Skip to content

Commit

Permalink
Merge pull request #743 from six2dez/dev
Browse files Browse the repository at this point in the history 
Dev
  • Loading branch information
@six2dez
six2dez committed Jul 7, 2023
2 parents a986c79 + 5ce6bb9 commit 486ceb8
Show file tree
Hide file tree
Showing 6 changed files with 129 additions and 68 deletions.
2 changes: 1 addition & 1 deletion install.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -430,7 +430,7 @@ printf "${bblue}\n Running: Installing repositories (${#repos[@]})${reset}\n\n"
# Repos with special configs
eval git clone https://github.com/projectdiscovery/nuclei-templates ~/nuclei-templates $DEBUG_STD
eval git clone https://github.com/geeknik/the-nuclei-templates.git ~/nuclei-templates/extra_templates $DEBUG_STD
eval git clone https://github.com/projectdiscovery/fuzzing-templates ~/fuzzing-templates $DEBUG_STD
eval git clone https://github.com/projectdiscovery/fuzzing-templates $tools/fuzzing-templates $DEBUG_STD
eval wget -q -O - https://raw.githubusercontent.com/NagliNagli/BountyTricks/main/ssrf.yaml > ~/nuclei-templates/ssrf_nagli.yaml $DEBUG_STD
eval wget -q -O - https://raw.githubusercontent.com/NagliNagli/BountyTricks/main/sap-redirect.yaml > ~/nuclei-templates/sap-redirect_nagli.yaml $DEBUG_STD
eval nuclei -update-templates $DEBUG_STD
Expand Down
18 changes: 7 additions & 11 deletions reconftw.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ function tools_installed(){
which gotator &>/dev/null || { printf "${bred} [*] gotator [NO]${reset}\n"; allinstalled=false;}
which nuclei &>/dev/null || { printf "${bred} [*] Nuclei [NO]${reset}\n"; allinstalled=false;}
[ -d ~/nuclei-templates ] || { printf "${bred} [*] Nuclei templates [NO]${reset}\n"; allinstalled=false;}
[ -d ~/fuzzing-templates ] || { printf "${bred} [*] Fuzzing templates [NO]${reset}\n"; allinstalled=false;}
[ -d $tools/fuzzing-templates ] || { printf "${bred} [*] Fuzzing templates [NO]${reset}\n"; allinstalled=false;}
which gf &>/dev/null || { printf "${bred} [*] Gf [NO]${reset}\n"; allinstalled=false;}
which Gxss &>/dev/null || { printf "${bred} [*] Gxss [NO]${reset}\n"; allinstalled=false;}
which subjs &>/dev/null || { printf "${bred} [*] subjs [NO]${reset}\n"; allinstalled=false;}
Expand Down Expand Up @@ -358,15 +358,11 @@ function subdomains_full(){
function sub_passive(){
if { [ ! -f "$called_fn_dir/.${FUNCNAME[0]}" ] || [ "$DIFF" = true ]; } && [ "$SUBPASSIVE" = true ]; then
start_subfunc ${FUNCNAME[0]} "Running : Passive Subdomain Enumeration"
if [ ! "$AXIOM" = true ]; then
[[ $RUNAMASS == true ]] && timeout -k 1m ${AMASS_ENUM_TIMEOUT} amass enum -passive -d $domain -config $AMASS_CONFIG -timeout $AMASS_ENUM_TIMEOUT -json .tmp/amass_json.json 2>>"$LOGFILE" &>/dev/null
[ -s ".tmp/amass_json.json" ] && cat .tmp/amass_json.json | jq -r '.name' | anew -q .tmp/amass_psub.txt
[[ $RUNSUBFINDER == true ]] && subfinder -all -d "$domain" -silent -o .tmp/subfinder_psub.txt 2>>"$LOGFILE" >/dev/null
else
echo $domain > .tmp/amass_temp_axiom.txt
[[ $RUNAMASS == true ]] && axiom-scan .tmp/amass_temp_axiom.txt -m amass -passive -o .tmp/amass_psub.txt $AXIOM_EXTRA_ARGS 2>>"$LOGFILE" >/dev/null
[[ $RUNSUBFINDER == true ]] && axiom-scan .tmp/amass_temp_axiom.txt -m subfinder -all -silent -o .tmp/subfinder_psub.txt $AXIOM_EXTRA_ARGS 2>>"$LOGFILE" >/dev/null
fi

[[ $RUNAMASS == true ]] && timeout -k 1m ${AMASS_ENUM_TIMEOUT} amass enum -passive -d $domain -config $AMASS_CONFIG -timeout $AMASS_ENUM_TIMEOUT -json .tmp/amass_json.json 2>>"$LOGFILE" &>/dev/null
[ -s ".tmp/amass_json.json" ] && cat .tmp/amass_json.json | jq -r '.name' | anew -q .tmp/amass_psub.txt
[[ $RUNSUBFINDER == true ]] && subfinder -all -d "$domain" -silent -o .tmp/subfinder_psub.txt 2>>"$LOGFILE" >/dev/null

if [ -s "${GITHUB_TOKENS}" ]; then
if [ "$DEEP" = true ]; then
github-subdomains -d $domain -t $GITHUB_TOKENS -o .tmp/github_subdomains_psub.txt 2>>"$LOGFILE" >/dev/null
Expand All @@ -375,7 +371,7 @@ function sub_passive(){
fi
fi
if [ -s "${GITLAB_TOKENS}" ]; then
gitlab-subdomains -d $domain -t $GITLAB_TOKENS -o .tmp/gitlab_subdomains_psub.txt 2>>"$LOGFILE" >/dev/null
gitlab-subdomains -d $domain -t $GITLAB_TOKENS > .tmp/gitlab_subdomains_psub.txt 2>>"$LOGFILE" >/dev/null
fi
if [ "$INSCOPE" = true ]; then
check_inscope .tmp/amass_psub.txt 2>>"$LOGFILE" >/dev/null
Expand Down
1 change: 1 addition & 0 deletions web/projects/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,5 @@
path('', views.index, name='index'),
path('<int:id>/delete/', views.delete_project,name='delete'),
path('<int:id>/cancel/', views.cancel_scan,name='cancel'),
path('<int:id>/backup/', views.DownloadBackup, name='backup'),
]
40 changes: 39 additions & 1 deletion web/projects/views.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
from django.shortcuts import get_object_or_404, render
from django.http import HttpResponse
from projects.models import Project
from django.core.files.base import ContentFile
from django.shortcuts import redirect
Expand All @@ -11,6 +12,7 @@
import shutil, os, time, requests, favicon
from pathlib import Path
from subprocess import Popen
import zipfile

# Main Projects Page
@login_required(login_url='/login/')
Expand Down Expand Up @@ -67,7 +69,7 @@ def index(request):
print("final_date: "+str(final_date))

pjtfor = Project.objects.filter(domain=sgdomain)
print("pjt: "+str(pjtfor))
# print("pjt: "+str(pjtfor))


# Save Domain
Expand Down Expand Up @@ -194,6 +196,42 @@ def delete_project(request, id):

return redirect('projects:index')

@login_required(login_url='/login/')
def DownloadBackup(requests, id):

project = Project.objects.get(id=id)
if project.status == "FINISHED":
command = str(project.command).split("'")
del command[0::2]

tempFolder = "/tmp"
folderPath = command[-1].rsplit("/",1)[0]
folderName = command[-1].rsplit("/",1)[1]

if "/" in folderName:
tmp = folderName.rsplit("/", 1)

folderPath = tmp[0]
folderName = tmp[1]

if os.path.exists(tempFolder+"/Backup-"+folderName+".zip"):
os.remove(tempFolder+"/Backup-"+folderName+".zip")

os.chdir(folderPath)
with zipfile.ZipFile(tempFolder+"/Backup-"+folderName+".zip", "w") as zf:
for item in Path(folderName).rglob("*"):
zf.write(item)
zf.close()

backupFileName = "Backup-"+folderName+".zip"

file = open(tempFolder+"/"+backupFileName, "rb")

response = HttpResponse(file, content_type='application/force-download')
response['Content-Disposition'] = 'attachment; filename='+backupFileName
return response
else:
return HttpResponse('Scanning is not completed, please wait.')

