ihoneyBakFileScan （修改针对.net备份文件扫描）

ihoneyBakFileScan

ihoneyBakFileScan 工具扫描本份文件还是比较强大的，但是针对.net的备份文件扫描还是要修改一下的，.net代码审计只需要bin目录下的文件就行，经过大量测试发现.net的备份文件一般都是bin.rar、bin.zip。

安装依赖包

pip install -r requirements.txt

修改后的脚本

# -*- coding: UTF-8 -*-import requests
import logging
from argparse import ArgumentParser
from datetime import datetime
from hurry.filesize import size
from fake_headers import Headers
from concurrent.futures import ThreadPoolExecutorbanner = """_____________________________________________      ,' -> 警告...                                   `.   /  ->  ___  /_______ _________  /____________  /   \  |  ->   __  __ \  __ `/  ___/_  //_/  _ \  __  /     | | ->    _  / / / /_/ // /__ _  ,<  /  __/ /_/ /      | \  -> ./_/ /_/\__,_/ \___/ /_/|_| \___/\__,_/      /  `._______  _____________________________________,'   ############     /,'                                          ##############*##  /'                                            ################**#                                               ########  #  ####***#                                              ########       ###****#                                             ##########     ####*****#                                            ####   ##### #####   ***#                                            ###      #######      **#                                            ###   X   #####   X   **#                                            ####     ## # ##     ***#                                            ########## ### ##*******#                                            ### ############**# ###                                             ##-#-#-#-#-#-##                                                 | | | | | | |                                                  
"""
print(banner)requests.packages.urllib3.disable_warnings()logging.basicConfig(level=logging.WARNING, format="%(message)s")def vlun(urltarget):try:if proxies:r = requests.get(url=urltarget, headers=header.generate(), timeout=timeout, allow_redirects=False, stream=True, verify=False, proxies=proxies)else:r = requests.get(url=urltarget, headers=header.generate(), timeout=timeout, allow_redirects=False, stream=True, verify=False)if (r.status_code == 200) & ('html' not in r.headers.get('Content-Type')) & ('image' not in r.headers.get('Content-Type')) & ('xml' not in r.headers.get('Content-Type')) & ('text' not in r.headers.get('Content-Type')) & ('json' not in r.headers.get('Content-Type')) & ('javascript' not in r.headers.get('Content-Type')):tmp_rarsize = int(r.headers.get('Content-Length'))rarsize = str(size(tmp_rarsize))if (int(rarsize[0:-1]) > 0):logging.warning('[ 成功 ] {}  size:{}'.format(urltarget, rarsize))with open(outputfile, 'a') as f:try:f.write(str(urltarget) + '  ' + 'size:' + str(rarsize) + '\n')except:passelse:logging.warning('[ 失败] {}'.format(urltarget))else:logging.warning('[ 失败] {}'.format(urltarget))except Exception as e:logging.warning('[ 失败] {}'.format(urltarget))def urlcheck(target=None, ulist=None):if target is not None and ulist is not None:if target.startswith('http://') or target.startswith('https://'):if target.endswith('/'):clean_url = target[:-1]  # 移除末尾斜杠else:clean_url = targetulist.append(clean_url)else:line = 'http://' + targetif line.endswith('/'):clean_url = line[:-1]else:clean_url = lineulist.append(clean_url)return ulistdef dispatcher(url_file=None, url=None, max_thread=20):urllist = []if url_file is not None and url is None:with open(str(url_file)) as f:for line in f:line = line.strip()if line:urllist = urlcheck(line, urllist)elif url is not None and url_file is None:url = str(url.strip())urllist = urlcheck(url, urllist)else:passwith open(outputfile, 'a'):passtarget_files = ['/bin.rar', '/bin.zip']  # 直接指定目标文件for u in urllist:check_urllist = []for f in target_files:url = u + fcheck_urllist.append(url)print("[添加检查] " + url)with ThreadPoolExecutor(max_thread) as executor:for url in check_urllist:executor.submit(vlun, url)if __name__ == '__main__':usageexample = '\n       Example: python3 ihoneyBakFileScan_Modify.py -t 100 -f url.txt -o result.txt\n'usageexample += '                'usageexample += 'python3 ihoneyBakFileScan_Modify.py -u https://www.example.com/ -o result.txt'parser = ArgumentParser(add_help=True, usage=usageexample, description='A Website Backup File Leak Scan Tool.')parser.add_argument('-f', '--url-file', dest="url_file", help="Example: url.txt")parser.add_argument('-t', '--thread', dest="max_threads", nargs='?', type=int, default=1, help="Max threads")parser.add_argument('-u', '--url', dest='url', nargs='?', type=str, help="Example: http://www.example.com/")parser.add_argument('-o', '--output-file', dest="output_file", help="Example: result.txt")parser.add_argument('-p', '--proxy', dest="proxy", help="Example: socks5://127.0.0.1:1080")args = parser.parse_args()global outputfileoutputfile = args.output_file if args.output_file else 'result.txt'global proxiesproxies = {'http': args.proxy,'https': args.proxy} if args.proxy else Noneheader = Headers(headers=False)timeout = 10try:if args.url:dispatcher(url=args.url, max_thread=args.max_threads)elif args.url_file:dispatcher(url_file=args.url_file, max_thread=args.max_threads)else:print("[!] 请指定 URL 或 URL 文件名")except Exception as e:print(e)

 

运行效果

 

修改后的工具名

ihoneyBin.py

bat脚本运行

@echo off
python ihoneyBin.py -t 500 -f url.txt -o result.txt