Update Kunyu Version V1.6.1

CHANGELOG

@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v1.6.1] - 2021-11-20
+### Added
+- Optimized the issue of CTRL+C exiting the program when executing system commands
+- The stype parameter is added, and the data type can be set to IPV4 or IPV6
+- Added the views command to get the original information of the SSL certificate [views]
+
 ## [v1.6] - 2021-11-12
 ### Added
 - Brand new style heading

README.md

@@ -93,7 +93,7 @@ Global commands:
         HostCrash <IP> <Domain>                   Host Header Scan hidden assets
         Seebug <query>                            Search Seebug vulnerability information
         set <option>                              Set Global arguments values
-        view <ID>                                 Look over banner row data information
+        view/views <ID>                           Look over http/ssl row data information
         SearchKeyWord                             Query sensitive information by keyword
         Pocsuite3                                 Invoke the pocsuite component
         ExportPath                                Returns the path of the output file
@@ -109,8 +109,9 @@ Global commands:
 ZoomEye:
 	page <Number>    				The number of pages returned by the query
 	dtype <0/1>      				Query associated domain name/subdomain name
+	stype <v4/v6>					stype <v4/v6> Set to get data type IPV4 or IPV6
 	btype <host/web> 				Set the API interface for batch query
-	timeout <num>					Set the timeout period of Kunyu HTTP request 
+	timeout <num>					Set the timeout period of Kunyu HTTP request
 ```
 
 ## Use case introduction
@@ -171,6 +172,14 @@ Command format: **SearchDomain Domain**
 
 ![](./images/searchdomain.png)
 
+**Set the type of data to be obtained**
+
+After the V1.6.1 version, the user can set the data type obtained through the stype parameter to IPV4 or IPV6 to realize the application scenario, and the default parameter is v4.
+
+Command format: **set stype = v6**
+
+![](./images/stype.png)
+
 **View Banner Information** 
 
 The user can view the banner corresponding to the specified serial number through the view command, so as to further analyze the front-end code and Header header, and the user can intercept the banner information for further association matching. 
@@ -179,6 +188,12 @@ Command format: **view ID**
 
 ![](./images/view.png)
 
+The user can also view the SSL certificate information of the specified serial number through the views command, and further associate it by extracting the sensitive information in the SLL certificate information.
+
+Command format: **views ID**
+
+![](./images/views.png)
+
 **Collection of Sensitive Information** 
 
 After Kunyu v1.6.0, the acquisition of sensitive information in the banner has been added. Normally use the relevant grammar and set the number of pages. Kunyu will automatically collect the sensitive data in the banner information of the last query result, and then use the SearchKeyWord command to view the result . **Currently, testing will continue to focus on this feature point**. 
@@ -363,7 +378,7 @@ It is recommended to use Python3.2-3.9 version, other versions of Python3 may ha
 Kunyu has joined [404Starlink](https://github.com/knownsec/404StarLink)
 
 
-# 0x07 Community
+# 0x08 Community
 
 If you have any questions, you can submit an issue under the project, or contact us through the following methods.
 

doc/README_CN.md

@@ -94,7 +94,7 @@ Global commands:
         HostCrash <IP> <Domain>                   Host Header Scan hidden assets
         Seebug <query>                            Search Seebug vulnerability information
         set <option>                              Set Global arguments values
-        view <ID>                                 Look over banner row data information
+        view/views <ID>                           Look over http/ssl row data information
         SearchKeyWord                             Query sensitive information by keyword
         Pocsuite3                                 Invoke the pocsuite component
         ExportPath                                Returns the path of the output file
@@ -110,6 +110,7 @@ Global commands:
 ZoomEye:
 	page <Number>    查询返回页数(默认查询一页，每页20条数据)
 	dtype <0/1>      查询关联域名/子域名(设置0为查询关联域名，反之为子域名)
+	stype <v4/v6>	 设置获取数据类型IPV4或IPV6，默认为 ipv4,ipv6 全选
 	btype <host/web> 设置批量查询的API接口(默认为HOST)
 	timeout <num>	 设置Kunyu HTTP请求的超时时间
 ```
@@ -172,6 +173,14 @@ SearchIcon /root/favicon.ico
 
 ![](../images/searchdomain.png)
 
+**设置获取数据类型**
+
+在V1.6.1版本后，用户可以通过stype参数设置获取的数据类型为IPV4或者IPV6，实现应用场景，默认参数为v4。
+
+命令格式：**set stype = v6**
+
+![](../images/stype.png)
+
 **查看Banner信息**
 
 用户可以通过view命令查看指定序号对应信息的Banner，从而进一步分析前端代码及Header头，用户可以截取banner信息进一步的关联匹配。
@@ -180,6 +189,12 @@ SearchIcon /root/favicon.ico
 
 ![](../images/view.png)
 
+用户也可以通过views命令查看指定序号的SSL证书信息，通过提取SLL证书信息中的敏感信息进一步关联。
+
+命令格式：**views ID**
+
+![](../images/views.png)
+
 **敏感信息收集**
 
 在Kunyu v1.6.0版本后，增加了对banner中敏感信息的获取，平时使用正常使用相关语法，设置页数，Kunyu会自动收集上一次查询结果banner信息中的敏感数据，然后通过SearchKeyWord命令查看结果。**目前将持续测试关注该功能点**。

kunyu/config/__version__.py

@@ -15,7 +15,7 @@
 __python_version__ = sys.version.split()[0]
 __platform__ = platform.platform()
 __url__ = "https://github.com/knownsec/Kunyu"
-__version__ = '1.6.0'
+__version__ = '1.6.1'
 __author__ = '风起'
 __Team__ = 'KnownSec 404 Team'
 __author_email__ = '[email protected]'

kunyu/core/console.py

@@ -157,8 +157,9 @@ def auxiliary(self, command, line=None):
                 )
             command_info = [["page", self.getter("page"),"Set Search Page"],
                             ["dtype", self.getter("dtype"), "Set Associated/Subdomain Search Schema"],
-                            ["timeout", self.getter("timeout"), "Set HTTP Requests Timeout"],
-                            ["btype", self.getter("btype"), "Set BatchFile Search Schema"]]
+                            ["stype", self.getter("stype"), "Set data type IPV4/IPV6 (option v4/v6)"],
+                            ["btype", self.getter("btype"), "Set BatchFile Search Schema"],
+                            ["timeout", self.getter("timeout"), "Set HTTP Requests Timeout"]]
             for info in command_info:
                 table.add_row(
                     str(info[0]), str(info[1]), str(info[2])
@@ -172,8 +173,11 @@ def auxiliary(self, command, line=None):
             return True
 
         elif command in OS_SYSTEM:
-            command_os = "{} {}".format(command, line)
-            os.system(command_os)
+            try:
+                command_os = "{} {}".format(command, line)
+                os.system(command_os)
+            except KeyboardInterrupt:
+                print("")
             return True
 
         return False
@@ -202,7 +206,7 @@ def start(self):
                 sys.exit(0)
 
             except Exception as err:
-                console.print(err)
+                # console.print(err)
                 continue
 
 

kunyu/core/zoomeye.py

@@ -49,6 +49,7 @@ class ZoomeyeSearch(object):
     def __init__(self, method):
         self.auth = None
         self.search = None
+        self.stype = None
         self.page = 1
         self.method = method
         self.headers = {
@@ -61,6 +62,7 @@ def wrapper(*args, **kwargs):
             nonlocal func
             req_list = []
             login_url = func(self, *args, **kwargs)
+            params["sub_type"] = self.stype
             try:
                 for num in range(int(self.page)):
                     params['query'], params['page'] = self.search, (num + 1)
@@ -133,7 +135,7 @@ def __get_login(self):
 
 # After the SDK public,The interface to get the data.
 @ZoomeyeSearch(method="GET")
-def _dork_search(self, url, search, page):
+def _dork_search(self, url, search, page, sub_type):
     """"The logic layer of ZoomEye processes the requested data
         and feeds it back to the request layer to obtain the original data
     """
@@ -142,6 +144,7 @@ def _dork_search(self, url, search, page):
             raise ArithmeticError
         self.page = page
         self.search = search
+        self.stype = sub_type.lower()
         return url
 
     except ArithmeticError:
@@ -169,9 +172,11 @@ class ZoomEye:
     from kunyu.config.setting import ZOOMEYE_FIELDS_HOST, ZOOMEYE_FIELDS_WEB, ZOOMEYE_FIELDS_INFO, ZOOMEYE_FIELDS_DOMAIN
     from kunyu.utils.convert import convert
     raw_data_params = {}
+    ssl_data_params = {}
     sensitive_params = []
     page = 1
     dtype = 0
+    stype = "v4"
     btype = "host"
     timeout = 30
 
@@ -188,7 +193,7 @@ class ZoomEye:
         HostCrash <IP> <Domain>                   Host Header Scan hidden assets
         Seebug <query>                            Search Seebug vulnerability information
         set <option>                              Set Global arguments values
-        view <ID>                                 Look over banner row data information
+        view/views <ID>                           Look over banner row data information
         SearchKeyWord                             Query sensitive information by keyword
         Pocsuite3                                 Invoke the pocsuite component
         ExportPath                                Returns the path of the output file
@@ -199,8 +204,8 @@ class ZoomEye:
 
