crash.software
Projects
Pull Requests
Issues
Builds
Osmedeus
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY Osmedeus Commits b866419a
🤬

  • Update a lot things for to for v1.4 release

  • Loading...
  • j3ssie committed 5 years ago
    b866419a
    1 parent 7314957d
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■
    CREDITS.md
    skipped 4 lines
    5 5   * [subfinder](https://github.com/subfinder/subfinder)
    6 6   * [massdns](https://github.com/blechschmidt/massdns)
    7 7   * [gobuster](https://github.com/OJ/gobuster)
     8 + * [goaltdns](https://github.com/subfinder/goaltdns)
    8 9   
    9 10  #### Subdomain TakeOver Scanning
    10 11   * [tko-subs](https://github.com/anshumanbh/tko-subs)
    skipped 7 lines
    18 19   * [aquaton](https://github.com/michenriksen/aquatone)
    19 20   * [gowitness](https://github.com/sensepost/gowitness)
    20 21   
     22 +#### AssestFinding the target
     23 + * [waybackurls](https://github.com/tomnomnom/waybackurls)
     24 + * [meg](https://github.com/tomnomnom/meg)
     25 + * [httprobe](https://github.com/tomnomnom/httprobe)
     26 + 
    21 27  #### IP Discovery
    22 28   * [IPOsint](https://github.com/j3ssie/IPOsint) by me :)
    23 29   
    skipped 10 lines
    34 40  #### Vulnerable Scan and beautify html report
    35 41   * [nmap-vulners](https://github.com/vulnersCom/nmap-vulners)
    36 42   * [nmap-bootstrap-xsl](https://github.com/honze-net/nmap-bootstrap-xsl/)
    37  - * [nmap-parsing](https://github.com/laconicwolf/Nmap-Scan-to-CSV/blob/master/nmap_xml_parser.py)
    38 43   
    39 44  #### Git repo scanning
    40 45   * [gitleaks](https://github.com/zricethezav/gitleaks)
    skipped 6 lines
    47 52   * [LinkFinder](https://github.com/GerbenJavado/LinkFinder)
    48 53   
    49 54  #### Directory search
    50  - * [dirsearch](https://github.com/maurosoria/dirsearch)
     55 + * [dirhunt](https://github.com/Nekmo/dirhunt)
    51 56   * [wfuzz](https://github.com/xmendez/wfuzz)
    52 57   
    53 58  #### Bruteforce services
    skipped 11 lines
  • ■ ■ ■ ■ ■
    core/config.py
    skipped 61 lines
    62 62  ===========
    63 63  subdomain - Scanning subdomain and subdomain takerover
    64 64  portscan - Screenshot and Scanning service for list of domain
     65 +scrrenshot - Screenshot list of hosts
    65 66  asset - Asset finding like URL, Wayback machine
    66 67  brute - Do brute force on service of target
    67 68  vuln - Scanning version of services and checking vulnerable service
    skipped 338 lines
  • ■ ■ ■ ■
    core/rest/storages/commands.json
    skipped 60 lines
    61 61   {
    62 62   "banner": "aquatone",
    63 63   "cmd": "cat $WORKSPACE/subdomain/final-$TARGET.txt | $GO_PATH/aquatone -threads 20 -out $WORKSPACE/screenshot/$OUTPUT-aquatone",
    64  - "output_path": "/Users/j3ssie/myGit/private-osmedeus/Osmedeus/workspaces/zalo.me/screenshot/zalo.me-aquatone/aquatone_report.html",
     64 + "output_path": "$WORKSPACE/screenshot/$OUTPUT-aquatone/aquatone_report.html",
    65 65   "std_path": "$WORKSPACE/screenshot/std-$OUTPUT-aquatone.std"
    66 66   }
    67 67   ]
    skipped 172 lines
  • ■ ■ ■ ■ ■ ■
    core/routine.py
    skipped 105 lines
    106 106   # Discovery IP space
    107 107   ipspace.IPSpace(options)
    108 108   
     109 + if 'screen' in module:
     110 + # Discovery IP space
     111 + screenshot.ScreenShot(options)
     112 + 
    109 113   if 'portscan' in module:
    110 114   # scanning port, service and vuln with masscan and nmap
    111 115   portscan.PortScan(options)
    skipped 82 lines
  • ■ ■ ■ ■ ■
    core/utils.py
    skipped 237 lines
    238 238   
    239 239   return None
    240 240   
    241  - 
     241 +# just clean blank line and unique stuff
    242 242  def clean_up(filename):
    243 243   filename = os.path.normpath(filename)
    244 244   if os.path.isfile(filename):
    skipped 46 lines
    291 291   if valid_ip(line):
    292 292   ips.append(line)
    293 293   return ips
     294 + 
