pastenum 0.2.2

data/Gemfile

@@ -0,0 +1,10 @@
+source :rubygems
+gemspec
+
+gem "mechanize",        "~> 2.0"
+gem "gscraper",         "~> 0.4"
+gem "uri-query_params", "~> 0.7"
+gem "colored",          "~> 1.2"
+gem "bump",             "~> 0.3"
+gem "json",             "~> 1.7"
+gem "highline"

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2011-2013 corelan, nullthreat, shadowbq
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,54 @@
+#Pastenum
+
+Pastenum is a gem rewrite of nullthreat's original pastenum2 google scrapper. 
+
+Install:
+------
+* Install Ruby 1.9.* 
+
+* Install RubyGems 
+
+* gem install pastenum
+
+Troubleshooting: 
+======
+
+** Note: nokogiri in the gemfile requires native libxslt and libxml2 to be installed
+
+Usage:
+------
+`$> pastenum.rb`
+
+When prompted enter a search term.
+Once the application is complete it will generate "report.html"
+
+** Note: If more then 100 results are found, it can take some time to load the "report.html" file.
+
+
+Notes on Future Versions:
+------
+
+Gist / Github
+------
+
+Use the appropriate API for github
+
+http://developer.github.com/v3/repos/
+
+Gscaper -> Google Custom Search API:
+------
+
+Important: The Google Custom Search API requires the use of an API key, which you can get from the Google APIs console. The API provides 100 search queries per day for free. If you need more, you may sign up for billing in the console.
+
+https://developers.google.com/custom-search/v1/overview
+
+Original Pastenum Credits: 
+------
+
+Pastenum - A Corelan Team Production
+Written by: Nullthreat
+
+www.corelan.be
+www.nullthreat.net
+irc.freenode.net #corelan
+

data/RELEASE_NOTES

@@ -0,0 +1,16 @@
+	
+RELEASE NOTES:
+6/05/2011
+        v .2
+	Added BT5 install instructions to README
+	Fixed some formatting
+	Generally Cleaned Code
+
+3/25/2011
+	v .1 RC2
+	Added github support
+	Added ability to enable and disable searches individually
+
+3/22/2011
+	v .1 RC1
+	Initial public release

data/bin/pastenum

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+
+begin
+  require 'rubygems'
+  require 'bundler'
+  Bundler.setup(:default)
+rescue ::Exception => e
+end
+
+# Executable with absolute path to lib for hacking and development
+require File.join(File.dirname(__FILE__), '..', 'lib', 'pastenum', 'cli')
+
+Pastenum::CLI.invoke

data/lib/pastenum.rb

@@ -0,0 +1,24 @@
+#STDLIBS
+require 'uri'
+require 'rubygems'
+
+# RubyGems
+require 'mechanize'
+require 'uri/query_params'
+require 'gscraper'
+require 'colored'
+require 'json'
+
+# Internal 
+module Pastenum
+  $:.unshift(File.dirname(__FILE__))
+  require 'pastenum/main'
+  require 'pastenum/report'
+  require 'pastenum/json'
+  require 'pastenum/version'
+  require 'pastenum/target'
+  require 'pastenum/targets/gist'
+  require 'pastenum/targets/github'
+  require 'pastenum/targets/pastie'
+  require 'pastenum/targets/pastebin'
+end

