3xp10it / xwaf Goto Github PK

Automatic bypass (brute force) waf

Python 100.00%

xwaf's Introduction

xwaf

xwaf是一个python写的waf自动绕过工具,上一个版本是bypass_waf,xwaf相比bypass_waf更智能,可无人干预,自动暴破waf

Disclaimer

[!] legal disclaimer: Usage of xwaf.py for attacking targets without prior mutual consent is illegal.It is the end user's responsibility to obey all applicable local, state and federal laws.Developers assume no liability and are not responsible for any misuse or damage caused by this program.

[!] 法律免责声明：未经事先相互同意，使用本程序攻击目标是非法的。使用本程序的最终用户有责任遵守所有适用的地方、国家法律。开发人员对本程序造成的任何误用、滥用、非法使用不承担任何责任。

Requirement

python3
pip3
mysql
linux(test on ubuntu and kali2.0,others should based on debain)

python3安装可参考如下步骤

apt-get install python3
或:
wget https://www.python.org/ftp/python/3.5.2/Python-3.5.2.tar.xz
tar xJf Python-3.5.2.tar.xz
cd Python-3.5.2
./configure --prefix=/opt/python3
make && make install
ln -s /opt/python3/bin/python3.5 /usr/local/bin/python3

pip3安装

apt-get install -y python3-pip
或
https://pip.pypa.io/en/stable/installing

Usage

eg:
1.python3 xwaf.py -u "http://www.baidu.com/1.php?id=1"
2.python3 xwaf.py -u "http://www.baidu.com/1.php" --data="postdata" -p xxx
3.python3 xwaf.py -r /tmp/headerfile -p xxx --risk 3 --level 5

Attention

1.xwaf支持除-m/-l外的所有sqlmap参数,用法和sqlmap一样即可,-m/-l为批量功能,暂不支持,如果需要批量,请自行code实现
2.由于xwaf已经有比较好的参数方案,一般情况下尽量少用参数,如果有必须要用的参数除外[如--data/-p/-r等参数]
3.普通get类型注入点,这样用即可:
  python3 xwaf.py -u "http://www.baidu.com/1.php?id=1&page=2" -p id
4.人工输入的参数的优先级大于xwaf自带的参数方案
5.关于--tamper参数的使用:
  xwaf的主要功能是排列组合使用所有可能的tamper组合来爆破waf,如果人为使用了--tamper参数,xwaf将在人为设置的已有
  tamper基础上再排列组合,eg.人为使用的命令为:
  python3 xwaf.py -u "http://www.baidu.com/1.php?id=1" --tamper=space2comment
  那么xwaf使用的tamper方案中的每个都会有space2comment
6.关于代理的使用:
  a)xwaf默认不用代理,如果使用代理需要在xwaf运行后选择y|Y
  b)使用的代理来源于程序自动收集的网上的代理
  c)使用代理有防封的优点,但网络连接速度不一定能保证
7.need python3

代码流程图

以[127.0.0.1/1.php?id=1为例]

1.start
2.检测系统/root/.sqlmap/output/127.0.0.1/log文件是否存在
3.获取log文件:
    如果不存在log文件则调用get_log_file_need_tamper函数,执行完这个函数后获得log文件,也即成功检测出目标
    url有sqli注入漏洞,如果执行完get_log_file_need_tamper函数没有获得log文件则认为该url没有sqli漏洞
4.获取db_type[数据库类型]
    调用get_db_type_need_tamper函数,用于后面的tamper排列组合时,只将目标url对应的数据库类型的tamper用于
    该目标在sql注入时tamper的选择后的组合
5.获取sqli_type[注入方法]
    调用get_good_sqli_type_need_tamper函数,sql注入方法中一共有U|S|E+B|Q|T 6种注入方法,后3种查询效率低,
    首先在log文件中查找是否有U|S|E这3种高效方法中的任意一种,如果有略过这一步,否则执行
    get_good_sqli_type_need_tamper函数,执行该函数将尝试获得一种以上的高效注入方法
6.获取current-db[当前数据库名]
    如果上面获得了高效注入方法,则先用高效注入方法获得current-db,如果没有则用B|Q|T方法尝试获得
    current-db,用来尝试获得current-db的函数是get_db_name_need_tamper
7.获取table[当前数据库的表名]
    如果上面获得了高效注入方法,则先用高效注入方法获得table,如果没有则用B|Q|T方法尝试获得table,尝试获得
    table的函数是get_table_name_need_tamper
8.获取column[当前数据库的第一个表的所有列名]
    如果上面获得了高效注入方法,则先用高效注入方法获得column,如果没有则用B|Q|T方法获得column,尝试获得
    column的函数是get_column_name_need_tamper
9.获取entries[column对应的真实数据]
    调用get_entries_need_tamper函数,执行完get_entries_need_tamper函数后,waf成功绕过,从上面的步骤一直到
    这个步骤,逐步获得最佳绕过waf的脚本组合

