update

Author: Ciyfly

.gitignore

@@ -0,0 +1,133 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+pip-wheel-metadata/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+.python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+log/
+/venv
+
+*.db
+output

1.txt

@@ -1,2 +1,25 @@
+<!--
+ * @Date: 2022-01-11 18:08:25
+ * @LastEditors: recar
+ * @LastEditTime: 2022-01-12 11:04:18
+-->
 # mullet
 被动代理扫描器 梭鱼
+
+
+代理模块  
+url去重模块  
+任务分发模块 多生产者多消费者模块 多队列形式  
+指纹识别模块  
+poc通用模块  
+通用检测模块  
+漏洞报告模块  
+日志模块 日志要酷炫  
+参数控制模块  
+
+一个流程:  
+指纹识别->分析出是啥指纹后增加poc任务
+敏感目录备份文件等扫描
+上面一个url就可以添加出来任务了
+
+然后代理访问开始后或者后续流量有url的就交给url识别  

README.md

@@ -0,0 +1,2 @@
+[options]
+model=debug

config/config.ini

@@ -0,0 +1,4 @@
+<html>
+<h1>test</h1>
+{0}
+</html>

config/report.template

@@ -0,0 +1,7 @@
+#!/usr/bin/python
+# coding=utf-8
+'''
+Date: 2022-01-12 16:28:33
+LastEditors: recar
+LastEditTime: 2022-01-12 16:28:33
+'''

lib/cmd_parse.py

@@ -0,0 +1,132 @@
+#!/usr/bin/python
+# coding=utf-8
+'''
+Date: 2022-01-12 11:05:17
+LastEditors: recar
+LastEditTime: 2022-01-12 18:52:06
+'''
+from lib.work import Worker
+from plugins.report import Report
+from plugins.fingerprint.fingerprint import Fingerprint
+from plugins.sensitive_info.dis_sen_info import DisSenInfo
+from lib.log import logger
+from lib.utils import Utils
+from queue import Queue
+import importlib
+import os
+
+class Controller(object):
+    def __init__(self,):
+        self.domains = set()
+        self.urls = set()
+        self.result_queue = Queue()
+        self.logger = logger
+        base_path = os.path.dirname(os.path.abspath(__file__))
+        plugins_dir = os.path.join(base_path, "../", 'plugins')
+        fingerprint_dir = os.path.join(plugins_dir, 'fingerprint')
+        sensitive_info_dir = os.path.join(plugins_dir, 'sensitive_info')
+        general_dir = os.path.join(plugins_dir, 'general')
+        poc_dir = os.path.join(plugins_dir, 'poc')
+        # 注册
+        fingerprint_list = list()
+        sensitive_info_list = list()
+        general_list = list()
+        poc_list = list()
+        
+        # 启动报告模块
+        report = Report(self.result_queue)
+        report.run()
+        # init modul
+        self._run_fingerprint()
+        # self._run_sensitive_info()
+        # self._run_general()
+        # self._run_poc()
+
+
+    # 指纹
+    def _run_fingerprint(self):
+        fingerprint_handler = Fingerprint(self.result_queue)
+        def consumer(data):
+            data = data[1].get("data")
+            url_info = data.get("url_info")
+            req = data.get("req")
+            rsp = data.get("rsp")
+            fingerprint_handler.run(url_info, req, rsp)
+        self.fingerprint_work = Worker(consumer, consumer_count=1, logger=logger)
+
+    # 敏感信息
+    # def _run_sensitive_info(self):
+    #     disSenInfo_handler = DisSenInfo(self.result_queue)
+    #     def consumer(data):
+    #         data = data[1].get("data")
+    #         url_info = data.get("url_info")
+    #         req = data.get("req")
+    #         rsp = data.get("rsp")
+    #         disSenInfo_handler.run(url_info, req, rsp)
+    #     self.disSenInfo_work = Worker(consumer, consumer_count=1)
+
+    # # 通用插件
+    # def _run_general(self):
+    #     def consumer(data):
+    #         data = data[1].get("data")
+    #         plugins_name = data.get("plugins")
+    #         req = data.get("req")
+    #         rsp = data.get("rsp")
+    #         url_info = data.get("url_info")
+    #         # 动态实例插件名称并传递req和rsp来执行
+    #         metaclass = importlib.import_module(plugins_name)
+    #         metaclass.Scan().run(url_info, req, rsp)
+    #     self.general_work = Worker(consumer, consumer_count=10)
+
+    # # poc插件
+    # # 先直接poc全发一下
+    # def _run_poc(self):
+    #     def consumer(data):
+    #         data = data[1].get("data")
+    #         plugins_name = data.get("plugins")
+    #         req = data.get("req")
+    #         rsp = data.get("rsp")
+    #         url_info = data.get("url_info")
+    #         # 动态实例插件名称并传递req和rsp来执行
+    #         metaclass = importlib.import_module(plugins_name)
+    #         metaclass.Scan().run(url_info, req, rsp)
+    #     self.poc_work = Worker(consumer, consumer_count=10)
+
+
+    # 入口分发任务
+    def run(self, url_info, req, rsp):
+        domain =  url_info.get('host')
+        gener_url = url_info.get("gener_url")
+        if len(self.domains)<1:
+            self.domains.add(domain)
+            self.logger.info(f"gen task fingerprint: {domain}")
+            # 推指纹
+            self.fingerprint_work.put({"data":{
+                "url_info": url_info,
+                "req": req,
+                "rsp": rsp
+            }})
+            # 推敏感信息扫描
+        #     self.logger.info("gen task disSenInfo")
+        #     self.disSenInfo_work.put({
+        #         "url_info": url_info,
+        #         "req": req,
+        #         "rsp": rsp
+        #     })
+        #     # 推poc
+        #     self.logger.info("gen task poc")
+        #     self.poc_work.put({
+        #         "url_info": url_info,
+        #         "req": req,
+        #         "rsp": rsp
+        #     })
+        #     self.domains.add(domain)
+        # if gener_url not in self.urls:
+        #     # 推通用插件
+        #     self.logger.info("gen task general")
+        #     self.general_work.put({
+        #         "url_info": url_info,
+        #         "req": req,
+        #         "rsp": rsp
+        #     })
+        #     self.urls.add(gener_url)

lib/controller.py

@@ -0,0 +1,7 @@
+#!/usr/bin/python
+# coding=utf-8
+'''
+Date: 2022-01-12 10:03:45
+LastEditors: recar
+LastEditTime: 2022-01-12 10:03:45
+'''

lib/core.py

@@ -0,0 +1,33 @@
+#!/usr/bin/python
+# coding=utf-8
+'''
+Date: 2021-03-23 15:51:56
+LastEditors: recar
+LastEditTime: 2022-01-12 16:34:55
+'''
+from lib.utils import Utils
+from lib.controller import Controller
+from lib.log import logger
+import sys
+sys.path.append('../')
+controller = Controller()
+
+class Filter(object):
+    @staticmethod
+    def parser_request(flow):
+        del flow.request.headers['Accept-Encoding']
+
+    @staticmethod
+    def parser_response(flow):
+        url_info = Utils.parser_url(flow)
+        req = Utils.parser_req(flow)
+        rsp = Utils.parser_rsp(flow)
+        # check
+        if not url_info:
+            return
+        logger.debug("url: {0} type: {1}".format(url_info["url"], url_info['type']))
+        # insert url
+        controller.run(url_info, req, rsp)
+
+
+