From efd5ca3bed152aa176120731daa79e7d9090ee25 Mon Sep 17 00:00:00 2001 From: ekultek Date: Sat, 7 Oct 2017 09:29:35 -0500 Subject: [PATCH 1/4] minor edit to get rid of a random call --- lib/attacks/intel_me/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/attacks/intel_me/__init__.py b/lib/attacks/intel_me/__init__.py index 0c5d811..66c319d 100644 --- a/lib/attacks/intel_me/__init__.py +++ b/lib/attacks/intel_me/__init__.py @@ -14,7 +14,7 @@ from lib.settings import ( def __get_auth_headers(target, port=16992, source=None, agent=None, proxy=None): if not source or 'WWW-Authenticate' not in source.headers['WWW-Authenticate']: - logger.info(set_color or ( + logger.info(set_color( "header value not established, attempting to get bypass..." )) source = requests.get("http://{0}:{1}/index.htm".format(target, port), headers={ From 61f4559e0ed32ee2bdffca489cff23c33197db22 Mon Sep 17 00:00:00 2001 From: ekultek Date: Sat, 7 Oct 2017 09:30:26 -0500 Subject: [PATCH 2/4] edit to the function if the file does not exist it will not try and find it --- lib/settings.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/settings.py b/lib/settings.py index 54ce538..c717ea2 100644 --- a/lib/settings.py +++ b/lib/settings.py @@ -22,7 +22,7 @@ except NameError: # clone link CLONE = "https://github.com/ekultek/zeus-scanner.git" # current version -VERSION = "1.0.30.133a" +VERSION = "1.0.31" # colors to output depending on the version VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30} # version string formatting @@ -239,8 +239,11 @@ def get_latest_log_file(log_path): get the latest log file being used from the given path """ file_list = glob.glob(log_path + "/*") - latest = max(file_list, key=os.path.getctime) - return latest + try: + latest = max(file_list, key=os.path.getctime) + return latest + except ValueError: + return None def replace_http(url): From 407fc34cf3a0626b914cab51e46ec641e54713cd Mon Sep 17 00:00:00 2001 From: ekultek Date: Sat, 7 Oct 2017 09:31:29 -0500 Subject: [PATCH 3/4] added in the search.py file, was missing --- var/google_search/search.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/var/google_search/search.py b/var/google_search/search.py index d003ded..b4c30a1 100644 --- a/var/google_search/search.py +++ b/var/google_search/search.py @@ -18,6 +18,7 @@ from pyvirtualdisplay import Display from selenium.webdriver.common.keys import Keys from selenium.webdriver.common.proxy import * +from var.auto_issue.github import request_issue_creation from lib.settings import ( logger, set_color, @@ -251,6 +252,7 @@ def parse_search_results( "exception has been logged to current log file...".format( os.path.basename(__file__), str(e).strip()), level=50) ) + request_issue_creation() shutdown() logger.info(set_color( "URL successfully gathered, searching for GET parameters..." From 4456a07bf19688f0e6a62978718dabae6b143963 Mon Sep 17 00:00:00 2001 From: ekultek Date: Sat, 7 Oct 2017 09:32:27 -0500 Subject: [PATCH 4/4] created a function to get rid of some code duplication --- zeus.py | 93 ++++++++++++++++++++++++++------------------------------- 1 file changed, 43 insertions(+), 50 deletions(-) diff --git a/zeus.py b/zeus.py index 771839c..6a2b29c 100755 --- a/zeus.py +++ b/zeus.py @@ -372,6 +372,27 @@ if __name__ == "__main__": """ run the attacks if any are requested """ + __enabled_attacks = { + "sqlmap": opt.runSqliScan, + "port": opt.runPortScan, + "xss": opt.runXssScan, + "admin": opt.adminPanelFinder, + "intel": opt.intelCheck + } + + enabled = set() + for key in __enabled_attacks.keys(): + if __enabled_attacks[key] is True: + enabled.add(key) + if len(enabled) > 1: + logger.error(set_color( + "it appears that you have enabled multiple attack types, " + "as of now only 1 attack is supported at a time, choose " + "your attack and try again. You can use the -f flag if " + "you do not want to complete an entire search again...", level=40 + )) + shutdown() + if not batch: question = prompt( "would you like to process found URL: '{}'".format(url), opts=["y", "N"] @@ -401,6 +422,23 @@ if __name__ == "__main__": )) + def __run_attacks_main(): + urls_to_use = get_latest_log_file(URL_LOG_PATH) + if urls_to_use is None: + logger.error(set_color( + "unable to run attacks appears that no file was created for the retrieved data...", level=40 + )) + if opt.runSqliScan or opt.runPortScan or opt.intelCheck or opt.adminPanelFinder or opt.runXssScan: + with open(urls_to_use) as urls: + for url in urls.readlines(): + __run_attacks( + url.strip(), + sqlmap=opt.runSqliScan, nmap=opt.runPortScan, intel=opt.intelCheck, xss=opt.runXssScan, + admin=opt.adminPanelFinder, given_path=opt.givenSearchPath, + auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch + ) + + proxy_to_use, agent_to_use = __config_headers() search_engine = __config_search_engine(verbose=opt.runInVerbose) @@ -422,16 +460,7 @@ if __name__ == "__main__": request_issue_creation() pass - urls_to_use = get_latest_log_file(URL_LOG_PATH) - if opt.runSqliScan or opt.runPortScan or opt.intelCheck or opt.adminPanelFinder or opt.runXssScan: - with open(urls_to_use) as urls: - for url in urls.readlines(): - __run_attacks( - url.strip(), - sqlmap=opt.runSqliScan, nmap=opt.runPortScan, intel=opt.intelCheck, xss=opt.runXssScan, - admin=opt.adminPanelFinder, given_path=opt.givenSearchPath, - auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch - ) + __run_attacks_main() # search multiple pages of Google elif opt.dorkToUse is not None and opt.searchMultiplePages: @@ -463,16 +492,7 @@ if __name__ == "__main__": )) shutdown() - urls_to_use = get_latest_log_file(URL_LOG_PATH) - if opt.runSqliScan or opt.runPortScan or opt.intelCheck or opt.adminPanelFinder or opt.runXssScan: - with open(urls_to_use) as urls: - for url in urls.readlines(): - __run_attacks( - url.strip(), - sqlmap=opt.runSqliScan, nmap=opt.runPortScan, intel=opt.intelCheck, xss=opt.runXssScan, - admin=opt.adminPanelFinder, given_path=opt.givenSearchPath, - auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch - ) + __run_attacks_main() # use a file full of dorks as the queries elif opt.dorkFileToUse is not None: @@ -494,16 +514,7 @@ if __name__ == "__main__": request_issue_creation() pass - urls_to_use = get_latest_log_file(URL_LOG_PATH) - if opt.runSqliScan or opt.runPortScan or opt.intelCheck or opt.adminPanelFinder or opt.runXssScan: - with open(urls_to_use) as urls: - for url in urls.readlines(): - __run_attacks( - url.strip(), - sqlmap=opt.runSqliScan, nmap=opt.runPortScan, intel=opt.intelCheck, xss=opt.runXssScan, - admin=opt.adminPanelFinder, given_path=opt.givenSearchPath, - auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch - ) + __run_attacks_main() # use a random dork as the query elif opt.useRandomDork: @@ -520,16 +531,7 @@ if __name__ == "__main__": random_dork, search_engine, verbose=opt.runInVerbose, proxy=proxy_to_use, agent=agent_to_use ) - urls_to_use = get_latest_log_file(URL_LOG_PATH) - if opt.runSqliScan or opt.runPortScan or opt.intelCheck or opt.adminPanelFinder or opt.runXssScan: - with open(urls_to_use) as urls: - for url in urls.readlines(): - __run_attacks( - url.strip(), - sqlmap=opt.runSqliScan, nmap=opt.runPortScan, intel=opt.intelCheck, xss=opt.runXssScan, - admin=opt.adminPanelFinder, given_path=opt.givenSearchPath, - auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch - ) + __run_attacks_main() except Exception as e: logger.exception(set_color( @@ -565,16 +567,7 @@ if __name__ == "__main__": blackwidow.blackwidow_main(opt.spiderWebSite, agent=agent_to_use, proxy=proxy_to_use, verbose=opt.runInVerbose) - urls_to_use = get_latest_log_file(SPIDER_LOG_PATH) - if opt.runSqliScan or opt.runPortScan or opt.intelCheck or opt.adminPanelFinder or opt.runXssScan: - with open(urls_to_use) as urls: - for url in urls.readlines(): - __run_attacks( - url.strip(), - sqlmap=opt.runSqliScan, nmap=opt.runPortScan, intel=opt.intelCheck, xss=opt.runXssScan, - admin=opt.adminPanelFinder, given_path=opt.givenSearchPath, - auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch - ) + __run_attacks_main() elif opt.fileToEnumerate is not None: with open(opt.fileToEnumerate) as urls: