htexploit.py

#!/usr/bin/python

import ConfigParser, optparse, os, signal, sys
from lib import Ascii
from lib import Conn
from lib import Detect
from lib import FullList

def signal_handler(signal, frame):
        print "\n[-] Program Aborted by user.\n"
        sys.exit(0)

signal.signal(signal.SIGINT, signal_handler)

version = "0.7b"

title = Ascii.Title(version)
print title

usage = "Usage: %prog -u [URL] [options]"
parser = optparse.OptionParser(usage=usage)
parser.add_option("-m", "--module", action="store", type="string", dest="module", help="Select the module to run (Default: detect)")
parser.add_option("-u", "--url", action="store", type="string", dest="url", help="**REQUIRED** - Specify the URL to scan")
parser.add_option("-o", "--output", action="store", type="string", dest="output", help="Specify the output directory")
parser.add_option("-w", "--wordlist", action="store", dest="wordlist", help="Specify the wordlist to use")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose", default="False", help="Be verbose")
parser.set_defaults(module="detect")
(options, args) = parser.parse_args()

# Set variables according to parameters
if options.url == None:
        parser.print_help()
        sys.exit()

if not options.url.startswith("http://") or options.url.startswith("https://"):
	options.url = "http://" + options.url

if options.output == None:
	outdir = options.output
else:
	outdir = os.path.abspath(options.output)
	
if options.module == "detect":
	Detect.Scan(options.url,options.verbose,outdir)
elif options.module == "full":
	FullList.Scan(options.url,options.verbose,outdir)
else:
	help = "Module '" + options.module + "' not recognized.\n\n"
	help = help + "Available Modules:\n"
	help = help + "  detect - Detects if the directory is vulnerable\n"
	help = help + "  full   - Runs a dictionary attack on the URL, to find protected PHP files\n"
	print help