From ceca62c4b47db904ff9edb6a26673f38ce400a38 Mon Sep 17 00:00:00 2001 From: ekultek Date: Sat, 30 Sep 2017 08:01:40 -0500 Subject: [PATCH] auto issue creation, also caught an error, apparently it's really hard to understand tHAT SQLMAP NEEDS TO BE STARTED IN ORDER TO WORK --- lib/attacks/admin_panel_finder/__init__.py | 6 +- lib/attacks/intel_me/__init__.py | 6 +- lib/attacks/nmap_scan/__init__.py | 7 +- lib/attacks/sqlmap_scan/__init__.py | 24 ++++-- lib/settings.py | 2 +- var/auto_issue/__init__.py | 0 var/auto_issue/github.py | 91 ++++++++++++++++++++++ var/auto_issue/oauth | 1 + zeus.py | 9 +++ 9 files changed, 135 insertions(+), 11 deletions(-) create mode 100644 var/auto_issue/__init__.py create mode 100644 var/auto_issue/github.py create mode 100644 var/auto_issue/oauth diff --git a/lib/attacks/admin_panel_finder/__init__.py b/lib/attacks/admin_panel_finder/__init__.py index f058359..a712ef9 100644 --- a/lib/attacks/admin_panel_finder/__init__.py +++ b/lib/attacks/admin_panel_finder/__init__.py @@ -6,11 +6,13 @@ try: # Python 2 except ImportError: # Python 3 from urllib2 import urlopen, HTTPError +from var.auto_issue.github import request_issue_creation from lib.settings import ( logger, replace_http, set_color, - create_tree + create_tree, + fix_log_file ) @@ -58,6 +60,8 @@ def check_for_admin_page(url, exts, protocol="http://", show_possibles=False, ve logger.exception(set_color( "failed to connect with unexpected error '{}'...".format(str(e)), level=50 )) + fix_log_file() + request_issue_creation() possible_connections, connections = list(possible_connections), list(connections) data_msg = "found {} possible connections(s) and {} successful connection(s)..." logger.info(set_color( diff --git a/lib/attacks/intel_me/__init__.py b/lib/attacks/intel_me/__init__.py index 0743c5f..74b911c 100644 --- a/lib/attacks/intel_me/__init__.py +++ b/lib/attacks/intel_me/__init__.py @@ -4,10 +4,12 @@ import json import requests from lxml import html +from var.auto_issue.github import request_issue_creation from lib.settings import ( proxy_string_to_dict, logger, set_color, - DEFAULT_USER_AGENT + DEFAULT_USER_AGENT, + fix_log_file ) @@ -120,3 +122,5 @@ def main_intel_amt(url, agent=None, proxy=None): logger.exception(set_color( "ran into exception '{}', cannot continue...".format(e) )) + fix_log_file() + request_issue_creation() diff --git a/lib/attacks/nmap_scan/__init__.py b/lib/attacks/nmap_scan/__init__.py index c993624..202f671 100644 --- a/lib/attacks/nmap_scan/__init__.py +++ b/lib/attacks/nmap_scan/__init__.py @@ -1,14 +1,15 @@ import os import nmap import json -import time import socket +from var.auto_issue.github import request_issue_creation from lib.settings import ( logger, set_color, create_dir, - find_application + find_application, + fix_log_file ) @@ -134,6 +135,8 @@ def perform_port_scan(url, ports=None, scanner=NmapHook, verbose=False, opts=Non logger.exception(set_color( "ran into exception '{}', cannot continue quitting...".format(e), level=50 )) + fix_log_file() + request_issue_creation() pass else: logger.fatal(set_color( diff --git a/lib/attacks/sqlmap_scan/__init__.py b/lib/attacks/sqlmap_scan/__init__.py index f6ba744..12f3976 100644 --- a/lib/attacks/sqlmap_scan/__init__.py +++ b/lib/attacks/sqlmap_scan/__init__.py @@ -11,6 +11,8 @@ import requests import lib.settings import lib.errors +from var.auto_issue.github import request_issue_creation + class SqlmapHook(object): @@ -169,9 +171,19 @@ def sqlmap_scan_main(url, port=None, verbose=None, auto_search=False, opts=None, )) pass except Exception as e: - lib.settings.logger.exception(lib.settings.set_color( - "ran into error '{}', seems something went wrong, error has " - "been saved to current log file. Please make an issue to get " - "this addressed...".format(e), level=50 - )) - pass + if "HTTPConnectionPool(host='127.0.0.1'" in str(e): + lib.settings.logger.error(lib.settings.set_color( + "sqlmap API is not started, did you forget to start it? " + "You will need to open a new terminal, cd into sqlmap, and " + "run `python sqlmapapi.py -s` otherwise pass the correct flags " + "to auto start the API...", level=40 + )) + pass + else: + lib.settings.logger.exception(lib.settings.set_color( + "ran into error '{}', seems something went wrong, error has " + "been saved to current log file.".format(e), level=50 + )) + lib.settings.fix_log_file() + request_issue_creation() + pass diff --git a/lib/settings.py b/lib/settings.py index 311ecea..45acafd 100644 --- a/lib/settings.py +++ b/lib/settings.py @@ -22,7 +22,7 @@ except NameError: # clone link CLONE = "https://github.com/ekultek/zeus-scanner.git" # current version -VERSION = "1.0.22.b34b" +VERSION = "1.0.23" # colors to output depending on the version VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30} # version string formatting diff --git a/var/auto_issue/__init__.py b/var/auto_issue/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/var/auto_issue/github.py b/var/auto_issue/github.py new file mode 100644 index 0000000..8b3748c --- /dev/null +++ b/var/auto_issue/github.py @@ -0,0 +1,91 @@ +import os +import sys +try: + import urllib2 +except ImportError: + import urllib as urllib2 +import json +import platform + +from lib.settings import ( + logger, + set_color, + get_latest_log_file, + CURRENT_LOG_FILE_PATH +) + + +def __get_encoded_string(filename="{}/var/auto_issue/oauth"): + with open(filename.format(os.getcwd())) as data: + return data.read() + + +def get_decode_num(data): + return data.split(":")[-1] + + +def decode(n, token): + token = token.split(":")[0] + for _ in range(int(n)): + token = token.decode("base64") + return token + + +def request_issue_creation(): + + logger.info(set_color( + "Zeus got an unexpected error and will automatically create an issue for this error, please wait..." + )) + + def __extract_stacktrace(file_data): + logger.info(set_color( + "extracting traceback from log file..." + )) + retval, buff_mode, _buffer = [], False, "" + with open(file_data, "r+") as log: + for line in log: + if "Traceback" in line: + buff_mode = True + if line and len(line) < 5: + buff_mode = False + retval.append(_buffer) + _buffer = "" + if buff_mode: + if len(line) > 400: + line = line[:400] + "...\n" + _buffer += line + return "".join(retval) + + logger.info(set_color( + "getting authorization..." + )) + + encoded = __get_encoded_string() + n = get_decode_num(encoded) + token = decode(n, encoded) + + current_log_file = get_latest_log_file(CURRENT_LOG_FILE_PATH) + stacktrace = __extract_stacktrace(current_log_file) + issue_title = stacktrace.split("\n")[-2] + + issue_data = { + "title": issue_title, + "body": "Error info:\n```{}````\n\nRunning details:\n`{}`\n\nCommands used:\n`{}`".format( + str(stacktrace), str(platform.platform()), " ".join(sys.argv) + ), + } + + try: + req = urllib2.Request( + url="https://api.github.com/repos/ekultek/zeus-scanner/issues", data=json.dumps(issue_data), + headers={"Authorization": "token {}".format(token)} + ) + urllib2.urlopen(req, timeout=10).read() + logger.info(set_color( + "issue has been created successfully with the following name '{}'...".format(issue_title) + )) + except Exception as e: + logger.exception(set_color( + "failed to auto create the issue, got exception '{}', " + "you may manually create an issue...".format(e), level=50 + )) diff --git a/var/auto_issue/oauth b/var/auto_issue/oauth new file mode 100644 index 0000000..d93c346 --- /dev/null +++ b/var/auto_issue/oauth @@ -0,0 +1 @@ +Vm0wd2VHUXhTWGxTV0d4V1YwZG9jRlZ0TVc5V1JteHlWMjVrVmxKc2NEQlVWbU0xVmpBeFYySkVUbHBXVmxwUVZteFZlRll5VGtsaApSbHBYWld4YVRWWnJaRFJaVjAxNFZHNVdhZ3BTYldodlZGWmFjMDB4WkZkWGJVWmFWbXh3V0ZZeU5VdFhRWEJwVWpKb1dsWlVRbGRUCk1WWlhWMjVPVjJKVldsVlpiRnBIVGtaWmVXVkdaRlprTTBKd1ZXcEtiMWRXWkZoa1JtUnJDazFYVWxoWGExcHZZVEZLYzJOR1FsZGkKV0ZJelZqRmFWbVZYVWtoUFYyaHJUVEJLVlZadGRHdE9SbHBYVjJ4b2JGSnRVbkpEYXpGelYydG9WMDF1VW5aV1IzaHJVMFpXZFZGcwpjR2tLVW01Q1NWWkdVa2RWTWsxNFZtNVNVMkpJUWxkV01GWkxWbFphUjFWcmRHbE5WbHBJVjJ0YWExbFdTa2RUYlVaRVlrWnNNMVJzCldtOVdNVm8yVm10NFdGWnNjRXhhUmxwSFkyczVWd3BYYld0TFZXMTBkMU5XV25OVmEyUlhUVlZzTkZadGVITlpWa3B6VTI1S1ZWWXoKUW5WVWJGcEdaVlpzTm1KR1JsWldlbWMxVVRKak9WQlJiejBLCg==:9 \ No newline at end of file diff --git a/zeus.py b/zeus.py index 4d485fa..570386e 100755 --- a/zeus.py +++ b/zeus.py @@ -12,6 +12,7 @@ except ImportError: from var import blackwidow from var.google_search import search +from var.auto_issue.github import request_issue_creation from lib.errors import InvalidInputProvided from lib.attacks.admin_panel_finder import main from lib.attacks.xss_scan import main_xss @@ -403,6 +404,8 @@ if __name__ == "__main__": logger.exception(set_color( "ran into exception '{}'...".format(e), level=50 )) + fix_log_file() + request_issue_creation() pass urls_to_use = get_latest_log_file(URL_LOG_PATH) @@ -433,6 +436,8 @@ if __name__ == "__main__": logger.exception(set_color( "ran into exception '{}'...".format(e), level=50 )) + fix_log_file() + request_issue_creation() pass urls_to_use = get_latest_log_file(URL_LOG_PATH) @@ -477,6 +482,8 @@ if __name__ == "__main__": "ran into exception '{}' and cannot continue, saved to current log file...".format(e), level=50 )) + fix_log_file() + request_issue_creation() elif opt.spiderWebSite: if not URL_REGEX.match(opt.spiderWebSite): @@ -551,6 +558,8 @@ if __name__ == "__main__": logger.exception(set_color( "ran into exception '{}' exception has been saved to log file...".format(e), level=50 )) + fix_log_file() + request_issue_creation() fix_log_file() shutdown() \ No newline at end of file