巡风 win7 python3.7安装使

发布时间:2019-09-03 08:55:52编辑:auto阅读(3028)

    巡风是一款适用于企业内网的漏洞快速应急、巡航扫描系统,只做初步探测,无攻击性行为。

    其主体分为两部分:网络资产识别引擎漏洞检测引擎

    网络资产识别引擎会通过用户配置的IP范围定期自动的进行端口探测(支持调用MASSCAN),并进行指纹识别,识别内容包括:服务类型、组件容器、脚本语言、CMS。

    漏洞检测引擎会根据用户指定的任务规则进行定期或者一次性的漏洞检测,其支持2种插件类型、标示符与脚本,均可通过web控制台进行添加。

     

    本人是python门外汉,有什么不对的大家请指出!

     

    下载python 64位:

    https://www.python.org/downloads/windows/

    安装好了之后升级pip

    git clone https://github.com/ysrc/xunfeng.git
    
    pip install -r requirements.txt -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com

     

    安装数据库

    下载: https://sec.ly.com/mirror/mongodb-win32-x86_64-2008plus-ssl-3.4.0-signed.msi

    安装,并添加系统path变量

    创建目录:mongodata

    start mongod --port 65521 --dbpath G:/tools/xunfeng/mongodata --auth

    G:\tools\xunfeng>mongo 127.0.0.1:65521/xunfeng
    MongoDB shell version v3.4.0
    connecting to: mongodb://127.0.0.1:65521/xunfeng
    MongoDB server version: 3.4.0
    Welcome to the MongoDB shell.
    For interactive help, type "help".
    For more comprehensive documentation, see
            http://docs.mongodb.org/
    Questions? Try the support group
            http://groups.google.com/group/mongodb-user
    > db.createUser({user:'admin',pwd:'xunfeng321',roles:[{role:'dbOwner',db:'xunfeng'}]})
    2019-07-04T15:38:32.400+0800 E QUERY    [main] Error: couldn't add user: not authorized on xunfeng t
    o execute command { createUser: "admin", pwd: "xxx", roles: [ { role: "dbOwner", db: "xunfeng" } ],
    digestPassword: false, writeConcern: { w: "majority", wtimeout: 300000.0 } } :
    _getErrorWithCode@src/mongo/shell/utils.js:25:13
    DB.prototype.createUser@src/mongo/shell/db.js:1290:15
    @(shell):1:1

     

     

    不使用认证模式:

    start mongod --port 65521 --dbpath G:/tools/xunfeng/mongodata

    G:\tools\xunfeng>mongo 127.0.0.1:65521/xunfeng
    MongoDB shell version v3.4.0
    connecting to: mongodb://127.0.0.1:65521/xunfeng
    MongoDB server version: 3.4.0
    > db.createUser({user:'scan',pwd:'scanlol66',roles:[{role:'dbOwner',db:'xunfeng'}]})
    Successfully added user: {
            "user" : "scan",
            "roles" : [
                    {
                            "role" : "dbOwner",
                            "db" : "xunfeng"
                    }
            ]
    }
    > exit
    bye

     

     

    导入数据库

    db 文件夹位于xunfeng代码目录中:

    $ mongorestore.exe -h 127.0.0.1 --port 65521 -d xunfeng db 

    关闭mongod.exe进程

     

     

    运行系统

    根据实际情况修改 conifg.py 和 run.bat 文件后, 执行:

    > run.bat

     

     

    G:\tools\xunfeng>python web.py
    Traceback (most recent call last):
      File "web.py", line 1, in <module>
        from views.view import app
      File "G:\tools\xunfeng\views\view.py", line 384
        print 'upload result:' + rsp.read()
                             ^
    SyntaxError: invalid syntax

    Python 3.0以后的print都改为了print();

     


        from urllib import unquote, urlopen, urlretrieve, quote, urlencode
    ImportError: cannot import name 'unquote' from 'urllib' (D:\Program Files\Python37\lib\urllib\__init
    __.py)

    在Python 3.x中,我们需要导入urllib.parse.quote时: 
    使用from urllib.parse import quote 

    修改:

    from urllib.parse import unquote, quote,urlencode
    from urllib.request import urlopen, urlretrieve

     


      File "G:\tools\xunfeng\views\view.py", line 12, in <module>
        from lib.CreateExcel import *
    ModuleNotFoundError: No module named 'lib'

    不要执行pip install lib


      File "G:\tools\xunfeng\views\view.py", line 12, in <module>
        from lib.CreateExcel import *
    ModuleNotFoundError: No module named 'lib.CreateExcel'

    修改:

    from .lib.CreateExcel import *
    from .lib.Login import logincheck
    from .lib.AntiCSRF import anticsrf
    from .lib.QueryLogic import querylogic

     

     


        import StringIO
    ModuleNotFoundError: No module named 'StringIO'

     Python3中已将StringIO归入io,改成:import io

    或者:

    “import StringIO”改成“from io import StringIO ”,运行成功。

    import StringIO适用于python 2.X

    StringIO.改成io.

