crash.software
Projects
Pull Requests
Issues
Builds
metabigor
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY metabigor Commits e82a72eb
🤬
  • ■ ■ ■ ■ ■
    cmd/ip.go
    skipped 84 lines
    85 85   var data []string
    86 86   core.BannerF(fmt.Sprintf("Search on %v for: ", options.Search.Source), input)
    87 87   if options.Search.Source == "all" {
    88  - options.Search.Source = "ony,shodan"
     88 + options.Search.Source = "ony,shodan,trails"
    89 89   }
    90 90   options.Search.Query = input
    91 91   
    skipped 5 lines
    97 97   if strings.Contains(options.Search.Source, "sho") {
    98 98   data = append(data, modules.Shodan(options.Search.Query, options)...)
    99 99   }
     100 + //
     101 + //if strings.Contains(options.Search.Source, "trail") || strings.Contains(options.Search.Source, "sec") {
     102 + // data = append(data, modules.SecurityTrails(options.Search.Query, options)...)
     103 + //}
    100 104   
    101 105   return data
    102 106  }
    skipped 1 lines
  • ■ ■ ■ ■ ■
    cmd/scan.go
    skipped 26 lines
    27 27   scanCmd.Flags().BoolP("flat", "f", true, "format output like this: 1.2.3.4:443")
    28 28   scanCmd.Flags().BoolP("nmap", "n", false, "Use nmap instead of masscan for overview scan")
    29 29   scanCmd.Flags().BoolP("zmap", "z", false, "Only scan range with zmap")
    30  - 
    31 30   scanCmd.Flags().BoolP("skip-masscan", "s", false, "run nmap from input format like this: 1.2.3.4:443")
     31 + 
    32 32   scanCmd.Flags().StringP("script", "S", "", "nmap scripts")
     33 + scanCmd.Flags().String("nmap-command", "sudo nmap -sSV -p {{.ports}} {{.input}} {{.script}} -T4 --open -oA {{.output}}", "Nmap template command to run")
    33 34   scanCmd.Flags().StringP("grep", "g", "", "match string to confirm script success")
    34 35   // only parse scan
    35 36   scanCmd.Flags().StringP("result-folder", "R", "", "Result folder")
    skipped 3 lines
    39 40  }
    40 41   
    41 42  func runScan(cmd *cobra.Command, _ []string) error {
     43 + options.Scan.NmapTemplate, _ = cmd.Flags().GetString("nmap-command")
    42 44   options.Scan.NmapScripts, _ = cmd.Flags().GetString("script")
    43 45   options.Scan.GrepString, _ = cmd.Flags().GetString("grep")
    44 46   options.Scan.Ports, _ = cmd.Flags().GetString("ports")
    skipped 215 lines
  • ■ ■ ■ ■
    core/common.go
    skipped 81 lines
    82 82   
    83 83  // ErrorF print good message
    84 84  func ErrorF(format string, args ...interface{}) {
    85  - good := color.RedString("[-]")
     85 + good := color.RedString("ERROR")
    86 86   fmt.Fprintf(os.Stderr, "%s %s\n", good, fmt.Sprintf(format, args...))
    87 87  }
    88 88   
  • ■ ■ ■ ■ ■
    core/options.go
    skipped 24 lines
    25 25  type ScanOptions struct {
    26 26   Ports string
    27 27   Rate string
     28 + NmapTemplate string
    28 29   NmapOverview bool
    29 30   ZmapOverview bool
    30 31   Detail bool
    skipped 52 lines
  • ■ ■ ■ ■ ■ ■
    modules/ip.go
    skipped 178 lines
    179 179   return info
    180 180  }
    181 181   
     182 +// SecurityTrails get IPInfo from https://securitytrails.com/list/ip/196.3.50.77
     183 +func SecurityTrails(query string, options core.Options) []string {
     184 + url := fmt.Sprintf(`https://securitytrails.com/list/ip/%v`, query)
     185 + var result []string
     186 + core.InforF("Get data from: %v", url)
     187 + content := core.RequestWithChrome(url,"root" ,options.Timeout)
     188 + if content == "" {
     189 + core.DebugF("Error in sending to SecurityTrails")
     190 + return result
     191 + }
     192 + datas := ParseSecurityTrails(content)
     193 + for key, value := range datas {
     194 + result = append(result, fmt.Sprintf("[securitytrails] %v %v|%v", query, key, value))
     195 + }
     196 + return result
     197 +}
     198 + 
     199 +// ParseSecurityTrails parsing data from Onyphe
     200 +func ParseSecurityTrails(content string) []map[string]string {
     201 + var result []map[string]string
     202 + doc, err := goquery.NewDocumentFromReader(strings.NewReader(content))
     203 + if err != nil {
     204 + core.DebugF("Error parsing HTML")
     205 + return result
     206 + }
     207 + 
     208 + // searching for data
     209 + doc.Find("table").Each(func(i int, s *goquery.Selection) {
     210 + info := make(map[string]string)
     211 + //text := s.Text()
     212 + // basic info part
     213 + s.Find("tr").Each(func(i int, tr *goquery.Selection) {
     214 + text := tr.Text()
     215 + if len(text) > 2 && !strings.Contains(text, "www") && !strings.Contains(text, "apex_domain") {
     216 + info["data"] = text[1:]
     217 + return
     218 + }
     219 + 
     220 + })
     221 + result = append(result, info)
     222 + })
     223 + 
     224 + return result
     225 +}
     226 + 
    182 227  // CertsInfo get cert info
    183 228  func CertsInfo(query string, rports string) string {
    184 229   var certs cert.Certs
    skipped 27 lines
  • ■ ■ ■ ■ ■ ■
    modules/scan.go
    1 1  package modules
    2 2   
    3 3  import (
     4 + "bytes"
    4 5   "fmt"
    5 6   "io/ioutil"
    6 7   "os/exec"
    7 8   "path/filepath"
    8 9   "strings"
     10 + "text/template"
    9 11   
    10 12   jsoniter "github.com/json-iterator/go"
    11 13   
    skipped 53 lines
    65 67   return realResult
    66 68  }
    67 69   
     70 +type nmap struct {
     71 +}
     72 + 
    68 73  // RunNmap run nmap command and return list of port open
    69 74  func RunNmap(input string, ports string, options core.Options) []string {
    70 75   // use nmap as overview scan
    skipped 9 lines
    80 85   tmpFile, _ = ioutil.TempFile(nmapOutput, fmt.Sprintf("nmap-%v-*", core.StripPath(input)))
    81 86   }
    82 87   nmapOutput = tmpFile.Name()
    83  - nmapCmd := fmt.Sprintf("sudo nmap -sSV -p %v %v -T4 --open -oA %v", ports, input, nmapOutput)
     88 + 
     89 + // build nmap command
     90 + nmapCommand := make(map[string]string)
     91 + nmapCommand["output"] = nmapOutput
     92 + nmapCommand["ports"] = ports
     93 + nmapCommand["input"] = input
    84 94   if options.Scan.NmapScripts != "" {
    85  - nmapCmd = fmt.Sprintf("sudo nmap -sSV -p %v %v -T4 --open --script %v -oA %v", ports, input, options.Scan.NmapScripts, nmapOutput)
     95 + nmapCommand["script"] = fmt.Sprintf("--script %v", options.Scan.NmapScripts)
     96 + } else {
     97 + nmapCommand["script"] = ""
    86 98   }
     99 + nmapCmd := ResolveData(options.Scan.NmapTemplate, nmapCommand)
     100 + //
     101 + //nmapCmd := fmt.Sprintf("sudo nmap -sSV -p %v %v -T4 --open -oA %v", ports, input, nmapOutput)
     102 + //if options.Scan.NmapScripts != "" {
     103 + // nmapCmd = fmt.Sprintf("sudo nmap -sSV -p %v %v --script %v -T4 --open -oA %v", ports, input, options.Scan.NmapScripts, nmapOutput)
     104 + //}
     105 + 
    87 106   core.DebugF("Execute: %v", nmapCmd)
    88 107   command := []string{
    89 108   "bash",
    skipped 104 lines
    194 213   return result
    195 214  }
    196 215   
     216 +// ResolveData resolve template from signature file
     217 +func ResolveData(format string, data map[string]string) string {
     218 + t := template.Must(template.New("").Parse(format))
     219 + buf := &bytes.Buffer{}
     220 + err := t.Execute(buf, data)
     221 + if err != nil {
     222 + return format
     223 + }
     224 + return buf.String()
     225 +}
     226 + 
Please wait...
Page is in error, reload to recover