• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Python settings.print_warning_msg函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Python中src.utils.settings.print_warning_msg函数的典型用法代码示例。如果您正苦于以下问题:Python print_warning_msg函数的具体用法?Python print_warning_msg怎么用?Python print_warning_msg使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了print_warning_msg函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。

示例1: ps_check

def ps_check():
  if settings.PS_ENABLED == None and menu.options.is_admin or menu.options.users or menu.options.passwords:
    if settings.VERBOSITY_LEVEL >= 1:
      print ""
    warn_msg = "The payloads in some options that you "
    warn_msg += "have chosen, are requiring the use of PowerShell. "
    print settings.print_warning_msg(warn_msg)
    while True:
      question_msg = "Do you want to use the \"--ps-version\" option "
      question_msg += "so ensure that PowerShell is enabled? [Y/n/q] > "
      sys.stdout.write(settings.print_question_msg(question_msg))
      ps_check = sys.stdin.readline().replace("\n","").lower()
      if ps_check in settings.CHOICE_YES:
        menu.options.ps_version = True
        break
      elif ps_check in settings.CHOICE_NO:
        break
      elif ps_check in settings.CHOICE_QUIT:
        print ""
        os._exit(0)
      else:  
        if ps_check == "":
          ps_check = "enter"
        err_msg = "'" + ps_check + "' is not a valid answer."  
        print settings.print_error_msg(err_msg)
        pass
开发者ID:cryptedwolf,项目名称:commix,代码行数:26,代码来源:checks.py


示例2: is_empty

def is_empty(multi_parameters, http_request_method):
  provided_value = []
  multi_params = [s for s in multi_parameters]
  for empty in multi_params:
    try:
      if settings.IS_JSON:
        if re.findall(r'\:\"(.*)\"', empty)[0] == "":
          provided_value.append(re.findall(r'\"(.*)\"\:\"', empty)[0])
      elif settings.IS_XML:
        if re.findall(r'>(.*)<', empty)[0] == "" or \
           re.findall(r'>(.*)<', empty)[0] == " ":
          provided_value.append(re.findall(r'</(.*)>', empty)[0])  
      elif len(empty.split("=")[1]) == 0:
        provided_value.append(empty.split("=")[0])
    except IndexError:
      if not settings.IS_XML:
        err_msg = "No parameter(s) found for testing in the provided data."
        print settings.print_critical_msg(err_msg)
        raise SystemExit()
        
  provided_value = ", ".join(provided_value)
  if len(provided_value) > 0:
    if menu.options.skip_empty and len(multi_parameters) > 1:
      skip_empty(provided_value, http_request_method)
    else:
      warn_msg = "The provided value"+ "s"[len(provided_value.split(",")) == 1:][::-1]
      warn_msg += " for "+ http_request_method + " parameter" + "s"[len(provided_value.split(",")) == 1:][::-1]
      warn_msg += " '" + provided_value + "'"
      warn_msg += (' are ', ' is ')[len(provided_value.split(",")) == 1] + "empty. "
      warn_msg += "Use valid "
      warn_msg += "values to run properly."
      print settings.print_warning_msg(warn_msg)
      return True
开发者ID:security-geeks,项目名称:commix,代码行数:33,代码来源:checks.py


示例3: check_for_update

def check_for_update():
  
  try:
    response = urllib2.urlopen('https://raw.githubusercontent.com/stasinopoulos/commix/master/src/utils/settings.py')
    version_check = response.readlines()
    for line in version_check:
      line = line.rstrip()
      if "VERSION = " in line:
        update_version = line.replace("VERSION = ", "").replace("\"", "")
        break 
    if float(settings.VERSION.replace(".","")) < float(update_version.replace(".","")):
      warn_msg = "Current version seems to be out-of-date."
      print settings.print_warning_msg(warn_msg)
      while True:
        question_msg = "Do you want to update to the latest version now? [Y/n] > "
        sys.stdout.write(settings.print_question_msg(question_msg))
        do_update = sys.stdin.readline().replace("\n","").lower()
        if do_update in settings.CHOICE_YES:
            updater()
            os._exit(0)
        elif do_update in settings.CHOICE_NO:
          break
        else:
          if do_update == "":
            do_update = "enter"
          err_msg = "'" + do_update + "' is not a valid answer."  
          print settings.print_error_msg(err_msg)
          pass
  except:
    print ""
    pass

# eof
开发者ID:cryptedwolf,项目名称:commix,代码行数:33,代码来源:update.py


示例4: server_identification

def server_identification(server_banner):
  found_server_banner = False
  if settings.VERBOSITY_LEVEL >= 1:
    info_msg = "Identifying the target server... " 
    sys.stdout.write(settings.print_info_msg(info_msg))
    sys.stdout.flush()

  for i in range(0,len(settings.SERVER_BANNERS)):
    match = re.search(settings.SERVER_BANNERS[i].lower(), server_banner.lower())
    if match:
      if settings.VERBOSITY_LEVEL >= 1:
        print "[ " + Fore.GREEN + "SUCCEED" + Style.RESET_ALL + " ]"
      if settings.VERBOSITY_LEVEL >= 1:
        success_msg = "The target server was identified as " 
        success_msg += server_banner + Style.RESET_ALL + "."
        print settings.print_success_msg(success_msg)
      settings.SERVER_BANNER = match.group(0)
      found_server_banner = True
      # Set up default root paths
      if "apache" in settings.SERVER_BANNER.lower():
        if settings.TARGET_OS == "win":
          settings.WEB_ROOT = "\\htdocs"
        else:
          settings.WEB_ROOT = "/var/www"
      elif "nginx" in settings.SERVER_BANNER.lower(): 
        settings.WEB_ROOT = "/usr/share/nginx"
      elif "microsoft-iis" in settings.SERVER_BANNER.lower():
        settings.WEB_ROOT = "\\inetpub\\wwwroot"
      break
  else:
    if settings.VERBOSITY_LEVEL >= 1:
      print "[ " + Fore.RED + "FAILED" + Style.RESET_ALL + " ]"
      warn_msg = "The server which was identified as '" 
      warn_msg += server_banner + "' seems unknown."
      print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:35,代码来源:requests.py


示例5: warning_detection

def warning_detection(url, http_request_method):
  try:
    # Find the host part
    url_part = url.split("=")[0]
    request = urllib2.Request(url_part)
    # Check if defined extra headers.
    headers.do_check(request)
    response = requests.get_request_response(request)
    if response:
      response = urllib2.urlopen(request)
      html_data = response.read()
      err_msg = ""
      if "eval()'d code" in html_data:
        err_msg = "'eval()'"
      if "Cannot execute a blank command in" in html_data:
        err_msg = "execution of a blank command,"
      if "sh: command substitution:" in html_data:
        err_msg = "command substitution"
      if "Warning: usort()" in html_data:
        err_msg = "'usort()'"
      if re.findall(r"=/(.*)/&", url):
        if "Warning: preg_replace():" in html_data:
          err_msg = "'preg_replace()'"
        url = url.replace("/&","/e&")
      if "Warning: assert():" in html_data:
        err_msg = "'assert()'"
      if "Failure evaluating code:" in html_data:
        err_msg = "code evaluation"
      if err_msg != "":
        warn_msg = "A failure message on " + err_msg + " was detected on page's response."
        print settings.print_warning_msg(warn_msg)
    return url
  except urllib2.HTTPError, err_msg:
    print settings.print_critical_msg(err_msg)
    raise SystemExit()
开发者ID:Cyber-Forensic,项目名称:commix,代码行数:35,代码来源:eb_injector.py


示例6: application_identification

def application_identification(server_banner, url):
  found_application_extension = False
  if settings.VERBOSITY_LEVEL >= 1:
    info_msg = "Identifying the target application ... " 
    sys.stdout.write(settings.print_info_msg(info_msg))
    sys.stdout.flush()
  root, application_extension = splitext(urlparse(url).path)
  settings.TARGET_APPLICATION = application_extension[1:].upper()
  
  if settings.TARGET_APPLICATION:
    found_application_extension = True
    if settings.VERBOSITY_LEVEL >= 1:
      print "[ " + Fore.GREEN + "SUCCEED" + Style.RESET_ALL + " ]"           
      success_msg = "The target application was identified as " 
      success_msg += settings.TARGET_APPLICATION + Style.RESET_ALL + "."
      print settings.print_success_msg(success_msg)

    # Check for unsupported target applications
    for i in range(0,len(settings.UNSUPPORTED_TARGET_APPLICATION)):
      if settings.TARGET_APPLICATION.lower() in settings.UNSUPPORTED_TARGET_APPLICATION[i].lower():
        err_msg = settings.TARGET_APPLICATION + " exploitation is not yet supported."  
        print settings.print_critical_msg(err_msg)
        raise SystemExit()

  if not found_application_extension:
    if settings.VERBOSITY_LEVEL >= 1:
      print "[ " + Fore.RED + "FAILED" + Style.RESET_ALL + " ]"
    warn_msg = "Heuristics have failed to identify target application."
    print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:29,代码来源:requests.py


示例7: check_options

def check_options(url, cmd, cve, check_header, filename, os_shell_option, http_request_method, go_back, go_back_again):

  if os_shell_option == False:
    if no_result == True:
      return False
    else:
      return True 

  # The "back" option
  elif os_shell_option == "back":
    go_back = True
    return go_back, go_back_again

  # The "os_shell" option
  elif os_shell_option == "os_shell": 
    warn_msg = "You are already into the '" + os_shell_option + "' mode."
    print settings.print_warning_msg(warn_msg)+ "\n"

  # The "bind_tcp" option
  elif os_shell_option == "bind_tcp":
    go_back, go_back_again = bind_tcp_config(url, cmd, cve, check_header, filename, os_shell_option, http_request_method, go_back, go_back_again)
    return go_back, go_back_again

  # The "reverse_tcp" option
  elif os_shell_option == "reverse_tcp":
    go_back, go_back_again = reverse_tcp_config(url, cmd, cve, check_header, filename, os_shell_option, http_request_method, go_back, go_back_again)
    return go_back, go_back_again

  # The "quit" option
  elif os_shell_option == "quit":                    
    raise SystemExit()
开发者ID:security-geeks,项目名称:commix,代码行数:31,代码来源:shellshock.py


示例8: hostname

def hostname(separator, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, timesec):
  if settings.TARGET_OS == "win":
    settings.HOSTNAME = settings.WIN_HOSTNAME 
  cmd = settings.HOSTNAME
  if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
    # Command execution results.
    response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
    # Perform target page reload (if it is required).
    if settings.URL_RELOAD:
      response = requests.url_reload(url, timesec)
    # Evaluate injection results.
    shell = cb_injector.injection_results(response, TAG, cmd)
    shell = "".join(str(p) for p in shell)
    session_handler.store_cmd(url, cmd, shell, vuln_parameter)
  else:
    shell = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
  if shell:
    shell = "".join(str(p) for p in shell)
    success_msg = "The hostname is " +  shell
    sys.stdout.write(settings.print_success_msg(success_msg) + ".\n")
    sys.stdout.flush()
    # Add infos to logs file. 
    output_file = open(filename, "a")
    success_msg = "The hostname is " + shell + ".\n"
    output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.SUCCESS_SIGN) + success_msg)
    output_file.close()
  else:
    warn_msg = "Heuristics have failed to identify the hostname."
    print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:29,代码来源:cb_enumeration.py


示例9: powershell_version

def powershell_version(separator, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename): 
  cmd = settings.PS_VERSION
  if alter_shell:
    cmd = cmd.replace("'","\\'")
  #Command execution results.
  response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
  # Evaluate injection results.
  if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None:
    # Evaluate injection results.
    ps_version = cb_injector.injection_results(response, TAG, cmd)
    ps_version = "".join(str(p) for p in ps_version)
    session_handler.store_cmd(url, cmd, ps_version, vuln_parameter)
  else:
    ps_version = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
  try:
    if float(ps_version):
      settings.PS_ENABLED = True
      if settings.VERBOSITY_LEVEL >= 1:
        print ""
      # Output PowerShell's version number
      success_msg = "The PowerShell's version number is " 
      success_msg += ps_version + Style.RESET_ALL + Style.BRIGHT
      sys.stdout.write(settings.print_success_msg(success_msg) + ".\n")
      sys.stdout.flush()
      # Add infos to logs file. 
      output_file = open(filename, "a")
      success_msg = "The PowerShell's version number is " + ps_version + ".\n"
      output_file.write("    " + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.SUCCESS_SIGN) + success_msg)
      output_file.close()
  except ValueError:
    warn_msg = "Heuristics have failed to identify PowerShell's version, "
    warn_msg += "which means that some payloads or injection techniques may be failed."
    print settings.print_warning_msg(warn_msg)
    settings.PS_ENABLED = False
    checks.ps_check_failed()
开发者ID:BMaChina,项目名称:commix,代码行数:35,代码来源:cb_enumeration.py


