update version 1.5

sowish · Aug 27, 2016 · 874e323 · 874e323
1 parent 4d3b989
commit 874e323
Show file tree

Hide file tree

Showing 6 changed files with 26 additions and 10 deletions.
diff --git a/LNScan.py b/LNScan.py
@@ -24,7 +24,7 @@ def parse_args():
                                      description="A WebScanner to scan local network.\nBy wps2015(http://wps2015.org)",
                                      formatter_class=argparse.RawTextHelpFormatter,
                                      usage='LNScan [options]')
-    parser.add_argument('-v', action='version', version='%(prog)s 1.0 By wps2015')
+    parser.add_argument('-v', action='version', version='%(prog)s 1.5 By wps2015')
     parser.add_argument('-f', type=str, help="import the file of ip/domain list")
     parser.add_argument('--ip', type=str, help='ip addresses like 192.168.1.1/24')
     parser.add_argument('--port', type=str, default='', help='user single quotes to split the ports,\
@@ -72,7 +72,7 @@ def http_scan(self, url):
         try:
             req = requests.get("http://"+url, timeout=3)
             res_title = re.search(r'<title>([\s\S]*?)</title>', req.text, re.IGNORECASE)
-            res_charset = re.search(r'charset=[\"]*?(.*?)\"', req.text, re.IGNORECASE)
+            res_charset = re.search(r'charset=[\"]+?(\w*?)[\"]+', req.text, re.IGNORECASE)
             res_h1 = re.search(r'<h1>([\s\S]*?)</h1>', req.text, re.IGNORECASE)
             if res_title:
                 title = res_title.group(1).strip()
@@ -92,7 +92,7 @@ def http_scan(self, url):
             self.ip_result[url]['title'] = ''
 
     def port_scan(self, url, _ports):
-        http_port = [80, 81, 8080, 8081, 8090]
+        http_port = [80, 81, 443, 8080, 8081, 8090]
         if _ports:
             ip_port = _ports
         else:

diff --git a/LNScan.pyc b/LNScan.pyc
diff --git a/README.md b/README.md
@@ -27,7 +27,14 @@ optional arguments:
 ```
 
 #### Require
-ipaddress、bs4、requests
+ipaddress、bs4、requests、ssl
 
 #### Other
 if you have any bug , please remind me in the Issues.
+
+### Update
+##### 2016.8.27 更新版本v1.5
+1. 更改页面抓取编码正则，改进title抓取为乱码的情况
+2. 添加https扫描敏感路径功能
+
+etc. 感谢`@junmoxiao`的建议
diff --git a/libs/bbscan.py b/libs/bbscan.py
@@ -12,6 +12,7 @@
 import time
 import glob
 from interface import InfoDisScannerBase
+import ssl
 
 
 class InfoDisScanner(InfoDisScannerBase):
@@ -99,7 +100,12 @@ def _http_request(self, url, timeout=4):
         try:
             if not url: url = '/'
             _host = self.host.split(":")
-            conn_fuc = httplib.HTTPSConnection if self.schema == 'https' else httplib.HTTPConnection
+            ssl._create_default_https_context = ssl._create_unverified_context
+            if _host[1] == '443':
+                conn_fuc = httplib.HTTPSConnection
+                self.schema = 'https'
+            else:
+                conn_fuc = httplib.HTTPConnection
             conn = conn_fuc(host=_host[0], port=_host[1], timeout=timeout)
             conn.request(method='GET', url=url,
                          headers={'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36 BBScan/1.0'}
@@ -168,7 +174,9 @@ def crawl_index(self, path):
                 if depth <= self.max_depth:
                     self._enqueue(url)
         except Exception, e:
-            logging.error('Exception in crawl_index: %s' % e)
+            #print e, path
+            pass
+            #logging.error('Exception in crawl_index: %s %s' % e, path)
 
     def _get_url(self):
         """
@@ -218,8 +226,10 @@ def _scan_worker(self):
                         self.lock.acquire()
                         # print '[+] [Prefix:%s] [%s] %s' % (prefix, status, 'http://' + self.host +  url)
                         if not prefix in self.results:
-                            self.results[prefix]= []
-                        self.results[prefix].append({'status':status, 'url': '%s://%s%s' % (self.schema, self.host, url)} )
+                            self.results[prefix] = []
+                        if self.schema == 'https':
+                            self.host = self.host.split(":")[0]
+                        self.results[prefix].append({'status': status, 'url': '%s://%s%s' % (self.schema, self.host, url)} )
                         self._update_severity(severity)
                         self.lock.release()
 
@@ -256,5 +266,4 @@ def batch_scan(url, q_results, lock, threads_num, timeout):
             for key in results.keys():
                 for url in results[key]:
                     print  '[+] [%s] %s' % (url['status'], url['url'])
-
-
+
diff --git a/libs/bbscan.pyc b/libs/bbscan.pyc
diff --git a/libs/result.pyc b/libs/result.pyc