ysrc / gourdscanv2 Goto Github PK
View Code? Open in Web Editor NEW被动式漏洞扫描系统
License: GNU General Public License v2.0
被动式漏洞扫描系统
License: GNU General Public License v2.0
...
D:\Python27\GourdScanV2>python gourdscan.py
Traceback (most recent call last):
File "gourdscan.py", line 25, in
from web.urls import url_patterns
File "D:\Python27\GourdScanV2\web\urls.py", line 3, in
import handlers.main
File "D:\Python27\GourdScanV2\web\handlers\main.py", line 17, in
from proxy import pyscapy, mix_proxy, proxy_io
File "D:\Python27\GourdScanV2\proxy\pyscapy.py", line 11, in
from scapy.all import *
File "D:\Python27\lib\site-packages\scapy\all.py", line 16, in
from scapy.arch import *
File "D:\Python27\lib\site-packages\scapy\arch_init_.py", line 83, in
from scapy.arch.windows import *
File "D:\Python27\lib\site-packages\scapy\arch\windows_init_.py", line 318,
in
IFACES.load_from_powershell()
File "D:\Python27\lib\site-packages\scapy\arch\windows_init_.py", line 270,
in load_from_powershell
for i in get_windows_if_list():
File "D:\Python27\lib\site-packages\scapy\arch\windows_init_.py", line 206,
in get_windows_if_list
for line in query)
File "D:\Python27\lib\site-packages\scapy\arch\windows_init_.py", line 205,
in
(dict(zip(['name', 'win_index', 'description', 'guid', 'mac'], line))
File "D:\Python27\lib\site-packages\scapy\arch\windows_init_.py", line 53,
in _exec_query_ps
l.append(line.split(':', 1)[1].strip())
IndexError: list index out of range
如果要把这个扫描架设在服务器上,该怎么设置呀
希望可以支持put型的请求
requirement.txt 缺少 tornado pcapy
报错为
ImportError: No module named dumbnet
需要装 libdnet
git clone https://github.com/dugsong/libdnet.git
cd libdnet
./configure && make
cd python
python setup.py install
我搭建了之后,本地设置10086为代理端口。
然后生产者好像生产很少。
比如我发生了100次请求。可是 all requests显示的才8条数据而已。
我可以保持每次的请求都不一样,我感觉是不是你那个url优化过度了?
而且不能查看是哪8条数据?查看不了详情?
hello,我这边运行gourdscan,提示这个IOError: [Errno 2] No such file or directory: '/usr/local/lib/python2.7/dist-packages/gourdscan-2.1-py2.7.egg/gourdscan/conf/conf.json'
这是什么原因呢?
麻烦提供下run命令可否...
scan.py在启动扫描的线程时是这样做的:
if (request['method'] == "GET" and url != "") or (request['method'] == "POST" and (request["postdata"] != "" or url != ""))
这样url或者postdata一项为非空就可以开线程了,是否不太合适,比如遇到有postdata但是没有url的情况(当然实际应该遇不到)
$python setup.py install
running install
running build
running build_ext
building '_pcapmodule' extension
x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -Wdate-time -D_FORTIFY_SOURCE=2 -g -fdebug-prefix-map=/build/python2.7-HVkOs2/python2.7-2.7.13=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -DSWIG_COBJECT_TYPES -I/usr/include/python2.7 -c pcap.c -o build/temp.linux-x86_64-2.7/pcap.o
pcap.c: In function ‘SWIG_Python_AddErrorMsg’:
pcap.c:853:5: error: format not a string literal and no format arguments [-Werror=format-security]
PyErr_Format(PyExc_RuntimeError, mesg);
^~~~~~~~~~~~
cc1: some warnings being treated as errors
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
已安装libpcap,debain 跟ubuntu 16均出现这个问题,请问如何解决。
使用自签名证书,并忽略证书错误可访问https站点,但无法做登陆操作,该如何生成新证书
No module named gourdscan.lib
如何添加多个sqlmapapi? 多个同时跑
gourdscan可以对现成的pcap包之类的作检测吗?比如我用ns3搭的模拟网络,获得数据后如何使用gourdscan呢?
centos 6.4
内核 2.6.32-358.6.1.el6.x86_64
Python 2.7.3
pcapy-0.11.1 安装报错
gcc -pthread -fno-strict-aliasing -g -O2 -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -fPIC -I/usr/local/include/python2.7 -c pcapdumper.cc -o build/temp.linux-x86_64-2.7/pcapdumper.o
cc1plus: warning: command line option "-Wstrict-prototypes" is valid for Ada/C/ObjC but not for C++
pcapdumper.cc:11:18: error: pcap.h: No such file or directory
In file included from pcapdumper.cc:13:
pcapdumper.h:15: error: ‘pcap_dumper_t’ was not declared in this scope
pcapdumper.h:15: error: ‘dumper’ was not declared in this scope
pcapdumper.cc:20: error: ISO C++ forbids declaration of ‘pcap_dumper_t’ with no type
pcapdumper.cc:20: error: expected ‘;’ before ‘’ token
pcapdumper.cc: In function ‘void pcap_dealloc(pcapdumper)’:
pcapdumper.cc:30: error: ‘struct pcapdumper’ has no member named ‘dumper’
pcapdumper.cc:31: error: ‘struct pcapdumper’ has no member named ‘dumper’
pcapdumper.cc:31: error: ‘pcap_dump_close’ was not declared in this scope
pcapdumper.cc:33: error: ‘struct pcapdumper’ has no member named ‘dumper’
pcapdumper.cc: At global scope:
pcapdumper.cc:122: error: redefinition of ‘PyObject* new_pcapdumper’
pcapdumper.h:15: error: ‘PyObject* new_pcapdumper’ previously defined here
pcapdumper.cc:122: error: ‘pcap_dumper_t’ was not declared in this scope
pcapdumper.cc:122: error: ‘dumper’ was not declared in this scope
pcapdumper.cc: In function ‘PyObject* p_dump(pcapdumper*, PyObject*)’:
pcapdumper.cc:159: error: aggregate ‘pcap_pkthdr hdr’ has incomplete type and cannot be defined
pcapdumper.cc:163: error: ‘struct pcapdumper’ has no member named ‘dumper’
pcapdumper.cc:168: error: ‘struct pcapdumper’ has no member named ‘dumper’
pcapdumper.cc:168: error: ‘pcap_dump’ was not declared in this scope
pcapdumper.cc: In function ‘PyObject* p_close(pcapdumper*, PyObject*)’:
pcapdumper.cc:183: error: ‘struct pcapdumper’ has no member named ‘dumper’
pcapdumper.cc:184: error: ‘struct pcapdumper’ has no member named ‘dumper’
pcapdumper.cc:184: error: ‘pcap_dump_close’ was not declared in this scope
pcapdumper.cc:186: error: ‘struct pcapdumper’ has no member named ‘dumper’
error: command 'gcc' failed with exit status 1
命中细节中,详情查看处点进去显示invalid hash, u bad hacker
这一块解决起来始终是个棘手的问题,建议在服务器设立vpn服务,客户端这边通过拨接vpn,流量一样是走的代理服务器,那么在服务器只要抓取vpn流量即可,由于是vpn服务器,所以这些流量都是明文的!
发现会对很多无用的后缀进行测试。
一点登录就这样
1、如果我启用了N个规则,扫描结果中的vulnerable无法看到是哪个规则扫出来的结果,建议做进一步的显示,方便后续的测试
2、扫描结果中的finished能否设置一个功能,全部或者选择部分重新回到waiting中,方便做第二阶段的规则扫描,或者另外一种调试
3、http的代理比较稳定,http+https的混合代理貌似不稳定,抓不到数据
内存占用严重,16G内存跑满。
我搭建了DVWA进行测试,发现命中率基本都为3%,xss测试都不给payload的。不知道是我自己的问题还是 ???
gdscan_scapy/proxy_io.py
self.insert_redis(b64req, request_dict['host'], request_dict['host'])
应该改为:
self.insert_redis(b64req, request_dict['hash'], request_dict['host'])
Uncaught exception GET /del?type=waiting (127.0.0.1)
HTTPServerRequest(protocol='http', host='127.0.0.1:8000', method='GET', uri='/del?type=waiting', version='HTTP/1.1', remote_ip='127.0.0.1', headers={'Accept-Language': 'en-US,en;q=0.5', 'Accept-Encoding': 'gzip, deflate', 'Host': '127.0.0.1:8000', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8', 'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0', 'Connection': 'keep-alive', 'Referer': 'http://127.0.0.1:8000/list?type=waiting', 'Cookie': 'ysrc_token=22f8da9b10a311c70ab8aae5cce002e3', 'Upgrade-Insecure-Requests': '1'})
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 1467, in _execute
result = method(*self.path_args, **self.path_kwargs)
File "/usr/local/lib/python2.7/dist-packages/gourdscan-2.1-py2.7.egg/gourdscan/web/handlers/base.py", line 14, in wrapper
return method(self, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/gourdscan-2.1-py2.7.egg/gourdscan/web/handlers/main.py", line 292, in get
conn.delete(del_type)
File "/usr/local/lib/python2.7/dist-packages/redis/client.py", line 841, in delete
return self.execute_command('DEL', *names)
File "/usr/local/lib/python2.7/dist-packages/redis/client.py", line 573, in execute_command
return self.parse_response(connection, command_name, **options)
File "/usr/local/lib/python2.7/dist-packages/redis/client.py", line 585, in parse_response
response = connection.read_response()
File "/usr/local/lib/python2.7/dist-packages/redis/connection.py", line 582, in read_response
raise response
ResponseError: MISCONF Redis is configured to save RDB snapshots, but is currently not able to persist on disk. Commands that may modify the data set are disabled. Please check Redis logs for details about the error.
1,运行cli.py的时候报模块错误。根据issues反馈的。加上sys.path走通了。
2,运行起来后随之而来的问题就是访问web控制端 500错误了
赶脚在基于ubuntu的docker,还是ubuntu系统。redis都没起来,连接本地6379报错。
快点修。。坐等更新。
Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 1467, in _execute result = method(*self.path_args, **self.path_kwargs) File "/usr/local/lib/python2.7/dist-packages/gourdscan-2.1-py2.7.egg/gourdscan/web/handlers/base.py", line 14, in wrapper return method(self, *args, **kwargs) File "/usr/local/lib/python2.7/dist-packages/gourdscan-2.1-py2.7.egg/gourdscan/web/handlers/main.py", line 102, in get rules[i] = config.rule_read(i) File "/usr/local/lib/python2.7/dist-packages/gourdscan-2.1-py2.7.egg/gourdscan/lib/config.py", line 49, in rule_read with open(os.path.join(RULES_PATH, name, '.rule')) as con: IOError: [Errno 2] No such file or directory: '/usr/local/lib/python2.7/dist-packages/gourdscan-2.1-py2.7.egg/gourdscan/conf/rules/sqlitime/.rule'
访问http站点返回404: Not Found
访问https 是405错误
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.