def program_args(self): """ Defines the options/arguments sent to subjack after processing. Returns: list: list of options/arguments, beginning with the name of the executable to run """ command = [ tool_paths.get("subjack"), "-w", self.input().path, "-t", self.threads, "-a", "-timeout", "30", "-o", self.output().path, "-v", "-ssl", "-c", tool_paths.get("subjack-fingerprints"), ] return command
def test_install_go(): go = Path(tool_paths.get("go")) rs = recon_pipeline.ReconShell() run_cmd(rs, "install go") assert go.exists()
def test_install_aquatone(): aquatone = Path(tool_paths.get("aquatone")) setup_install_test(aquatone) rs = recon_pipeline.ReconShell() run_cmd(rs, "install aquatone") assert aquatone.exists() is True
def test_install_masscan(): masscan = Path(tool_paths.get("masscan")) setup_install_test(masscan) rs = recon_pipeline.ReconShell() run_cmd(rs, "install masscan") assert masscan.exists() is True
def test_install_aquatone(): aquatone = Path(tool_paths.get("aquatone")) utils.setup_install_test(aquatone) rs = recon_pipeline.ReconShell() script_out, script_err = utils.run_cmd(rs, "install aquatone") assert aquatone.exists() is True
def test_install_masscan(): masscan = Path(tool_paths.get("masscan")) utils.setup_install_test(masscan) rs = recon_pipeline.ReconShell() script_out, script_err = utils.run_cmd(rs, "install masscan") assert masscan.exists() is True
def run(self): """ Grabs the xml files created by ThreadedNmap and runs searchsploit --nmap on each one, saving the output. """ for entry in Path(self.input().path).glob("nmap*.xml"): proc = subprocess.run([tool_paths.get("searchsploit"), "--nmap", str(entry)], stderr=subprocess.PIPE) if proc.stderr: Path(self.output().path).mkdir(parents=True, exist_ok=True) # change wall-searchsploit-results/nmap.10.10.10.157-tcp to 10.10.10.157 target = entry.stem.replace("nmap.", "").replace("-tcp", "").replace("-udp", "") Path(f"{self.output().path}/searchsploit.{target}-{entry.stem[-3:]}.txt").write_bytes(proc.stderr)
def test_install_gobuster(): gobuster = Path(tool_paths.get("gobuster")) setup_install_test(gobuster) assert shutil.which("go") is not None rs = recon_pipeline.ReconShell() run_cmd(rs, "install gobuster") assert gobuster.exists() is True
def test_install_webanalyze(): webanalyze = Path(tool_paths.get("webanalyze")) setup_install_test(webanalyze) assert shutil.which("go") is not None rs = recon_pipeline.ReconShell() run_cmd(rs, "install webanalyze") assert webanalyze.exists() is True
def test_install_subjack(): subjack = Path(tool_paths.get("subjack")) setup_install_test(subjack) assert shutil.which("go") is not None rs = recon_pipeline.ReconShell() run_cmd(rs, "install subjack") assert subjack.exists() is True
def test_install_tkosubs(): tkosubs = Path(tool_paths.get("tko-subs")) setup_install_test(tkosubs) assert shutil.which("go") is not None rs = recon_pipeline.ReconShell() run_cmd(rs, "install tko-subs") assert tkosubs.exists() is True
def test_install_recursive_gobuster(): recursive_gobuster = Path(tool_paths.get("recursive-gobuster")) setup_install_test(recursive_gobuster) if recursive_gobuster.parent.exists(): shutil.rmtree(recursive_gobuster.parent) rs = recon_pipeline.ReconShell() run_cmd(rs, "install recursive-gobuster") assert recursive_gobuster.exists() is True
def test_install_corscanner(): corscanner = Path(tool_paths.get("CORScanner")) setup_install_test(corscanner) if corscanner.parent.exists(): shutil.rmtree(corscanner.parent) rs = recon_pipeline.ReconShell() run_cmd(rs, "install corscanner") assert corscanner.exists() is True
def program_args(self): """ Defines the options/arguments sent to tko-subs after processing. Returns: list: list of options/arguments, beginning with the name of the executable to run """ command = [ tool_paths.get("tko-subs"), f"-domains={self.input().path}", f"-data={tool_paths.get('tko-subs-dir')}/providers-data.csv", f"-output={self.output().path}", ] return command
