Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

standalone package #23

Closed
lucmski opened this issue Aug 25, 2019 · 4 comments
Closed

standalone package #23

lucmski opened this issue Aug 25, 2019 · 4 comments

Comments

@lucmski
Copy link

lucmski commented Aug 25, 2019
edited

Hi guys,

Hope u are all well !

I tried to get a screenshot without the cli.

package main

import (
	//"fmt"
	//"os"
	"net/url"
	"strconv"
	"strings"
	"time"

	//homedir "github.com/mitchellh/go-homedir"
	log "github.com/sirupsen/logrus"
	//"github.com/spf13/cobra"
	//"github.com/spf13/viper"

	chrm "github.com/sensepost/gowitness/chrome"
	"github.com/sensepost/gowitness/storage"
	"github.com/sensepost/gowitness/utils"
)

func main() {

	// Init Google Chrome
	chrome = chrm.Chrome{
		Resolution:    resolution,
		ChromeTimeout: chromeTimeout,
		Path:          chromePath,
		UserAgent:     userAgent,
	}
	chrome.Setup()

	screenshotURL := "https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
	u, err := url.ParseRequestURI(screenshotURL)
	if err != nil {
		log.WithField("url", screenshotURL).Fatal("Invalid URL specified")
	}

	// Process this URL
	utils.ProcessURL(u, &chrome, &db, 3000)

	log.WithFields(log.Fields{"run-time": time.Since(startTime)}).Info("Complete")
}

var (
	cfgFile    string
	chrome     chrm.Chrome
	db         storage.Storage
	dbLocation string

	// logging
	logLevel  string
	logFormat string

	// 'global' flags
	waitTimeout   int
	resolution    string
	chromeTimeout int
	chromePath    string
	userAgent     string

	// screenshot command flags
	screenshotURL         string
	screenshotDestination string

	// file scanner command flags
	sourceFile string
	maxThreads int

	// range scanner command flags
	scanCidr           []string
	scanFileCidr       string
	scanPorts          string
	skipHTTP           bool
	skipHTTPS          bool
	randomPermutations bool

	// generate command
	reportFileName string

	// execution time
	startTime = time.Now()

	// version
	version = "1.0.8"
)

// initLogging prepares the logrus logger and format.
// the --log-level and --log-format commandline args lets you
// control what and how logrus outputs data.
func initLogging() {

	switch logLevel {

	case "debug":
		log.SetLevel(log.DebugLevel)

	case "info":
		log.SetLevel(log.InfoLevel)

	case "warn":
		log.SetLevel(log.WarnLevel)

	case "error":
		log.SetLevel(log.ErrorLevel)

	case "fatal":
		log.SetLevel(log.FatalLevel)

	default:
		log.WithField("log-level", logLevel).Warning("invalid log level. defaulting to info.")
		log.SetLevel(log.InfoLevel)
	}

	// Include timestamps in the text format output
	textformat := &log.TextFormatter{
		FullTimestamp:   true,
		TimestampFormat: "2006-01-02 15:04:05",
	}

	switch logFormat {

	case "text":
		log.SetFormatter(textformat)

	case "json":
		log.SetFormatter(new(log.JSONFormatter))

	default:
		log.WithField("log-format", logFormat).Warning("invalid log format. defaulting to text.")
		log.SetFormatter(textformat)
	}
}

// Checks if some of the globally provided arguments are valid.
func validateFlags() {

	// Check screenresolution argument values
	parsedResolution := strings.Split(resolution, ",")
	if len(parsedResolution) != 2 {

		log.WithField("resolution", resolution).Fatal("Invalid resolution value provided")
	}

	if _, err := strconv.Atoi(parsedResolution[0]); err != nil {
		log.WithField("resolution", resolution).Fatal("Failed to parse resolution x value")
	}

	if _, err := strconv.Atoi(parsedResolution[1]); err != nil {
		log.WithField("resolution", resolution).Fatal("Failed to parse resolution y value")
	}

}

What do I miss ?

Cheers,
L.
@lucmski
Copy link
Author

lucmski commented Aug 25, 2019

I have this error

INFO[0005] Response code                                 status="200 OK" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Final URL after redirects                     final-url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Retry-Count=0 url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Set-Cookie="__cfduid=da3abcc6f195c37562e80262a064918531566696677; expires=Mon, 24-Aug-20 01:31:17 GMT; path=/; domain=.zataz.com; HttpOnly; Secure" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Link="<https://www.zataz.com/wp-json/>; rel=\"https://api.w.org/\", <https://www.zataz.com/?p=21132>; rel=shortlink" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Expect-Ct="max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Server=cloudflare url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Content-Type="text/html; charset=UTF-8" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               X-Pingback="https://www.zataz.com/xmlrpc.php" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Cf-Ray=50b9ce380e81a879-CDG url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Response header                               Date="Sun, 25 Aug 2019 01:31:17 GMT" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Certificate chain common name                 common_name=ssl376801.cloudflaressl.com url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Signature algorithm                           signature-alg=ECDSA-SHA256 url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Public key algorithm                          pubkey-alg=ECDSA url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Issuer                                        issuer="COMODO ECC Domain Validation Secure Server CA 2" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=ssl376801.cloudflaressl.com url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.cctx.church" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.celebration.church" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.crea-handigehandjes.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.datasecuritybreach.fr" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.expertwatches.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.extrawijdesokken.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.ingepip.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.labelsz.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.rivonshop.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.senproducts.com" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.slijterijkuijpers.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.steengoedzo.nl" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.tajmeeli.com" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.thedyslexiashop.co.uk" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names="*.zataz.com" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=cctx.church url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=celebration.church url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=crea-handigehandjes.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=datasecuritybreach.fr url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=expertwatches.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=extrawijdesokken.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=ingepip.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=labelsz.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=rivonshop.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=senproducts.com url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=slijterijkuijpers.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=steengoedzo.nl url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=tajmeeli.com url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=thedyslexiashop.co.uk url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] DNS Name                                      dns-names=zataz.com url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Certificate chain common name                 common_name="COMODO ECC Domain Validation Secure Server CA 2" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Signature algorithm                           signature-alg=ECDSA-SHA384 url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Public key algorithm                          pubkey-alg=ECDSA url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Issuer                                        issuer="COMODO ECC Certification Authority" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Certificate chain common name                 common_name="COMODO ECC Certification Authority" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Signature algorithm                           signature-alg=SHA384-RSA url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Public key algorithm                          pubkey-alg=ECDSA url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Issuer                                        issuer="AddTrust External CA Root" url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Cipher suite in use                           cipher-suite=49195 url="https://www.zataz.com/osint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp/"
INFO[0005] Taking screenshot                             destination=https-www.zataz.comosint-des-numeros-de-politiques-francaises-interceptes-via-whatsapp.png url="https://www.zataz.com/"
FATA[0005] context deadline exceeded                    
exit status 1

@roscopecoltran
Copy link

any updates ?

@leonjza
Copy link
Member

leonjza commented Sep 25, 2019
edited

It's actually a lot simpler than that. You only need the chrome package. The following snippet will dump you a new google.png.

// main.go
package main

import (
	"net/url"

	chrm "github.com/sensepost/gowitness/chrome"
)

func main() {

	chrome := &chrm.Chrome{
		Resolution:    `800x600`,
		ChromeTimeout: 30,
	}
	chrome.Setup()

	u, _ := url.ParseRequestURI(`https://www.google.com/`)
	chrome.ScreenshotURL(u, `google.png`)
}

go.mod used

module github.com/leonjza/gw-cli

go 1.13

require github.com/sensepost/gowitness v0.0.0-20190925101607-7869799fbf08

@leonjza leonjza closed this as completed Sep 25, 2019
@leonjza leonjza mentioned this issue Sep 25, 2019
Closed
@roscopecoltran
Copy link

I have a white screenshot :-(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@leonjza @roscopecoltran @lucmski