diff --git a/etc/checksum/md5sum.md5 b/etc/checksum/md5sum.md5 index 121d291..ab6c2b2 100644 --- a/etc/checksum/md5sum.md5 +++ b/etc/checksum/md5sum.md5 @@ -40,21 +40,21 @@ d41d8cd98f00b204e9800998ecf8427e ./lib/__init__.py c8fe372b08e7e27fe4e21f5f730f22ec ./lib/attacks/clickjacking_scan/__init__.py 8e69bcf607cdb879b76500a9b1ba1763 ./lib/attacks/clickjacking_scan/__init__.pyc d41d8cd98f00b204e9800998ecf8427e ./lib/attacks/__init__.py -d93cf7cdeabe951251f2f4d56687b5f4 ./lib/attacks/sqlmap_scan/__init__.py +1a41d8378580b3d21e53504bdd2e2407 ./lib/attacks/sqlmap_scan/__init__.py 5e5bb575014ebe613db6bf671d008cf8 ./lib/attacks/sqlmap_scan/sqlmap_opts.py d41d8cd98f00b204e9800998ecf8427e ./lib/attacks/whois_lookup/__init__.py e2b494ba257444ed4a9a8a554dcbe250 ./lib/attacks/whois_lookup/whois.py -185cfb4e30ffc2688dfebcc66d41b43f ./lib/attacks/admin_panel_finder/__init__.py +35f40f12b6c7241e69c3907a3f529874 ./lib/attacks/admin_panel_finder/__init__.py 629f935edac35716cf0cb3548f0cc86c ./lib/attacks/xss_scan/__init__.py 27358f26bda30d7356143c3ea1fa99c5 ./lib/attacks/nmap_scan/__init__.py 216999fa0e84866d5c1d96d5676034e4 ./lib/attacks/nmap_scan/nmap_opts.py -f746d2867f493104a78d0540cf50c03f ./lib/attacks/intel_me/__init__.py +be3bcc949bb54e19c5b349c78a575c8c ./lib/attacks/intel_me/__init__.py 1faa2b5dfad6eb538bbfe42942d2a9da ./lib/core/errors.py d41d8cd98f00b204e9800998ecf8427e ./lib/core/__init__.py -28d4d887089b5c27b0f5e51db22dfbc8 ./lib/core/settings.py +cdcace5ca96943d054ff03fcad306a25 ./lib/core/settings.py d41d8cd98f00b204e9800998ecf8427e ./var/google_search/__init__.py -6372bb30e3ba30f10c4f5fd200ae3ac5 ./var/google_search/search.py +255c7b07fefed0be9dc72134acfc40ca ./var/google_search/search.py d41d8cd98f00b204e9800998ecf8427e ./var/__init__.py d41d8cd98f00b204e9800998ecf8427e ./var/auto_issue/__init__.py -4506850a02aa18e12bef4efeb760ad9e ./var/auto_issue/github.py +dadca85c232153021ba9ff253d8ee1d9 ./var/auto_issue/github.py 059765fe1ae084ad267d4b7aa7a34032 ./var/blackwidow/__init__.py \ No newline at end of file diff --git a/lib/attacks/admin_panel_finder/__init__.py b/lib/attacks/admin_panel_finder/__init__.py index 7679a16..862f588 100644 --- a/lib/attacks/admin_panel_finder/__init__.py +++ b/lib/attacks/admin_panel_finder/__init__.py @@ -86,6 +86,9 @@ def check_for_admin_page(url, exts, protocol="http://", **kwargs): possible_connections, connections = set(), set() stripped_url = replace_http(str(url).strip()) for ext in exts: + # each extension is loaded before this process begins to save time + # while running this process. + # it will be loaded and passed instead of loaded during. ext = ext.strip() true_url = "{}{}{}".format(protocol, stripped_url, ext) if verbose: @@ -132,6 +135,7 @@ def check_for_admin_page(url, exts, protocol="http://", **kwargs): data_msg.format(len(possible_connections), len(connections)) )) if len(connections) > 0: + # create the connection tree if we got some connections logger.info(set_color( "creating connection tree..." )) @@ -164,6 +168,7 @@ def __load_extensions(filename="{}/etc/text_files/link_ext.txt"): """ load the extensions to use from the etc/link_ext file """ + # this is where the extensions are loaded from with open(filename.format(os.getcwd())) as ext: return ext.readlines() diff --git a/lib/attacks/intel_me/__init__.py b/lib/attacks/intel_me/__init__.py index 74fe2cd..a2dd20e 100644 --- a/lib/attacks/intel_me/__init__.py +++ b/lib/attacks/intel_me/__init__.py @@ -14,18 +14,28 @@ from lxml import html from var.auto_issue.github import request_issue_creation -def __get_auth_headers(target, port=16992, source=None, agent=None, proxy=None): +def __get_auth_headers(target, ports=(16992, 16693, 693, 692), **kwargs): """ get the authorization headers from the URL """ + source = kwargs.get("source", None) + proxy, agent, verbose = kwargs.get("proxy", None), kwargs.get("agent", None), kwargs.get("verbose", False) if not source or 'WWW-Authenticate' not in source.headers['WWW-Authenticate']: logger.info(set_color( "header value not established, attempting to get bypass..." )) - source = requests.get("http://{0}:{1}/index.htm".format(target, port), timeout=10, headers={ - 'connection': 'close', 'user-agent': agent - }, proxies=proxy) - return source + for port in ports: + try: + if verbose: + logger.debug(set_color( + "trying on port {}...".format(port), level=10 + )) + source = requests.get("http://{0}:{1}/index.htm".format(target, port), timeout=10, headers={ + 'connection': 'close', 'user-agent': agent + }, proxies=proxy) + return source + except Exception: + pass # Get digest and nonce and return the new header if 'WWW-Authenticate' in source.headers: logger.info(set_color( @@ -46,28 +56,36 @@ def __get_auth_headers(target, port=16992, source=None, agent=None, proxy=None): return None -def __get_raw_data(target, page, agent=None, proxy=None): +def __get_raw_data(target, page, agent=None, proxy=None, **kwargs): """ collect all the information from an exploitable target """ + possible_ports = (16992, 16993, 693, 692) + verbose = kwargs.get("verbose", False) logger.info(set_color( - "getting raw information..." + "attempting to get raw hardware information..." )) - return requests.get("http://{0}:16992/{1}.htm".format(target, page), - headers={ - 'connection': 'close', - 'Authorization': __get_auth_headers(target), - 'user-agent': agent - }, - proxies=proxy - ) + for port in possible_ports: + try: + if verbose: + logger.debug(set_color( + "trying on port {}...".format(port), level=10 + )) + return requests.get("http://{0}:{1}/{2}.htm".format(target, port, page), + headers={ + 'connection': 'close', + 'Authorization': __get_auth_headers(target, verbose=verbose), + 'user-agent': agent + }, proxies=proxy) + except Exception: + pass -def __get_hardware(target, agent=None, proxy=None): +def __get_hardware(target, agent=None, proxy=None, verbose=False): """ collect all the hardware information from an exploitable target """ - req = __get_raw_data(target, 'hw-sys', agent=agent, proxy=proxy) + req = __get_raw_data(target, 'hw-sys', agent=agent, proxy=proxy, verbose=verbose) if not req.status_code == 200: return None logger.info(set_color( @@ -76,6 +94,9 @@ def __get_hardware(target, agent=None, proxy=None): tree = html.fromstring(req.content) raw = tree.xpath('//td[@class="r1"]/text()') bios_functions = tree.xpath('//td[@class="r1"]/table//td/text()') + # find the hardware information + # and output the hardware data + # from the raw data found data = { 'platform': { 'model': raw[0], @@ -107,6 +128,7 @@ def main_intel_amt(url, agent=None, proxy=None, **kwargs): main attack method to be called """ do_ip_address = kwargs.get("do_ip", False) + verbose = kwargs.get("verbose", False) proxy = proxy_string_to_dict(proxy) or None agent = agent or DEFAULT_USER_AGENT if do_ip_address: @@ -132,7 +154,7 @@ def main_intel_amt(url, agent=None, proxy=None, **kwargs): "attempting to connect to '{}' and get hardware info...".format(url) )) try: - json_data = __get_hardware(url, agent=agent, proxy=proxy) + json_data = __get_hardware(url, agent=agent, proxy=proxy, verbose=verbose) if json_data is None: logger.error(set_color( "unable to get any information, skipping...", level=40 @@ -164,6 +186,6 @@ def main_intel_amt(url, agent=None, proxy=None, **kwargs): pass else: logger.exception(set_color( - "ran into exception '{}', cannot continue...".format(e) + "ran into exception '{}', cannot continue...".format(e), level=50 )) request_issue_creation() diff --git a/lib/attacks/sqlmap_scan/__init__.py b/lib/attacks/sqlmap_scan/__init__.py index dd6f9b0..73ac511 100644 --- a/lib/attacks/sqlmap_scan/__init__.py +++ b/lib/attacks/sqlmap_scan/__init__.py @@ -53,6 +53,11 @@ class SqlmapHook(object): to_check = str(json.loads(req.content)["tasks"]).lower() found = ''.join(id_re.findall(to_check)) if len(found) > 16: + # split the found ID by 16 characters each time one is found to be over 16 characters + # IE ['abcdee345593fffa', '2222aaa449837cc9'] + # if any of these items are not in the already used container, then chances are that's the + # item we're looking for. + # this will also allow you to go back to the same item more then once. data_found = [found[i:i+split_by] for i in range(0, len(found), split_by)] for item in data_found: if item not in lib.core.settings.ALREADY_USED: @@ -71,6 +76,22 @@ class SqlmapHook(object): data_dict = {"url": self.to_scan} if opts is not None: for i in range(0, len(opts)): + # if the options are passed they will be placed as a dict + # IE {'level': 5, 'risk': 3} + # from there they will be added into the post data dict what this + # will accomplish is that it will take precedence over the already + # set data on the sqlmap API client and replace that data with the + # data that is provided. + # IE + # { + # 'level': 1, + # 'risk': 1, + # } + # will become + # { + # 'level': '5', + # 'risk': '3', + # } data_dict[opts[i][0]] = opts[i][1] post_data = json.dumps(data_dict) req = urllib2.Request(start_scan_url, data=post_data, headers=self.headers) @@ -92,6 +113,12 @@ class SqlmapHook(object): ) already_displayed = set() while current_status == "running": + # while the current status evaluates to `running` + # we can load the JSON data and output the log information + # we will skip over information that has already been provided + # by using the already displayed container set. + # this will allow us to only output information that we + # have not seen yet. current_status = json.loads(requests.get(running_status_url).content)["status"] log_req = requests.get(running_log_url) log_json = json.loads(log_req.content) @@ -126,6 +153,11 @@ def sqlmap_scan_main(url, port=None, verbose=None, opts=None, auto_start=False): """ create argument tuples for the sqlmap arguments passed by the user """ + # create the dict to pass to the sqlmap hook + # basically it will just take the key and value + # for the argument tuples and create a dictionary + # out of them. + # IE ('level', '5') -> {'level': '5'} return {key: value for key, value in opts} is_started = lib.core.settings.search_for_process("sqlmapapi.py") diff --git a/lib/core/settings.py b/lib/core/settings.py index c3c2bd0..118f835 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -37,13 +37,18 @@ except NameError: raw_input = input # Python 3 # get the master patch ID when a patch is pushed to the program + PATCH_ID = str(subprocess.check_output(["git", "rev-parse", "origin/master"]))[:6] # clone link + CLONE = "https://github.com/ekultek/zeus-scanner.git" # current version -VERSION = "1.1.18".format(PATCH_ID) + +VERSION = "1.1.19".format(PATCH_ID) # colors to output depending on the version + VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30} + # version string formatting if VERSION.count(".") == 1: VERSION_STRING = "\033[92mv{}\033[0m(\033[{}m\033[1mstable\033[0m)".format(VERSION, VERSION_TYPE_COLORS["stable"]) @@ -51,8 +56,10 @@ elif VERSION.count(".") <= 2: VERSION_STRING = "\033[92mv{}\033[0m(\033[{}m\033[1mdev\033[0m)".format(VERSION, VERSION_TYPE_COLORS["dev"]) else: VERSION_STRING = "\033[92mv{}\033[0m(\033[{}m\033[1mrevision\033[0m)".format(VERSION, VERSION_TYPE_COLORS["other"]) + # zeus-scanners saying SAYING = "Advanced Dork Searching..." + # sexy banner BANNER = """\033[36m __ __________ __ @@ -62,61 +69,88 @@ BANNER = """\033[36m \_\ /_______ \___ >____//____ > /_/ \/ \/ \/ {} \t{}\n\t\t{}\033[0m""".format(VERSION_STRING, CLONE, SAYING) + # default user agent if another one isn't given # reference for best practices: https://docs.developer.amazonservices.com/en_US/dev_guide/DG_UserAgentHeader.html DEFAULT_USER_AGENT = "Zeus-Scanner/{} (Language=Python/{}; Platform={})".format( VERSION, sys.version.split(" ")[0], platform.platform().split("-")[0] ) -# regex to find GET params in a URL, IE php?id= -URL_QUERY_REGEX = re.compile(r"(.*)[?|#](.*){1}\=(.*)") -# regex to recognize a URL -URL_REGEX = re.compile(r"((https?):((//)|(\\\\))+([\w\d:#@%/;$()~_?\+-=\\\.&](#!)?)*)") + # path to the checksum CHECKSUM_PATH = "{}/etc/checksum/md5sum.md5".format(os.getcwd()) + # geckodriver version information path, grabs the file that was installed on your system GECKO_VERSION_INFO_PATH = "{}/bin/version_info".format(os.getcwd()) -# attempt to fix the program install error -FIX_PROGRAM_INSTALL_PATH = "{}/etc/scripts/fix_pie.sh".format(os.getcwd()) -# path to the auto clean tool -CLEANUP_TOOL_PATH = "{}/etc/scripts/cleanup.sh".format(os.getcwd()) -# path to tool to launch sqlmap API -LAUNCH_SQLMAP_API_TOOL = "{}/etc/scripts/launch_sqlmap_api.sh".format(os.getcwd()) -# path to nmap installer -NMAP_INSTALLER_TOOL = "{}/etc/scripts/install_nmap.sh".format(os.getcwd()) -# clickjacking HTML test page path -CLICKJACKING_TEST_PAGE_PATH = "{}/etc/html/clickjacking_test_page.html".format(os.getcwd()) + # path to check if the program has been executed or not EXECUTED_PATH = "{}/bin/executed.txt".format(os.getcwd()) + # paths to sqlmap and nmap TOOL_PATHS = "{}/bin/paths/path_config.ini".format(os.getcwd()) -# path to write the HTML in -CLICKJACKING_RESULTS_PATH = "{}/log/clickjacking-log".format(os.getcwd()) -# the log for found admin pages on a site -ADMIN_PAGE_FILE_PATH = "{}/log/admin-page-log".format(os.getcwd()) -# path to the sitemap log file -SITEMAP_FILE_LOG_PATH = "{}/log/sitemap-log".format(os.getcwd()) -# log path to the whois results -WHOIS_RESULTS_LOG_PATH = "{}/log/whois".format(os.getcwd()) -# path to store robot.txt page in -ROBOTS_PAGE_PATH = "{}/log/robots".format(os.getcwd()) -# URL's that are extracted from Google's ban URL -EXTRACTED_URL_LOG = "{}/log/extracted-url-log".format(os.getcwd()) -# log path for the URL's that are found -URL_LOG_PATH = "{}/log/url-log".format(os.getcwd()) -# log path for port scans -PORT_SCAN_LOG_PATH = "{}/log/scanner-log".format(os.getcwd()) -# blackwidow log path -SPIDER_LOG_PATH = "{}/log/blackwidow-log".format(os.getcwd()) -# the current log file being used -CURRENT_LOG_FILE_PATH = "{}/log".format(os.getcwd()) -# nmap's manual page for their options -NMAP_MAN_PAGE_URL = "https://nmap.org/book/man-briefoptions.html" -# sqlmap's manual page for their options -SQLMAP_MAN_PAGE_URL = "https://github.com/sqlmapproject/sqlmap/wiki/Usage" -# whois API link -WHOIS_JSON_LINK = "https://jsonwhoisapi.com/api/v1/whois?identifier={}" + +# attempt to fix the program install error +FIX_PROGRAM_INSTALL_PATH = "{}/etc/scripts/fix_pie.sh".format(os.getcwd()) + +# path to the auto clean tool +CLEANUP_TOOL_PATH = "{}/etc/scripts/cleanup.sh".format(os.getcwd()) + +# path to tool to launch sqlmap API +LAUNCH_SQLMAP_API_TOOL = "{}/etc/scripts/launch_sqlmap_api.sh".format(os.getcwd()) + +# path to nmap installer +NMAP_INSTALLER_TOOL = "{}/etc/scripts/install_nmap.sh".format(os.getcwd()) + +# clickjacking HTML test page path +CLICKJACKING_TEST_PAGE_PATH = "{}/etc/html/clickjacking_test_page.html".format(os.getcwd()) + # holder for sqlmap API ID hashes, makes it so that they are all unique ALREADY_USED = set() + +# path to write the HTML in +CLICKJACKING_RESULTS_PATH = "{}/log/clickjacking-log".format(os.getcwd()) + +# the log for found admin pages on a site +ADMIN_PAGE_FILE_PATH = "{}/log/admin-page-log".format(os.getcwd()) + +# path to the sitemap log file +SITEMAP_FILE_LOG_PATH = "{}/log/sitemap-log".format(os.getcwd()) + +# log path to the whois results +WHOIS_RESULTS_LOG_PATH = "{}/log/whois".format(os.getcwd()) + +# path to store robot.txt page in +ROBOTS_PAGE_PATH = "{}/log/robots".format(os.getcwd()) + +# URL's that are extracted from Google's ban URL +EXTRACTED_URL_LOG = "{}/log/extracted-url-log".format(os.getcwd()) + +# log path for the URL's that are found +URL_LOG_PATH = "{}/log/url-log".format(os.getcwd()) + +# log path for port scans +PORT_SCAN_LOG_PATH = "{}/log/scanner-log".format(os.getcwd()) + +# blackwidow log path +SPIDER_LOG_PATH = "{}/log/blackwidow-log".format(os.getcwd()) + +# the current log file being used +CURRENT_LOG_FILE_PATH = "{}/log".format(os.getcwd()) + +# nmap's manual page for their options +NMAP_MAN_PAGE_URL = "https://nmap.org/book/man-briefoptions.html" + +# sqlmap's manual page for their options +SQLMAP_MAN_PAGE_URL = "https://github.com/sqlmapproject/sqlmap/wiki/Usage" + +# whois API link +WHOIS_JSON_LINK = "https://jsonwhoisapi.com/api/v1/whois?identifier={}" + +# regex to find GET params in a URL, IE php?id= +URL_QUERY_REGEX = re.compile(r"(.*)[?|#](.*){1}\=(.*)") + +# regex to recognize a URL +URL_REGEX = re.compile(r"((https?):((//)|(\\\\))+([\w\d:#@%/;$()~_?\+-=\\\.&](#!)?)