示例10: hostname

def hostname(separator, maxlen, TAG, cmd, prefix, suffix, whitespace, timesec, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response):
  _ = False
  cmd = settings.HOSTNAME
  if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
    # The main command injection exploitation.
    check_how_long, output = tb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, whitespace, timesec, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response)
    session_handler.store_cmd(url, cmd, output, vuln_parameter)
    _ = True
  else:
    output = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
  shell = output 
  if shell:
    if settings.VERBOSITY_LEVEL <= 1 and not menu.options.ignore_session and _:
      print ""
    success_msg = "The hostname is " +  shell
    sys.stdout.write(settings.print_success_msg(success_msg) + ".")
    sys.stdout.flush()
    # Add infos to logs file. 
    output_file = open(filename, "a")
    success_msg = "The hostname is " + shell + ".\n"
    output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.SUCCESS_SIGN) + success_msg)
    output_file.close()
  else:
    warn_msg = "Heuristics have failed to identify the hostname."
    print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:25,代码来源:tb_enumeration.py


示例11: exploitation

def exploitation(url, delay, filename, http_request_method, url_time_response):
  if url_time_response >= settings.SLOW_TARGET_RESPONSE:
    warn_msg = "It is highly recommended, due to serious response delays, "
    warn_msg += "to skip the time-based (blind) technique and to continue "
    warn_msg += "with the file-based (semiblind) technique."
    print settings.print_warning_msg(warn_msg)
    go_back = False
    while True:
      if go_back == True:
        return False
      question_msg = "How do you want to proceed? [(C)ontinue/(s)kip/(q)uit] > "
      proceed_option = raw_input(settings.print_question_msg(question_msg)).lower()
      if proceed_option.lower() in settings.CHOICE_PROCEED :
        if proceed_option.lower() == "s":
          from src.core.injections.semiblind.techniques.file_based import fb_handler
          fb_handler.exploitation(url, delay, filename, http_request_method, url_time_response)
        elif proceed_option.lower() == "c":
          if tb_injection_handler(url, delay, filename, http_request_method, url_time_response) == False:
            return False
        elif proceed_option.lower() == "q":
          raise SystemExit()
      else:
        if proceed_option == "":
          proceed_option = "enter"
        err_msg = "'" + proceed_option + "' is not a valid answer."
        print settings.print_error_msg(err_msg) + "\n"
        pass
  else:
    if tb_injection_handler(url, delay, filename, http_request_method, url_time_response) == False:
      return False
开发者ID:ardiansn,项目名称:commix,代码行数:30,代码来源:tb_handler.py


