def process_queue(webserver_queue, nikto_folder, args): while True: webserver = webserver_queue.get() url = "{}://{}:{}".format(webserver['service_name'], webserver['ipv4'], webserver['port']) if not utils.check_url(url)[0]: continue LOG.debug("Working on url: {}:{}".format(webserver['ipv4'], webserver['port'])) command, html_path = create_command(webserver, nikto_folder, args.proxy) text_output = run_commands.bash_command(command) run_commands.create_html_file(text_output, command, html_path) webserver_queue.task_done() continue
def run_nikto(url_dict, output_dir, proxy, screenshot=False): html_path = os.path.join( output_dir, f"nikto_{url_dict['domain']}_{url_dict['port']}.html") csv_path = os.path.join( output_dir, f"nikto_{url_dict['domain']}_{url_dict['port']}.csv") if proxy: log.info(f"Using proxy: {proxy}") command_text = NIKTO_PROXY_COMMAND else: command_text = NIKTO_COMMAND command = command_text.format(domain=url_dict['domain'], port=url_dict['port'], root=url_dict['root'], ssl=url_dict['ssl'], output=csv_path, proxy=proxy) log.info('Running command: {}'.format(command)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and screenshot: log.info( "Creating a screenshot of the output and saving it to {}".format( screenshot)) utils.dir_exists(screenshot, True) utils.selenium_image(html_output, screenshot) if not html_output: log.error("Didn't receive a response from running the command.")
def main(output, url, no_screenshot, proxy): os.makedirs(output, exist_ok=True) output_dir = output output = os.path.join(output, "nmap_sT_common_{}".format(url)) if proxy: command = """nmap -sT --proxy-type socks5h --proxy {proxy} -oA {output} {url}""".format( output=output, url=url, proxy=proxy) else: command = """nmap -sT -oA {output} {url}""".format(output=output, url=url) LOG.info("Running the command: {}".format(command)) file_name = "nmap_sT_common_{}.html".format(url) html_path = os.path.join(output_dir, file_name) LOG.info("Saving output to: {}".format(html_path)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and not no_screenshot: screenshot_path = os.path.join(output_dir, "screenshots") LOG.info( "Creating a screenshot of the output and saving it to {}".format( screenshot_path)) utils.dir_exists(screenshot_path, True) utils.selenium_image(html_output, screenshot_path) if not html_output: LOG.error("Didn't receive a response from running the command.")
def run_testssl(url, output, no_screenshot, proxy): if not utils.uses_encryption(url): return parsed_url = urlparse(url) port = '443' if parsed_url.port: port = str(parsed_url.port) html_path = os.path.join(output, f"testssl_{parsed_url.netloc}_{port}.html") csv_output = os.path.join(output, f"testssl_{parsed_url.netloc}_{port}.csv") if os.path.isfile(csv_output): LOG.info("CSV file already exists, deleting it.") os.remove(csv_output) if proxy: command = f"testssl --warnings off --csvfile {csv_output} --proxy {proxy} {url}" else: command = f"testssl --warnings off --csvfile {csv_output} {url}" LOG.info('Running command: {}'.format(command)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and not no_screenshot: screenshot_path = os.path.join(output, "screenshots") LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot_path)) utils.dir_exists(screenshot_path, True) utils.selenium_image(html_output, screenshot_path) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running whatweb for {}".format(args.url)) if args.proxy: # command = 'whatweb -v -a 3 --proxy {proxy} --user-agent "{ua}" {url}'.format( # ua=USER_AGENT, url=args.url, proxy=args.proxy) command = [ 'whatweb', '-v', '-a', '3', '--proxy', args.proxy, '--user-agent', '"' + USER_AGENT + '"', args.url ] else: # command = 'whatweb -v -a 3 --user-agent "{ua}" {url}'.format(ua=USER_AGENT, url=args.url) command = [ 'whatweb', '-v', '-a', '3', '--user-agent', '"' + USER_AGENT + '"', args.url ] LOG.info(command) netloc = urlparse(args.url).netloc domain = netloc.split(":")[0] html_path = os.path.join(args.output, "whatweb_{}.html".format(domain)) text_output = run_commands.bash_command(command, split=False) html_output = run_commands.create_html_file(text_output, command, html_path) # text_output = run_commands.bash_command(command_string, split=False) # html_output = run_commands.create_html_file(text_output, command_string, html_path) if html_output and args.screenshot: LOG.info( "Creating a screenshot of the output and saving it to {}".format( args.screenshot)) utils.dir_exists(args.screenshot, True) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running nikto for {}".format(args.url)) parsed_url = urlparse(args.url) netloc = parsed_url.netloc # if non-standard port break it up. if ":" in netloc: domain = netloc.split(":")[0] port = netloc.split(":")[1] # otherwise