def wayback_parsing(self):
utils.print_good('Starting waybackurl')
final_domains = utils.replace_argument(
self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt')
if self.is_direct:
if utils.not_empty_file(self.is_direct):
cmd = 'cat {0} | $GO_PATH/waybackurls | tee $WORKSPACE/assets/wayback-$OUTPUT.txt'.format(
self.is_direct)
# just return if direct input is just a string
else:
cmd = 'echo {0} | $GO_PATH/waybackurls | tee $WORKSPACE/assets/wayback-$OUTPUT.txt'.format(
self.is_direct)
else:
if not utils.not_empty_file(final_domains):
return None
else:
cmd = 'cat $WORKSPACE/subdomain/final-$OUTPUT.txt | $GO_PATH/waybackurls | tee $WORKSPACE/assets/wayback-$OUTPUT.txt'
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options, '$WORKSPACE/assets/wayback-$OUTPUT.txt')
std_path = utils.replace_argument(
self.options, '$WORKSPACE/assets/std-wayback-$OUTPUT.std')
execute.send_cmd(self.options, cmd, output_path, std_path,
self.module_name)
utils.print_line()
def __init__(self, options):
utils.print_banner("ScreenShot the target")
utils.make_directory(options['WORKSPACE'] + '/screenshot')
self.module_name = self.__class__.__name__
self.options = options
self.options['CURRENT_MODULE'] = self.module_name
self.options['SPEED'] = utils.custom_speed(self.options)
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start ScreenShot for {0}'.format(self.options['TARGET'])
})
self.initial()
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done ScreenShot for {0}'.format(self.options['TARGET'])
})
utils.print_line()
def parsing_to_csv(self):
masscan_xml = utils.replace_argument(
self.options, '$WORKSPACE/portscan/$OUTPUT-masscan.xml')
if not utils.not_empty_file(masscan_xml):
return
cmd = "python3 $PLUGINS_PATH/nmap-stuff/masscan_xml_parser.py -f $WORKSPACE/portscan/$OUTPUT-masscan.xml -csv $WORKSPACE/portscan/$OUTPUT-masscan.csv"
cmd = utils.replace_argument(self.options, cmd)
csv_output = utils.replace_argument(
self.options, '$WORKSPACE/portscan/$OUTPUT-masscan.csv')
execute.send_cmd(self.options, cmd, csv_output, '', self.module_name)
time.sleep(2)
# csv beatiful
if not utils.not_empty_file(csv_output):
return
utils.print_line()
cmd = "cat $WORKSPACE/portscan/$OUTPUT-masscan.csv | csvlook --no-inference | tee $WORKSPACE/portscan/$OUTPUT-masscan-summary.txt"
output_path = utils.replace_argument(
self.options, '$WORKSPACE/portscan/$OUTPUT-masscan-summary.txt')
execute.send_cmd(self.options,
utils.replace_argument(self.options, cmd),
output_path, '', self.module_name)
time.sleep(2)
# re-screeenshot the result with open port
csv_data = utils.just_read(csv_output)
self.screenshots(csv_data)
def __init__(self, options):
utils.print_banner("AssetFinding")
utils.make_directory(options['WORKSPACE'] + '/assets')
self.module_name = self.__class__.__name__
self.options = options
self.options['CURRENT_MODULE'] = self.module_name
self.options['SPEED'] = utils.custom_speed(self.options)
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
self.is_direct = utils.is_direct_mode(options, require_input=True)
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start AssetFinding for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done AssetFinding for {0}'.format(self.options['TARGET'])
})
utils.print_line()
def __init__(self, options):
utils.print_banner("Reconnaisance")
utils.make_directory(options['WORKSPACE'] + '/recon')
self.module_name = self.__class__.__name__
self.options = options
self.options['CURRENT_MODULE'] = self.module_name
self.options['SPEED'] = utils.custom_speed(self.options)
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module")
return
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Scanning Subdomain for {0}'.format(self.options['TARGET'])
})
self.initial()
self.conclude()
# this gonna run after module is done to update the main json
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content': 'Done Scanning Subdomain for {0}'.format(self.options['TARGET'])
