STRLCPY/metabigor

Added some filter for inputs
j3ssie committed 4 years ago

30dce4b1

1 parent e98bd8a1

■ ■ ■ ■ ■ ■

cmd/scan.go

		skipped 1 lines
2	2
3	3		import (
4	4		"fmt"
	5	+	"github.com/thoas/go-funk"
5	6		"io/ioutil"
6	7		"os"
7	8		"strings"
		skipped 11 lines
19	20		Long: fmt.Sprintf(`Metabigor - Intelligence Tool but without API key - %v by %v`, core.VERSION, core.AUTHOR),
20	21		RunE: runScan,
21	22		}
22		-
23		-	scanCmd.Flags().StringP("ports", "p", "0-65535", "Port range for previous command")
24		-	scanCmd.Flags().StringP("rate", "r", "3000", "rate limit for masscan command")
	23	+	// scan options
	24	+	scanCmd.Flags().StringVarP(&options.Scan.Ports, "ports", "p", "0-65535", "Port range for previous command")
	25	+	scanCmd.Flags().StringVarP(&options.Scan.Rate, "rate", "r", "3000", "rate limit for masscan command")
	26	+	scanCmd.Flags().BoolVarP(&options.Scan.All, "join", "A", false, "Join all inputs to a file first then do a scan")
	27	+	// scan strategy option
	28	+	scanCmd.Flags().BoolVarP(&options.Scan.Flat, "flat", "f", true, "format output like this: 1.2.3.4:443")
	29	+	scanCmd.Flags().BoolVarP(&options.Scan.NmapOverview, "nmap", "n", false, "Use nmap instead of masscan for overview scan")
	30	+	scanCmd.Flags().BoolVarP(&options.Scan.ZmapOverview, "zmap", "z", false, "Only scan range with zmap")
	31	+	scanCmd.Flags().BoolVarP(&options.Scan.SkipOverview, "skip-masscan", "s", false, "run nmap from input format like this: 1.2.3.4:443")
	32	+	// more nmap options
	33	+	scanCmd.Flags().StringVarP(&options.Scan.NmapScripts, "script", "S", "", "nmap scripts")
	34	+	scanCmd.Flags().StringVar(&options.Scan.NmapTemplate, "nmap-command", "sudo nmap -sSV -p {{.ports}} {{.input}} {{.script}} -T4 --open -oA {{.output}}", "Nmap template command to run")
	35	+	scanCmd.Flags().StringVar(&options.Scan.GrepString, "grep", "", "match string to confirm script success")
	36	+	scanCmd.Flags().StringP("result-folder", "R", "", "Result folder")
	37	+	scanCmd.Flags().BoolVar(&options.Scan.IPv4, "4", true, "Filter input to only get ipv4")
	38	+	//scanCmd.Flags().Bool("6", false, "Filter input to only get ipv4")
25	39		scanCmd.Flags().BoolP("detail", "D", false, "Do Nmap scan based on previous output")
26		-	scanCmd.Flags().BoolP("all", "A", false, "Join all inputs to a file first")
27		-
28		-	scanCmd.Flags().BoolP("flat", "f", true, "format output like this: 1.2.3.4:443")
29		-	scanCmd.Flags().BoolP("nmap", "n", false, "Use nmap instead of masscan for overview scan")
30		-	scanCmd.Flags().BoolP("zmap", "z", false, "Only scan range with zmap")
31		-	scanCmd.Flags().BoolP("skip-masscan", "s", false, "run nmap from input format like this: 1.2.3.4:443")
32		-
33		-	scanCmd.Flags().StringP("script", "S", "", "nmap scripts")
34		-	scanCmd.Flags().String("nmap-command", "sudo nmap -sSV -p {{.ports}} {{.input}} {{.script}} -T4 --open -oA {{.output}}", "Nmap template command to run")
35		-	scanCmd.Flags().StringP("grep", "g", "", "match string to confirm script success")
36		-	// only parse scan
37		-	scanCmd.Flags().StringP("result-folder", "R", "", "Result folder")
	40	+	scanCmd.Flags().Bool("uniq", true, "Unique input first")
38	41		scanCmd.SetHelpFunc(ScanHelp)
39	42		RootCmd.AddCommand(scanCmd)
40		-
41	43		}
42	44
43	45		func runScan(cmd *cobra.Command, _ []string) error {
44		-	options.Scan.NmapTemplate, _ = cmd.Flags().GetString("nmap-command")
45		-	options.Scan.NmapScripts, _ = cmd.Flags().GetString("script")
46		-	options.Scan.GrepString, _ = cmd.Flags().GetString("grep")
47		-	options.Scan.Ports, _ = cmd.Flags().GetString("ports")
48		-	options.Scan.Rate, _ = cmd.Flags().GetString("rate")
49		-	options.Scan.Detail, _ = cmd.Flags().GetBool("detail")
50		-	options.Scan.Flat, _ = cmd.Flags().GetBool("flat")
51		-	options.Scan.All, _ = cmd.Flags().GetBool("all")
52		-	options.Scan.NmapOverview, _ = cmd.Flags().GetBool("nmap")
53		-	options.Scan.ZmapOverview, _ = cmd.Flags().GetBool("zmap")
54		-	options.Scan.SkipOverview, _ = cmd.Flags().GetBool("skip-masscan")
55	46		// only parse result
56	47		resultFolder, _ := cmd.Flags().GetString("result-folder")
	48	+	uniq, _ := cmd.Flags().GetBool("uniq")
57	49		if resultFolder != "" {
58	50		parseResult(resultFolder, options)
59	51		os.Exit(0)
		skipped 11 lines
71	63		inputs = append(inputs, options.Input)
72	64		}
73	65
	66	+	// make sure input is valid
	67	+	if options.Scan.IPv4 {
	68	+	inputs = core.FilterIpv4(inputs)
	69	+	}
	70	+	if uniq {
	71	+	inputs = funk.UniqString(inputs)
	72	+	}
	73	+
74	74		var result []string
75		-	// var detailResult []string
76	75		var wg sync.WaitGroup
77	76		jobs := make(chan string)
78	77
		skipped 196 lines

■ ■ ■ ■ ■ ■

core/filter.go

1	+	package core
2	+
3	+	import "regexp"
4	+
5	+	// FilterIpv4 only get Ipv4
6	+	func FilterIpv4(raw []string) []string {
7	+	var result []string
8	+	var re = regexp.MustCompile(`(?m)^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]\|[1-2][0-9]\|3[0-2]))?$`)
9	+	for _, input := range raw {
10	+	match := re.MatchString(input)
11	+	if match {
12	+	result = append(result, input)
13	+	}
14	+	}
15	+	return result
16	+	}
17	+
18	+
19	+	// FilterIpv6 only get Ipv6
20	+	func FilterIpv6(raw []string) []string {
21	+	var result []string
22	+	var re = regexp.MustCompile(`^s((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}\|:))\|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}\|((25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)(.(25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})\|:((25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)(.(25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})\|((:[0-9A-Fa-f]{1,4})?:((25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)(.(25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})\|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)(.(25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})\|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)(.(25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})\|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)(.(25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)){3}))\|:))\|(:(((:[0-9A-Fa-f]{1,4}){1,7})\|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)(.(25[0-5]\|2[0-4]d\|1dd\|[1-9]?d)){3}))\|:)))(%.+)?s(\/([0-9]\|[1-9][0-9]\|1[0-1][0-9]\|12[0-8]))?$`)
23	+	for _, input := range raw {
24	+	match := re.MatchString(input)
25	+	if match {
26	+	result = append(result, input)
27	+	}
28	+	}
29	+	return result
30	+	}
31	+
32	+

■ ■ ■ ■ ■ ■

core/options.go

		skipped 29 lines
30	30		ZmapOverview bool
31	31		Detail bool
32	32		Flat bool
33		-	All bool
	33	+	All bool
	34	+	IPv4 bool
	35	+	IPv6 bool
34	36		SkipOverview bool
35	37		TmpOutput string
36	38		NmapScripts string
37	39		GrepString string
38		-	InputFile string
	40	+	InputFile string
39	41		}
40	42
41	43		// NetOptions options for net command
		skipped 44 lines

■ ■ ■ ■ ■ ■

modules/ip.go

		skipped 183 lines
184	184		url := fmt.Sprintf(`https://securitytrails.com/list/ip/%v`, query)
185	185		var result []string
186	186		core.InforF("Get data from: %v", url)
187		-	content := core.RequestWithChrome(url,"root" ,options.Timeout)
	187	+	content := core.RequestWithChrome(url, "root", options.Timeout)
188	188		if content == "" {
189	189		core.DebugF("Error in sending to SecurityTrails")
190	190		return result
		skipped 66 lines

■ ■ ■ ■ ■ ■ ■

modules/netblock.go

		skipped 2 lines
3	3		import (
4	4		"encoding/json"
5	5		"fmt"
	6	+	jsoniter "github.com/json-iterator/go"
6	7		"strings"
7	8
8	9		"github.com/PuerkitoBio/goquery"
		skipped 8 lines
17	18		return raw
18	19		}
19	20
	21	+	// RangeInfo infor about range IP
	22	+	type RangeInfo struct {
	23	+	Cidr string `json:"cidr"`
	24	+	Desc string `json:"desc"`
	25	+	Asn string `json:"asn"`
	26	+	Country string `json:"country"`
	27	+	}
	28	+
20	29		// IPInfo get CIDR from ASN
21	30		func IPInfo(options core.Options) []string {
22	31		asn := getAsnNum(options.Net.Asn)
		skipped 5 lines
28	37		if err != nil {
29	38		return result
30	39		}
	40	+
	41	+	var country string
	42	+	doc.Find(".flag").Each(func(i int, s *goquery.Selection) {
	43	+	href, ok := s.Attr("href")
	44	+	if ok {
	45	+	if strings.HasPrefix(href, "/countries/") {
	46	+	country = s.Text()
	47	+	return
	48	+	}
	49	+	}
	50	+	})
	51	+
31	52		// searching for data
32	53		doc.Find("tr").Each(func(i int, s *goquery.Selection) {
33	54		s.Find("address").First()
		skipped 1 lines
35	56		data := strings.Split(strings.TrimSpace(s.Text()), " ")
36	57		cidr := strings.TrimSpace(data[0])
37	58		desc := strings.TrimSpace(data[len(data)-1])
	59	+	if len(data) > 2 {
	60	+	desc = strings.TrimSpace(data[1])
	61	+	}
38	62
39		-	core.InforF(fmt.Sprintf("%s - %s", cidr, desc))
40		-	result = append(result, fmt.Sprintf("%s", cidr))
	63	+	if options.JsonOutput {
	64	+	output := RangeInfo{
	65	+	Cidr: cidr,
	66	+	Desc: desc,
	67	+	Asn: asn,
	68	+	Country: country,
	69	+	}
	70	+	if out, err := jsoniter.MarshalToString(output); err == nil {
	71	+	core.InforF(out)
	72	+	result = append(result, out)
	73	+	}
	74	+	} else {
	75	+	core.InforF(fmt.Sprintf("%s - %s", cidr, desc))
	76	+	result = append(result, fmt.Sprintf("%s", cidr))
	77	+	}
41	78		}
42	79		})
43	80		return result
		skipped 176 lines

Added some filter for inputs