About

1.xwaf支持记忆,运行中断后下次继续运行时会在中断时的最后一个命令附近继续跑,不会重新经历上面的所有函数的处理
2.xwaf支持sqlmap除-m/-l外的所有参数用法
3.各个get_xxx_need_tamper函数的处理采用针对当前url的数据库类型(eg.MySQL)的所有过waf的脚本
  (在sqlmap的tamper目录中)的排列组合的结果与--hex或--no-cast选项进行暴力破解如果--hex起作用了则不再使用
  --no-cast尝试,--no-cast起作用了也不再用--hex尝试
4.xwaf运行完后将在/root/.sqlmap/output/127.0.0.1目录下的ini文件中看到相关信息,bypassed_command是成功暴破
  waf的sqlmap语句
5.在tamper组合中,先用到的tamper会加入到上面的ini文件中,在以后的每个tamper组合中,综合已经得到的有用的
  tamper再组合,在上面的ini文件中的tamper_list即为不断完善的tamper组合
6.支持自动更新升级

Changelog

[2017-12-02] 修复homePath变更带来的bug
[2017-09-28] 由原来的`tamper_string = self.get_from_tuple(current_tamper_list.append(tamper_string))
             修改为current_tamper_list.append(tamper_string)
             tamper_string = self.get_from_tuple(current_tamper_list)
[2017-09-05] 修改--level 3为--level 5
[2017-08-30] 修复--suffix " or '1'='1"类型的bug
[2017-08-25] 更新添加默认参数--risk 3
[2017-07-05] 通过在发送[设置]self.stop_order=1后睡1s来解决底部打印混乱的问题
[2017-07-05] 更新支持根据github上的sqlmap的tamper的更新情况自动更新tamper[sqlmap]
[2017-07-05] 添加支持检测系统有没有将sqlmap添加到path中,如果没有则自动添加
[2017-04-27] 修复复杂参数没有双引号包含的错误
[2017-03-13] 修复要输入bing api key的问题
[2017-02-23] 修复一处usage函数调用失败
[2017-02-21] 修复一处更新版本时的逻辑错误
[2017-02-13] 更新支持代替sqlmap跑普通没有waf的注入点,之前版本要求只能跑有waf的注入点
[2017-02-13] 更新支持自动进行版本升级
[2017-02-12] 更新支持所有sqlmap参数
[2017-01-18] fix line128处的slef改成self,fix line128处的db_name未定义错误
[2016-11-15] 修复一处ACCESS数据库考虑不周全判断和几处good_print函数调用错误
[2016-11-15] 增加支持代理自动切换功能,自选,默认不用代理[用代理速度较慢]
[2016-11-02] 增加access数据库特殊性的处理
[2016-11-01] get_db_type_need_tamper之后的数据库类型获取由之前的get_db_type_from_log_file改成
             eval(get_key_value_from_config_file(self.log_config_file,'default','db_type'))

xwaf's People

Contributors

Stargazers

Watchers

Forkers

phpplay sucof jijicanyu av1080p smallmeet onlycjeg 0xmaohou aipengjie trojx xieqiwen1993 blueroutecn ssdtfarm stayliv3 yuansec clicknull 5up3rc gitsucce-zz wuyouzi blowfishj he-who-is-him f8syw5v yingzhzh tuian s-ex1t cvexva caineqt findlakes tsyj sec-u burningcodes lvmaple feixuezhi pandano5 haoirui icesword-syy sarielwk jack51706 wu860 joinbaijun binddns pghook learninovationnature newaynewlife 404soul janepeak520 jokemmy forbidden-ali demonsec666 jjsmida 0xsb nuadaandre jinyu00 ganglongguni yaofeifly pixyguo hacklikepro hiknight hdfirewall moriarty2016 arryboom yeweit6 instruder mgcfish chennqqi xingkong123600 cyri1s onefor1 xiaodin1 waniks cn-leowong selfevo noshenxian bigbigx ghubgenius godepic qsdj wifido mmcroom2 devopsmi hohjgdhsj yogistudio crazycatcat webvul whb224117 peibibing re-expoc ruil1n darryllane michalkoczwara m00zh33 yu-yang h1d3r akpotter songofhack avaudioplayer jerusalemsbell n0ooooone h3ll0w0lrd wsygoogol 0c34

xwaf's Issues

i cant run it on kali Linux

i already install pip3 and python3
but it run erro and show this information

No module named 'exp10it'

root@localhost:/home/bypass_waf# python3 xwaf.py

Usage:
pip install [options] ...
pip install [options] -r ...
pip install [options] [-e] ...
pip install [options] [-e] ...
pip install [options] <archive url/path> ...

