crash.software
Projects
Pull Requests
Issues
Builds
0rly
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY 0rly Commits 2efab57d
🤬
  • ■ ■ ■ ■ ■ ■
    v1-bash/0rly-quiet.sh
     1 +#!/usr/bin/env bash
     2 +_BNR="ICAbWzE7MzJtICDilojilojilojiloggICAgICAgICAg4paI4paIICAgICAgICAgICDilojilojilojiloggG1swbQogIBtbMTszMm0g4paI4paR4paR4paR4paI4paIICAgICAgICDilpHilojiloggIOKWiOKWiCAgIOKWiOKWiCDilojilojilpHilpHilojilogbWzBtCiAgG1sxOzMybeKWkeKWiCAg4paI4paR4paIIOKWiOKWiOKWiOKWiOKWiOKWiCDilpHilojilogg4paR4paR4paI4paIIOKWiOKWiCDilpHilojilogg4paR4paI4paIG1swbQogIBtbMTszMm3ilpHilogg4paIIOKWkeKWiOKWkeKWkeKWiOKWiOKWkeKWkeKWiCDilpHilojiloggIOKWkeKWkeKWiOKWiOKWiCAg4paR4paRICDilojiloggG1swbQogIBtbMTszMm3ilpHilojiloggIOKWkeKWiCDilpHilojilogg4paRICDilpHilojiloggICDilpHilojiloggICAgICDilojiloggIBtbMG0KICAbWzE7MzJt4paR4paIICAg4paR4paIIOKWkeKWiOKWiCAgICDilpHilojiloggICDilojiloggICAgICDilpHilpEgICAbWzBtCiAgG1sxOzMybeKWkSDilojilojilojilogg4paR4paI4paI4paIICAgIOKWiOKWiOKWiCAg4paI4paIICAgICAgICDilojiloggIBtbMG0KICAbWzE7MzJtIOKWkeKWkeKWkeKWkSAg4paR4paR4paRICAgIOKWkeKWkeKWkSAg4paR4paRICAgICAgICDilpHilpEgICAbWzBtChtbMTszM20gIC0+aHR0cHM6Ly90d2l0dGVyLmNvbS90Y3BkaXJlY3Q8LRtbMG0KG1sxOzMzbS0+aHR0cHM6Ly9naXQudGNwLmRpcmVjdC9rYXlvcy8wcmx5PC0bWzBtCg=="
     3 +############################
     4 +# -------> kayos <-------- #
     5 +# git.tcp.direct/kayos #
     6 +# twitter.com/yunginnanet #
     7 +# github.com/yunginnanet #
     8 +############################
     9 + 
     10 +# ________
     11 +#/ \
     12 +#| 0rly? |
     13 +#\__ __'\
     14 +# |/ \\
     15 +# \ \\ .
     16 +# |\\/|
     17 +# / " '\
     18 +# . . .
     19 +# / ) |
     20 +# ' _.' |
     21 +# '-'/ \
     22 + 
     23 +# usage: ./0rly.sh website.com
     24 + 
     25 +# uses findomain, runs whois on all the resolvable subs found
     26 +# sorts out cloudflare IPs, run rustscan on all non-cloudflare IPs
     27 +# generate HTML reports
     28 + 
     29 +###### known dependencies ######
     30 + 
     31 +#### most package managers:
     32 +# - nmap
     33 +# - xsltproc
     34 +# - whois
     35 + 
     36 +#### fancy shit:
     37 +# - rustscan
     38 +# --- with rust: https://crates.io/crates/rustscan (cargo install rustscan)
     39 +# --- without: https://github.com/RustScan/RustScan/releases/tag/2.0.1
     40 +# - findomain
     41 +# --- with rust: https://crates.io/crates/findomain (cargo install findomain)
     42 +# --- without: https://github.com/Findomain/Findomain/releases/tag/3.1.0
     43 + 
     44 +################################################
     45 + 
     46 +_target="$1"
     47 + 
     48 +_RESULTS="$HOME/0rly/$_target"
     49 + 
     50 +function _html {
     51 + xsltproc $1 -o "$_RESULTS/HTML/$1.html"
     52 +}
     53 +export _html
     54 + 
     55 +#######
     56 +echo $_BNR | base64 -d
     57 +echo -e "\e[0m"
     58 + 
     59 +set -e
     60 +echo -e "Creating directory: \e[93m$_RESULTS\e[0m"
     61 +mkdir -p $_RESULTS
     62 +echo ""
     63 +if [ ! -f $HOME/0rly/resolvers.txt ]; then
     64 + echo "using nameservers:"
     65 + cat /etc/resolv.conf | grep 'nameserver' | grep '\.' | sed 's/nameserver //g' | tee $HOME/0rly/resolvers.txt
     66 +fi
     67 +echo -e "\e[93mrunning findomain...\e[0m"
     68 +findomain -q -i --resolvers "$HOME/0rly/resolvers.txt" --target "$_target" -u "$_RESULTS/findomain.txt" >/dev/null;
     69 +awk -F ',' '{print $NF}' "$_RESULTS/findomain.txt" | sort -u > "$_RESULTS/findomain.unique.ips.txt";
     70 + 
     71 +_ucount=$(wc -l $_RESULTS/findomain.unique.ips.txt)
     72 +echo -e "\e[0mFound \e[93m$_ucount\e[0m unique resolvable subdomains."
