예제 #1
0
int CFrmUserList::Init()
{
    //从本地加载好友列表  
    LoadUserList();

    return 0;
}
예제 #2
0
int LoadConfigurationFiles(HTTPAPI *api,int argc, HTTPCHAR *argv[]){
	int i;
	HTTPCHAR *p;
	int nhosts=0;
	HTTPCHAR dbg[512];



	if (argc<2) {
		usage();
		return(1);
	}
	for (i=1;i<argc;i++)
	{
		_tprintf(_T("Mirando: %s\n"),argv[i]);
		if ( argv[i][0]==_T('-'))
		{

			if (_tcscmp( argv[i],_T("--request"))==0)
			{
				Fullurl = _tcsdup(argv[i+1]);
				i++;
			} else
				if (_tcscmp( argv[i],_T("--showresponse"))==0)
				{
					ShowResponse=1;
				} else

					if (_tcscmp( argv[i],_T("--showlinks"))==0)
					{
						ShowLinks=1;
						if ( (argc>i+1) && (argv[i+1][0]!='-') ) {
							LinkType = _tcsdup(argv[i+1]);
							i++;
						}

					} else

						if (_tcscmp( argv[i],_T("--method"))==0)
						{
							method = _tcsdup(argv[i+1]);
							i++;
						} else
							if (_tcscmp( argv[i],_T("--data"))==0)
							{
								PostData = _tcsdup(argv[i+1]);
								PostDataSize = (int)_tcslen(PostData);
								i++;
							} else
								if (_tcscmp( argv[i],_T("--vhost"))==0)
								{
									vhost = _tcsdup(argv[i+1]);
									i++;
								} else
									if (_tcscmp( argv[i],_T("--proxyScanOnly"))==0)
									{
										proxyScanOnly = 1;
										bruteforce = 0;
									} else
										if (_tcscmp( argv[i],_T("--nobruteforce"))==0)
										{
											bruteforce=0;
										} else
											if (_tcscmp( argv[i],_T("--EnableProxy"))==0) {
												return(2);
											} else
												if (_tcscmp(argv[i],_T("--update"))==0) {
													UpdateFHScan(api); exit(1);
												} else
													if (_tcscmp( argv[i],_T("--fulluserlist"))==0) {
														FullUserList=1;
													} else
														if (_tcscmp( argv[i],_T("--verbose"))==0) {
															ShowAllhosts=1;
														} else
															if (_tcscmp( argv[i],_T("--logdir"))==0) {
																_tcscpy(DirectoryLog,argv[i+1]);
																i++;
															} else
																if (_tcscmp( argv[i],_T("--csv"))==0) {
																	csv = 1;
																} else
																	if ((_tcscmp( argv[i],_T("--ports"))==0) || (_tcscmp( argv[i],_T("--port"))==0) ) {
																		p=_tcstok(argv[i+1],_T(","));
																		while (p!=NULL) {
																			ports[nports].port=_tstoi(p);
																			ports[nports].ssl=0;
																			p=_tcstok(NULL,_T(","));
																			nports++;
																		}
																		i++;
																	} else

																		if ( (_tcscmp( argv[i],_T("--sslports"))==0) || (_tcscmp( argv[i],_T("--sslport"))==0) ){
																			p=_tcstok(argv[i+1],_T(","));
																			while (p!=NULL) {
																				ports[nports].port=_tstoi(p);
																				ports[nports].ssl=1;
																				p=_tcstok(NULL,_T(","));
																				nports++;
																			}
																			i++;
																		} else


																			if (_tcscmp( argv[i],_T("--threads"))==0) {
																				nthreads=_tstoi(argv[i+1]);
																				i++;
																			} else
																				if (_tcscmp( argv[i],_T("--proxy"))==0)
																				{
																					_tprintf(_T("estableciendo proxy...\n"));
																					HTTPCHAR proxyhost[512];
																					HTTPCHAR proxyport[10];
																					if ( _stscanf( argv[i+1], _T("http://%[^:/]:%s"), proxyhost, proxyport ) == 2 )
																					{
																						api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyHost,proxyhost);
																						api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyPort,proxyport);
																					}  else {
																						_tprintf(_T(" [-] Invalid proxy parameter %s\n"),argv[i+1]);
																						_tprintf(_T(" [-] Should be http://host:port\n"));
																						return(1);
																					}

																					i++;
																				} else
																					if (_tcscmp( argv[i],_T("--proxyauth"))==0) {
																						api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyUser,argv[i+1]);
																						api->SetHTTPConfig(GLOBAL_HTTP_CONFIG,ConfigProxyPass,argv[i+2]);
																						i+=2;
																					} else