no such option: --no-cache
Traceback (most recent call last):
File "xwaf.py", line 12, in
from exp10it import figlet2file
ImportError: No module named 'exp10it'
root@localhost:/home/bypass_waf# pip3 install exp10it
Downloading/unpacking exp10it
Downloading exp10it-2.6.12.tar.gz (993kB): 993kB downloaded
Running setup.py (path:/tmp/pip-build-x0iek_d8/exp10it/setup.py) egg_info for package exp10it
Traceback (most recent call last):
File "", line 17, in
File "/tmp/pip-build-x0iek_d8/exp10it/setup.py", line 54, in
py_modules=['exp10it','updateapi'],
File "/usr/lib/python3.4/distutils/core.py", line 148, in setup
dist.run_commands()
File "/usr/lib/python3.4/distutils/dist.py", line 955, in run_commands
self.run_command(cmd)
File "/usr/lib/python3.4/distutils/dist.py", line 974, in run_command
cmd_obj.run()
File "", line 14, in replacement_run
File "/usr/lib/python3/dist-packages/setuptools/command/egg_info.py", line 349, in write_pkg_info
metadata.write_pkg_info(cmd.egg_info)
File "/usr/lib/python3.4/distutils/dist.py", line 1108, in write_pkg_info
self.write_pkg_file(pkg_info)
File "/usr/lib/python3.4/distutils/dist.py", line 1129, in write_pkg_file
long_desc = rfc822_escape(self.get_long_description())
File "/usr/lib/python3.4/distutils/util.py", line 470, in rfc822_escape
lines = header.split('\n')
TypeError: Type str doesn't support the buffer API
Complete output from command python setup.py egg_info:
running egg_info

creating pip-egg-info/exp10it.egg-info

writing top-level names to pip-egg-info/exp10it.egg-info/top_level.txt

writing pip-egg-info/exp10it.egg-info/PKG-INFO

Traceback (most recent call last):

File "", line 17, in

File "/tmp/pip-build-x0iek_d8/exp10it/setup.py", line 54, in

py_modules=['exp10it','updateapi'],

File "/usr/lib/python3.4/distutils/core.py", line 148, in setup

dist.run_commands()

File "/usr/lib/python3.4/distutils/dist.py", line 955, in run_commands

self.run_command(cmd)

File "/usr/lib/python3.4/distutils/dist.py", line 974, in run_command

cmd_obj.run()

File "", line 14, in replacement_run

File "/usr/lib/python3/dist-packages/setuptools/command/egg_info.py", line 349, in write_pkg_info

metadata.write_pkg_info(cmd.egg_info)

File "/usr/lib/python3.4/distutils/dist.py", line 1108, in write_pkg_info

self.write_pkg_file(pkg_info)

File "/usr/lib/python3.4/distutils/dist.py", line 1129, in write_pkg_file

long_desc = rfc822_escape(self.get_long_description())

File "/usr/lib/python3.4/distutils/util.py", line 470, in rfc822_escape

lines = header.split('\n')

TypeError: Type str doesn't support the buffer API

Cleaning up...
Command python setup.py egg_info failed with error code 1 in /tmp/pip-build-x0iek_d8/exp10it
Storing debug log for failure in /root/.pip/pip.log

post注入参数怎么填写？

get请求是这样：python3 xwaf.py "http://127.0.0.1/1.php?id=1"
那么post请求怎么填写？

一直重复安裝步骤...

xxxxx@DESKTOP-X0X00XX:~/bypass_waf$ python3 xwaf.py -u "http://www.baidu.com/1.php?id=1"

Collecting exp10it
  Downloading https://files.pythonhosted.org/packages/33/11/6598105aaa3ec704d7e54acb2a83624abf8141637e727802d1ef1700939c/exp10it-2.6.97.tar.gz (181kB)
    100% |████████████████████████████████| 184kB 44.1MB/s
Collecting bs4 (from exp10it)
  Downloading https://files.pythonhosted.org/packages/10/ed/7e8b97591f6f456174139ec089c769f89a94a1a4025fe967691de971f314/bs4-0.0.1.tar.gz
Collecting chardet (from exp10it)
...

usage要求装的都装上了但...
windows store版kali

还有windows上能用么
--update能跟上sqlmap么

(小白

forward parameters to sqlmap ?