     

     


        except Exception, e:
                        ^
    SyntaxError: invalid syntax

    批量替换成:except Exception as e:

     

    ModuleNotFoundError: No module named 'urllib2'

    用urllib.request代替urllib2,批量替换

     

    G:\tools\xunfeng>python web.py
     * Serving Flask app "views" (lazy loading)
     * Environment: production
       WARNING: This is a development server. Do not use it in a production deployment.
       Use a production WSGI server instead.
     * Debug mode: off
     * Running on http://0.0.0.0:80/ (Press CTRL+C to quit)

     

    执行其他的命令,修复错误

    python3中,由于thread有两个很致命的问题,所以python3更推荐用threading代替thread,

    所以,thread被改名为_thread

    import _thread

     

    G:\tools\xunfeng>pip install mongo
    Collecting mongo
      Downloading https://files.pythonhosted.org/packages/30/06/3b87f3487c7c9c6a2ae9994c81f4fda82446b3b2
    96c7f35b0b7824708fc4/mongo-0.2.0.tar.gz
    Requirement already satisfied: pymongo in d:\program files\python37\lib\site-packages (from mongo) (
    3.8.0)
    Installing collected packages: mongo
      Running setup.py install for mongo ... done
    Successfully installed mongo-0.2.0

     

    G:\tools\xunfeng>python nascan/nascan.py
    Traceback (most recent call last):
      File "nascan/nascan.py", line 4, in <module>
        from lib.common import *
      File "G:\tools\xunfeng\nascan\lib\common.py", line 4, in <module>
        import log
      File "D:\Program Files\Python37\lib\log.py", line 5, in <module>
        reload(sys)
    NameError: name 'reload' is not defined

    from importlib import reload

     

    修复xunfeng\nascan\lib下的log.py,scan.py,cidr.py,icmp.py,mongo.py...

    还是会相对路径错误,最后还是将某些导入修改为类似:from . import log,过了一个from .

    不要执行pip install config

     

     


        sys.setdefaultencoding('utf8')
    AttributeError: module 'sys' has no attribute 'setdefaultencoding'

    去掉:sys.setdefaultencoding('utf8')

     

    python3 中引入Queue 会报出这个问题,需小写的
    python3 中这样引入:import queue
    python2 中这样引入:import Queue
    为了兼容 可以这样

    import sys
    if sys.version > '3':
        import queue as Queue
    else:
        import Queue
    或者:

    from multiprocessing import Queue

     

     

     

    访问http://127.0.0.1/          直接302出错,跳转到500页面

    500

    INTERNAL SERVER ERROR


     

    访问:

    http://127.0.0.1/login

     

    输入账号密码还是跳转到了500页面127.0.0.1 - - [04/Jul/2019 20:54:19] "POST /login HTTP/1.1" 302 -
    'SecureCookieSession' object has no attribute 'has_key'

    xunfeng\views\lib\Login.py (1 hit)
        Line 11:             if session.has_key('login'):

    Python从2.6版本后中将has_key换成in

    if 'login' in session:

     

    终于成功登陆进入

     

    python vulscan/vulscan.py还有其他问题:

    每次启动都下载:

    b'20190527'
    check version
    new version 20190527
    kunpeng update  20190527
    url https://github.com/opensec-cn/kunpeng/releases/download/20190527/kunpeng_windows_v20190527.zip
    0.00%

    G:\tools\xunfeng\vulscan\kunpeng.py (1 hit)
        Line 37:             print('new version', release['tag_name'])

     

    self.get_version(): b'20190527' 

    版本不知道获取是这样self.kunpeng.GetVersion.restype = c_char_p    

    #  返回值的类型是 'bytes' object
     

    if release['tag_name'] != self.get_version():

    替换成:

    if release['tag_name'].encode() != self.get_version():

     

    update success 20190527
    
     _
    | | ___   _ _ __  _ __   ___ _ __   __ _
    | |/ / | | | '_ \| '_ \ / _ \ '_ \ / _' |
    |   <| |_| | | | | |_) |  __/ | | | (_| |
    |_|\_\\__,_|_| |_| .__/ \___|_| |_|\__, |
                     |_|               |___/
    
    b'20190527'
    vulscan/vulscan.py:266: DeprecationWarning: insert is deprecated. Use insert_one or insert_many inst
    ead.
      na_plugin.insert(plugin_info)
    18701824
    update success 20190527
    
     _
    | | ___   _ _ __  _ __   ___ _ __   __ _
    | |/ / | | | '_ \| '_ \ / _ \ '_ \ / _' |
    |   <| |_| | | | | |_) |  __/ | | | (_| |
    |_|\_\\__,_|_| |_| .__/ \___|_| |_|\__, |
                     |_|               |___/
    
    b'20190527'
    fatal error: runtime: unexpected waitm - semaphore out of sync
    
    goroutine 35 [syscall]:
    runtime.notetsleepg(0x6c071a80, 0x4a817c800, 0x0)
            C:/Go/src/runtime/lock_sema.go:280 +0x52 fp=0x1c0002eff58 sp=0x1c0002eff18 pc=0x6b04c162
    runtime.timerproc(0x6c071a60)
            C:/Go/src/runtime/time.go:288 +0x31c fp=0x1c0002effd8 sp=0x1c0002eff58 pc=0x6b08aaec
    runtime.goexit()
            C:/Go/src/runtime/asm_amd64.s:1333 +0x1 fp=0x1c0002effe0 sp=0x1c0002effd8 pc=0x6b098f61
    created by runtime.(*timersBucket).addtimerLocked
            C:/Go/src/runtime/time.go:170 +0x11b
    
    goroutine 13 [runnable]:
    time.Sleep(0x4a817c800)
            C:/Go/src/runtime/time.go:105 +0x164
    github.com/opensec-cn/kunpeng/plugin/json.loadExtraJSONPlugin()
            D:/gocode/src/github.com/opensec-cn/kunpeng/plugin/json/init.go:129 +0x39
    created by github.com/opensec-cn/kunpeng/plugin/json.init.0
            D:/gocode/src/github.com/opensec-cn/kunpeng/plugin/json/init.go:21 +0x5a
    

    批量替换vulscan/vulscan.py

    a_plugin.insert(plugin_info)替换为:

    a_plugin.insert_one(plugin_info)

     

    b'20190527'
    vulscan/vulscan.py:270: DeprecationWarning: count is deprecated. Use Collection.count_documents inst
    ead.
      if na_plugin.find().count() >= 1:
    vulscan/vulscan.py:177: DeprecationWarning: find_and_modify is deprecated, use find_one_and_delete,
    find_one_and_replace, or find_one_and_update instead
      "$set": {"status": 1}}, sort={'time': 1})
    check version
    vulscan/vulscan.py:177: DeprecationWarning: Passing mapping types for `sort` is deprecated, use a li
    st of (key, direction) pairs instead
      "$set": {"status": 1}}, sort={'time': 1})
    vulscan/vulscan.py:214: DeprecationWarning: count is deprecated. Use Collection.count_documents inst
    ead.
      queue_count = na_task.find({"status": 0, "plan": 0}).count()
    vulscan/vulscan.py:225: DeprecationWarning: update is deprecated. Use replace_one, update_one or upd
    ate_many instead.
      "$set": {"value": load, "up_time": datetime.datetime.now()}})
    new version 20190527
    kunpeng update  20190527
    url https://github.com/opensec-cn/kunpeng/releases/download/20190527/kunpeng_windows_v20190527.zip

    task_req = na_task.find_and_modify({query={"status": 0, "plan": 0}, update={
                                           "$set": {"status": 1}}, sort={'time': 1}})

    替换成:

    task_req = na_task.find_one_and_update({"status": 0, "plan": 0}, {
                                           "$set": {"status": 1}}, {'time': 1})

     

    if na_plugin.find().count()>= 1:

    替换成:

    if na_plugin.count_documents({}) >= 1:

     

    queue_count = na_task.find({"status": 0, "plan": 0}).count()

    替换成:

    queue_count = na_task.count_documents({"status": 0, "plan": 0})

     

    na_heart.update({"name": "load"}, {
                            "$set": {"value": load, "up_time": datetime.datetime.now()}})

    替换成:

    na_heart.update_one({"name": "load"}, {
                            "$set": {"value": load, "up_time": datetime.datetime.now()}})

     

     

