def robot(target):
from core.build_menu import buildmenu
for host in target:
host.lvl2=inspect.stack()[0][3]
host.lvl3=''
if '//' in host.name:
site = host.name
else:
site = 'https://'+host.name
url = site + '/robots.txt'
print(' [!] Testing for robots.txt...\n')
try:
resp = requests.get(url).text
m = str(resp)
print(color.yellow(' [+] Robots.txt found!'))
print(color.green(' [*] Saving contents of robots.txt...'))
data = m
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3, host.name, str(data))
#print(m)
except:
print(color.red(' [-] Robots.txt not found'))
print(' [!] Testing for sitemap.xml...\n')
url0 = site + '/sitemap.xml'
try:
resp = requests.get(url0).text
m = str(resp)
print(color.yellow(' [+] Sitemap.xml found!'))
print(color.green(' [*] Saving contents of sitemap.xml'))
data=m
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3, host.name, str(data))
except:
print(color.red(' [-] Sitemap.xml not found'))
time.sleep(2)
buildmenu(target,target[0].main_menu,'Main Menu','')
def dig(target):
for host in target:
host.lvl2=inspect.stack()[0][3]
host.lvl3=''
DIGSCAN = "dig "+host.name
results_dig = subprocess.check_output(DIGSCAN, shell=True)
data=results_dig.decode().replace("<<","").replace(">>","")
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3, host.name, data)
return
def photon_run(target):
for host in target:
host.option = 'Photon'
PHOTONSCAN = host.cmd_str
results_photon = subprocess.check_output(PHOTONSCAN, shell=True)
data = results_photon.decode().replace("<<", "").replace(">>", "")
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.website, data)
return
def nmap(target):
for host in target:
host.lvl2 = 'nmap'
host.lvl3 = ''
host.option = 'NMAP'
NMAP_STRING = host.nmap
results_nmap = subprocess.check_output(NMAP_STRING, shell=True)
# data=results_nmap.decode().replace("<<","").replace(">>","")
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, results_nmap)
def check0x00(host):
for user in host.usernames:
for service in services:
url = 'http://checkusernames.com/usercheckv2.php?target=' + service + '&username=' + user
check = threading.Thread(target=thread,args=(url,service,host.name))
tasks.append(check)
for task in tasks:
task.start()
for task in tasks:
task.join()
#print(host.database, host.module, host.lvl1, host.lvl2, host.lvl3, host.name, data)
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3, host.name, str(data))
def nping(target):
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
site = host.name.replace('http://', '').replace('https://', '')
text = requests.get('http://api.hackertarget.com/nping/?q=' +
site).text
data = str(text)
if 'error' not in data:
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, data)
else:
print(color.red(' [-] Outbound Query Exception!'))
def enum4linux(target):
print('ENUM4LINUX')
for host in target:
print('ENUM HOST', host.ip, host.port)
host.lvl3 = 'enum4linux'
ENUM4LINUXSCAN = 'enum4linux ' + host.ip
# results_enum4linux = subprocess.run(ENUM4LINUXSCAN, shell=True)
results_enum4linux = subprocess.check_output(ENUM4LINUXSCAN,
shell=True)
data = results_enum4linux.decode().replace("<<", "").replace(">>", "")
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, data)
return
def google_it(host):
clear_cookie()
try:
this = gsearch(host)
if len(this) > 0:
data = str(this)
#print(data)
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, data)
time.sleep(5)
except Exception as data:
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, data)
pass
def getgeoip(target):
for host in target:
host.lvl2=inspect.stack()[0][3]
host.lvl3=''
site = host.name.replace('http://','').replace('https://','')
domains = socket.gethostbyname(host.name)
text = requests.get('http://api.hackertarget.com/geoip/?q=' + domains).text
result = str(text)
if 'error' not in result and 'invalid' not in result:
data = result
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3, host.name, data)
# res = result.splitlines()
# for r in res:
# print(color.white(' [+] ' + r.split(':')[0].strip() + ' : ' +color.yellow(r.split(':')[1].strip())))
else:
print(color.red(' [-] Outbound Query Exception!'))
def revdns(target):
for host in target:
host.lvl2=inspect.stack()[0][3]
host.lvl3=''
site = host.name.replace('http://','').replace('https://','')
print('[!] Looking Up for Reverse DNS Info...')
print(' [~] Result: \n')
text = requests.get('http://api.hackertarget.com/reversedns/?q=' + site).text
result = str(text)
res = result.splitlines()
if 'error' not in res and 'no' != res[0]:
data = result
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3, host.name, data)
else:
print(color.red(' [-] No result found!'))
