def conclude(self): self.unique_result() utils.print_banner("Conclusion for {0}".format(self.module_name)) main_json = utils.reading_json( utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) all_subdomain = utils.replace_argument( self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt') with open(all_subdomain, 'r') as s: subdomains = s.read().splitlines() for subdomain in subdomains: main_json['Subdomains'].append({"Domain": subdomain}) main_json['Modules'][self.module_name] = utils.checking_done( module=self.module_name, get_json=True) utils.just_write(utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json'), main_json, is_json=True) #write that json again # utils.just_write(utils.reading_json(), main_json, is_json=True) #logging logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(logfile) utils.print_banner("{0}".format(self.module_name))
def quick_gobuster(self): utils.print_good('Starting gobuster for short wordlist') if self.is_direct: domains = utils.just_read(self.is_direct).splitlines() else: #matching IP with subdomain main_json = utils.reading_json( utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) domains = [x.get('Domain') for x in main_json['Subdomains']] if self.options['DEBUG'] == 'True': domains = domains[:5] custom_logs = {"module": self.module_name, "content": []} for part in utils.chunks(domains, 3): for domain in part: #just strip everything to save local, it won't affect the result strip_domain = domain.replace('http://', '').replace( 'https://', '').replace('/', '-') cmd = '$GO_PATH/gobuster -k -q -e -x php,jsp,aspx,html,json -w $PLUGINS_PATH/wordlists/quick-content-discovery.txt -t 100 -o $WORKSPACE/directory/{1}-gobuster.txt -s 200,301,307 -u "{0}" '.format( domain.strip(), strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/{0}-gobuster.txt'.format( strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/std-{0}-gobuster.std'.format( strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) # time.sleep(0.5) #set status to done because this gonna will be submit when all command was done custom_logs['content'].append({ "cmd": cmd, "std_path": std_path, "output_path": output_path, "status": "Done" }) #just wait couple seconds and continue but not completely stop the routine time.sleep(20) #submit a log utils.print_info('Update activities log') utils.force_done(self.options, self.module_name) # utils.update_activities(self.options, str(custom_logs)) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def conclude(self): output_path = utils.replace_argument( self.options, '$WORKSPACE/portscan/$OUTPUT-masscan.xml') if not utils.not_empty_file(output_path): return self.create_html_report() self.parsing_to_csv() # parsing masscan xml tree = ET.parse(output_path) root = tree.getroot() masscan_json = {} for host in root.iter('host'): ip = host[0].get('addr') ports = [(str(x.get('portid')) + "/" + str(x.get('protocol'))) for x in host[1]] masscan_json[ip] = ports main_json = utils.reading_json(utils.replace_argument( self.options, '$WORKSPACE/$COMPANY.json')) # update the main json for i in range(len(main_json['Subdomains'])): ip = main_json['Subdomains'][i].get('IP') if ip != "N/A" and ip in masscan_json.keys(): main_json['Subdomains'][i]['Ports'] = masscan_json.get(ip) # just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile) utils.just_write(utils.replace_argument( self.options, '$WORKSPACE/$COMPANY.json'), main_json, is_json=True)
def nmap_vuln_list(self, ip_list): utils.print_good('Starting Nmap VulnScan') # Scan every 2 IP at time Increse if you want for part in utils.chunks(ip_list, 2): for ip in part: encode_input = utils.strip_slash(ip.strip()) cmd = 'sudo nmap --open -T4 -Pn -n -sSV -p- {0} --script $PLUGINS_PATH/nmap-stuff/vulners.nse --oA $WORKSPACE/vulnscan/details/{1}-nmap'.format( ip.strip(), encode_input) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/details/{0}-nmap.nmap'.format( encode_input)) std_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/details/std-{0}-nmap.std'.format( encode_input)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) # check if previous task done or not every 30 second utils.just_waiting(self.options, self.module_name, seconds=120) self.parsing_to_csv() # just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def conclude(self): utils.print_banner("Conclusion for {0}".format(self.module_name)) main_json = utils.reading_json( utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) main_json['Modules'][self.module_name] = utils.checking_done( module=self.module_name, get_json=True) ips_file = utils.replace_argument( self.options, '$WORKSPACE/ipspace/$OUTPUT-ipspace.txt') with open(ips_file, 'r') as s: ips = s.read().splitlines() main_json['IP Space'] = ips # print(main_json['IP Space']) #write that json again utils.just_write(utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json'), main_json, is_json=True) #logging logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(logfile) utils.print_banner("{0} Done".format(self.module_name))
def conclude(self): output_path = utils.replace_argument( self.options, '$WORKSPACE/portscan/$OUTPUT-masscan.xml') if not utils.not_empty_file(output_path): return self.create_html_report() #parsing masscan xml tree = ET.parse(output_path) root = tree.getroot() masscan_json = {} for host in root.iter('host'): ip = host[0].get('addr') ports = [(str(x.get('portid')) + "/" + str(x.get('protocol'))) for x in host[1]] masscan_json[ip] = ports main_json = utils.reading_json(utils.replace_argument( self.options, '$WORKSPACE/$COMPANY.json')) #update the main json for i in range(len(main_json['Subdomains'])): ip = main_json['Subdomains'][i].get('IP') if ip != "N/A" and ip in masscan_json.keys(): main_json['Subdomains'][i]['Ports'] = masscan_json.get(ip) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile) utils.just_write(utils.replace_argument( self.options, '$WORKSPACE/$COMPANY.json'), main_json, is_json=True)