})
utils.print_line()
def full_report(options):
global headers
try:
workspace = utils.get_workspace(options=options)
url = options['REMOTE_API'] + "/api/{0}/activities".format(workspace)
r = sender(url, headers=headers, data={}, method='GET')
if r:
raw_reports = r.json()
except Exception:
log_path = Path(options.get('WORKSPACE')).joinpath('log.json')
raw_reports = utils.reading_json(log_path)
if not raw_reports:
utils.print_bad("Can't get log file for {0} workspace".format(
options.get('TARGET')))
return None
modules = list(raw_reports.keys())
for module in modules:
if check_module(options, module):
reports = raw_reports.get(module)
utils.print_banner(module)
for report in reports:
cmd = report.get('cmd')
utils.print_info("Command Executed: {0}\n".format(cmd))
output_path = report.get('output_path')
std_path = report.get('std_path')
if 'raw' in options.get('REPORT').lower():
read_report(std_path)
elif 'full' in options.get('REPORT').lower():
read_report(output_path)
utils.print_line()
def short_report(options):
global headers
workspace = utils.get_workspace(options=options)
try:
url = options['REMOTE_API'] + "/api/module/{0}".format(workspace)
r = sender(url, headers=headers, data={}, method='GET')
if r:
raw_reports = r.json().get('reports', None)
except Exception:
raw_reports = None
if not raw_reports:
raw_reports = local_get_report(options).get('reports')
if not raw_reports:
utils.print_bad("Can't get log file for {0} workspace".format(
options.get('TARGET')))
return None
# only print out the path
if options.get('REPORT') == 'path':
path_report(options, raw_reports)
return None
for item in raw_reports:
for report in item.get('reports'):
report_path = os.path.join(options.get('WORKSPACES'),
report.get('path'))
utils.print_info(item.get('module') + ": " + report_path)
# checking if get specific module or not
if check_module(options, item.get('module')):
read_report(report_path)
elif options.get('MODULE') == "None":
read_report(report_path)
utils.print_line()
def create_html_report(self):
cmd = "xsltproc -o $WORKSPACE/portscan/final-$OUTPUT.html $PLUGINS_PATH/nmap-stuff/nmap-bootstrap.xsl $WORKSPACE/portscan/$OUTPUT-masscan.xml"
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options, '$WORKSPACE/portscan/final-$OUTPUT.html')
execute.send_cmd(self.options, cmd, output_path, '', self.module_name)
utils.print_line()
def __init__(self, options):
utils.print_line()
utils.print_banner("Create Skeleton JSON file")
utils.make_directory(options['WORKSPACE'] + '/info')
self.module_name = self.__class__.__name__
self.options = options
self.initial()
# #this gonna run after module is done to update the main json
# self.conclude()
utils.print_line()
def run(command):
stdout = ''
try:
process = subprocess.Popen(command,
shell=True,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
# Poll process for new output until finished
while True:
nextline = process.stdout.readline().decode('utf-8')
# store output to log file
if nextline == '' and process.poll() is not None:
break
print(nextline, end='')
stdout += nextline
sys.stdout.flush()
exitCode = process.returncode
if (exitCode == 0):
return stdout
else:
utils.print_line()
print('Something went wrong with the command below: ')
print(command)
utils.print_line()
return None
except:
utils.print_line()
utils.print_bad('Something went wrong with the command below: ')
print(command)
utils.print_line()
return None
def __init__(self, options):
utils.print_banner("CORS Scanning")
utils.make_directory(options['WORKSPACE'] + '/cors')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info("It's already done. use '-f' options to force rerun the module")
return
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Scanning CORS for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content': 'Done Scanning CORS for {0}'.format(self.options['TARGET'])
})
utils.print_line()
def parsing_to_csv(self):
nmap_detail_path = utils.replace_argument(
self.options, '$WORKSPACE/vulnscan/details')
# create all csv based on xml file
for file in utils.list_files(nmap_detail_path, ext='xml'):
# print(file)
cmd = "python3 $PLUGINS_PATH/nmap-stuff/nmap_xml_parser.py -f {0} -csv $WORKSPACE/vulnscan/details/$OUTPUT-nmap.csv".format(
file)
cmd = utils.replace_argument(self.options, cmd)
csv_output = utils.replace_argument(
self.options, '$WORKSPACE/vulnscan/details/$OUTPUT-nmap.csv')
# just return if this was done without checking anything
if utils.not_empty_file(csv_output):
return
execute.send_cmd(self.options, cmd, csv_output, '',
self.module_name)
time.sleep(5)
# looping through all csv file
all_csv = "IP,Host,OS,Proto,Port,Service,Product,Service FP,NSE Script ID,NSE Script Output,Notes\n"
for file in utils.list_files(nmap_detail_path, ext='csv'):
all_csv += "\n".join(utils.just_read(file).splitlines()[1:])
csv_summary_path = utils.replace_argument(
self.options, '$WORKSPACE/vulnscan/summary-$OUTPUT.csv')
utils.just_write(csv_summary_path, all_csv)
utils.print_line()
# beautiful csv look
cmd = "csvcut -c 1-7 $WORKSPACE/vulnscan/summary-$OUTPUT.csv | csvlook --no-inference | tee $WORKSPACE/vulnscan/std-$OUTPUT-summary.std"
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options, '$WORKSPACE/vulnscan/std-$OUTPUT-summary.std')
execute.send_cmd(self.options, cmd, output_path, '', self.module_name)
self.screenshots(all_csv)
def dig_info(self):
utils.print_good('Starting basic Dig')
utils.make_directory(self.options['WORKSPACE'] + '/screenshot/digs')
final_subdomains = utils.replace_argument(
self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt')
#run command directly instead of run it via module cause there're a lot of command to run
all_domains = utils.just_read(final_subdomains).splitlines()
if self.options['DEBUG'] == 'True':
all_domains = all_domains[:10]
custom_logs = {"module": self.module_name, "content": []}
for part in list(utils.chunks(all_domains, 5)):
for domain in part:
cmd = utils.replace_argument(
self.options,
'dig all {0} | tee $WORKSPACE/screenshot/digs/{0}.txt'.
format(domain))
output_path = utils.replace_argument(
self.options,
'tee $WORKSPACE/screenshot/digs/{0}.txt'.format(domain))
execute.send_cmd(self.options, cmd, '', '', self.module_name,
True)
# time.sleep(0.5)
custom_logs['content'].append({
"cmd": cmd,
"std_path": '',
"output_path": output_path,
"status": "Done"
})
#just wait couple seconds and continue but not completely stop the routine
time.sleep(5)
print(custom_logs)
#submit a log
utils.print_info('Update activities log')
utils.update_activities(self.options, str(custom_logs))
utils.print_line()
def get_http(self):
utils.print_good('Starting httprobe')
if self.is_direct:
if utils.not_empty_file(self.is_direct):
cmd = 'cat {0} | $GO_PATH/httprobe -c 100 -t 20000 -v | tee $WORKSPACE/assets/http-$OUTPUT.txt'.format(
self.is_direct)
# just return if direct input is just a string
else:
utils.print_bad("httprobe required input as a file.")
return None
else:
cmd = 'cat $WORKSPACE/subdomain/final-$OUTPUT.txt | $GO_PATH/httprobe -c 100 -t 20000 -v | tee $WORKSPACE/assets/http-$OUTPUT.txt'
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options, '$WORKSPACE/assets/http-$OUTPUT.txt')
std_path = utils.replace_argument(
self.options, '$WORKSPACE/assets/http-$OUTPUT.txt')
execute.send_cmd(self.options, cmd, output_path, std_path,
self.module_name)
utils.print_line()
def __init__(self, options):
utils.print_banner("IP Discovery")
utils.make_directory(options['WORKSPACE'] + '/ipspace')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start IP Discovery for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
try:
self.conclude()
except:
utils.print_bad("Something wrong with conclude for {0}".format(
self.module_name))
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done IP Discovery for {0}'.format(self.options['TARGET'])
})
utils.print_line()
