Raphael
Raphael是一款基于Python3开发的插件式漏洞扫描工具。
Raphael is a vulnerability scanning tool based on Python3.
Usage
raphael.py -h
2021-12-30 18:54:32,198 | INFO | Raphael Start ~
usage: raphael.py [-h] [-u HOST] [-k PLUGIN] [-l] [-p PORT] [-t THREAD] [-e] [-o OUTPUT] [-f FORMAT]
optional arguments:
-h, --help show this help message and exit
-u HOST, --host HOST target host or file
-k PLUGIN, --plugin PLUGIN filter plugins by keyword
-l, --list list all exist plugins
-p PORT, --port PORT target port
-t THREAD, --thread THREAD number of thread, default 5
-e, --error show error message of plugins
-o OUTPUT, --output OUTPUT report dir
-f FORMAT, --format FORMAT report format, html/json/csv
Example
List all exist plugins.
raphael.py -l
2021-12-30 18:54:01,128 | INFO | Raphael Start ~
2021-12-30 18:54:01,130 | INFO | plugin path: /Raphael/plugins
All Plugins:
plugins.port
plugins.log4j_cve_2021_44228
plugins.grafana_cve_2021_43798
plugins.mongo_unauth
plugins.redis_unauth
plugins.http_banner
plugins.oxid
plugins.memcached_unauth
plugins.apisix_cve_2021_45232
plugins.zookeeper_unauth
plugins.thinkphp
Detect unauthorized access vulnerability.
raphael.py -u 192.168.1.1/24 -k unauth -t 50
2021-12-30 18:58:27,072 | INFO | Raphael Start ~
2021-12-30 18:58:27,074 | INFO | convert ip segment into ip address
2021-12-30 18:58:27,080 | INFO | found 4 plugin:
plugins.mongo_unauth
plugins.redis_unauth
plugins.memcached_unauth
plugins.zookeeper_unauth
2021-12-30 18:58:27,084 | INFO | raphael got total 1024 tasks
2021-12-30 18:58:27,084 | INFO | run task in 50 threads
2021-12-30 18:58:32,109 | INFO | [+] 192.168.1.128 -> plugins.mongo_unauth -> True
2021-12-30 18:58:32,112 | INFO | [+] 192.168.1.128 -> plugins.memcached_unauth -> True
2021-12-30 18:58:32,147 | INFO | [+] 192.168.1.134 -> plugins.redis_unauth -> True
2021-12-30 18:58:37,691 | INFO | total 3 result
2021-12-30 18:58:37,691 | INFO | report path: output/raphael.html
2021-12-30 18:58:37,692 | INFO | Finished at: 2021-12-30 18:58:37
2021-12-30 18:58:37,693 | INFO | Total: 10.621082067489624 s
Port Scan.
raphael.py -u 192.168.1.128 -k port
2021-12-30 18:59:27,309 | INFO | Raphael Start ~
2021-12-30 18:59:27,311 | INFO | convert ip segment into ip address
2021-12-30 18:59:27,313 | INFO | found 1 plugin:
plugins.port
2021-12-30 18:59:27,314 | INFO | raphael got total 1 tasks
2021-12-30 18:59:27,314 | INFO | run task in 5 threads
2021-12-30 18:59:35,892 | INFO | [+] 192.168.1.128 -> plugins.port -> [22, 53, 2181, 11211, 27017]
2021-12-30 18:59:36,003 | INFO | total 1 result
2021-12-30 18:59:36,003 | INFO | report path: output/raphael.html
2021-12-30 18:59:36,007 | INFO | Finished at: 2021-12-30 18:59:36
2021-12-30 18:59:36,007 | INFO | Total: 8.698265790939331 s
Report
HTML Report:
Plugin development
Write your own plugin with python, and then put it into the plugins directory.
plugin template:
def run(host, **kwargs):
result = "vulnerable"
# do something
return result
e.g.
93 Jan 05, 2023
3 Dec 20, 2022
4 Jan 09, 2022
2 May 06, 2022
764 Jan 05, 2023
5 Dec 10, 2021
4 Oct 24, 2022
1 Dec 20, 2021
12 Dec 12, 2022
2 Mar 20, 2022
53 Dec 31, 2022
30 May 17, 2022
3 Jan 23, 2022
44 Nov 21, 2022
103 Aug 20, 2022
58 Dec 05, 2022
430 Dec 27, 2022
368 Jan 04, 2023
809 Dec 26, 2022
13 Jul 13, 2022