update to the gist lookup search, multiple regexs will be tried in order to further try and discover some information

This commit is contained in:
ekultek 2017-11-21 12:39:51 -06:00
parent 47b4789756
commit 2f250a5a2d
2 changed files with 31 additions and 14 deletions

View file

@ -56,7 +56,7 @@ fde5445df5d77d245656adea96673cfa ./lib/firewall/squid.py
95b908a21c0ff456ae59df4c6c189c54 ./lib/firewall/wallarm.py
6ea65a0160c21e144e92334acc2e3667 ./lib/firewall/anquanbao.py
ad238be8225c2791d82d4c7582afe820 ./lib/firewall/generic.py
4f359db78f12132482f78a7426ea82df ./lib/attacks/gist_lookup/__init__.py
746f201907050843889975ace2dc66db ./lib/attacks/gist_lookup/__init__.py
566dc051ce3ac8b877a530fa53f47c66 ./lib/attacks/clickjacking_scan/__init__.py
d41d8cd98f00b204e9800998ecf8427e ./lib/attacks/__init__.py
4fd64046da32edb2cefa6ba5f3ff5848 ./lib/attacks/sqlmap_scan/__init__.py
@ -71,7 +71,7 @@ fa40d9681c7c3024bd50ad12ef231d6d ./lib/attacks/nmap_scan/__init__.py
833a08e289a14935e476742ec3a27e81 ./lib/core/common.py
1faa2b5dfad6eb538bbfe42942d2a9da ./lib/core/errors.py
d41d8cd98f00b204e9800998ecf8427e ./lib/core/__init__.py
ba959a1d132f9f257279c255898841c4 ./lib/core/settings.py
922da57ee1f9d9ba492484bcdde4eff7 ./lib/core/settings.py
d41d8cd98f00b204e9800998ecf8427e ./var/google_search/__init__.py
ebe79f9647d78d519a0307aaaab1e425 ./var/google_search/search.py
d41d8cd98f00b204e9800998ecf8427e ./var/__init__.py

View file

@ -23,6 +23,10 @@ def __check_remaining_rate_limit():
"user-agent (IE --proxy socks5://127.0.0.1:9050 --random-agent)...", level=40
))
lib.core.common.shutdown()
else:
lib.core.settings.logger.warning(lib.core.settings.set_color(
"you have {} unauthenticated requests remaining...".format(remaining), level=30
))
def get_raw_data(page_set, proxy=None, agent=None, verbose=False):
@ -63,10 +67,23 @@ def get_raw_data(page_set, proxy=None, agent=None, verbose=False):
def check_files_for_information(found_url, data_to_search):
"""
check the files to see if they contain any of the information you specified
check the files to see if they contain any of the information that was specified
"""
# create a regex to search the data
data_regex = re.compile(data_to_search, re.I)
# create multiple regex types to ensure that we cover all our
# bases while we do the searching.
# this will make it so that if there is a match anywhere
# in anything, we'll find it.
if "www" in data_to_search:
# we need to create the query to be just the domain name
data_to_search = data_to_search.split(".")[1]
data_regex_schema = (
re.compile(r"{}".format(data_to_search), re.I), # a regular match
re.compile(r"(http(s)?)(.//)?{}".format(data_to_search), re.I), # match a URL containing our string
re.compile(r"(.)?{}(.)?".format(data_to_search), re.I), # if it has anything around it
re.compile(r"\b{}".format(data_to_search), re.I), # single boundary match
re.compile(r"\b{}\b".format(data_to_search), re.I), # double boundary match
re.compile(r"{}*".format(data_to_search), re.I) # wildcard match
)
total_found = set()
try:
data = requests.get(found_url)
@ -76,15 +93,15 @@ def check_files_for_information(found_url, data_to_search):
))
time.sleep(3)
data = requests.get(found_url)
if data_regex.search(data.content) is not None:
lib.core.settings.logger.info(lib.core.settings.set_color(
"found a match with given specifics, saving full Gist to log file..."
))
total_found.add(found_url)
lib.core.common.write_to_log_file(
data.content, lib.core.settings.GIST_MATCH_LOG, lib.core.settings.GIST_FILENAME
)
for data_regex in data_regex_schema:
if data_regex.search(data.content) is not None:
lib.core.settings.logger.info(lib.core.settings.set_color(
"found a match with given specifics, saving full Gist to log file...", level=25
))
total_found.add(found_url)
lib.core.common.write_to_log_file(
data.content, lib.core.settings.GIST_MATCH_LOG, lib.core.settings.GIST_FILENAME
)
return len(total_found)