STRLCPY/pentest-tools

review&license&readme
Gwen committed 1 year ago

47988220

1 parent 180174d4

■ ■ ■ ■ ■ ■

README.md

		skipped 72 lines
73	73		Generates Google dorks for a given domain (searches are not performed).
74	74
75	75		## hashall.php
76		-	Uses about 40 algoritmes to hash a given string.
	76	+	Uses about 40 algorithms to hash a given string.
77	77
78	78		## ip-converter.php
79	79		Converts a given IP address to different format, see [Nicolas Grégoire presentation](https://www.agarri.fr/docs/AppSecEU15-Server_side_browsing_considered_harmful.pdf).
80	80
81		-
82		-
83		-
84		-
85		-
86		-
87	81		## ip-listing.php
88		-	A script that generates IP address from the start to the end.
89		-
	82	+	Generates a list of IPs addresses from the given start to the given end, range and mask supported.
90	83
91	84		## mass_axfr.sh
92		-	A script that test Zone Transfer on a given list of domains using [Fierce](https://github.com/mschwager/fierce).
93		-
	85	+	Mass test zone transfer on a given list of domains.
94	86
95	87		## mass-smtp-user-enum-bruteforce.sh
96		-	A script that perform SMTP user enumeration on a given list of IP address using [smtp-user-enum](https://github.com/pentestmonkey/smtp-user-enum)
	88	+	Performs SMTP user enumeration on a given list of IP address using [smtp-user-enum](https://github.com/pentestmonkey/smtp-user-enum).
97	89
	90	+	## mass-smtp-user-enum-check.sh
	91	+	Tests if SMTP user enumeration is possible on a given list of IP address using [smtp-user-enum](https://github.com/pentestmonkey/smtp-user-enum).
98	92
99		-	## mass-smtp-user-enum-check.sh
100		-	A script that simply test if SMTP user enumeration is possible on a given list of IP address using [smtp-user-enum](https://github.com/pentestmonkey/smtp-user-enum)
	93	+	## mput.py
	94	+	Test PUT method issue on a given list of hosts.
101	95
	96	+	## node-uuid.js
	97	+	Encode/Decode UUID using base36.
102	98
103	99		## nrpe.sh
104		-	A script that test the Nagios Remote Plugin Executor Arbitrary Command Execution using Metasploit.
	100	+	Test Nagios Remote Plugin Executor Arbitrary Command Execution on a given host using Metasploit.
105	101
	102	+	## openredirect.py
	103	+	Test Open Redirect issue on a given list of hosts.
106	104
107	105		## pass-permut.php
108		-	A script that creates words permutation with different separators and output the hashes.
	106	+	Creates words permutation with different separators and output the hashes using about 40 algorithms.
	107	+
	108	+
	109	+
109	110
110	111
111	112		## ping-sweep-nc.sh
		skipped 62 lines

ip-listing.php

Content is identical

■ ■ ■ ■ ■ ■

mass-smtp-user-enum-bruteforce.sh

1	1		#!/bin/bash
2	2
3	3
4		-	source myutils.sh
5		-
6		-
7	4		t_command="VRFY RCPT EXPN";
8	5
9	6		function usage() {
10	7		echo "Usage: "$0" <ip file> <wordlist>"
11	8		if [ -n "$1" ] ; then
12		-	echo "Error: "$1"!"
	9	+	echo "Error: "$1"!"
13	10		fi
14	11		exit
15	12		}
		skipped 34 lines

■ ■ ■ ■ ■ ■

mass-smtp-user-enum-check.sh

1	1		#!/bin/bash
2	2
3	3
4		-	source myutils.sh
5		-
6		-
7	4		t_command="VRFY RCPT EXPN";
8	5
9	6		function usage() {
10	7		echo "Usage: "$0" <ip file>"
11	8		if [ -n "$1" ] ; then
12		-	echo "Error: "$1"!"
	9	+	echo "Error: "$1"!"
13	10		fi
14	11		exit
15	12		}
		skipped 27 lines

