------------------+%s - """%(W,end)) - print ('------------------------------------------------') \ No newline at end of file diff --git a/modules/dorksEngine.py b/modules/dorksEngine.py index 2e447d4..199af69 100644 --- a/modules/dorksEngine.py +++ b/modules/dorksEngine.py @@ -82,126 +82,326 @@ 'masseditproduct' : 'inurl":/modules/lib/redactor/"', } -def getdorksbyname(exploitname): - if exploitname in wp_contentdorks: - return wp_contentdorks[exploitname] - elif exploitname in wp_admindorks: - return wp_admindorks[exploitname] - elif exploitname in wpajx: - return wpajx[exploitname] - elif exploitname in wpindex: - return wpindex[exploitname] - elif exploitname in joomla: - return joomla[exploitname] - elif exploitname in prestashop: - return prestashop[exploitname] -def searchengine(exploitname,headers,output_dir,numberpage): - try : - print (' %s Searching for %s dork url' %(run,exploitname)) - numberpage = numberpage*10 - for np in range(0,numberpage,10): - starty = time.time() - if np==0: - time.sleep(random.randint(1,2)) - print(' %s Page n° 1 ' % (info)) - googlequery = 'https://www.google.com/search?q='+getdorksbyname(exploitname) - print(' %s searching for : %s'% (que,googlequery)) - res = requests.get(googlequery,headers).text - if (re.findall(re.compile(r'CAPTCHA'),res)): - print(' %s Bot Detected The block will expire shortly' % bad) - else: - WP_dorksconditions(exploitname,res,output_dir) - print ('------------------------------------------------') - else: - time.sleep(random.randint(3,5)) - print(' %s Page n° %i ' % (info,np/10+1)) - googlequery = 'https://www.google.com/search?q='+getdorksbyname(exploitname)+'&start='+str(np) - res = requests.get(googlequery,headers).text - print(' %s searching for : %s'% (que,googlequery)) - if (re.findall(re.compile(r'CAPTCHA'),res)): - print(' %s Bot Detected The block will expire shortly' % bad) +class Dorks: + + @staticmethod + def getdorksbyname(exploitname): + if exploitname in wp_contentdorks: + return wp_contentdorks[exploitname] + elif exploitname in wp_admindorks: + return wp_admindorks[exploitname] + elif exploitname in wpajx: + return wpajx[exploitname] + elif exploitname in wpindex: + return wpindex[exploitname] + elif exploitname in joomla: + return joomla[exploitname] + elif exploitname in prestashop: + return prestashop[exploitname] + + @staticmethod + def searchengine(exploitname,headers,output_dir,numberpage): + try : + print (' %s Searching for %s dork url' %(run,exploitname)) + numberpage = numberpage*10 + for np in range(0,numberpage,10): + starty = time.time() + if np==0: + time.sleep(random.randint(1,2)) + print(' %s Page n° 1 ' % (info)) + googlequery = 'https://www.google.com/search?q='+Dorks.getdorksbyname(exploitname) + print(' %s searching for : %s'% (que,googlequery)) + res = requests.get(googlequery,headers).text + if (re.findall(re.compile(r'CAPTCHA'),res)): + print(' %s Bot Detected The block will expire shortly' % bad) + else: + Dorks.WP_dorksconditions(exploitname,res,output_dir) + print ('------------------------------------------------') else: - WP_dorksconditions(exploitname,res,output_dir) - print ('------------------------------------------------') - endy = time.time() - elapsed = endy - starty - print (' %s Elapsed Time : %.2f seconds' % (info,elapsed)) - print("%s----------------%s"%(bannerblue,end)) - export.close() - except Exception as msg: - print(' %s exploitname %s ' %(bad,msg)) - np=+10 -def WP_dorksconditions(exploitname,response,output_dir): - webs = [] - if exploitname in wp_contentdorks: - dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/wp-content/plugins/\w+'),response) - if len(dorks) > 0: - for web in dorks: - if web not in webs: - webs.append(web) - for i in range(len(webs)): - domains = parsify(webs[i]) - print (' %s URL : %s ' %(good , webs[i])) - print (' %s DOMAIN: %s ' %(good , domains)) - export.write(domains) - export.write('\n') - elif exploitname in wp_admindorks: - dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/wp-admin/\w+'),response) - if