STRLCPY/metabigor

■ ■ ■ ■ ■ ■

cmd/cve.go

1	+	package cmd
2	+
3	+	import (
4	+	"fmt"
5	+	"os"
6	+	"strings"
7	+	"sync"
8	+
9	+	"github.com/j3ssie/metabigor/core"
10	+	"github.com/j3ssie/metabigor/modules"
11	+	"github.com/spf13/cobra"
12	+	)
13	+
14	+	func init() {
15	+	var cveCmd = &cobra.Command{
16	+	Use: "cve",
17	+	Short: "CVE or Advisory Search",
18	+	Long: fmt.Sprintf(`Metabigor - Intelligence Tool but without API key - %v by %v`, core.VERSION, core.AUTHOR),
19	+	RunE: runCVE,
20	+	}
21	+
22	+	cveCmd.Flags().StringP("source", "s", "all", "Search Engine Select")
23	+	cveCmd.Flags().StringSliceP("query", "q", []string{}, "Query to search (Multiple -q flags are accepted)")
24	+	RootCmd.AddCommand(cveCmd)
25	+	}
26	+
27	+	func runCVE(cmd *cobra.Command, _ []string) error {
28	+	options.Search.Source, _ = cmd.Flags().GetString("source")
29	+	options.Search.Source = strings.ToLower(options.Search.Source)
30	+	queries, _ := cmd.Flags().GetStringSlice("query")
31	+
32	+	var inputs []string
33	+	if options.Input != "-" && options.Input != "" {
34	+	if strings.Contains(options.Input, "\n") {
35	+	inputs = strings.Split(options.Input, "\n")
36	+	} else {
37	+	inputs = append(inputs, options.Input)
38	+	}
39	+	}
40	+	if len(queries) > 0 {
41	+	inputs = append(inputs, queries...)
42	+	}
43	+	if len(inputs) == 0 {
44	+	core.ErrorF("No input found")
45	+	os.Exit(1)
46	+	}
47	+
48	+
49	+	var wg sync.WaitGroup
50	+	jobs := make(chan string)
51	+
52	+	for i := 0; i < options.Concurrency; i++ {
53	+	wg.Add(1)
54	+	go func() {
55	+	defer wg.Done()
56	+	// do real stuff here
57	+	for job := range jobs {
58	+	searchResult := runCVESingle(job, options)
59	+	StoreData(searchResult, options)
60	+	}
61	+	}()
62	+	}
63	+
64	+	for _, input := range inputs {
65	+	jobs <- input
66	+	}
67	+
68	+	close(jobs)
69	+	wg.Wait()
70	+
71	+	if !core.FileExists(options.Output) {
72	+	core.ErrorF("No data found")
73	+	}
74	+	core.DebugF("Unique Output: %v", options.Output)
75	+	core.Unique(options.Output)
76	+	return nil
77	+	}
78	+
79	+	func runCVESingle(input string, options core.Options) []string {
80	+	var data []string
81	+	core.BannerF(fmt.Sprintf("Search on %v for: ", options.Search.Source), input)
82	+	if options.Search.Source == "all" {
83	+	options.Search.Source = "vulners"
84	+	}
85	+	options.Search.Query = input
86	+
87	+	// select source
88	+	if strings.Contains(options.Search.Source, "vulner") {
89	+	data = append(data, modules.Vulners(options)...)
90	+	}
91	+	return data
92	+	}
93	+

■ ■ ■ ■ ■ ■

cmd/ip.go

		skipped 96 lines
97	97		if strings.Contains(options.Search.Source, "sho") {
98	98		data = append(data, modules.Shodan(options.Search.Query, options)...)
99	99		}
100		-	//
101		-	//if strings.Contains(options.Search.Source, "trail") \|\| strings.Contains(options.Search.Source, "sec") {
102		-	// data = append(data, modules.SecurityTrails(options.Search.Query, options)...)
103		-	//}
104	100
105	101		return data
106	102		}
		skipped 1 lines

