设置默认多进程数量

create_process.py

@@ -13,25 +13,26 @@
 from tqdm import tqdm
 
 class Scanner():
- def __init__(self, urls:list[str], proxy:str|None, max_cpu:int|None, force_cpu:int|None) -> None:
+ def __init__(self, urls:list[str], proxy:str|None, max_cpu:int|None, force_cpu:int|None, find:bool) -> None:
  self.urls = urls
  self.total = len(urls)
  self.finish = 0
  self.proxy = proxy
  self.max_cpu = max_cpu
  self.force_cpu = force_cpu
+ self.find = find
  self.res_file_path = Path('result.txt')
  def worker(self,args:tuple[str,str]) -> str:
- return url_scanner.scan_urls(args[0],args[1])
+ return url_scanner.scan_urls(args[0],args[1],args[2])
  def start(self) -> None:
  cpu_count = multiprocessing.cpu_count()
  cpu_count *= 5
- cpu_count = self.max_cpu if self.max_cpu is not None and self.max_cpu <= cpu_count * 5 else cpu_count
+ cpu_count = self.max_cpu if self.max_cpu is not None and self.max_cpu <= cpu_count else cpu_count
  cpu_count = 60 if cpu_count > 60 else cpu_count # 多于63个进程会导致报错
  cpu_count = self.force_cpu if self.force_cpu is not None else cpu_count
  try:
  with multiprocessing.Pool(cpu_count) as pool:
- res_list = pool.imap_unordered(self.worker,[(i,self.proxy) for i in self.urls])
+ res_list = pool.imap_unordered(self.worker,[(i,self.proxy,self.find) for i in self.urls])
  for res in tqdm(res_list, total=self.total, desc='当前进度'):
  self.finish += 1
  os.system(f'title 当前进度:{self.finish}/{self.total}')
@@ -42,8 +43,11 @@ def start(self) -> None:
  print(f'{Fore.GREEN}程序被终止,结果已保存到{self.res_file_path}{Fore.RESET}')
  os.system('pause')
 
-def start(urls:list[str], proxy:str|None, max_cpu:str|None, force_cpu:str|None) -> None:
- max_cpu = int(max_cpu) if max_cpu is not None else None
+def start(urls:list[str], proxy:str|None, max_cpu:str|None, force_cpu:str|None, find:str|None) -> None:
+ max_cpu = int(max_cpu) if max_cpu is not None else 2 #默认为2进程
  force_cpu = int(force_cpu) if force_cpu is not None else None
- scanner = Scanner(urls,proxy=proxy,max_cpu=max_cpu,force_cpu=force_cpu)
+ if force_cpu is not None and force_cpu > 60:
+ print(f'{Fore.RED}警告:您设置的进程数过多,在部分系统可能导致出错{Fore.RESET}')
+ find = True if find is not None and (find == '1' or find.upper() == 'T') else False
+ scanner = Scanner(urls,proxy=proxy,max_cpu=max_cpu,force_cpu=force_cpu,find=find)
  scanner.start()

findinfo/js/JQuery.tipsy.js

@@ -0,0 +1,246 @@
+// tipsy, facebook style tooltips for jquery
+// version 1.0.0a
+// (c) 2008-2010 jason frame [[email protected]]
+// released under the MIT license
+
+(function($) {
+
+ function maybeCall(thing, ctx) {
+ return (typeof thing == 'function') ? (thing.call(ctx)) : thing;
+ };
+
+ function Tipsy(element, options) {
+ this.$element = $(element);
+ this.options = options;
+ this.enabled = true;
+ this.fixTitle();
+ };
+
+ Tipsy.prototype = {
+ show: function() {
+ var title = this.getTitle();
+ if (title && this.enabled) {
+ var $tip = this.tip();
+
+ $tip.find('.tipsy-inner')[this.options.html ? 'html' : 'text'](title);
+ $tip[0].className = 'tipsy'; // reset classname in case of dynamic gravity
+ $tip.remove().css({top: 0, left: 0, visibility: 'hidden', display: 'block'}).prependTo(document.body);
+
+ var pos = $.extend({}, this.$element.offset(), {
+ width: this.$element[0].offsetWidth,
+ height: this.$element[0].offsetHeight
+ });
+
+ var actualWidth = $tip[0].offsetWidth,
+ actualHeight = $tip[0].offsetHeight,
+ gravity = maybeCall(this.options.gravity, this.$element[0]);
+
+ var tp;
+ switch (gravity.charAt(0)) {
+ case 'n':
+ tp = {top: pos.top + pos.height + this.options.offset, left: pos.left + pos.width / 2 - actualWidth / 2};
+ break;
+ case 's':
+ tp = {top: pos.top - actualHeight - this.options.offset, left: pos.left + pos.width / 2 - actualWidth / 2};
+ break;
+ case 'e':
+ tp = {top: pos.top + pos.height / 2 - actualHeight / 2, left: pos.left - actualWidth - this.options.offset};
+ break;
+ case 'w':
+ tp = {top: pos.top + pos.height / 2 - actualHeight / 2, left: pos.left + pos.width + this.options.offset};
+ break;
+ }
+
+ if (gravity.length == 2) {
+ if (gravity.charAt(1) == 'w') {
+ tp.left = pos.left + pos.width / 2 - 15;
+ } else {
+ tp.left = pos.left + pos.width / 2 - actualWidth + 15;
+ }
+ }
+
+ $tip.css(tp).addClass('tipsy-' + gravity);
+ $tip.find('.tipsy-arrow')[0].className = 'tipsy-arrow tipsy-arrow-' + gravity.charAt(0);
+ if (this.options.className) {
+ $tip.addClass(maybeCall(this.options.className, this.$element[0]));
+ }
+
+ if (this.options.fade) {
+ $tip.stop().css({opacity: 0, display: 'block', visibility: 'visible'}).animate({opacity: this.options.opacity});
+ } else {
+ $tip.css({visibility: 'visible', opacity: this.options.opacity});
+ }
+ }
+ },
+
+ hide: function() {
+ if (this.options.fade) {
+ this.tip().stop().fadeOut(function() { $(this).remove(); });
+ } else {
+ this.tip().remove();
+ }
+ },
+
+ fixTitle: function() {
+ var $e = this.$element;
+ if ($e.attr('title') || typeof($e.attr('original-title')) != 'string') {
+ $e.attr('original-title', $e.attr('title') || '').removeAttr('title');
+ }
+ },
+
+ getTitle: function() {
+ var title, $e = this.$element, o = this.options;
+ this.fixTitle();
+ var title, o = this.options;
+ if (typeof o.title == 'string') {
+ title = $e.attr(o.title == 'title' ? 'original-title' : o.title);
+ } else if (typeof o.title == 'function') {
+ title = o.title.call($e[0]);
+ }
+ title = ('' + title).replace(/(^\s*|\s*$)/, "");
+ return title || o.fallback;
+ },
+
+ tip: function() {
+ if (!this.$tip) {
+ this.$tip = $('<div class="tipsy"></div>').html('<div class="tipsy-arrow"></div><div class="tipsy-inner"></div>');
+ }
+ return this.$tip;
+ },
+
+ validate: function() {
+ if (!this.$element[0].parentNode) {
+ this.hide();
+ this.$element = null;
+ this.options = null;
+ }
+ },
+
+ enable: function() { this.enabled = true; },
+ disable: function() { this.enabled = false; },
+ toggleEnabled: function() { this.enabled = !this.enabled; }
+ };
+
+ $.fn.tipsy = function(options) {
+
+ if (options === true) {
