-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathback_end.py
More file actions
250 lines (203 loc) · 11.5 KB
/
back_end.py
File metadata and controls
250 lines (203 loc) · 11.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
import requests
import socket
import ssl
import selenium.common.exceptions
from selenium import webdriver
import time
import front_end
# Variables for port_scanner()
global site_security_score
site_security_score = 0 # Variable that calculates overall site security
def port_scanner(url, start_port, end_port): # A port scanner to scan for open/vulnerable ports
# Must be in format: "www.google.com"
global port_scanner_report
port_scanner_report = ""
try:
ip_to_scan = socket.gethostbyname(url)
print(ip_to_scan)
except socket.gaierror:
port_scanner_report += """Hostname could not be resolved. Please confirm the following:
---- That you are connnected to the internet
---- That you have entered the url in the specified format
---- That the url you specified is valide
"""
print("err")
try:
for port in range(start_port, end_port+1):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result = sock.connect_ex((ip_to_scan, port))
#sock.settimeout(5) # Try to limit timeout for each port scanned, to save time
if ip_to_scan == "0.0.0.0":
raise socket.gaierror
if result == 0:
port_scanner_report += f"Tried Port {port}:\t Open\n ---- Consider exploring {url}:{port} directly\
on your web browser. You might find an unprotected database, router or camera page that might use\
vendor-default passwords. Or something else INTERESTING\n If you are able to access resource that\
SHOULD BE unaccessible, then the server/website's security isn't sound and is vulnerable"
elif result != 0:
port_scanner_report += "Tried port {}: Not listening, Closed ---- Nothing to see here\n".format(port)
sock.close()
except socket.gaierror:
port_scanner_report += """Hostname could not be resolved. Please confirm the following:
---- That you are connnected to the internet
---- That you have entered the url in the specified format
---- That the url you specified is valid
"""
except socket.error:
port_scanner_report += "Couldn't connect to server. Please check your internet connection"
finally:
return port_scanner_report+"\n\n"
def check_redirect_https(url): # Check if website redirects from http to https
# Enter website in form "www.google.com"
global http_ssl_report
http_ssl_report = ""
try:
print("where")
ip_to_scan = socket.gethostbyname(url)
print("where2")
url2 = "http://" + url
print("where3")
link = requests.get(url2)
print("link")
print("where4")
if ip_to_scan == "0.0.0.0":
print("where5")
raise socket.gaierror
except socket.gaierror:
http_ssl_report += """Hostname could not be resolved. Please confirm the following:
---- That you are connnected to the internet
---- That you have entered the url in the specified format
---- That the url you specified is valid\n
"""
else:
sock_443 = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result_443 = sock_443.connect_ex((ip_to_scan, 443))
sock_443.close()
sock_80 = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result_80 = sock_80.connect_ex((ip_to_scan, 80))
sock_80.close()
if result_443 == 0 & result_80 == 0: # If True, then it redirects
try:
requests.get(f"https://{url}")
except (ssl.SSLCertVerificationError, requests.urllib3.exceptions.MaxRetryError, requests.exceptions.SSLError):
http_ssl_report = "Only HTTP version exists for this site\n"
# except requests.exceptions.ConnectionError as error:
# http_ssl_report = f"{error.msg}\n"
else:
http_ssl_report += "Both HTTP and HTTPs version exists for this website\n"
elif result_80 == 0 & result_443 != 0:
print("cool")
http_ssl_report = "Only HTTP version exists for this site\n" # If False, then it doesn't redirect
# url = "http://"+url
# try:
# link = requests.get(url)
# except requests.exceptions.ConnectionError:
# pass
# else:
if link.url.find("google") != -1:
http_ssl_report += f"RESULT FOR HTTP REDIRECT: Site redirects to HTTPS - which is great. A clueless user\
who enters {url} directly on the website will be running an encrypted web session, NOT VISIBLE to\
eavesdroppers, hackers, etc.\n"
elif link.url.startswith("https"):
http_ssl_report += f"RESULT FOR HTTP REDIRECT: Site redirects to HTTPS - which is great. A clueless user\
who enters {url} directly on the website will be running an encrypted web session, NOT VISIBLE to\
eavesdroppers, hackers, etc.\n"
else:
http_ssl_report += f"RESULT FOR HTTP REDIRECT TEST: Site does not redirect to HTTPS - which is bad. A\
clueless user who enters {url} directly on the website will be running an unencrypted web session,\
VISIBLE to eavesdroppers, hackers, etc.\n"
return http_ssl_report+"\n\n"
def brute_force_login_page(url, account_username_email, username_selector, password_selector, login_selector, username_type, password_type, login_type, brave_exe):
global brute_force_report
brute_force_report = ""
# username, password selector uses name
# login button uses css_
count_login_tries = 0
wordlist = open("wow.txt", "r") # File open of our dictionary attack list
# A ChromeOptions instance. Specifies the options to pass into our chrome window to be loaded
browser_options = webdriver.ChromeOptions()
browser_options.binary_location = r"{}".format(brave_exe)
browser_options.add_argument("--disable-popup-blocking")
browser_options.add_argument("--disable-extensions")
# A Chrome instance which loads the options we specified above, and uses the Chrome web driver
browser_connect = webdriver.Chrome(executable_path="chromedriver.exe", options=browser_options)
# try-except that checks brute_force_login_page arguments
try: # This try block validates the URL before running Selenium
request = requests.get(url)
if not request.url.startswith("http"):
if not request.url.startswith("https"):
brute_force_report += """URL is unreachable. Please check the URL. Ensure it is in form
https://www.website.com or http://www.website.com AND THAT IT IS A VALID URL\n"""
except requests.exceptions.MissingSchema:
brute_force_report += """URL is unreachable. Please check the URL. Ensure it is in form
https://www.website.com or http://www.website.com AND THAT IT IS A VALID URL\n"""
try: # This try block should fetch the url, username, password selector from function arguments and validates that the element/selector exists
browser_connect.get(url)
if username_type == 1:
browser_connect.find_element_by_name(username_selector)
elif username_type == 2:
browser_connect.find_element_by_css_selector(username_selector)
if password_type == 1:
browser_connect.find_element_by_name(password_selector)
elif password_type == 2:
browser_connect.find_element_by_css_selector(password_selector)
if login_type == 1:
browser_connect.find_element_by_name(login_selector)
elif login_type == 2:
browser_connect.find_element_by_css_selector(login_selector)
print("Validation Okay")
except selenium.common.exceptions.NoSuchElementException as error:
brute_force_report = "!!!!! Please recheck your specified elements. It seems you specified an incorrect element. Find details below !!!!!\n"
brute_force_report += error.msg + "\n"
# print("exit")
# print(brute_force_report)
# exit()
browser_connect.close()
else:
brute_force_report += "URL, Username, Password is OKAY/VALIDATES and ready to commence bruteforcing\n"
pass
# Loop that continually executes to try different username/password pair combinations
for line in wordlist.readlines():
# browser_connect.get(url)
count_login_tries += 1
try:
line = line.split(",")
username_wordlist = account_username_email
password_wordlist = line
##########
if username_type == 1:
username_attempt = browser_connect.find_element_by_name(username_selector)
elif username_type == 2:
username_attempt = browser_connect.find_element_by_css_selector(username_selector)
if password_type == 1:
password_attempt = browser_connect.find_element_by_name(password_selector)
elif password_type == 2:
password_attempt = browser_connect.find_element_by_css_selector(password_selector)
if login_type == 1:
login_attempt = browser_connect.find_element_by_name(login_selector)
elif login_type == 2:
login_attempt = browser_connect.find_element_by_css_selector(login_selector)
username_attempt.send_keys(username_wordlist)
password_attempt.send_keys(password_wordlist)
login_attempt.click()
time.sleep(5) # Seconds to wait before trying another username/password pair
username_attempt.clear()
password_attempt.clear()
except selenium.common.exceptions.NoSuchElementException as error:
brute_force_report += """YOU HAVE BEEN LOCKED OUT FROM SYSTEM OR RECEIVED A CAPTCHA,
SUGGESTS A SITE IS SPAM/BRUTEFORCE RESISTANT\n""" # If statement that terminates loop and program if any of the selections isn't found.
break # A none found element suggests that either LOGIN WAS SUCCESSFUL, or user was lockedout
except selenium.common.exceptions.StaleElementReferenceException as error:
pass
except selenium.common.exceptions.ElementClickInterceptedException:
brute_force_report += "THE WEBSITE HAS EITHER LOCKED YOU OUT OR PRESENTED A CAPTCHA. SUGGEST THE SITE IS SECURED AGAINST SPAMMERS\n"
browser_connect.close()
break
except (selenium.common.exceptions.NoSuchWindowException, selenium.common.exceptions.WebDriverException):
brute_force_report += "Browser Window was terminated\n" \
"If the Browser Window terminated abruptly, check that you specified the right <form> <input> ELEMENT values\n"\
"Number of times login tries were performed before Window close is {}\n".format(count_login_tries)
break
brute_force_report += "Number of times login tries were performed before lockout or CAPTCHA OR before Window Termination is {}\n".format(count_login_tries)
wordlist.close()
return brute_force_report