wxpython写的一个小工具--waftool v1.0

因为自己测试经常是写个脚本执行，现在学了wxpython，就尝试写了一个图形化的工具，组员也能轻便的使用

先看一下我的tool界面，比较简单啦




源代码如下waftool.py：

Code
 1#!/usr/bin/env python
 2#coding=utf-8
 3import wx
 4import wx.lib.buttons as buttons
 5import os
 6import urllib2,httplib
 7class WAFtoolFrame(wx.Frame):
 8    def __init__(self):
 9        wx.Frame.__init__(self,None,-1,'WAF-Easy-Tool',size=(400,300))
10        panel = wx.Panel(self,-1)
11        self.button1 = buttons.GenButton(panel,-1,"SQL-Injection",pos=(270,15),size=(100,30))
12        self.button2 = buttons.GenButton(panel,-1,"XSS-Attack",pos=(270,60),size=(100,30))
13        self.button3 = buttons.GenButton(panel,-1,'WEB-Common',pos = (270,105),size=(100,30))
14        self.button4 = buttons.GenButton(panel,-1,'CMD',pos = (270,150),size=(100,30))
15        self.button5 = buttons.GenButton(panel,-1,'Ping',pos = (270,195),size=(100,30))
16        self.LabelIP = wx.StaticText(panel,-1,' IP:',pos=(10,203),size = (30,30))
17        self.LabelURL = wx.StaticText(panel,-1,'URL:',pos=(10,67),size = (30,30))
18        self.Text1 = wx.TextCtrl(panel,-1,"",pos=(50,200),size = (100,22),style=wx.TE_CENTER)
19        self.Text2 = wx.TextCtrl(panel,-1,"http://10.26.2.22/upload/index.php?id=1",pos=(50,65),size = (200,22))
20        self.Text1.SetInsertionPoint(0)
21        self.Text2.SetInsertionPoint(0)
22        self.Bind(wx.EVT_BUTTON,self.SqlAction,self.button1)
23        self.Bind(wx.EVT_BUTTON,self.CMD,self.button4)
24        self.Bind(wx.EVT_BUTTON,self.PING,self.button5)
25        self.Bind(wx.EVT_BUTTON,self.XssAction,self.button2)
26        self.button3.Disable()
27        
28        
29    def SqlAction(self,event):
30        self.url = self.Text2.GetValue()
31        self.KeepGoing = True
32        self.count = 0
33        self.ProgressMax = 0
34        self.filename = 'GET.txt'
35        if os.path.exists(self.filename):
36            os.remove(self.filename)
37        self.fp = open('sql.txt')
38        self.file_get = open(self.filename,'ab')
39        for self.param in self.fp:
40            self.value = self.url+self.param
41            self.file_get.write(self.value)
42            self.ProgressMax=self.ProgressMax+1
43        self.dialog = wx.ProgressDialog('SENDING','Please wait for minutes',maximum=self.ProgressMax,style=wx.PD_CAN_ABORT|wx.PD_ELAPSED_TIME|wx.PD_REMAINING_TIME)
44        self.file_get.close()
45        self.fp1 = open(self.filename)
46        for item in self.fp1:
47            if self.KeepGoing and self.count<self.ProgressMax:
48                urllib2.urlopen(item)
49                self.count=self.count+1
50#                wx.Sleep(1)
51                self.KeepGoing = self.dialog.Update(self.count)
52        self.dialog.Destroy()
53        self.fp1.close()
54        os.remove(self.filename)
55    def CMD(self,event):
56        os.system('cmd')
57    def PING(self,event):
58        self.ip = self.Text1.GetValue()
59        os.system('ping '+self.ip)
60    def XssAction(self,event):
61        self.url = self.Text2.GetValue()
62        self.KeepGoing = True
63        self.count = 0
64        self.ProgressMax = 0
65        self.filename = 'GET.txt'
66        if os.path.exists(self.filename):
67            os.remove(self.filename)
68        self.fp = open('xss.txt')
69        self.file_get = open(self.filename,'ab')
70        for self.param in self.fp:
71            self.value = self.url+self.param
72            self.file_get.write(self.value)
73            self.ProgressMax=self.ProgressMax+1
74        self.dialog = wx.ProgressDialog('SENDING','Please wait for minutes',maximum=self.ProgressMax,style=wx.PD_CAN_ABORT|wx.PD_ELAPSED_TIME|wx.PD_REMAINING_TIME)
75        self.file_get.close()
76        self.fp1 = open(self.filename)
77        for item in self.fp1:
78            if self.KeepGoing and self.count<self.ProgressMax:
79                urllib2.urlopen(item)
80                self.count=self.count+1
81        #                wx.Sleep(1)
82                self.KeepGoing = self.dialog.Update(self.count)
83        self.dialog.Destroy()
84        self.fp1.close()
85        os.remove(self.filename)
86        
87        
88if __name__=="__main__":
89    app = wx.PySimpleApp()
90    provider = wx.CreateFileTipProvider('tips.txt',0)
91    wx.ShowTip(None,provider,True)
92    WAFtoolFrame().Show()
93    app.MainLoop()

这部分源代码还有部分功能未完成，比如绑定cancel按钮
然后制作.exe：waf.py

Code
1#!/usr/bin/env python
2#coding=utf-8
3from distutils.core import setup
4import py2exe
5includes = ['encodings','encodings.*']
6options = {'py2exe':{'compressed':1,'optimize':2,'includes':includes,'bundle_files':1}}
7setup(version='0.1.0',description='WAF Tool',name='WAF-Tool',options=options,zipfile=None,windows=[{'script':'waftool.py',"icon_resources":[(1,'waf.ico')]}])
8

最后用py2exe生成.exe文件即可。

1.0版本说明：
1.使用wxpython编写；
2.支持sql注入、xss的内置规则测试：填入完整的url，如"http://10.30.2.22/upload/index.php?id=1"，然后点击相应按钮，有进度条显示进度；
3.集成cmd和ping工具；

不足：
1.未完成web通用防护的编写，所以按钮暂时置灰；
2.开始测试后，不能中途停止任务（未定义cancel函数），只能等待测试完成（大约40秒以内）

转载于:https://www.cnblogs.com/yd1227/archive/2009/08/14/1545763.html