def linkfinder(self): utils.print_good('Starting linkfinder') if self.is_direct: if utils.not_empty_file(self.is_direct): http_domains = utils.just_read(self.is_direct) # just return if direct input is just a string else: domain = self.is_direct strip_domain = utils.get_domain(domain) if strip_domain == domain: domain = 'http://' + domain cmd = 'python3 $PLUGINS_PATH/LinkFinder/linkfinder.py -i {0} -d -o cli | tee $WORKSPACE/assets/linkfinder/{1}-linkfinder.txt'.format( domain, strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/assets/linkfinder/{0}-linkfinder.txt'.format( strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/assets/linkfinder/{0}-linkfinder.std'.format( strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) return None else: if self.options['SPEED'] != 'slow': utils.print_good("Skipping linkfinder in quick mode") return None http_domains = utils.replace_argument( self.options, '$WORKSPACE/assets/http-$OUTPUT.txt') utils.make_directory(self.options['WORKSPACE'] + '/assets/linkfinder') if utils.not_empty_file(http_domains): domains = utils.just_read(http_domains) for domain in domains.splitlines(): strip_domain = utils.get_domain(domain) cmd = 'python3 $PLUGINS_PATH/LinkFinder/linkfinder.py -i {0} -d -o cli | tee $WORKSPACE/assets/linkfinder/{1}-linkfinder.txt'.format( domain, strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/assets/linkfinder/{0}-linkfinder.txt'.format( strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/assets/linkfinder/{0}-linkfinder.std'.format( strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name)
def prepare_input(self): if self.is_direct: # if direct input was file just read it if utils.not_empty_file(self.is_direct): ip_list = utils.just_read(self.is_direct).splitlines() # get input string else: ip_list = utils.get_domain(self.is_direct).strip() else: main_json = utils.reading_json( utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) main_json['Modules'][self.module_name] = [] if self.options['SPEED'] == 'slow': ip_list = [ x.get("IP") for x in main_json['Subdomains'] if x.get("IP") is not None ] + main_json['IP Space'] elif self.options['SPEED'] == 'quick': ip_list = [ x.get("IP") for x in main_json['Subdomains'] if x.get("IP") is not None ] ip_list = list(set([ip for ip in ip_list if ip != 'N/A'])) if self.options['DEBUG'] == 'True': ip_list = list(ip_list)[:5] # utils.print_debug(ip_list) return ip_list
def gowithness(self, data): # add http:// and https:// prefix to domain domains = [] utils.make_directory(self.options['WORKSPACE'] + '/screenshot/screenshoots-gowitness') for item in data: host = utils.get_domain(item) domains.append("http://" + host) domains.append("https://" + host) http_file = utils.replace_argument( self.options, '$WORKSPACE/screenshot/$OUTPUT-hosts.txt') utils.just_write(http_file, "\n".join(domains)) utils.clean_up(http_file) time.sleep(2) # screenshots with gowitness cmd = "$GO_PATH/gowitness file -s $WORKSPACE/screenshot/$OUTPUT-hosts.txt -t 30 --log-level fatal --destination $WORKSPACE/screenshot/screenshoots-gowitness/ --db $WORKSPACE/screenshot/screenshoots-gowitness/gowitness.db" execute.send_cmd(self.options, utils.replace_argument(self.options, cmd), '', '', self.module_name) utils.just_waiting(self.options, self.module_name, seconds=10) cmd = "$GO_PATH/gowitness generate -n $WORKSPACE/screenshot/$OUTPUT-gowitness-screenshots.html --destination $WORKSPACE/screenshot/screenshoots-gowitness/ --db $WORKSPACE/screenshot/screenshoots-gowitness/gowitness.db" html_path = utils.replace_argument( self.options, "$WORKSPACE/portscan/$OUTPUT-gowitness-screenshots.html") execute.send_cmd(self.options, utils.replace_argument(self.options, cmd), html_path, '', self.module_name)
