Skip to content

Commit

Permalink
Merge pull request #35 from wikiZ/main
Browse files Browse the repository at this point in the history
Kunyu Version Update V1.6.4
  • Loading branch information
0x7Fancy authored Jan 4, 2022
2 parents 4f0e507 + b1b2599 commit c9fc915
Show file tree
Hide file tree
Showing 21 changed files with 278 additions and 9 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [v1.6.4] - 2021-1-4
### Added
- Added "show rule"/"show config" command
- Added the function of loading fingerprint files externally

## [v1.6.2] - 2021-12-11
### Added
- Add the function of creating asset distribution map
Expand Down
30 changes: 30 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,36 @@ Command format: **Seebug tongda**

![](./images/seebug.png)

**Load fingerprint file**

Kunyu V1.6.4 adds the function of loading an external fingerprint library. Kunyu provides 5 fingerprint files as a reference by default. Users can write their own fingerprint files to load or share, and retrieve them more flexibly, which is convenient for traceability and security. Resource sharing in research and red team offense and defense, enhance teamwork.

You can view the information of the currently loaded fingerprint library through the **show rule** command.

![](./images/rule.png)

The default read fingerprint file directory is under **project directory/kunyu/rule**, you can customize the read fingerprint file path setting through **kunyu init --rule C:\风起\rule**.

You can use the **show config** command to view the information of the Kunyu configuration file.

![](./images/showconfig.png)

When faced with complex fingerprint information, you can generate a yaml file through **project directory/kunyu/createrule.py**

![](./images/createrule.png)

The format of the yaml fingerprint file is as follows. Please note that the following standard format must be strictly followed, and no fields are missing.

```bash
KXID: kx-2022-07
author: 风起
createDate: 2022-1-4
description: 查找公网部署的ngrok反向代理
kx_name: ngrok代理工具指纹
kx_query: '''Server: beegoServer:1.12.0'' +''<a href="/login/index">Found</a>.'''
source: https://github.com/wikiZ/Kunyu
```

**Setting parameters**

When set page = 2, the returned results are 40. You can modify the page parameter to set the number of pages to be queried. Note that 1 page = 20/items. You can modify the value according to your needs to get more returned results.
Expand Down
30 changes: 30 additions & 0 deletions doc/README_CN.md
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,36 @@ EncodeHash base64 dasdasdsa

![](../images/seebug.png)

**加载指纹文件**

Kunyu V1.6.4版本新增了加载外部指纹库的功能,Kunyu默认提供了5条指纹文件作为参考,用户可以编写自己的指纹文件进行加载或分享使用,更加灵活的进行检索,方便在溯源、安全研究、红队攻防中资源共享,增强团队协作。

可以通过**show rule**命令查看当前加载指纹库的信息。

![](../images/rule.png)

默认读取指纹文件目录是在**项目目录/kunyu/rule**下,可以通过**kunyu init --rule C:\风起\rule**进行自定义读取指纹文件路径的设置。

可以使用**show config**命令查看kunyu配置文件的信息。

![](../images/showconfig.png)

在面对复杂的指纹信息时,可以通过**项目目录/kunyu/createrule.py**生成yaml文件

![](../images/createrule.png)

yaml指纹文件格式如下,需要注意要严格按照下面标准格式,不能缺少字段。

```bash
KXID: kx-2022-07
author: 风起
createDate: 2022-1-4
description: 查找公网部署的ngrok反向代理
kx_name: ngrok代理工具指纹
kx_query: '''Server: beegoServer:1.12.0'' +''<a href="/login/index">Found</a>.'''
source: https://github.com/wikiZ/Kunyu
```

**设置参数**

当设置set page = 2时,返回结果为40条,大家可以通过修改page参数,设置查询的页数,需要注意1 page = 20/条 ,可以根据需求修改该值,获取更多返回结果。
Expand Down
Binary file added images/createrule.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/rule.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/showconfig.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion kunyu/config/__version__.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
__python_version__ = sys.version.split()[0]
__platform__ = platform.platform()
__url__ = "https://github.com/knownsec/Kunyu"
__version__ = '1.6.3'
__version__ = '1.6.4'
__author__ = '风起'
__Team__ = 'KnownSec 404 Team'
__author_email__ = 'onlyzaliks@gmail.com'
Expand Down
4 changes: 4 additions & 0 deletions kunyu/config/setting.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@
COMMAND_INFO = ["Options", "Value", "Info"]
SEMSITIVE_INFO = ["ID", "SEMSITIVE"]
HOST_SCAN_INFO = ["IP", "Domain", "Title"]
RULE_INFO = ["KXID", "Author", "KX_Name", "Description", "KX_Finger", "CreateDate", "Source"]
RULE_PARMAS = None

# Set executable system commands
OS_SYSTEM = []
Expand All @@ -38,6 +40,8 @@

# Kunyu OUTPUT File Path
OUTPUT_PATH = os.path.expanduser('~/kunyu/output/')
# Kunyu Rule File Path
RULE_FILE_PATH = os.path.abspath(os.path.dirname(os.path.dirname(__file__))) + "/rule"

# REGEX rule
IP_ADDRESS_REGEX = r"(([01]{0,1}\d{0,1}\d|2[0-4]\d|25[0-5])\.){3}([01]{0,1}\d{0,1}\d|2[0-4]\d|25[0-5])"
Expand Down
3 changes: 2 additions & 1 deletion kunyu/console.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@ def main():

# Call the main class
KunyuInterpreter().main()
except Exception:
except Exception as err:
logger_console.error(err)
# Output initialization help document
logger_console.info(__help__.format(datil=init))

Expand Down
12 changes: 11 additions & 1 deletion kunyu/core/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,12 @@
formatter_class=argparse.RawDescriptionHelpFormatter,
usage=argparse.SUPPRESS, add_help=True)


parser_init_console.add_argument("--seebug", help='Seebug API Key')
parser_init_console.add_argument("--apikey", help='ZoomEye API Key')
parser_init_console.add_argument("--username", help='ZoomEye Username')
parser_init_console.add_argument("--password", help='ZoomEye Password')
parser_init_console.add_argument("--seebug", help='ZoomEye Password')
parser_init_console.add_argument("--rule", help='Set Rule File Path')
parser_init_console.add_argument("--output", help='Set Output File Path')
parser_init_console.add_argument("--serverless", help='Set Serverless API')

Expand Down Expand Up @@ -79,6 +81,10 @@ def initial_config():
conf.add_section("Serverapi")
conf.set("Serverapi", "serverless", "None")

if not conf.has_section("rule"):
conf.add_section("rule")
conf.set("rule", "path", setting.RULE_FILE_PATH)

# Verify the login status of the ZoomEye account
def _get_login():
param = '{{"username": "{}", "password": "{}"}}'.format(args.username, args.password)
Expand Down Expand Up @@ -116,6 +122,10 @@ def _get_login():
if args.serverless:
conf.set("Serverapi", "serverless", args.serverless)

# Used for rule directory path
if args.rule:
conf.set("rule", "path", args.rule)

except requests.HTTPError as err:
print("\033[31;1m{}\033[0m".format(err))
print(__help__.format(datil=init))
Expand Down
37 changes: 34 additions & 3 deletions kunyu/core/console.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,23 +6,25 @@
@File: console.py
@Time: 2021/7/19 22:35
'''

import logging
import os
import sys
import platform
import subprocess
from pathlib import Path

from colorama import init
from rich.table import Table
from rich.console import Console

from kunyu.config import setting
from kunyu.utils.log import logger
from kunyu.core.rule import YamlRule
from kunyu.lib.export import createdir
from kunyu.core.zoomeye import ZoomEye
from kunyu.utils import readineng as readline
from kunyu.config.__version__ import __introduction__
from kunyu.config.setting import COMMAND_INFO, OS_SYSTEM
from kunyu.config.setting import COMMAND_INFO, OS_SYSTEM, RULE_FILE_PATH, RULE_INFO

init(autoreset=True)
PLATFORM = platform.system()
Expand All @@ -31,7 +33,6 @@
cmd = "cls" if PLATFORM == "Windows" else "clear"
console = Console(color_system="auto", record=True)


def readline_available():
"""
Check if the readline is available. By default
Expand Down Expand Up @@ -59,6 +60,9 @@ def __init__(self):
self.setup()
# Create output directory
createdir()
# Import rule file param
if Path(setting.RULE_FILE_PATH).exists():
setting.RULE_PARMAS = YamlRule().get_yaml_list()

def setup(self):
""" Initialization of third-party libraries
Expand Down Expand Up @@ -132,6 +136,29 @@ def raw_command_completer(self, text):
def default_completer(self, *ignored):
return []

def show_rule(self):
tables = Table(show_header=True, style="bold")
for cloumn in RULE_INFO:
tables.add_column(
cloumn, justify="center", overflow="ignore"
)
# Display fingerprint file information
for res in setting.RULE_PARMAS:
tables.add_row(
str(res["KXID"]), str(res["author"]), str(res["kx_name"]),str(res["description"]),
str(res["kx_query"]), str(res["createDate"]), str(res["source"])
)
console.log("Finger Rule Info:", style="green")
console.print(tables)
return True

def show_config(self):
# Display configuration file information
config_file_path = os.path.expanduser('~/')+".kunyu.ini"
with open(config_file_path) as file:
logger.info(file.read())
return True

def auxiliary(self, command, line=None):
""""Set how to handle basic commands
:return True/False
Expand All @@ -150,6 +177,10 @@ def auxiliary(self, command, line=None):

