def slack_done(options): utils.print_info(f"Sending {noti_type} notification to slack") channel = options.get('STATUS_CHANNEL') module = options.get('CURRENT_MODULE') target = options.get('TARGET') emoji = get_emoji() message = f'{emoji} Done *{module}* on *{target}*' client = slack.WebClient(token=options.get('SLACK_BOT_TOKEN')) client.chat_postMessage( channel=channel, blocks=[ { "type": "section", "text": { "type": "mrkdwn", "text": message, }, # "accessory": { # "type": "image", # "image_url": get_emoji(), # "alt_text": 'status', # } }, { "type": "divider" } ] )
def parsing_argument(args): # parsing agument options = config.parsing_config(args) # Start Django API if it's not running if not args.client: if not utils.connection_check('127.0.0.1', 8000): p = Process(target=start_server, args=(options.get('localhost'), )) p.start() # wait for Django API start time.sleep(3) else: utils.print_info("Look like Django API already ran") options = auth.login(options) if not options or not (options['JWT'] and options['JWT'] != "None"): utils.print_bad("Can't login to get JWT") sys.exit(-1) # run list of target if options.get('target_list') and utils.not_empty_file( options.get('target_list')): targets = utils.just_read(options.get('target_list'), get_list=True) for target in targets: options['raw_target'] = target options['workspace'] = target single_target(options) else: single_target(options)
def custom_help_(): utils.print_info( "Visit this page for complete usage: https://j3ssie.github.io/Osmedeus/") print('''{1} {2}Basic Usage{1} =========== python3 osmedeus.py -t <your_target> python3 osmedeus.py -t <your_target> --slack --monitor python3 osmedeus.py -t <your_target> --telegram python3 osmedeus.py -T <list_of_targets> python3 osmedeus.py -m <module> [-i <input>|-I <input_file>] [-t workspace_name] python3 osmedeus.py --report <mode> -t <workspace> [-m <module>] {2}Advanced Usage{1} ============== {0}[*] List all module{1} python3 osmedeus.py -M {0}[*] List all report mode{1} python3 osmedeus.py --report help {0}[*] Running with specific module{1} python3 osmedeus.py -w <result_folder> -m <module_name> -i <your_target> {0}[*] Example command{1} python3 osmedeus.py -w sample2 -m vuln -i hosts.txt python3 osmedeus.py -w sample2 -m dirb -I /tmp/list_of_hosts.txt {2}Remote Options{1} ============== --remote REMOTE Remote address for API, (default: https://127.0.0.1:5000) --auth AUTH Specify authentication e.g: --auth="username:password" See your config file for more detail (default: {2}core/config.conf{1}) --client just run client stuff in case you already ran the Django server before {2}More options{1} ============== --update Update lastest from git -c CONFIG, --config CONFIG Specify config file (default: {2}core/config.conf{1}) -w WORKSPACE, --workspace WORKSPACE Custom workspace folder -f, --force force to run the module again if output exists -s, --slow "all" All module running as slow mode -s, --slow "subdomain" Only running slow mode in subdomain module --slack Enable slack notification --telegram Enable telegram notification --monitor Enable monitor new assets --debug Just for debug purpose '''.format(G, GR, B)) sys.exit(0)
def resume(self): polling.clear_activities(self.options) # checking if final result of the module is done or not final_output = report.get_report_path(self.options, get_final=True) if utils.is_done(self.options, final_output): utils.print_info( "Module already done. Use '-f' option if you want to re run it") return False return True
def sub_routine(self, commands, kind='post'): utils.print_info('Starting {0} routine for {1}'.format( kind, self.options.get('CURRENT_MODULE'))) for command in commands: if 'pre' in kind: sub_method = command.get('pre_run') elif 'post' in kind: sub_method = command.get('post_run') if sub_method and sub_method in self.methods: # bypass this and get a RCE :) eval_string = utils.safe_eval('self.{0}(command)', sub_method) if eval_string: eval(eval_string) utils.random_sleep(fixed=0.5)
def slack_notification(noti_type, options, output=None): utils.print_info(f"Sending {noti_type} notification to slack") if not options.get('SLACK'): return if output and 'report' in noti_type: if type(output) == list: output = list(set(output)) for report in output: if utils.not_empty_file(report): slack_file(options, report) else: if utils.not_empty_file(output): slack_file(options, output) else: slack_noti(options, str(noti_type))
def parsing_argument(args): # parsing agument options = config.parsing_config(args) # Start Django API if it's not if not args.client: if not utils.connection_check('127.0.0.1', 8000): utils.print_line() p = Process(target=start_server) p.start() # wait for Django API start time.sleep(3) utils.print_line() else: utils.print_info("Look like Django API already ran") options = auth.login(options) single_target(options)
def _config_file_handle(config_path, remote, credentials): # checking for config path if os.path.isfile(config_path): utils.print_info('Loading config file from: {0}'.format(config_path)) else: utils.print_info('New config file created: {0}'.format(config_path)) utils.file_copy(utils.TEMPLATE_CLIENT_CONFIG, config_path) configs = utils.just_read_config(config_path, raw=True) remote, credentials = _handle_remote(remote, credentials, configs) # write the config again configs.set('Server', 'remote_api', remote) configs.set('Server', 'username', credentials[0]) configs.set('Server', 'password', credentials[1]) with open(config_path, 'w+') as configfile: configs.write(configfile) return remote, credentials
def get_subdomains(self, command): utils.print_info("Joining all previous subdomain") final_path = command.get('requirement') if utils.not_empty_file(final_path): return subdomain_modules = [ 'SubdomainScanning', 'PermutationScan', 'VhostScan' ] needed_reports = [] # get reports reports = report.get_report_path(self.options, module=False) for rep in reports: if rep.get('module') in subdomain_modules and 'final' in rep.get( 'note'): if utils.not_empty_file(rep.get('report_path')): needed_reports.append(rep.get('report_path')) utils.join_files(needed_reports, final_path) if utils.not_empty_file(final_path): utils.check_output(final_path)
def waiting(options, delay=20, times=0): elapsed_time = 0 if times: count = 0 module_name = options.get('CURRENT_MODULE', False) utils.print_info('Waiting for {0} module'.format(module_name)) checking = poll_status(options) while checking: time.sleep(delay) if not times: # just don't print this too much if ((elapsed_time / delay) % 10) == 0: utils.print_info('Waiting for {0} module'.format(module_name)) time.sleep(delay) if times: utils.print_info('Waiting for {0} module {1}/{2}'.format( module_name, str(count), str(times))) if count == int(times): poll_status(options, forced=True) utils.print_bad( "Something bad with {0} module but force to continue". format(module_name)) break count += 1 checking = poll_status(options)
def init_workspace(options): url = options.get('remote_api') + "/api/workspace/create/" headers = send.osmedeus_headers headers['Authorization'] = options.get('JWT') body = { "raw_target": options.get('raw_target'), 'mode': options.get('mode'), 'modules': options.get('modules', 'None'), 'speed': options.get('speed'), 'forced': options.get('forced'), 'debug': options.get('debug'), } if options.get('workspace', False): body["workspace"] = options.get('workspace') r = send.send_post(url, body, headers=headers, is_json=True) if r: options['workspace'] = r.json().get('workspace') # just print some log if r.json().get('status') == 200: utils.print_good("New workspace created") elif r.json().get('status') == 442: utils.print_info( "Workspaces already exists. Use '-w <new workspace name>' option if you want to create new one" ) arguments = get_workspace_info(options) if arguments: options = {**options, **arguments} # just upper all key final_options = {} for key in options.keys(): final_options[key.upper()] = options.get(key) return final_options utils.print_bad("Fail to create new workspace") return False
def initial(self): self.banner() self.module_name = self.__class__.__name__ self.delay = 30 self.options['CURRENT_MODULE'] = str(self.module_name) # check if you want to ignore a module or not if speed.excluded(self.options): utils.print_info("Detect Ignore module: {0}".format( self.module_name)) return # check speed of the modules self.options['CURRENT_SPEED'] = speed.parse_speed(self.options) # check report file here if not self.resume(): utils.print_line() return slack_noti.slack_notification('status', self.options) self.routine() # some noti here self.conclude() slack_noti.slack_notification('done', self.options) self.additional_routine()