def mutate(self, info, email): errors = dict() email = email try: user = User.objects.get(email=email) except User.DoesNotExist: errors['email'] = [EMAIL_ADDRESS_DOES_NOT_EXIST] return RestorePasswordRequest( success=False, field_errors=ErrorType.from_errors(errors)) if not user.is_active or user.is_deleted: return RestorePasswordRequest( message=MessageType(title=RESTORE_PASSWORD_EMAIL_ACTIVE, description=RESTORE_PASSWORD_EMAIL_ACTIVE, type=WARNING_MESSAGE_TYPE)) domain = get_domain(info.context) send_restore_password_link.delay( user_id=user.pk, email=email, domain=domain, ) return RestorePasswordRequest(success=True, message=MessageType( title='RESTORE_PASSWORD_EMAIL_TITLE', description='RESTORE_PASSWORD_EMAIL', type=SUCCESS_MESSAGE_TYPE))
def mutate(self, info, activate_data=None): uid = activate_data.uid pk = force_text(urlsafe_base64_decode(uid)) token = activate_data.token domain = get_domain(info.context) try: user = User.objects.get(pk=pk) if user.is_active and not user.is_deleted: return ActivateAccount( message=MessageType(title=ALREADY_ACTIVATE_ACCOUNT_TITLE, description=ALREADY_ACTIVATE_ACCOUNT, type=WARNING_MESSAGE_TYPE)) if account_activation_token.check_token(user, token): user.is_active = True send_success_confirmation_email.delay( email=user.email, domain=domain, ) user.save() return ActivateAccount( message=MessageType(title=ACTIVATE_ACCOUNT_TITLE, description=ACTIVATE_ACCOUNT, type=SUCCESS_MESSAGE_TYPE)) except User.DoesNotExist: pass raise ValueError(INVALID_TOKEN_ERROR)
def wfuzz(self, domain): strip_domain = utils.get_domain(domain) utils.print_good('Starting wfuzz') cmd = "wfuzz -f $WORKSPACE/directory/quick/{1}-wfuzz.json,json -c -w $PLUGINS_PATH/wordlists/quick-content-discovery.txt -t 100 --sc 200,307 -u '{0}/FUZZ' | tee $WORKSPACE/directory/quick/std-{1}-wfuzz.std".format( domain, strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/{0}-wfuzz.json'.format(strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/std-{0}-wfuzz.std'.format( strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name)
def dirsearch(self, domain): strip_domain = utils.get_domain(domain) utils.print_good('Starting dirsearch') cmd = "python3 $PLUGINS_PATH/dirsearch/dirsearch.py -b -e php,zip,aspx,js --wordlist=$PLUGINS_PATH/wordlists/really-quick.txt -x '302,404' --simple-report=$WORKSPACE/directory/quick/{1}-dirsearch.txt -t 50 -u {0}".format( domain, strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/{0}-dirsearch.txt'.format( strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/std-{0}-dirsearch.std'.format( strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name)
def perform_mutate(cls, serializer, info): user = serializer.save() email = user.email domain = get_domain(info.context) # celery task sign_up_email_confirmation.delay( user_id=user.pk, email=email, domain=domain, ) return cls(errors=None, message=MessageType( title=SUCCESSFULLY_REGISTER, description=SUCCESSFULLY_REGISTER_DESCRIPTION, type=SUCCESS_MESSAGE_TYPE))
def parser(url): response = requester(url) if response: response_url = response.url response_page = response.text load_modules('while-parsing', response=response) if response_page: hrefs = [ re.sub(r'^[\'"]|[\'"]$', '', match.group(1)) for match in re.finditer( r'(?i)<a[^>]+href=("[^"]+?"|\'[^\']+?\'|[^\s]+?)', response_page) ] for href in hrefs: if re.search(r'(?i)^(#|javascript:)', href): continue url = handle_anchor(response_url, href) if var['include']: if not re.match(var['include'], url): continue elif var['exclude']: if re.match(var['exclude'], url): continue this_domain = get_domain(url) for website in config['websites']: if website in this_domain: result['data']['websites'].add(url) break html, extension = isHTML(url) if not html: if extension.lower().startswith(tuple(config['files'])): result['data']['files'].add(url) if in_scope(url): if '=' in url: result['urls']['fuzzable'].add(url) result['urls']['internal'].add(url) else: result['urls']['external'].add(url) scraper(response)