# show Global Command Info
elif command == "show":
if line == "rule":
return self.show_rule()
elif line == "config":
return self.show_config()
table = Table(show_header=True, style="bold")
for cloumn in COMMAND_INFO:
table.add_column(
Expand Down
41 changes: 41 additions & 0 deletions kunyu/core/rule.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
#!/usr/bin/env python
# encoding: utf-8
"""
@author: 风起
@contact: onlyzaliks@gmail.com
@File: rule.py
@Time: 2021/12/28 17:56
"""
import os
import yaml

from rich.table import Table
from rich.console import Console

from kunyu.core import conf
from kunyu.config.setting import RULE_INFO

console = Console(color_system="auto", record=True)
RULE_FILE_PATH = conf.get("rule", "path")

class YamlRule:
def _all_path(self, dirname):
result = []
# Returns the paths to all files in the specified directory
for maindir, subdir, file_name_list in os.walk(dirname):
for filename in file_name_list:
result.append(os.path.join(maindir, filename)) # Merge into a full path
return result

def _get_yaml_file(self, filename):
# Read the information in the yaml file
with open(filename, encoding="utf-8") as file:
file_data = file.read()
# Convert yaml file content to dictionary type
return yaml.load(file_data, Loader=yaml.FullLoader)

def get_yaml_list(self):
yaml_params = []
for file in self._all_path(RULE_FILE_PATH):
yaml_params.append(self._get_yaml_file(file))
return yaml_params
22 changes: 20 additions & 2 deletions kunyu/core/zoomeye.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,10 @@
from pocsuite3.lib.core.interpreter import PocsuiteInterpreter
from pocsuite3.lib.core.option import init_options

from kunyu.config import setting
import kunyu.lib.encode as encode
from kunyu.config.setting import UA, USER_INFO_API, HOST_SEARCH_API, WEB_SEARCH_API, DOMAIN_SEARCH_API, HOST_SCAN_INFO, \
SEMSITIVE_INFO
SEMSITIVE_INFO, RULE_PARMAS
from kunyu.core.createmap import create_data_map
from kunyu.lib.export import export_xls
from kunyu.lib.batchfile import get_file
Expand Down Expand Up @@ -193,6 +194,7 @@ class ZoomEye:
SearchDomain <Domain> Domain name associated/subdomain search
EncodeHash <encryption> <query> Encryption method interface (base64/hex/md5/mmh3)
HostCrash <IP> <Domain> Host Header Scan hidden assets
show <config>/<rule> Show can set options or Kunyu config
Seebug <query> Search Seebug vulnerability information
set <option> Set Global arguments values
view/views <ID> Look over banner row data information
Expand All @@ -201,7 +203,6 @@ class ZoomEye:
ExportPath Returns the path of the output file
CreateMap Generate an IP distribution heat map
clear Clear the console screen
show Show can set options
help Print Help info
exit Exit KunYu & """

Expand Down Expand Up @@ -385,6 +386,13 @@ def command_info(cls, *args):
@classmethod
# ZoomEye host search method
def command_searchhost(cls, search):
# Checks whether the fingerprint rule file exists
if setting.RULE_PARMAS is not None:
# Traverses to find whether the specified fingerprint rule number exists
for item_dict in setting.RULE_PARMAS:
if item_dict["KXID"] == search:
# Replace with the value in the specified fingerprint rule number
search = item_dict["kx_query"]
return cls.__command_search(cls, search)

@classmethod
Expand Down Expand Up @@ -550,6 +558,10 @@ def command_views(cls, serial):
finally:
print()

@classmethod
def command_show(cls, line):
pass

@classmethod
def command_searchkeyword(cls, *args, **kwargs):
try:
Expand Down Expand Up @@ -629,3 +641,9 @@ def command_hostcrash(cls, args):

except KeyboardInterrupt:
return

@classmethod
def command_test(cls, args):
from kunyu.config.setting import RULE_FILE_PATH
from kunyu.core.rule import YamlRule
print(YamlRule().get_yaml_list())
Loading

0 comments on commit c9fc915

Please sign in to comment.