																						if (_tcscmp( argv[i],_T("--ipfile"))==0) 
																						{
																							ipfilepath=argv[i+1];
																							ipfile=_tfopen(ipfilepath,_T("r"));
																							if (ipfile) {
																								_tprintf(_T("[+] Loaded ips from %s\n"),argv[i+1]);
																							} else {
																								_tprintf(_T("[-] Unable to load ips from %s\n"),argv[i+1]);
																								usage();
																								return(1);
																							}
																							i++;
																						} else
#ifdef XML_LIBRARY
																							if ( (_tcscmp( argv[i],_T("--NmapFile"))==0) || (_tcscmp( argv[i],_T("--nmapfile"))==0) )
																							{
																								nmap = argv[i+1];
																								i++;
																							} else 
#endif
																								if ( (_tcscmp( argv[i],_T("--hosts"))==0) || (_tcscmp( argv[i],_T("--host"))==0) )
																								{
																									hosts= argv[i+1];																	
																									i++;
																								} else {
																									usage();
																									_tprintf(_T("Invalid parameter %s\n"),argv[i]);
																									return(1);
																								}
		}
	}

	//manual requests
	if (Fullurl) {
		return(3);
	}


	if (FullUserList) {
		i=LoadUserList(_T("UserListMulti.ini"));
	} else {
		i=LoadUserList(_T("UserListMulti-simple.ini"));
	}
	if (!i) {
		if (!csv) _tprintf(_T("[-] UserList file not found\n"));
		return(1);
	} else {
		if (!csv) _tprintf(_T("[+] Loaded %i user/pass combinations\n"),i);
	}

	nRouterAuth=LoadRouterAuth(_T("RouterAuth.ini"));
	if (!nRouterAuth) {
		if (!csv) _tprintf(_T("[-] Unable to load Router Auth engine\n"));
		return(1);
	} else {
		if (!csv) _tprintf(_T("[+] Loaded %i Router authentication schemes\n"),nRouterAuth);
	}
	i=LoadWebForms(_T("webforms.ini"));
	if (!i) {
		if (!csv) _tprintf(_T("[-] Unable to load Webforms auth engine\n"));
		return(1);
	} else {
		if (!csv) _tprintf(_T("[+] Loaded %i webform authentication schemes\n"),i);
	}
	i=LoadSingleUserList(_T("UserListSingle.ini"));
	if (!i) {
		if (!csv) _tprintf(_T("[-] Unable to load Single login file\n"));
		return(1);
	} else {
		if (!csv) _tprintf(_T("[+] Loaded %i Single Users\n"),i);
	}

	i=LoadWebservers(_T("Webservers.ini"));
	if (!i) {
		if (!csv) _tprintf(_T("[-] Unable to load vulnerability database\n"));
		return(1);
	} else {
		if (!csv) _tprintf(_T("[+] Loaded %i vulnerabilities\n"),i);
	}

	i=LoadKnownWebservers(_T("KnownWebservers.ini"));
	if (!i) {
		if (!csv) _tprintf(_T("[-] Unable to load Known Webservers database\n"));
		return(1);
	} else {
		if (!csv) _tprintf(_T("[+] Loaded %i Known Webservers\n"),i);
	}

	i=LoadKnownRouters(_T("KnownRouters.ini"));
	if (!i) {
		if (!csv) _tprintf(_T("[-] Unable to load Known Routers database\n"));
		return(1);
	} else {
		if (!csv) _tprintf(_T("[+] Loaded %i Known Routers\n"),i);
	}

	if (nports==0) {
		nports=1;
		ports[0].port=80;
		ports[0].ssl=0;
	}

#ifdef XML_LIBRARY
	if (nmap) ParseNmapXMLFile(nmap);
#endif
	if (hosts) nhosts = ParseHosts(hosts);
	if (ipfile) nhosts += Parseipfile(ipfile);




	if (( (nhosts==0) && (ipfile==NULL)
#ifdef XML_LIBRARY
		&& (!nmap)
#endif
		)  ) usage();

	if (!csv)
	{
		if (ipfile) {
			_tprintf(_T("[+] Scanning hosts from ip file\n"),nhosts);
		} else {
			/*
			char tmp[20];
			snprintf(tmp,sizeof(tmp)-1,"%s)\n",inet_ntoa(ip2.sin_addr));
			snprintf(dbg,sizeof(dbg)-1,"[+] Scanning %i hosts  (%s  - %s",nhosts,inet_ntoa(ip1.sin_addr),tmp);
			printf("%s",dbg);
			*/
		}

		_tprintf(_T("[+] Scanning %i ports - bruteforce is %s\n\n"),nports,bruteforce ? _T("active") : _T("Inactive"));
	}

	return(0);
}