■ ■ ■ ■ ■ ■

mass_axfr.sh

1	1		#!/bin/bash
2	2
3	3
4		-
5		-	NC='\033[0m'
6		-	BLACK='0;30'
7		-	RED='0;31'
8		-	GREEN='0;32'
9		-	ORANGE='0;33'
10		-	BLUE='0;34'
11		-	PURPLE='0;35'
12		-	CYAN='0;36'
13		-	LIGHT_GRAY='0;37'
14		-	DARK_GRAY='1;30'
15		-	LIGHT_RED='1;31'
16		-	LIGHT_GREEN='1;32'
17		-	YELLOW='1;33'
18		-	LIGHT_BLUE='1;34'
19		-	LIGHT_PURPLE='1;35'
20		-	LIGHT_CYAN='1;36'
21		-	WHITE='1;37'
22		-
23		-
24		-	function _print() {
25		-	if [ -n "$2" ] ; then
26		-	c=$2
27		-	else
28		-	c='WHITE'
29		-	fi
30		-
31		-	color="\033[${!c}m"
32		-	printf ${color}"$1"
33		-	printf ${NC}
34		-	}
35		-
36		-	dec2ip() {
37		-	local ip dec=$@
38		-	for e in {3..0}
39		-	do
40		-	((octet = dec / (256 ** e) ))
41		-	((dec -= octet * 256 ** e))
42		-	ip+=$delim$octet
43		-	delim=.
44		-	done
45		-	printf '%s\n' "$ip"
46		-	}
47		-
48		-	ip2dec() {
49		-	local a b c d ip=$@
50		-	IFS=. read -r a b c d <<< "$ip"
51		-	printf '%d\n' "$((a * 256 ** 3 + b * 256 ** 2 + c * 256 + d))"
52		-	}
53		-
54		-
55		-
56	4		function usage() {
57	5		echo "Usage: "$0" <domain_file>"
58	6		if [ -n "$1" ] ; then
		skipped 13 lines
72	20		fi
73	21
74	22		n=0
	23	+	i=0
	24	+	total=$(cat $file \| wc -l \| tr -d [:space:])
75	25		domains=$(cat $file)
76		-	#domains=$(cat $file \| sort -fu)
77		-	echo "Running "$(cat $file \| wc -l)" zone transfer..."
	26	+	echo "Trying $total zone transfer..."
78	27		echo
79	28
80	29		for d in $domains ; do
81		-	echo -ne " \r"
82		-	echo -ne $d"\r"
83		-	axfr=`host -t axfr $d \| grep 'Transfer failed' &`
84		-	if [ ! -n "$axfr" ] ; then
85		-	_print "$d successful!" GREEN
86		-	echo
87		-	n=$[$n+1]
	30	+	i=$[$i+1]
	31	+	echo -ne " [$i/$total] $d\r"
	32	+
	33	+	host=$(host -t NS $d)
	34	+	has_ns=$(echo $host \| grep " name server ")
	35	+
	36	+	if [ -n "$has_ns" ] ; then
	37	+	ns=$(echo $host \| awk '{print $NF}' \| sed "s/\.$//")
	38	+
	39	+	for nnss in $(echo $ns) ; do
	40	+	axfr=`timeout 3 host -4 -W 1 -t axfr $d $nnss \| grep ";; ANSWER SECTION:"`
	41	+	# axfr=`timeout 3 host -4 -W 1 -t ixfr $d $nnss \| grep ";; ANSWER SECTION:"`
	42	+	if [ -n "$axfr" ] ; then
	43	+	printf "\033[0;32m [$i/$total] $d successful\033[0m"
	44	+	echo
	45	+	n=$[$n+1]
	46	+	fi
	47	+	# axfr=`host -4 -W 1 -t axfr $d $nnss`
	48	+	# failed=`echo "$axfr" \| grep 'Transfer failed'`
	49	+	# timeout=`echo "$axfr" \| grep 'timed out'`
	50	+	# error=`echo "$axfr" \| grep 'communications error'`
	51	+
	52	+	# if [ ! -n "$timeout" ] ; then
	53	+	# if [ ! -n "$error" ] ; then
	54	+	# if [ ! -n "$failed" ] ; then
	55	+	# _print "$d successful!" GREEN
	56	+	# echo
	57	+	# n=$[$n+1]
	58	+	# fi
	59	+	# fi
	60	+	# fi
	61	+	done
88	62		fi
