config.py

#!/usr/bin/env python
# -*- encoding: utf-8 -*-


class Config(object):
    """
    脚本中需要用到的属性，包括漏洞类型列表、厂商字典、产品类型字典、浏览器代理header
    """
    # 漏洞类型列表
    vul_type_list = [
        u"缓冲区溢出", 
        u"SQL 注入",
        u"路径遍历",
        u"跨站脚本",
        u"资源管理错误",
        u"权限许可和访问控制",
        u"跨站请求伪造",
        u"数字错误",
        u"授权问题",
        u"信任管理",
        u"配置错误" ,
        u"设计错误",
        u"输入验证",
        u"信息泄露",
        u"代码注入",
        u"加密问题",
        u"竞争条件",
        u"格式化字符串",
        u"操作系统命令注入",
        u"后置链接",
        u"环境条件错误",
        u"边界条件错误",
        u"访问验证错误",
        u"HTTP 参数污染", 
        u"后门 Cookie",
        u"验证错误",
        u"ShellCode",
        u"任意文件下载",
        u"任意文件创建",
        u"任意文件删除",
        u"任意文件读取",
        u"变量覆盖",
        u"命令执行",
        u"嵌入恶意代码",
        u"弱密码",
        u"拒绝服务",
        u"数据库发现",
        u"文件上传",
        u"远程文件包含",
        u"本地溢出",
        u"权限提升",
        u"登录绕过",
        u"目录穿越",
        u"解析错误",
        u"越权访问",
        u"路径泄漏",
        u"代码执行",
        u"远程密码修改",
        u"远程溢出",
        u"目录遍历",
        u"空字节注入",
        u"中间人攻击",
        u"HTTP 请求拆分",
        u"CRLF 注入",
        u"XML 注入",
        u"本地文件包含",
        u"证书预测",
        u"HTTP 响应拆分",
        u"SSI 注入",
        u"内存溢出",
        u"整数溢出",
        u"HTTP 响应伪造",
        u"HTTP 请求伪造",
        u"内容欺骗",
        u"XQuery 注入",
        u"缓存区过读",
        u"暴力破解",
        u"LDAP 注入",
        u"安全模式绕过",
        u"备份文件发现",
        u"XPath 注入",
        u"URL 重定向",
        u"代码泄漏",
        u"释放后重用",
        u"DNS 劫持",
        u"其他"
        ]

    # 浏览器代理header列表
    header_list = [
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
        "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2224.3 Safari/537.36",
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36",
        "Mozilla/5.0 (X11; OpenBSD i386) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36",
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2309.372 Safari/537.36",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36",
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1866.237 Safari/537.36",
        "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36 Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10",
        "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.517 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1667.0 Safari/537.36",
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36",
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36",
        "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.16 Safari/537.36",
        "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1623.0 Safari/537.36",
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36"
    ]

    # 厂商字典
    vendor_dict = {
        "siemens":[u"Siemens", u"西门子"],
        "advantech":[u"Advantech",u"研华科技"],
        "rockwell":[u"Rockwell", u"Rockwellautomation", u"罗克韦尔"],
        "schneider":[u"Schneider Electric", u"Schneider-electric", u"Invensys", u"施耐德"],
        "emerson":[u"Emerson", u"爱默生"],
        "parallels":[u"Parallels",u"parallels"],
        "ias":[u"infinite automation systems", u"ias"],
        "wellintech":[u"Wellintech",u"亚控科技"],
        "sielco sistemi":[u"Sielco Sistemi", u"sielco sistemi"],
        "ge":[u"GE", u"General Electric", u"GE Fanuc", u"通用电气"],
        "indusoft":[u"Indusoft",u"indusoft"],
        "windriver":[u"Windriver", u"风河"],
        "hp":[u"HP", u"惠普"],
        "ecava":[u"Ecava", u"ecava"],
        "yokogawa":[u"Yokogawa", u"横河"],
        "omron":[u"Omron", u"欧姆龙"],
        "cogent datahub":[u"Cogentdatahub", u"cogent datahub"],
        "3s":[u"3s-software",u"3s-smart",u"3s-solution", u"3s"],
        "enea":[u"Enea", u"enea"],
        "vmvare":[u"Vmware", u"vmvare"],
        "sinapsitech":[u"Sinapsitech", u"sinapsitech"],
        "microsys":[u"Microsys", u"microsys"],
        "mitsubishi":[u"Mitsubishi", u"三菱"],
        "spidercontrol":[u"Ininet Solutions",u"spidercontrol"],
        "ibc solar":[u"Ibc Solar", u"IBC太阳能"],
        "7t":[u"7T",u"7t"],
        "inductive automation":[u"Inductiveautomation", u"inductive automation"],
        "unitronics":[u"Unitronic",u"unitronics"],
        "ioserver":[u"Ioserver", u"ioserver"],
        "arcinfo":[u"Arcinfo", u"arcinfo"],
        "copadata":[u"Copadata", u"copadata"],
        "xarrow":[u"Xarrow", u"xarrow"],
        "c3-ilex":[u"C3-ilex", u"c3-ilex"],
        "abb":[u"ABB", u"abb"]
    }

    # 产品类型字典
    product_type_dict = {
        # "os":[u"OS",u"操作系统"],
        # "application":[u"Application",u"应用程序"],
        "web":[u"Web",u"WEB应用"],
        "ne":[u"Network Equipment", u"网络设备"],
        "security":[u"Security Product",u"安全产品"],
        "db":[u"DataBase", u"数据库"],
        "plc":[u"PLC", u"可编程控制器, "u"可编程逻辑控制器"],
        "scada/hmi":[u"SCADA", u"HMI"],
        "dcs":[u"DCS",u"分布式控制系统"],
        "opc":[u"OPC"],
        "switch":[u"工业交换机"],
        "nm":[u"工业网络管理软件"]
    }