From 69fd18d5a5cda901c8a65d274474dfbcbdb91e01 Mon Sep 17 00:00:00 2001 From: ekultek Date: Thu, 2 Nov 2017 10:27:08 -0500 Subject: [PATCH] you are now able to use Tor to do the searching by passing the --tor flag, the firefox browser settings will mimic the tor browser settings and you will be able to connect via Tor, be careful, Google does not like Tor. You will also be able to connect to Tor to do the parsing --- etc/checksum/md5sum.md5 | 6 +-- lib/core/settings.py | 2 +- var/google_search/search.py | 98 +++++++++++++++++++++++++++++++++++-- zeus.py | 12 +++-- 4 files changed, 105 insertions(+), 13 deletions(-) diff --git a/etc/checksum/md5sum.md5 b/etc/checksum/md5sum.md5 index 111f462..39dc4f5 100644 --- a/etc/checksum/md5sum.md5 +++ b/etc/checksum/md5sum.md5 @@ -1,4 +1,4 @@ -b100d6428f04f18100e9358688004abd ./zeus.py +cfaee70f681421c937e735346b61fd5e ./zeus.py 6ad5f22ec4a6f8324bfb1b01ab6d51ec ./etc/scripts/cleanup.sh 155c9482f690f1482f324a7ffd8b8098 ./etc/scripts/fix_pie.sh 0e435c641bc636ac0b3d54e032d9cf6a ./etc/scripts/install_nmap.sh @@ -44,9 +44,9 @@ f746d2867f493104a78d0540cf50c03f ./lib/attacks/intel_me/__init__.py c8fe372b08e7e27fe4e21f5f730f22ec ./lib/attacks/clickjacking_scan/__init__.py 1faa2b5dfad6eb538bbfe42942d2a9da ./lib/core/errors.py d41d8cd98f00b204e9800998ecf8427e ./lib/core/__init__.py -21008b2aa1ff8abacbaa3042c9252640 ./lib/core/settings.py +cf2f33084ee604925738dc2b40f19aee ./lib/core/settings.py d41d8cd98f00b204e9800998ecf8427e ./var/google_search/__init__.py -914ac7cf2e216ca878a5f711a71290a8 ./var/google_search/search.py +5895fefecd3ae3b52e68a490478823bb ./var/google_search/search.py d41d8cd98f00b204e9800998ecf8427e ./var/__init__.py d41d8cd98f00b204e9800998ecf8427e ./var/auto_issue/__init__.py 4506850a02aa18e12bef4efeb760ad9e ./var/auto_issue/github.py diff --git a/lib/core/settings.py b/lib/core/settings.py index e5e8f71..e18227d 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -41,7 +41,7 @@ PATCH_ID = str(subprocess.check_output(["git", "rev-parse", "origin/master"]))[: # clone link CLONE = "https://github.com/ekultek/zeus-scanner.git" # current version -VERSION = "1.1.14.{}".format(PATCH_ID) +VERSION = "1.1.15".format(PATCH_ID) # colors to output depending on the version VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30} # version string formatting diff --git a/var/google_search/search.py b/var/google_search/search.py index 96bf91d..275ba7b 100644 --- a/var/google_search/search.py +++ b/var/google_search/search.py @@ -80,6 +80,65 @@ def bypass_ip_block(url): return unquote(retval) +def set_tor_browser_settings(ff_browser, default_port="9050", **kwargs): + """ + set the Firefox browser settings to mimic the Tor browser + """ + port = kwargs.get("port", None) + verbose = kwargs.get("verbose", False) + user_agent = kwargs.get("agent", None) + if port is not None: + port = port + else: + port = default_port + if verbose: + logger.debug(set_color( + "tor port set to '{}'...".format(port), level=10 + )) + preferences = { + "privacy": [ + # set the privacy settings + ("places.history.enabled", False),\ + ("privacy.clearOnShutdown.offlineApps", True), + ("privacy.clearOnShutdown.passwords", True), + ("privacy.clearOnShutdown.siteSettings", True), + ("privacy.sanitize.sanitizeOnShutdown", True), + ("signon.rememberSignons", False), + ("network.cookie.lifetimePolicy", 2), + ("network.dns.disablePrefetch", True), + ("network.http.sendRefererHeader", 0) + ], + "proxy": [ + # set the proxy settings + ("network.proxy.type", 1), + ("network.proxy.socks_version", 5), + ("network.proxy.socks", '127.0.0.1'), + ("network.proxy.socks_port", int(port)), + ("network.proxy.socks_remote_dns", True) + ], + "javascript": [ + # disabled the javascript settings + ("javascript.enabled", False) + ], + "download": [ + # get a speed increase by not downloading the images + ("permissions.default.image", 2) + ], + "user-agent": [ + # set the user agent settings + ("general.useragent.override", user_agent) + ] + } + for preference in preferences.iterkeys(): + if verbose: + logger.debug(set_color( + "setting '{}' preference(s)...".format(preference), level=10 + )) + for setting in preferences[preference]: + ff_browser.set_preference(setting[0], setting[1]) + return ff_browser + + def extract_webcache_url(webcache_url, splitter="+"): """ extract the true URL from Google's webcache URL's @@ -102,10 +161,16 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): """ query = query.decode('unicode_escape').encode('utf-8') proxy, user_agent = kwargs.get("proxy", None), kwargs.get("user_agent", None) + tor, tor_port = kwargs.get("tor", False), kwargs.get("tor_port", None) if verbose: logger.debug(set_color( "setting up the virtual display to hide the browser...", level=10 )) + if tor: + if "google" in url: + logger.warning(set_color( + "using Google with tor will most likely result in a ban URL...", level=30 + )) ff_display = Display(visible=0, size=(800, 600)) ff_display.start() logger.info(set_color( @@ -127,7 +192,7 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): logger.debug(set_color( "adjusting selenium-webdriver user-agent to '{}'...".format(user_agent), level=10 )) - if proxy is not None: + if not tor and proxy is not None: proxy_type = proxy.keys() proxy_to_use = Proxy({ "proxyType": ProxyType.MANUAL, @@ -146,8 +211,16 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): proxy_to_use = None profile = webdriver.FirefoxProfile() - profile.set_preference("general.useragent.override", user_agent) - browser = webdriver.Firefox(profile, proxy=proxy_to_use) + if not tor: + profile.set_preference("general.useragent.override", user_agent) + browser = webdriver.Firefox(profile, proxy=proxy_to_use) + else: + logger.info(set_color( + "settings tor browser settings..." + )) + profile = set_tor_browser_settings(profile, verbose=verbose, agent=user_agent, port=tor_port) + browser = webdriver.Firefox(profile) + logger.info(set_color("browser will open shortly...")) browser.get(url) if verbose: @@ -161,7 +234,13 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): try: search.send_keys(query) search.send_keys(Keys.RETURN) # hit return after you enter search text - time.sleep(3) + if not tor: + time.sleep(3) + else: + logger.warning(set_color( + "sleep time has been increased to 10 seconds due to tor being used...", level=30 + )) + time.sleep(10) except ElementNotInteractableException: browser.execute_script("document.querySelectorAll('label.boxed')[1].click()") search.send_keys(query) @@ -242,6 +321,7 @@ def parse_search_results(query, url_to_search, verbose=False, **kwargs): parse_webcache, pull_all = kwargs.get("parse_webcache", False), kwargs.get("pull_all", False) proxy_string, user_agent = kwargs.get("proxy", None), kwargs.get("agent", None) forward_for = kwargs.get("forward_for", False) + tor = kwargs.get("tor", False) if verbose: logger.debug(set_color( @@ -268,6 +348,11 @@ def parse_search_results(query, url_to_search, verbose=False, **kwargs): proxy_string = proxy_string_to_dict(proxy_string) proxy_string_info = proxy_string_info.format( ''.join(proxy_string.keys()) + "://" + ''.join(proxy_string.values())) + elif tor: + proxy_string = proxy_string_to_dict("socks5://127.0.0.1:9050") + proxy_string_info = proxy_string_info.format( + "tor proxy settings" + ) else: proxy_string_info = "no proxy configuration detected..." @@ -292,7 +377,10 @@ def parse_search_results(query, url_to_search, verbose=False, **kwargs): "attempting to gather query URL..." )) try: - query_url = get_urls(query, url_to_search, verbose=verbose, user_agent=user_agent, proxy=proxy_string) + query_url = get_urls( + query, url_to_search, verbose=verbose, user_agent=user_agent, proxy=proxy_string, + tor=tor + ) except Exception as e: if "'/usr/lib/firefoxdriver/webdriver.xpi'" in str(e): logger.fatal(set_color( diff --git a/zeus.py b/zeus.py index 0e985ab..bb37dfc 100755 --- a/zeus.py +++ b/zeus.py @@ -150,7 +150,9 @@ if __name__ == "__main__": anon.add_option("--random-agent", dest="useRandomAgent", action="store_true", help="Use a random user-agent from the etc/agents.txt file") anon.add_option("--agent", dest="usePersonalAgent", metavar="USER-AGENT", - help="Use your own personal user-agent") + help="Use your own personal user-agent"), + anon.add_option("--tor", dest="useTor", action="store_true", + help="Use Tor connection as the proxy and set the firefox browser settings to mimic Tor") # miscellaneous options misc = optparse.OptionGroup(parser, "Misc Options", @@ -409,7 +411,7 @@ if __name__ == "__main__": search.parse_search_results( opt.dorkToUse, search_engine, verbose=opt.runInVerbose, proxy=proxy_to_use, agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache, - forward_for=opt.forwardedForRandomIP + forward_for=opt.forwardedForRandomIP, tor=opt.useTor ) except InvalidProxyType: supported_proxy_types = ["socks5", "socks4", "https", "http"] @@ -469,7 +471,8 @@ if __name__ == "__main__": try: search.parse_search_results( dork, search_engine, verbose=opt.runInVerbose, proxy=proxy_to_use, - agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache + agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache, + tor=opt.useTor ) except Exception as e: logger.exception(set_color( @@ -493,7 +496,8 @@ if __name__ == "__main__": try: search.parse_search_results( random_dork, search_engine, verbose=opt.runInVerbose, - proxy=proxy_to_use, agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache + proxy=proxy_to_use, agent=agent_to_use, pull_all=opt.noExclude, parse_webcache=opt.parseWebcache, + tor=opt.useTor ) __run_attacks_main()