Skip to content
This repository has been archived by the owner on Aug 10, 2023. It is now read-only.

Commit

Permalink
Update tig.py
Browse files Browse the repository at this point in the history
  • Loading branch information
@teamssix
teamssix authored Apr 9, 2021
1 parent fac3845 commit 467588b
Showing 1 changed file with 120 additions and 70 deletions.
190 changes: 120 additions & 70 deletions tig.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
import time
import base64
import random
import openpyxl
import requests
import argparse
import threading
Expand All @@ -20,43 +21,43 @@

def random_useragent():
ua = [
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50",
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50",
"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0",
"Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; InfoPath.3; rv:11.0) like Gecko",
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)",
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
"Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
"Opera/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; en) Presto/2.8.131 Version/11.11",
"Opera/9.80 (Windows NT 6.1; U; en) Presto/2.8.131 Version/11.11",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Maxthon 2.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; TencentTraveler 4.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; The World)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; SE 2.X MetaSr 1.0; SE 2.X MetaSr 1.0; .NET CLR 2.0.50727; SE 2.X MetaSr 1.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)",
"Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5",
"Mozilla/5.0 (iPod; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5",
"Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5",
"Mozilla/5.0 (Linux; U; Android 2.3.7; en-us; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
"MQQBrowser/26 Mozilla/5.0 (Linux; U; Android 2.3.7; zh-cn; MB200 Build/GRJ22; CyanogenMod-7) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
"Opera/9.80 (Android 2.3.4; Linux; Opera Mobi/build-1107180945; U; en-GB) Presto/2.8.149 Version/11.10",
"Mozilla/5.0 (Linux; U; Android 3.0; en-us; Xoom Build/HRI39) AppleWebKit/534.13 (KHTML, like Gecko) Version/4.0 Safari/534.13",
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en) AppleWebKit/534.1+ (KHTML, like Gecko) Version/6.0.0.337 Mobile Safari/534.1+",
"Mozilla/5.0 (hp-tablet; Linux; hpwOS/3.0.0; U; en-US) AppleWebKit/534.6 (KHTML, like Gecko) wOSBrowser/233.70 Safari/534.6 TouchPad/1.0",
"Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/20.0.019; Profile/MIDP-2.1 Configuration/CLDC-1.1) AppleWebKit/525 (KHTML, like Gecko) BrowserNG/7.1.18124",
"Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0; HTC; Titan)",
"UCWEB7.0.2.37/28/999",
"NOKIA5700/ UCWEB7.0.2.37/28/999",
"Openwave/ UCWEB7.0.2.37/28/999",
"Mozilla/4.0 (compatible; MSIE 6.0; ) Opera/UCWEB7.0.2.37/28/999",
"Mozilla/6.0 (iPhone; CPU iPhone OS 8_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/8.0 Mobile/10A5376e Safari/8536.25"]
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50",
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50",
"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0",
"Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; InfoPath.3; rv:11.0) like Gecko",
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)",
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
"Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
"Opera/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; en) Presto/2.8.131 Version/11.11",
"Opera/9.80 (Windows NT 6.1; U; en) Presto/2.8.131 Version/11.11",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Maxthon 2.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; TencentTraveler 4.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; The World)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; SE 2.X MetaSr 1.0; SE 2.X MetaSr 1.0; .NET CLR 2.0.50727; SE 2.X MetaSr 1.0)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser)",
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)",
"Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5",
"Mozilla/5.0 (iPod; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5",
"Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5",
"Mozilla/5.0 (Linux; U; Android 2.3.7; en-us; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
"MQQBrowser/26 Mozilla/5.0 (Linux; U; Android 2.3.7; zh-cn; MB200 Build/GRJ22; CyanogenMod-7) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
"Opera/9.80 (Android 2.3.4; Linux; Opera Mobi/build-1107180945; U; en-GB) Presto/2.8.149 Version/11.10",
"Mozilla/5.0 (Linux; U; Android 3.0; en-us; Xoom Build/HRI39) AppleWebKit/534.13 (KHTML, like Gecko) Version/4.0 Safari/534.13",
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en) AppleWebKit/534.1+ (KHTML, like Gecko) Version/6.0.0.337 Mobile Safari/534.1+",
"Mozilla/5.0 (hp-tablet; Linux; hpwOS/3.0.0; U; en-US) AppleWebKit/534.6 (KHTML, like Gecko) wOSBrowser/233.70 Safari/534.6 TouchPad/1.0",
"Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/20.0.019; Profile/MIDP-2.1 Configuration/CLDC-1.1) AppleWebKit/525 (KHTML, like Gecko) BrowserNG/7.1.18124",
"Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0; HTC; Titan)",
"UCWEB7.0.2.37/28/999",
"NOKIA5700/ UCWEB7.0.2.37/28/999",
"Openwave/ UCWEB7.0.2.37/28/999",
"Mozilla/4.0 (compatible; MSIE 6.0; ) Opera/UCWEB7.0.2.37/28/999",
"Mozilla/6.0 (iPhone; CPU iPhone OS 8_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/8.0 Mobile/10A5376e Safari/8536.25"]
random_user_agent = {"User-Agent": random.choice(ua)}
return random_user_agent