def gobuster(self, domain): utils.print_good('Starting gobuster') if self.options['SPEED'] != 'slow': utils.print_good("Skipping gobuster in quick mode") return strip_domain = utils.get_domain(domain) cmd = '$GO_PATH/gobuster dir -k -q -e -fw -x php,jsp,aspx,html,json -w $PLUGINS_PATH/wordlists/dir-all.txt -t 100 -o $WORKSPACE/directory/{1}-gobuster.txt -s 200,301,307 -u "{0}" '.format( domain, strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/directory/full/{0}-gobuster.json'.format(domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/directory/full/std-{0}-gobuster.std'.format(domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name, nolog=True)
def parsing_config(config_path, args): options = {} # some default path github_api_key = str(os.getenv("GITROB_ACCESS_TOKEN")) cwd = str(os.getcwd()) # just hardcode if gopath not loaded go_path = cwd + "/plugins/go" # go_path = str(os.getenv("GOPATH")) + "/bin" # if "None" in go_path: # go_path = cwd + "/plugins/go" if args.slack: bot_token = str(os.getenv("SLACK_BOT_TOKEN")) else: bot_token = None log_channel = str(os.getenv("LOG_CHANNEL")) status_channel = str(os.getenv("STATUS_CHANNEL")) report_channel = str(os.getenv("REPORT_CHANNEL")) stds_channel = str(os.getenv("STDS_CHANNEL")) verbose_report_channel = str(os.getenv("VERBOSE_REPORT_CHANNEL")) if os.path.isfile(config_path): utils.print_info('Config file detected: {0}'.format(config_path)) # config to logging some output config = ConfigParser(interpolation=ExtendedInterpolation()) config.read(config_path) else: utils.print_info('New config file created: {0}'.format(config_path)) shutil.copyfile(cwd + '/template-config.conf', config_path) config = ConfigParser(interpolation=ExtendedInterpolation()) config.read(config_path) if args.workspace: workspaces = os.path.abspath(args.workspace) else: workspaces = cwd + "/workspaces/" config.set('Enviroments', 'cwd', cwd) config.set('Enviroments', 'go_path', go_path) config.set('Enviroments', 'github_api_key', github_api_key) config.set('Enviroments', 'workspaces', str(workspaces)) if args.debug: config.set('Slack', 'bot_token', 'bot_token') config.set('Slack', 'log_channel', 'log_channel') config.set('Slack', 'status_channel', 'status_channel') config.set('Slack', 'report_channel', 'report_channel') config.set('Slack', 'stds_channel', 'stds_channel') config.set('Slack', 'verbose_report_channel', 'verbose_report_channel') else: config.set('Slack', 'bot_token', str(bot_token)) config.set('Slack', 'log_channel', log_channel) config.set('Slack', 'status_channel', status_channel) config.set('Slack', 'report_channel', report_channel) config.set('Slack', 'stds_channel', stds_channel) config.set('Slack', 'verbose_report_channel', verbose_report_channel) # Mode config of the tool if args.slow and args.slow == 'all': speed = "slow" else: speed = "quick" module = str(args.module) debug = str(args.debug) force = str(args.force) config.set('Mode', 'speed', speed) config.set('Mode', 'module', module) config.set('Mode', 'debug', debug) config.set('Mode', 'force', force) # Target stuff # parsing agument git_target = args.git if args.git else None burpstate_target = args.burp if args.burp else None target_list = args.targetlist if args.targetlist else None company = args.company if args.company else None output = args.output if args.output else None target = args.target if args.target else None strip_target = target if target else None ip = target if target else None workspace = target if target else None # get direct input as single or a file direct_input = args.input if args.input else None direct_input_list = args.inputlist if args.inputlist else None # target config if args.target: target = args.target # set target is direct input if not specific elif direct_input or direct_input_list: if direct_input: # direct_target = utils.url_encode(direct_input) direct_target = direct_input if direct_input_list: direct_target = os.path.basename(direct_input_list) target = direct_target output = args.output if args.output else utils.strip_slash( os.path.splitext(target)[0]) company = args.company if args.company else utils.strip_slash( os.path.splitext(target)[0]) else: target = None # parsing some stuff related to target if target: # get the main domain of the target strip_target = utils.get_domain(target) if '/' in strip_target: strip_target = utils.strip_slash(strip_target) output = args.output if args.output else strip_target company = args.company if args.company else strip_target # url encode to make sure it can be send through API workspace = workspaces + strip_target workspace = utils.url_encode(workspace) # check connection to target if not direct_input and not direct_input_list: try: ip = socket.gethostbyname(strip_target) except: ip = None utils.print_bad( "Something wrong to connect to {0}".format(target)) else: ip = None try: # getting proxy from args proxy = args.proxy if args.proxy else None proxy_file = args.proxy_file if args.proxy_file else None config.set('Proxy', 'proxy', str(proxy)) config.set('Proxy', 'proxy_file', str(proxy_file)) if config['Proxy']['proxy_cmd'] == 'None': # only works for Kali proxychains, change it if you on other OS proxy_cmd = "proxychains -f {0}".format(proxy_file) config.set('Proxy', 'proxy_cmd', str(proxy_cmd)) except: utils.print_info( "Your config file seem to be outdated, Backup it and delete it to regenerate the new one" ) config.set('Target', 'input', str(direct_input)) config.set('Target', 'input_list', str(direct_input_list)) config.set('Target', 'git_target', str(git_target)) config.set('Target', 'burpstate_target', str(burpstate_target)) config.set('Target', 'target_list', str(target_list)) config.set('Target', 'output', str(output)) config.set('Target', 'target', str(target)) config.set('Target', 'strip_target', str(strip_target)) config.set('Target', 'company', str(company)) config.set('Target', 'ip', str(ip)) config.set('Enviroments', 'workspace', str(workspace)) # create workspace folder for the target utils.make_directory(workspace) # set the remote API if args.remote: remote_api = args.remote config.set('Server', 'remote_api', remote_api) # set credentials as you define from agurments if args.auth: # user:pass creds = args.auth.strip().split(":") username = creds[0] password = creds[1] config.set('Server', 'username', username) config.set('Server', 'password', password) else: # set random password if default password detect if config['Server']['password'] == 'super_secret': new_pass = hashlib.md5(str(int( time.time())).encode()).hexdigest()[:6] config.set('Server', 'password', new_pass) # save the config with open(config_path, 'w') as configfile: config.write(configfile) config = ConfigParser(interpolation=ExtendedInterpolation()) config.read(config_path) sections = config.sections() options['CONFIG_PATH'] = os.path.abspath(config_path) for sec in sections: for key in config[sec]: options[key.upper()] = config.get(sec, key) # if args.slow and args.slow != 'all': options['SLOW'] = args.slow # parsing proxy stuff if options.get('PROXY') or options.get('PROXY_FILE'): proxy_parsing(options) else: # just for the old config options['PROXY'] = "None" options['PROXY_FILE'] = "None" options = clean_up(options) return options
def clean_input(raw_input, module='general'): if 'general' in module.lower(): return utils.get_domain(raw_input) elif 'dir' in module.lower(): return raw_input