Hello,

is the application able to pass parameters to sqlmap ( like --cookie ) )

also is it possible to force the number of parameters ( for exemples when the request is not accepted because 2 parameters are expected)

pip3安装exp10it的时候报错了

先完成安装pip3 运行xwaf.py 发现exp10it报错了

接着看到源代码中有pip3 exp10it这段

分析原因不知道会不会是因为：
而当目标网站使用的是自签名的证书时就会抛出一个 urllib2.URLError: 的错误消息，详细信息可以在这里查看（https://www.python.org/dev/peps/pep-0476/）

我尝试这自己在xwaf中加上
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
还是同样报错，没办法了。。
参考：https://www.waitalone.cn/python-ssl-error.html

还没手动下载
不知道是不是应该手动安装这个
https://pypi.python.org/pypi/exp10it/2.4.27

有问题

大佬现在我在新的parrort系统跟kali系统上安装您这个脚本，安装simpleaudio这个模块都是报错的。
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-hanj4j_z/simpleaudio/setup.py'"'"'; file='"'"'/tmp/pip-install-hanj4j_z/simpleaudio/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' install --record /tmp/pip-record-blsbwlcj/install-record.txt --single-version-externally-managed --user --prefix= --compile --install-headers /home/fuckduck/.local/include/python3.8/simpleaudio
cwd: /tmp/pip-install-hanj4j_z/simpleaudio/
Complete output (25 lines):
running install
running build
running build_py
creating build
creating build/lib.linux-x86_64-3.8
creating build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/init.py -> build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/shiny.py -> build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/functionchecks.py -> build/lib.linux-x86_64-3.8/simpleaudio
creating build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/c.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/e.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/g.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/left_right.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/notes_2_16_44.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
running build_ext
building 'simpleaudio._simpleaudio' extension
creating build/temp.linux-x86_64-3.8
creating build/temp.linux-x86_64-3.8/c_src
x86_64-linux-gnu-gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -g -fwrapv -O2 -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -DDEBUG=0 -I/usr/include/python3.8 -c c_src/simpleaudio_alsa.c -o build/temp.linux-x86_64-3.8/c_src/simpleaudio_alsa.o
c_src/simpleaudio_alsa.c:8:10: fatal error: alsa/asoundlib.h: No such file or directory
8 | #include <alsa/asoundlib.h>
| ^~~~~~~~~~~~~~~~~~
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
----------------------------------------
ERROR: Command errored out with exit status 1: /usr/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-hanj4j_z/simpleaudio/setup.py'"'"'; file='"'"'/tmp/pip-install-hanj4j_z/simpleaudio/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' install --record /tmp/pip-record-blsbwlcj/install-record.txt --single-version-externally-managed --user --prefix= --compile --install-headers /home/fuckduck/.local/include/python3.8/simpleaudio Check the logs for full command output.

请问一下，这个怎么解决

Requirement already satisfied: lxml in /usr/lib/python3/dist-packages (from mechanicalsoup->exp10it) (4.6.1)
Traceback (most recent call last):
File "xwaf.py", line 2846, in
Program()
File "xwaf.py", line 33, in init
self.selfUpdate()
File "xwaf.py", line 181, in selfUpdate
latestVersion=getVersion("/tmp/xwaf.py")
File "xwaf.py", line 176, in getVersion
latestVersion=re.search(r"self.currentVersion\s*=\s*(.*)",content).group(1)
AttributeError: 'NoneType' object has no attribute 'group'

figlet error

Traceback (most recent call last):
File "/usr/local/lib/python3.7/dist-packages/exp10it.py", line 1465, in figlet2file
figlet_font_dir = all[0][:-1]
IndexError: list index out of range

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "xcdn.py", line 22, in
figlet2file("3xp10it",0,True)
File "/usr/local/lib/python3.7/dist-packages/exp10it.py", line 1472, in figlet2file
figlet_font_dir = all[0][:-1]
IndexError: list index out of range