# TODO: Cancel Scan Function
@login_required(login_url='/login/')
Expand Down
36 changes: 34 additions & 2 deletions web/scans/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -410,7 +410,39 @@ def new_scan(request):
elif type_domain == "1":
list_domain = request.POST.get('listDomain')
print("List Domain")
else:
print("Wrong!!")
list_domain = list(map(str.strip, list_domain.split("\n")))

for single_domain in list_domain:
if validators.domain(single_domain):
command = ['../reconftw.sh','-d',single_domain]

req_params = list(request.POST)

# MODE OPTIONS
if req_params[4] == 'switch-recon':
command.append('-r')
elif req_params[4] == 'switch-subdomains':
command.append('-s')
elif req_params[4] == 'switch-passive':
command.append('-p')
elif req_params[4] == 'switch-all':
command.append('-a')
elif req_params[4] == 'switch-web':
command.append('-w')
elif req_params[4] == 'switch-osint':
command.append('-n')

# GENERAL OPTIONS
if 'switch-deep' in req_params:
command.append('--deep')
if 'switch-vps' in req_params:
command.append('-v')

# RUN new_scan_single_domain TASK
print("=====>>>> about to run new_scan_single_domain")
celery_task = new_scan_single_domain.apply_async(command, queue="default")

else:
print("Wrong!!")

return redirect('projects:index')
100 changes: 47 additions & 53 deletions web/templates/projects.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -630,6 +630,7 @@
border-radius: 50%;
background-color: #fff;
}

</style>

{% if messages %} {% for message in messages %}
Expand Down Expand Up @@ -769,7 +770,7 @@ <h3>{{ request.user }}<br /><span>Reconnaissance Ninja</span></h3>
<button class="btn" data-bs-toggle="modal" data-bs-placement="bottom" title="CANCEL" type="button" data-bs-toggle="modal" data-bs-target="#modal-cancel-{{ domains.id }}"><i class='bx bxs-x-square bx-sm'></i></button>
{% endif %}
<button class="btn" type="button" data-bs-toggle="modal" data-bs-target="#modal-scheduling-{{ domains.id }}" onclick="timezone('{{ domains.id }}'); getSchedules('{{ domains.id }}');" ><i class='bx bxs-alarm-add bx-sm'></i></button>
<button class="btn" type="button" data-bs-toggle="modal" data-bs-target="#modal-backup"><i class='bx bxs-hdd bx-sm'></i></button>
<button class="btn" type="button" data-bs-toggle="modal" onclick="backup('{{ domains.id }}')"><i class='bx bxs-hdd bx-sm'></i></button>
<button class="btn" data-bs-toggle="modal" data-bs-placement="bottom" title="DELETE" type="button" data-bs-target="#modal-delete-{{ domains.id }}"><i class='bx bxs-trash-alt bx-sm' ></i></button>
</td>
<td>
Expand Down Expand Up @@ -800,8 +801,7 @@ <h3>{{ request.user }}<br /><span>Reconnaissance Ninja</span></h3>

<div class="col-4">
<div class="tab-content" id="pills-tabContent">
<input type="hidden" id="typeDomain" name="typeDomain" value="0">
<div class="tab-pane fade show active" id="pills-single" role="tabpanel">
<div>

<div class="select">

Expand All @@ -825,9 +825,6 @@ <h3>{{ request.user }}<br /><span>Reconnaissance Ninja</span></h3>


</div>
<div class="tab-pane fade" id="pills-list" role="tabpanel">
<textarea class="form-control" name="listDomain" id="listDomain" onkeyup="checkCommand()"></textarea>
</div>
</div>
</div>
<div class="col-3 current-time text-center" id="time-{{ domains.id }}"></div>
Expand Down Expand Up @@ -1100,12 +1097,8 @@ <h6 class="mb-4"><b>TARGET OPTIONS</b></h6>
</li>
</ul>
<div class="tab-content" id="pills-tabContent">
<input type="hidden" id="typeDomain" name="typeDomain" value="0" />
<div
class="tab-pane fade show active"
id="pills-single"
role="tabpanel"
>
<input type="hidden" id="typeDomain" name="typeDomain" value="1" />
<div class="tab-pane show active" id="pills-single" role="tabpanel">
<input
type="text"
name="singleDomain"
Expand All @@ -1115,12 +1108,13 @@ <h6 class="mb-4"><b>TARGET OPTIONS</b></h6>
placeholder="example.com"
/>
</div>
<div class="tab-pane fade" id="pills-list" role="tabpanel">
<div class="tab-pane" id="pills-list" role="tabpanel">
<textarea
class="form-control"
name="listDomain"
id="listDomain"
onkeyup="checkCommand()"
placeholder="example.com&#10;example2.com"
></textarea>
</div>
</div>
Expand Down Expand Up @@ -1401,8 +1395,8 @@ <h6 class="mt-4 mb-4"><b>GENERAL OPTIONS</b></h6>
document.getElementById("Saturday-" + id).checked = false;
document.getElementById("Sunday-" + id).checked = false;
document.getElementById("addScheduler-" + id).checked = false;
document.getElementById("hours-" + id).value = 00;
document.getElementById("minutes-" + id).value = 00;
document.getElementById("hours-" + id).value = "00";
document.getElementById("minutes-" + id).value = "00";

document.getElementById("schedule-name-" + id).value = "NoneValue";
document.getElementById("crontab-id-" + id).value = "NoneValue";
Expand Down Expand Up @@ -1512,59 +1506,59 @@ <h6 class="mt-4 mb-4"><b>GENERAL OPTIONS</b></h6>
}
}

function checkCommand() {
let command = "./reconftw.sh";
// function checkCommand() {
// let command = "./reconftw.sh";

if (
document.getElementById("pills-single-nav").classList.contains("active")
) {
command += " -d " + document.getElementById("singleDomain").value;
} else {
command += " -l targets.txt";
}
// if (
// document.getElementById("pills-single-nav").classList.contains("active")
// ) {
// command += " -d " + document.getElementById("singleDomain").value;
// } else {
// command += " -l targets.txt";
// }

if (document.getElementById("switch-all").checked == true) {
command += " -a";
} else {
if (document.getElementById("switch-recon").checked) {
command += " -r";
}
// if (document.getElementById("switch-all").checked == true) {
// command += " -a";
// } else {
// if (document.getElementById("switch-recon").checked) {
// command += " -r";
// }

if (document.getElementById("switch-subdomains").checked) {
command += " -s";
}
// if (document.getElementById("switch-subdomains").checked) {
// command += " -s";
// }

if (document.getElementById("switch-passive").checked) {
command += " -p";
}
// if (document.getElementById("switch-passive").checked) {
// command += " -p";
// }

if (document.getElementById("switch-web").checked) {
command += " -w";
}
// if (document.getElementById("switch-web").checked) {
// command += " -w";
// }

if (document.getElementById("switch-osint").checked) {
command += " -n";
}
}
// if (document.getElementById("switch-osint").checked) {
// command += " -n";
// }
// }

if (document.getElementById("switch-deep").checked == true) {
command += " --deep";
}
// if (document.getElementById("switch-deep").checked == true) {
// command += " --deep";
// }

if (document.getElementById("switch-vps").checked == true) {
command += " -v";
}
// if (document.getElementById("switch-vps").checked == true) {
// command += " -v";
// }

document.getElementById("command").value = command;
}
// document.getElementById("command").value = command;
// }

function selectSingle() {
document.getElementById("typeDomain").value = 0;
document.getElementById("pills-single").classList.add("active");
checkCommand();
}

function selectList() {
document.getElementById("typeDomain").value = 1;
document.getElementById("pills-list").classList.add("active");
checkCommand();
}

Expand Down

0 comments on commit 486ceb8

Please sign in to comment.