def wayback_parsing(self): utils.print_good('Starting waybackurl') final_domains = utils.replace_argument( self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt') if self.is_direct: if utils.not_empty_file(self.is_direct): cmd = 'cat {0} | $GO_PATH/waybackurls | tee $WORKSPACE/assets/wayback-$OUTPUT.txt'.format( self.is_direct) # just return if direct input is just a string else: cmd = 'echo {0} | $GO_PATH/waybackurls | tee $WORKSPACE/assets/wayback-$OUTPUT.txt'.format( self.is_direct) else: if not utils.not_empty_file(final_domains): return None else: cmd = 'cat $WORKSPACE/subdomain/final-$OUTPUT.txt | $GO_PATH/waybackurls | tee $WORKSPACE/assets/wayback-$OUTPUT.txt' cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/assets/wayback-$OUTPUT.txt') std_path = utils.replace_argument( self.options, '$WORKSPACE/assets/std-wayback-$OUTPUT.std') execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) utils.print_line()
def __init__(self, options): utils.print_banner("ScreenShot the target") utils.make_directory(options['WORKSPACE'] + '/screenshot') self.module_name = self.__class__.__name__ self.options = options self.options['CURRENT_MODULE'] = self.module_name self.options['SPEED'] = utils.custom_speed(self.options) if utils.resume(self.options, self.module_name): utils.print_info( "It's already done. use '-f' options to force rerun the module" ) return slack.slack_noti( 'status', self.options, mess={ 'title': "{0} | {1}".format(self.options['TARGET'], self.module_name), 'content': 'Start ScreenShot for {0}'.format(self.options['TARGET']) }) self.initial() slack.slack_noti( 'good', self.options, mess={ 'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name), 'content': 'Done ScreenShot for {0}'.format(self.options['TARGET']) }) utils.print_line()
def parsing_to_csv(self): masscan_xml = utils.replace_argument( self.options, '$WORKSPACE/portscan/$OUTPUT-masscan.xml') if not utils.not_empty_file(masscan_xml): return cmd = "python3 $PLUGINS_PATH/nmap-stuff/masscan_xml_parser.py -f $WORKSPACE/portscan/$OUTPUT-masscan.xml -csv $WORKSPACE/portscan/$OUTPUT-masscan.csv" cmd = utils.replace_argument(self.options, cmd) csv_output = utils.replace_argument( self.options, '$WORKSPACE/portscan/$OUTPUT-masscan.csv') execute.send_cmd(self.options, cmd, csv_output, '', self.module_name) time.sleep(2) # csv beatiful if not utils.not_empty_file(csv_output): return utils.print_line() cmd = "cat $WORKSPACE/portscan/$OUTPUT-masscan.csv | csvlook --no-inference | tee $WORKSPACE/portscan/$OUTPUT-masscan-summary.txt" output_path = utils.replace_argument( self.options, '$WORKSPACE/portscan/$OUTPUT-masscan-summary.txt') execute.send_cmd(self.options, utils.replace_argument(self.options, cmd), output_path, '', self.module_name) time.sleep(2) # re-screeenshot the result with open port csv_data = utils.just_read(csv_output) self.screenshots(csv_data)
def __init__(self, options): utils.print_banner("AssetFinding") utils.make_directory(options['WORKSPACE'] + '/assets') self.module_name = self.__class__.__name__ self.options = options self.options['CURRENT_MODULE'] = self.module_name self.options['SPEED'] = utils.custom_speed(self.options) if utils.resume(self.options, self.module_name): utils.print_info( "It's already done. use '-f' options to force rerun the module" ) return self.is_direct = utils.is_direct_mode(options, require_input=True) slack.slack_noti( 'status', self.options, mess={ 'title': "{0} | {1}".format(self.options['TARGET'], self.module_name), 'content': 'Start AssetFinding for {0}'.format(self.options['TARGET']) }) self.initial() utils.just_waiting(self.options, self.module_name) slack.slack_noti( 'good', self.options, mess={ 'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name), 'content': 'Done AssetFinding for {0}'.format(self.options['TARGET']) }) utils.print_line()
def __init__(self, options): utils.print_banner("Reconnaisance") utils.make_directory(options['WORKSPACE'] + '/recon') self.module_name = self.__class__.__name__ self.options = options self.options['CURRENT_MODULE'] = self.module_name self.options['SPEED'] = utils.custom_speed(self.options) if utils.resume(self.options, self.module_name): utils.print_info( "It's already done. use '-f' options to force rerun the module") return slack.slack_noti('status', self.options, mess={ 'title': "{0} | {1}".format(self.options['TARGET'], self.module_name), 'content': 'Start Scanning Subdomain for {0}'.format(self.options['TARGET']) }) self.initial() self.conclude() # this gonna run after module is done to update the main json slack.slack_noti('good', self.options, mess={ 'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name), 'content': 'Done Scanning Subdomain for {0}'.format(self.options['TARGET']) }) utils.print_line()
