def slack_done(options):
utils.print_info(f"Sending {noti_type} notification to slack")
channel = options.get('STATUS_CHANNEL')
module = options.get('CURRENT_MODULE')
target = options.get('TARGET')
emoji = get_emoji()
message = f'{emoji} Done *{module}* on *{target}*'
client = slack.WebClient(token=options.get('SLACK_BOT_TOKEN'))
client.chat_postMessage(
channel=channel,
blocks=[
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": message,
},
# "accessory": {
# "type": "image",
# "image_url": get_emoji(),
# "alt_text": 'status',
# }
},
{
"type": "divider"
}
]
)
def parsing_argument(args):
# parsing agument
options = config.parsing_config(args)
# Start Django API if it's not running
if not args.client:
if not utils.connection_check('127.0.0.1', 8000):
p = Process(target=start_server, args=(options.get('localhost'), ))
p.start()
# wait for Django API start
time.sleep(3)
else:
utils.print_info("Look like Django API already ran")
options = auth.login(options)
if not options or not (options['JWT'] and options['JWT'] != "None"):
utils.print_bad("Can't login to get JWT")
sys.exit(-1)
# run list of target
if options.get('target_list') and utils.not_empty_file(
options.get('target_list')):
targets = utils.just_read(options.get('target_list'), get_list=True)
for target in targets:
options['raw_target'] = target
options['workspace'] = target
single_target(options)
else:
single_target(options)
def custom_help_():
utils.print_info(
"Visit this page for complete usage: https://j3ssie.github.io/Osmedeus/")
print('''{1}
{2}Basic Usage{1}
===========
python3 osmedeus.py -t <your_target>
python3 osmedeus.py -t <your_target> --slack --monitor
python3 osmedeus.py -t <your_target> --telegram
python3 osmedeus.py -T <list_of_targets>
python3 osmedeus.py -m <module> [-i <input>|-I <input_file>] [-t workspace_name]
python3 osmedeus.py --report <mode> -t <workspace> [-m <module>]
{2}Advanced Usage{1}
==============
{0}[*] List all module{1}
python3 osmedeus.py -M
{0}[*] List all report mode{1}
python3 osmedeus.py --report help
{0}[*] Running with specific module{1}
python3 osmedeus.py -w <result_folder> -m <module_name> -i <your_target>
{0}[*] Example command{1}
python3 osmedeus.py -w sample2 -m vuln -i hosts.txt
python3 osmedeus.py -w sample2 -m dirb -I /tmp/list_of_hosts.txt
{2}Remote Options{1}
==============
--remote REMOTE Remote address for API, (default: https://127.0.0.1:5000)
--auth AUTH Specify authentication e.g: --auth="username:password"
See your config file for more detail (default: {2}core/config.conf{1})
--client just run client stuff in case you already ran the Django server before
{2}More options{1}
==============
--update Update lastest from git
-c CONFIG, --config CONFIG
Specify config file (default: {2}core/config.conf{1})
-w WORKSPACE, --workspace WORKSPACE
Custom workspace folder
-f, --force force to run the module again if output exists
-s, --slow "all"
All module running as slow mode
-s, --slow "subdomain"
Only running slow mode in subdomain module
--slack Enable slack notification
--telegram Enable telegram notification
--monitor Enable monitor new assets
--debug Just for debug purpose
'''.format(G, GR, B))
sys.exit(0)
def resume(self):
polling.clear_activities(self.options)
# checking if final result of the module is done or not
final_output = report.get_report_path(self.options, get_final=True)
if utils.is_done(self.options, final_output):
utils.print_info(
"Module already done. Use '-f' option if you want to re run it")
return False
return True
def sub_routine(self, commands, kind='post'):
utils.print_info('Starting {0} routine for {1}'.format(
kind, self.options.get('CURRENT_MODULE')))
for command in commands:
if 'pre' in kind:
sub_method = command.get('pre_run')
elif 'post' in kind:
sub_method = command.get('post_run')
if sub_method and sub_method in self.methods:
# bypass this and get a RCE :)
eval_string = utils.safe_eval('self.{0}(command)', sub_method)
if eval_string:
eval(eval_string)
utils.random_sleep(fixed=0.5)
def slack_notification(noti_type, options, output=None):
utils.print_info(f"Sending {noti_type} notification to slack")
if not options.get('SLACK'):
return
if output and 'report' in noti_type:
if type(output) == list:
output = list(set(output))
for report in output:
if utils.not_empty_file(report):
slack_file(options, report)
else:
if utils.not_empty_file(output):
slack_file(options, output)
else:
slack_noti(options, str(noti_type))
def parsing_argument(args):
# parsing agument
options = config.parsing_config(args)
# Start Django API if it's not
if not args.client:
if not utils.connection_check('127.0.0.1', 8000):
utils.print_line()
p = Process(target=start_server)
p.start()
# wait for Django API start
time.sleep(3)
utils.print_line()
else:
utils.print_info("Look like Django API already ran")
options = auth.login(options)
single_target(options)
def _config_file_handle(config_path, remote, credentials):
# checking for config path
if os.path.isfile(config_path):
utils.print_info('Loading config file from: {0}'.format(config_path))
else:
utils.print_info('New config file created: {0}'.format(config_path))
utils.file_copy(utils.TEMPLATE_CLIENT_CONFIG, config_path)
configs = utils.just_read_config(config_path, raw=True)
remote, credentials = _handle_remote(remote, credentials, configs)
# write the config again
configs.set('Server', 'remote_api', remote)
configs.set('Server', 'username', credentials[0])
configs.set('Server', 'password', credentials[1])
with open(config_path, 'w+') as configfile:
configs.write(configfile)
return remote, credentials
def get_subdomains(self, command):
utils.print_info("Joining all previous subdomain")
final_path = command.get('requirement')
if utils.not_empty_file(final_path):
return
subdomain_modules = [
'SubdomainScanning', 'PermutationScan', 'VhostScan'
]
needed_reports = []
# get reports
reports = report.get_report_path(self.options, module=False)
for rep in reports:
if rep.get('module') in subdomain_modules and 'final' in rep.get(
'note'):
if utils.not_empty_file(rep.get('report_path')):
needed_reports.append(rep.get('report_path'))
utils.join_files(needed_reports, final_path)
if utils.not_empty_file(final_path):
utils.check_output(final_path)
def waiting(options, delay=20, times=0):
elapsed_time = 0
if times:
count = 0
module_name = options.get('CURRENT_MODULE', False)
utils.print_info('Waiting for {0} module'.format(module_name))
checking = poll_status(options)
while checking:
time.sleep(delay)
if not times:
# just don't print this too much
if ((elapsed_time / delay) % 10) == 0:
utils.print_info('Waiting for {0} module'.format(module_name))
time.sleep(delay)
if times:
utils.print_info('Waiting for {0} module {1}/{2}'.format(
module_name, str(count), str(times)))
if count == int(times):
poll_status(options, forced=True)
utils.print_bad(
"Something bad with {0} module but force to continue".
format(module_name))
break
count += 1
checking = poll_status(options)
def init_workspace(options):
url = options.get('remote_api') + "/api/workspace/create/"
headers = send.osmedeus_headers
headers['Authorization'] = options.get('JWT')
body = {
"raw_target": options.get('raw_target'),
'mode': options.get('mode'),
'modules': options.get('modules', 'None'),
'speed': options.get('speed'),
'forced': options.get('forced'),
'debug': options.get('debug'),
}
if options.get('workspace', False):
body["workspace"] = options.get('workspace')
r = send.send_post(url, body, headers=headers, is_json=True)
if r:
options['workspace'] = r.json().get('workspace')
# just print some log
if r.json().get('status') == 200:
utils.print_good("New workspace created")
elif r.json().get('status') == 442:
utils.print_info(
"Workspaces already exists. Use '-w <new workspace name>' option if you want to create new one"
)
arguments = get_workspace_info(options)
if arguments:
options = {**options, **arguments}
# just upper all key
final_options = {}
for key in options.keys():
final_options[key.upper()] = options.get(key)
return final_options
utils.print_bad("Fail to create new workspace")
return False
def initial(self):
self.banner()
self.module_name = self.__class__.__name__
self.delay = 30
self.options['CURRENT_MODULE'] = str(self.module_name)
# check if you want to ignore a module or not
if speed.excluded(self.options):
utils.print_info("Detect Ignore module: {0}".format(
self.module_name))
return
# check speed of the modules
self.options['CURRENT_SPEED'] = speed.parse_speed(self.options)
# check report file here
if not self.resume():
utils.print_line()
return
slack_noti.slack_notification('status', self.options)
self.routine()
# some noti here
self.conclude()
slack_noti.slack_notification('done', self.options)
self.additional_routine()