data/lib/pastenum/cli.rb

@@ -0,0 +1,180 @@
+require 'optparse'
+require 'pastenum'
+require 'colored'
+require 'highline/import'
+
+module Pastenum
+  class CLI
+
+    def self.invoke
+      self.new
+    end
+    
+      
+    def initialize  
+      options = {}
+      
+      options[:pastebin] = true
+      options[:gist] = true
+      options[:github] = true
+      options[:pastie] = false
+      
+      options[:onion] = false
+      options[:test] = false
+      options[:verbose] = false
+      options[:maxpages] = 2
+      options[:tos] = false
+      
+      opt_parser = OptionParser.new do |opt|
+        opt.banner = "Usage: pastenum [OPTIONS] \"search string\""
+        opt.separator ""
+        opt.separator "Sources::"
+        
+        opt.on("-p","--[no-]pastebin","Search Pastebin.com (Gscraper)","  Default: #{options[:pastebin]}") do
+          options[:pastebin] = true
+        end
+        
+        opt.on("-g","--[no-]gist","Search Gist.github.com","  Default: #{options[:gist]}") do
+          options[:gist] = true
+        end
+        
+        opt.on("-G","--[no-]github","Search github.com","  Default: #{options[:github]}") do
+          options[:github] = true
+        end
+        
+        opt.on("-i","--[no-]pasties","Search pastie.org (Gscraper)","  Default: #{options[:pastie]}") do
+          options[:pastie] = true
+        end
+        
+        opt.separator "Output:: (Default output to STDOUT)"
+        
+        opt.on("-R","--report","Create an iframed report.html ") do
+          options[:report] = true
+        end
+  
+        opt.on("-J", "--json", "Create a JSON file with results ") do
+          options[:json] = true
+        end 
+
+
+        opt.separator "Options::"
+        
+        opt.on("-m","--maxpages=","maximum number of search results pages to iterate through" ,"  Default: #{options[:maxpages]}") do |v|
+          options[:maxpages] = v
+        end
+        
+        opt.on("-x", "--tos", "Acknowledge Google INC. 'Terms of Service'") do 
+          options[:tos] = true
+        end
+=begin        
+        opt.on("-o","--onion","use tor-network socks mode?") do
+          options[:onion] = true
+        end
+  
+        opt.on("-t", "--test", "Run Test suite") do 
+          options[:test] = v
+        end 
+=end  
+        opt.on("-v", "--verbose", "Run verbosely") do 
+          options[:verbose] = v
+        end
+  
+        opt.on_tail("-h","--help","Display this screen") do
+          puts opt_parser
+          exit 0
+        end
+        
+  
+      end
+
+      #Verify the options
+      begin
+        raise unless ARGV.size > 0
+        opt_parser.parse!
+  
+      #If options fail display help
+      rescue
+        puts opt_parser
+        exit
+      end
+      
+      dork = ARGV[0]
+      
+      if options[:onion]
+        session.set_tor
+        puts "Fetching Tor Exit IP"
+        session.tor_check
+        ensure_tor = ask("Are you protected? [NO/yes]")
+        exit 1 if ensure_tor != 'yes'
+      end
+      
+      if !(options[:tos])
+        puts "You are using Gscraper, a non-compliant Google Search API screen scraping utility.".red
+        puts ""
+        puts "*** Google Terms of Service: March 1, 2012 "
+        puts " [..] This license is for the sole purpose of enabling you to "
+        puts " use and enjoy the benefit of the Services as provided by Google,"
+        puts " in the manner permitted by these terms. [..] *** "
+        puts ""
+        ensure_tos = ask("Do you want to continue? [NO/yes]")
+        exit 1 if ensure_tos != 'yes'
+      end 
+    
+      if options[:verbose]
+        puts "++++++++++++++++++++++++++++++++++++++++++++++".green
+        puts "+ Pastie Enum".green
+        puts "+ Version #{VERSION}".green
+        puts "++++++++++++++++++++++++++++++++++++++++++++++\n".green
+      end
+      
+      @gist = Pastenum::Gist.new(dork)
+      @github = Pastenum::Github.new(dork)
+      @pastebin = Pastenum::Pastebin.new(dork)
+      @pastie = Pastenum::Pastie.new(dork)
+      
+      
+      if options[:gist]
+        
+        @gist.verbose = options[:verbose]
+        @gist.max_pages = options[:maxpages]
+        @gist.search
+        @gist.summary
+        @gist.results.each { |hit| puts "https://gist.github.com#{hit}" } if !options[:report] && !options[:json]
+      end
+      
+      if options[:github]
+        @github.verbose = options[:verbose]
+        @github.max_pages = options[:maxpages]
+        @github.search
+        @github.summary
+        puts @github.results if !options[:report] && !options[:json]
+      end
+      
+      if options[:pastebin]
+        @pastebin.verbose = options[:verbose]
+        @pastebin.max_pages = options[:maxpages]
+        @pastebin.search
+        @pastebin.summary
+        @pastebin.results.each { |hit| puts "http://pastebin.com#{hit}" } if !options[:report] && !options[:json]
+      end
+
+      if options[:pastie]
+        @pastie.verbose = options[:verbose]
+        @pastie.max_pages = 2
+        @pastie.search
+        @pastie.summary
+        puts @pastie.results if !options[:report] && !options[:json]
+      end
+      
+      if options[:report]
+        Pastenum::Report.new(dork, @pastie.results, @pastebin.results, @github.results, @gist.results).to_file
+      end
+      
+      if options[:json]
+        Pastenum::JSON.new(dork, @gist, @github, @pastebin, @pastie)
+      end
+
+    end
+
+  end
+end