def full_report(options): global headers try: workspace = utils.get_workspace(options=options) url = options['REMOTE_API'] + "/api/{0}/activities".format(workspace) r = sender(url, headers=headers, data={}, method='GET') if r: raw_reports = r.json() except Exception: log_path = Path(options.get('WORKSPACE')).joinpath('log.json') raw_reports = utils.reading_json(log_path) if not raw_reports: utils.print_bad("Can't get log file for {0} workspace".format( options.get('TARGET'))) return None modules = list(raw_reports.keys()) for module in modules: if check_module(options, module): reports = raw_reports.get(module) utils.print_banner(module) for report in reports: cmd = report.get('cmd') utils.print_info("Command Executed: {0}\n".format(cmd)) output_path = report.get('output_path') std_path = report.get('std_path') if 'raw' in options.get('REPORT').lower(): read_report(std_path) elif 'full' in options.get('REPORT').lower(): read_report(output_path) utils.print_line()
def short_report(options): global headers workspace = utils.get_workspace(options=options) try: url = options['REMOTE_API'] + "/api/module/{0}".format(workspace) r = sender(url, headers=headers, data={}, method='GET') if r: raw_reports = r.json().get('reports', None) except Exception: raw_reports = None if not raw_reports: raw_reports = local_get_report(options).get('reports') if not raw_reports: utils.print_bad("Can't get log file for {0} workspace".format( options.get('TARGET'))) return None # only print out the path if options.get('REPORT') == 'path': path_report(options, raw_reports) return None for item in raw_reports: for report in item.get('reports'): report_path = os.path.join(options.get('WORKSPACES'), report.get('path')) utils.print_info(item.get('module') + ": " + report_path) # checking if get specific module or not if check_module(options, item.get('module')): read_report(report_path) elif options.get('MODULE') == "None": read_report(report_path) utils.print_line()
def create_html_report(self): cmd = "xsltproc -o $WORKSPACE/portscan/final-$OUTPUT.html $PLUGINS_PATH/nmap-stuff/nmap-bootstrap.xsl $WORKSPACE/portscan/$OUTPUT-masscan.xml" cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/portscan/final-$OUTPUT.html') execute.send_cmd(self.options, cmd, output_path, '', self.module_name) utils.print_line()
def __init__(self, options): utils.print_line() utils.print_banner("Create Skeleton JSON file") utils.make_directory(options['WORKSPACE'] + '/info') self.module_name = self.__class__.__name__ self.options = options self.initial() # #this gonna run after module is done to update the main json # self.conclude() utils.print_line()
def run(command): stdout = '' try: process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) # Poll process for new output until finished while True: nextline = process.stdout.readline().decode('utf-8') # store output to log file if nextline == '' and process.poll() is not None: break print(nextline, end='') stdout += nextline sys.stdout.flush() exitCode = process.returncode if (exitCode == 0): return stdout else: utils.print_line() print('Something went wrong with the command below: ') print(command) utils.print_line() return None except: utils.print_line() utils.print_bad('Something went wrong with the command below: ') print(command) utils.print_line() return None
def __init__(self, options): utils.print_banner("CORS Scanning") utils.make_directory(options['WORKSPACE'] + '/cors') self.module_name = self.__class__.__name__ self.options = options if utils.resume(self.options, self.module_name): utils.print_info("It's already done. use '-f' options to force rerun the module") return slack.slack_noti('status', self.options, mess={ 'title': "{0} | {1}".format(self.options['TARGET'], self.module_name), 'content': 'Start Scanning CORS for {0}'.format(self.options['TARGET']) }) self.initial() utils.just_waiting(self.options, self.module_name) slack.slack_noti('good', self.options, mess={ 'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name), 'content': 'Done Scanning CORS for {0}'.format(self.options['TARGET']) }) utils.print_line()
def parsing_to_csv(self): nmap_detail_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/details') # create all csv based on xml file for file in utils.list_files(nmap_detail_path, ext='xml'): # print(file) cmd = "python3 $PLUGINS_PATH/nmap-stuff/nmap_xml_parser.py -f {0} -csv $WORKSPACE/vulnscan/details/$OUTPUT-nmap.csv".format( file) cmd = utils.replace_argument(self.options, cmd) csv_output = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/details/$OUTPUT-nmap.csv') # just return if this was done without checking anything if utils.not_empty_file(csv_output): return execute.send_cmd(self.options, cmd, csv_output, '', self.module_name) time.sleep(5) # looping through all csv file all_csv = "IP,Host,OS,Proto,Port,Service,Product,Service FP,NSE Script ID,NSE Script Output,Notes\n" for file in utils.list_files(nmap_detail_path, ext='csv'): all_csv += "\n".join(utils.just_read(file).splitlines()[1:]) csv_summary_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/summary-$OUTPUT.csv') utils.just_write(csv_summary_path, all_csv) utils.print_line() # beautiful csv look cmd = "csvcut -c 1-7 $WORKSPACE/vulnscan/summary-$OUTPUT.csv | csvlook --no-inference | tee $WORKSPACE/vulnscan/std-$OUTPUT-summary.std" cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/std-$OUTPUT-summary.std') execute.send_cmd(self.options, cmd, output_path, '', self.module_name) self.screenshots(all_csv)
def dig_info(self): utils.print_good('Starting basic Dig') utils.make_directory(self.options['WORKSPACE'] + '/screenshot/digs') final_subdomains = utils.replace_argument( self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt') #run command directly instead of run it via module cause there're a lot of command to run all_domains = utils.just_read(final_subdomains).splitlines() if self.options['DEBUG'] == 'True': all_domains = all_domains[:10] custom_logs = {"module": self.module_name, "content": []} for part in list(utils.chunks(all_domains, 5)): for domain in part: cmd = utils.replace_argument( self.options, 'dig all {0} | tee $WORKSPACE/screenshot/digs/{0}.txt'. format(domain)) output_path = utils.replace_argument( self.options, 'tee $WORKSPACE/screenshot/digs/{0}.txt'.format(domain)) execute.send_cmd(self.options, cmd, '', '', self.module_name, True) # time.sleep(0.5) custom_logs['content'].append({ "cmd": cmd, "std_path": '', "output_path": output_path, "status": "Done" }) #just wait couple seconds and continue but not completely stop the routine time.sleep(5) print(custom_logs) #submit a log utils.print_info('Update activities log') utils.update_activities(self.options, str(custom_logs)) utils.print_line()
def get_http(self): utils.print_good('Starting httprobe') if self.is_direct: if utils.not_empty_file(self.is_direct): cmd = 'cat {0} | $GO_PATH/httprobe -c 100 -t 20000 -v | tee $WORKSPACE/assets/http-$OUTPUT.txt'.format( self.is_direct) # just return if direct input is just a string else: utils.print_bad("httprobe required input as a file.") return None else: cmd = 'cat $WORKSPACE/subdomain/final-$OUTPUT.txt | $GO_PATH/httprobe -c 100 -t 20000 -v | tee $WORKSPACE/assets/http-$OUTPUT.txt' cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/assets/http-$OUTPUT.txt') std_path = utils.replace_argument( self.options, '$WORKSPACE/assets/http-$OUTPUT.txt') execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) utils.print_line()
def __init__(self, options): utils.print_banner("IP Discovery") utils.make_directory(options['WORKSPACE'] + '/ipspace') self.module_name = self.__class__.__name__ self.options = options if utils.resume(self.options, self.module_name): utils.print_info( "It's already done. use '-f' options to force rerun the module" ) return slack.slack_noti( 'status', self.options, mess={ 'title': "{0} | {1}".format(self.options['TARGET'], self.module_name), 'content': 'Start IP Discovery for {0}'.format(self.options['TARGET']) }) self.initial() utils.just_waiting(self.options, self.module_name) try: self.conclude() except: utils.print_bad("Something wrong with conclude for {0}".format( self.module_name)) slack.slack_noti( 'good', self.options, mess={ 'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name), 'content': 'Done IP Discovery for {0}'.format(self.options['TARGET']) }) utils.print_line()