示例12: system_information

def system_information(separator, payload, TAG, timesec, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename):    
  if settings.TARGET_OS == "win":
    settings.RECOGNISE_OS = settings.WIN_RECOGNISE_OS
  cmd = settings.RECOGNISE_OS        
  if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
    # Command execution results.
    response = fb_injector.injection(separator, payload, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
    # Evaluate injection results.
    target_os = fb_injector.injection_results(url, OUTPUT_TEXTFILE, timesec)
    target_os = "".join(str(p) for p in target_os)
    session_handler.store_cmd(url, cmd, target_os, vuln_parameter)
  else:
    target_os = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
  if target_os:
    target_os = "".join(str(p) for p in target_os)
    if settings.TARGET_OS != "win":
      cmd = settings.DISTRO_INFO
      if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
        # Command execution results.
        response = fb_injector.injection(separator, payload, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
        # Perform target page reload (if it is required).
        if settings.URL_RELOAD:
          response = requests.url_reload(url, timesec)
        # Evaluate injection results.
        distro_name = fb_injector.injection_results(url, OUTPUT_TEXTFILE, timesec)
        distro_name = "".join(str(p) for p in distro_name)
        if len(distro_name) != 0:
          target_os = target_os + " (" + distro_name + ")"
        session_handler.store_cmd(url, cmd, target_os, vuln_parameter)
      else:
        target_os = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
    if settings.TARGET_OS == "win":
      cmd = settings.WIN_RECOGNISE_HP
    else:
      cmd = settings.RECOGNISE_HP
    if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
      # Command execution results.
      response = fb_injector.injection(separator, payload, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
      # Evaluate injection results.
      target_arch = fb_injector.injection_results(url, OUTPUT_TEXTFILE, timesec)
      target_arch = "".join(str(p) for p in target_arch)
      session_handler.store_cmd(url, cmd, target_arch, vuln_parameter)
    else:
      target_arch = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
    if target_arch:
      # if settings.VERBOSITY_LEVEL >= 1:
      #   print ""
      success_msg = "The target operating system is " +  target_os + Style.RESET_ALL  
      success_msg += Style.BRIGHT + " and the hardware platform is " +  target_arch
      sys.stdout.write(settings.print_success_msg(success_msg) + ".\n")
      sys.stdout.flush()
      # Add infos to logs file.   
      output_file = open(filename, "a")
      success_msg = "The target operating system is " + target_os
      success_msg += " and the hardware platform is " + target_arch + ".\n"
      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.SUCCESS_SIGN) + success_msg)
      output_file.close()
  else:
    warn_msg = "Heuristics have failed to retrieve the system information."
    print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:60,代码来源:fb_enumeration.py


示例13: continue_tests

def continue_tests(err):
  # If defined "--ignore-401" option, ignores HTTP Error 401 (Unauthorized) 
  # and continues tests without providing valid credentials.
  if menu.options.ignore_401:
    settings.WAF_ENABLED = True
    return True

  # Possible WAF/IPS/IDS
  if (str(err.code) == "403" or "406") and \
    not menu.options.skip_waf:
    # Check if "--skip-waf" option is defined 
    # that skips heuristic detection of WAF/IPS/IDS protection.
    settings.WAF_ENABLED = True
    warn_msg = "It seems that target is protected by some kind of WAF/IPS/IDS."
    print settings.print_warning_msg(warn_msg)
  try:
    while True:
      question_msg = "Do you want to ignore the error (" + str(err.code) 
      question_msg += ") message and continue the tests? [Y/n/q] > "
      continue_tests = raw_input(settings.print_question_msg(question_msg)).lower()
      if continue_tests in settings.CHOICE_YES:
        return True
      elif continue_tests in settings.CHOICE_NO:
        return False
      elif continue_tests in settings.CHOICE_QUIT:
        return False
      else:
        if continue_tests == "":
          continue_tests = "enter"
        err_msg = "'" + continue_tests + "' is not a valid answer."  
        print settings.print_error_msg(err_msg) + "\n"
        pass
  except KeyboardInterrupt:
    print "\n" + Back.RED + settings.ABORTION_SIGN + "Ctrl-C was pressed!" + Style.RESET_ALL
    raise SystemExit()
开发者ID:ardiansn,项目名称:commix,代码行数:35,代码来源:checks.py


示例14: injection_proccess

def injection_proccess(url, check_parameter, http_request_method, filename, delay):

  # User-Agent Injection / Referer Injection / Custom header Injection 
  if check_parameter.startswith(" "):
    header_name = ""
    the_type = " HTTP header "
  else:
    if settings.COOKIE_INJECTION: 
      header_name = " cookie"
    else:
      header_name = ""
    the_type = " parameter "
    check_parameter = " '" + check_parameter + "'"

  # Load modules
  modules_handler.load_modules(url, http_request_method, filename)

  if not settings.LOAD_SESSION:
    info_msg = "Setting the " + "(" + http_request_method 
    info_msg += ")" + check_parameter + header_name + the_type + "for tests."
    print settings.print_info_msg(info_msg)

  # Estimating the response time (in seconds)
  delay, url_time_response = requests.estimate_response_time(url, http_request_method, delay)

  # Check if it is vulnerable to classic command injection technique.
  if not menu.options.tech or "c" in menu.options.tech:
    if cb_handler.exploitation(url, delay, filename, http_request_method) != False:
      settings.CLASSIC_STATE = True
  else:
    settings.CLASSIC_STATE = False

