Ejemplo n.º 1
0
 def test_subdomain_report_json(self):
     """Validates JSON output to stdout."""
     captured_text = io.StringIO()
     sys.stdout = captured_text
     report_single(self.subdomain_set, self.hostname, 'json')
     sys.stdout = sys.__stdout__
     json_data = json.dumps(captured_text.getvalue())
     self.assertTrue(json.loads(json_data))
Ejemplo n.º 2
0
 def test_report_no_sans_found(self):
     """Test if 'no sans found' message its displayed correctly."""
     captured_text = io.StringIO()
     sys.stdout = captured_text
     report_single([], '', 'text')
     sys.stdout = sys.__stdout__
     message = banner + "\n\x1b[41m\x1b[37mNo SAN's were found.\x1b[0m\n\n"
     self.assertEqual(captured_text.getvalue(), message)
Ejemplo n.º 3
0
def main():
    """Command Line Interface."""
    # starting Colorama
    init()

    # CLI argumentation
    parser = argparse.ArgumentParser(
        formatter_class=lambda
        prog: argparse.HelpFormatter(prog, max_help_position=100),
        usage=banner_usage)
    parser.add_argument('hostname', type=str,
                        help='Host or Nmap XML to analyze.')
    parser.add_argument('-p', '--port', type=int,
                        default=443, help='Destiny port (default 443)')
    parser.add_argument('-s', '--search-crt', metavar='timeout',
                        help='Retrieve subdomains found in crt.sh',
                        nargs='?', type=int, const=5)
    parser.add_argument('-m', '--match-domain',
                        help='Matching domain names only', action='store_true')
    parser.add_argument('-q', '--quiet', help='Supress output.',
                        action='store_true')
    parser.add_argument('-o', '--output', type=str,
                        help='Set output filename')
    parser.add_argument('-f', '--format', type=str,
                        help='Set output format', choices=['json', 'text'])
    parser.add_argument('-c', '--clipboard',
                        help='Copy the output to the clipboard as a List \
                        or a Single string', choices=['l', 's'])
    parser.add_argument('-d', '--debug',
                        help='Set debug enable', action='store_true')
    parser.add_argument('-V', '--version', action='version',
                        help='Print version information.', version=version)
    args = parser.parse_args()

    """
        if GSAN detects the 'hostname' is actually a file, then it assumes
        that it's an NMAP XML output and try to parse it. If it's not a file,
        then it asummes that it is actually a hostname.
    """

    if not isfile(args.hostname):

        sans = get_san(
            hostname=args.hostname,
            port=args.port,
            xml_parse=False,
            crt_sh=args.search_crt,
            match=args.match_domain
        )
        report_single(sans, args.hostname, args.format, args.quiet)

        if args.clipboard:
            clipboard_output(sans, args.clipboard)

        if args.output:
            output(sans, args.hostname, args.format, args.output)

    else:
        print(colored('[*] Scanning hosts from Nmap XML output\n', 'yellow'))
        hosts = parse_nmap(args.hostname)

        # if no hosts are found in XML then exits
        if not any(hosts):
            message = f'No hosts found in {args.hostname}'
            print(colored(message, 'white', 'on_red'))
            print(('Use -sV (service scan) flag in '
                   'Nmap to detect https services.'))
            exit()

        full_report = []
        domains = []
        if not args.format == 'json':
            for host, ports in tqdm(hosts.items()):
                for port in ports:
                    sans = get_san(host, port, xml_parse=True)
                    for san in sans:
                        domains.append(san)
                    report = collect_report(sans, host, port)
                    full_report.append(report)
            for report in full_report:
                if report is not False:
                    if not args.quiet:
                        print(report)
            if args.output:
                output(domains, 'host', 'text', args.output)
        else:
            domains = {}
            for host, ports in tqdm(hosts.items()):
                for port in ports:
                    sans = get_san(host, port, xml_parse=True)
                    count = len(sans)
                    domains[host] = {'count': count, 'subdomains': list(sans)}
            json_report = json.dumps(domains, indent=2, sort_keys=True)
            if not args.quiet:
                print(json_report)

            if args.output:
                nmap_output(json_report, args.output)
Ejemplo n.º 4
0
 def test_subdomain_report(self):
     """Test if list output is correct."""
     captured_text = io.StringIO()
     sys.stdout = captured_text
     report_single(self.subdomain_set, self.hostname, 'text')
     sys.stdout = sys.__stdout__