PermissionError

                                                                                                                                                   1 ⨯

Requirement already up-to-date: exp10it in /home/oo/.local/lib/python3.8/site-packages (2.7.71)
Requirement already satisfied, skipping upgrade: colorama in /usr/lib/python3/dist-packages (from exp10it) (0.4.3)
Requirement already satisfied, skipping upgrade: selenium in /usr/lib/python3/dist-packages (from exp10it) (4.0.0a1)
Requirement already satisfied, skipping upgrade: html2text in /usr/lib/python3/dist-packages (from exp10it) (2020.1.16)
Requirement already satisfied, skipping upgrade: configparser in /home/oo/.local/lib/python3.8/site-packages (from exp10it) (5.0.1)
Requirement already satisfied, skipping upgrade: requests in /usr/lib/python3/dist-packages (from exp10it) (2.24.0)
Requirement already satisfied, skipping upgrade: mechanicalsoup in /home/oo/.local/lib/python3.8/site-packages (from exp10it) (0.12.0)
Requirement already satisfied, skipping upgrade: beepy in /home/oo/.local/lib/python3.8/site-packages (from exp10it) (1.0.7)
Requirement already satisfied, skipping upgrade: pymysql in /home/oo/.local/lib/python3.8/site-packages (from exp10it) (0.10.1)
Requirement already satisfied, skipping upgrade: chardet in /usr/lib/python3/dist-packages (from exp10it) (3.0.4)
Requirement already satisfied, skipping upgrade: bs4 in /home/oo/.local/lib/python3.8/site-packages (from exp10it) (0.0.1)
Requirement already satisfied, skipping upgrade: pyperclip in /usr/lib/python3/dist-packages (from exp10it) (1.8.0)
Requirement already satisfied, skipping upgrade: wget in /home/oo/.local/lib/python3.8/site-packages (from exp10it) (3.2)
Requirement already satisfied, skipping upgrade: pycrypto in /usr/lib/python3/dist-packages (from exp10it) (2.6.1)
Requirement already satisfied, skipping upgrade: lxml in /usr/lib/python3/dist-packages (from mechanicalsoup->exp10it) (4.6.1)
Requirement already satisfied, skipping upgrade: six>=1.4 in /usr/lib/python3/dist-packages (from mechanicalsoup->exp10it) (1.15.0)
Requirement already satisfied, skipping upgrade: beautifulsoup4>=4.4 in /usr/lib/python3/dist-packages (from mechanicalsoup->exp10it) (4.9.3)
Requirement already satisfied, skipping upgrade: simpleaudio in /home/oo/.local/lib/python3.8/site-packages (from beepy->exp10it) (1.0.4)
Requirement already satisfied, skipping upgrade: soupsieve>1.2 in /usr/lib/python3/dist-packages (from beautifulsoup4>=4.4->mechanicalsoup->exp10it) (2.0.1)
+-+-+-+-+
|x|w|a|f|
+-+-+-+-+
currentVersion:1.19
Do you want to use random proxy from the Internet on each different sqlmap command to anti blocked by waf for your mass requests? [N|y]
4 seconds left...please input your chioce:>y
you choosed y
3 seconds left...please input your chioce:>Traceback (most recent call last):
File "xwaf.py", line 2843, in
Program()
File "xwaf.py", line 76, in init
self.check_DB_type_from_script(each_script)
File "xwaf.py", line 420, in check_DB_type_from_script
with open('/usr/share/sqlmap/tamper/' + script_name, 'r+',errors='ignore') as f:
PermissionError: [Errno 13] Permission denied: '/usr/share/sqlmap/tamper/space2mysqlblank.py'

xwaf针对SQLmap更新之后无法正常使用

作者你好，原始版的SQLmap的日志存放位置和新版的SQLmap存储位置不同导致你的xwaf无法直接使用，并且会一直提示：无法创建 '/root/.sqlmap/output/nflsfc.com.cn/config_file.ini': 没有那个文件或目录，所以你能更新下存储位置的这段代码吗？以及你代码当中链接位置的那个xwaf脚本的代码一并更新下可以吗

add slack function

Hi
your tool is great but it is a good to report SQL vulnerability to slack.

Building wheel for simpleaudio (setup.py) ... error ERROR: Command errored out with exit status 1:

Building wheel for simpleaudio (setup.py) ... error
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-sg1cgxxg/simpleaudio/setup.py'"'"'; file='"'"'/tmp/pip-install-sg1cgxxg/simpleaudio/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' bdist_wheel -d /tmp/pip-wheel-9tpzno7b
cwd: /tmp/pip-install-sg1cgxxg/simpleaudio/
Complete output (25 lines):
running bdist_wheel
running build
running build_py
creating build
creating build/lib.linux-x86_64-3.8
creating build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/init.py -> build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/shiny.py -> build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/functionchecks.py -> build/lib.linux-x86_64-3.8/simpleaudio
creating build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/c.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/e.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/g.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/left_right.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/notes_2_16_44.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
running build_ext
building 'simpleaudio._simpleaudio' extension
creating build/temp.linux-x86_64-3.8
creating build/temp.linux-x86_64-3.8/c_src
x86_64-linux-gnu-gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -g -fwrapv -O2 -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -DDEBUG=0 -I/usr/include/python3.8 -c c_src/simpleaudio_alsa.c -o build/temp.linux-x86_64-3.8/c_src/simpleaudio_alsa.o
c_src/simpleaudio_alsa.c:8:10: fatal error: alsa/asoundlib.h: No such file or directory
8 | #include <alsa/asoundlib.h>
| ^~~~~~~~~~~~~~~~~~
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