89		-	# axfr=`fierce -tcptimeout 3 -dns $d -wordlist /tmp/null \| grep 'Whoah, it worked' &`
90		-	# if [ -n "$axfr" ] ; then
91		-	# _print "$d successful!" GREEN
92		-	# echo
93		-	# n=$[$n+1]
94		-	# fi
	63	+
	64	+	echo -ne " \r"
95	65		done
96	66
97	67		echo
98		-	echo
99		-	echo $n" zone transfer performed."
	68	+	echo $n" zone transfer successful."
100	69		echo
101	70
102	71		exit
103	72
	73	+
	74	+
	75	+
	76	+	# #!/bin/bash
	77	+
	78	+
	79	+
	80	+	# NC='\033[0m'
	81	+	# BLACK='0;30'
	82	+	# RED='0;31'
	83	+	# GREEN='0;32'
	84	+	# ORANGE='0;33'
	85	+	# BLUE='0;34'
	86	+	# PURPLE='0;35'
	87	+	# CYAN='0;36'
	88	+	# LIGHT_GRAY='0;37'
	89	+	# DARK_GRAY='1;30'
	90	+	# LIGHT_RED='1;31'
	91	+	# LIGHT_GREEN='1;32'
	92	+	# YELLOW='1;33'
	93	+	# LIGHT_BLUE='1;34'
	94	+	# LIGHT_PURPLE='1;35'
	95	+	# LIGHT_CYAN='1;36'
	96	+	# WHITE='1;37'
	97	+
	98	+
	99	+	# function _print() {
	100	+	# if [ -n "$2" ] ; then
	101	+	# c=$2
	102	+	# else
	103	+	# c='WHITE'
	104	+	# fi
	105	+
	106	+	# color="\033[${!c}m"
	107	+	# printf ${color}"$1"
	108	+	# printf ${NC}
	109	+	# }
	110	+
	111	+	# dec2ip() {
	112	+	# local ip dec=$@
	113	+	# for e in {3..0}
	114	+	# do
	115	+	# ((octet = dec / (256 ** e) ))
	116	+	# ((dec -= octet * 256 ** e))
	117	+	# ip+=$delim$octet
	118	+	# delim=.
	119	+	# done
	120	+	# printf '%s\n' "$ip"
	121	+	# }
	122	+
	123	+	# ip2dec() {
	124	+	# local a b c d ip=$@
	125	+	# IFS=. read -r a b c d <<< "$ip"
	126	+	# printf '%d\n' "$((a * 256 ** 3 + b * 256 ** 2 + c * 256 + d))"
	127	+	# }
	128	+
	129	+
	130	+
	131	+	# function usage() {
	132	+	# echo "Usage: "$0" <domain_file>"
	133	+	# if [ -n "$1" ] ; then
	134	+	# echo "Error: "$1"!"
	135	+	# fi
	136	+	# exit
	137	+	# }
	138	+
	139	+	# if [ ! $# -eq 1 ] ; then
	140	+	# usage
	141	+	# fi
	142	+
	143	+	# file=$1
	144	+
	145	+	# if [ ! -f $file ] ; then
	146	+	# usage "file not found"
	147	+	# fi
	148	+
	149	+	# n=0
	150	+	# domains=$(cat $file)
	151	+	# #domains=$(cat $file \| sort -fu)
	152	+	# echo "Running "$(cat $file \| wc -l)" zone transfer..."
	153	+	# echo
	154	+
	155	+	# for d in $domains ; do
	156	+	# echo -ne " \r"
	157	+	# echo -ne $d"\r"
	158	+	# axfr=`host -t axfr $d \| grep 'Transfer failed' &`
	159	+	# if [ ! -n "$axfr" ] ; then
	160	+	# _print "$d successful!" GREEN
	161	+	# echo
	162	+	# n=$[$n+1]
	163	+	# fi
	164	+	# # axfr=`fierce -tcptimeout 3 -dns $d -wordlist /tmp/null \| grep 'Whoah, it worked' &`
	165	+	# # if [ -n "$axfr" ] ; then
	166	+	# # _print "$d successful!" GREEN
	167	+	# # echo
	168	+	# # n=$[$n+1]
	169	+	# # fi
	170	+	# done
	171	+
	172	+	# echo
	173	+	# echo
	174	+	# echo $n" zone transfer performed."
	175	+	# echo
	176	+
	177	+	# exit
	178	+