*)") + # search engines that the application can use AUTHORIZED_SEARCH_ENGINES = { "aol": "http://aol.com", @@ -124,38 +158,26 @@ AUTHORIZED_SEARCH_ENGINES = { "duckduckgo": "http://duckduckgo.com/html", "google": "http://google.com" } + # extensions to exclude from the spider SPIDER_EXT_EXCLUDE = ( - "3ds", "3g2", "3gp", "7z", "DS_Store", - "a", "aac", "adp", "ai", "aif", "aiff", - "apk", "ar", "asf", "au", "avi", "bak", - "bin", "bk", "bmp", "btif", "bz2", "cab", - "caf", "cgm", "cmx", "cpio", "cr2", "dat", - "deb", "djvu", "dll", "dmg", "dmp", "dng", - "doc", "docx", "dot", "dotx", "dra", "dsk", - "dts", "dtshd", "dvb", "dwg", "dxf", "ear", - "ecelp4800", "ecelp7470", "ecelp9600", "egg", - "eol", "eot", "epub", "exe", "f4v", "fbs", "fh", - "fla", "flac", "fli", "flv", "fpx", "fst", "fvt", - "g3", "gif", "gz", "h261", "h263", "h264", "ico", - "ief", "image", "img", "ipa", "iso", "jar", "jpeg", - "jpg", "jpgv", "jpm", "jxr", "ktx", "lvp", "lz", - "lzma", "lzo", "m3u", "m4a", "m4v", "mar", "mdi", - "mid", "mj2", "mka", "mkv", "mmr", "mng", "mov", - "movie", "mp3", "mp4", "mp4a", "mpeg", "mpg", - "mpga", "mxu", "nef", "npx", "o", "oga", "ogg", - "ogv", "otf", "pbm", "pcx", "pdf", "pea", "pgm", - "pic", "png", "pnm", "ppm", "pps", "ppt", "pptx", - "ps", "psd", "pya", "pyc", "pyo", "pyv", "qt", "rar", - "ras", "raw", "rgb", "rip", "rlc", "rz", "s3m", "s7z", - "scm", "scpt", "sgi", "shar", "sil", "smv", "so", "sub", - "swf", "tar", "tbz2", "tga", "tgz", "tif", "tiff", "tlz", - "ts", "ttf", "uvh", "uvi", "uvm", "uvp", "uvs", "uvu", - "viv", "vob", "war", "wav", "wax", "wbmp", "wdp", "weba", - "webm", "webp", "whl", "wm", "wma", "wmv", "wmx", "woff", - "woff2", "wvx", "xbm", "xif", "xls", "xlsx", "xlt", "xm", - "xpi", "xpm", "xwd", "xz", "z", "zip", "zipx" + "3ds", "3g2", "3gp", "7z", "DS_Store", "a", "aac", "adp", "ai", "aif", "aiff", + "apk", "ar", "asf", "au", "avi", "bak", "bin", "bk", "bmp", "btif", "bz2", "cab", + "caf", "cgm", "cmx", "cpio", "cr2", "dat", "deb", "djvu", "dll", "dmg", "dmp", "dng", + "doc", "docx", "dot", "dotx", "dra", "dsk", "dts", "dtshd", "dvb", "dwg", "dxf", "ear", + "ecelp4800", "ecelp7470", "ecelp9600", "egg", "eol", "eot", "epub", "exe", "f4v", "fbs", "fh", + "fla", "flac", "fli", "flv", "fpx", "fst", "fvt", "g3", "gif", "gz", "h261", "h263", "h264", "ico", "ief", + "image", "img", "ipa", "iso", "jar", "jpeg", "jpg", "jpgv", "jpm", "jxr", "ktx", "lvp", "lz", "lzma", + "lzo", "m3u", "m4a", "m4v", "mar", "mdi", "mid", "mj2", "mka", "mkv", "mmr", "mng", "mov", "movie", "mp3", + "mp4", "mp4a", "mpeg", "mpg", "mpga", "mxu", "nef", "npx", "o", "oga", "ogg", "ogv", "otf", "pbm", "pcx", + "pdf", "pea", "pgm", "pic", "png", "pnm", "ppm", "pps", "ppt", "pptx", "ps", "psd", "pya", "pyc", "pyo", + "pyv", "qt", "rar", "ras", "raw", "rgb", "rip", "rlc", "rz", "s3m", "s7z", "scm", "scpt", "sgi", "shar", + "sil", "smv", "so", "sub", "swf", "tar", "tbz2", "tga", "tgz", "tif", "tiff", "tlz", "ts", "ttf", "uvh", + "uvi", "uvm", "uvp", "uvs", "uvu", "viv", "vob", "war", "wav", "wax", "wbmp", "wdp", "weba", "webm", "webp", + "whl", "wm", "wma", "wmv", "wmx", "woff", "woff2", "wvx", "xbm", "xif", "xls", "xlsx", "xlt", "xm", "xpi", + "xpm", "xwd", "xz", "z", "zip", "zipx" ) + # urls to exclude from being grabbed during the searching URL_EXCLUDES = ( "maps.google", "play.google", "youtube", @@ -165,6 +187,7 @@ URL_EXCLUDES = ( "plus.google", "www.w3.org", "schemas.live.com", "torproject.org" ) + # regular expressions used for DBMS recognition based on error message response DBMS_ERRORS = { "MySQL": (r"SQL syntax.*MySQL", r"Warning.*mysql_.*", r"valid MySQL result", r"MySqlClient\."), @@ -447,10 +470,10 @@ def fix_log_file(logfile=get_latest_log_file(CURRENT_LOG_FILE_PATH)): with open(logfile, "r+") as to_fix: for line in to_fix.readlines(): retval += escape_seq_regex.sub("", line) - open(logfile, "w").close() + open(logfile, "w").close() # completely erase the log file with open(logfile, "a+") as fixed: for line in retval.split("\n"): - fixed.write(line + "\n") + fixed.write(line + "\n") # rewrite everything back to normal def write_to_log_file(data_to_write, path, filename): @@ -465,10 +488,12 @@ def write_to_log_file(data_to_write, path, filename): ) with open(full_file_path, "a+") as log: data = re.sub(r'\s+', '', log.read()) - if re.match(r'^<.+>$', data): + if re.match(r'^<.+>$', data): # matches HTML and XML try: log.write(etree.tostring(data_to_write, pretty_print=True)) except TypeError: + # usually happens when the file already exists + # TODO:/ skip writing to the file, or write to the file with a (1), (2), etc at the end logger.warning(set_color( "unable to serialize {} data, writing as plain text...".format( filename.split(".")[-1].upper() @@ -622,6 +647,11 @@ def config_search_engine(**kwargs): non_default_msg )) se = AUTHORIZED_SEARCH_ENGINES["bing"] + elif enum is not None: + logger.info(set_color( + "running enumeration on given file '{}'...".format(enum) + )) + se = None else: if verbose: logger.debug(set_color( @@ -629,7 +659,7 @@ def config_search_engine(**kwargs): )) logger.info(set_color( "using default search engine..." - )) if enum is None else "" + )) se = AUTHORIZED_SEARCH_ENGINES["google"] return se @@ -708,7 +738,7 @@ def create_random_ip(): generated = __get_nodes() if generated == "0.0.0.0" or "255.255.255.255": - generated = __get_nodes() + generated = __get_nodes() # if it isn't a real IP regenerate it return generated diff --git a/var/auto_issue/github.py b/var/auto_issue/github.py index 507c7fb..4404051 100644 --- a/var/auto_issue/github.py +++ b/var/auto_issue/github.py @@ -103,7 +103,7 @@ def request_issue_creation(): } _json_data = json.dumps(issue_data) - if sys.version_info > (3,): + if sys.version_info > (3,): # python 3 _json_data = _json_data.encode("utf-8") try: diff --git a/var/google_search/search.py b/var/google_search/search.py index 0a47260..3a6a248 100644 --- a/var/google_search/search.py +++ b/var/google_search/search.py @@ -5,12 +5,12 @@ import shlex import subprocess try: - from urllib import ( - unquote, + from urllib import ( # python 2 + unquote ) except ImportError: - from urllib.parse import ( - unquote, + from urllib.parse import ( # python 3 + unquote ) import requests @@ -62,7 +62,7 @@ def strip_leftovers(url, possibles): return url -def bypass_ip_block(url): +def extract_ip_ban(url): """ bypass Google's IP blocking by extracting the true URL from the ban URL. """ @@ -277,7 +277,7 @@ def get_urls(query, url, verbose=False, warning=True, **kwargs): "it appears that Google is attempting to block your IP address, attempting bypass...", level=30 )) try: - retval = bypass_ip_block(retval) + retval = extract_ip_ban(retval) do_continue = prompt( "zeus was able to successfully extract the URL from Google's ban URL " "it is advised to shutdown zeus and attempt to extract the URL's manually. "