aquatone 0.4.1 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -1
- data/lib/aquatone/collector.rb +4 -0
- data/lib/aquatone/collectors/ptrarchive.rb +21 -0
- data/lib/aquatone/collectors/publicwww.rb +34 -0
- data/lib/aquatone/collectors/wayback_machine.rb +41 -0
- data/lib/aquatone/commands/discover.rb +2 -0
- data/lib/aquatone/detectors/fastly.rb +4 -1
- data/lib/aquatone/version.rb +1 -1
- data/subdomains.lst +1 -0
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c14050e82d9cc20270db7e87a40e6bcc0a1e3e50
|
4
|
+
data.tar.gz: 9a3c750f6c31b0fa4d04484fa945b88a9b1a42fa
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3450460b07ac57523d99708dbce207a2ce408996099253a30985a2c401ba961e1ed46ccdf217a78740f44f95771dfcbf5a0363a04dc1080bcbf4177b9243e60d
|
7
|
+
data.tar.gz: bce8b495f0e4f190ee123e89ddbe70addf9e0ebc73bf48330a604493cb6b0a70b9dcfeb797dc181edd1ab11d1ebdbcf628e299d87d24c43e2c706ffad19a4b77
|
data/CHANGELOG.md
CHANGED
@@ -9,6 +9,18 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
|
|
9
9
|
|
10
10
|
### Changed
|
11
11
|
|
12
|
+
## [0.5.0]
|
13
|
+
|
14
|
+
### Added
|
15
|
+
- New Collector: Wayback Machine (archive.org) (Thanks, [@jolle](https://github.com/jolle)!)
|
16
|
+
- New Collector: ptrarchive.com
|
17
|
+
- New Collector: publicwww.com
|
18
|
+
|
19
|
+
### Changed
|
20
|
+
|
21
|
+
### Fixed
|
22
|
+
- Detect false positive situation in fastly.com Takeover module (Thanks, [@ramimac](https://github.com/ramimac)!)
|
23
|
+
|
12
24
|
## [0.4.1]
|
13
25
|
|
14
26
|
### Added
|
@@ -68,9 +80,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
|
|
68
80
|
|
69
81
|
### Changed
|
70
82
|
|
71
|
-
[Unreleased]: https://github.com/michenriksen/aquatone/compare/v0.
|
83
|
+
[Unreleased]: https://github.com/michenriksen/aquatone/compare/v0.5.0...HEAD
|
84
|
+
[0.5.0]: https://github.com/michenriksen/aquatone/compare/v0.4.1...v0.5.0
|
72
85
|
[0.4.1]: https://github.com/michenriksen/aquatone/compare/v0.4.0...v0.4.1
|
73
86
|
[0.4.0]: https://github.com/michenriksen/aquatone/compare/v0.3.0...v0.4.0
|
74
87
|
[0.3.0]: https://github.com/michenriksen/aquatone/compare/v0.2.0...v0.3.0
|
75
88
|
[0.2.0]: https://github.com/michenriksen/aquatone/compare/v0.1.1...v0.2.0
|
76
89
|
[0.1.1]: https://github.com/michenriksen/aquatone/compare/v0.1.0...v0.1.1
|
90
|
+
|
data/lib/aquatone/collector.rb
CHANGED
@@ -0,0 +1,21 @@
|
|
1
|
+
module Aquatone
|
2
|
+
module Collectors
|
3
|
+
class Ptrarchive < Aquatone::Collector
|
4
|
+
self.meta = {
|
5
|
+
:name => "PTRArchive",
|
6
|
+
:author => "Michael Henriksen (@michenriksen)",
|
7
|
+
:description => "Uses ptrarchive.com to find subdomains"
|
8
|
+
}
|
9
|
+
|
10
|
+
def run
|
11
|
+
response = get_request("http://ptrarchive.com/tools/search.htm?label=#{url_escape(domain.name)}&date=ALL")
|
12
|
+
if response.code != 200
|
13
|
+
failure("PTRArchive returned unexpected response code: #{response.code}")
|
14
|
+
end
|
15
|
+
response.body.scan(/[a-z0-9\.\-_]+\.#{regex_escape(domain.name)}/).each do |host|
|
16
|
+
add_host(host)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
module Aquatone
|
2
|
+
module Collectors
|
3
|
+
class Publicwww < Aquatone::Collector
|
4
|
+
self.meta = {
|
5
|
+
:name => "PublicWWW",
|
6
|
+
:author => "Michael Henriksen (@michenriksen)",
|
7
|
+
:description => "Uses the publicwww.com source code search engine to find subdomains",
|
8
|
+
:cli_options => {
|
9
|
+
"publicwww-pages PAGES" => "Number of PublicWWW pages to process (default: 30)"
|
10
|
+
}
|
11
|
+
}
|
12
|
+
|
13
|
+
DEFAULT_PAGES_TO_PROCESS = 30.freeze
|
14
|
+
|
15
|
+
def run
|
16
|
+
pages_to_process.times do |page|
|
17
|
+
