int CFrmUserList::Init() { //从本地加载好友列表 LoadUserList(); return 0; }
int LoadConfigurationFiles(HTTPAPI *api,int argc, HTTPCHAR *argv[]){ int i; HTTPCHAR *p; int nhosts=0; HTTPCHAR dbg[512]; if (argc<2) { usage(); return(1); } for (i=1;i<argc;i++) { _tprintf(_T("Mirando: %s\n"),argv[i]); if ( argv[i][0]==_T('-')) { if (_tcscmp( argv[i],_T("--request"))==0) { Fullurl = _tcsdup(argv[i+1]); i++; } else if (_tcscmp( argv[i],_T("--showresponse"))==0) { ShowResponse=1; } else if (_tcscmp( argv[i],_T("--showlinks"))==0) { ShowLinks=1; if ( (argc>i+1) && (argv[i+1][0]!='-') ) { LinkType = _tcsdup(argv[i+1]); i++; } } else if (_tcscmp( argv[i],_T("--method"))==0) { method = _tcsdup(argv[i+1]); i++; } else if (_tcscmp( argv[i],_T("--data"))==0) { PostData = _tcsdup(argv[i+1]); PostDataSize = (int)_tcslen(PostData); i++; } else if (_tcscmp( argv[i],_T("--vhost"))==0) { vhost = _tcsdup(argv[i+1]); i++; } else if (_tcscmp( argv[i],_T("--proxyScanOnly"))==0) { proxyScanOnly = 1; bruteforce = 0; } else if (_tcscmp( argv[i],_T("--nobruteforce"))==0) { bruteforce=0; } else if (_tcscmp( argv[i],_T("--EnableProxy"))==0) { return(2); } else if (_tcscmp(argv[i],_T("--update"))==0) { UpdateFHScan(api); exit(1); } else if (_tcscmp( argv[i],_T("--fulluserlist"))==0) { FullUserList=1; } else if (_tcscmp( argv[i],_T("--verbose"))==0) { ShowAllhosts=1; } else if (_tcscmp( argv[i],_T("--logdir"))==0) { _tcscpy(DirectoryLog,argv[i+1]); i++; } else if (_tcscmp( argv[i],_T("--csv"))==0) { csv = 1; } else if ((_tcscmp( argv[i],_T("--ports"))==0) || (_tcscmp( argv[i],_T("--port"))==0) ) { p=_tcstok(argv[i+1],_T(",")); while (p!=NULL) { ports[nports].port=_tstoi(p); ports[nports].ssl=0; p=_tcstok(NULL,_T(",")); nports++; } i++; } else if ( (_tcscmp( argv[i],_T("--sslports"))==0) || (_tcscmp( argv[i],_T("--sslport"))==0) ){ p=_tcstok(argv[i+1],_T(",")); while (p!=NULL) { ports[nports].port=_tstoi(p); ports[nports].ssl=1; p=_tcstok(NULL,_T(",")); nports++; } i++; } else if (_tcscmp( argv[i],_T("--threads"))==0) { nthreads=_tstoi(argv[i+1]); i++; } else if (_tcscmp( argv[i],_T("--proxy"))==0) { _tprintf(_T("estableciendo proxy...\n")); HTTPCHAR proxyhost[512]; HTTPCHAR proxyport[10]; if ( _stscanf( argv[i+1], _T("http://%[^:/]:%s"), proxyhost, proxyport ) == 2 ) { api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyHost,proxyhost); api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyPort,proxyport); } else { _tprintf(_T(" [-] Invalid proxy parameter %s\n"),argv[i+1]); _tprintf(_T(" [-] Should be http://host:port\n")); return(1); } i++; } else if (_tcscmp( argv[i],_T("--proxyauth"))==0) { api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyUser,argv[i+1]); api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyPass,argv[i+2]); i+=2; } else if (_tcscmp( argv[i],_T("--ipfile"))==0) { ipfilepath=argv[i+1]; ipfile=_tfopen(ipfilepath,_T("r")); if (ipfile) { _tprintf(_T("[+] Loaded ips from %s\n"),argv[i+1]); } else { _tprintf(_T("[-] Unable to load ips from %s\n"),argv[i+1]); usage(); return(1); } i++; } else #ifdef XML_LIBRARY if ( (_tcscmp( argv[i],_T("--NmapFile"))==0) || (_tcscmp( argv[i],_T("--nmapfile"))==0) ) { nmap = argv[i+1]; i++; } else #endif if ( (_tcscmp( argv[i],_T("--hosts"))==0) || (_tcscmp( argv[i],_T("--host"))==0) ) { hosts= argv[i+1]; i++; } else { usage(); _tprintf(_T("Invalid parameter %s\n"),argv[i]); return(1); } } } //manual requests if (Fullurl) { return(3); } if (FullUserList) { i=LoadUserList(_T("UserListMulti.ini")); } else { i=LoadUserList(_T("UserListMulti-simple.ini")); } if (!i) { if (!csv) _tprintf(_T("[-] UserList file not found\n")); return(1); } else { if (!csv) _tprintf(_T("[+] Loaded %i user/pass combinations\n"),i); } nRouterAuth=LoadRouterAuth(_T("RouterAuth.ini")); if (!nRouterAuth) { if (!csv) _tprintf(_T("[-] Unable to load Router Auth engine\n")); return(1); } else { if (!csv) _tprintf(_T("[+] Loaded %i Router authentication schemes\n"),nRouterAuth); } i=LoadWebForms(_T("webforms.ini")); if (!i) { if (!csv) _tprintf(_T("[-] Unable to load Webforms auth engine\n")); return(1); } else { if (!csv) _tprintf(_T("[+] Loaded %i webform authentication schemes\n"),i); } i=LoadSingleUserList(_T("UserListSingle.ini")); if (!i) { if (!csv) _tprintf(_T("[-] Unable to load Single login file\n")); return(1); } else { if (!csv) _tprintf(_T("[+] Loaded %i Single Users\n"),i); } i=LoadWebservers(_T("Webservers.ini")); if (!i) { if (!csv) _tprintf(_T("[-] Unable to load vulnerability database\n")); return(1); } else { if (!csv) _tprintf(_T("[+] Loaded %i vulnerabilities\n"),i); } i=LoadKnownWebservers(_T("KnownWebservers.ini")); if (!i) { if (!csv) _tprintf(_T("[-] Unable to load Known Webservers database\n")); return(1); } else { if (!csv) _tprintf(_T("[+] Loaded %i Known Webservers\n"),i); } i=LoadKnownRouters(_T("KnownRouters.ini")); if (!i) { if (!csv) _tprintf(_T("[-] Unable to load Known Routers database\n")); return(1); } else { if (!csv) _tprintf(_T("[+] Loaded %i Known Routers\n"),i); } if (nports==0) { nports=1; ports[0].port=80; ports[0].ssl=0; } #ifdef XML_LIBRARY if (nmap) ParseNmapXMLFile(nmap); #endif if (hosts) nhosts = ParseHosts(hosts); if (ipfile) nhosts += Parseipfile(ipfile); if (( (nhosts==0) && (ipfile==NULL) #ifdef XML_LIBRARY && (!nmap) #endif ) ) usage(); if (!csv) { if (ipfile) { _tprintf(_T("[+] Scanning hosts from ip file\n"),nhosts); } else { /* char tmp[20]; snprintf(tmp,sizeof(tmp)-1,"%s)\n",inet_ntoa(ip2.sin_addr)); snprintf(dbg,sizeof(dbg)-1,"[+] Scanning %i hosts (%s - %s",nhosts,inet_ntoa(ip1.sin_addr),tmp); printf("%s",dbg); */ } _tprintf(_T("[+] Scanning %i ports - bruteforce is %s\n\n"),nports,bruteforce ? _T("active") : _T("Inactive")); } return(0); }