-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathvulnpress.py
73 lines (55 loc) · 2.23 KB
/
vulnpress.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
import tornado.ioloop
import tornado.web
from src.db.db import Db
from src.exploit.exploit import Exploit
class Vulnpress:
def __init__(self, hostname, protocol, username=None, password=None):
self.exploiter = Exploit(hostname, protocol, username, password)
class MainHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
self.render('main.html')
def post(self, *args, **kwargs):
exploit_type = self.get_argument('exploit_type')
results = None
if exploit_type is not None:
vp = Vulnpress(self.format_hostname(self.get_argument('hostname', None)),
self.get_argument('protocol', 'http://'), self.get_argument('username', None),
self.get_argument('password', None))
if exploit_type == 'all':
results = vp.exploiter.exploit()
else:
results = vp.exploiter.exploit(exploit_type)
self.write(results)
@staticmethod
def format_hostname(hostname):
if hostname[:7] == "http://":
hostname = hostname[7:]
elif hostname[:8] == "https://":
hostname = hostname[8:]
if hostname[:4] == "www.":
hostname = hostname[4:]
return hostname.strip()
class ExploitHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
exploit = Db().get_exploit_by_id(self.get_argument('id'))
self.render('exploit.html', exploit=exploit, type=Db().get_exploit_type_by_id(exploit.type_id))
class ExploitsHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
exploits = Db().get_exploits()
self.render('exploits.html', exploits=exploits)
class Init(tornado.web.Application):
def __init__(self):
handlers = [
(r"/", MainHandler),
(r"/exploit", ExploitHandler),
(r"/exploits", ExploitsHandler)
]
settings = {
'debug': True,
'template_path': 'web/templates',
'static_path': "web"
}
tornado.web.Application.__init__(self, handlers, **settings)
if __name__ == "__main__":
Init().listen(8888, address='localhost')
tornado.ioloop.IOLoop.current().start()