Giter Club home page Giter Club logo

fox-scan's Introduction

#Fox-scan

Fox-scan is a initiative and passive SQL Injection vulnerable Test tools. use for penetration testing!

Foxscan 是一个款基于SQLMAP的主动和被动资源发现的漏洞扫描工具,在设置浏览器代理后访问目标网站即可获取浏览器访问的链接,并且进行简单的爬虫获取链接,去除一些静态文件和第三方网站后,放入sqlmap中进行检测。

##INSTALl ###Environment

sqlmap
python 2.7 
Flask
multiprocessing
mitmproxy
tornado
requests
BeautifulSoup 4.2.0

###Settings 配置项目根目录下config.xml

<root>
    <mysql>
    <host>127.0.0.1</host>
    <username>root</username>
    <password>123480</password>
    <port>3306</port>
    <database>foxscan</database>
    <charset>utf8</charset>
</mysql>
<sqlmap>
    http://127.0.0.1:8775 
</sqlmap>
<typelist>
    <whitelist>.php,.asp,.aspx,.jsp,.jspx</whitelist>
    <blacklist>
      .ico,.flv,.js,.css,.jpg,.png,.jpeg,.gif,.pdf,.ss3,.txt,.rar,.zip,.avi,.mp4,.swf,.wmi,.exe,.mpeg
     </blacklist>
</typelist>
</root>

sqlmap标签为你的sqlmap地址,typelist类型设置为黑名单和白名单设置,用于爬虫用。默认可以不用改。

###DATABASE

CREATE DATABASE `foxscan` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;

source foxscan.sql

##Run

1 首先运行sqlmapapi.py

python sqlmapapi.py -s

2 运行本程序WEB界面

python views.py

3 打开浏览器输入控制台提示的访问地址(这里是http://127.0.0.1:8775) 在这里配置你的目标网站,sqlmap的地址,爬虫的过滤类型以及代理地址。

  1. 这里的Domain,即代表爬虫的时候不会获取这个根域名之外的网站链接,同一时刻只能添加一次目标
  2. 需要更改目标的话需要重新进入这个界面配置,但是会删除之前的所有在跑的任务

index1page

4 在配置完任务信息后,可以进入到libs目录中,运行

  python proxy.py 8081

启动本地代理服务器,然后再配置浏览器代理,即可达到被动扫描的效果 例如:

vuln1

写了一个很简单的POST登录框。 控制台输出这样的字样后代表加入队列扫描

vuln2

如果没有,说明是第三方网站或者访问的是静态文件资源,则不会加入到扫描队列中!

5 配置完成之后点击FUCK IT按钮,就会提示你成功添加一个目标,进入到任务详情页。 这里会显示说有在跑的任务,使用AJAX请求每3秒刷新一次。

showtask1

如果有成功的目标,就会显示为红色

successtask

可以看到我们刚才的POST注入已经扫描完成。

successtask2

点击LOG按钮可以查看扫描日志。 showlog

6 程序会自动有一个异步非阻塞追踪线程,如果发现有成功的目标,就会把目标和payload防到successlist 表中

7 HTTPS资源获取 (2016/10/04)

这里使用libs/wyproxy.py脚本,这里是借鉴猪猪侠的代理工具简化开发了一下https://github.com/ring04h/wyproxy

在此感谢猪哥的轮子

  1. Mac OS X 安装配置 SSL 证书 并信任

    $ wget https://raw.githubusercontent.com/fengxuangit/Fox-scan/master/libs/ssl/mitmproxy-ca.pem

在Finder中双击运行mitmproxy-ca.pem

进入钥匙串访问工具, 选择mitmproxy的证书

key_manage

选择始终信任该证书, 即可生效, 便能成功捕捉所有HTTPS的流量

key_trust

运行libs/wyproxy.py

 	python libs/wyproxy.py -p 8888

https_cmd

浏览器上添加公钥信任

https_web

后台就会检测https的网页了

https_scan

##TODO 基本可以使用,但是还是有一些BUG。

BUG:

  1. AJAX刷新有时候不能正确实时展示。(fixed)
  2. 代理功能有时候在数据库不支持长链接的情况下会报错(fixed)

还有一些功能未能实现

FEATURE:

  1. 点击LOG,可以查看扫描日志 (done)
  2. 添加PAYLOAD选项,可以查看到PAYLOAD(done)
  3. 添加Command按钮,可以生成注入成功的sqlmap命令

##CHANGELOG

##License

  • fengxuan - mOon Security Team 2016/09/03

fox-scan's People

Contributors

fengxuangit avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

v4n0m xiaosadexiaohai passtion apple006 secwiki lz-securityteam aa2288207 key20 thanatoskira jijicanyu songofhack jackhuyh xfkxfk xssddq mysterymask simiaoxiaoseng z-hong7 pirate-space jumbo-wjb sohu0106 test123test111 aylhex happymobileday fengssq breagitt monkeym4ster teemoer jack51706 sun9git chengfangang pengtao007 rsj123 youyou2018 sigma-random igbaolan uncia lhxkailiang ledudu whxloveyrh nidaosky 404soul ning1022 akpotter blowfishj catcherman test98123456 hustlibraco theralfbrown fa11ing1eaf cookies0430 mel0day nuadaandre 78778443 s270987763 wateroot kingsunlin 0xpanda-ai gitcollect mmok33 123boge mk-z wkc2014 webshell520 husoul youli023023 endboy520 lyy0755 cssxn 1sn0m4d llovoll wsppt blueroutecn jliuliu solertis hackmycontrolsystem jinjie412 baofg janepeak520 linxi0428 xiaofengtongxue aliluyala wifido eniac888 latentgod jerusalemsbell xiju2003 jjsmida oiccc snk7 nx4dm1n forlin javarockstar 957204459 yileye shengulong ll2b fb11 v1cker jinghfut ossecfile

fox-scan's Issues

运行错误

C:\Users\rsj\Downloads\Fox-scan-master>views.py
Traceback (most recent call last):
File "C:\Users\rsj\Downloads\Fox-scan-master\views.py", line 10, in
from libs.action import SqlMapAction,Spider_Handle,Save_Success_Target
File "C:\Users\rsj\Downloads\Fox-scan-master\libs\action.py", line 12, in
import ipdb
File "build\bdist.win32\egg\ipdb__init__.py", line 7, in
File "build\bdist.win32\egg\ipdb__main__.py", line 31, in
ImportError: No module named IPython.core.debugger

运行错误

E:\tools\Fox-scan>views.py
Traceback (most recent call last):
File "E:\tools\Fox-scan\views.py", line 10, in
from libs.action import SqlMapAction,Spider_Handle,Save_Success_Target
File "E:\tools\Fox-scan\libs\action.py", line 16, in
from models import MySQLHander
File "E:\tools\Fox-scan\libs\models.py", line 5, in
import MySQLdb
File "C:\Python27\lib\site-packages\MySQLdb__init__.py", line 19, in
import _mysql
ImportError: DLL load failed: %1 ������Ч�� Win32 Ӧ�ó���

If you suspect this is an IPython bug, please report it at:
https://github.com/ipython/ipython/issues
or send an email to the mailing list at [email protected]

You can print a more detailed traceback right now with "%tb", or use "%debug"
to interactively debug it.

Extra-detailed tracebacks for bug-reporting purposes can be enabled via:
%config Application.verbose_crash=True

说明里还少了个依赖库ipdb

python libs/wyproxy.py -p 8888 无法运行 

2016-12-08 13:20:42,091 [INFO] wyproxy is starting...
2016-12-08 13:20:42,091 [INFO] Listening: 0.0.0.0:8888 http
Traceback (most recent call last):
  File "libs/wyproxy.py", line 492, in <module>
    run(args)
  File "libs/wyproxy.py", line 471, in run
    wyproxy.run()
  File "libs/wyproxy.py", line 445, in run
    start_server(self.proxy_port, self.proxy_mode, self.unsave_data)
  File "libs/wyproxy.py", line 426, in start_server
    cadir="./ssl/",
TypeError: __init__() got an unexpected keyword argument 'cadir'

这个问题可能是mitmproxy 接口改了引起的 python 能指定依赖版本吗..

尝试修改 wyproxy.py的422行附近

ops = options.Options(
app_port=port,
mode=mode,
cadir="./ssl/",
)
config = proxy.ProxyConfig(
ops
)

这样修改修复了这个问题,但是还有下一个问题..

(venv) [root@localhost libs]# python wyproxy.py -p 8081
2016-12-08 13:32:10,097 [INFO] wyproxy is starting...
2016-12-08 13:32:10,098 [INFO] Listening: 0.0.0.0:8081 http
Traceback (most recent call last):
  File "wyproxy.py", line 495, in <module>
    run(args)
  File "wyproxy.py", line 474, in run
    wyproxy.run()
  File "wyproxy.py", line 448, in run
    start_server(self.proxy_port, self.proxy_mode, self.unsave_data)
  File "wyproxy.py", line 434, in start_server
    m = WYProxy(server, state, unsave_data)
  File "wyproxy.py", line 381, in __init__
    super(WYProxy, self).__init__(server, state)
TypeError: __init__() takes exactly 4 arguments (3 given)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.