def test_update_corscanner(): corscanner = Path(tool_paths.get("CORScanner")) setup_install_test() if not corscanner.parent.exists(): subprocess.run( f"sudo git clone https://github.com/chenjj/CORScanner.git {corscanner.parent}" .split()) rs = recon_pipeline.ReconShell() run_cmd(rs, "install corscanner") assert corscanner.exists() is True
def test_update_recursive_gobuster(): recursive_gobuster = Path(tool_paths.get("recursive-gobuster")) setup_install_test() if not recursive_gobuster.parent.exists(): subprocess.run( f"sudo git clone https://github.com/epi052/recursive-gobuster.git {recursive_gobuster.parent}" .split()) rs = recon_pipeline.ReconShell() run_cmd(rs, "install recursive-gobuster") assert recursive_gobuster.exists() is True
def run(self): """ Defines the options/arguments sent to webanalyze after processing. Returns: list: list of options/arguments, beginning with the name of the executable to run """ try: self.threads = abs(int(self.threads)) except TypeError: return logging.error( "The value supplied to --threads must be a non-negative integer." ) commands = list() with self.input().open() as f: for target in f: target = target.strip() try: if isinstance(ipaddress.ip_address(target), ipaddress.IPv6Address): # ipv6 target = f"[{target}]" except ValueError: # domain names raise ValueErrors, just assume we have a domain and keep on keepin on pass for url_scheme in ("https://", "http://"): command = [ tool_paths.get("webanalyze"), "-host", f"{url_scheme}{target}", ] commands.append(command) Path(self.output().path).mkdir(parents=True, exist_ok=True) cwd = Path().cwd() os.chdir(self.output().path) if not Path("apps.json").exists(): subprocess.run(f"{tool_paths.get('webanalyze')} -update".split()) with ThreadPoolExecutor(max_workers=self.threads) as executor: executor.map(self._wrapped_subprocess, commands) os.chdir(str(cwd))
def program_args(self): """ Defines the options/arguments sent to tko-subs after processing. Returns: list: list of options/arguments, beginning with the name of the executable to run """ command = [ "python3", tool_paths.get("CORScanner"), "-i", self.input().path, "-t", self.threads, "-o", self.output().path, ] return command
def run(self): """ Defines the options/arguments sent to aquatone after processing. cat webtargets.tesla.txt | /opt/aquatone -scan-timeout 900 -threads 20 Returns: list: list of options/arguments, beginning with the name of the executable to run """ Path(self.output().path).mkdir(parents=True, exist_ok=True) command = [ tool_paths.get("aquatone"), "-scan-timeout", self.scan_timeout, "-threads", self.threads, "-silent", "-out", self.output().path, ] with self.input().open() as target_list: subprocess.run(command, stdin=target_list)
def run(self): """ Defines the options/arguments sent to gobuster after processing. Returns: list: list of options/arguments, beginning with the name of the executable to run """ try: self.threads = abs(int(self.threads)) except TypeError: return logging.error("The value supplied to --threads must be a non-negative integer.") commands = list() with self.input().open() as f: for target in f: target = target.strip() try: if isinstance(ipaddress.ip_address(target), ipaddress.IPv6Address): # ipv6 target = f"[{target}]" except ValueError: # domain names raise ValueErrors, just assume we have a domain and keep on keepin on pass for url_scheme in ("https://", "http://"): if self.recursive: command = [ tool_paths.get("recursive-gobuster"), "-w", self.wordlist, f"{url_scheme}{target}", ] else: command = [ tool_paths.get("gobuster"), "dir", "-q", "-e", "-k", "-u", f"{url_scheme}{target}", "-w", self.wordlist, "-o", Path(self.output().path).joinpath( f"gobuster.{url_scheme.replace('//', '_').replace(':', '')}{target}.txt" ), ] if self.extensions: command.extend(["-x", self.extensions]) if self.proxy: command.extend(["-p", self.proxy]) commands.append(command) Path(self.output().path).mkdir(parents=True, exist_ok=True) if self.recursive: # workaround for recursive gobuster not accepting output directory cwd = Path().cwd() os.chdir(self.output().path) with ThreadPoolExecutor(max_workers=self.threads) as executor: executor.map(subprocess.run, commands) if self.recursive: os.chdir(str(cwd))