     73 +echo -e "analyzing whois information and checking for \e[1;31mcloudflare\e[0m...."
     74 + 
     75 +_cfips=0
     76 +_realips=0
     77 + 
     78 +while read line; do
     79 + whois "$line" > $_RESULTS/$line.whois.txt
     80 + 
     81 + if grep -i -q cloudflare "$_RESULTS/$line.whois.txt"; then
     82 + echo "$line" >> $_RESULTS/cloudflare.ips.txt;
     83 + ((_cfips=_cfips+1))
     84 + else
     85 + echo "$line" >> $_RESULTS/noncloudflare.ips.txt;
     86 + echo -e "no cloudflare here \e[1;32m$line\e[0m :^)"
     87 + ((_realips=_realips+1))
     88 + fi
     89 +done < $_RESULTS/findomain.unique.ips.txt
     90 + 
     91 +if [ $_realips -eq 0 ]; then
     92 + echo -e "\e[1;31mno non-cloudflare ips found, gg\e[0m"
     93 + exit
     94 +fi
     95 + 
     96 +mkdir -p $_RESULTS/XML
     97 +mkdir -p $_RESULTS/HTML
     98 + 
     99 +set +e
     100 + 
     101 +while read line; do
     102 + echo "Scanning $line..."
     103 + $HOME/.cargo/bin/rustscan -a $line -- -Pn -A -T Aggressive -oX "$_RESULTS/XML/$line.xml" >/dev/null
     104 + echo "done scanning $line"
     105 +done < $_RESULTS/noncloudflare.ips.txt
     106 + 
     107 +start "Generating HTML reports..."
     108 + 
     109 +cd $_RESULTS
     110 +find . -iname "*.xml" -print | while read line; do _html "$line"; done
     111 +echo "done. results in $_RESULTS"
     112 + 
     113 + 
     114 + 
     115 + 
     116 + 
  • ■ ■ ■ ■ ■ ■
    v1-bash/0rly.sh
    1  -#!/usr/bin/env bash
    2  -_BNR="ICAbWzE7MzJtICDilojilojilojiloggICAgICAgICAg4paI4paIICAgICAgICAgICDilojilojilojiloggG1swbQogIBtbMTszMm0g4paI4paR4paR4paR4paI4paIICAgICAgICDilpHilojiloggIOKWiOKWiCAgIOKWiOKWiCDilojilojilpHilpHilojilogbWzBtCiAgG1sxOzMybeKWkeKWiCAg4paI4paR4paIIOKWiOKWiOKWiOKWiOKWiOKWiCDilpHilojilogg4paR4paR4paI4paIIOKWiOKWiCDilpHilojilogg4paR4paI4paIG1swbQogIBtbMTszMm3ilpHilogg4paIIOKWkeKWiOKWkeKWkeKWiOKWiOKWkeKWkeKWiCDilpHilojiloggIOKWkeKWkeKWiOKWiOKWiCAg4paR4paRICDilojiloggG1swbQogIBtbMTszMm3ilpHilojiloggIOKWkeKWiCDilpHilojilogg4paRICDilpHilojiloggICDilpHilojiloggICAgICDilojiloggIBtbMG0KICAbWzE7MzJt4paR4paIICAg4paR4paIIOKWkeKWiOKWiCAgICDilpHilojiloggICDilojiloggICAgICDilpHilpEgICAbWzBtCiAgG1sxOzMybeKWkSDilojilojilojilogg4paR4paI4paI4paIICAgIOKWiOKWiOKWiCAg4paI4paIICAgICAgICDilojiloggIBtbMG0KICAbWzE7MzJtIOKWkeKWkeKWkeKWkSAg4paR4paR4paRICAgIOKWkeKWkeKWkSAg4paR4paRICAgICAgICDilpHilpEgICAbWzBtChtbMTszM20gIC0+aHR0cHM6Ly90d2l0dGVyLmNvbS90Y3BkaXJlY3Q8LRtbMG0KG1sxOzMzbS0+aHR0cHM6Ly9naXQudGNwLmRpcmVjdC9rYXlvcy8wcmx5PC0bWzBtCg=="
    3  -############################
    4  -# -------> kayos <-------- #
    5  -# git.tcp.direct/kayos #
    6  -# twitter.com/yunginnanet #
    7  -# github.com/yunginnanet #
    8  -############################
    9  - 
    10  -# ________
    11  -#/ \
    12  -#| 0rly? |
    13  -#\__ __'\
    14  -# |/ \\
    15  -# \ \\ .
    16  -# |\\/|
    17  -# / " '\
    18  -# . . .
    19  -# / ) |
    20  -# ' _.' |
    21  -# '-'/ \
    22  - 
    23  -# usage: ./0rly.sh website.com
    24  - 
    25  -# uses findomain, runs whois on all the resolvable subs found
    26  -# sorts out cloudflare IPs, run rustscan on all non-cloudflare IPs
    27  -# generate HTML reports
    28  - 
    29  -###### known dependencies ######
    30  - 
    31  -#### most package managers:
    32  -# - nmap
    33  -# - xsltproc
    34  -# - whois
    35  - 
    36  -#### fancy shit:
    37  -# - rustscan
    38  -# --- with rust: https://crates.io/crates/rustscan (cargo install rustscan)
    39  -# --- without: https://github.com/RustScan/RustScan/releases/tag/2.0.1
    40  -# - findomain
    41  -# --- with rust: https://crates.io/crates/findomain (cargo install findomain)
    42  -# --- without: https://github.com/Findomain/Findomain/releases/tag/3.1.0
    43  - 
    44  -###############################################################################
    45  -####################### https://github.com/tlatsas/bash-spinner
    46  -function _spinner() {
    47  - local on_success="DONE"
    48  - local on_fail="FAIL"
    49  - local white="\e[1;37m"
    50  - local green="\e[1;32m"
    51  - local red="\e[1;31m"
    52  - local nc="\e[0m"
    53  - 
    54  - case $1 in
    55  - start)
    56  - # calculate the column where spinner and status msg will be displayed
    57  - let column=$(tput cols)-${#2}-8
    58  - # display message and position the cursor in $column column
    59  - echo -ne ${2}
    60  - printf "%${column}s"
    61  - # start spinner
    62  - i=1
    63  - sp='0rly?'
    64  - delay=${SPINNER_DELAY:-0.10}
    65  - 
    66  - while :
    67  - do
    68  - printf "\b${sp:i++%${#sp}:1}"
    69  - sleep $delay
    70  - done
    71  - ;;
    72  - stop)
    73  - if [[ -z ${3} ]]; then
    74  - echo "spinner is not running.."
    75  - exit 1
    76  - fi
    77  - 
    78  - kill $3 > /dev/null 2>&1
    79  - 
    80  - # inform the user uppon success or failure
    81  - echo -en "\b["
    82  - if [[ $2 -eq 0 ]]; then
    83  - echo -en "${green}${on_success}${nc}"
    84  - else
    85  - echo -en "${red}${on_fail}${nc}"
    86  - fi
    87  - echo -en "]"
    88  - ;;
    89  - *)
    90  - echo "invalid argument, try {start/stop}"
    91  - exit 1
    92  - ;;
    93  - esac
    94  -}
    95  -function start_spinner {
    96  - # $1 : msg to display
    97  - _spinner "start" "${1}" &
    98  - # set global spinner pid
    99  - _sp_pid=$!
    100  - disown
    101  -}
    102  -function stop_spinner {
    103  - # $1 : command exit status
    104  - _spinner "stop" $1 $_sp_pid
    105  - unset _sp_pid
    106  -}
    107  -################################################
    108  -function _html {
    109  - xsltproc $1 -o "$RESULTS/HTML/$1.html"
    110  -}
    111  -#######
    112  - 
    113  -function _interactive {
    114  - if [ -z "$1" ]; then
    115  - echo -n "Target Domain: ";
    116  - read _target;
    117  - else
    118  - _target=$1;
    119  - fi
    120  - 
    121  - if echo $_target | grep -v -q '\.'; then
    122  - echo "that's not a domain....."
    123  - echo "do better."
    124  - exit 2
    125  - fi
    126  -}
    127  - 
    128  - 
    129  - 
    130  -clear
    131  - 
    132  -echo $_BNR | base64 -d
    133  -echo -e "\e[0m"
    134  - 
    135  -_interactive
    136  - 
    137  -set -e
    138  -RESULTS="$HOME/0rly/$_target"
    139  -echo -e "Creating directory: \e[93m$RESULTS\e[0m"
    140  -mkdir -p $RESULTS
    141  -echo ""
    142  -if [ ! -f $HOME/0rly/resolvers.txt ]; then
    143  - echo -e "\e[31m$HOME/0rly/resolvers.txt not found!\e[0m"
    144  - echo -e -n "would you like to use your system's resolvers? "
    145  - read -r -p " [y/N] " response
    146  - case "$response" in
    147  - [yY][eE][sS]|[yY])
    148  - ;;
    149  - *)
    150  - echo "re-run after you populate resolvers.txt, exiting"
    151  - exit
    152  - ;;
    153  - esac
    154  - 
    155  - echo "using nameservers:"
    156  - cat /etc/resolv.conf | grep 'nameserver' | grep '\.' | sed 's/nameserver //g' | tee $HOME/0rly/resolvers.txt
    157  -fi
    158  -start_spinner "running findomain..."
    159  -findomain -q -i --resolvers "$HOME/0rly/resolvers.txt" --target "$_target" -u "$RESULTS/findomain.txt">/dev/null;
    160  -awk -F ',' '{print $NF}' "$RESULTS/findomain.txt" | sort -u > "$RESULTS/findomain.unique.ips.txt"; stop_spinner $?
    161  - 
    162  - 
    163  -echo -n "Found "
    164  -cat $RESULTS/findomain.unique.ips.txt | wc -l;
    165  -echo "unique domains:"
    166  - 
    167  - 
    168  - 
    169  -start_spinner ""
    170  -_cfips=0
    171  -_realips=0
    172  -_cfpref="cloudflare: "
    173  -_stdpref="other: "
    174  -while read line; do
    175  - echo $line
    176  - tput cup 20 $l
    177  - echo -n -e "\e[39m$_cfpref \e[2m$_cfips\e[0m";
    178  - tput cup 21 $l
    179  - echo -n -e "\e[32m$_stdpref \e[95m$_realips\e[0m";
    180  - 
    181  - echo ""
    182  - 
    183  - whois "$line" > $RESULTS/$line.whois.txt
    184  - if cat "$RESULTS/$line.whois.txt" | grep -i -q cloudflare; then
    185  - echo "$line" >> $RESULTS/cloudflare.ips.txt;
    186  - ((_cfips=_cfips+1))
    187  - else
    188  - echo "$line" >> $RESULTS/noncloudflare.ips.txt;
    189  - ((_realips=_realips+1))
    190  - fi
    191  -done < $RESULTS/findomain.unique.ips.txt
    192  - 
    193  -stop_spinner $?
    194  - 
    195  -echo ""
    196  - 
    197  -if [ $_realips -eq 0 ]; then
    198  - echo "no non-cloudflare ip's found, gg"
    199  - exit
    200  -fi
    201  - 
    202  -echo -n "port scan all non-cloudflare IPs?"
    203  -read -r -p " [y/N] " response
    204  -case "$response" in
    205  -[yY][eE][sS]|[yY])
    206  - ;;
    207  -*)
    208  - echo "Well then, I suppose we're done!"
    209  - echo "Here's what we've got:"
    210  - ls $RESULTS;
    211  - exit
    212  - ;;
    213  -esac
    214  - 
    215  -mkdir -p $RESULTS/XML
    216  -mkdir -p $RESULTS/HTML
    217  - 
    218  -set +e
    219  - 
    220  -sudo echo ""
    221  - 
    222  -while read line; do
    223  - start_spinner "Scanning $line...\n"
    224  - sudo $HOME/.cargo/bin/rustscan --ulimit 10000 -a $line -- -Pn -A -T Aggressive -oX "$RESULTS/XML/$line.xml" >/dev/null
    225  - stop_spinner $?
    226  - echo ""
    227  -done < $RESULTS/noncloudflare.ips.txt
    228  - 
    229  -start_spinner "Generating HTML reports...\n"
    230  - 
    231  -cd $RESULTS
    232  -find . -iname "*.xml" -print -exec _html {} \;
    233  -stop_spinnder $?
    234  - 
    235  -echo "fin. results in $HOME/0rly"
    236  - 
    237  - 
    238  - 
    239  - 
    240  - 
Please wait...
Page is in error, reload to recover