You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.5 KiB
38 lines
1.5 KiB
2 months ago
|
import os
|
||
|
|
import shlex
|
||
|
|
from tools.ToolBase import ToolBase
|
||
|
|
|
||
|
|
class HydraTool(ToolBase):
|
||
|
|
def validate_instruction(self, instruction):
|
||
|
|
timeout = 0
|
||
|
|
#hydra过滤
|
||
|
|
#hydra -L emails.txt -P passwords.txt pop3://haitutech.cn 像这样针对邮箱爆破,邮箱名不是用户名,需要特殊处理
|
||
|
|
# 分割指令为参数列表
|
||
|
|
cmd_parts = shlex.split(instruction)
|
||
|
|
new_cmd = []
|
||
|
|
# 获取当前程序所在目录
|
||
|
|
current_path = os.path.dirname(os.path.realpath(__file__))
|
||
|
|
#new_pass_path = os.path.join(current_path, "payload", "passwords")
|
||
|
|
new_pass_path = os.path.join(current_path, "../payload", "passwords")
|
||
|
|
new_user_path = os.path.join(current_path, "../payload", "users")
|
||
|
|
|
||
|
|
i = 0
|
||
|
|
while i < len(cmd_parts):
|
||
|
|
part = cmd_parts[i]
|
||
|
|
new_cmd.append(part)
|
||
|
|
# 检测到-P参数
|
||
|
|
if part == "-P" and i + 1 < len(cmd_parts): #密码
|
||
|
|
# 替换下一参数为指定路径
|
||
|
|
new_cmd.append(new_pass_path)
|
||
|
|
i += 1 # 跳过原路径参数
|
||
|
|
elif part == "-L" and i + 1 < len(cmd_parts): #用户名
|
||
|
|
# 替换下一参数为指定路径
|
||
|
|
new_cmd.append(new_user_path)
|
||
|
|
i += 1 # 跳过原路径参数
|
||
|
|
i += 1
|
||
|
|
|
||
|
|
return " ".join(shlex.quote(p) for p in new_cmd),timeout
|
||
|
|
|
||
|
|
def analyze_result(self, result,instruction,stderr,stdout):
|
||
|
|
#返回结果
|
||
|
|
return result
|