response = get_request("https://publicwww.com/websites/.#{url_escape(domain.name)}/#{page + 1}")
|
18
|
+
response.body.gsub("<b>", "").gsub("</b>", "").scan(/[a-z0-9\.\-_]+\.#{regex_escape(domain.name)}/).each do |host|
|
19
|
+
add_host(host)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
private
|
25
|
+
|
26
|
+
def pages_to_process
|
27
|
+
if has_cli_option?("publicwww-pages")
|
28
|
+
return get_cli_option("publicwww-pages").to_i
|
29
|
+
end
|
30
|
+
DEFAULT_PAGES_TO_PROCESS
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'uri'
|
2
|
+
|
3
|
+
module Aquatone
|
4
|
+
module Collectors
|
5
|
+
class WaybackMachine < Aquatone::Collector
|
6
|
+
self.meta = {
|
7
|
+
:name => "Wayback Machine",
|
8
|
+
:author => "Joel (@jolle)",
|
9
|
+
:description => "Uses Wayback Machine by Internet Archive to find unique hostnames",
|
10
|
+
:cli_options => {
|
11
|
+
"wayback-machine-timeout SECONDS" => "Timeout for Wayback Machine collector in seconds (default: 30)"
|
12
|
+
}
|
13
|
+
}
|
14
|
+
|
15
|
+
DEFAULT_TIMEOUT = 30.freeze
|
16
|
+
|
17
|
+
def run
|
18
|
+
response = nil
|
19
|
+
Timeout::timeout(timeout) do
|
20
|
+
response = get_request("http://web.archive.org/cdx/search/cdx?url=*.#{url_escape(domain.name)}&output=json&fl=original&collapse=urlkey")
|
21
|
+
end
|
22
|
+
response.parsed_response.each do |page|
|
23
|
+
if page[0] != "original"
|
24
|
+
begin
|
25
|
+
add_host(URI.parse(page[0]).host)
|
26
|
+
rescue URI::Error; end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
private
|
32
|
+
|
33
|
+
def timeout
|
34
|
+
if has_cli_option?("wayback-machine-timeout")
|
35
|
+
return get_cli_option("wayback-machine-timeout").to_i
|
36
|
+
end
|
37
|
+
DEFAULT_TIMEOUT
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -84,6 +84,8 @@ module Aquatone
|
|
84
84
|
rescue Aquatone::Collector::MissingKeyRequirement => e
|
85
85
|
output(yellow("Skipped\n"))
|
86
86
|
output(yellow(" -> #{e.message}\n"))
|
87
|
+
rescue Timeout::Error
|
88
|
+
output(red("Timed out\n"))
|
87
89
|
rescue => e
|
88
90
|
output(red("Error\n"))
|
89
91
|
output(red(" -> #{e.message}\n"))
|
@@ -9,12 +9,15 @@ module Aquatone
|
|
9
9
|
}
|
10
10
|
|
11
11
|
CNAME_VALUE = ".fastly.net".freeze
|
12
|
+
CNAME_FALSE_POSITIVE = ".map.fastly.net".freeze
|
12
13
|
RESPONSE_FINGERPRINT = "Fastly error: unknown domain".freeze
|
13
14
|
|
14
15
|
def run
|
15
16
|
return false unless cname_resource?
|
16
17
|
if resource_value.end_with?(CNAME_VALUE)
|
17
|
-
|
18
|
+
unless resource_value.end_with?(CNAME_FALSE_POSITIVE)
|
19
|
+
return get_request("http://#{host}/").body.include?(RESPONSE_FINGERPRINT)
|
20
|
+
end
|
18
21
|
end
|
19
22
|
false
|
20
23
|
end
|
data/lib/aquatone/version.rb
CHANGED
data/subdomains.lst
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aquatone
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Michael Henriksen
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-09-
|
11
|
+
date: 2017-09-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: httparty
|
@@ -118,10 +118,13 @@ files:
|
|
118
118
|
- lib/aquatone/collectors/hackertarget.rb
|
119
119
|
- lib/aquatone/collectors/netcraft.rb
|
120
120
|
- lib/aquatone/collectors/passivetotal.rb
|
121
|
+
- lib/aquatone/collectors/ptrarchive.rb
|
122
|
+
- lib/aquatone/collectors/publicwww.rb
|
121
123
|
- lib/aquatone/collectors/riddler.rb
|
122
124
|
- lib/aquatone/collectors/shodan.rb
|
123
125
|
- lib/aquatone/collectors/threatcrowd.rb
|
124
126
|
- lib/aquatone/collectors/virustotal.rb
|
127
|
+
- lib/aquatone/collectors/wayback_machine.rb
|
125
128
|
- lib/aquatone/command.rb
|
126
129
|
- lib/aquatone/commands/discover.rb
|
127
130
|
- lib/aquatone/commands/gather.rb
|