+ return this.data('tipsy');
+ } else if (typeof options == 'string') {
+ var tipsy = this.data('tipsy');
+ if (tipsy) tipsy[options]();
+ return this;
+ }
+
+ options = $.extend({}, $.fn.tipsy.defaults, options);
+
+ function get(ele) {
+ var tipsy = $.data(ele, 'tipsy');
+ if (!tipsy) {
+ tipsy = new Tipsy(ele, $.fn.tipsy.elementOptions(ele, options));
+ $.data(ele, 'tipsy', tipsy);
+ }
+ return tipsy;
+ }
+
+ function enter() {
+ var tipsy = get(this);
+ tipsy.hoverState = 'in';
+ if (options.delayIn == 0) {
+ tipsy.show();
+ } else {
+ tipsy.fixTitle();
+ setTimeout(function() { if (tipsy.hoverState == 'in') tipsy.show(); }, options.delayIn);
+ }
+ };
+
+ function leave() {
+ var tipsy = get(this);
+ tipsy.hoverState = 'out';
+ if (options.delayOut == 0) {
+ tipsy.hide();
+ } else {
+ setTimeout(function() { if (tipsy.hoverState == 'out') tipsy.hide(); }, options.delayOut);
+ }
+ };
+
+ if (!options.on) this.each(function () { get(this); });
+
+ if (options.trigger != 'manual') {
+ var binder = options.on ? 'on' : 'bind',
+ eventIn = options.trigger == 'hover' ? 'mouseenter' : 'focus',
+ eventOut = options.trigger == 'hover' ? 'mouseleave' : 'blur';
+ this[binder](eventIn, enter)[binder](eventOut, leave);
+ }
+
+ return this;
+
+ };
+
+ $.fn.tipsy.defaults = {
+ className: null,
+ delayIn: 0,
+ delayOut: 0,
+ fade: false,
+ fallback: '',
+ gravity: 'n',
+ html: false,
+ on: false,
+ offset: 0,
+ opacity: 1,
+ title: 'title',
+ trigger: 'hover'
+ };
+
+ // Overwrite this method to provide options on a per-element basis.
+ // For example, you could store the gravity in a 'tipsy-gravity' attribute:
+ // return $.extend({}, options, {gravity: $(ele).attr('tipsy-gravity') || 'n' });
+ // (remember - do not modify 'options' in place!)
+ $.fn.tipsy.elementOptions = function(ele, options) {
+ return $.metadata ? $.extend({}, options, $(ele).metadata()) : options;
+ };
+
+ $.fn.tipsy.autoNS = function() {
+ return $(this).offset().top > ($(document).scrollTop() + $(window).height() / 2) ? 's' : 'n';
+ };
+
+ $.fn.tipsy.autoWE = function() {
+ return $(this).offset().left > ($(document).scrollLeft() + $(window).width()/ 2 ) ? 'e' : 'w';
+ };
+
+ /**
+ * yields a closure of the supplied parameters, producing a function that takes
+ * no arguments and is suitable for use as an autogravity function like so:
+ *
+ * @param margin (int) - distance from the viewable region edge that an
+ * element should be before setting its tooltip's gravity to be away
+ * from that edge.
+ * @param prefer (string, e.g. 'n', 'sw', 'w') - the direction to prefer
+ * if there are no viewable region edges effecting the tooltip's
+ * gravity. It will try to vary from this minimally, for example,
+ * if 'sw' is preferred and an element is near the right viewable 
+ * region edge, but not the top edge, it will set the gravity for
+ * that element's tooltip to be 'se', preserving the southern
+ * component.
+ */
+ $.fn.tipsy.autoBounds = function(margin, prefer) {
+ return function() {
+ var dir = {ns: prefer[0], ew: (prefer.length > 1 ? prefer[1] : false)},
+ boundTop = $(document).scrollTop() + margin,
+ boundLeft = $(document).scrollLeft() + margin,
+ $this = $(this);
+
+ if ($this.offset().top < boundTop) dir.ns = 'n';
+ if ($this.offset().left < boundLeft) dir.ew = 'w';
+ if ($(window).width() + $(document).scrollLeft() - $this.offset().left < margin) dir.ew = 'e';
+ if ($(window).height() + $(document).scrollTop() - $this.offset().top < margin) dir.ns = 's';
+
+ return dir.ns + (dir.ew ? dir.ew : '');
+ }
+ };
+
+ $.fn.tipsy.autoHide = function() {
+ return $(this).tip().stop().fadeOut(function() { $(this).remove(); });
+ };
+
+
+})(jQuery);

help.txt

@@ -2,6 +2,6 @@
 特别声明：该脚本目前只针对于ASP.NET的站点
 目前支持扫描的编辑器有 
 kindeditor ueditor fckeditor ckeditor ckfinder Cuteditor
-多进程是根据cpu核心数量开启的,可以通过-c来设定进程数量但不能超过cpu核心数,也可以通过--force_cpu来强制设定进程数量
+多进程是根据cpu核心数量开启的,可以通过-c来设定进程数量但不能超过cpu核心数*5,也可以通过--force_cpu来强制设定进程数量
 感谢JSfinder模块的技术支持：L@2uR1te 师傅
 本人QQ：1723680383

js_finder.py

@@ -144,11 +144,11 @@ def get_js_paths(url, proxy=None, find=None) -> str:
 
  # 继续执行其他操作
  #提取敏感信息
- if find == 1:
+ if find == True:
  print("正在提取JS文件中加载的敏感信息")
  vars = findinfo.scan_findinfo()
  if len(vars) != 0:
- res = '-'*30 + f'\n{url+"的敏感文件":^30}\n' + '-'*30 + '\n' + '\n'.join(vars) + '\n'
+ res = '-'*30 + f'\n{url+"的敏感信息":^30}\n' + '-'*30 + '\n' + '\n'.join(vars) + '\n'
  #删除js目录下的所有文件，保证网站JS文件唯一
  delete_files_in_js_directory()
 

js_separated.txt

@@ -1,5 +0,0 @@
-/Scripts/mySelect/
-/Scripts/libs/
-/Scripts/StatisticsCount/
-/Scripts/
-/Scripts/My97DatePicker/

main.py

@@ -1,21 +1,21 @@
 import argparse
 import config
 import sys # 添加这行导入语句
+if sys.version_info.major < 3 or sys.version_info.minor < 10:
+ print('请使用Python3.10及以上版本运行')
+ sys.exit(1)
 import create_process
 from colorama import Fore, Style
 from config import set_request_defaults, print_banner
 
-if sys.version_info.major < 3 or sys.version_info.minor < 10:
- print('请使用Python3.10及以上版本运行')
- sys.exit(1)
 
 # 使用 argparse 定义命令行参数和帮助信息
 parser = argparse.ArgumentParser(description="script-scan (by 叫我十一大人)")
 parser.add_argument("-u", "--url", help="扫描单个URL")
 parser.add_argument("-f", "--file", help="从文本文件扫描URL")
 parser.add_argument("-p", "--proxy", help="使用代理，格式如 https://127.0.0.1:8080")
-parser.add_argument("-find", "--findinfo", help="提取JS文件中的敏感信息,植为1时开启")
-parser.add_argument('-c', '--cpu', help='设置多进程数量上限,不能超过cpu核心数*5')
+parser.add_argument("-find", "--findinfo", help="提取JS文件中的敏感信息,值为1或T时开启")
+parser.add_argument('-c', '--cpu', help='设置多进程数量上限,不能超过cpu核心数*5,默认是2')
 parser.add_argument('--force_cpu', help='强制设置多进程的数量')
 args = parser.parse_args()
 
@@ -25,11 +25,11 @@
 
  if args.url:
  url_to_scan = args.url
- create_process.start([url_to_scan], proxy=args.proxy, max_cpu=args.cpu, force_cpu=args.force_cpu)
+ create_process.start([url_to_scan], proxy=args.proxy, max_cpu=args.cpu, force_cpu=args.force_cpu, find=args.findinfo)
  elif args.file:
  with open(args.file, 'r') as file:
  target_urls = [i for i in file.read().splitlines() if i.startswith('http')]
- create_process.start(target_urls, proxy=args.proxy, max_cpu=args.cpu, force_cpu=args.force_cpu)
+ create_process.start(target_urls, proxy=args.proxy, max_cpu=args.cpu, force_cpu=args.force_cpu, find=args.findinfo)
  else:
  # 如果没有提供参数，打印帮助信息
  parser.print_help()

url_scanner.py

@@ -37,7 +37,7 @@
 # 子路径文件夹
 path_files_folder = 'path_files'
 
-def scan_urls(url, proxy=None, find=None) -> str:
+def scan_urls(url, proxy=None, find=False) -> str:
  res:list[str] = ['='*120 + '\n']
  try:
  print("正在测试URL:"+url+"\n")