port is based on scheme else: domain = netloc if parsed_url.scheme == 'http': port = '80' else: port = '443' if parsed_url.scheme == 'https': ssl = " -ssl" else: ssl = "" if parsed_url.path: root = " -root " + parsed_url.path else: root = "" command = NIKTO_COMMAND.format(domain=domain, port=port, root=root, ssl=ssl) netloc = urlparse(args.url).netloc domain = netloc.split(":")[0] html_path = os.path.join(args.output, "nikto_{}.html".format(domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: LOG.info("Creating a screenshot of the output and saving it to {}".format(args.screenshot)) utils.dir_exists(args.screenshot, True) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running nmap with http-methods script for {}".format(args.url)) parsed_url = urlparse(args.url) netloc = parsed_url.netloc # if non-standard port break it up. if ":" in netloc: domain = netloc.split(":")[0] port = netloc.split(":")[1] # otherwise port is based on scheme else: domain = netloc if parsed_url.scheme == 'http': port = '80' else: port = '443' if parsed_url.path: command = "nmap --script http-methods --script-args http-methods.url-path='{path}' -p {port} {domain}".format( path=parsed_url.path, port=port, domain=domain) else: command = "nmap --script http-methods -p {port} {domain}".format( port=port, domain=domain) LOG.info(f"Running command: {command}") html_path = os.path.join(args.output, "http_methods_{}.html".format(domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running whois for {}".format(args.domain)) command = "whois -H {domain}".format(domain=args.domain) html_path = os.path.join(args.output, "whois_{}.html".format(args.domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: LOG.info("Creating a screenshot of the output and saving it to {}".format(args.screenshot)) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def run_escan(ips_file, output_dir, screenshot=False): html_path = os.path.join(output_dir, "eternal_scan.html") command = f'escan -ck {ips_file}' LOG.info('Running command: ' + command) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and screenshot: LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot)) utils.dir_exists(screenshot, True) utils.selenium_image(html_output, screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def run_brute(args): rc_brute = os.path.join(args.ptfolder, "rc_files/recon_brute.rc") command = "recon-ng -r {}".format(rc_brute) LOG.info("Running the command: {}".format(command)) file_name = "recon_brute.html" html_path = os.path.join(args.output, file_name) LOG.info("Saving output to: {}".format(html_path)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: utils.selenium_image(html_output, args.screenshot, x=800, y=800, cropx=-10, cropy=-100, sleep=2, bottom=True) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running yasuo") command = "yasuo.rb -s /opt/yasuo/signatures.yaml -f {nmap_xml} -t 10".format( nmap_xml=args.input) LOG.info("Running the command: {}".format(command)) html_path = os.path.join(args.output, "yasuo.html") LOG.info("Saving output to: {}".format(html_path)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running uniscan on {}".format(args.url)) netloc = urlparse(args.url).netloc domain = netloc.split(":")[0] url = urlparse(args.url).scheme + "://" + netloc + urlparse(args.url).path command = "uniscan -u {url} -qweds".format(url=url) html_path = os.path.join(args.output, "uniscan_{}.html".format(domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: LOG.info("Creating a screenshot of the output and saving it to {}".format(args.screenshot)) utils.dir_exists(args.screenshot, True) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): testssl_folder = os.path.join(args.output, "testssl") utils.dir_exists(testssl_folder, True) for url in utils.parse_webserver_urls(args.input): if not utils.uses_encryption(url): LOG.debug("Skipping, no encryption: {}".format(url)) continue if not utils.check_url(url)[0]: continue LOG.info("Testing url: {}".format(url)) testssl_command, html_output = create_command(url, testssl_folder) text_output = run_commands.bash_command(testssl_command) html_output = run_commands.create_html_file(text_output, testssl_command, html_output) LOG.debug("Saving output to {}".format(html_output))
def main(args): LOG.info("Running nmap") os.makedirs(args.output, exist_ok=True) output = os.path.join(args.output, "nmap_sT_common") command = """nmap -sT -oA {output} -iL {input_file}""".format( output=output, input_file=args.input) LOG.info("Running the command: {}".format(command)) file_name = "nmap_sT_common.html" html_path = os.path.join(args.output, file_name) LOG.info("Saving output to: {}".format(html_path)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def run_wpscan(url, output_dir, screenshot=False): html_path = os.path.join(output_dir, f"wpscan_{url['domain']}_{url['port']}.html") command = WPSCAN_COMMAND.format(url=url['url']) LOG.info('Running command: {}'.format(command)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and screenshot: LOG.info( "Creating a screenshot of the output and saving it to {}".format( screenshot)) utils.dir_exists(screenshot, True) utils.selenium_image(html_output, screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running theHarvester") os.makedirs(args.output, exist_ok=True) output = os.path.join(args.output, "harvester.html") command = """theHarvester -d {domain} -b all -l 100 -f {output}""".format( domain=args.domain, output=output) LOG.info("Running the command: {}".format(command)) file_name = "harvester_output.html" html_path = os.path.join(args.output, file_name) LOG.info("Saving output to: {}".format(html_path)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running wafw00f for {}".format(args.url)) command = "wafw00f -a {url}".format(url=args.url) netloc = urlparse(args.url).netloc domain = netloc.split(":")[0] html_path = os.path.join(args.output, "wafw00f_{}.html".format(domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: LOG.info( "Creating a screenshot of the output and saving it to {}".format( args.screenshot)) utils.dir_exists(args.screenshot, True) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running dirb for {}".format(args.url)) netloc = urlparse(args.url).netloc domain = netloc.split(":")[0] command = "dirb {url} /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-small.txt -S".format( url=args.url) html_path = os.path.join(args.output, "dirb_{}.html".format(domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: LOG.info( "Creating a screenshot of the output and saving it to {}".format( args.screenshot)) utils.dir_exists(args.screenshot, True) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(output, url, no_screenshot, proxy): if proxy: command = "wafw00f -a -p {proxy} {url}".format(proxy=proxy, url=url) else: command = "wafw00f -a {url}".format(url=url) LOG.info("Running wafw00f command: {}".format(command)) netloc = urlparse(url).netloc domain = netloc.split(":")[0] html_path = os.path.join(output, "wafw00f_{}.html".format(domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and not no_screenshot: screenshot_path = os.path.join(output, "screenshots") LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot_path)) utils.dir_exists(screenshot_path, True) utils.selenium_image(html_output, screenshot_path) if not html_output: LOG.error("Didn't receive a response from running the command.")
def run_whatweb(url, output_dir, screenshot=False): parsed_url = urlparse(url) port = parsed_url.port if not port: if parsed_url.scheme == 'http': port = '80' else: port = '443' html_path = os.path.join(output_dir, f"whatweb_{parsed_url.netloc}_{port}.html") command = WHATWEB_COMMAND.format(url=url) LOG.info('Running command: {}'.format(command)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and screenshot: LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot)) utils.dir_exists(screenshot, True) utils.selenium_image(html_output, screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running gobuster for {}".format(args.url)) netloc = urlparse(args.url).netloc domain = netloc.split(":")[0] if args.proxy: command = PROXY_COMMAND.format(url=args.url, proxy=args.proxy) else: command = COMMAND.format(url=args.url) html_path = os.path.join(args.output, "gobuster_{}.html".format(domain)) text_output = run_commands.bash_command(command) html_output = run_commands.create_html_file(text_output, command, html_path) if html_output and args.screenshot: LOG.info( "Creating a screenshot of the output and saving it to {}".format( args.screenshot)) utils.dir_exists(args.screenshot, True) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")
def main(args): LOG.info("Running whatweb for {}".format(args.url)) command_string = 'whatweb -v -a 3 --user-agent {ua} {url}'.format( ua=USER_AGENT, url=args.url) command = 'whatweb -v -a 3 --user-agent'.split() command += [USER_AGENT, args.url] LOG.info(command_string) netloc = urlparse(args.url).netloc domain = netloc.split(":")[0] html_path = os.path.join(args.output, "whatweb_{}.html".format(domain)) text_output = run_commands.bash_command(command, split=False) html_output = run_commands.create_html_file(text_output, command_string, html_path) if html_output and args.screenshot: LOG.info( "Creating a screenshot of the output and saving it to {}".format( args.screenshot)) utils.dir_exists(args.screenshot, True) utils.selenium_image(html_output, args.screenshot) if not html_output: LOG.error("Didn't receive a response from running the command.")