diff --git a/README.md b/README.md index c827535..c7753bf 100644 --- a/README.md +++ b/README.md @@ -28,22 +28,22 @@ PS: 感谢[FOFA](https://fofa.info/)提供这么好的测绘工具 > fofa-hack.exe --help ```shell -Fofa-hack>python fofa.py -h +Fofa-hack>python fofa.py -h ____ ____ ____ ____ | ===|/ () \| ===|/ () \ |__| \____/|__| /__/\__\ _ _ ____ ____ __ __ | |_| | / () \ / (__`| |/ / - |_| |_|/__/\__\\____)|__|\__\ V2.5.1 + |_| |_|/__/\__\\____)|__|\__\ V2.5.2 公众号: 黑糖安全 -usage: fofa.py [-h] (--keyword KEYWORD | --inputfile INPUTFILE | --base BASE | --iconurl ICONURL | --iconfile ICONFILE) [--timesleep TIMESLEEP] [--timeout TIMEOUT] [--endcount ENDCOUNT] [--level LEVEL] - [--output OUTPUT] [--outputname OUTPUTNAME] [--fuzz] [--proxy-type {socks4,socks5,http}] [--authorization AUTHORIZATION] [--authorization-file AUTHORIZATION_FILE] [--fofa-key FOFA_KEY] +usage: fofa.py [-h] (--keyword KEYWORD | --inputfile INPUTFILE | --base BASE | --iconurl ICONURL | --iconfile ICONFILE) [--timesleep TIMESLEEP] [--timeout TIMEOUT] [--endcount ENDCOUNT] [--level LEVEL] [--output OUTPUT] + [--outputname OUTPUTNAME] [--fuzz] [--proxy-type {socks4,socks5,http}] [--authorization AUTHORIZATION] [--authorization-file AUTHORIZATION_FILE] [--fofa-key FOFA_KEY] [--debug] [--time-type {day,hour}] [--proxy PROXY | --proxy-url PROXY_URL | --proxy-file PROXY_FILE] -Fofa-hack v2.5.1 使用说明 +Fofa-hack v2.5.2 使用说明 optional arguments: -h, --help show this help message and exit @@ -63,7 +63,7 @@ optional arguments: --level LEVEL, -l LEVEL 爬取等级: 1-3 ,数字越大内容越详细,默认为 1 --output OUTPUT, -o OUTPUT - 输出格式:txt、json,默认为txt + 输出格式:txt、json、csv,默认为txt --outputname OUTPUTNAME, -on OUTPUTNAME 指定输出文件名,默认文件名为 fofaHack --fuzz, -f 关键字fuzz参数,增加内容获取粒度 @@ -74,12 +74,14 @@ optional arguments: --authorization-file AUTHORIZATION_FILE 从文件中读取authorization列表 --authorization-file authorization.txt --fofa-key FOFA_KEY fofa api key值(配合fofa终身会员使用) + --debug fofa-hack调试模式,运行过程中输出更多运行日志 + --time-type {day,hour} + fofa-hack时间类型 (day | hour),默认为day,如果选择hour的话数据采集粒度会变成按小时的 --proxy PROXY 指定代理,代理格式 --proxy '127.0.0.1:7890' --proxy-url PROXY_URL 指定代理url,即访问URL响应为proxy,代理格式 --proxy-url http://127.0.0.1/proxy_pool/get --proxy-file PROXY_FILE 指定txt格式的代理文件,按行分割,代理格式 --proxy-file proxy.txt - ``` 爬取的去重结果会存储到`final_fofaHack.txt`文件中 @@ -113,6 +115,9 @@ if __name__ == '__main__': + 高级语法搜索(本来我以为高级语法用不了,但是最近好像又解禁了) > fofa.exe -k icon_hash="1165838194" ++ 按照小时划分 +> python fofa.py -k index -e 100 --time-type hour + + 欢迎补充.... ### 测试 diff --git a/core/fofaMain.py b/core/fofaMain.py index 2772d21..303afad 100644 --- a/core/fofaMain.py +++ b/core/fofaMain.py @@ -188,7 +188,12 @@ def getTimeList(self, text): data = json.loads(text) assets = data["data"]["assets"] for asset in assets: - mtime = asset["mtime"].split()[0] + if config.TIME_TYPE == "day": + mtime = asset["mtime"].split()[0] + else: + mtime = asset["mtime"] + # if config.DEBUG: + # print("[+] 当前时间戳 "+mtime) timelist.append(mtime) # print(timelist) return timelist @@ -338,8 +343,8 @@ def setIndexTimestamp(self, searchbs64, timestamp_index): proxies=self.get_proxy()) # request should be