    294 295   
    295 296  # check if string is IP or not
    296 297  def valid_ip(string_in):
    skipped 228 lines
  • ■ ■ ■ ■ ■
    modules/portscan.py
    skipped 161 lines
    162 162   cmd = utils.replace_argument(self.options, cmd)
    163 163   output_path = utils.replace_argument(
    164 164   self.options, '$WORKSPACE/portscan/final-$OUTPUT.html')
    165  - std_path = utils.replace_argument(
    166  - self.options, '')
    167  - execute.send_cmd(self.options, cmd, output_path, std_path, self.module_name)
     165 + execute.send_cmd(self.options, cmd, output_path, '', self.module_name)
    168 166   
    169 167   def parsing_to_csv(self):
    170 168   masscan_xml = utils.replace_argument(
    skipped 101 lines
  • ■ ■ ■ ■ ■ ■
    modules/screenshot.py
    1  -import os, time
     1 +import os
     2 +import time
    2 3  from core import execute
    3 4  from core import slack
    4 5  from core import utils
    skipped 14 lines
    19 20   'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
    20 21   'content': 'Start ScreenShot for {0}'.format(self.options['TARGET'])
    21 22   })
     23 + 
     24 + 
    22 25   self.initial()
     26 +
    23 27   slack.slack_noti('good', self.options, mess={
    24 28   'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
    25 29   'content': 'Done ScreenShot for {0}'.format(self.options['TARGET'])
    26 30   })
    27 31   utils.print_line()
    28 32   
     33 + # check if this was run on subdomain module or direct mode from screenshot
     34 + def check_direct(self):
     35 + all_subdomain = utils.replace_argument(
     36 + self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt')
     37 + 
     38 + if utils.not_empty_file(all_subdomain):
     39 + return False
     40 + 
     41 + self.is_direct = utils.is_direct_mode(self.options, require_input=True)
     42 + return True
    29 43   
    30 44   def initial(self):
    31  - self.run()
     45 + if self.check_direct():
     46 + self.screenshots(self.is_direct)
     47 + else:
     48 + self.run()
    32 49   utils.just_waiting(self.options, self.module_name, seconds=10)
    33  - #this gonna run after module is done to update the main json
     50 + # this gonna run after module is done to update the main json
    34 51   # self.conclude()
    35 52   
    36 53   def run(self):
    skipped 1 lines
    38 55   
    39 56   for item in commands:
    40 57   utils.print_good('Starting {0}'.format(item.get('banner')))
    41  - #really execute it
     58 + # really execute it
    42 59   execute.send_cmd(self.options, item.get('cmd'), item.get(
    43 60   'output_path'), item.get('std_path'), self.module_name)
    44 61   time.sleep(1)
    45 62   
    46 63   utils.just_waiting(self.options, self.module_name, seconds=30)
    47  - #just save commands
     64 + # just save commands
    48 65   logfile = utils.replace_argument(self.options, '$WORKSPACE/log.json')
    49 66   utils.save_all_cmd(self.options, logfile)
    50 67   
     68 + def screenshots(self, input_file):
     69 + if not utils.not_empty_file(input_file):
     70 + return False
    51 71   
    52  - # #update the main json file
    53  - # def conclude(self):
    54  - # output_path = utils.replace_argument(
    55  - # self.options, '$WORKSPACE/subdomain/massdns-IP-$OUTPUT.txt')
     72 + data = utils.just_read(input_file).splitlines()
     73 + self.aquatone(input_file)
     74 + self.gowithness(data)
     75 + 
     76 + def aquatone(self, input_file):
     77 + cmd = "cat {0} | $GO_PATH/aquatone -threads 20 -out $WORKSPACE/screenshot/$OUTPUT-aquatone".format(input_file)
     78 + 
     79 + cmd = utils.replace_argument(self.options, cmd)
     80 + output_path = utils.replace_argument(
     81 + self.options, "$WORKSPACE/screenshot/$OUTPUT-aquatone/aquatone_report.html")
     82 + std_path = utils.replace_argument(
     83 + self.options, "$WORKSPACE/screenshot/std-$OUTPUT-aquatone.std")
     84 + 
     85 + execute.send_cmd(self.options, cmd, output_path,
     86 + std_path, self.module_name)
     87 + 
     88 + def gowithness(self, data):
     89 + # add http:// and https:// prefix to domain
     90 + domains = []
     91 + utils.make_directory(
     92 + self.options['WORKSPACE'] + '/screenshot/screenshoots-gowitness')
     93 + for item in data:
     94 + host = utils.get_domain(item)
     95 + domains.append("http://" + host)
     96 + domains.append("https://" + host)
     97 + http_file = utils.replace_argument(
     98 + self.options, '$WORKSPACE/screenshot/$OUTPUT-hosts.txt')
     99 + utils.just_write(http_file, "\n".join(domains))
     100 + utils.clean_up(http_file)
     101 + time.sleep(2)
    56 102   
    57  - # # matching IP with subdomain
    58  - # main_json = utils.reading_json(utils.replace_argument(
    59  - # self.options, '$WORKSPACE/$COMPANY.json'))
    60  - # with open(output_path, 'r') as i:
    61  - # data = i.read().splitlines()
    62  - # ips = []
    63  - # for line in data:
    64  - # if " A " in line:
    65  - # subdomain = line.split('. A ')[0]
    66  - # ip = line.split('. A ')[1]
    67  - # ips.append(ip)
    68  - # for i in range(len(main_json['Subdomains'])):
    69  - # if subdomain == main_json['Subdomains'][i]['Domain']:
    70  - # main_json['Subdomains'][i]['IP'] = ip
     103 + # screenshots with gowitness
     104 + cmd = "$GO_PATH/gowitness file -s $WORKSPACE/screenshot/$OUTPUT-hosts.txt -t 30 --log-level fatal --destination $WORKSPACE/screenshot/screenshoots-gowitness/ --db $WORKSPACE/screenshot/screenshoots-gowitness/gowitness.db"
     105 + 
     106 + execute.send_cmd(self.options, utils.replace_argument(
     107 + self.options, cmd), '', '', self.module_name)
    71 108  
    72  - # final_ip = utils.replace_argument(
    73  - # self.options, '$WORKSPACE/subdomain/final-IP-$OUTPUT.txt')
     109 + utils.just_waiting(self.options, self.module_name, seconds=10)
    74 110   
    75  - # with open(final_ip, 'w+') as fip:
    76  - # fip.write("\n".join(str(ip) for ip in ips))
     111 + cmd = "$GO_PATH/gowitness generate -n $WORKSPACE/screenshot/$OUTPUT-gowitness-screenshots.html --destination $WORKSPACE/screenshot/screenshoots-gowitness/ --db $WORKSPACE/screenshot/screenshoots-gowitness/gowitness.db"
    77 112   
    78  - # utils.just_write(utils.replace_argument(
    79  - # self.options, '$WORKSPACE/$COMPANY.json'), main_json, is_json=True)
     113 + html_path = utils.replace_argument(
     114 + self.options, "$WORKSPACE/portscan/$OUTPUT-gowitness-screenshots.html")
     115 + execute.send_cmd(self.options, utils.replace_argument(
     116 + self.options, cmd), html_path, '', self.module_name)
    80 117   
  • ■ ■ ■ ■ ■
    osmedeus.py
    skipped 58 lines
    59 59   options['JWT'] = utils.get_jwt(options)
    60 60   except:
    61 61   utils.print_bad("Fail to set config, Something went wrong with Flask API !")
    62  - utils.print_bad("Visit this page for common issue: https://github.com/j3ssie/Osmedeus/wiki/Common-Issues")
     62 + utils.print_info("Visit this page for common issue: https://github.com/j3ssie/Osmedeus/wiki/Common-Issues")
    63 63   sys.exit(-1)
    64 64   
    65 65   if not (options['JWT'] and options['JWT'] != "None"):
    skipped 20 lines
    86 86   
    87 87  def main():
    88 88   config.banner(__version__, __author__)
    89  - parser = argparse.ArgumentParser(description="Collection tool for automatic pentesting", add_help=False)
     89 + parser = argparse.ArgumentParser(
     90 + description="One line to rude them all", add_help=False)
    90 91   parser.add_argument('-c', '--config', action='store', dest='config', help='config file', default='core/config.conf')
    91 92   parser.add_argument('-m', '--module', action='store', dest='module', help='specific module to action')
    92 93   
    skipped 59 lines
  • ■ ■ ■ ■ ■
    requirements.txt
    skipped 5 lines
    6 6  Flask-RESTful==0.3.6
    7 7  requests==2.22.0
    8 8  ansi2html==1.5.2
    9  - 
Please wait...
Page is in error, reload to recover