    插件安装确认

    插件名:Struts2 052远程代码执行
    描述:当启用 Struts REST的XStream handler去反序列化处理XML请求,可能造成远程代码执行漏洞,进而直接导致服务器被入侵控制。
    作者:wolf@YSRC

    安装失败,一定是姿势不对

    Request URL:http://127.0.0.1/installplugin?unicode=2017-9-6-1

    Request Method:GET

    fail

     

    Search "installplugin" (5 hits in 3 files)
      G:\tools\xunfeng\views\static\buss\js\common.js (1 hit)
        Line 120:             $.get('/installplugin', {unicode: unicode}, function (e) {
      G:\tools\xunfeng\views\view.py (2 hits)
        Line 538: @app.route('/installplugin')
        Line 540: def installplugin():

    print('https://sec.ly.com/xunfeng/getplugin?name=' + item['location'], file_path + file_name)

    结果输出:

    https://sec.ly.com/xunfeng/getplugin?name=s2_052.py

    G:\tools\xunfeng\views/../vulscan/vuldb/s2_052.py

    查看了一下,该文件存在,修改输出错误:

    except Exception as e:
                print(e)
                pass

    结果提示:invalid syntax (s2_052.py, line 56)

    发现是:except Exception, e:

    看来太多插件都是python2.*下开发的,还是要安装python2.*才行

     

    修改:xunfeng\views\view.py,用以将漏洞检测脚本兼容python3.7:

    if os.path.exists(file_path + file_name):
            try:
                if file_name.split('.')[-1] == 'py':
                    json_text = open(file_path + file_name, 'r', encoding='UTF-8').read()
                    json_text = json_text.replace("except Exception, e:","except Exception as e:")
                    json_text = json_text.replace("except Exception,e:","except Exception as e:")
                    json_text = json_text.replace("except urllib2.HTTPError, e:","except urllib2.HTTPError as e:")
                    json_text = json_text.replace("except urllib2.HTTPError,e:","except urllib2.HTTPError as e:")
                    json_text = json_text.replace("except urllib2.URLError, e:","except urllib2.URLError as e:")
                    json_text = json_text.replace("except urllib2.URLError,e:","except urllib2.URLError as e:")
                    if json_text.find('import urllib.request as urllib2')==-1:
                        json_text = json_text.replace("urllib2","urllib.request")
                    json_text = json_text.replace("import Queue","import queue")
                    json_text = json_text.replace("import StringIO","import io")
                    json_text = json_text.replace(" StringIO."," io.")
                    json_text = json_text.replace("\t","    ")
                    json_text = json_text.replace("import urlparse","from urllib.parse import urlparse")
                    json_text = json_text.replace("import HTMLParser","from html.parser import HTMLParser")
                    pat = ' print(.*)\n'
                    ret_1=re.search(pat, json_text)
                    if ret_1 != None:
                        print(ret_1.group())
                        print(ret_1.group(1))
                        json_text = json_text.replace(" print"+ret_1.group(1)," print("+ret_1.group(1)+")")
                        #json_text = re.sub(pat, double, json_text)
                    #print(json_text)
                    # 'str' object has no attribute 'decode'
                    #import codecs
                    #codecs.decode('ab', 'hex')
                    pat = "    return (.*)\.decode\('hex'\)"
                    ret_2=re.search(pat, json_text)
                    if ret_2 != None:
                        print(ret_2.group(1))
                        json_text = json_text.replace(json_text,"import codecs\n"+json_text)
                        json_text = json_text.replace("    return "+ret_2.group(1)+".decode('hex')","    return str(codecs.decode("+ret_2.group(1)+",'hex'))")
                    with open(file_path + file_name,'w+',encoding='utf-8') as f:
                        f.write(json_text)
                        f.seek(0)
                    module = __import__(file_name.split('.')[0])   #这个位置导致插件安装失败,python2.*兼容问题
                    print("兼容")
                    mark_json = module.get_plugin_info()
                    json_string['filename'] = file_name.split('.')[0]
                else:
                    json_text = open(file_path + file_name, 'r', encoding='UTF-8').read()
                    mark_json = json.loads(json_text)
                    json_string['filename'] = file_name
                    mark_json.pop('plugin')
                
                json_string.update(mark_json)
                Mongo.coll['Plugin'].insert(json_string)
                Mongo.coll['Update'].update_one({'unicode': unicode}, {'$set': {'isInstall': 1}})
                rsp = 'success'
            except Exception as e:
                print("error:",e)
                pass
        return rsp

     

    替换xunfeng\vulscan\vuldb下的脚本相应代码

关键字

上一篇: SMOTE python实现

下一篇: Python3 类