zfsafe/tools/GobusterTool.py

import re
from tools.ToolBase import ToolBase

class GobusterTool(ToolBase):

    def validate_instruction(self, instruction):
        '''
            指令过滤
            1.线程默认调整为-t 5 (没有找到-t 就添加）  ---暂时取消
            2.*medium.txt  替换为*small.txt        --- 暂时取消
            3.-p    静默输出，只输出有用结果
            :param instruction:
            :return:
        '''
        # 定义要修改的参数的正则表达式模式
        # thread_pattern = r'-t\s*\d+'
        # wordlist_pattern = r'-w\s*(/.*?/.*?-medium\.txt)'
        # # 检查是否有 -t 参数，若没有则添加 -t 5
        # if not re.search(thread_pattern, instruction):
        #     instruction += ' -t 5'
        #
        # # 检查 -w 后面的字典文件，若是 *medium.txt 则换成 *small.txt
        # if re.search(wordlist_pattern, instruction):
        #     instruction = re.sub(wordlist_pattern, lambda m: m.group(0).replace('-medium.txt', '-small.txt'),
        #                          instruction)
        timeout = 0
        if "-q" not in instruction:
            instruction += ' -q'
        return  instruction,timeout

    def analyze_result(self, result,instruction,stderr,stdout):
        #指令结果分析 -q后对结果进行提取
        #重新生成个结果，400-5个，401-5个，200所有，其他还不知道有什么结果所有
        result = ""
        i_400 = 0
        i_401 = 0
        lines = stdout.splitlines()
        for line in lines:
            if line:
                badd = False
                if "200" in line:
                    badd = True
                elif "400" in line:
                    if i_400 < 5:   #400有5个页面就可以了
                        badd = True
                        i_400 += 1
                elif "401" in line:
                    if i_401 < 5:
                        badd = True
                        i_401 += 1
                else:   #未知项不太确定,先保留
                    badd = True
                if badd:
                    result +='\n'
                    result += line
        return result

if __name__ == '__main__':
    sub  = GobusterTool()
    gobuster_command = "gobuster dir -u http://haitutech.cn -w /usr/directory-list-2.3-medium.txt -x php,html,zip,bak"
    print(sub.validate_instruction(gobuster_command))
初始版本0.1 2 months ago			`import re`
			`from tools.ToolBase import ToolBase`

			`class GobusterTool(ToolBase):`

			`def validate_instruction(self, instruction):`
			`'''`
			`指令过滤`
			`1.线程默认调整为-t 5 (没有找到-t 就添加） ---暂时取消`
			`2.medium.txt 替换为small.txt --- 暂时取消`
			`3.-p 静默输出，只输出有用结果`
			`:param instruction:`
			`:return:`
			`'''`
			`# 定义要修改的参数的正则表达式模式`
			`# thread_pattern = r'-t\s*\d+'`
			`# wordlist_pattern = r'-w\s(/.?/.*?-medium\.txt)'`
			`# # 检查是否有 -t 参数，若没有则添加 -t 5`
			`# if not re.search(thread_pattern, instruction):`
			`# instruction += ' -t 5'`
			`#`
			`# # 检查 -w 后面的字典文件，若是 medium.txt 则换成 small.txt`
			`# if re.search(wordlist_pattern, instruction):`
			`# instruction = re.sub(wordlist_pattern, lambda m: m.group(0).replace('-medium.txt', '-small.txt'),`
			`# instruction)`
			`timeout = 0`
			`if "-q" not in instruction:`
			`instruction += ' -q'`
			`return instruction,timeout`

			`def analyze_result(self, result,instruction,stderr,stdout):`
			`#指令结果分析 -q后对结果进行提取`
			`#重新生成个结果，400-5个，401-5个，200所有，其他还不知道有什么结果所有`
			`result = ""`
			`i_400 = 0`
			`i_401 = 0`
			`lines = stdout.splitlines()`
			`for line in lines:`
			`if line:`
			`badd = False`
			`if "200" in line:`
			`badd = True`
			`elif "400" in line:`
			`if i_400 < 5: #400有5个页面就可以了`
			`badd = True`
			`i_400 += 1`
			`elif "401" in line:`
			`if i_401 < 5:`
			`badd = True`
			`i_401 += 1`
			`else: #未知项不太确定,先保留`
			`badd = True`
			`if badd:`
			`result +='\n'`
			`result += line`
			`return result`

			`if __name__ == '__main__':`
			`sub = GobusterTool()`
			`gobuster_command = "gobuster dir -u http://haitutech.cn -w /usr/directory-list-2.3-medium.txt -x php,html,zip,bak"`
			`print(sub.validate_instruction(gobuster_command))`