-
Notifications
You must be signed in to change notification settings - Fork 624
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Removed the google_site_api module due to the API no longer being sup…
…ported. Resolves issue #245. Removed the freegeoip module due to the resource no longer being available. Resolves issue #290. Added the ipstack module to replace the previously removed freegeoip module. Resolves issue #289. Updated the geocoding modules to work with changes to the API. Resolves issue #292. Added virustotal hostname extractor modules. Updated the shebangs to specify Python 2 as recommended by PEP-0394. Updated the csv reporting module to allow including a header row. Fixed ^D for navigation. Updated the full name parsing logic in the bing_linkedin_cache module to account for changes in formatting. Minor cleanup of white space in the core framework module.
- Loading branch information
1 parent
c83599e
commit 93bb9a4
Showing
14 changed files
with
112 additions
and
82 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
62 changes: 29 additions & 33 deletions
62
modules/recon/hosts-hosts/freegeoip.py → modules/recon/hosts-hosts/ipstack.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,33 +1,29 @@ | ||
from recon.core.module import BaseModule | ||
import json | ||
|
||
class Module(BaseModule): | ||
|
||
meta = { | ||
'name': 'FreeGeoIP', | ||
'author': 'Gerrit Helm (G) and Tim Tomes (@LaNMaSteR53)', | ||
'description': 'Leverages the freegeoip.net API to geolocate a host by IP address. Updates the \'hosts\' table with the results.', | ||
'comments': ( | ||
'Allows up to 10,000 queries per hour by default. Once this limit is reached, all requests will result in HTTP 403, forbidden, until the quota is cleared.', | ||
), | ||
'query': 'SELECT DISTINCT ip_address FROM hosts WHERE ip_address IS NOT NULL', | ||
'options': ( | ||
('serverurl', 'http://freegeoip.net', True, 'overwrite server url (e.g. for local installations)'), | ||
), | ||
} | ||
|
||
def module_run(self, hosts): | ||
for host in hosts: | ||
url = '%s/json/%s' % (self.options['serverurl'], host) | ||
resp = self.request(url) | ||
if resp.json: | ||
jsonobj = resp.json | ||
else: | ||
self.error('Invalid JSON response for \'%s\'.\n%s' % (host, resp.text)) | ||
continue | ||
region = ', '.join([str(jsonobj[x]).title() for x in ['city', 'region_name'] if jsonobj[x]]) or None | ||
country = jsonobj['country_name'].title() | ||
latitude = str(jsonobj['latitude']) | ||
longitude = str(jsonobj['longitude']) | ||
self.output('%s - %s,%s - %s' % (host, latitude, longitude, ', '.join([x for x in [region, country] if x]))) | ||
self.query('UPDATE hosts SET region=?, country=?, latitude=?, longitude=? WHERE ip_address=?', (region, country, latitude, longitude, host)) | ||
from recon.core.module import BaseModule | ||
import json | ||
|
||
class Module(BaseModule): | ||
|
||
meta = { | ||
'name': 'ipstack', | ||
'author': 'Siarhei Harbachou (Tech.Insiders), Gerrit Helm (G) and Tim Tomes (@LaNMaSteR53)', | ||
'description': 'Leverages the ipstack.com API to geolocate a host by IP address. Updates the \'hosts\' table with the results.', | ||
'required_keys': ['ipstack_api'], | ||
'query': 'SELECT DISTINCT ip_address FROM hosts WHERE ip_address IS NOT NULL', | ||
} | ||
|
||
def module_run(self, hosts): | ||
for host in hosts: | ||
api_key = self.keys.get('ipstack_api') | ||
url = 'http://api.ipstack.com/%s?access_key=%s' % (host, api_key) | ||
resp = self.request(url) | ||
if resp.json: | ||
jsonobj = resp.json | ||
else: | ||
self.error('Invalid JSON response for \'%s\'.\n%s' % (host, resp.text)) | ||
continue | ||
region = ', '.join([str(jsonobj[x]).title() for x in ['city', 'region_name'] if jsonobj[x]]) or None | ||
country = jsonobj['country_name'].title() | ||
latitude = str(jsonobj['latitude']) | ||
longitude = str(jsonobj['longitude']) | ||
self.output('%s - %s,%s - %s' % (host, latitude, longitude, ', '.join([x for x in [region, country] if x]))) | ||
self.query('UPDATE hosts SET region=?, country=?, latitude=?, longitude=? WHERE ip_address=?', (region, country, latitude, longitude, host)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
from recon.core.module import BaseModule | ||
from time import sleep | ||
|
||
class Module(BaseModule): | ||
|
||
meta = { | ||
'name': 'Virustotal domains extractor', | ||
'author': 'USSC (thanks @jevalenciap)', | ||
'description': 'Harvests domains from the Virustotal by using the report API. Updates the \'hosts\' table with the results.', | ||
'required_keys': ['virustotal_api'], | ||
'query': 'SELECT DISTINCT ip_address FROM hosts WHERE ip_address IS NOT NULL', | ||
'options': ( | ||
('interval', 15, True, 'interval in seconds between api requests'), | ||
), | ||
} | ||
|
||
def module_run(self, addresses): | ||
key = self.get_key('virustotal_api') | ||
url = 'https://www.virustotal.com/vtapi/v2/ip-address/report' | ||
for ip in addresses: | ||
self.heading(ip, level=0) | ||
resp = self.request( url, payload = {'ip': ip, 'apikey': key} ) | ||
if resp.json and 'resolutions' in resp.json.keys(): | ||
for entry in resp.json['resolutions']: | ||
hostname = entry.get('hostname') | ||
if hostname: | ||
self.add_hosts(host=hostname, ip_address=ip) | ||
sleep(self.options['interval']) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
from recon.core.module import BaseModule | ||
from time import sleep | ||
|
||
class Module(BaseModule): | ||
|
||
meta = { | ||
'name': 'Virustotal domains extractor', | ||
'author': 'USSC (thanks @jevalenciap)', | ||
'description': 'Harvests domains from the Virustotal by using the report API. Updates the \'hosts\' table with the results.', | ||
'required_keys': ['virustotal_api'], | ||
'query': 'SELECT DISTINCT netblock FROM netblocks WHERE netblock IS NOT NULL', | ||
'options': ( | ||
('interval', 15, True, 'interval in seconds between api requests'), | ||
), | ||
} | ||
|
||
def module_run(self, netblocks): | ||
key = self.get_key('virustotal_api') | ||
url = 'https://www.virustotal.com/vtapi/v2/ip-address/report' | ||
for netblock in netblocks: | ||
for ip in self.cidr_to_list(netblock): | ||
self.heading(ip, level=0) | ||
resp = self.request( url, payload = {'ip': ip, 'apikey': key} ) | ||
if resp.json and 'resolutions' in resp.json.keys(): | ||
for entry in resp.json['resolutions']: | ||
hostname = entry.get('hostname') | ||
if hostname: | ||
self.add_hosts(host=hostname, ip_address=ip) | ||
sleep(self.options['interval']) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
#!/usr/bin/env python | ||
#!/usr/bin/env python2 | ||
|
||
import argparse | ||
import sys | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
#!/usr/bin/env python | ||
#!/usr/bin/env python2 | ||
|
||
import argparse | ||
import re | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
#!/usr/bin/env python | ||
#!/usr/bin/env python2 | ||
|
||
__author__ = "Anthony Miller-Rhodes (@amillerrhodes)" | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
#!/usr/bin/env python | ||
#!/usr/bin/env python2 | ||
|
||
from recon.core.web import app | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters