更新: 359 个文件 - 2026-03-16 23:30:01

03-authentication/bruteforce/tools/web-brute.py

@@ -28,6 +28,21 @@ from concurrent.futures import ThreadPoolExecutor, as_completed
 from typing import List, Dict, Tuple, Optional
 import re
 import sys
+from pathlib import Path
+
+
+SCRIPTS_DIR = Path(__file__).resolve().parents[2] / "scripts"
+if str(SCRIPTS_DIR) not in sys.path:
+    sys.path.insert(0, str(SCRIPTS_DIR))
+
+from tool_contract import (  # noqa: E402
+    add_common_args,
+    emit_report,
+    ensure_authorized,
+    make_report,
+    parse_headers,
+    write_evidence,
+)
 
 
 class Colors:
@@ -249,14 +264,21 @@ def main():
     parser.add_argument("--timeout", type=int, default=10, help="超时时间")
     parser.add_argument("--delay", type=float, default=0, help="请求延迟(秒)")
     parser.add_argument("-v", "--verbose", action="store_true", help="详细输出")
+    add_common_args(parser)
 
     args = parser.parse_args()
+    ensure_authorized(args, parser)
 
     requests.packages.urllib3.disable_warnings()
 
     bruteforcer = WebBruteForcer(
         threads=args.threads, timeout=args.timeout, delay=args.delay
     )
+    bruteforcer.session.headers.update(parse_headers(args.header))
+    if args.proxy:
+        bruteforcer.session.proxies.update({"http": args.proxy, "https": args.proxy})
+    if args.format != "text":
+        bruteforcer.print_result = lambda *_args, **_kwargs: None  # type: ignore[assignment]
 
     usernames = []
     if args.userlist:
@@ -276,10 +298,6 @@ def main():
         bruteforcer.print_result("ERROR", "请提供密码 (--pass 或 -P)")
         sys.exit(1)
 
-    print(f"\n{Colors.BOLD}{'=' * 60}{Colors.END}")
-    print(f"{Colors.BOLD}Web Brute Force Tool{Colors.END}")
-    print(f"{Colors.BOLD}{'=' * 60}{Colors.END}\n")
-
     bruteforcer.print_result("INFO", f"目标: {args.url}")
     bruteforcer.print_result("INFO", f"用户数: {len(usernames)}")
     bruteforcer.print_result("INFO", f"密码数: {len(passwords)}")
@@ -295,23 +313,45 @@ def main():
         data_template=args.data,
         success_pattern=args.success,
         fail_pattern=args.fail,
-        verbose=args.verbose,
+        verbose=args.verbose and args.format == "text",
     )
 
     elapsed = time.time() - bruteforcer.start_time
     rate = bruteforcer.attempts / elapsed if elapsed > 0 else 0
 
-    print(f"\n{Colors.BOLD}{'=' * 60}{Colors.END}")
-    bruteforcer.print_result("INFO", f"总尝试: {bruteforcer.attempts}")
-    bruteforcer.print_result("INFO", f"耗时: {elapsed:.2f}s ({rate:.1f} req/s)")
-
-    if results:
-        bruteforcer.print_result("SUCCESS", f"发现 {len(results)} 个有效凭证!")
-        for r in results:
-            print(f"  - {r['username']}:{r['password']}")
-    else:
-        bruteforcer.print_result("INFO", "未发现有效凭证")
-    print(f"{Colors.BOLD}{'=' * 60}{Colors.END}\n")
+    evidence_refs = []
+    ref = write_evidence(
+        args,
+        "web-brute-results.json",
+        {"results": results, "attempts": bruteforcer.attempts, "elapsed": elapsed, "rate": rate},
+    )
+    if ref:
+        evidence_refs.append(ref)
+    status = "verified" if results else "needs-review"
+    severity = "high" if results else "medium"
+    report = make_report(
+        tool="web-brute",
+        mode="credential-spray-lab",
+        target=args.url,
+        status=status,
+        severity=severity,
+        payload_or_probe={"results": results, "username_count": len(usernames), "password_count": len(passwords)},
+        request_summary={"method": args.method, "threads": args.threads, "delay": args.delay, "rate": rate},
+        evidence_refs=evidence_refs,
+        destructive_risk="medium",
+        args=args,
+    )
+    text_lines = [
+        "=" * 60,
+        "Web Brute Force Tool",
+        "=" * 60,
+        f"Target: {args.url}",
+        f"Attempts: {bruteforcer.attempts}",
+        f"Elapsed: {elapsed:.2f}s",
+        f"Hits: {len(results)}",
+        f"Status: {status}",
+    ]
+    emit_report(args, report, text_lines)
 
 
 if __name__ == "__main__":