len(dorks) > 0: - for web in dorks: - if web not in webs: - webs.append(web) - for i in range(len(webs)): - domains = parsify(webs[i]) - print (' %s URL : %s ' %(good , webs[i])) - print (' %s DOMAIN: %s ' %(good , domains)) - export.write(domains) - export.write('\n') - elif exploitname in wpajx: - dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/jm-ajax/upload_file/'),response) - if len(dorks) > 0: - for web in dorks: - if web not in webs: - webs.append(web) - for i in range(len(webs)): - domains = parsify(webs[i]) - print (' %s URL : %s ' %(good , webs[i])) - print (' %s DOMAIN: %s ' %(good , domains)) - export.write(domains) - export.write('\n') - elif exploitname in wpindex: - dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/index.php/wp-json/wp/'),response) - if len(dorks) > 0: - for web in dorks: - if web not in webs: - webs.append(web) - for i in range(len(webs)): - domains = parsify(webs[i]) - print (' %s URL : %s ' %(good , webs[i])) - print (' %s DOMAIN: %s ' %(good , domains)) - export.write(domains) - export.write('\n') - elif exploitname in joomla: - dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/index.php?option=com_jce'),response) - if len(dorks) > 0: - for web in dorks: - if web not in webs: - webs.append(web) - for i in range(len(webs)): - domains = parsify(webs[i]) - print (' %s URL : %s ' %(good , webs[i])) - print (' %s DOMAIN: %s ' %(good , domains)) - export.write(domains) - export.write('\n') - elif exploitname in prestashop: - dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/modules/\w+'),response) - if len(dorks) > 0: - for web in dorks: - if web not in webs: - webs.append(web) - for i in range(len(webs)): - domains = parsify(webs[i]) - print (' %s URL : %s ' %(good , webs[i])) - print (' %s DOMAIN: %s ' %(good , domains)) - export.write(domains) - export.write('\n') + time.sleep(random.randint(3,5)) + print(' %s Page n° %i ' % (info,np/10+1)) + googlequery = 'https://www.google.com/search?q='+Dorks.getdorksbyname(exploitname)+'&start='+str(np) + res = requests.get(googlequery,headers).text + print(' %s searching for : %s'% (que,googlequery)) + if (re.findall(re.compile(r'CAPTCHA'),res)): + print(' %s Bot Detected The block will expire shortly' % bad) + else: + Dorks.WP_dorksconditions(exploitname,res,output_dir) + print ('------------------------------------------------') + endy = time.time() + elapsed = endy - starty + print (' %s Elapsed Time : %.2f seconds' % (info,elapsed)) + print("%s----------------%s"%(bannerblue,end)) + export.close() + except Exception as msg: + print(' %s exploitname %s ' %(bad,msg)) + np=+10 + + @staticmethod + def WP_dorksconditions(exploitname,response,output_dir): + webs = [] + if exploitname in wp_contentdorks: + dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/wp-content/plugins/\w+'),response) + if len(dorks) > 0: + for web in dorks: + if web not in webs: + webs.append(web) + for i in range(len(webs)): + domains = parsify(webs[i]) + print (' %s URL : %s ' %(good , webs[i])) + print (' %s DOMAIN: %s ' %(good , domains)) + export.write(domains) + export.write('\n') + elif exploitname in wp_admindorks: + dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/wp-admin/\w+'),response) + if len(dorks) > 0: + for web in dorks: + if web not in webs: + webs.append(web) + for i in range(len(webs)): + domains = parsify(webs[i]) + print (' %s URL : %s ' %(good , webs[i])) + print (' %s DOMAIN: %s ' %(good , domains)) + export.write(domains) + export.write('\n') + elif exploitname in wpajx: + dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/jm-ajax/upload_file/'),response) + if len(dorks) > 0: + for web in dorks: + if web not in webs: + webs.append(web) + for i in range(len(webs)): + domains = parsify(webs[i]) + print (' %s URL : %s ' %(good , webs[i])) + print (' %s DOMAIN: %s ' %(good , domains)) + export.write(domains) + export.write('\n') + elif exploitname in wpindex: + dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/index.php/wp-json/wp/'),response) + if len(dorks) > 0: + for web in dorks: + if web not in webs: + webs.append(web) + for i in range(len(webs)): + domains = parsify(webs[i]) + print (' %s URL : %s ' %(good , webs[i])) + print (' %s DOMAIN: %s ' %(good , domains)) + export.write(domains) + export.write('\n') + elif exploitname in joomla: + dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/index.php?option=com_jce'),response) + if len(dorks) > 0: + for web in dorks: + if web not in webs: + webs.append(web) + for i in range(len(webs)): + domains = parsify(webs[i]) + print (' %s URL : %s ' %(good , webs[i])) + print (' %s DOMAIN: %s ' %(good , domains)) + export.write(domains) + export.write('\n') + elif exploitname in prestashop: + dorks = re.findall(re.compile(r'https?://+?\w+?[a-zA-Z0-9-_.]+?[a-zA-Z0-9-_.]?\w+\.\w+/?/modules/\w+'),response) + if len(dorks) > 0: + for web in dorks: + if web not in webs: + webs.append(web) + for i in range(len(webs)): + domains = parsify(webs[i]) + print (' %s URL : %s ' %(good , webs[i])) + print (' %s DOMAIN: %s ' %(good , domains)) + export.write(domains) + export.write('\n') + +class DorkList(): + + @staticmethod + def dorkslist(): + print (" %s lists of existing dorks" % (info)) + print ("""%s + +−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+ + | WordPress | Joomla | Drupal | Prestashop | Lokomedia | + +−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−−−−−−−−−−−−+−−−−−−−−−−−−−−−−−+%s + | blaze | comjce | | columnadverts | | + | catpro | comfabrik | | soopabanners | | + | cherry | comjdownloads | | vtslide | | + | dm | comfoxcontact | | simpleslideshow | | + | fromcraft | | | productpageadverts | | + | synoptic | | | productpageadvertsb | | + | shop | | | jro_homepageadvertise | | + | revslider | | | attributewizardpro | | + | adsmanager | | | oneattributewizardpro | | + | inboundiomarketing | | | attributewizardpro_old | | + | wysija | | | attributewizardpro_x | | + | powerzoomer | | | advancedslider | | + | showbiz | | | cartabandonmentpro | | + | jobmanager | | | cartabandonmentpro_old | | + | injection | | | videostab | | + | thumbslider | | | wg24themeadministration | | + | | | | fieldvmegamenu | | + | | | | wdoptionpanel | | + | | | | pk_flexmenu | | + | | | | pk_vertflexmenu | | + | | | | nvn_export_orders | | + | | | | tdpsthemeoptionpanel | | + | | | | masseditproduct | | + +----------------------+-----------------+------------------+----------------------------+-----------------+ + + """ %(W,end)) + print ('------------------------------------------------') + + @staticmethod + def wp_dorkTable(): + print(" %s lists of wordpress dorks" % (info)) + print("""%s + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | WordPress | + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | blaze | + | catpro | + | cherry | + | dm | + | fromcraft | + | synoptic | + | shop | + | revslider | + | adsmanager | + | inboundiomarketing | + | wysija | + | powerzoomer | + | showbiz | + | jobmanager | + | injection | + | thumbslider | + | | + +----------------------------+%s + """%(W,end)) + print ('------------------------------------------------') + + @staticmethod + def joo_dorkTable(): + print(" %s lists of wordpress dorks" % (info)) + print("""%s + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | Joomla | + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | comjce | + | comfabrik | + | comjdownloads | + | comfoxcontact | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + +----------------------------+%s + """%(W,end)) + print ('------------------------------------------------') + + @staticmethod + def ps_dorkTable(): + print(" %s lists of wordpress dorks" % (info)) + print("""%s + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | Prestashop | + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | columnadverts | + | soopabanners | + | vtslide | + | simpleslideshow | + | productpageadverts | + | productpageadvertsb | + | jro_homepageadvertise | + | attributewizardpro | + | oneattributewizardpro | + | attributewizardpro_old | + | attributewizardpro_x | + | advancedslider | + | cartabandonmentpro | + | cartabandonmentpro_old | + | videostab | + | wg24themeadministration | + | fieldvmegamenu | + | wdoptionpanel | + | pk_flexmenu | + | pk_vertflexmenu | + | nvn_export_orders | + | tdpsthemeoptionpanel | + | masseditproduct | + +----------------------------+%s + """%(W,end)) + print ('------------------------------------------------') + + @staticmethod + def loko_dorkTable(): + print(" %s lists of wordpress dorks" % (info)) + print("""%s + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | Lokomedia | + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + +----------------------------+%s + """%(W,end)) + print ('------------------------------------------------') + + @staticmethod + def dru_dorkTable(): + print(" %s lists of wordpress dorks" % (info)) + print("""%s + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | Drupal | + +−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + | | + +----------------------------+%s + """%(W,end)) + print ('------------------------------------------------') \ No newline at end of file diff --git a/vulnx.py b/vulnx.py index 369e8a6..25d7bdf 100644 --- a/vulnx.py +++ b/vulnx.py @@ -1,5 +1,5 @@ #!/usr/bin/env python -# ----a + """ The vulnx main part. Author: anouarbensaad @@ -126,12 +126,15 @@ def parse_args(): #Switches parser.add_argument('-e','--exploit', help='searching vulnerability & run exploits', dest='exploit', action='store_true') + parser.add_argument('--it', help='interactive mode.', + dest='cli', action='store_true') parser.add_argument('-w','--web-info', help='web informations gathering', dest='webinfo', action='store_true') parser.add_argument('-d','--domain-info', help='subdomains informations gathering', dest='domaininfo', action='store_true') parser.add_argument('--dns', help='dns informations gatherings', dest='dnsdump', action='store_true') + return parser.parse_args() vulnresults = set() # results of vulnerability exploits. [success or failed] @@ -142,6 +145,8 @@ def parse_args(): args = parse_args() #url arg url = args.url +#interactive arugment +cli=args.cli #run exploit exploit = args.exploit #cms gathering args @@ -600,6 +605,7 @@ def signal_handler(signal,frame): #main if __name__ == "__main__": + if input_file: with open(input_file,'r') as urls: u_array = [url.strip('\n') for url in urls] @@ -623,6 +629,7 @@ def signal_handler(signal,frame): except Exception as error_: print('UKNOWN ERROR : '+ str(error_)) + if url: #url condition entrypoint root = url @@ -645,23 +652,27 @@ def signal_handler(signal,frame): 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language': 'en-US,en;q=0.5', 'Connection': 'keep-alive',} - from modules.dorksEngine import (searchengine,getdorksbyname,wp_contentdorks) - searchengine(dorks,headers,output_dir,numberpage) + from modules.dorksEngine import Dorks as D + D.searchengine(dorks,headers,output_dir,numberpage) if dorkslist == 'all': - from modules.dorkTable import dorkslist as listall - listall() + from modules.dorksEngine import DorkList as DL + DL.dorkslist() if dorkslist == 'wordpress': - from modules.dorkTable import wp_dorkTable as listwp - listwp() + from modules.dorksEngine import DorkList as DL + DL.wp_dorkTable() if dorkslist == 'joomla': - from modules.dorkTable import joo_dorkTable as listjoo - listjoo() + from modules.dorksEngine import DorkList as DL + DL.joo_dorkTable() if dorkslist == 'prestashop': - from modules.dorkTable import ps_dorkTable as listps - listps() + from modules.dorksEngine import DorkList as DL + DL.ps_dorkTable() if dorkslist == 'lokomedia': - from modules.dorkTable import loko_dorkTable as listlm - listlm() + from modules.dorksEngine import DorkList as DL + DL.loko_dorkTable() if dorkslist == 'drupal': - from modules.dorkTable import dru_dorkTable as listdru - listdru() + from modules.dorksEngine import DorkList as DL + DL.dru_dorkTable() + if cli: + from cli import Cli + cli = Cli() + cli.send_commands("") \ No newline at end of file