| 13 | |
| 14 | |
| 15 | class AutoSploitParser(argparse.ArgumentParser): |
| 16 | |
| 17 | def __init__(self): |
| 18 | super(AutoSploitParser, self).__init__() |
| 19 | |
| 20 | @staticmethod |
| 21 | def optparser(): |
| 22 | |
| 23 | """ |
| 24 | the options function for our parser, it will put everything into play |
| 25 | """ |
| 26 | |
| 27 | parser = argparse.ArgumentParser( |
| 28 | usage="python autosploit.py -c[z|s|a] -q QUERY [-O|A]\n" |
| 29 | "{spacer}[-C WORKSPACE LHOST LPORT] [-e] [--whitewash PATH] [-H]\n" |
| 30 | "{spacer}[--ruby-exec] [--msf-path] PATH [-E EXPLOIT-FILE-PATH]\n" |
| 31 | "{spacer}[--rand-agent] [--proxy PROTO://IP:PORT] [-P AGENT] [-D QUERY,QUERY,..]".format( |
| 32 | spacer=" " * 28 |
| 33 | ) |
| 34 | ) |
| 35 | se = parser.add_argument_group("search engines", "possible search engines to use") |
| 36 | se.add_argument("-c", "--censys", action="store_true", dest="searchCensys", |
| 37 | help="use censys.io as the search engine to gather hosts") |
| 38 | se.add_argument("-z", "--zoomeye", action="store_true", dest="searchZoomeye", |
| 39 | help="use zoomeye.org as the search engine to gather hosts") |
| 40 | se.add_argument("-s", "--shodan", action="store_true", dest="searchShodan", |
| 41 | help="use shodan.io as the search engine to gather hosts") |
| 42 | se.add_argument("-a", "--all", action="store_true", dest="searchAll", |
| 43 | help="search all available search engines to gather hosts") |
| 44 | save_results_args = se.add_mutually_exclusive_group(required=False) |
| 45 | save_results_args.add_argument( |
| 46 | "-O", "--overwrite", action="store_true", dest="overwriteHosts", |
| 47 | help="When specified, start from scratch by overwriting the host file with new search results." |
| 48 | ) |
| 49 | save_results_args.add_argument("-A", "--append", action="store_true", dest="appendHosts", |
| 50 | help="When specified, append discovered hosts to the host file.") |
| 51 | |
| 52 | req = parser.add_argument_group("requests", "arguments to edit your requests") |
| 53 | req.add_argument("--proxy", metavar="PROTO://IP:PORT", dest="proxyConfig", |
| 54 | help="run behind a proxy while performing the searches") |
| 55 | req.add_argument("--random-agent", action="store_true", dest="randomAgent", |
| 56 | help="use a random HTTP User-Agent header") |
| 57 | req.add_argument("-P", "--personal-agent", metavar="USER-AGENT", dest="personalAgent", |
| 58 | help="pass a personal User-Agent to use for HTTP requests") |
| 59 | req.add_argument("-q", "--query", metavar="QUERY", dest="searchQuery", |
| 60 | help="pass your search query") |
| 61 | |
| 62 | exploit = parser.add_argument_group("exploits", "arguments to edit your exploits") |
| 63 | exploit.add_argument("-E", "--exploit-file", metavar="PATH", dest="exploitList", |
| 64 | help="provide a text file to convert into JSON and save for later use") |
| 65 | exploit.add_argument("-C", "--config", nargs=3, metavar=("WORKSPACE", "LHOST", "LPORT"), dest="msfConfig", |
| 66 | help="set the configuration for MSF (IE -C default 127.0.0.1 8080)") |
| 67 | exploit.add_argument("-e", "--exploit", action="store_true", dest="startExploit", |
| 68 | help="start exploiting the already gathered hosts") |
| 69 | exploit.add_argument("-d", "--dry-run", action="store_true", dest="dryRun", |
| 70 | help="msfconsole will never be called when this flag is passed") |
| 71 | exploit.add_argument("-f", "--exploit-file-to-use", metavar="PATH", dest="exploitFile", |
| 72 | help="Run AutoSploit with provided exploit JSON file.") |