■ ■ ■ ■ ■ ■

cmd/net.go

		skipped 21 lines
22	22
23	23		netCmd.Flags().Bool("asn", false, "Take input as ASN")
24	24		netCmd.Flags().Bool("org", false, "Take input as Organization")
	25	+	netCmd.Flags().Bool("ip", false, "Take input as a single IP address")
	26	+	netCmd.Flags().Bool("domain", false, "Take input as a domain")
25	27		netCmd.Flags().BoolP("accurate", "x", false, "Only get from highly trusted source")
26	28
27	29		RootCmd.AddCommand(netCmd)
		skipped 2 lines
30	32		func runNet(cmd *cobra.Command, _ []string) error {
31	33		asn, _ := cmd.Flags().GetBool("asn")
32	34		org, _ := cmd.Flags().GetBool("org")
	35	+	ip, _ := cmd.Flags().GetBool("ip")
	36	+	domain, _ := cmd.Flags().GetBool("domain")
33	37		options.Net.Optimize, _ = cmd.Flags().GetBool("accurate")
34	38
35	39		var inputs []string
		skipped 23 lines
59	63		osintResult = runASN(job, options)
60	64		} else if org {
61	65		osintResult = runOrg(job, options)
	66	+	} else if ip {
	67	+	options.Net.IP = job
	68	+	osintResult = runSingle(job, options)
	69	+	} else if domain {
	70	+	options.Net.Domain = job
	71	+	osintResult = runSingle(job, options)
62	72		}
63	73		StoreData(osintResult, options)
64	74		}
		skipped 11 lines
76	86		core.ErrorF("No data found")
77	87		}
78	88		return nil
	89	+	}
	90	+
	91	+	func runSingle(input string, options core.Options) []string {
	92	+	core.BannerF("Starting get ASN from: ", input)
	93	+	var data []string
	94	+	ans := modules.ASNFromIP(options)
	95	+
	96	+	// get more IP by result ASN
	97	+	for _, item := range ans {
	98	+	if strings.HasPrefix(strings.ToLower(item), "as") {
	99	+	data = append(data, runASN(item, options)...)
	100	+	}
	101	+	}
	102	+	return data
79	103		}
80	104
81	105		func runASN(input string, options core.Options) []string {
		skipped 78 lines

■ ■ ■ ■ ■ ■

core/options.go

		skipped 18 lines
19	19		Scan ScanOptions
20	20		Net NetOptions
21	21		Search SearchOptions
	22	+	CVE CVEOptions
22	23		}
23	24
24	25		// ScanOptions options for net command
		skipped 19 lines
44	45		type NetOptions struct {
45	46		Asn string
46	47		Org string
	48	+	IP string
	49	+	Domain string
47	50		Optimize bool
48	51		}
49	52
		skipped 3 lines
53	56		Query string
54	57		Optimize bool
55	58		More bool
	59	+	}
	60	+
	61	+
	62	+	// CVEOptions options for cve command
	63	+	type CVEOptions struct {
	64	+	Software string
	65	+	Version string
56	66		}
57	67
58	68		// Request all information about request
		skipped 29 lines

■ ■ ■ ■ ■ ■

core/request.go

		skipped 21 lines
22	22		"Accept": "/",
23	23		"AcceptLang": "en-US,en;q=0.8",
24	24		}
25		-	resp, _ := JustSend(options, "GET", url, headers)
	25	+	resp, _ := JustSend(options, "GET", url, headers, "")
26	26		return resp.Body
27	27		}
28	28
29	29		// SendPOST just send POST request
30	30		func SendPOST(url string, options Options) string {
31		-	resp, _ := JustSend(options, "POST", url, headers)
	31	+	resp, _ := JustSend(options, "POST", url, headers, "")
32	32		return resp.Body
33	33		}
34	34
35	35		// JustSend just sending request
36		-	func JustSend(options Options, method string, url string, headers map[string]string) (res Response, err error) {
	36	+	func JustSend(options Options, method string, url string, headers map[string]string, body string) (res Response, err error) {
37	37		timeout := options.Timeout
38	38
39	39		// disable log when retry
		skipped 36 lines
76	76		break
77	77		case "post":
78	78		resp, err = client.R().
79		-	Get(url)
	79	+	SetBody([]byte(body)).
	80	+	Post(url)
80	81		break
81	82		}
82	83
		skipped 71 lines

■ ■ ■ ■ ■ ■

core/version.go

		skipped 1 lines
2	2
3	3		const (
4	4		// VERSION current Metabigor version
5		-	VERSION = "beta v1.6"
	5	+	VERSION = "beta v1.7"
6	6		// AUTHOR author of this
7	7		AUTHOR = "@j3ssiejjj"
8	8		)
		skipped 1 lines