     # ZoomEye Command List
     Command_Info = ["help", "info", "set", "Seebug", "SearchWeb", "SearchHost", "SearchIcon", "HostCrash", "SearchBatch",
-                    "SearchCert", "SearchDomain", "EncodeHash", "Pocsuite3", "ExportPath", "show", "clear", "view", "SearchKeyWord",
-                    "exit"]
+                    "SearchCert", "SearchDomain", "EncodeHash", "Pocsuite3", "ExportPath", "show", "clear", "view", "views",
+                    "SearchKeyWord", "exit"]
 
     def __init__(self):
         self.fields_tables = None
@@ -212,6 +217,7 @@ def __command_search(self, search, types="host"):
             :param types: Dynamically set according to the interface used
         """
         self.raw_data_params.clear()
+        self.ssl_data_params.clear()
         self.sensitive_params.clear()
         GlobalVar.set_timeout_resp(self.timeout)
         table = Table(show_header=True, style="bold")
@@ -238,35 +244,46 @@ def __command_search(self, search, types="host"):
             return logger.warning("Please enter the correct field")
 
         # Get data information
-        for result in _dork_search(api_url, search, self.page):
+        for result in _dork_search(api_url, search, self.page, self.stype):
             try:
                 total = result['total']
                 webapp_name, server_name, db_name, system_os, language = "", "", "", "", ""
                 for i in range(len(result[result_type])):
                     num += 1
-                    title, lat, lon = "", "", ""
+                    title, data_isp = "", ""
                     data = self.convert(result[result_type][i])
                     if api_url == HOST_SEARCH_API:
                         if data.portinfo.title:
                             title = data.portinfo.title[0]
+                        try:
+                            data_isp = data.geoinfo.isp
+                        except:
+                            pass
                         """
                         if data.geoinfo.location:
                             lat = data.geoinfo.location.lat
                             lon = data.geoinfo.location.lon
                         """
                         # Set the output field
                         table.add_row(str(num), data.ip, str(data.portinfo.port), str(data.portinfo.service),
-                                      str(data.portinfo.app), str(data.geoinfo.isp), str(data.geoinfo.country.names.en),
+                                      str(data.portinfo.app), str(data_isp), str(data.geoinfo.country.names.en),
                                       str(data.geoinfo.city.names.en), str(title), str(data.timestamp).split("T")[0])
 
                         # Set the exported fields
                         export_host = [str(num), data.ip, str(data.portinfo.port), str(data.portinfo.service),
-                                       str(data.portinfo.app), str(data.geoinfo.isp), str(data.geoinfo.country.names.en),
+                                       str(data.portinfo.app), str(data_isp), str(data.geoinfo.country.names.en),
                                        str(data.geoinfo.city.names.en), str(title), str(data.timestamp).split("T")[0]]
 
                         # Reset the <raw Data Params> element
                         self.raw_data_params[num] = data.portinfo.banner
 
+                        # Reset the <ssl raw Data Params> element
+                        try:
+                            ssl_raw_data = data.ssl
+                            self.ssl_data_params[num] = ssl_raw_data
+                        except:
+                            pass
+
                         # Get the sensitive information in the banner
                         sensitive = SearchKeyWord().get_keyword_sensitive(data.portinfo.banner)
                         if sensitive: self.sensitive_params.append(sensitive)
@@ -301,6 +318,13 @@ def __command_search(self, search, types="host"):
                         # Reset the <raw Data Params> element
                         self.raw_data_params[num] = data.raw_data
 
+                        # Reset the <ssl raw Data Params> element
+                        try:
+                            ssl_raw_data = data.ssl
+                            self.ssl_data_params[num] = ssl_raw_data
+                        except:
+                            pass
+
                         # Get the sensitive information in the banner
                         sensitive = SearchKeyWord().get_keyword_sensitive(data.raw_data)
                         if sensitive: self.sensitive_params.append(sensitive)
@@ -483,11 +507,35 @@ def command_view(cls, serial):
             else:
                 console.log("Banner Information is:\n", style="green")
                 console.print(raw_data)
-
+                print()
         except ArithmeticError:
             logger.warning("No retrieval operation is performed or the length of the dictionary key value is exceeded")
             return
 
+    @classmethod
+    # look over ssl row_data info
+    def command_views(cls, serial):
+        """
+            View ssl raw data information
+            You can views any ssl raw data by entering the serial number
+            :param serial): Please enter serial number ID
+        """
+        try:
+            # If the key parameter is not specified, the key parameter is automatically set to 1
+            serials = 1 if serial is "" else serial
+            ssl_raw_data = cls.ssl_data_params.get(int(serials))
+            # Check whether the returned result is None
+            if ssl_raw_data is None:
+                raise ArithmeticError
+            else:
+                console.log("SSL Banner Information is:\n", style="green")
+                console.print(ssl_raw_data)
+                print()
+        except ArithmeticError:
+            logger.warning("SSL Banner information is empty")
+            return
+        pass
+
     @classmethod
     def command_searchkeyword(cls, *args, **kwargs):
         try: