diff --git a/etc/checksum/md5sum.md5 b/etc/checksum/md5sum.md5 index 111f462..39dc4f5 100644 --- a/etc/checksum/md5sum.md5 +++ b/etc/checksum/md5sum.md5 @@ -1,4 +1,4 @@ -b100d6428f04f18100e9358688004abd ./zeus.py +cfaee70f681421c937e735346b61fd5e ./zeus.py 6ad5f22ec4a6f8324bfb1b01ab6d51ec ./etc/scripts/cleanup.sh 155c9482f690f1482f324a7ffd8b8098 ./etc/scripts/fix_pie.sh 0e435c641bc636ac0b3d54e032d9cf6a ./etc/scripts/install_nmap.sh @@ -44,9 +44,9 @@ f746d2867f493104a78d0540cf50c03f ./lib/attacks/intel_me/__init__.py c8fe372b08e7e27fe4e21f5f730f22ec ./lib/attacks/clickjacking_scan/__init__.py 1faa2b5dfad6eb538bbfe42942d2a9da ./lib/core/errors.py d41d8cd98f00b204e9800998ecf8427e ./lib/core/__init__.py -21008b2aa1ff8abacbaa3042c9252640 ./lib/core/settings.py +cf2f33084ee604925738dc2b40f19aee ./lib/core/settings.py d41d8cd98f00b204e9800998ecf8427e ./var/google_search/__init__.py -914ac7cf2e216ca878a5f711a71290a8 ./var/google_search/search.py +5895fefecd3ae3b52e68a490478823bb ./var/google_search/search.py d41d8cd98f00b204e9800998ecf8427e ./var/__init__.py d41d8cd98f00b204e9800998ecf8427e ./var/auto_issue/__init__.py 4506850a02aa18e12bef4efeb760ad9e ./var/auto_issue/github.py diff --git a/lib/core/settings.py b/lib/core/settings.py index e5e8f71..e18227d 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -41,7 +41,7 @@ PATCH_ID = str(subprocess.check_output(["git", "rev-parse", "origin/master"]))[: # clone link CLONE = "https://github.com/ekultek/zeus-scanner.git" # current version -VERSION = "1.1.14.{}".format(PATCH_ID) +VERSION = "1.1.15".format(PATCH_ID) # colors to output depending on the version VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30} # version string formatting diff --git a/var/google_search/search.py b/var/google_search/search.py index 96bf91d..275ba7b 100644 --- a/var/google_search/search.py +++ b/var/google_search/search.py @@ -80,6 +80,65 @@ def bypass_ip_block(url): return unquote(retval) +def set_tor_browser_settings(ff_browser, default_port="9050", **kwargs): + """ + set the Firefox browser settings to mimic the Tor browser + """ + port = kwargs.get("port", None) + verbose = kwargs.get("verbose", False) + user_agent = kwargs.get("agent", None) + if port is not None: + port = port + else: + port = default_port + if verbose: + logger.debug(set_color( + "tor port set to '{}'...".format(port), level=10 + )) + preferences = { + "privacy": [ + # set the privacy settings + ("places.history.enabled", False),\ + ("privacy.clearOnShutdown.offlineApps", True), + ("privacy.clearOnShutdown.passwords", True), + ("privacy.clearOnShutdown.siteSettings", True), + ("privacy.sanitize.sanitizeOnShutdown", True), + ("signon.rememberSignons", False), + ("network.cookie.lifetimePolicy", 2), + ("network.dns.disablePrefetch", True), + ("network.http.sendRefererHeader", 0) + ], + "proxy": [ + # set the proxy settings + ("network.proxy.type", 1), + ("network.proxy.socks_version", 5), + ("network.proxy.socks", '127.0.0.1'), + ("network.proxy.socks_port", int(port)), + ("network.proxy.socks_remote_dns", True) + ], + "javascript": [ + # disabled the javascript settings + ("javascript.enabled", False) + ], + "download": [ + # get a speed increase by not downloading the images + ("permissions.default.image", 2) + ], + "user-agent": [ + # set the user agent settings + ("general.useragent.override", user_agent) + ] + } + for preference in preferences.iterkeys(): + if verbose: + logger.debug(set_color( + "setting '{}' preference(s)...".format(preference), level=10 + )) + for setting in preferences[preference]: + ff_browser.set_preference(setting[0], setting[1]) + return ff_browser + + def extract_webcache_url(webcache_url, splitter="+"): """ extract the true URL from Google's webcache URL's @@ -102,10 +161,16 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): """ query = query.decode('unicode_escape').encode('utf-8') proxy, user_agent = kwargs.get("proxy", None), kwargs.get("user_agent", None) + tor, tor_port = kwargs.get("tor", False), kwargs.get("tor_port", None) if verbose: logger.debug(set_color( "setting up the virtual display to hide the browser...", level=10 )) + if tor: + if "google" in url: + logger.warning(set_color( + "using Google with tor will most likely result in a ban URL...", level=30 + )) ff_display = Display(visible=0, size=(800, 600)) ff_display.start() logger.info(set_color( @@ -127,7 +192,7 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): logger.debug(set_color( "adjusting selenium-webdriver user-agent to '{}'...".format(user_agent), level=10 )) - if proxy is not None: + if not tor and proxy is not None: proxy_type = proxy.keys() proxy_to_use = Proxy({ "proxyType": ProxyType.MANUAL, @@ -146,8 +211,16 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): proxy_to_use = None profile = webdriver.FirefoxProfile() - profile.set_preference("general.useragent.override", user_agent) - browser = webdriver.Firefox(profile, proxy=proxy_to_use) + if not tor: + profile.set_preference("general.useragent.override", user_agent) + browser = webdriver.Firefox(profile, proxy=proxy_to_use) + else: + logger.info(set_color( + "settings tor browser settings..." + )) + profile = set_tor_browser_settings(profile, verbose=verbose, agent=user_agent, port=tor_port) + browser = webdriver.Firefox(profile) + logger.info(set_color("browser will open shortly...")) browser.get(url) if verbose: @@ -161,7 +234,13 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): try: search.send_keys(query) search.send_keys(Keys.RETURN) # hit return after you enter search text - time.sleep(3) + if not tor: + time.sleep(3) + else: + logger.warning(set_color( + "sleep time has been increased to 10 seconds due to tor being used...", level=30 + )) + time.sleep(10) except ElementNotInteractableException: browser.execute_script("document.querySelectorAll('label.boxed')[1].click()") search.send_keys(query) @@ -242,6 +321,7 @@ def parse_search_results(query, url_to_search, verbose=False, **kwargs): parse_webcache, pull_all = kwargs.get("parse_webcache", False), kwargs.get("pull_all", False) proxy_string, user_agent = kwargs.get("proxy", None), kwargs.get("agent", None) forward_for = kwargs.get("forward_for", False) + tor = kwargs.get("tor", False) if verbose: logger.debug(set_color( @@ -268,6 +348,11 @@ def parse_search_results(query, url_to_search, verbose=False, **kwargs): proxy_string = proxy_string_to_dict(proxy_string) proxy_string_info = proxy_string_info.format( ''.join(proxy_string.keys()) + "://" + ''.join(proxy_string.values())) + elif tor: + proxy_string = proxy_string_to_dict("socks5://127.0.0.1:9050") + proxy_string_info = proxy_string_info.format( + "tor proxy settings" + ) else: proxy_string_info = "no proxy configuration detected..." @@ -292,7 +377,10 @@ def parse_search_results(query, url_to_search, verbose=False, **kwargs): "attempting to gather query URL..." )) try: - query_url = get_urls(query, url_to_search, verbose=verbose, user_agent=user_agent, proxy=proxy_string) + query_url = get_urls( + query, url_to_search, verbose=verbose, user_agent=user_agent, proxy=proxy_string, + tor=tor + ) except Exception as e: if "'/usr/lib/firefoxdriver/webdriver.xpi'" in str(e): logger.fatal(set_color( diff --git a/zeus.py b/zeus.py index 0e985ab..bb37dfc 100755 --- a/zeus.py +++ b/zeus.py @@ -150,7 +150,9 @@ if __name__ == "__main__": anon.add_option("--random-agent", dest="useRandomAgent", action="store_true", help="Use a random user-agent from the etc/agents.txt file") anon.add_option("--agent", dest="usePersonalAgent", metavar="USER-AGENT", - help="Use your own personal user-agent") + help="Use your own personal user-agent"), + anon.add_option("--tor", dest="useTor", action="store_true", + help="Use Tor connection as the proxy and set the firefox browser settings to mimic Tor") # miscellaneous options misc = optparse.OptionGroup(parser, "Misc Options", @@ -409,7 +411,7 @@ if __name__ == "__main__": search.parse_search_results( opt.dorkToUse, search_engine, verbose=opt.runInVerbose, proxy=proxy_to_use, agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache, - forward_for=opt.forwardedForRandomIP + forward_for=opt.forwardedForRandomIP, tor=opt.useTor ) except InvalidProxyType: supported_proxy_types = ["socks5", "socks4", "https", "http"] @@ -469,7 +471,8 @@ if __name__ == "__main__": try: search.parse_search_results( dork, search_engine, verbose=opt.runInVerbose, proxy=proxy_to_use, - agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache + agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache, + tor=opt.useTor ) except Exception as e: logger.exception(set_color( @@ -493,7 +496,8 @@ if __name__ == "__main__": try: search.parse_search_results( random_dork, search_engine, verbose=opt.runInVerbose, - proxy=proxy_to_use, agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache + proxy=proxy_to_use, agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache, + tor=opt.useTor ) __run_attacks_main()