首頁 探索 說明
登入
epsylon
/
orb
關註 1
讚好 0
複刻 0
檔案 問題管理 0 合併請求 0
目錄樹: a53273dd6c
分支列表 標籤列表
orb
/
orb
/
core
/
orb.py

orb.py 25 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462 
  1. #!/usr/bin/env python 
    2. 

  2. # -*- coding: utf-8 -*-"
    3. 

  3. """
    4. 

  4. This file is part of the orb project, https://orb.03c8.net
    5. 

  5. 

  6. Orb - 2016/2017/2018 - by psy (epsylon@riseup.net)
    7. 

  7. 

  8. You should have received a copy of the GNU General Public License along
    9. 

  9. with RedSquat; if not, write to the Free Software Foundation, Inc., 51
    10. 

  10. Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
    11. 

  11. """
    12. 

  12. import socket, threading, re, base64, os, datetime
    13. 

  13. import webbrowser, subprocess, urllib, json, sys
    14. 

  14. from options import OrbOptions
    15. 

  15. from pprint import pprint
    16. 

  16. 

  17. host = "0.0.0.0"
    18. 

  18. port = 9999
    19. 

  19. 

  20. class ClientThread(threading.Thread):
    21. 

  21.     def __init__(self, ip, port, socket):
    22. 

  22.         threading.Thread.__init__(self)
    23. 

  23.         self.ip = ip
    24. 

  24.         self.port = port
    25. 

  25.         self.socket = socket
    26. 

  26.         self.pages = Pages()
    27. 

  27. 

  28.     def run(self):
    29. 

  29.         req = self.socket.recv(2048)
    30. 

  30.         res = self.pages.get(req)
    31. 

  31.         out = "HTTP/1.0 %s\r\n" % res["code"]
    32. 

  32.         out += "Content-Type: %s\r\n\r\n" % res["ctype"]
    33. 

  33.         out += "%s" % res["html"]
    34. 

  34.         self.socket.send(out)
    35. 

  35.         self.socket.close()
    36. 

  36.         if "run" in res and len(res["run"]):
    37. 

  37.             subprocess.Popen(res["run"], shell=True)
    38. 

  38. 

  39. class Pages():
    40. 

  40. 

  41.     def __init__(self):
    42. 

  42.         self.options = OrbOptions()
    43. 

  43.         self.pages = {}
    44. 

  44. 

  45.         self.pages["/header"] = """
    46. 

  46. <!DOCTYPE html><html>
    47. 

  47. <head>
    48. 

  48. <link rel="icon" type="image/png" href="/favicon.ico" />
    49. 

  49. <meta name="author" content="psy">
    50. 

  50. <meta name="robots" content="noindex, nofollow">
    51. 

  51. <meta http-equiv="content-type" content="text/xml; charset=utf-8" /> 
    52. 

  52. <title>Orb - footprinting tool</title>
    53. 

  53. <script language="javascript" src="/lib.js"></script>
    54. 

  54. """
    55. 

  55. 

  56.         self.pages["/footer"] = """</body>
    57. 

  57. </html>
    58. 

  58. """
    59. 

  59.         self.pages["/favicon.ico"] = base64.b64decode("AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQIDA6sBX9r/AWrk/wFn4f8BXdb/AzR/5AAAAA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYgKY/f8BRbL/ASBR/wEKFP8BCRH/ARtD/wE9pP8DnP3/AQAAjwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZgFz6/8BM4z/AR1F/wEPH/8BBgv/AQMF/wELGf8BGTv/ATCA/wFm4v8EHkG7AAAAAAAAAAAAAAAAAAAABwF98f8BMYH/ARtD/wIMGv8DBQj/AwYK/wQHC/8DBgn/AgoU/wEYOf8BMH3/AWXh/wAAACUAAAAAAAAAAAFRx/4BMoX/ARxF/wINGv8DBgv/CRAY/w8ZKf8QGyv/ChMd/wQJD/8CCxX/ARpA/wEvfP8BUcb/AAAAAAAAAAABUMj/AR9L/wESJf8DCA//CRAY/xkwTf8uWpT/MWCd/x86X/8MFSH/BAkP/wERJP8BHUb/AT+k/wAAAAEAAAABASVe/wEVMv8BChb/BAgO/xIgMv81aKf/ZLzt/2vE8/9BgsL/FyxG/wYMEv8CCxX/ARUx/wEfTP8AAAAWAAAAAgEWNP8BDx3/AgkQ/wUJDv8VJz3/QYLC/33U+v+G2/3/UJ7Z/x02V/8IDRX/AggQ/wEPIP8BFCv/AAEBHQAAAAABDBr/AQwZ/wEHDf8EBwv/EB0s/y5Zk/9VqOH/XLHn/zhvr/8VJj3/BgsR/wIGDP8BChP/ARQw/wAAAAQAAAAAAQwY/wESJf8BBAj/AwQH/wcNE/8UJDn/I0Nt/yVHdf8XLEb/ChEZ/wMGCf8BBQj/AQsY/wEHDP8AAAAAAAAAAAISI4EBQq3/AQUI/wEDA/8CAwX/BQoP/woRGf8KEhv/BgwR/wMEB/8CAwT/AQME/wEwgv8BCxX/AAAAAAAAAAAAAAAAAUrA/wEqbf8BAQL/AAEB/wECA/8CAwT/AgME/wIDA/8AAQH/AAAA/wEdSf8EgfL/AAAAAAAAAAAAAAAAAAAAAAAAAABA4/3/AUzA/wEHDf8AAAD/AAAA/wAAAP8AAAD/AQQH/wE6n/9c6v3/AAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADiz8f97/f//AZL8/wFRyP8BTsP/AYX1/172//9dzfn/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGrK/Gml5///s+r//2/R+9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+B8AAPAHAADgAwAAwAMAAIABAACAAQAAgAEAAIABAACAAQAAgAEAAIABAADAAwAA4AcAAPAPAAD+PwAA//8AAA==")
    60. 

  60. 

  61.         self.pages["/"] = self.pages["/header"] + """<script language="javascript">function Start(){
    62. 

  62.         target=document.getElementById("target").value
    63. 

  63.         String.prototype.startsWith = function(prefix){
    64. 

  64.         return this.indexOf(prefix) === 0;
    65. 

  65.         }
    66. 

  66.         if(target!=""){
    67. 

  67.              if (document.getElementById("massive").checked){
    68. 

  68.                 document.getElementById("massive").value = "on";
    69. 

  69.              } else {
    70. 

  70.                 document.getElementById("massive").value = "off";
    71. 

  71.              }
    72. 

  72.              massive = document.getElementById("massive").value
    73. 

  73.              extens =document.getElementById("extens").value
    74. 

  74.              engineloc=document.getElementById("engineloc").value
    75. 

  75.              if (document.getElementById("json").checked){
    76. 

  76.                 document.getElementById("json").value = "on";
    77. 

  77.              } else {
    78. 

  78.                 document.getElementById("json").value = "off";
    79. 

  79.              }
    80. 

  80.              json = document.getElementById("json").value
    81. 

  81.              if (document.getElementById("nopublic").checked){
    82. 

  82.                 document.getElementById("nopublic").value = "on";
    83. 

  83.              } else {
    84. 

  84.                 document.getElementById("nopublic").value = "off";
    85. 

  85.              }
    86. 

  86.              nopublic = document.getElementById("nopublic").value
    87. 

  87.              if (document.getElementById("nowhois").checked){
    88. 

  88.                 document.getElementById("nowhois").value = "on";
    89. 

  89.              } else {
    90. 

  90.                 document.getElementById("nowhois").value = "off";
    91. 

  91.              }
    92. 

  92.              nowhois = document.getElementById("nowhois").value
    93. 

  93.              if (document.getElementById("nosubs").checked){
    94. 

  94.                 document.getElementById("nosubs").value = "on";
    95. 

  95.              } else {
    96. 

  96.                 document.getElementById("nosubs").value = "off";
    97. 

  97.              }
    98. 

  98.              nosubs = document.getElementById("nosubs").value
    99. 

  99.              if (document.getElementById("nodns").checked){
    100. 

  100.                 document.getElementById("nodns").value = "on";
    101. 

  101.              } else {
    102. 

  102.                 document.getElementById("nodns").value = "off";
    103. 

  103.              }
    104. 

  104.              nodns = document.getElementById("nodns").value
    105. 

  105.              if (document.getElementById("noscanner").checked){
    106. 

  106.                 document.getElementById("noscanner").value = "on";
    107. 

  107.              } else {
    108. 

  108.                 document.getElementById("noscanner").value = "off";
    109. 

  109.              }
    110. 

  110.              noscanner = document.getElementById("noscanner").value
    111. 

  111.              if (document.getElementById("noscandns").checked){
    112. 

  112.                 document.getElementById("noscandns").value = "on";
    113. 

  113.              } else {
    114. 

  114.                 document.getElementById("noscandns").value = "off";
    115. 

  115.              }
    116. 

  116.              noscandns = document.getElementById("noscandns").value
    117. 

  117.              if (document.getElementById("noscanns").checked){
    118. 

  118.                 document.getElementById("noscanns").value = "on";
    119. 

  119.              } else {
    120. 

  120.                 document.getElementById("noscanns").value = "off";
    121. 

  121.              }
    122. 

  122.              noscanns = document.getElementById("noscanns").value
    123. 

  123.              if (document.getElementById("noscanmx").checked){
    124. 

  124.                 document.getElementById("noscanmx").value = "on";
    125. 

  125.              } else {
    126. 

  126.                 document.getElementById("noscanmx").value = "off";
    127. 

  127.              }
    128. 

  128.              noscanmx = document.getElementById("noscanmx").value
    129. 

  129.              scanports =document.getElementById("scanports").value
    130. 

  130.              if (document.getElementById("onlytcp").checked){
    131. 

  131.                 document.getElementById("onlytcp").value = "on";
    132. 

  132.              } else {
    133. 

  133.                 document.getElementById("onlytcp").value = "off";
    134. 

  134.              }
    135. 

  135.              onlytcp = document.getElementById("onlytcp").value
    136. 

  136.              if (document.getElementById("nobanner").checked){
    137. 

  137.                 document.getElementById("nobanner").value = "on";
    138. 

  138.              } else {
    139. 

  139.                 document.getElementById("nobanner").value = "off";
    140. 

  140.              }
    141. 

  141.              nobanner = document.getElementById("nobanner").value
    142. 

  142.              if (document.getElementById("cve").checked){
    143. 

  143.                 document.getElementById("cve").value = "on";
    144. 

  144.              } else {
    145. 

  145.                 document.getElementById("cve").value = "off";
    146. 

  146.              }
    147. 

  147.              cve = document.getElementById("cve").value
    148. 

  148.              if (document.getElementById("cvs").checked){
    149. 

  149.                 document.getElementById("cvs").value = "on";
    150. 

  150.              } else {
    151. 

  151.                 document.getElementById("cvs").value = "off";
    152. 

  152.              }
    153. 

  153.              cvs = document.getElementById("cvs").value
    154. 

  154.              params="target="+escape(target)+"&massive="+escape(massive)+"&extens="+escape(extens)+"&engineloc="+escape(engineloc)+"&nopublic="+escape(nopublic)+"&nowhois="+escape(nowhois)+"&nosubs="+escape(nosubs)+"&nodns="+escape(nodns)+"&noscanner="+escape(noscanner)+"&noscandns="+escape(noscandns)+"&noscanns="+escape(noscanns)+"&noscanmx="+escape(noscanmx)+"&scanports="+escape(scanports)+"&onlytcp="+escape(onlytcp)+"&nobanner="+escape(nobanner)+"&cve="+escape(cve)+"&cvs="+escape(cvs)+"&json="+escape(json)
    155. 

  155.         }else{
    156. 

  156.           window.alert("You need to enter something... (ex: dell)");
    157. 

  157.           return
    158. 

  158.         }
    159. 

  159.         runCommandX("cmd_spell", params)
    160. 

  160. }
    161. 

  161. </script><script>loadXMLDoc()</script><script type='text/javascript'>var index = 0;var text = 'Welcome to...        Orb !!!';function type(){document.getElementById('screen').innerHTML += text.charAt(index);index += 1;var t = setTimeout('type()',120);}</script><script type='text/javascript'>
    162. 

  162. function show(one) {
    163. 

  163.       var nb = document.getElementsByTagName("div");
    164. 

  164.             for(var x=0; x<nb.length; x++) {
    165. 

  165.                   name = nb[x].getAttribute("class");
    166. 

  166.                   if (name == 'nb') {
    167. 

  167.                         if (nb[x].id == one) {
    168. 

  168.                         nb[x].style.display = 'block';
    169. 

  169.                   }
    170. 

  170.                   else {
    171. 

  171.                         nb[x].style.display = 'none';
    172. 

  172.                   }
    173. 

  173.             }
    174. 

  174.       }
    175. 

  175. }
    176. 

  176. </script><script type='text/javascript'>
    177. 

  177. function checkNobanner(){
    178. 

  178.   if (document.getElementById("nobanner").checked == true){
    179. 

  179.       document.getElementById("cve").checked = true;
    180. 

  180.       document.getElementById("cvs").checked = true;
    181. 

  181. }}
    182. 

  182. </script><script type='text/javascript'>
    183. 

  183. function checkNoscanner(){
    184. 

  184.   if (document.getElementById("noscanner").checked == true){
    185. 

  185.       document.getElementById("noscandns").checked = true;
    186. 

  186.       document.getElementById("noscanns").checked = true;
    187. 

  187.       document.getElementById("noscanmx").checked = true;
    188. 

  188. }}
    189. 

  189. </script><script type='text/javascript'>
    190. 

  190. function checkBoth(){
    191. 

  191.   if (document.getElementById("both").checked == true){
    192. 

  192.       document.getElementById("noscanner").checked = false;
    193. 

  193.       document.getElementById("nobanner").checked = false;
    194. 

  194.       document.getElementById("cve").checked = false;
    195. 

  195.       document.getElementById("cvs").checked = false;
    196. 

  196.       document.getElementById("nodns").checked = false;
    197. 

  197.       document.getElementById("noscandns").checked = false;
    198. 

  198.       document.getElementById("noscanns").checked = false;
    199. 

  199.       document.getElementById("noscanmx").checked = false;
    200. 

  200.       document.getElementById("nopublic").checked = false;
    201. 

  201.       document.getElementById("nowhois").checked = false;
    202. 

  202.       document.getElementById("nosubs").checked = false;
    203. 

  203.              }}
    204. 

  204. </script><script type='text/javascript'>
    205. 

  205. function checkPassive(){
    206. 

  206.   if (document.getElementById("passive").checked == true){
    207. 

  207.       document.getElementById("noscanner").checked = true;
    208. 

  208.       document.getElementById("nobanner").checked = true;
    209. 

  209.       document.getElementById("cve").checked = true;
    210. 

  210.       document.getElementById("cvs").checked = true;
    211. 

  211.       document.getElementById("nodns").checked = true;
    212. 

  212.       document.getElementById("noscandns").checked = true;
    213. 

  213.       document.getElementById("noscanns").checked = true;
    214. 

  214.       document.getElementById("noscanmx").checked = true;
    215. 

  215.       document.getElementById("nopublic").checked = false;
    216. 

  216.       document.getElementById("nowhois").checked = false;
    217. 

  217.       document.getElementById("nosubs").checked = false;
    218. 

  218.              }}
    219. 

  219. </script><script type='text/javascript'>
    220. 

  220. function checkActive(){
    221. 

  221.   if (document.getElementById("active").checked == true){
    222. 

  222.       document.getElementById("nopublic").checked = true;
    223. 

  223.       document.getElementById("nowhois").checked = true;
    224. 

  224.       document.getElementById("nosubs").checked = true;
    225. 

  225.       document.getElementById("noscanner").checked = false;
    226. 

  226.       document.getElementById("noscandns").checked = false;
    227. 

  227.       document.getElementById("noscanns").checked = false;
    228. 

  228.       document.getElementById("noscanmx").checked = false;
    229. 

  229.       document.getElementById("nobanner").checked = false;
    230. 

  230.       document.getElementById("cve").checked = false;
    231. 

  231.       document.getElementById("cvs").checked = false;
    232. 

  232.       document.getElementById("nodns").checked = false;
    233. 

  233.              }}
    234. 

  234. </script>
    235. 

  235. </head>
    236. 

  236. <body onload='type()' bgcolor="black" text="orange" style="monospace;" ><center><table><tr><td><pre>
    237. 

  237.                              #Y
    238. 

  238.                            U#@#%$
    239. 

  239.                         ...........
    240. 

  240.                    ....................
    241. 

  241.                 ...,,,,,,,,,,,,,,,,,,,....                  
    242. 

  242.               ..,,,,,,,,,,,,,,,,,,,,,,,,,,...              
    243. 

  243.            ..,,,,,,,,,,,,,,,,,,,,,,,...,,,,,,..            
    244. 

  244.          .,,,,,,,,,,.........................,,,,.         
    245. 

  245.        .,,,,...............................   ..,*,        
    246. 

  246.       .,,,...................................   .,*/.      
    247. 

  247.     .,,....................................       ./#(.    
    248. 

  248.    .,......................................        .(#(.   
    249. 

  249.   .,,...................................            .*#/.  
    250. 

  250.  .*,.................................                 *#(  
    251. 

  251.  ,/,...............................                   .(#, 
    252. 

  252. .#/,.............................                     *#(( 
    253. 

  253. .#/,.............................                     **/(.
    254. 

  254.  (/*...........................                      .*/// 
    255. 

  255.  /(*.........................                       .,**/* 
    256. 

  256.  ,((,........................                       ,,*//. 
    257. 

  257.   ((*......................                        .,,*/*  
    258. 

  258.   .*(,.....................                        ,,,*,.  
    259. 

  259.     //*...................                       ..,,,,    
    260. 

  260.      /(,     .............                      .,,,,,     
    261. 

  261.       .**.     ...............               ...,,,,.      
    262. 

  262.         ,*,    ...............            ....,,,,,        
    263. 

  263.           **,    ............................,,,,.         
    264. 

  264.         ,*(#(/,.   .......................,,,*###/,        
    265. 

  265.        ./##(((((/*,,..................,,,,/((((((//,       
    266. 

  266.        **,*%%%((((#(/***,,,,,,,,,,,,,,*(###((###((#/       
    267. 

  267.       .#%%%%%%%#((((*******,,,,,,,,,,,,/(((((#%&%%%#.      
    268. 

  268.       ./##%/*,/((***,     ..,....      ./(/(#(,,*(#/       
    269. 

  269.       .,,,.,**/(%#(,                     .**///*.,,.       
    270. 

  270.       .,,,*,. ,***,                          .*,,,..       
    271. 

  271.       .,*/*.                                   .,*,,.      
    272. 

  272.     ,#(/,,,                                     .,*(#(,    
    273. 

  273. </pre></td><td><table border="1" cellpadding="10" cellspacing="10"><tr><td> <div><a id="mH1" href="javascript:show('nb1');" style="text-decoration: none;" >+ Info</a></div>
    274. 

  274. <div><a id="mH2" href="javascript:show('nb2');" style="text-decoration: none;" >+ Contact</a></div>
    275. 

  275. </td><td><i><h3><div id='screen'></div></h3></i><div class="nb" id="nb1" style="display: none;"><pre>This is a massive <a href="https://en.wikipedia.org/wiki/Footprinting" target="_blank">footprinting</a> tool. It will 
    276. 

  276. use <u>automated</u> gathering methods to provides
    277. 

  277. you information about a target.
    278. 

  278. 

  279.   <a href="https://orb.03c8.net" target="_blank">Website</a> | <a href="https://github.com/epsylon/orb" target="_blank">Code</a> | <a href="https://twitter.com/search?q=%23orb-pentest" target="_blank">Social Tag</a> 
    280. 

  280. 

  281. ---------
    282. 

  282. 

  283. <div><a id="mH0" href="javascript:show('nb0');" style="text-decoration: none;" >Close()</a></div><div class="nb" id="nb0" style="display: none;"></div></pre></div><div class="nb" id="nb2" style="display: none;"><pre>If you want to contribute to development, 
    284. 

  284. reporting a bug, providing a patch, 
    285. 

  285. commenting on the code, making a donation
    286. 

  286. or simply need to find help to run it, 
    287. 

  287. please drop me an <a href="mailto:epsylon@riseup.net">e-mail</a>.
    288. 

  288. 

  289. ---------
    290. 

  290. 

  291. <div><a id="mH0" href="javascript:show('nb0');" style="text-decoration: none;" >Close()</a></div><div class="nb" id="nb0" style="display: none;"></div></pre></div></td></tr></table><br />
    292. 

  292. <form method='GET'><fieldset><table border="0" cellpadding="5" cellspacing="5"><tr><td> TLD extension(s):</td><td><input type="text" id="extens" name="extens" size="20" value=".com,.net" title="set extensions manually (ex: '.com,.net,.es')"></td></tr></table><br /><table border="1" cellpadding="5" cellspacing="5"><tr><td> Methods:</td><td><input type="radio" name="method" title="use both -active/passive- methods" id="both" value="both" onclick="checkBoth()" checked> Both</td><td><input type="radio" name="method" title="use ONLY -passive- methods" id="passive" value="passive" onclick="checkPassive()"> Passive</td><td><input type="radio" name="method" title="use ONLY -active- methods" id="active" value="active" onclick="checkActive()"> Active</td></tr></table><br><table border="1" cellpadding="5" cellspacing="5"><tr><td>Extra:</td><td><div><a id="mH3" href="javascript:show('nb3');" style="text-decoration: none;" >+ Config</a></div></td><td><input type="checkbox" id="autoscrolling" title="active auto-scrolling"/> Auto-Scroll</td><td><input type="checkbox" id="json" title="generate json report"/> Json</td></tr></table><br><table><tr><td>TARGET: <input type="text" name="target" id="target" size="26" placeholder="microsoft, facebook ..." title="start complete footprinting on this target" required></td></tr></table><br><div class="nb" id="nb3" style="display: none;"><table border="1" cellpadding="5" cellspacing="5"><tr><td><input type="checkbox" id="nopublic" name="nopublic" title="disable search for public records"/> No-Public</td><td>Engine loc: <input type="text" id="engineloc" name="engineloc" size="2" title="set location for search engine (ex: 'fr')"></td><td><input type="checkbox" id="massive" name="massive" title="search massively using all search engines (default: Yahoo)" checked/> Massive</td></tr><tr><td><input type="checkbox" id="nowhois" name="nowhois" title="disable extract whois information"/> No-Whois</td><td><input type="checkbox" id="nosubs" name="nosubs" title="disable try to discover subdomains"/> No-Subs</td><td><input type="checkbox" id="nodns" name="nodns" title="disable try to discover DNS records"/> No-DNS</td></tr><tr><td><input type="checkbox" id="noscanner" name="noscanner" title="disable scanner" onclick="checkNoscanner()"/> No-Scanner</td><td>Ports: <input type="text" size="6" id="scanports" name="scanports" value="1-65535" title="set range of ports to scan"></td><td><input type="checkbox" name="onlytcp" id="onlytcp" title="set scanning protocol to only TCP"/> Only-TCP</td></tr><td><input type="checkbox" id="noscandns" name="noscandns" title="disable scan DNS machines"/> No-Scan-DNS</td><td><input type="checkbox" id="noscanns" name="noscanns" title="disable scan NS records"/> No-Scan-NS</td><td><input type="checkbox" id="noscanmx" name="noscanmx" title="disable scan MX records"/> No-Scan-MX</td></tr><tr><td><input type="checkbox" id="nobanner" name="nobanner" title="disable extract banners from services" onclick="checkNobanner()"/> No-Banner</td><td><input type="checkbox" id="cve" name="cve" title="disable extract vulnerabilities from CVE"/> No-CVE</td><td><input type="checkbox" id="cvs" name="cvs" title="disable extract CVS description"/> No-CVS</td></tr></table><div><a id="mH0" href="javascript:show('nb0');" style="text-decoration: none;" ><pre>Close()</pre></a></div><div class="nb" id="nb0" style="display: none;"></div></div></td></tr></table></fieldset></form><button title="Nihil Sine Chaos!!" onClick=Start()>Spell!</button><hr></center><div id="cmdOut"></div>""" + self.pages["/footer"]
    293. 

  293. 

  294.         self.pages["/lib.js"] = """function loadXMLDoc() {
    295. 

  295.         var xmlhttp;
    296. 

  296.         if (window.XMLHttpRequest) {
    297. 

  297.                 // code for IE7+, Firefox, Chrome, Opera, Safari
    298. 

  298.                 xmlhttp = new XMLHttpRequest();
    299. 

  299.         } else {
    300. 

  300.                 // code for IE6, IE5
    301. 

  301.                 xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
    302. 

  302.         }
    303. 

  303.         xmlhttp.onreadystatechange = function() {
    304. 

  304.                 if (xmlhttp.readyState == 4 ) {
    305. 

  305.                    if(xmlhttp.status == 200){
    306. 

  306.                            document.getElementById("cmdOut").innerHTML = xmlhttp.responseText;
    307. 

  307.                            setTimeout("loadXMLDoc()", 3000); 
    308. 

  308.                    }
    309. 

  309.                 }
    310. 

  310.         }
    311. 

  311.         xmlhttp.send();
    312. 

  312. 	}
    313. 

  313. 

  314. function runCommandX(cmd,params) {
    315. 

  315.         var xmlhttp;
    316. 

  316.         if (window.XMLHttpRequest) {
    317. 

  317.                 // code for IE7+, Firefox, Chrome, Opera, Safari
    318. 

  318.                 xmlhttp = new XMLHttpRequest();
    319. 

  319.         } else {
    320. 

  320.                 // code for IE6, IE5
    321. 

  321.                 xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
    322. 

  322.         }
    323. 

  323.         xmlhttp.onreadystatechange = function() {
    324. 

  324.                 if (xmlhttp.readyState == 4 ) {
    325. 

  325.                    if(xmlhttp.status == 200){
    326. 

  326. 								if(cmd.indexOf("?")!=-1){
    327. 

  327. 									s=cmd.split("?")
    328. 

  328. 									cmd=s[0]
    329. 

  329. 									params=s[1]
    330. 

  330. 								}
    331. 

  331.                                 document.getElementById("cmdOut").innerHTML = xmlhttp.responseText;
    332. 

  332.                                 if (document.getElementById("autoscrolling").checked){
    333. 

  333.                                      document.getElementById("cmdOut").scrollIntoView();
    334. 

  334.                                 }
    335. 

  335.                                 newcmd=cmd
    336. 

  336.                                 if(newcmd=="cmd_null"){ 
    337. 

  337.                                     return;
    338. 

  338.                                 } else {
    339. 

  339.                                 if(newcmd=="cmd_spell") newcmd=newcmd+"_update"
    340. 

  340.                                 setTimeout(function(){runCommandX(newcmd,params)}, 3000);
    341. 

  341. 								return;}
    342. 

  342.                    }
    343. 

  343.                 }
    344. 

  344.         }
    345. 

  345. 		if(typeof params != "undefined") cmd=cmd+"?"+params
    346. 

  346.         xmlhttp.open("GET", cmd, true);
    347. 

  347.         xmlhttp.send();
    348. 

  348. }
    349. 

  349. 

  350. """
    351. 

  351. 	
    352. 

  352.     def buildGetParams(self, request):
    353. 

  353.         params = {}
    354. 

  354.         path = re.findall("^GET ([^\s]+)", request)
    355. 

  355.         if path:
    356. 

  356.             path = path[0]
    357. 

  357.             start = path.find("?")
    358. 

  358.             if start != -1:
    359. 

  359.                 for param in path[start+1:].split("&"):
    360. 

  360.                     f = param.split("=")
    361. 

  361.                     if len(f) == 2:
    362. 

  362.                         var = f[0]
    363. 

  363.                         value = f[1]
    364. 

  364.                         value = value.replace("+", " ")
    365. 

  365.                         value = urllib.unquote(value)
    366. 

  366.                         params[var] = value
    367. 

  367.         return params
    368. 

  368. 

  369.     def get(self, request):
    370. 

  370.         cmd_options = ""
    371. 

  371.         runcmd = ""
    372. 

  372.         res = re.findall("^GET ([^\s]+)", request)
    373. 

  373.         if res is None or len(res)==0:
    374. 

  374.             return
    375. 

  375.         pGet = {}
    376. 

  376.         page = res[0]
    377. 

  377.         paramStart = page.find("?")
    378. 

  378.         if paramStart != -1:
    379. 

  379.             page = page[:paramStart]
    380. 

  380.             pGet = self.buildGetParams(request)
    381. 

  381.         if page == "/cmd_spell":
    382. 

  382.             self.pages["/cmd_spell"] = "<pre>Waiting for 'orb' to return with data ...</pre>"
    383. 

  383.             if pGet["massive"] == "on": # --sa
    384. 

  384.                 cmd_options+= " --sa"
    385. 

  385.             if pGet["extens"]: # --ext=
    386. 

  386.                 cmd_options+= " --ext="+pGet["extens"]
    387. 

  387.             if pGet["engineloc"] != "": # --ext=
    388. 

  388.                 cmd_options+= " --se-ext="+pGet["engineloc"]
    389. 

  389.             if pGet["json"] == "on": # --json=target_datetime.json
    390. 

  390.                 namefile = pGet["target"] + ".json"
    391. 

  391.                 cmd_options+= " --json="+str(namefile)
    392. 

  392.             if pGet["nopublic"] == "on": # --no-public
    393. 

  393.                 cmd_options+= " --no-public"
    394. 

  394.             if pGet["nowhois"] == "on": # --no-whois
    395. 

  395.                 cmd_options+= " --no-whois"
    396. 

  396.             if pGet["nosubs"] == "on": # --no-subs
    397. 

  397.                 cmd_options+= " --no-subs"
    398. 

  398.             if pGet["nodns"] == "on": # --no-dns
    399. 

  399.                 cmd_options+= " --no-dns"
    400. 

  400.             if pGet["noscanner"] == "on": # --no-scanner
    401. 

  401.                 cmd_options+= " --no-scanner"
    402. 

  402.             if pGet["noscandns"] == "on": # --no-scan-dns
    403. 

  403.                 cmd_options+= " --no-scan-dns"
    404. 

  404.             if pGet["noscanns"] == "on": # --no-scan-ns
    405. 

  405.                 cmd_options+= " --no-scan-ns"
    406. 

  406.             if pGet["noscanmx"] == "on": # --no-scan-mx
    407. 

  407.                 cmd_options+= " --no-scan-mx"
    408. 

  408.             if pGet["scanports"]: # --scan-ports=
    409. 

  409.                 cmd_options+= " --scan-ports="+pGet["scanports"]
    410. 

  410.             if pGet["onlytcp"] == "on": # --scan-tcp
    411. 

  411.                 cmd_options+= " --scan-tcp"
    412. 

  412.             if pGet["nobanner"] == "on": # --no-banner
    413. 

  413.                 cmd_options+= " --no-banner"
    414. 

  414.             if pGet["cve"] == "on": # --no-cve
    415. 

  415.                 cmd_options+= " --no-cve"
    416. 

  416.             if pGet["cvs"] == "on": # --no-cvs
    417. 

  417.                 cmd_options+= " --no-cvs"
    418. 

  418.             runcmd = "(python -i orb --spell '"+pGet["target"]+"'"+ cmd_options + "|tee /tmp/out) &"
    419. 

  419.         if page == "/cmd_spell_update":
    420. 

  420.             if not os.path.exists('/tmp/out'):
    421. 

  421.                 open('/tmp/out', 'w').close()
    422. 

  422.             with open('/tmp/out', 'r') as f:
    423. 

  423.                 self.pages["/cmd_spell_update"] = "<pre>"+f.read()+"<pre>"
    424. 

  424.         ctype = "text/html"
    425. 

  425.         if page.find(".js") != -1:
    426. 

  426.             ctype = "application/javascript"
    427. 

  427.         elif page.find(".txt") != -1:
    428. 

  428.             ctype = "text/plain"
    429. 

  429.         elif page.find(".ico") != -1:
    430. 

  430.             ctype = "image/x-icon"
    431. 

  431.         elif page.find(".png") != -1:
    432. 

  432.             ctype = "image/png"
    433. 

  433.         if page in self.pages:
    434. 

  434.             return dict(run=runcmd, code="200 OK", html=self.pages[page], ctype=ctype)
    435. 

  435.         return dict(run=runcmd, code="404 Error", html="404 Error<br><br>Page not found...", ctype=ctype)
    436. 

  436. 

  437. class Command(object):
    438. 

  438.     def __init__(self, cmd):
    439. 

  439.         self.cmd = cmd
    440. 

  440.         self.process = None
    441. 

  441. 

  442.     def run(self, timeout):
    443. 

  443.         def target():
    444. 

  444.             self.process = subprocess.Popen(self.cmd, shell=True)
    445. 

  445.         thread = threading.Thread(target=target)
    446. 

  446.         thread.start()
    447. 

  447.         thread.join(timeout)
    448. 

  448.         if thread.is_alive():
    449. 

  449.             self.process.terminate()
    450. 

  450.             thread.join()
    451. 

  451. 

  452. if __name__ == "__main__":
    453. 

  453.     webbrowser.open('http://127.0.0.1:9999', new=1)
    454. 

  454.     tcpsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    455. 

  455.     tcpsock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    456. 

  456.     tcpsock.bind((host, port))
    457. 

  457.     while True:
    458. 

  458.         tcpsock.listen(4)
    459. 

  459.         (clientsock, (ip, c_port)) = tcpsock.accept()
    460. 

  460.         newthread = ClientThread(ip, c_port, clientsock)
    461. 

  461.         newthread.start()
    462. 

  462.