■ ■ ■ ■ ■ ■

mass_axfr2.sh

1	-	#!/bin/bash
2	-
3	-
4	-	function usage() {
5	-	echo "Usage: "$0" <domain_file>"
6	-	if [ -n "$1" ] ; then
7	-	echo "Error: "$1"!"
8	-	fi
9	-	exit
10	-	}
11	-
12	-	if [ ! $# -eq 1 ] ; then
13	-	usage
14	-	fi
15	-
16	-	file=$1
17	-
18	-	if [ ! -f $file ] ; then
19	-	usage "file not found"
20	-	fi
21	-
22	-	n=0
23	-	i=0
24	-	total=$(cat $file \| wc -l \| tr -d [:space:])
25	-	domains=$(cat $file)
26	-	echo "Trying $total zone transfer..."
27	-	echo
28	-
29	-	for d in $domains ; do
30	-	i=$[$i+1]
31	-	echo -ne " [$i/$total] $d\r"
32	-
33	-	host=$(host -t NS $d)
34	-	has_ns=$(echo $host \| grep " name server ")
35	-
36	-	if [ -n "$has_ns" ] ; then
37	-	ns=$(echo $host \| awk '{print $NF}' \| sed "s/\.$//")
38	-
39	-	for nnss in $(echo $ns) ; do
40	-	axfr=`timeout 3 host -4 -W 1 -t axfr $d $nnss \| grep ";; ANSWER SECTION:"`
41	-	# axfr=`timeout 3 host -4 -W 1 -t ixfr $d $nnss \| grep ";; ANSWER SECTION:"`
42	-	if [ -n "$axfr" ] ; then
43	-	printf "\033[0;32m [$i/$total] $d successful\033[0m"
44	-	echo
45	-	n=$[$n+1]
46	-	fi
47	-	# axfr=`host -4 -W 1 -t axfr $d $nnss`
48	-	# failed=`echo "$axfr" \| grep 'Transfer failed'`
49	-	# timeout=`echo "$axfr" \| grep 'timed out'`
50	-	# error=`echo "$axfr" \| grep 'communications error'`
51	-
52	-	# if [ ! -n "$timeout" ] ; then
53	-	# if [ ! -n "$error" ] ; then
54	-	# if [ ! -n "$failed" ] ; then
55	-	# _print "$d successful!" GREEN
56	-	# echo
57	-	# n=$[$n+1]
58	-	# fi
59	-	# fi
60	-	# fi
61	-	done
62	-	fi
63	-
64	-	echo -ne " \r"
65	-	done
66	-
67	-	echo
68	-	echo $n" zone transfer successful."
69	-	echo
70	-
71	-	exit
72	-

■ ■ ■ ■ ■ ■

multiple-host.php

1	-	<?php
2	-
3	-	$n_child = 0;
4	-	$max_child = 10;
5	-	$loop_sleep = 100000;
6	-	$t_process = [];
7	-	$t_signal_queue = [];
8	-
9	-	// http://stackoverflow.com/questions/16238510/pcntl-fork-results-in-defunct-parent-process
10	-	// Thousand Thanks!
11	-	function signal_handler( $signal, $pid=null, $status=null )
12	-	{
13	-	global $n_child, $t_process, $t_signal_queue;
14	-
15	-	// If no pid is provided, Let's wait to figure out which child process ended
16	-	$pid = (int)$pid;
17	-	if( !$pid ){
18	-	$pid = pcntl_waitpid( -1, $status, WNOHANG );
19	-	}
20	-
21	-	// Get all exited children
22	-	while( $pid > 0 )
23	-	{
24	-	if( $pid && isset($t_process[$pid]) ) {
25	-	// I don't care about exit status right now.
26	-	// $exitCode = pcntl_wexitstatus($status);
27	-	// if($exitCode != 0){
28	-	// echo "$pid exited with status ".$exitCode."\n";
29	-	// }
30	-	// Process is finished, so remove it from the list.
31	-	$n_child--;
32	-	unset( $t_process[$pid] );
33	-	}
34	-	elseif( $pid ) {
35	-	// Job finished before the parent process could record it as launched.
36	-	// Store it to handle when the parent process is ready
37	-	$t_signal_queue[$pid] = $status;
38	-	}
39	-
40	-	$pid = pcntl_waitpid( -1, $status, WNOHANG );
41	-	}
42	-
43	-	return true;
44	-	}
45	-
46	-
47	-	posix_setsid();
48	-	declare( ticks=1 );
49	-	pcntl_signal( SIGCHLD, 'signal_handler' );
50	-
51	-	$ssl_enable = true;
52	-	$t_status_colors = [
53	-	0 => 'light_grey',
54	-	200 => 'light_green',
55	-	301 => 'blue',
56	-	302 => 'blue',
57	-	307 => 'blue',
58	-	400 => 'light_grey',
59	-	401 => 'purple',
60	-	403 => 'purple',
61	-	410 => 'purple',
62	-	404 => 'red',
63	-	500 => 'light_grey',
64	-	503 => 'light_grey',
65	-	];
66	-
67	-
68	-	include( 'Utils.php' );
69	-
70	-	$t_host = file( $_SERVER['argv'][1], FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES );
71	-	$t_request = file( $_SERVER['argv'][2], FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES );
72	-	$t_regexp = array_slice( $_SERVER['argv'], 3 );
73	-	/*
74	-	var_dump( $t_host );
75	-	var_dump( $t_request );
76	-	var_dump( $t_regexp );
77	-	*/
78	-	$n_request = 0;
79	-
80	-	foreach( $t_request as $r )
81	-	{
82	-	foreach( $t_host as $h )
83	-	{
84	-	if( $n_child < $max_child )
85	-	{
86	-	$pid = pcntl_fork();
87	-
88	-	if( $pid == -1 ) {
89	-	// fork error
90	-	} elseif( $pid ) {
91	-	// father
92	-	$n_request++;
93	-	$n_child++;
94	-	$t_process[$pid] = uniqid();
95	-	if( isset($t_signal_queue[$pid]) ){
96	-	$signal_handler( SIGCHLD, $pid, $t_signal_queue[$pid] );
97	-	unset( $t_signal_queue[$pid] );
98	-	}
99	-	} else {
100	-	// child process
101	-	usleep( $loop_sleep );
102	-	ob_start();
103	-	$http_code = (int)go( $r, $h );
104	-	$result = ob_get_contents();
105	-	ob_end_clean();
106	-	if( $http_code == 200 \|\| $http_code=302 ) {
107	-	echo $result;
108	-	}
109	-	unset( $http_code );
110	-	exit( 0 );
111	-	}
112	-	}
113	-
114	-	usleep( $loop_sleep );
115	-	}
116	-	}
117	-
118	-	echo $n_request." requests performed!\n";
119	-
120	-
121	-	function go( $r, $h )
122	-	{
123	-	global $t_regexp, $t_status_colors, $ssl_enable;
124	-
125	-	$url = 'http'.($ssl_enable ? 's': '').'://'.$h.'/'.ltrim($r,'/');
126	-
127	-	$c = curl_init();
128	-	curl_setopt( $c, CURLOPT_URL, $url );
129	-	curl_setopt( $c, CURLOPT_HEADER, false );
130	-	curl_setopt( $c, CURLOPT_TIMEOUT, 3 );
131	-	curl_setopt( $c, CURLOPT_FOLLOWLOCATION, false );
132	-	curl_setopt( $c, CURLOPT_RETURNTRANSFER, true );
133	-	curl_setopt( $c, CURLOPT_HTTPHEADER, ['User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0','Cookie: xxxxxxx'] );
134	-	$result = curl_exec( $c );
135	-	$t_info = curl_getinfo( $c );
136	-	curl_close( $c );
137	-
138	-	/*if( $t_info['http_code'] == 200 ) {
139	-	echo $result;
140	-	}*/
141	-
142	-	echo $url."\n";
143	-	echo 'HTTP Code: ';
144	-	Utils::_print( $t_info['http_code'], $t_status_colors[ $t_info['http_code'] ] );
145	-	echo ', Length: ';
146	-	Utils::_print( strlen($result), 'yellow' );
147	-	echo "\n";
148	-
149	-	foreach( $t_regexp as $e )
150	-	{
151	-	$regexp = '#'.$e.'#i';
152	-	$a = preg_match( $regexp, $result, $matches );
153	-
154	-	if( $a ) {
155	-	$color = 'green';
156	-	} else {
157	-	$color = 'light_grey';
158	-	}
159	-
160	-	Utils::_print( $e, $color );
161	-	echo ' , ';
162	-	}
163	-
164	-	echo "\n";
165	-
166	-	return $t_info['http_code'];
167	-	}
168	-
169	-	exit();
170	-
171	-	?>