  # Check if it is vulnerable to eval-based code injection technique.
  if not menu.options.tech or "e" in menu.options.tech:
    if eb_handler.exploitation(url, delay, filename, http_request_method) != False:
      settings.EVAL_BASED_STATE = True
  else:
    settings.EVAL_BASED_STATE = False

  # Check if it is vulnerable to time-based blind command injection technique.
  if not menu.options.tech or "t" in menu.options.tech:
    if tb_handler.exploitation(url, delay, filename, http_request_method, url_time_response) != False:
      settings.TIME_BASED_STATE = True
  else:
    settings.TIME_BASED_STATE = False

  # Check if it is vulnerable to file-based semiblind command injection technique.
  if not menu.options.tech or "f" in menu.options.tech:
    if fb_handler.exploitation(url, delay, filename, http_request_method, url_time_response) != False:
      settings.FILE_BASED_STATE = True
  else:
    settings.FILE_BASED_STATE = False

  # All injection techniques seems to be failed!
  if settings.CLASSIC_STATE == settings.EVAL_BASED_STATE == settings.TIME_BASED_STATE == settings.FILE_BASED_STATE == False :
    warn_msg = "The tested (" + http_request_method + ")" 
    warn_msg += check_parameter + header_name + the_type 
    warn_msg += "seems to be not injectable."
    print settings.print_warning_msg(warn_msg)  
开发者ID:ardiansn,项目名称:commix,代码行数:59,代码来源:controller.py


示例15: check_whitespaces

def check_whitespaces():
  if settings.WHITESPACE[0] != "%20" and settings.WHITESPACE[0] != urllib.unquote("%20"):
    warn_msg = "Whitespaces are important for time-relative techniques, "
    warn_msg += "thus whitespace characters had been reset to default."
    print settings.print_warning_msg(warn_msg)
  if settings.WHITESPACE[0] != urllib.unquote("%20"):
    whitespace = " "
    return whitespace  
开发者ID:cryptedwolf,项目名称:commix,代码行数:8,代码来源:checks.py


示例16: load_cmd_history

def load_cmd_history():
  try:
    cli_history = os.path.expanduser(settings.CLI_HISTORY)
    if os.path.exists(cli_history):
      readline.read_history_file(cli_history)
  except (IOError, AttributeError) as e:
    warn_msg = "There was a problem loading the history file '" + cli_history + "'."
    print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:8,代码来源:logs.py


示例17: configure_reverse_tcp

def configure_reverse_tcp(separator):
  # Set up LHOST for the reverse TCP connection
  while True:
    option = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """reverse_tcp""" + Style.RESET_ALL + """) > """)
    if option.lower() == "reverse_tcp": 
      warn_msg = "You are already into the '" + option.lower() + "' mode."
      print settings.print_warning_msg(warn_msg)
      continue
    if option.lower() == "?": 
      menu.reverse_tcp_options()
      continue
    if option.lower() == "quit": 
      raise SystemExit()
    elif option.lower() == "os_shell" or option.lower() == "back": 
      settings.REVERSE_TCP = False   
      break 
    elif option.lower() == "bind_tcp":
      settings.BIND_TCP = True
      settings.REVERSE_TCP = False
      break 
    elif len(settings.LPORT) != 0 and len(settings.LHOST) != 0:
      break 
    elif option[0:4].lower() == "set ":
      if option[4:10].lower() == "lhost ":
        if check_lhost(option[10:]):
          if len(settings.LPORT) == 0:
            pass
          else:
            break
        else:
          continue
      elif option[4:10].lower() == "rhost ":
        err_msg =  "The '" + option[4:9].upper() + "' option, is not "
        err_msg += "usable for 'reverse_tcp' mode. Use 'LHOST' option."
        print settings.print_error_msg(err_msg)  
        continue  
      elif option[4:10].lower() == "lport ":
        if check_lport(option[10:]):
          if len(settings.LHOST) == 0:
            pass
          else:
            break
        else:
          continue
      elif option[4:12].lower() == "srvport ":
        check_srvport(option[12:])
      elif option[4:12].lower() == "uripath ":
        check_uripath(option[12:])
      else:
        err_msg = "The '" + option + "' option, is not valid."
        print settings.print_error_msg(err_msg)
        pass
    else:
      err_msg = "The '" + option + "' option, is not valid."
      print settings.print_error_msg(err_msg)
      pass

# eof
开发者ID:security-geeks,项目名称:commix,代码行数:58,代码来源:reverse_tcp.py


示例18: no_readline_module

def no_readline_module():
  warn_msg =  "It seems that your platform does "
  warn_msg += "not have GNU 'readline' module installed."
  warn_msg += " For tab-completion support in your shell, download the"
  if settings.IS_WINDOWS:
    warn_msg += " 'pyreadline' module (https://pypi.python.org/pypi/pyreadline).\n"
  else:  
    warn_msg += " 'gnureadline' module (https://pypi.python.org/pypi/gnureadline).\n" 
  print settings.print_warning_msg(warn_msg) 
开发者ID:cryptedwolf,项目名称:commix,代码行数:9,代码来源:checks.py


示例19: system_information

def system_information(separator, maxlen, TAG, cmd, prefix, suffix, whitespace, timesec, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response):
  _ = False  
  if settings.TARGET_OS == "win":
    settings.RECOGNISE_OS = settings.WIN_RECOGNISE_OS
  cmd = settings.RECOGNISE_OS        
  if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
    # The main command injection exploitation.
    check_how_long, output = tb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, whitespace, timesec, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response)
    session_handler.store_cmd(url, cmd, output, vuln_parameter)
    _ = True
  else:
    output = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
  target_os = output
  if settings.VERBOSITY_LEVEL <= 1 and not menu.options.ignore_session and _:
    print ""
  if target_os:
    if settings.TARGET_OS != "win":
      cmd = settings.DISTRO_INFO
      if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
        if settings.VERBOSITY_LEVEL <= 1 and not menu.options.ignore_session and _:
          sys.stdout.write("")
        check_how_long, output = tb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, whitespace, timesec, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response)
        session_handler.store_cmd(url, cmd, output, vuln_parameter)
      else:
        output = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
      distro_name = output
      if len(distro_name) != 0:
          target_os = target_os + " (" + distro_name + ")"
    if settings.TARGET_OS == "win":
      cmd = settings.WIN_RECOGNISE_HP
    else:
      cmd = settings.RECOGNISE_HP
    if session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None or menu.options.ignore_session:
      if settings.VERBOSITY_LEVEL <= 1 and not menu.options.ignore_session and _:
        sys.stdout.write("\n")
      # The main command injection exploitation.
      check_how_long, output = tb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, whitespace, timesec, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response)
      session_handler.store_cmd(url, cmd, output, vuln_parameter)
    else:
      output = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
    target_arch = output
    if target_arch:
      if settings.VERBOSITY_LEVEL <= 1 and not menu.options.ignore_session and _:
        print ""
      success_msg = "The target operating system is " +  target_os + Style.RESET_ALL  
      success_msg += Style.BRIGHT + " and the hardware platform is " +  target_arch
      sys.stdout.write(settings.print_success_msg(success_msg) + ".")
      sys.stdout.flush()
      # Add infos to logs file.   
      output_file = open(filename, "a")
      success_msg = "The target operating system is " + target_os
      success_msg += " and the hardware platform is " + target_arch + ".\n"
      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.SUCCESS_SIGN) + success_msg)
      output_file.close()
  else:
    warn_msg = "Heuristics have failed to retrieve the system information."
    print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:57,代码来源:tb_enumeration.py


示例20: skip_empty

def skip_empty(provided_value, http_request_method):
  warn_msg = "The " + http_request_method + " "
  warn_msg += "parameter" + "s"[len(provided_value.split(",")) == 1:][::-1]
  warn_msg += " '" + provided_value + "'"
  warn_msg += (' have ', ' has ')[len(provided_value.split(",")) == 1]
  warn_msg += "been skipped from testing"
  warn_msg += " (the provided value" + "s"[len(provided_value.split(",")) == 1:][::-1]
  warn_msg += (' are ', ' is ')[len(provided_value.split(",")) == 1] + "empty). "
  print settings.print_warning_msg(warn_msg)
开发者ID:security-geeks,项目名称:commix,代码行数:9,代码来源:checks.py



注:本文中的src.utils.settings.print_warning_msg函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Python utils.inherits_from函数代码示例发布时间:2022-05-27
下一篇:
Python settings.print_success_msg函数代码示例发布时间:2022-05-27
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap