Created
January 23, 2017 18:08
-
-
Save proclnas/f8b0078da2aa518014b64e7bedd935c0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| import requests | |
| import os | |
| import re | |
| import argparse | |
| import sys | |
| from bs4 import BeautifulSoup | |
| from threading import Thread, Event, Lock | |
| from Queue import Queue | |
| class BingJw: | |
| # Define here the available systems | |
| SYSTEM_DEFAULT = 'default' | |
| SYSTEM_JOOMLA = 'joomla' | |
| SYSTEM_WORDPRESS = 'wordpress' | |
| SYSTEM_MAGENTO = 'magento' | |
| def __init__(self, dork_file, system_type, output, threads): | |
| self.dork_file = dork_file | |
| self.output = output | |
| self.system_type = system_type | |
| """ | |
| key is the cms/system and the value is the | |
| dork wich will be used to search | |
| You can use bug dorks too, Eg: | |
| 'com_history_sqli': 'index.php?option=com_contenthistory' | |
| """ | |
| self.system_types = { | |
| 'default': 'default', | |
| 'joomla': 'index.php?option=', | |
| 'wordpress': '/wp-content/', | |
| 'magento': '/customer/account/login' | |
| } | |
| self.ptr_limit = 401 | |
| self.exclude_pattern = 'msn|microsoft|php-brasil|facebook|4shared' \ | |
| '|bing|imasters|phpbrasil|php.net|yahoo|' \ | |
| 'scrwordtbrasil|under-linux|google|msdn|twitter' | |
| self.q = Queue() | |
| self.t_stop = Event() | |
| self.threads = threads | |
| self.list_size = len(open(dork_file).readlines()) | |
| self.counter = 0 | |
| self.terminal = sys.stdout | |
| self.lock = Lock() | |
| @staticmethod | |
| def get_system_types(): | |
| """ | |
| Return available systems to search | |
| """ | |
| return [ | |
| BingJw.SYSTEM_DEFAULT, | |
| BingJw.SYSTEM_JOOMLA, | |
| BingJw.SYSTEM_WORDPRESS, | |
| BingJw.SYSTEM_MAGENTO | |
| ] | |
| def save_buf(self, content): | |
| with open(self.output, 'a+') as fp: | |
| fp.write('{}\n'.format(content.encode("UTF-8"))) | |
| def crawler(self, q): | |
| while not self.t_stop.is_set(): | |
| self.t_stop.wait(1) | |
| try: | |
| word = q.get() | |
| dork = word | |
| if self.system_type is not self.system_types['default']: | |
| dork = '{} {}'.format( | |
| word, | |
| self.system_types[self.system_type] | |
| ) | |
| ptr = 1 | |
| while ptr <= self.ptr_limit: | |
| content = requests.get( | |
| 'http://www.bing.com/search?q={}&count=50&first={}' | |
| .format( | |
| dork, str(ptr) | |
| ) | |
| ) | |
| s_str = '[{}/{}] Searching {} with {} writing to -> {}\n' | |
| with self.lock: | |
| self.terminal.write(s_str.format( | |
| ptr, | |
| self.ptr_limit, | |
| self.system_type, | |
| word, | |
| self.output | |
| )) | |
| if content.ok: | |
| soup = BeautifulSoup(content.text, 'html.parser') | |
| for link in soup.find_all('a'): | |
| try: | |
| link = link.get('href') | |
| if 'http' in link and not re.search( | |
| self.exclude_pattern, link | |
| ): | |
| with self.lock: | |
| self.save_buf(link) | |
| except: | |
| pass | |
| ptr += 10 | |
| except: | |
| pass | |
| finally: | |
| self.counter += 1 | |
| q.task_done() | |
| def start(self): | |
| for _ in xrange(self.threads): | |
| t = Thread(target=self.crawler, args=(self.q,)) | |
| t.setDaemon(True) | |
| t.start() | |
| for word in open(self.dork_file): | |
| self.q.put(word.strip()) | |
| try: | |
| while not self.t_stop.is_set(): | |
| self.t_stop.wait(1) | |
| if self.counter == self.list_size: | |
| self.t_stop.set() | |
| except KeyboardInterrupt: | |
| print '~ Sending signal to kill threads...' | |
| self.t_stop.set() | |
| exit(0) | |
| self.q.join() | |
| print 'Finished!' | |
| if __name__ == "__main__": | |
| banner = ''' | |
| ______ _ ___ _ _ | |
| | ___ (_) |_ || | | | | |
| | |_/ /_ _ __ __ _ | || | | | | |
| | ___ \ | '_ \ / _` | | || |/\| | | |
| | |_/ / | | | | (_| /\__/ /\ /\ / | |
| \____/|_|_| |_|\__, \____/ \/ \/ | |
| __/ | By @proclnas | |
| |___/ | |
| Bing searcher and parser. | |
| ''' | |
| parser = argparse.ArgumentParser( | |
| description='BingJW # Searcher and parser' | |
| ) | |
| parser.add_argument( | |
| '-f', '--file', | |
| action='store', | |
| dest='dork_file', | |
| help='List with dorks to scan (One per line)' | |
| ) | |
| parser.add_argument( | |
| '-s', '--system', | |
| action='store', | |
| dest='system_type', | |
| help='System type available: {}'.format( | |
| ', '.join(BingJw.get_system_types()) | |
| ) | |
| ) | |
| parser.add_argument( | |
| '-o', '--output', | |
| action='store', | |
| dest='output', | |
| help='Output to save valid results', | |
| default='output.txt' | |
| ) | |
| parser.add_argument( | |
| '-t', '--threads', | |
| action='store', | |
| default=1, | |
| dest='threads', | |
| help='Concurrent workers', | |
| type=int | |
| ) | |
| parser.add_argument( | |
| '--version', | |
| action='version', | |
| version='%(prog)s 1.0' | |
| ) | |
| args = parser.parse_args() | |
| if not args.dork_file or not args.system_type: | |
| print banner | |
| exit(parser.print_help()) | |
| if not os.path.isfile(args.dork_file): | |
| exit('File {} not found'.format(args.dork_file)) | |
| if args.system_type not in BingJw.get_system_types(): | |
| exit( | |
| 'System not allowed in search. Available: {}'.format( | |
| ', '.join(BingJw.get_system_types()) | |
| ) | |
| ) | |
| print banner | |
| bing_jw = BingJw( | |
| args.dork_file, | |
| args.system_type, | |
| args.output, | |
| args.threads | |
| ) | |
| bing_jw.start() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment