AWVS with Xray By Docker

预览 / Preview

image-20210518215043078

安装 / Install

# 初始化 # 注意修改文件路劲
docker run -it -d \
--name awvs \
-p 3443:3443 \
-v /opt/xrsec/docker/test/xray:/awvs/xray \
xrsec/awvs:v14

进阶升级 / Advanced upgrade

sudo docker exec -it awvs bash 
# 换源
echo -e "deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse \
\ndeb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse \
\ndeb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse \
\ndeb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse \
\ndeb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse \
\ndeb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse \
\ndeb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse \
\ndeb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse \
\ndeb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse \
\ndeb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse" \
> /etc/apt/sources.list

# 安装软件升级
apt update -y && apt upgrade -y \
&& apt install tree python3 python3-pip netcat -y \
&& pip3 install requests

目录 / Tree

/awvs# tree
.
|-- Dockerfile
|-- ReadMe.txt
|-- awvs.sh
|-- awvs_listen.zip
|-- awvs_x86.sh
|-- install.log
|-- license_info.json
|-- wa_data.dat
|-- wvsc
`-- xray
|-- awvs.txt
|-- awvs_xray
|-- ca.crt
|-- ca.key
|-- config.yaml
|-- xray-license.lic
`-- xray_linux_amd64

1 directory, 16 files
/awvs#

/awvs/awvs.sh

#!/bin/bash
clear
echo -e "\033[1;31m __ ____ _______ \033[0m"
echo -e "\033[1;32m /\ \ / /\ \ / / ____| \033[0m"
echo -e "\033[1;33m / \ \ /\ / / \ \ / / (___ \033[0m"
echo -e "\033[1;34m / /\ \ \/ \/ / \ \/ / \___ \ \033[0m"
echo -e "\033[1;35m / ____ \ /\ / \ / ____) | \033[0m"
echo -e "\033[1;36m /_/ \_\/ \/ \/ |_____/ \033[0m"
echo -e "\033[1;34m -------------- \033[0m"
echo -e "\033[1;31m __ __ ____ \033[0m"
echo -e "\033[1;32m \ \/ / | _ \ ___ ___ ___ \033[0m"
echo -e "\033[1;33m \ / | |_) | / __| / _ \ / __| \033[0m"
echo -e "\033[1;34m / \ | _ < \__ \ | __/ | (__ \033[0m"
echo -e "\033[1;35m /_/\_\ |_| \_\ |___/ \___| \___| \n\033[0m"
echo -e "\033[1;31m Thank's fahai && TimeLine Sec \n\033[0m"
echo -e "\033[1;32m [ help ] \033[0m"
echo -e "\033[1;35m [ https://www.fahai.org/index.php/archives/110/ ] \033[0m"
echo -e "\033[1;33m [ https://blog.zygd.site/AWVS14%20Docker.html ] \n\033[0m"

su -l acunetix -c /home/acunetix/.acunetix/start.sh &
slepp 5
sh -c "cd /awvs/xray && /awvs/xray/xray_linux_amd64 webscan --listen 0.0.0.0:7777 --html-output /awvs/xray/"$(date "+%Y%m%d%H%M%S")".html" &
sleep 5
sh -c "/awvs/xray/awvs_xray" &
/bin/sh

/awvs/xray/awvs_xray

#!/usr/bin/python3
# -*- coding: UTF-8 -*-
import json, queue, requests, os, sys, threading, datetime, time
requests.packages.urllib3.disable_warnings()


class AwvsScan(object):
def __init__(self):
self.scanner = 'https://172.17.0.2:3443' # Modify URL
self.api = '1986ad8c0a5b3df4d7028d5f3c06e936c49be5304a2a04588a59fcdc7f05a801a' # Modify API
self.ScanMode = '11111111-1111-1111-1111-111111111111' # ScanMode
self.headers = {'X-Auth': self.api, 'content-type': 'application/json'}
self.targets_id = queue.Queue()
self.scan_id = queue.Queue()
self.site = queue.Queue()
self.proxy_date = {"scan_speed": "fast", "default_scanning_profile_id": "11111111-1111-1111-1111-111111111111",
"user_agent": "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/searc h/spider.html)",
"proxy": {"enabled": "true", "protocol": "http", "address": "127.0.0.1", "port": 7777}}

def main(self):
try:
if sys.argv[1] == "del":
self.del_targets() # 删除任务
except:
# t1 = threading.Thread(target=self.awvs_xray())
# t2 = threading.Thread(target=self.scans())
# t1.start()
# t2.start()
# self.awvs_xray()
self.scans() # Run

def banner(self):
os.system("clear")
print("\n\033[24;37;34m __ __ ____ \033[0m")
print("\033[24;37;32m \ \/ / | _ \ ___ ___ ___ \033[0m")
print("\033[24;37;36m \ \/ | |_) | / __| / _ \ / __| \033[0m")
print("\033[24;37;31m / \ | _ < \__ \ | __/ | (__ \033[0m")
print("\033[24;37;35m /_/\_\ |_| \_\ |___/ \___| \___| \n\033[0m")
print("\033[24;37;35m [ Help ] \n\033[0m")
print("\033[24;37;31m /awvs/awvs_xray del \033[0m")
print("\033[24;37;32m Edit /awvs/awvs.txt \n\033[0m")

def openfile(self):
with open('/awvs/xray/awvs.txt') as cent:
for web_site in cent:
web_site = web_site.strip('\n\r')
self.site.put(web_site)

def targets(self):
self.openfile()
while not self.site.empty():
website = self.site.get()
try:
data = {'address': website,
'description': 'awvs-auto',
'criticality': '10'}
response = requests.post(self.scanner + '/api/v1/targets', data=json.dumps(data), headers=self.headers,
verify=False)
cent = json.loads(response.content)
target_id = cent['target_id']
self.targets_id.put(target_id)
except Exception as e:
print('Error:Target is not website! {}'.format(website))
print("Please check if the URL in awvs.txt is correct!")
exit()

def scans(self):
self.targets()
while not self.targets_id.empty():
target_id = self.targets_id.get()
print(target_id)
time.sleep(3)
data = {'target_id': target_id,
'profile_id': self.ScanMode,
'schedule': {'disable': False, 'start_date': None, 'time_sensitive': False}}
proxy_targ = requests.patch(self.scanner + '/api/v1/targets/' + target_id + '/configuration',
data=json.dumps(self.proxy_date), headers=self.headers, verify=False)

response = requests.post(self.scanner + '/api/v1/scans', data=json.dumps(data), headers=self.headers,
allow_redirects=False, verify=False)

if proxy_targ.status_code == 204:
print("Waiting for passive scanning to start listening")

if response.status_code == 201:
cent = response.headers['Location'].replace('/api/v1/scans/', '')
print(cent)

def get_targets_id(self):
response = requests.get(self.scanner + "/api/v1/targets", headers=self.headers, verify=False)
content = json.loads(response.content)
for cent in content['targets']:
self.targets_id.put([cent['address'], cent['target_id']])

def del_targets(self):
while True:
self.get_targets_id()
if self.targets_id.qsize() == 0:
break
else:
while not self.targets_id.empty():
targets_info = self.targets_id.get()
response = requests.delete(self.scanner + "/api/v1/targets/" + targets_info[1],
headers=self.headers, verify=False)
if response.status_code == 204:
print('delete targets {}'.format(targets_info[0]))

# def awvs_xray(self):
# os.system("/awvs/xray/xray_linux_amd64 webscan --listen 0.0.0.0:7777 --html-output /awvs/xray/" + datetime.datetime.now().strftime('%Y-%m-%d-%H-%M-%S') + ".html >> /dev/null")


if __name__ == '__main__':
Scan = AwvsScan()
Scan.banner()
Scan.main()


/awvs/xray/xray_linux_amd64

建议关注 xray 官方活动 或者 \****

使用 / Use

docker exec -it awvs /awvs/xray/awvs_xray del # 删除所有扫描任务
docker exec -it awvs /awvs/xray/awvs_xray # 默认情况下xray 应该停止运行了,建议
docker restart awvs
/awvs/xray/awvs.txt # 扫描的站点建议 一次一个还未尝试 多个同时扫描

Bugs

  • 有希望希望能出现以为大佬,使用 iptables 或者 py 实现流量复制,后期可以多元化
  • 比如 awvs + xray / goby + xray,或者同时运行两个被动扫描器
  • 再进阶一点应该可以用上代理池,无规则扫描,指纹删除