巡风 win7 python3.7安装使
发布时间:2019-09-03 08:55:52编辑:auto阅读(2997)
巡风是一款适用于企业内网的漏洞快速应急、巡航扫描系统,只做初步探测,无攻击性行为。
其主体分为两部分:网络资产识别引擎,漏洞检测引擎。
网络资产识别引擎会通过用户配置的IP范围定期自动的进行端口探测(支持调用MASSCAN),并进行指纹识别,识别内容包括:服务类型、组件容器、脚本语言、CMS。
漏洞检测引擎会根据用户指定的任务规则进行定期或者一次性的漏洞检测,其支持2种插件类型、标示符与脚本,均可通过web控制台进行添加。
本人是python门外汉,有什么不对的大家请指出!
下载python 64位:
https://www.python.org/downloads/windows/
安装好了之后升级pip
git clone https://github.com/ysrc/xunfeng.git
pip install -r requirements.txt -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com
安装数据库
下载: https://sec.ly.com/mirror/mongodb-win32-x86_64-2008plus-ssl-3.4.0-signed.msi
安装,并添加系统path变量
创建目录:mongodata
start mongod --port 65521 --dbpath G:/tools/xunfeng/mongodata --auth
G:\tools\xunfeng>mongo 127.0.0.1:65521/xunfeng
MongoDB shell version v3.4.0
connecting to: mongodb://127.0.0.1:65521/xunfeng
MongoDB server version: 3.4.0
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
http://docs.mongodb.org/
Questions? Try the support group
http://groups.google.com/group/mongodb-user
> db.createUser({user:'admin',pwd:'xunfeng321',roles:[{role:'dbOwner',db:'xunfeng'}]})
2019-07-04T15:38:32.400+0800 E QUERY [main] Error: couldn't add user: not authorized on xunfeng t
o execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "dbOwner", db: "xunfeng" } ],
digestPassword: false, writeConcern: { w: "majority", wtimeout: 300000.0 } } :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.createUser@src/mongo/shell/db.js:1290:15
@(shell):1:1
不使用认证模式:
start mongod --port 65521 --dbpath G:/tools/xunfeng/mongodata
G:\tools\xunfeng>mongo 127.0.0.1:65521/xunfeng
MongoDB shell version v3.4.0
connecting to: mongodb://127.0.0.1:65521/xunfeng
MongoDB server version: 3.4.0
> db.createUser({user:'scan',pwd:'scanlol66',roles:[{role:'dbOwner',db:'xunfeng'}]})
Successfully added user: {
"user" : "scan",
"roles" : [
{
"role" : "dbOwner",
"db" : "xunfeng"
}
]
}
> exit
bye
导入数据库
db 文件夹位于xunfeng代码目录中:
$ mongorestore.exe -h 127.0.0.1 --port 65521 -d xunfeng db
关闭mongod.exe进程
运行系统
根据实际情况修改 conifg.py 和 run.bat 文件后, 执行:
> run.bat
G:\tools\xunfeng>python web.py
Traceback (most recent call last):
File "web.py", line 1, in <module>
from views.view import app
File "G:\tools\xunfeng\views\view.py", line 384
print 'upload result:' + rsp.read()
^
SyntaxError: invalid syntax
Python 3.0以后的print都改为了print();
from urllib import unquote, urlopen, urlretrieve, quote, urlencode
ImportError: cannot import name 'unquote' from 'urllib' (D:\Program Files\Python37\lib\urllib\__init
__.py)
在Python 3.x中,我们需要导入urllib.parse.quote时:
使用from urllib.parse import quote
修改:
from urllib.parse import unquote, quote,urlencode
from urllib.request import urlopen, urlretrieve
File "G:\tools\xunfeng\views\view.py", line 12, in <module>
from lib.CreateExcel import *
ModuleNotFoundError: No module named 'lib'
不要执行pip install lib
File "G:\tools\xunfeng\views\view.py", line 12, in <module>
from lib.CreateExcel import *
ModuleNotFoundError: No module named 'lib.CreateExcel'
修改:
from .lib.CreateExcel import *
from .lib.Login import logincheck
from .lib.AntiCSRF import anticsrf
from .lib.QueryLogic import querylogic
import StringIO
ModuleNotFoundError: No module named 'StringIO'
Python3中已将StringIO归入io,改成:import io
或者:
“import StringIO”改成“from io import StringIO ”,运行成功。
import StringIO适用于python 2.X
StringIO.改成io.