■ ■ ■ ■ ■ ■

myrecon.sh

1	-	#!/bin/bash
2	-
3	-
4	-	function usage() {
5	-	echo "Usage: "$0" <domain>"
6	-	if [ -n "$1" ] ; then
7	-	echo "Error: "$1"!"
8	-	fi
9	-	exit
10	-	}
11	-
12	-	function unique_file() {
13	-	f=$1
14	-	f_tmp=/tmp/tmp.tmp
15	-	cat $f \| sort -fu > $f_tmp
16	-	mv $f_tmp $f
17	-	}
18	-
19	-	function count_file() {
20	-	f=$1
21	-	w=$2
22	-	if [ $# -eq 2 ] ; then
23	-	cnt=`cat $f \| egrep "$w" \| wc -l \| cut -d ' ' -f 1`
24	-	else
25	-	cnt=`wc -l $f \| cut -d ' ' -f 1`
26	-	fi
27	-	}
28	-
29	-
30	-	if ! [ $# -eq 1 ] ; then
31	-	usage
32	-	fi
33	-
34	-	domain=$1
35	-	domdom=`echo $domain \| cut -d '.' -f 1`
36	-	echo "Domain: $domain"
37	-	path="$HOME/aquatone/$domain"
38	-	screen_path="$HOME/aquatone/$domain/screens"
39	-	echo "Path: $path"
40	-
41	-
42	-
43	-	f_tmp="$path/tmp.txt"
44	-	f_host="$path/hosts.txt"
45	-	f_ip="$path/ips.txt"
46	-	f_ip_host="$path/ips_hosts.txt"
47	-	f_url="$path/urls.txt"
48	-	f_bucket="$path/buckets.txt"
49	-	f_techno="$path/technology.txt"
50	-	f_all="$path/all.txt"
51	-
52	-	if ! [ -d $path ] ; then
53	-	mkdir -p $path
54	-	fi
55	-
56	-	if ! [ -d $screen_path ] ; then
57	-	mkdir -p $screen_path
58	-	fi
59	-
60	-	rm $f_tmp 2>/dev/null
61	-	rm $f_host 2>/dev/null
62	-	rm $f_ip 2>/dev/null
63	-	rm $f_ip_host 2>/dev/null
64	-	rm $f_url 2>/dev/null
65	-	rm $f_bucket 2>/dev/null
66	-	rm $f_technology 2>/dev/null
67	-	rm $f_all 2>/dev/null
68	-	rm $screen_path/* 2>/dev/null
69	-
70	-
71	-
72	-	echo
73	-	echo "## Hosts recon"
74	-
75	-	#echo "Running subfinder..."
76	-	#tmp="$path/tmp_subfinder.txt"
77	-	#subfinder -d $domain > $tmp
78	-	#if [ -f $tmp ] ; then
79	-	# cat $tmp \| tr '[:upper:]' '[:lower:]' \| egrep -o "[a-z0-9_\.\-]+\.$domain" > $f_host
80	-	#fi
81	-
82	-	echo "Running sublist3r..."
83	-	tmp="$path/tmp_sublist3r.txt"
84	-	sublist3r -d $domain -o $f_host 1>/dev/null
85	-
86	-
87	-
88	-	echo "Running amass..."
89	-	tmp="$path/tmp_amass.txt"
90	-	amass -active -d $domain > $tmp
91	-	if [ -f $tmp ] ; then
92	-	cat $tmp \| tr '[:upper:]' '[:lower:]' \| egrep -o "[a-z0-9_\.\-]+\.$domain" > $f_host
93	-	fi
94	-
95	-	unique_file $f_host
96	-	count_file $f_host
97	-	echo $cnt hosts found
98	-
99	-	if [ $cnt -eq 0 ] ; then
100	-	echo
101	-	echo "Exiting!"
102	-	echo
103	-	exit