ERROR: Failed building wheel for simpleaudio
Running setup.py clean for simpleaudio
Successfully built exp10it wget
Failed to build simpleaudio
Installing collected packages: simpleaudio, beepy, wget, exp10it
Running setup.py install for simpleaudio ... error
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-sg1cgxxg/simpleaudio/setup.py'"'"'; file='"'"'/tmp/pip-install-sg1cgxxg/simpleaudio/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' install --record /tmp/pip-record-6db7ucgv/install-record.txt --single-version-externally-managed --compile --install-headers /usr/local/include/python3.8/simpleaudio
cwd: /tmp/pip-install-sg1cgxxg/simpleaudio/
Complete output (25 lines):
running install
running build
running build_py
creating build
creating build/lib.linux-x86_64-3.8
creating build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/init.py -> build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/shiny.py -> build/lib.linux-x86_64-3.8/simpleaudio
copying simpleaudio/functionchecks.py -> build/lib.linux-x86_64-3.8/simpleaudio
creating build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/c.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio
copying simpleaudio/test_audio/e.wav -> build/lib.linux-x86_64-3.8/simpleaudio/test_audio

Ok

还是运行报错了

版本是：[2017-02-23]

请问运行出现这个报错如何解？

Traceback (most recent call last):
File "/usr/local/src/xwaf/xwaf.py", line 2846, in
Program()
File "/usr/local/src/xwaf/xwaf.py", line 33, in init
self.selfUpdate()
File "/usr/local/src/xwaf/xwaf.py", line 181, in selfUpdate
latestVersion=getVersion("/tmp/xwaf.py")
File "/usr/local/src/xwaf/xwaf.py", line 176, in getVersion
latestVersion=re.search(r"self.currentVersion\s*=\s*(.*)",content).group(1)
AttributeError: 'NoneType' object has no attribute 'group'

经常报这个错，然后无法继续向下执行

Traceback (most recent call last):
File "xwaf.py", line 2841, in
Program()
File "xwaf.py", line 33, in init
self.selfUpdate()
File "xwaf.py", line 176, in selfUpdate
latestVersion=getVersion("/tmp/xwaf.py")
File "xwaf.py", line 171, in getVersion
latestVersion=re.search(r"self.currentVersion\s*=\s*(.*)",content).group(1)
AttributeError: 'NoneType' object has no attribute 'group'

请问有微信或者QQ吗加一下，，方便联系

FileNotFoundError: [Errno 2] No such file or directory: '/tmp/xwaf.py'

what do i do?

--data参数传递数据丢失

--data="xxx=xxx"
由xwaf传递给sqlmap的时候会变成--data=xxx
猜测是传递时去掉了双引号, 变成了--data=xxx=xxx这样的格式所以等号后数据丢失, 导致无法正常post注入
在尝试使用-r 传入post文件注入时也失败了

File "xwaf.py", line 2841, in
Program()
File "xwaf.py", line 42, in init
self.handle_url()
File "xwaf.py", line 270, in handle_url
self.url=get_http_or_https(hostValue)+"://"+hostValue
File "/usr/local/lib/python3.5/dist-packages/exp10it.py", line 3952, in get_http_or_https
bing_record = get_http_or_https_from_search_engine(domain)
File "/usr/local/lib/python3.5/dist-packages/exp10it.py", line 3923, in get_http_or_https_from_search_engine
urls_list = collect_urls_from_url(url)['y1']
File "/usr/local/lib/python3.5/dist-packages/exp10it.py", line 3791, in collect_urls_from_url
title = has_title[1]
TypeError: '_sre.SRE_Match' object is not subscriptable

包是直接从burpsuite里面copy出来的, host格式为:
Host: 12345.com

UnicodeDecodeError

python3 xwaf.py -u "https://[some domain]/[some path]?q=xpto"
Requirement already up-to-date: exp10it in /usr/local/lib/python3.6/dist-packages
Requirement already up-to-date: bs4 in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: chardet in /usr/lib/python3/dist-packages (from exp10it)
Requirement already up-to-date: colorama in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: configparser in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: mechanicalsoup in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: pycrypto in /usr/lib/python3/dist-packages (from exp10it)
Requirement already up-to-date: pymysql in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: readline in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: requests in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: selenium in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: wget in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: beautifulsoup4 in /usr/local/lib/python3.6/dist-packages (from bs4->exp10it)
Requirement already up-to-date: six>=1.4 in /usr/lib/python3/dist-packages (from mechanicalsoup->exp10it)
Requirement already up-to-date: lxml in /usr/local/lib/python3.6/dist-packages (from mechanicalsoup->exp10it)
Requirement already up-to-date: cryptography in /usr/local/lib/python3.6/dist-packages (from pymysql->exp10it)
Requirement already up-to-date: idna<2.9,>=2.5 in /usr/local/lib/python3.6/dist-packages (from requests->exp10it)
Requirement already up-to-date: certifi>=2017.4.17 in /usr/local/lib/python3.6/dist-packages (from requests->exp10it)
Requirement already up-to-date: urllib3<1.25,>=1.21.1 in /usr/local/lib/python3.6/dist-packages (from requests->exp10it)
Requirement already up-to-date: cffi!=1.11.3,>=1.7 in /usr/local/lib/python3.6/dist-packages (from cryptography->pymysql->exp10it)
Requirement already up-to-date: asn1crypto>=0.21.0 in /usr/lib/python3/dist-packages (from cryptography->pymysql->exp10it)
Requirement already up-to-date: pycparser in /usr/local/lib/python3.6/dist-packages (from cffi!=1.11.3,>=1.7->cryptography->pymysql->exp10it)
                      __ 
                     / _|
__  ____      ____ _| |_ 
\ \/ /\ \ /\ / / _` |  _|
 >  <  \ V  V / (_| | |  
/_/\_\  \_/\_/ \__,_|_|  
                         
                         
currentVersion:1.18
Do you want to use random proxy from the Internet on each different sqlmap command to anti blocked by waf for your mass requests? [N|y]
4 seconds left...please input your chioce:>n
you choosed n
3 seconds left...please input your chioce:>Traceback (most recent call last):
  File "xwaf.py", line 2843, in <module>
    Program()
  File "xwaf.py", line 76, in __init__
    self.check_DB_type_from_script(each_script)
  File "xwaf.py", line 421, in check_DB_type_from_script
    tamper_content = f.read()
  File "/usr/lib/python3.6/codecs.py", line 321, in decode
    (result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf3 in position 1: invalid continuation byte

使用报错

python3 xwaf.py -u "http://xxxxxxxxxxxxxxx.com//article/lists?catid=xxx" -p catid
出现：
['sqlmap', '-u', 'http://xxxxxxxxxxxxxxx.com//article/lists?catid=xxx', '--batch', '-v', '3', '--threads', '4', '--random-agent', '--safe-url', 'http://xxxxxxxxx.com', '--safe-freq', '1', '--level', '3', '--smart']
['-u', 'http://xxxxxxxxxxxxxxx.com//article/lists?catid=xxx', '-p', 'catid']
[正在执行:sqlmap -u "http://xxxxxxxxxxxxxxx.com//article/lists?catid=xxx" -p "catid" --batch -v "3" --threads "4" --random-agent --safe-url "http://xxxxxxxxxxxxxxxx2sh: 1: sqlmap: not found-level "3" --smart]
touch: cannot touch '/root/.sqlmap/output/xxxxxxxxx.com/config_file.ini': No such file or directory
Traceback (most recent call last):
File "xwaf.py", line 2810, in
Program()
File "xwaf.py", line 96, in init
update_config_file_key_value(self.log_config_file, 'default', 'finished_command_list', [])
File "/usr/local/lib/python3.5/dist-packages/exp10it.py", line 2140, in update_config_file_key_value
with open(file, 'w') as f:
FileNotFoundError: [Errno 2] No such file or directory: '/root/.sqlmap/output/xxxxxxxxx.com/config_file.ini'

能出个windows版本么

这是什么问题，怎么解决呢？

[正在执行:python2 /usr/share/sqlmap/sqlmap.py -u "https://xxxxxx.com/activityScratchLog?activityId=" --batch --risk "3" -v "3" --threadsh: python2: command not foundl "https://xxxxxx.com" --safe-freq "1" --level "5" --smart]
touch: cannot touch ‘/root/.sqlmap/output/xxxxxx.com/config_file.ini’: No such file or directory
Traceback (most recent call last):
File "xwaf.py", line 2843, in
Program()
File "xwaf.py", line 107, in init
update_config_file_key_value(self.log_config_file, 'default', 'finished_command_list', [])
File "/usr/local/python3/lib/python3.7/site-packages/exp10it.py", line 2939, in update_config_file_key_value
with open(file, 'w') as f:
FileNotFoundError: [Errno 2] No such file or directory: '/root/.sqlmap/output/xxxxxx.com/config_file.ini'