except Exception, e:
^
SyntaxError: invalid syntax
批量替换成:except Exception as e:
ModuleNotFoundError: No module named 'urllib2'
用urllib.request代替urllib2,批量替换
G:\tools\xunfeng>python web.py
* Serving Flask app "views" (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: off
* Running on http://0.0.0.0:80/ (Press CTRL+C to quit)
执行其他的命令,修复错误
python3中,由于thread有两个很致命的问题,所以python3更推荐用threading代替thread,
所以,thread被改名为_thread
import _thread
G:\tools\xunfeng>pip install mongo
Collecting mongo
Downloading https://files.pythonhosted.org/packages/30/06/3b87f3487c7c9c6a2ae9994c81f4fda82446b3b2
96c7f35b0b7824708fc4/mongo-0.2.0.tar.gz
Requirement already satisfied: pymongo in d:\program files\python37\lib\site-packages (from mongo) (
3.8.0)
Installing collected packages: mongo
Running setup.py install for mongo ... done
Successfully installed mongo-0.2.0
G:\tools\xunfeng>python nascan/nascan.py
Traceback (most recent call last):
File "nascan/nascan.py", line 4, in <module>
from lib.common import *
File "G:\tools\xunfeng\nascan\lib\common.py", line 4, in <module>
import log
File "D:\Program Files\Python37\lib\log.py", line 5, in <module>
reload(sys)
NameError: name 'reload' is not defined
from importlib import reload
修复xunfeng\nascan\lib下的log.py,scan.py,cidr.py,icmp.py,mongo.py...
还是会相对路径错误,最后还是将某些导入修改为类似:from . import log,过了一个from .
不要执行pip install config
sys.setdefaultencoding('utf8')
AttributeError: module 'sys' has no attribute 'setdefaultencoding'
去掉:sys.setdefaultencoding('utf8')
python3 中引入Queue 会报出这个问题,需小写的
python3 中这样引入:import queue
python2 中这样引入:import Queue
为了兼容 可以这样
import sys
if sys.version > '3':
import queue as Queue
else:
import Queue
或者:
from multiprocessing import Queue
访问http://127.0.0.1/ 直接302出错,跳转到500页面
500
INTERNAL SERVER ERROR
访问:
输入账号密码还是跳转到了500页面127.0.0.1 - - [04/Jul/2019 20:54:19] "POST /login HTTP/1.1" 302 -
'SecureCookieSession' object has no attribute 'has_key'
xunfeng\views\lib\Login.py (1 hit)
Line 11: if session.has_key('login'):
Python从2.6版本后中将has_key换成in
if 'login' in session:
终于成功登陆进入
python vulscan/vulscan.py还有其他问题:
每次启动都下载:
b'20190527'
check version
new version 20190527
kunpeng update 20190527
url https://github.com/opensec-cn/kunpeng/releases/download/20190527/kunpeng_windows_v20190527.zip
0.00%
G:\tools\xunfeng\vulscan\kunpeng.py (1 hit)
Line 37: print('new version', release['tag_name'])
self.get_version(): b'20190527'
版本不知道获取是这样self.kunpeng.GetVersion.restype = c_char_p
# 返回值的类型是 'bytes' object
if release['tag_name'] != self.get_version():
替换成:
if release['tag_name'].encode() != self.get_version():
update success 20190527
_
| | ___ _ _ __ _ __ ___ _ __ __ _
| |/ / | | | '_ \| '_ \ / _ \ '_ \ / _' |
| <| |_| | | | | |_) | __/ | | | (_| |
|_|\_\\__,_|_| |_| .__/ \___|_| |_|\__, |
|_| |___/
b'20190527'
vulscan/vulscan.py:266: DeprecationWarning: insert is deprecated. Use insert_one or insert_many inst
ead.
na_plugin.insert(plugin_info)
18701824
update success 20190527
_
| | ___ _ _ __ _ __ ___ _ __ __ _
| |/ / | | | '_ \| '_ \ / _ \ '_ \ / _' |
| <| |_| | | | | |_) | __/ | | | (_| |
|_|\_\\__,_|_| |_| .__/ \___|_| |_|\__, |
|_| |___/
b'20190527'
fatal error: runtime: unexpected waitm - semaphore out of sync
goroutine 35 [syscall]:
runtime.notetsleepg(0x6c071a80, 0x4a817c800, 0x0)
C:/Go/src/runtime/lock_sema.go:280 +0x52 fp=0x1c0002eff58 sp=0x1c0002eff18 pc=0x6b04c162
runtime.timerproc(0x6c071a60)
C:/Go/src/runtime/time.go:288 +0x31c fp=0x1c0002effd8 sp=0x1c0002eff58 pc=0x6b08aaec
runtime.goexit()
C:/Go/src/runtime/asm_amd64.s:1333 +0x1 fp=0x1c0002effe0 sp=0x1c0002effd8 pc=0x6b098f61
created by runtime.(*timersBucket).addtimerLocked
C:/Go/src/runtime/time.go:170 +0x11b
goroutine 13 [runnable]:
time.Sleep(0x4a817c800)
C:/Go/src/runtime/time.go:105 +0x164
github.com/opensec-cn/kunpeng/plugin/json.loadExtraJSONPlugin()
D:/gocode/src/github.com/opensec-cn/kunpeng/plugin/json/init.go:129 +0x39
created by github.com/opensec-cn/kunpeng/plugin/json.init.0
D:/gocode/src/github.com/opensec-cn/kunpeng/plugin/json/init.go:21 +0x5a
批量替换vulscan/vulscan.py
a_plugin.insert(plugin_info)替换为:
a_plugin.insert_one(plugin_info)
b'20190527'
vulscan/vulscan.py:270: DeprecationWarning: count is deprecated. Use Collection.count_documents inst
ead.
if na_plugin.find().count() >= 1:
vulscan/vulscan.py:177: DeprecationWarning: find_and_modify is deprecated, use find_one_and_delete,
find_one_and_replace, or find_one_and_update instead
"$set": {"status": 1}}, sort={'time': 1})
check version
vulscan/vulscan.py:177: DeprecationWarning: Passing mapping types for `sort` is deprecated, use a li
st of (key, direction) pairs instead
"$set": {"status": 1}}, sort={'time': 1})
vulscan/vulscan.py:214: DeprecationWarning: count is deprecated. Use Collection.count_documents inst
ead.
queue_count = na_task.find({"status": 0, "plan": 0}).count()
vulscan/vulscan.py:225: DeprecationWarning: update is deprecated. Use replace_one, update_one or upd
ate_many instead.
"$set": {"value": load, "up_time": datetime.datetime.now()}})
new version 20190527
kunpeng update 20190527
url https://github.com/opensec-cn/kunpeng/releases/download/20190527/kunpeng_windows_v20190527.zip
task_req = na_task.find_and_modify({query={"status": 0, "plan": 0}, update={
"$set": {"status": 1}}, sort={'time': 1}})
替换成:
task_req = na_task.find_one_and_update({"status": 0, "plan": 0}, {
"$set": {"status": 1}}, {'time': 1})
if na_plugin.find().count()>= 1:
替换成:
if na_plugin.count_documents({}) >= 1:
queue_count = na_task.find({"status": 0, "plan": 0}).count()
替换成:
queue_count = na_task.count_documents({"status": 0, "plan": 0})
na_heart.update({"name": "load"}, {
"$set": {"value": load, "up_time": datetime.datetime.now()}})
替换成:
na_heart.update_one({"name": "load"}, {
"$set": {"value": load, "up_time": datetime.datetime.now()}})
插件安装确认
插件名:Struts2 052远程代码执行
描述:当启用 Struts REST的XStream handler去反序列化处理XML请求,可能造成远程代码执行漏洞,进而直接导致服务器被入侵控制。
作者:wolf@YSRC
安装失败,一定是姿势不对
Request URL:http://127.0.0.1/installplugin?unicode=2017-9-6-1
Request Method:GET
fail
Search "installplugin" (5 hits in 3 files)
G:\tools\xunfeng\views\static\buss\js\common.js (1 hit)
Line 120: $.get('/installplugin', {unicode: unicode}, function (e) {
G:\tools\xunfeng\views\view.py (2 hits)
Line 538: @app.route('/installplugin')
Line 540: def installplugin():
print('https://sec.ly.com/xunfeng/getplugin?name=' + item['location'], file_path + file_name)
结果输出:
https://sec.ly.com/xunfeng/getplugin?name=s2_052.py
G:\tools\xunfeng\views/../vulscan/vuldb/s2_052.py
查看了一下,该文件存在,修改输出错误:
except Exception as e:
print(e)
pass
结果提示:invalid syntax (s2_052.py, line 56)
发现是:except Exception, e:
看来太多插件都是python2.*下开发的,还是要安装python2.*才行
修改:xunfeng\views\view.py,用以将漏洞检测脚本兼容python3.7:
if os.path.exists(file_path + file_name):
try:
if file_name.split('.')[-1] == 'py':
json_text = open(file_path + file_name, 'r', encoding='UTF-8').read()
json_text = json_text.replace("except Exception, e:","except Exception as e:")
json_text = json_text.replace("except Exception,e:","except Exception as e:")
json_text = json_text.replace("except urllib2.HTTPError, e:","except urllib2.HTTPError as e:")
json_text = json_text.replace("except urllib2.HTTPError,e:","except urllib2.HTTPError as e:")
json_text = json_text.replace("except urllib2.URLError, e:","except urllib2.URLError as e:")
json_text = json_text.replace("except urllib2.URLError,e:","except urllib2.URLError as e:")
if json_text.find('import urllib.request as urllib2')==-1:
json_text = json_text.replace("urllib2","urllib.request")
json_text = json_text.replace("import Queue","import queue")
json_text = json_text.replace("import StringIO","import io")
json_text = json_text.replace(" StringIO."," io.")
json_text = json_text.replace("\t"," ")
json_text = json_text.replace("import urlparse","from urllib.parse import urlparse")
json_text = json_text.replace("import HTMLParser","from html.parser import HTMLParser")
pat = ' print(.*)\n'
ret_1=re.search(pat, json_text)
if ret_1 != None:
print(ret_1.group())
print(ret_1.group(1))
json_text = json_text.replace(" print"+ret_1.group(1)," print("+ret_1.group(1)+")")
#json_text = re.sub(pat, double, json_text)
#print(json_text)
# 'str' object has no attribute 'decode'
#import codecs
#codecs.decode('ab', 'hex')
pat = " return (.*)\.decode\('hex'\)"
ret_2=re.search(pat, json_text)
if ret_2 != None:
print(ret_2.group(1))
json_text = json_text.replace(json_text,"import codecs\n"+json_text)
json_text = json_text.replace(" return "+ret_2.group(1)+".decode('hex')"," return str(codecs.decode("+ret_2.group(1)+",'hex'))")
with open(file_path + file_name,'w+',encoding='utf-8') as f:
f.write(json_text)
f.seek(0)
module = __import__(file_name.split('.')[0]) #这个位置导致插件安装失败,python2.*兼容问题
print("兼容")
mark_json = module.get_plugin_info()
json_string['filename'] = file_name.split('.')[0]
else:
json_text = open(file_path + file_name, 'r', encoding='UTF-8').read()
mark_json = json.loads(json_text)
json_string['filename'] = file_name
mark_json.pop('plugin')
json_string.update(mark_json)
Mongo.coll['Plugin'].insert(json_string)
Mongo.coll['Update'].update_one({'unicode': unicode}, {'$set': {'isInstall': 1}})
rsp = 'success'
except Exception as e:
print("error:",e)
pass
return rsp
替换xunfeng\vulscan\vuldb下的脚本相应代码
上一篇: SMOTE python实现
下一篇: Python3 类
- openvpn linux客户端使用
47605
- H3C基本命令大全
45985
- openvpn windows客户端使用
36909
- H3C IRF原理及 配置
34469
- Python exit()函数
29080
- openvpn mac客户端使用
25713
- python全系列官方中文文档
24566
- 1.常用turtle功能函数
19714
- python 获取网卡实时流量
19245
- python 获取Linux和Windows硬件信息
17756
- python3-scipy-ndimage平滑
5564°
- python3-scikit-image平滑去噪
6155°
- python3-PIL非线性噪声平滑
5690°
- python3-Scipy-ndimage进行盒核与高斯核平滑比较
5737°
- python3-PIL高斯模糊滤波器平滑
6705°
- python3-PIL基于盒模糊核均值化平滑
5483°
- python3-PIL线性噪声平滑
5484°
- python3-scikit-image直方图匹配
5988°
- python3-scikit-image对比拉伸和直方图均衡化
5965°
- python3-PIL二值化
7295°
- 姓名:Run
- 职业:谜
- 邮箱:383697894@qq.com
- 定位:上海 · 松江