success rep.raise_for_status() - if config.DEBUG: - print("[+] 当前响应: " + rep.text) + # if config.DEBUG: + # print("[+] 当前响应: " + rep.text) # request should not be limited # '{"code":820006,"message":"[820006] 资源访问每天限制","data":""}' if len(rep.text) <= 55 and '820006' in rep.text: @@ -541,44 +546,79 @@ def modifySearchTimeUrl(self, search_key, index): # get before_time in search_key. # if there is no before_time, set tomorrow_time as default - before_time_in_search_key = (datetime.today() + timedelta(days=1)).strftime('%Y-%m-%d') - if "before=" in search_key: - pattern = r'before="([^"]+)"' - match = re.search(pattern, search_key) - before_time_in_search_key = match.group(1) - time_before_time_in_search_key = datetime.strptime(before_time_in_search_key, "%Y-%m-%d").date() - # print(self.timestamp_list) - # print(index) - # print("self.timestamp_list :"+str(self.timestamp_list)) - # print("index: "+str(index)+" ; self.timestamp_list[index]: "+str(self.timestamp_list[index])) - # regard the_earliest_time.tomorrow as optimized time_before - timestamp_list = list(self.timestamp_list[index]) - timestamp_list.sort() - if len(timestamp_list) == 0: - print(colorize(_("似乎时间戳到了尽头."), "red")) - self._destroy() - # print(timestamp_list) + if config.TIME_TYPE == "day": + before_time_in_search_key = (datetime.today() + timedelta(days=1)).strftime('%Y-%m-%d') + + if "before=" in search_key: + pattern = r'before="([^"]+)"' + match = re.search(pattern, search_key) + before_time_in_search_key = match.group(1) + time_before_time_in_search_key = datetime.strptime(before_time_in_search_key, "%Y-%m-%d").date() + # print(self.timestamp_list) + # print(index) + # print("self.timestamp_list :"+str(self.timestamp_list)) + # print("index: "+str(index)+" ; self.timestamp_list[index]: "+str(self.timestamp_list[index])) + # regard the_earliest_time.tomorrow as optimized time_before + timestamp_list = list(self.timestamp_list[index]) + timestamp_list.sort() + if len(timestamp_list) == 0: + print(colorize(_("似乎时间戳到了尽头."), "red")) + self._destroy() + # print(timestamp_list) + + time_first = timestamp_list[0].split(' ')[0].strip('\n').strip() + time_first_time = datetime.strptime(time_first, "%Y-%m-%d").date() + time_before = time_first_time + timedelta(days=1) + + # check if optimized time_before can be used + if time_before >= time_before_time_in_search_key: + time_before = time_before_time_in_search_key - timedelta(days=1) + + # print(time_before) + + if 'before' in search_key: + # print(search_key) + search_key = search_key.split('&& before')[0] + search_key = search_key.strip(' ') + search_key = search_key + ' && ' + 'before="' + str(time_before) + '"' + else: + search_key = search_key + ' && ' + 'before="' + str(time_before) + '"' + search_key_modify = search_key + else: + before_time_in_search_key = (datetime.today() + timedelta(hours=1)).strftime('%Y-%m-%d %H:%M:%S') - time_first = timestamp_list[0].split(' ')[0].strip('\n').strip() - time_first_time = datetime.strptime(time_first, "%Y-%m-%d").date() - time_before = time_first_time + timedelta(days=1) + if "before=" in search_key: + pattern = r'before="([^"]+)"' + match = re.search(pattern, search_key) + before_time_in_search_key = match.group(1) + time_before_time_in_search_key = datetime.strptime(before_time_in_search_key, '%Y-%m-%d %H:%M:%S') + timestamp_list = list(self.timestamp_list[index]) + timestamp_list.sort() + if len(timestamp_list) == 0: + print(colorize(_("似乎时间戳到了尽头."), "red")) + self._destroy() - # check if optimized time_before can be used - if time_before >= time_before_time_in_search_key: - time_before = time_before_time_in_search_key - timedelta(days=1) + if config.DEBUG: + print("[-] timestamp_list:"+str(timestamp_list)) + time_first = timestamp_list[0].strip('\n').strip() + if config.DEBUG: + print("[-] time_first: "+time_first) + time_first_time = datetime.strptime(time_first, '%Y-%m-%d %H:%M:%S') + time_before = time_first_time + timedelta(hours=1) - # print(time_before) + if time_before >= time_before_time_in_search_key: + time_before = time_before_time_in_search_key - timedelta(hours=1) - if 'before' in search_key: - # print(search_key) - search_key = search_key.split('&& before')[0] - search_key = search_key.strip(' ') - search_key = search_key + ' && ' + 'before="' + str(time_before) + '"' - else: - search_key = search_key + ' && ' + 'before="' + str(time_before) + '"' - search_key_modify = search_key - # print('[*] 搜索词: ' + search_key_modify) + if 'before' in search_key: + search_key = search_key.split('&& before')[0] + search_key = search_key.strip(' ') + search_key = search_key + ' && ' + 'before="' + str(time_before) + '"' + else: + search_key = search_key + ' && ' + 'before="' + str(time_before) + '"' + search_key_modify = search_key + if config.DEBUG: + print('[*] 搜索词: ' + search_key_modify) return search_key_modify diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 72ccaac..0d4d624 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -4,6 +4,7 @@ + 添加csv后缀的输出 + 添加debug模式 ++ 添加细粒度时间选项 --time-type (day | hour) ### 2.5.1 diff --git a/fofa.py b/fofa.py index f39ef2e..b972ed1 100644 --- a/fofa.py +++ b/fofa.py @@ -62,6 +62,8 @@ def main(): help="fofa api key值(配合fofa终身会员使用)") parser.add_argument('--debug', help="fofa-hack调试模式,运行过程中输出更多运行日志", action='store_true') + parser.add_argument('--time-type', + help="fofa-hack时间类型 (day | hour),默认为day,如果选择hour的话数据采集粒度会变成按小时的",choices=['day','hour'],default='day') proxy_group = parser.add_mutually_exclusive_group() proxy_group.add_argument('--proxy', help=_("指定代理,代理格式 --proxy '127.0.0.1:7890'")) proxy_group.add_argument('--proxy-url', help=_("指定代理url,即访问URL响应为proxy,代理格式 --proxy-url http://127.0.0.1/proxy_pool/get")) @@ -73,6 +75,9 @@ def main(): if args.debug: config.DEBUG = args.debug + if args.time_type: + config.TIME_TYPE = args.time_type + if args.fofa_key: config.FOFA_KEY = args.fofa_key diff --git a/tookit/config.py b/tookit/config.py index 59247de..db6caa4 100644 --- a/tookit/config.py +++ b/tookit/config.py @@ -16,6 +16,8 @@ FOFA_KEY = "" DEBUG = False + +TIME_TYPE = "day" ### ============================================================================ ### 代理相关的配置参数