def update_ports(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
csv_data = utils.just_read(command.get('output_path'), get_list=True)
if not csv_data:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
result = {}
for line in csv_data[1:]:
host = line.split(',')[0]
port = line.split(',')[3]
if result.get('host', None):
result[host] += "," + str(port).strip(',')
else:
result[host] = port
final_result = []
for host, ports in result.items():
item = "ip_address|{0};;ports|{1}".format(host, ports)
final_result.append(item)
utils.just_write(command.get('cleaned_output'),
"\n".join(final_result))
def get_scheme(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
csv_data = utils.just_read(command.get('requirement'), get_list=True)
if not csv_data:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
summaries, result = [], []
for line in csv_data[1:]:
# print(line)
if ',' not in line or len(line.split(',')) < 3:
continue
_results = line.split(',')
host = _results[0].strip('"')
port = _results[2].strip('"')
service = _results[4].strip('"') + "/" + _results[5].strip('"')
result.append("http://" + host + ":" + port)
result.append("https://" + host + ":" + port)
sum_line = f"domain|{host};;ip_address|{host};;ports|{port};;technologies|{service}"
summaries.append(sum_line)
# print(sum_line)
scheme_path = utils.replace_argument(
self.options, '$WORKSPACE/vulnscan/scheme-$OUTPUT.txt')
utils.just_write(scheme_path, "\n".join(result))
# update summaries table
formatted_summary = utils.replace_argument(
self.options, '$WORKSPACE/vulnscan/formatted-summary-$OUTPUT.txt')
utils.just_write(formatted_summary, "\n".join(summaries))
summary.push_with_file(self.options, formatted_summary)
def update_ports(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(command.get('banner'),
command.get('pre_run')))
csv_data = utils.just_read(command.get('requirement'), get_list=True)
if not csv_data:
utils.print_bad('Requirement not found: {0}'.format(
command.get('requirement')))
return False
result = {}
for line in csv_data[1:]:
host = line.split(',')[0]
port = line.split(',')[3]
if result.get(host, None):
result[host] += "," + str(port).strip(',')
else:
result[host] = port
# store it as format can submit to summaries
final_result = []
for host, ports in result.items():
item = "ip_address|{0};;ports|{1}".format(host, ports)
final_result.append(item)
utils.just_write(command.get('cleaned_output'),
"\n".join(final_result))
summary.push_with_file(self.options, command.get('cleaned_output'))
def update_tech(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
output = utils.just_read(command.get('output_path'), get_list=True)
if not output:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
tech_summaries = []
for line in output:
try:
jsonl = utils.get_json(line)
if jsonl.get('matches'):
domain = utils.get_domain(jsonl.get('hostname'))
techs = [x.get('app_name') for x in jsonl.get('matches')]
item = "domain|{0};;technologies|{1}".format(
domain, ",".join(techs))
tech_summaries.append(item)
except:
pass
cleaned_output = utils.just_write(command.get('cleaned_output'),
"\n".join(tech_summaries))
if cleaned_output:
utils.check_output(command.get('cleaned_output'))
# update technologies to db
summary.push_with_file(self.options, command.get('cleaned_output'))
def clean_gowitness(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
real_cmd = utils.resolve_command(
self.options, {
"banner":
"gowitness gen report",
"cmd":
"$GO_PATH/gowitness report generate -n $WORKSPACE/portscan/screenshot/$OUTPUT-raw-gowitness.html --destination $WORKSPACE/portscan/screenshot/raw-gowitness/ --db $WORKSPACE/portscan/screenshot/gowitness.db",
"output_path":
"$WORKSPACE/portscan/screenshot/$OUTPUT-raw-gowitness.html",
})
execute.send_cmd(self.options, real_cmd)
raw_html = utils.just_read(real_cmd.get('output_path'))
if not raw_html:
utils.print_bad('Requirement not found: {0}'.format(
real_cmd.get('output_path')))
return False
local_path = utils.replace_argument(self.options,
'$WORKSPACE/portscan/')
real_html = raw_html.replace(local_path, '')
utils.just_write(command.get('cleaned_output'), real_html)
utils.check_output(command.get('cleaned_output'))
def clean_massdns(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
output = utils.just_read(command.get('output_path'), get_list=True)
if not output:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
only_A_record, summaries, resolved = [], [], []
for line in output:
if '. A ' in line:
only_A_record.append(line.split('. A ')[1].strip())
resolved.append(line.split('. A ')[0])
summary = "domain|{0};;ip_address|{1}".format(
line.split('. A ')[0],
line.split('. A ')[1])
summaries.append(summary)
elif '. CNAME ' in line:
resolved.append(line.split('. CNAME ')[0])
cleaned_output = utils.just_write(command.get('cleaned_output'),
"\n".join(only_A_record))
resolved_path = utils.replace_argument(
self.options, '$WORKSPACE/probing/resolved-$OUTPUT.txt')
resolved_output = utils.just_write(resolved_path, "\n".join(resolved))
if cleaned_output:
utils.check_output(command.get('cleaned_output'))
if resolved_output:
utils.check_output(resolved_path)
self.update_summaries(summaries)
def clean_gobuster(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
output = utils.just_read(command.get('output_path'))
if not output:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
cleaned_output = utils.just_write(command.get('cleaned_output'),
output.replace('Found: ', ''))
if cleaned_output:
utils.check_output(command.get('cleaned_output'))
def run(self, commands):
for command in commands:
if command.get('cmd') == 'ignore' or command.get('cmd') == '':
continue
if self.options['CURRENT_SPEED'] == command.get('speed') or command.get('speed') == 'general':
utils.print_good(
'Starting {0}'.format(command.get('banner')))
if utils.check_required(command):
# really execute it
execute.send_cmd(self.options, command)
polling.waiting(self.options, delay=self.delay)
utils.random_sleep(fixed=0.5)
def get_domain(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
output = utils.just_read(command.get('output_path'))
if not output:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
no_scheme = output.replace('https://', '').replace('http://', '')
utils.just_write(command.get('cleaned_output'), no_scheme)
if command.get('cleaned_output'):
utils.check_output(command.get('cleaned_output'))
def clean_gowitness(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
raw_html = utils.just_read(command.get('output_path'))
if not raw_html:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
local_path = utils.replace_argument(
self.options, '$WORKSPACE/screenshot/')
real_html = raw_html.replace(local_path, '')
utils.just_write(command.get('cleaned_output'), real_html)
def login(options):
url = options.get('remote_api') + "/auth/api/token/"
body = {
"username": options.get('credentials')[0],
"password": options.get('credentials')[1]
}
r = send.send_post(url, body, is_json=True)
if r.json().get('access'):
utils.print_good("Authentication success")
jwt = 'Osmedeus ' + r.json().get('access')
options['JWT'] = jwt
return options
utils.print_bad("Authentication failed")
return False
def clean_massdns(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(command.get('banner'), command.get('post_run')))
output = utils.just_read(command.get('output_path'), get_list=True)
if not output:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
# only get A record
only_A_record = "\n".join([x.split('. A ')[0] for x in output if '. A ' in x])
cleaned_output = utils.just_write(command.get(
'cleaned_output'), only_A_record)
if cleaned_output:
utils.check_output(command.get('cleaned_output'))
def clear_activities(options):
ws = utils.get_workspace(options=options)
module = options.get('CURRENT_MODULE', False)
url = options.get('REMOTE_API') + "/api/activities/clear/"
body = {
"workspace": ws,
"module": module,
}
headers = send.osmedeus_headers
headers['Authorization'] = options.get('JWT')
r = send.send_post(url, body, headers=headers, is_json=True)
if r and r.json().get('status') == 200:
utils.print_good("Clean old activities for {0}:{1}".format(ws, module))
return True
return False
def push_with_file(options, final_output, update_type='partial'):
utils.print_good("Update Summaries table from: {0}".format(final_output))
ws = utils.get_workspace(options=options)
url = options.get('REMOTE_API') + "/api/summaries/set/"
headers = send.osmedeus_headers
headers['Authorization'] = options.get('JWT')
body = {
"domains_file": final_output,
"domains": [],
"workspace": ws,
"update_type": update_type
}
# print(body)
r = send.send_post(url, body, headers=headers, is_json=True)
# return too soon or 500 status we have something wrong
if r and r.json().get('status') == 200:
return True
return False
def clean_findomain(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
output = utils.just_read(command.get('output_path'), get_list=True)
if not output:
utils.print_bad('Output not found: {0}'.format(
command.get('output_path')))
return False
result = []
for line in output:
if '>>' in line.strip():
domain = line.strip().strip('>> ').split(' => ')[0]
ip = line.strip().strip('>> ').split(' => ')[0]
result.append(domain)
cleaned_output = utils.just_write(command.get('cleaned_output'),
"\n".join(result))
if cleaned_output:
utils.check_output(command.get('cleaned_output'))
def login(options):
url = options.get('remote_api') + "/auth/api/token/"
body = {
"username": options.get('credentials')[0],
"password": options.get('credentials')[1]
}
r = send.send_post(url, body, is_json=True)
try:
if r.json().get('access'):
utils.print_good("Authentication success")
jwt = 'Osmedeus ' + r.json().get('access')
options['JWT'] = jwt
return options
except:
utils.print_bad("Authentication failed at: " + url)
print('''
[!] This might happened by running Osmedeus with sudo but the install process running with normal user
You should install the whole Osmedeus and running it with root user.
Or whitelist masscan + nmap in sudoers file because it's required sudo permission.
''')
return False
def init_workspace(options):
url = options.get('remote_api') + "/api/workspace/create/"
headers = send.osmedeus_headers
headers['Authorization'] = options.get('JWT')
body = {
"raw_target": options.get('raw_target'),
'mode': options.get('mode'),
'modules': options.get('modules', 'None'),
'speed': options.get('speed'),
'forced': options.get('forced'),
'debug': options.get('debug'),
}
if options.get('workspace', False):
body["workspace"] = options.get('workspace')
r = send.send_post(url, body, headers=headers, is_json=True)
if r:
options['workspace'] = r.json().get('workspace')
# just print some log
if r.json().get('status') == 200:
utils.print_good("New workspace created")
elif r.json().get('status') == 442:
utils.print_info(
"Workspaces already exists. Use '-w <new workspace name>' option if you want to create new one"
)
arguments = get_workspace_info(options)
if arguments:
options = {**options, **arguments}
# just upper all key
final_options = {}
for key in options.keys():
final_options[key.upper()] = options.get(key)
return final_options
utils.print_bad("Fail to create new workspace")
return False
def routine_handle(options):
if options.get('mode') == "report":
utils.print_load("Running with report mode")
report.handle(options)
return
utils.print_target(options.get('TARGET'))
# move last result to monitor path and add options to compare
if options.get('MONITOR'):
options['COMPARE_PATH'] = backup.init_backup(options)
utils.print_good("Created compare workspaces: {0}".format(
options['COMPARE_PATH']))
# really start the routine
if options['MODE'] == "general":
general.handle(options)
elif options['MODE'] == "direct":
direct.handle(options)
elif options['MODE'] == "direct_list":
direct_list.handle(options)
def get_scheme(self, command):
utils.print_good('Preparing for {0}:{1}'.format(
command.get('banner'), command.get('pre_run')))
scheme_path = utils.replace_argument(
self.options, '$WORKSPACE/portscan/scheme-$OUTPUT.txt')
csv_data = utils.just_read(command.get('requirement'), get_list=True)
if not csv_data:
utils.print_bad('Requirement not found: {0}'.format(
command.get('requirement')))
return False
result = []
for line in csv_data[1:]:
host = line.split(',')[0]
port = line.split(',')[3]
result.append("http://" + host + ":" + port)
result.append("https://" + host + ":" + port)
utils.just_write(scheme_path, "\n".join(result))
utils.check_output(scheme_path)
def clean_massdns(self, command):
utils.print_good('Cleaning for {0}:{1}'.format(
command.get('banner'), command.get('post_run')))
output = utils.just_read(command.get('output_path'), get_list=True)
if output:
only_A_record, resolved, ips = [], [], []
for line in output:
if '. A ' in line:
ip = line.split('. A ')[1].strip()
domain = line.split('. A ')[0]
only_A_record.append(domain)
ips.append(ip)
resolved.append(line.split('. A ')[0])
cleaned_output = utils.just_write(command.get(
'cleaned_output'), "\n".join(ips))
if cleaned_output:
utils.check_output(command.get('cleaned_output'))
self.join_ip(command)
def unique_result(self):
utils.print_good('Unique result')
pass