尝试tamper的时候报错，不知道原因

之前已经确定了数据库类型就差tamper绕的，现在报错了无法进行下去，麻烦大佬看下这是啥原因，看起来是源代码中的type少了某个类型。

centos下报错

Requirement already up-to-date: exp10it in /usr/local/lib/python3.6/site-packages

/bin/sh: figlet: 未找到命令
sh: apt-get: 未找到命令
/bin/sh: figlet: 未找到命令
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/exp10it.py", line 1140, in figlet2file
figlet_font_dir = all[0][:-1]
IndexError: list index out of range

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "xwaf.py", line 2840, in
Program()
File "xwaf.py", line 40, in init
figlet2file("xwaf", 0, True)
File "/usr/local/lib/python3.6/site-packages/exp10it.py", line 1147, in figlet2file
figlet_font_dir = all[0][:-1]
IndexError: list index out of range

请问 /usr/local/lib/python3.6/site-packages/exp10it.py 这里的 apt-get 是否要替换成 yum ?

运行 x.waf 显示网络连接不可达

您好，每次运行时候都要花费时间运行一段Requirement already up-to-date: exp10it in /usr/local/lib/python3.6/dist-packages
Requirement already up-to-date: bs4 in /usr/local/lib/python3.6/dist-packages (from exp10it)
Requirement already up-to-date: chardet in /usr/lib/python3/dist-packages (from exp10it)
Requirement already up-to-date: colorama in /usr/local/lib/python3.6/dist-packages (from exp10it)这样的代码，不知道是何原因，望解答

kail&ubuntu均无法运行

下载的版本是2017-02-13
ubuntu提示：

kail2.0提示：

请问如何解决？

exp10it升级2.6.65后报ImportError: cannot import name 'homePath'

我最近一次可用的exp10it版本2.6.58
最近运行xwaf，升级了exp10it2.6.65.升级后已经不能导入exp10it中的 'homePath'。

exp10it模块貌似已经更新为get_home_path。尝试把第43行和18行的homepath替换成get_home_path。
但运行报错：

exp10it-2.4.80报错

root@kali:~/exp10it-2.4.80# python3 setup.py install
running install
Checking .pth file support in /usr/local/lib/python3.4/dist-packages/
/usr/bin/python3 -E -c pass
TEST PASSED: /usr/local/lib/python3.4/dist-packages/ appears to support .pth files
running bdist_egg
running egg_info
writing exp10it.egg-info/PKG-INFO
Traceback (most recent call last):
File "setup.py", line 53, in
py_modules=['exp10it','updateapi'],
File "/usr/lib/python3.4/distutils/core.py", line 148, in setup
dist.run_commands()
File "/usr/lib/python3.4/distutils/dist.py", line 955, in run_commands
self.run_command(cmd)
File "/usr/lib/python3.4/distutils/dist.py", line 974, in run_command
cmd_obj.run()
File "/usr/local/lib/python3.4/dist-packages/setuptools-19.6-py3.4.egg/setuptools/command/install.py", line 67, in run
File "/usr/local/lib/python3.4/dist-packages/setuptools-19.6-py3.4.egg/setuptools/command/install.py", line 109, in do_egg_install
File "/usr/lib/python3.4/distutils/cmd.py", line 313, in run_command
self.distribution.run_command(command)
File "/usr/lib/python3.4/distutils/dist.py", line 974, in run_command
cmd_obj.run()
File "/usr/local/lib/python3.4/dist-packages/setuptools-19.6-py3.4.egg/setuptools/command/bdist_egg.py", line 152, in run
File "/usr/lib/python3.4/distutils/cmd.py", line 313, in run_command
self.distribution.run_command(command)
File "/usr/lib/python3.4/distutils/dist.py", line 974, in run_command
cmd_obj.run()
File "/usr/local/lib/python3.4/dist-packages/setuptools-19.6-py3.4.egg/setuptools/command/egg_info.py", line 179, in run
File "/usr/local/lib/python3.4/dist-packages/setuptools-19.6-py3.4.egg/setuptools/command/egg_info.py", line 390, in write_pkg_info
File "/usr/lib/python3.4/distutils/dist.py", line 1108, in write_pkg_info
self.write_pkg_file(pkg_info)
File "/usr/lib/python3.4/distutils/dist.py", line 1129, in write_pkg_file
long_desc = rfc822_escape(self.get_long_description())
File "/usr/lib/python3.4/distutils/util.py", line 470, in rfc822_escape
lines = header.split('\n')
TypeError: Type str doesn't support the buffer API