■ ■ ■ ■ ■ ■

modules/cve.go

1	+	package modules
2	+
3	+	import (
4	+	"fmt"
5	+	"github.com/Jeffail/gabs"
6	+	"github.com/j3ssie/metabigor/core"
7	+	jsoniter "github.com/json-iterator/go"
8	+	"strings"
9	+	)
10	+
11	+	type CVEData struct {
12	+	CVE string
13	+	Title string
14	+	Desc string
15	+	Raw string
16	+	RawQuery string
17	+	}
18	+
19	+	// Vulners get Org CIDR from asnlookup
20	+	func Vulners(options core.Options) []string {
21	+	var result []string
22	+
23	+	query := options.Search.Query
24	+	// parsing input
25	+	software, version := PrepareQuery(query)
26	+	body := fmt.Sprintf(`{"apiKey":"","software":"%s","type":"software","version":"%s"}`, software, version)
27	+
28	+	url := fmt.Sprintf(`https://vulners.com/api/v3/burp/software/`)
29	+	core.InforF("Get data from: %v", url)
30	+	headers := map[string]string{
31	+	"UserAgent": "vulners-burpscanner-v-1.2",
32	+	"Content-type": "application/json",
33	+	}
34	+	resp, _ := core.JustSend(options, "POST", url, headers, body)
35	+	if resp.StatusCode != 200 {
36	+	return result
37	+	}
38	+	jsonParsed, err := gabs.ParseJSON([]byte(resp.Body))
39	+	if err != nil {
40	+	core.ErrorF("Error parse JSON Data")
41	+	return result
42	+	}
43	+
44	+	content := jsonParsed.S("data").S("search")
45	+	for _, item := range content.Children() {
46	+	var cveData CVEData
47	+	cveData.RawQuery = query
48	+	for k, v := range item.S("_source").ChildrenMap() {
49	+	if k == "description" {
50	+	cveData.Desc = v.Data().(string)
51	+	}
52	+	if k == "title" {
53	+	cveData.Title = v.Data().(string)
54	+	}
55	+	if k == "id" {
56	+	cveData.CVE = v.Data().(string)
57	+	}
58	+	}
59	+
60	+	if options.JsonOutput {
61	+	if data, err := jsoniter.MarshalToString(cveData); err == nil {
62	+	result = append(result, data)
63	+	}
64	+	continue
65	+	}
66	+	info := fmt.Sprintf("%s ;; %s ;; %s", cveData.RawQuery, cveData.CVE, cveData.Desc)
67	+	result = append(result, info)
68	+	}
69	+
70	+	return result
71	+	}
72	+
73	+	func PrepareQuery(raw string) (string, string) {
74	+	raw = strings.ToLower(strings.TrimSpace(raw))
75	+	if !strings.Contains(raw, "\|") {
76	+	return raw, "0"
77	+	}
78	+
79	+	// apache\|1.0
80	+	data := strings.Split(raw, "\|")
81	+	software := strings.TrimSpace(data[0])
82	+	version := strings.TrimSpace(data[1])
83	+	return software, version
84	+	}
85	+

■ ■ ■ ■ ■ ■

modules/netblock.go

		skipped 3 lines
4	4		"encoding/json"
5	5		"fmt"
6	6		jsoniter "github.com/json-iterator/go"
	7	+	"net"
7	8		"strings"
8	9
9	10		"github.com/PuerkitoBio/goquery"
		skipped 244 lines
254	255		return result
255	256		}
256	257
	258	+	// ASNFromIP get ip or domain from ultratools.com
	259	+	func ASNFromIP(options core.Options) []string {
	260	+	var result []string
	261	+	ip := options.Net.IP
	262	+	// resolve IP
	263	+	if ip == "" && options.Net.Domain != "" {
	264	+	if resolved, err := net.LookupHost(options.Net.Domain); err == nil {
	265	+	ip = resolved[0]
	266	+	}
	267	+	}
	268	+	url := fmt.Sprintf(`https://www.ultratools.com/tools/asnInfoResult?domainName=%v`, ip)
	269	+	core.InforF("Get data from: %v", url)
	270	+	content := core.SendGET(url, options)
	271	+	doc, err := goquery.NewDocumentFromReader(strings.NewReader(content))
	272	+	if err != nil {
	273	+	return result
	274	+	}
	275	+
	276	+	// searching for data
	277	+	asn := doc.Find(".tool-results-heading").Text()
	278	+	if asn != "" {
	279	+	result = append(result, strings.TrimSpace(asn))
	280	+	}
	281	+
	282	+	return result
	283	+	}
	284	+

■ ■ ■ ■ ■ ■

modules/netblock_test.go

		skipped 59 lines
60	60		}
61	61		}
62	62
	63	+
	64	+	func TestASNFromIP(t *testing.T) {
	65	+	var options core.Options
	66	+	options.Net.IP = "168.120.1.1"
	67	+	result := ASNFromIP(options)
	68	+	if len(result) == 0 {
	69	+	t.Errorf("Error ASNLookup")
	70	+	}
	71	+	}
	72	+
	73	+

■ ■ ■ ■ ■ ■

modules/search.go

		skipped 108 lines
109	109		"AcceptLang": "en-US,en;q=0.8",
110	110		"X-Requested-With": "XMLHttpRequest",
111	111		}
112		-	res, _ := core.JustSend(options, "GET", url, headers)
	112	+	res, _ := core.JustSend(options, "GET", url, headers, "")
113	113		content := res.Body
114	114
115	115		var result []string
		skipped 19 lines

Small improve on net and Added cve command