refactoring and bug fixes

README.md

@@ -5,7 +5,7 @@
 ![Build Status](https://travis-ci.org/evyatarmeged/Raccoon.svg?branch=master)
 ![license](https://img.shields.io/github/license/mashape/apistatus.svg)
 ![pythonver](https://img.shields.io/badge/python-3.5%2B-blue.svg)
-![raccoonver](https://img.shields.io/badge/Raccoon%20version-0.0.74-lightgrey.svg)
+![raccoonver](https://img.shields.io/badge/Raccoon%20version-0.0.75-lightgrey.svg)
 
 ##### Features
 - [x] DNS details
@@ -109,10 +109,11 @@ Options:
                                  the default
   --tls-port INTEGER             Use this port for TLS queries. Default: 443
   --skip-health-check            Do not test for target host availability
-  -fr, --follow-redirects        Follow redirects when fuzzing. Default: True
+  --follow-redirects             Follow redirects when fuzzing. Default: False
+                                 (will not follow redirects)
   --no-url-fuzzing               Do not fuzz URLs
   --no-sub-enum                  Do not bruteforce subdomains
-  --skip-nmap-scan               Do not scan with Nmap
+  --skip-nmap-scan               Do not perform an Nmap scan
   -q, --quiet                    Do not output to stdout
   -o, --outdir TEXT              Directory destination for scan output
   --help                         Show this message and exit.

raccoon_src/lib/dns_handler.py

@@ -57,7 +57,7 @@ async def grab_whois(cls, host):
                         logger.debug(line)
 
     @classmethod
-    def generate_dns_dumpster_mapping(cls, host, sout_logger):
+    async def generate_dns_dumpster_mapping(cls, host, sout_logger):
         sout_logger.info("{} Trying to fetch DNS Mapping for {} from DNS dumpster".format(
             COLORED_COMBOS.INFO, host))
         try:

raccoon_src/lib/fuzzer.py

@@ -116,7 +116,7 @@ def _generate_fake_requests(self, sub_domain):
                 response_codes.append(res.status_code)
             except RequestHandlerException as e:
                 if sub_domain:  # If should-not-work.example.com doesn't resolve, no wildcard subdomain is present
-                    return
+                    return [0]
                 else:
                     raise FuzzerException("Could not get a response from {}."
                                           " Maybe target is down ?".format(self.target))

raccoon_src/main.py

@@ -43,7 +43,7 @@ def intro(logger):
 
 
 @click.command()
-@click.version_option("0.0.74")
+@click.version_option("0.0.75")
 @click.option("-t", "--target", required=True, help="Target to scan")
 @click.option("-d", "--dns-records", default="A,MX,NS,CNAME,SOA,TXT",
               help="Comma separated DNS records to query. Defaults to: A,MX,NS,CNAME,SOA,TXT")
@@ -68,8 +68,8 @@ def intro(logger):
 @click.option("-p", "--port", help="Use this port range for Nmap scan instead of the default")
 @click.option("--tls-port", default=443, help="Use this port for TLS queries. Default: 443")
 @click.option("--skip-health-check", is_flag=True, help="Do not test for target host availability")
-@click.option("--no-redirects", is_flag=True,
-              help="Do not follow redirects when fuzzing. Default: False (will follow redirects)")
+@click.option("--follow-redirects", is_flag=True, default=False,
+              help="Follow redirects when fuzzing. Default: False (will not follow redirects)")
 @click.option("--no-url-fuzzing", is_flag=True, help="Do not fuzz URLs")
 @click.option("--no-sub-enum", is_flag=True, help="Do not bruteforce subdomains")
 @click.option("--skip-nmap-scan", is_flag=True, help="Do not perform an Nmap scan")
@@ -94,7 +94,7 @@ def main(target,
          port,
          tls_port,
          skip_health_check,
-         no_redirects,
+         follow_redirects,
          no_url_fuzzing,
          no_sub_enum,
          skip_nmap_scan,
@@ -134,7 +134,6 @@ def main(target,
 
         dns_records = tuple(dns_records.split(","))
         ignored_response_codes = tuple(int(code) for code in ignored_response_codes.split(","))
-        follow_redirects = not no_redirects
 
         if port:
             HelpUtilities.validate_port_range(port)
@@ -187,14 +186,12 @@ def main(target,
             asyncio.ensure_future(tls_info_scanner.run()),
             asyncio.ensure_future(waf.detect()),
             asyncio.ensure_future(DNSHandler.grab_whois(host)),
-            asyncio.ensure_future(web_app_scanner.run_scan())
+            asyncio.ensure_future(web_app_scanner.run_scan()),
+            asyncio.ensure_future(DNSHandler.generate_dns_dumpster_mapping(host, logger))
         )
 
         main_loop.run_until_complete(asyncio.wait(tasks))
 
-        # DNS dumpster visualization
-        DNSHandler.generate_dns_dumpster_mapping(host, logger)
-
         # Second set of checks - URL fuzzing, Subdomain enumeration
         if not no_url_fuzzing:
             fuzzer = URLFuzzer(host, ignored_response_codes, threads, wordlist, follow_redirects)

setup.py

@@ -8,7 +8,7 @@
     name='raccoon-scanner',
     packages=find_packages(exclude="tests"),
     license="MIT",
-    version='0.0.74',
+    version='0.0.75',
     description='Offensive Security Tool for Reconnaissance and Information Gathering',
     long_description=long_description,
     long_description_content_type="text/markdown",

tests/test_fuzzer.py

@@ -17,7 +17,7 @@ def setUp(self):
 
     def test_bad_wordlist(self):
         host = self.TestHost("127.0.0.1", ())
-        fuzzer = self.TestFuzzer(host, (), wordlist="no/such/path", num_threads=1)
+        fuzzer = self.TestFuzzer(host, (), path_to_wordlist="no/such/path", num_threads=1)
         with self.assertRaises(FuzzerException):
             self.loop.run_until_complete(fuzzer.fuzz_all())