return
def revip(target):
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
site = host.name.replace('http://', '').replace('https://', '')
print(' [!] Looking Up for Reverse IP Info...')
print(' [~] Result : \n')
text = requests.get('http://api.hackertarget.com/reverseiplookup/?q=' +
site).text
result = str(text)
res = result.splitlines()
if 'error' not in result:
data = result
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, data)
elif 'error' in result:
print(color.red(' [-] Outbound Query Exception!'))
return
def hackertarget(target):
from core.build_menu import buildmenu
site = 'https://api.hackertarget.com/'
options = ['mtr','nping','dnslookup','reversedns','whois','geoip','reverseiplookup',\
'httpheaders','pagelinks','aslookup']
description=['Access to the MTR Traceroute API','Access to the on-line Test Ping API',\
'Access to the DNS Lookup API','Access to the Reverse DNS Lookup API',\
'Access to the Whois Lookup API','Access to the GeoIP Lookup API',\
'Access to the Reverse IP Lookup API','Access to the HTTP Headers API',\
'Access to the Page Links API','Access to the AS Lookup API']
print(
color.green(
" [*] Finding HackerTarget.com information. This will take approximately 20 seconds ...\n"
))
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
i = 0
for option in options:
try:
print(
color.green(' [#] Checking: ') +
color.yellow(description[i]))
url = site + option + '/?q=' + host.ip.replace(
'http://', '').replace('https://', '')
check = requests.get(url)
time.sleep(.5) # max query is 3 per second or you get blocked
if check.status_code == 200:
data = check.text
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, str(data))
else:
print(
color.red(' [-] Did not find any info about domain ') +
color.yellow(host.name))
print(color.red(' [+] Try with another one...'))
except Exception as e:
pass
print(color.red(' [-] Encountered Exception : ' + str(e)))
i = i + 1
# return to main menu
buildmenu(target, target[0].main_menu, 'Main Menu', '')
def subnet(target):
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
site = host.name.replace('http://', '').replace('https://', '')
print(color.green(' [!] Enumerating subnets in network...'))
print('[*] Getting subnet class infos...\n')
text = requests.get('http://api.hackertarget.com/subnetcalc/?q=' +
site).text
http = str(text)
if 'error' not in http:
data = http
# result = http.splitlines()
# for data in result:
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, data)
elif 'No results found' in http:
print(color.red(' [-] No results found!'))
else:
print(color.red(' [-] Outbound Query Exception!'))
return
def iphistory(target):
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
site = host.name.replace('http://', '').replace('https://', '')
try:
web0 = site.split('/')[-1]
print(' [!] Making the request...')
html = requests.get('https://viewdns.info/iphistory/?domain=' +
web0).text
print(' [*] Parsing raw-data...')
soup = BeautifulSoup(html, 'lxml')
if 'captcha?' in str(soup).lower():
print(
color.red(
' [-] CAPTCHA detected, this method won\'t work...'))
break
#print(soup)
print(' [!] Setting parameters...')
table = soup.findAll('table', attrs={'border': '1'})[0]
print(' [!] Finding IP history instances...')
trs = table.findAll('tr')
trs.pop(0)
print('\n [+] Following instances were found...')
data = []
for tr in trs:
td = tr.findAll('td')
info = {
'ip': td[0].text,
'owner': td[2].text.rstrip(),
'last': td[3].text
}
data.append(info)
#print(color.green(' [+] Instance : ') + color.blue(info['ip']) + color.white(' => ' + info['owner']) + color.blue(' - (' + info['last'] + ')'))
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, data)
except:
print(color.red(' [-] No instances of IP History found...'))
pass
def getconinfo(target):
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
print(color.white(' [*] Importing API Key...'))
try:
from files.API_KEYS import FULLCONTACT_API_KEY
except (IOError, ImportError):
print(color.red(' [-] Error while importing key...'))
pass
try:
if FULLCONTACT_API_KEY != '':
print(
color.green(' [+] Found API Key : ') +
color.yellow(FULLCONTACT_API_KEY))
base_url = 'https://api.fullcontact.com/v2/company/lookup.json'
print(color.white(' [*] Looking up info...'))
time.sleep(0.7)
payload = {'domain': host.name, 'apiKey': FULLCONTACT_API_KEY}
resp = requests.get(base_url, params=payload)
#print(resp)
if resp.status_code == 200:
data = resp.text
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, data)
else:
print(
color.red(' [-] Did not find any info about domain ') +
color.yellow(host.name))
print(color.red(' [+] Try with another one...'))
else:
print(color.red(' [-] FULL CONTACT API TOKEN not set!'))
print(color.red(' [-] This module cannot be used!'))
except Exception as e:
pass
print(color.red(' [-] Encountered Exception : ' + str(e)))
def hashes(target):
from core.build_menu import buildmenu
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
try:
message = input('\n [#] Enter the string to hash:> ')
print(color.green(' [+] Generating hashes...'))
md5 = hashlib.md5()
md5.update(message.encode('utf-8'))
sha1 = hashlib.sha1()
sha1.update(message.encode('utf-8'))
sha224 = hashlib.sha224()
sha224.update(message.encode('utf-8'))
sha256 = hashlib.sha256()
sha256.update(message.encode('utf-8'))
sha384 = hashlib.sha384()
sha384.update(message.encode('utf-8'))
sha512 = hashlib.sha512()
sha512.update(message.encode('utf-8'))
print(color.green(" [+] MD5 Hash : ") + color.yellow(md5.hexdigest()))
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, str(md5.hexdigest()))
print(
color.green(" [+] SHA1 Hash : ") + color.yellow(sha1.hexdigest()))
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, str(sha1.hexdigest()))
print(
color.green(" [+] SHA224 Hash : ") +
color.yellow(sha224.hexdigest()))
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, str(sha224.hexdigest()))
print(
color.green(" [+] SHA256 Hash : ") +
color.yellow(sha256.hexdigest()))
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, str(sha256.hexdigest()))
print(
color.green(" [+] SHA384 Hash : ") +
color.yellow(sha384.hexdigest()))
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, str(sha384.hexdigest()))
print(
color.green(" [+] SHA512 Hash : ") +
color.yellow(sha512.hexdigest()))
save_data(host.database, host.module, host.lvl1, host.lvl2, host.lvl3,
host.name, str(sha512.hexdigest()))
except EOFError as e:
#os.system('clear')
print(e)
st = input(
color.blue(' [#] Press') + color.red(' Enter ') +
color.blue('to continue... '))
buildmenu(target, target[0].main_menu, 'Main Menu', '')
def censysdom(target):
for host in target:
host.lvl2 = inspect.stack()[0][3]
host.lvl3 = ''
print(' [*] Importing API Key...')
try:
from files.API_KEYS import CENSYS_UID, CENSYS_SECRET
except IOError as ImportError:
print(color.red(' [-] Error while importing key...'))
if '//' in host.name:
web = host.name.split('//')[1]
else:
web = host.name
if CENSYS_SECRET != '' and CENSYS_UID != '':
print(
color.green(' [+] Found Censys UID Key : ') +
color.yellow(CENSYS_UID))
print(
color.green(' [+] Found Censys Secret Token : ') +
color.yellow(CENSYS_SECRET))
base_url = 'https://www.censys.io/api/v1'
print(' [*] Looking up info...')
resp = requests.get(base_url + "/view/websites/" + web,
auth=(CENSYS_UID, CENSYS_SECRET))
if 'quota_exceeded' in resp.text:
print(
color.red(
' [-] Daily limit reached for this module. Use you own API key for CENSYS.'
))
if resp.status_code == 200:
print(color.green(' [+] Found domain info!'))
w = resp.text.encode('utf-8')
asio = json.dumps(resp.json(), indent=4)
data = asio.splitlines()
print(color.yellow(' [!] Parsing info...\n'))
#print(data)
save_data(host.database, host.module, host.lvl1, host.lvl2,
host.lvl3, host.name, str(data))
# for q in quest:
# q = q.replace('"','')
# if ':' in q and '[' not in q and '{' not in q:
# q1 = q.split(':',1)[0].strip().title()
# q2 = q.split(':',1)[1].strip().replace(',','')
# print(C+' [+] '+q1+' : '+GR+q2)
# time.sleep(0.01)
# elif ('{' or '[' in q) and (':' in q):
# w1 = q.split(':',1)[0].strip().upper()
# w2 = q.split(':',1)[1].strip()
# print(O+'\n [+] '+w1+' :-'+'\n')
# elif '{' not in q and '[' not in q and ']' not in q and '}' not in q:
# print(GR+' [+] '+q.replace(',','').strip())
# print(O+' [!] Saving retrieved CENSYS data...')
# time.sleep(1)
# with open('tmp/logs/'+web+'-logs/'+web+'-censys-data.json', 'w+') as file:
# json.dump(resp.json(), file, ensure_ascii=True,indent=4)
# eq = os.getcwd()
# print(G+' [+] Censys Data stored '+eq+'/tmp/logs/'+web+'-logs/'+web+'-censys-data.json')
else:
print(color.red(' [-] Did not find any info about domain '))
print(color.red(' [+] Try with another one...'))
else:
print(color.red(' [-] CENSYS API TOKENs not set!'))
print(color.red(' [-] This module cannot be used!'))