def dirsearch(self): utils.print_good('Starting dirsearch') if self.is_direct: domains = utils.just_read(self.is_direct).splitlines() else: #matching IP with subdomain main_json = utils.reading_json( utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) domains = [x.get('Domain') for x in main_json['Subdomains']] if self.options['DEBUG'] == 'True': domains = domains[:5] custom_logs = {"module": self.module_name, "content": []} for part in utils.chunks(domains, 3): for domain in part: #just strip everything to save local, it won't affect the result strip_domain = domain.replace('http://', '').replace( 'https://', '').replace('/', '-') cmd = "python3 $PLUGINS_PATH/dirsearch/dirsearch.py -b -e php,zip,aspx,js --wordlist=$PLUGINS_PATH/wordlists/really-quick.txt --simple-report=$WORKSPACE/directory/quick/{1}-dirsearch.txt -t 50 -u {0}".format( domain, strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/{0}-dirsearch.txt'.format( strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/std-{0}-dirsearch.std'.format( strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) # time.sleep(0.5) #set status to done because this gonna will be submit when all command was done custom_logs['content'].append({ "cmd": cmd, "std_path": std_path, "output_path": output_path, "status": "Done" }) #just wait couple seconds and continue but not completely stop the routine time.sleep(20) #submit a log utils.print_info('Update activities log') # utils.update_activities(self.options, str(custom_logs)) utils.force_done(self.options, self.module_name) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def conclude(self): main_json = utils.reading_json(utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) main_json['Modules'][self.module_name] = utils.checking_done(module=self.module_name, get_json=True) #write that json again utils.just_write(utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json'), main_json, is_json=True) #logging logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(logfile) utils.print_banner("{0} Done".format(self.module_name))
def run(self): commands = execute.get_commands(self.options, self.module_name).get('routines') for item in commands: utils.print_good('Starting {0}'.format(item.get('banner'))) #really execute it execute.send_cmd(self.options, item.get('cmd'), item.get( 'output_path'), item.get('std_path'), self.module_name) utils.just_waiting(self.options, self.module_name, seconds=10) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def run(self): commands = execute.get_commands(self.module_name).get('routines') for item in commands: utils.print_good('Starting {0}'.format(item.get('banner'))) #really execute it execute.send_cmd(item.get('cmd'), item.get('output_path'), item.get('std_path'), self.module_name) utils.just_waiting(self.module_name, seconds=2) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(logfile)
def nmap_vuln(self): utils.print_good('Starting Nmap VulnScan') if self.is_direct: ip_list = utils.just_read(self.is_direct).splitlines() ip_list = list(set([ip for ip in ip_list if ip != 'N/A'])) else: main_json = utils.reading_json( utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) main_json['Modules'][self.module_name] = [] if self.options['SPEED'] == 'slow': ip_list = [ x.get("IP") for x in main_json['Subdomains'] if x.get("IP") is not None ] + main_json['IP Space'] elif self.options['SPEED'] == 'quick': ip_list = [ x.get("IP") for x in main_json['Subdomains'] if x.get("IP") is not None ] ip_list = list(set([ip for ip in ip_list if ip != 'N/A'])) if self.options['DEBUG'] == 'True': ip_list = list(ip_list)[:5] # Scan every 5 IP at time Increse if you want for part in utils.chunks(ip_list, 2): for ip in part: cmd = 'sudo nmap --open -T4 -Pn -n -sSV -p- {0} --script $PLUGINS_PATH/vulners.nse --oA $WORKSPACE/vulnscan/{0}-nmap'.format( ip.strip()) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/{0}-nmap.nmap'.format(ip.strip())) std_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/std-{0}-nmap.std'.format(ip.strip())) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) # check if previous task done or not every 30 second while not utils.checking_done(self.options, module=self.module_name): time.sleep(60) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def dirsearch(self): utils.print_good('Starting dirsearch') if self.is_direct: domains = utils.just_read(self.is_direct).splitlines() else: #matching IP with subdomain main_json = utils.reading_json(utils.replace_argument( self.options, '$WORKSPACE/$COMPANY.json')) domains = [x.get('Domain') for x in main_json['Subdomains']] if self.options['DEBUG'] == 'True': domains = domains[:5] custom_logs = {"module": self.module_name, "content": []} for part in utils.chunks(domains, 3): for domain in part: #just strip everything to save local, it won't affect the result strip_domain = domain.replace( 'http://', '').replace('https://', '').replace('/', '-') cmd = "python3 $PLUGINS_PATH/dirsearch/dirsearch.py -b -e php,zip,aspx,js --wordlist=$PLUGINS_PATH/wordlists/really-quick.txt --simple-report=$WORKSPACE/directory/quick/{1}-dirsearch.txt -t 50 -u {0}".format( domain, strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/{0}-dirsearch.txt'.format(strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/std-{0}-dirsearch.std'.format(strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) # time.sleep(0.5) #set status to done because this gonna will be submit when all command was done custom_logs['content'].append( {"cmd": cmd, "std_path": std_path, "output_path": output_path, "status": "Done"}) #just wait couple seconds and continue but not completely stop the routine time.sleep(20) #submit a log utils.print_info('Update activities log') # utils.update_activities(self.options, str(custom_logs)) utils.force_done(self.options, self.module_name) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def quick_gobuster(self): utils.print_good('Starting gobuster for short wordlist') if self.is_direct: domains = utils.just_read(self.is_direct).splitlines() else: #matching IP with subdomain main_json = utils.reading_json(utils.replace_argument(self.options, '$WORKSPACE/$COMPANY.json')) domains = [x.get('Domain') for x in main_json['Subdomains']] if self.options['DEBUG'] == 'True': domains = domains[:5] custom_logs = {"module": self.module_name, "content": []} for part in utils.chunks(domains, 3): for domain in part: #just strip everything to save local, it won't affect the result strip_domain = domain.replace( 'http://', '').replace('https://', '').replace('/', '-') cmd = '$GO_PATH/gobuster -k -q -e -x php,jsp,aspx,html,json -w $PLUGINS_PATH/wordlists/quick-content-discovery.txt -t 100 -o $WORKSPACE/directory/{1}-gobuster.txt -s 200,301,307 -u "{0}" '.format( domain.strip(), strip_domain) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/{0}-gobuster.txt'.format(strip_domain)) std_path = utils.replace_argument( self.options, '$WORKSPACE/directory/quick/std-{0}-gobuster.std'.format(strip_domain)) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) # time.sleep(0.5) #set status to done because this gonna will be submit when all command was done custom_logs['content'].append({"cmd": cmd, "std_path": std_path, "output_path": output_path, "status": "Done"}) #just wait couple seconds and continue but not completely stop the routine time.sleep(20) #submit a log utils.print_info('Update activities log') utils.force_done(self.options, self.module_name) # utils.update_activities(self.options, str(custom_logs)) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def dirb_all(self, domains): for domain in domains: # passing domain to content directory tools self.dirsearch(domain.strip()) self.wfuzz(domain.strip()) self.gobuster(domain.strip()) # just wait couple seconds and continue but not completely stop the routine time.sleep(60) # brute with 3 tools utils.force_done(self.options, self.module_name) # just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def run(self): commands = execute.get_commands(self.options, self.module_name).get('routines') if self.options['DEBUG'] == "True": commands = [commands[1]] for item in commands: utils.print_good('Starting {0}'.format(item.get('banner'))) # really execute it execute.send_cmd(self.options, item.get('cmd'), item.get( 'output_path'), item.get('std_path'), self.module_name) time.sleep(1) self.massdns() utils.just_waiting(self.options, self.module_name, seconds=5) # just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def nmap_vuln(self): utils.print_good('Starting Nmap VulnScan') if self.is_direct: ip_list = utils.just_read(self.is_direct).splitlines() ip_list = list(set([ip for ip in ip_list if ip != 'N/A'])) else: main_json = utils.reading_json(utils.replace_argument( self.options, '$WORKSPACE/$COMPANY.json')) main_json['Modules'][self.module_name] = [] if self.options['SPEED'] == 'slow': ip_list = [x.get("IP") for x in main_json['Subdomains'] if x.get("IP") is not None] + main_json['IP Space'] elif self.options['SPEED'] == 'quick': ip_list = [x.get("IP") for x in main_json['Subdomains'] if x.get("IP") is not None] ip_list = list(set([ip for ip in ip_list if ip != 'N/A'])) if self.options['DEBUG'] == 'True': ip_list = list(ip_list)[:5] # Scan every 5 IP at time Increse if you want for part in utils.chunks(ip_list, 2): for ip in part: cmd = 'sudo nmap --open -T4 -Pn -n -sSV -p- {0} --script $PLUGINS_PATH/vulners.nse --oA $WORKSPACE/vulnscan/{0}-nmap'.format( ip.strip()) cmd = utils.replace_argument(self.options, cmd) output_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/{0}-nmap.nmap'.format(ip.strip())) std_path = utils.replace_argument( self.options, '$WORKSPACE/vulnscan/std-{0}-nmap.std'.format(ip.strip())) execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name) # check if previous task done or not every 30 second while not utils.checking_done(self.options, module=self.module_name): time.sleep(60) #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile)
def conclude(self): logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(logfile)
def save_log(self): logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile) if self.options.get('CLIENT'): utils.just_shutdown_flask(self.options)
def conclude(self): # just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile) utils.print_banner("Conclusion for {0}".format(self.module_name))
def save_log(self): logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(logfile) utils.just_shutdown_flask()
def conclude(self): #just save commands logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json') utils.save_all_cmd(self.options, logfile) utils.print_banner("Conclusion for {0}".format(self.module_name))