Expand Down Expand Up @@ -269,17 +270,19 @@ def IP_survive(ip):


def IP_reverse_print(ip, config_path, proxies):
thread_list_str = threading.enumerate()
thread_list = []
for i in thread_list_str:
i = str(i)
if 'started' in i:
i = i.split('(')[1].split(',')[0]
thread_list.append(i)
IP_reverse_url = []
with open('ip_reverse_mAJyXFfG.txt') as f:
while not os.path.exists('.ip_reverse_mAJyXFfG.txt'):
time.sleep(5)
with open('.ip_reverse_mAJyXFfG.txt') as f:
f = f.readlines()
cfg = ConfigParser()
cfg.read(config_path, encoding='utf-8-sig')
Fofa_enable = cfg.get('IP Passive Information', 'Fofa_enable')
if Fofa_enable == 'true':
Fofa_mark = '----Fofa-API----'
else:
Fofa_mark = '----api.webscan.cc----'
if '----api.hackertarget.com----\n' in f and '----api.webscan.cc----\n' in f and '%s\n' % Fofa_mark in f: # 判断反查域名是否获取完毕
if 't_IP_reverse1' not in thread_list and 't_IP_reverse2' not in thread_list and 't_Fofa' not in thread_list: # 判断反查域名是否获取完毕
for url in f:
url = url.strip()
if url not in ['----api.hackertarget.com----', '----api.webscan.cc----', '----Fofa-API----']:
Expand Down Expand Up @@ -522,8 +525,8 @@ def print_IP_reverse_url():
else:
time.sleep(3)
IP_reverse_print(ip, config_path, proxies)
if os.path.exists('ip_reverse_mAJyXFfG.txt'):
os.remove('ip_reverse_mAJyXFfG.txt')
if os.path.exists('.ip_reverse_mAJyXFfG.txt'):
os.remove('.ip_reverse_mAJyXFfG.txt')


def IP_reverse1(ip, proxies):
Expand All @@ -536,10 +539,10 @@ def IP_reverse1(ip, proxies):
if i != ip:
IP_reverse_list.append(i)
if IP_reverse_list != []:
with open('ip_reverse_mAJyXFfG.txt', 'a') as w:
with open('.ip_reverse_mAJyXFfG.txt', 'a') as w:
for ip in IP_reverse_list:
w.write(ip + '\n')
with open('ip_reverse_mAJyXFfG.txt', 'a') as w:
with open('.ip_reverse_mAJyXFfG.txt', 'a') as w:
w.write('----api.hackertarget.com----' + '\n')


Expand All @@ -548,10 +551,10 @@ def IP_reverse2(ip, proxies):
r = req(url, random_useragent(), proxies)
if 'Error' != r:
if r.text != 'null':
with open('ip_reverse_mAJyXFfG.txt', 'a') as w:
with open('.ip_reverse_mAJyXFfG.txt', 'a') as w:
for ip in r.json():
w.write(ip['domain'].strip() + '\n')
with open('ip_reverse_mAJyXFfG.txt', 'a') as w:
with open('.ip_reverse_mAJyXFfG.txt', 'a') as w:
w.write('----api.webscan.cc----' + '\n')


Expand Down Expand Up @@ -581,52 +584,81 @@ def Fofa(ip, config_path): # Fofa ip 信息查询
ip_port.append(i[2])
ip_port = list(set(ip_port))
ip_port.sort(key=int)
print('\n[+] 可能开放端口:%s' % print_list(ip_port))
with open('ip_reverse_mAJyXFfG.txt', 'a') as w:
fofa_port = print_list(ip_port)
print('\n[+] %s 可能开放端口:%s' % (ip, fofa_port))
if tig_output != None:
pools = [{'IP': ip, '端口': fofa_port}]
df = pd.DataFrame(pools, columns=['IP', '端口'])
wb = openpyxl.load_workbook(tig_output)
writer = pd.ExcelWriter(tig_output, engine='openpyxl')
writer.book = wb
df.to_excel(writer, sheet_name='端口信息', index=None)
writer.save()
writer.close()

with open('.ip_reverse_mAJyXFfG.txt', 'a') as w:
for i in r_json['results']:
if ip not in i[0]:
if 'http://' not in i[0] and 'https://' not in i[0]:
w.write(i[0].split(':')[0] + '\n')
else:
w.write(i[0].split('://')[1].split(':')[0] + '\n')
with open('ip_reverse_mAJyXFfG.txt', 'a') as w:
with open('.ip_reverse_mAJyXFfG.txt', 'a') as w:
w.write('----Fofa-API----' + '\n')


def main(ip, config_path, proxies):
print('\n\n[!] 正在查询 %s 的情报信息' % ip)
thread_list_str = threading.enumerate()
thread_list = []
for i in thread_list_str:
i = str(i)
if 'started' in i:
i = i.split('(')[1].split(',')[0]
thread_list.append(i)
while len(thread_list) != 1:
thread_list_str = threading.enumerate()
thread_list = []
for i in thread_list_str:
i = str(i)
if 'started' in i:
i = i.split('(')[1].split(',')[0]
thread_list.append(i)
time.sleep(5)
print('\n[!] 正在查询 %s 的情报信息-----------------------------------------------------------------------------------' % ip)
cfg = ConfigParser()
cfg.read(config_path, encoding='utf-8-sig')
ThreatBook_enable = cfg.get('Threat Intelligence', 'ThreatBook_enable')
IP_reverse_enable = cfg.get('IP Passive Information', 'IP_reverse_enable')
Fofa_enable = cfg.get('IP Passive Information', 'Fofa_enable')
IP_survive_enable = cfg.get('IP Active Information', 'IP_survive_enable')

if os.path.exists('.ip_reverse_mAJyXFfG.txt'):
os.remove('.ip_reverse_mAJyXFfG.txt')

if ThreatBook_enable == 'true':
t_ThreatBook = threading.Thread(target=ThreatBook, args=(ip, config_path,))
t_ThreatBook = threading.Thread(target=ThreatBook, args=(ip, config_path,), name='t_ThreatBook')
t_ThreatBook.start()
if IP_survive_enable == 'true':
t_IP_survive = threading.Thread(target=IP_survive, args=(ip,))
t_IP_survive = threading.Thread(target=IP_survive, args=(ip,), name='t_IP_survive')
t_IP_survive.start()
if IP_reverse_enable == 'true':
if os.path.exists('ip_reverse_mAJyXFfG.txt'):
os.remove('ip_reverse_mAJyXFfG.txt')
t_IP_reverse1 = threading.Thread(target=IP_reverse1, args=(ip, proxies,))
t_IP_reverse1 = threading.Thread(target=IP_reverse1, args=(ip, proxies,), name='t_IP_reverse1')
t_IP_reverse1.start()
t_IP_reverse2 = threading.Thread(target=IP_reverse2, args=(ip, proxies,))
t_IP_reverse2 = threading.Thread(target=IP_reverse2, args=(ip, proxies,), name='t_IP_reverse2')
t_IP_reverse2.start()
time.sleep(5)
t_IP_reverse_print_mark = 1
while(t_IP_reverse_print_mark):
if os.path.exists('ip_reverse_mAJyXFfG.txt'):
while (t_IP_reverse_print_mark):
if os.path.exists('.ip_reverse_mAJyXFfG.txt'):
t_IP_reverse_print_mark = 0
t_IP_reverse_print = threading.Thread(target=IP_reverse_print, args=(ip, config_path, proxies,))
t_IP_reverse_print = threading.Thread(target=IP_reverse_print, args=(ip, config_path, proxies,),
name='t_IP_reverse_print')
t_IP_reverse_print.start()
else:
time.sleep(5)

if Fofa_enable == 'true':
t_Fofa = threading.Thread(target=Fofa, args=(ip, config_path,))
t_Fofa = threading.Thread(target=Fofa, args=(ip, config_path,), name='t_Fofa')
t_Fofa.start()


Expand All @@ -635,13 +667,14 @@ def main(ip, config_path, proxies):
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
|T|h|r|e|a|t| |I|n|t|e|l|l|i|g|e|n|c|e| |G|a|t|h|e|r|i|n|g|
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
Author: TeamsSix Version: 0.4.1 Date: 2021-03-18
Author: TeamsSix Version: 0.4.2 Date: 2021-04-09
''')
parser = argparse.ArgumentParser()
parser.add_argument('-c', dest='config', help='指定配置文件,默认 ./config.ini')
parser.add_argument('-f', dest='file', help='IP 文本,一行一个')
parser.add_argument('-i', dest='ip', help='目标 IP')
parser.add_argument('-p', dest='proxy', help='指定代理,比如:http://127.0.0.1:1080 或者 socks5://127.0.0.1:1080')
parser.add_argument('-o', dest='output', help='导出为excel表格,例如 output.xlsx')
args = parser.parse_args()

if args.config:
Expand All @@ -653,10 +686,23 @@ def main(ip, config_path, proxies):
init(config_path)
print('[!] 未检测到配置文件,已自动生成配置文件,请修改配置文件后重新运行')
sys.exit()

if not os.path.exists(config_path):
print('[-] 未找到配置文件,请确认配置文件路径是否正确')
sys.exit()

global tig_output
if args.output:
tig_output = args.output
if os.path.exists(tig_output):
print('[-] %s 文件已存在' % tig_output)
sys.exit()
tig_output_excel = pd.DataFrame()
tig_output_excel.to_excel(tig_output)

else:
tig_output = None

if args.proxy:
proxies = {'http': args.proxy, 'https': args.proxy}
else:
Expand All @@ -667,9 +713,13 @@ def main(ip, config_path, proxies):
elif args.file:
with open(args.file) as f:
f = f.readlines()
for i in f:
i = i.strip()
main(i, config_path, proxies)
ip_list = []
for i in f:
i = i.strip()
if '.' in i:
ip_list.append(i)
for i in ip_list:
main(i, config_path, proxies)
else:
print('[!] 请输入待扫描的 IP 或 IP 列表文件')
sys.exit()

0 comments on commit 467588b

Please sign in to comment.