def nmap_vuln_list(self, ip_list):
utils.print_good('Starting Nmap VulnScan')
# Scan every 2 IP at time Increse if you want
for part in utils.chunks(ip_list, 2):
for ip in part:
encode_input = utils.strip_slash(ip.strip())
cmd = 'sudo nmap --open -T4 -Pn -n -sSV -p- {0} --script $PLUGINS_PATH/nmap-stuff/vulners.nse --oA $WORKSPACE/vulnscan/details/{1}-nmap'.format(
ip.strip(), encode_input)
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options,
'$WORKSPACE/vulnscan/details/{0}-nmap.nmap'.format(
encode_input))
std_path = utils.replace_argument(
self.options,
'$WORKSPACE/vulnscan/details/std-{0}-nmap.std'.format(
encode_input))
execute.send_cmd(self.options, cmd, output_path, std_path,
self.module_name)
# check if previous task done or not every 30 second
utils.just_waiting(self.options, self.module_name, seconds=120)
self.parsing_to_csv()
# just save commands
logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json')
utils.save_all_cmd(self.options, logfile)
def nmap_single(self, input_target):
encode_input = utils.strip_slash(input_target)
cmd = 'sudo nmap --open -T4 -Pn -n -sSV -p- {0} --script $PLUGINS_PATH/nmap-stuff/vulners.nse --oA $WORKSPACE/vulnscan/details/{1}-nmap'.format(
input_target, encode_input)
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options,
'$WORKSPACE/vulnscan/details/{0}-nmap.nmap'.format(encode_input))
std_path = utils.replace_argument(
self.options,
'$WORKSPACE/vulnscan/details/std-{0}-nmap.std'.format(
encode_input))
execute.send_cmd(self.options, cmd, output_path, std_path,
self.module_name)
def parsing_config(config_path, args):
options = {}
# some default path
github_api_key = str(os.getenv("GITROB_ACCESS_TOKEN"))
cwd = str(os.getcwd())
# just hardcode if gopath not loaded
go_path = cwd + "/plugins/go"
# go_path = str(os.getenv("GOPATH")) + "/bin"
# if "None" in go_path:
# go_path = cwd + "/plugins/go"
if args.slack:
bot_token = str(os.getenv("SLACK_BOT_TOKEN"))
else:
bot_token = None
log_channel = str(os.getenv("LOG_CHANNEL"))
status_channel = str(os.getenv("STATUS_CHANNEL"))
report_channel = str(os.getenv("REPORT_CHANNEL"))
stds_channel = str(os.getenv("STDS_CHANNEL"))
verbose_report_channel = str(os.getenv("VERBOSE_REPORT_CHANNEL"))
if os.path.isfile(config_path):
utils.print_info('Config file detected: {0}'.format(config_path))
# config to logging some output
config = ConfigParser(interpolation=ExtendedInterpolation())
config.read(config_path)
else:
utils.print_info('New config file created: {0}'.format(config_path))
shutil.copyfile(cwd + '/template-config.conf', config_path)
config = ConfigParser(interpolation=ExtendedInterpolation())
config.read(config_path)
if args.workspace:
workspaces = os.path.abspath(args.workspace)
else:
workspaces = cwd + "/workspaces/"
config.set('Enviroments', 'cwd', cwd)
config.set('Enviroments', 'go_path', go_path)
config.set('Enviroments', 'github_api_key', github_api_key)
config.set('Enviroments', 'workspaces', str(workspaces))
if args.debug:
config.set('Slack', 'bot_token', 'bot_token')
config.set('Slack', 'log_channel', 'log_channel')
config.set('Slack', 'status_channel', 'status_channel')
config.set('Slack', 'report_channel', 'report_channel')
config.set('Slack', 'stds_channel', 'stds_channel')
config.set('Slack', 'verbose_report_channel', 'verbose_report_channel')
else:
config.set('Slack', 'bot_token', str(bot_token))
config.set('Slack', 'log_channel', log_channel)
config.set('Slack', 'status_channel', status_channel)
config.set('Slack', 'report_channel', report_channel)
config.set('Slack', 'stds_channel', stds_channel)
config.set('Slack', 'verbose_report_channel', verbose_report_channel)
# Mode config of the tool
if args.slow and args.slow == 'all':
speed = "slow"
else:
speed = "quick"
module = str(args.module)
debug = str(args.debug)
force = str(args.force)
config.set('Mode', 'speed', speed)
config.set('Mode', 'module', module)
config.set('Mode', 'debug', debug)
config.set('Mode', 'force', force)
# Target stuff
# parsing agument
git_target = args.git if args.git else None
burpstate_target = args.burp if args.burp else None
target_list = args.targetlist if args.targetlist else None
company = args.company if args.company else None
output = args.output if args.output else None
target = args.target if args.target else None
strip_target = target if target else None
ip = target if target else None
workspace = target if target else None
# get direct input as single or a file
direct_input = args.input if args.input else None
direct_input_list = args.inputlist if args.inputlist else None
# target config
if args.target:
target = args.target
# set target is direct input if not specific
elif direct_input or direct_input_list:
if direct_input:
# direct_target = utils.url_encode(direct_input)
direct_target = direct_input
if direct_input_list:
direct_target = os.path.basename(direct_input_list)
target = direct_target
output = args.output if args.output else utils.strip_slash(
os.path.splitext(target)[0])
company = args.company if args.company else utils.strip_slash(
os.path.splitext(target)[0])
else:
target = None
# parsing some stuff related to target
if target:
# get the main domain of the target
strip_target = utils.get_domain(target)
if '/' in strip_target:
strip_target = utils.strip_slash(strip_target)
output = args.output if args.output else strip_target
company = args.company if args.company else strip_target
# url encode to make sure it can be send through API
workspace = workspaces + strip_target
workspace = utils.url_encode(workspace)
# check connection to target
if not direct_input and not direct_input_list:
try:
ip = socket.gethostbyname(strip_target)
except:
ip = None
utils.print_bad(
"Something wrong to connect to {0}".format(target))
else:
ip = None
try:
# getting proxy from args
proxy = args.proxy if args.proxy else None
proxy_file = args.proxy_file if args.proxy_file else None
config.set('Proxy', 'proxy', str(proxy))
config.set('Proxy', 'proxy_file', str(proxy_file))
if config['Proxy']['proxy_cmd'] == 'None':
# only works for Kali proxychains, change it if you on other OS
proxy_cmd = "proxychains -f {0}".format(proxy_file)
config.set('Proxy', 'proxy_cmd', str(proxy_cmd))
except:
utils.print_info(
"Your config file seem to be outdated, Backup it and delete it to regenerate the new one"
)
config.set('Target', 'input', str(direct_input))
config.set('Target', 'input_list', str(direct_input_list))
config.set('Target', 'git_target', str(git_target))
config.set('Target', 'burpstate_target', str(burpstate_target))
config.set('Target', 'target_list', str(target_list))
config.set('Target', 'output', str(output))
config.set('Target', 'target', str(target))
config.set('Target', 'strip_target', str(strip_target))
config.set('Target', 'company', str(company))
config.set('Target', 'ip', str(ip))
config.set('Enviroments', 'workspace', str(workspace))
# create workspace folder for the target
utils.make_directory(workspace)
# set the remote API
if args.remote:
remote_api = args.remote
config.set('Server', 'remote_api', remote_api)
# set credentials as you define from agurments
if args.auth:
# user:pass
creds = args.auth.strip().split(":")
username = creds[0]
password = creds[1]
config.set('Server', 'username', username)
config.set('Server', 'password', password)
else:
# set random password if default password detect
if config['Server']['password'] == 'super_secret':
new_pass = hashlib.md5(str(int(
time.time())).encode()).hexdigest()[:6]
config.set('Server', 'password', new_pass)
# save the config
with open(config_path, 'w') as configfile:
config.write(configfile)
config = ConfigParser(interpolation=ExtendedInterpolation())
config.read(config_path)
sections = config.sections()
options['CONFIG_PATH'] = os.path.abspath(config_path)
for sec in sections:
for key in config[sec]:
options[key.upper()] = config.get(sec, key)
#
if args.slow and args.slow != 'all':
options['SLOW'] = args.slow
# parsing proxy stuff
if options.get('PROXY') or options.get('PROXY_FILE'):
proxy_parsing(options)
else:
# just for the old config
options['PROXY'] = "None"
options['PROXY_FILE'] = "None"
options = clean_up(options)
return options