104	-	fi
105	-
106	-
107	-
108	-	echo
109	-	echo "## IPs recon"
110	-
111	-	echo "Running host..."
112	-	tmp="$path/tmp_host.txt"
113	-	rm $tmp 2>/dev/null
114	-	for h in `cat $f_host` ; do
115	-	hh=`host $h`
116	-	echo "$hh" >> $tmp
117	-	echo >> $tmp
118	-	echo >> $tmp
119	-	for ip in `echo $hh \| grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b"` ; do
120	-	echo "$ip;;$h" >> $f_ip_host
121	-	echo $ip >> $f_ip
122	-	done
123	-	done
124	-
125	-	unique_file $f_ip
126	-	count_file $f_ip
127	-	echo $cnt ips found
128	-
129	-	if [ $cnt -eq 0 ] ; then
130	-	echo
131	-	echo "Exiting!"
132	-	echo
133	-	exit
134	-	fi
135	-
136	-
137	-	cat $f_ip >> $f_all
138	-	cat $f_host >> $f_all
139	-
140	-	echo "Running masscan..."
141	-	tmp="$path/tmp_masscan.txt"
142	-	sudo masscan -p0-65535 -v --rate 50000 -iL $f_ip -oX $tmp 2>/dev/null
143	-	#cat $tmp \| grep -v "#masscan" \| grep -v "# end" > $f_tmp
144	-	#mv $f_tmp $tmp
145	-	count_file $tmp "</host>"
146	-	echo $cnt ports found
147	-
148	-	if [ $cnt -eq 0 ] ; then
149	-	echo
150	-	echo "Exiting!"
151	-	echo
152	-	exit
153	-	fi
154	-
155	-
156	-
157	-	echo "Creating urls..."
158	-	SAVEIFS=$IFS
159	-	IFS=$(echo -en "\n\b")
160	-
161	-	for l in `cat $tmp \| grep "</host>"` ; do
162	-	ip=`echo $l \| awk '{print $3 $6}' \| cut -d '"' -f 2`
163	-	port=`echo $l \| awk '{print $3 $6}' \| cut -d '"' -f 4`
164	-	#echo $ip":"$port
165	-
166	-	for ip_h in `grep "^$ip;;" $f_ip_host` ; do
167	-	host=`echo $ip_h \| awk -F ';;' '{print $2}'`
168	-	if [ $port -eq 80 ] ; then
169	-	echo "http://$ip" >> $f_url
170	-	echo "http://$host" >> $f_url
171	-	else
172	-	if [ $port -eq 443 ] ; then
173	-	echo "https://$ip" >> $f_url
174	-	echo "https://$host" >> $f_url
175	-	else
176	-	echo "http://$ip:$port" >> $f_url
177	-	echo "https://$ip:$port" >> $f_url
178	-	echo "http://$host:$port" >> $f_url
179	-	echo "https://$host:$port" >> $f_url
180	-	fi
181	-	fi
182	-	done
183	-	done
184	-
185	-	IFS=$SAVEIFS
186	-
187	-	count_file $f_url
188	-	echo $cnt urls found
189	-
190	-	if [ $cnt -eq 0 ] ; then
191	-	echo
192	-	echo "Exiting!"
193	-	echo
194	-	exit
195	-	fi
196	-
197	-
198	-
199	-	echo
200	-	echo "## Technology recon"
201	-	echo "Running wappalyzer..."
202	-	for u in $(cat $f_url) ; do
203	-	echo $u >> $f_techno
204	-	echo >> $f_techno
205	-	wappalyzer $u 2>/dev/null >> $f_techno
206	-	echo >> $f_techno
207	-	echo >> $f_techno
208	-	echo >> $f_techno
209	-	done
210	-
211	-
212	-
213	-	echo
214	-	echo "## Visual recon"
215	-	#cd $screen_path
216	-	#echo "Running httpscreenshot..."
217	-	#httpscreenshot -l $f_url --headless -w 10 > /dev/null
218	-	#rm *.html geckodriver.log ghostdriver.log 2>/dev/null
219	-	#EyeWitness -f $f_url --headless --no-prompt 2>&1 > /dev/null
220	-	#echo `find . -name "*.png" \| wc -l` screenshots found
221	-	#cd $path
222	-
223	-	echo "Running aquatone..."
224	-	cat $f_url \| aquatone -ports xlarge -out $path -screenshot-timeout 5000
225	-
226	-
227	-
228	-	echo
229	-	echo "## Testing buckets"
230	-	tmp="$path/tmp_buckets.txt"
231	-	echo "Testing subdomains..."
232	-	s3-buckets-bruteforcer --no-color --detect-region --bucket $f_host --verbosity 1 >> $tmp
233	-	s3-buckets-bruteforcer --no-color --bucket $f_host --verbosity 1 --provider google >> $tmp
234	-	s3-buckets-bruteforcer --no-color --bucket $f_host --verbosity 1 --provider digitalocean >> $tmp
235	-
236	-	echo "Testing *.$domain..."
237	-	s3-buckets-bruteforcer --no-color --thread 50 --detect-region --bucket $domain --prefix /opt/SecLists/Discovery/Web_Content/common.txt --glue "." --verbosity 1 >> $tmp
238	-	echo "Testing $domdom-*..."
239	-	s3-buckets-bruteforcer --no-color --thread 50 --detect-region --bucket $domdom --suffix /opt/SecLists/Discovery/Web_Content/common.txt --glue "-" --verbosity 1 >> $tmp
240	-
241	-	cat $tmp \| grep FOUND \| awk '{print $2}' \| sort -fu > $f_bucket
242	-
243	-
244	-
245	-	echo
246	-	echo "## Discovery"
247	-	echo "Running quick-hits..."
248	-	quick-hits -h $f_all -f /opt/SecLists/mine/myhardw.txt -c -e 200 -d $path -g -o -t 8-30 -s -k
249	-
250	-
251	-
252	-	echo
253	-	echo "## The end."
254	-

■ ■ ■ ■ ■ ■

node-uuid.js

skipped 10 lines
11 11 //const decodedUuid = encoder.decode(encodedUuid);
12 12 //console.log(decodedUuid);
13 13
14 - console.log(encoder.decode('2YeecYwqAodIpe4FO2FbOX'));
15 -

All occurrences

		skipped 10 lines
11	11		//const decodedUuid = encoder.decode(encodedUuid);
12	12		//console.log(decodedUuid);
13	13
14		-	console.log(encoder.decode('2YeecYwqAodIpe4FO2FbOX'));
15		-

review&license&readme