data/lib/pastenum/json.rb

@@ -0,0 +1,14 @@
+module Pastenum
+  class JSON
+  
+    def initialize(dork, pastie, pastebin, github, gist)
+      file = File.open('report.json', 'w') 
+      data =  [{:search => dork}, {gist.vendor => gist.results}, {github.vendor => github.results},  {pastebin.vendor => pastebin.results}, {pastie.vendor => pastie.results} ].to_json
+      file.write(data)
+      file.close
+      
+      return data
+    end
+      
+  end
+end

data/lib/pastenum/main.rb

@@ -0,0 +1,9 @@
+module Pastenum
+
+  class TargetTemplateErrorDirectCall < StandardError; end
+  class TargetUnreachable < StandardError; end
+  
+
+
+  
+end

data/lib/pastenum/report.rb

@@ -0,0 +1,83 @@
+module Pastenum
+  class Report
+  
+    def initialize(dork,addresses_pastie,addresses_pastebin,addresses_github,addresses_gist)
+      @dork = dork
+      @addresses_pastie = addresses_pastie 
+      @addresses_pastebin = addresses_pastebin
+      @addresses_github = addresses_github
+      @addresses_gist = addresses_gist
+    end
+      
+    def to_file
+      puts "[*] Creating HTML Report".green
+      print "[*] Status: ".green
+      file = File.open('report.html', 'w') 
+    
+      # Header
+    
+      file.write("<html><head><title>Pastenum - #{@dork}</title>\n")
+      file.write("<style>\n")
+      file.write("body{background-color:#931b1c;color:#aaa;font-family:Tahoma,Arial,Helvetica,sans-serif;font-size:.75em}#container{background-color:#000;margin:0 auto;padding:10px;width:90%}#logo{float:left;width:124px}#menu{background-color:#333;float:right;padding:10px;text-align:right;width:70%;height:17px}#footer{background-color:#333;clear:both;font-size:.80em;padding:2px;text-align:center;width:100%}#content{clear:both;padding-top:5px;padding-bottom:10px}img{border:0}#menu li{display:inline;margin-left:10px}#menu ul{margin:0;padding:0;list-style-type:none}#portfolio li{display:inline;margin-right:10px}#portfolio ul{margin:0;padding:0;list-style-type:none;padding-bottom:10px}a:hover{color:#ccc;text-decoration:none}a{color:#888;text-decoration:none}a.on{color:#ccc;text-decoration:none}h1{font-family:Georgia,\"Times New Roman\",Times,serif;font-weight:normal;font-size:1.3em}.center{text-align:center}input{background-color:#000;font-family:Tahoma,Arial,Helvetica,sans-serif;font-size:1em;color:#fff;border-color:#fff;border-width:thin}textarea{background-color:#fff;font-family:Tahoma,Arial,Helvetica,sans-serif;font-size:1em;color:#000;border-color:#fff;border-width:thin}\n")
+      
+      file.write("</style>\n")
+      file.write("</head>\n")
+    
+      file.write("<body><div id=\"container\"><div id=\"logo\">")
+      file.write("<img alt=\"Corelan Logo\" src=\"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD//gAxSW1hZ2UgUmVzaXplZCBhdCBodHRwOi8vd3d3LnNocmlua3BpY3R1cmVzLmNvbQr/2wBDAAMCAgMCAgMDAwMEAwMEBQgFBQQEBQoHBwYIDAoMDAsKCwsNDhIQDQ4RDgsLEBYQERMUFRUVDA8XGBYUGBIUFRT/2wBDAQMEBAUEBQkFBQkUDQsNFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBT/wAARCABYAFgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD8qqKKKACiiuv+GHww1b4qeIhpum7Le2hXzr7UbgEQWUOQDJIRz1IAUZZmIVQSQKxrVqdCm6tV2it2xpOTsg+GHwx1b4qeIv7N03ZbW0KedfalcZEFlDkAySEDPUgBRlmYhVBJAr64+I//AAT6ttI+HNjf6Ra6ppGrSqPs93rF9G8dzIfux3MIiX7G0n/LM+ZIoJCSFWINfW/7L37L+k/DLw7p08+nyW0ULi5tbK7QCeWbGBeXY/57YJ2RcrCpxy5Zq+ir6xttUsp7O8gjurS4RopYJlDJIhGCrA8EEHGK/ljiXxSrrMoQyt/uqb1/vf5/PT56n1uFymLpN1d2fzxavpF7oGqXWm6laTWN/aStDPbXCFJInU4KsDyCDVSv01/bK/Y1j8RQLqulMI9QQCHT9UnbiQdEsrxz+Cw3De0ch+4x/NXV9IvdA1S603UrWaxv7SRoZ7adCkkTqcFWB5BBr9+4a4lwnEmEWIw7tL7Ue3/APnsVhZ4WfLLYqUUUV9ecQUUUUAFFFdf8MPhhq/xU8Q/2bpuy3toE8++1G4yILKDIBkkI56kAKMszEKoJIFY1q1OhTdWq7RW7Y0nJ2QfDH4Yav8VPEQ03TQlvbQr519qNxkQWUOQDJIR7kAKMszEKoJIFfrf+zB+y/pHwx8PafPPp8lvFC63NrZXagTyzAYF5dgcedydkXKwqe7lmqH9mz9lfTfh54StiYZ9IK4ns0mhR7rz8Y+23KsChnwT5cZDJAD0ZyxrqP2g73xJ8G/hbqXj3wrqmq6xqfh94b290/U7szwX9mHCzo0eAsZCMXDxqpHl+mRX8z8ScSw4vrrJ8vxapKUuWKtL3n0vJaJNuyeut9Or+owuFeDj7epC9lf0Pb6K8m0n9qr4X33w08PeOL/xbpug6RrcRa3i1GcLOsinEsRQZYsjZUkDHQ9CK8o8Sf8FAfhJP4rvtIXx/PpOhQWcEsesaRp0k813O7SeZEu+BxGqKseSUyTJwRtr8jy/gPPcdiJ0J4eVOML3lKMraOzUbJ8zvslvve2p7VTMMPTipKSd+l/6sfVF/Y22qWU9neQR3VpcI0U0EyhkkQjBVgeCCD0r4N/bK/Y1i8RwDVdKIj1BAsVhqk7cSdksrxz+Cw3De0ch+4x9P07/goP8ACa+1qPRNC8RwNCLZZJNb8U3F5bQPJu2iJR5Eh3YyzNhF6decesaH4i8ZePrK4nh0/wCHfinwffQmOOfTvEFzKkoPDIx+yOjZBPGB719rgOHM/wCD8RHMKVSMKej/AHjUL+TTbSfk3qvw4KmKw+Nj7Npt+Wp+F2r6Re6Bql1pupWs1jf2kjQz206FJInU4KsD0INVK/TH9sD9jhvE+nQazZwpZaxsWOzvZZxICc7UsruXjPYQ3DYPKxy4O1q/NnV9IvdA1S703UrSax1C0laGe2uEKSROpwVYHkEGv6dyHP8ADZ5Qcqclzx0kk07PyabTXZpny2Iw8qEtdnsVKKKK+oOQ1fCXh2bxd4q0bQreaO3n1O9hso5ZjhEaRwgZj6Atk1+vv7JX7PHhnwh4Vs9Qs40uNPtrqT7LFIAZJ7mJ2ia7uv8AptuVgkXSFT3cs1fjdHI0Tq6MUdSCrKcEH1Ffe/7Hn7YWoHWE03Un+0eIZtoubRnCrr6gACRCcBb9VAGTgXAAVsOFY/kfiRl2aY/K/wDhPnaMdZLv/wADz6ddG3H2MsqUadX94ten9f1/n+m/aoL+KymsbqPU0gk0x4XW7S5AMTQlT5gfPG3bnOeMZrO8P+KrLxd4aj1rw9Nb6nBcQu9t5rNGjSAEBJMAshDDawI3KQcjIxXnnxhh8XfEr4ba34P0fwzfaLqutxDT5b+/ubY2dtA5Ank3xys7jy9yhQgY7hwOcfyhkWSVsZiqc5VY04wqJTblGMoJNNytJp2WtrX1VnbS/wBhiMRGEGkm7rTS6fkfiN4x+znxPq7WJRtLN9OLRoFKwmPzDt2DsMEce4rEr93PBv7Mvw78JfCzRvAVx4Z0zxDo+nKWL6tZRzPNO/8ArZzuB2sx9DwAo6AV5h45/wCCffwr8Q+LrfVrHwbp0OmmwktbjSYNQuNPQT+YrR3CPGsnIXehUrg5U9RX9V4HxSyDG4uWEblC17SlZQlbbVvS/S6X3nyNTKcRTgp7+S3PxzXGRnp3xXvn7MvxO8eeC/FC2HwrstU1HW7yaNxZWyGUTbQRtljHymLk7t3Tg5UjNfcWl/8ABNPwLb+JF1A6Raw6f9kaNtL1DU7rUI1nD/LKrx/ZnIK8FG44BBr3P4UfA7UvhXbXdppmvaNpGmylQlh4d8LwWaKBnJeSR5ZJWORy7HGOhr1c1474eoYacViqc5NfC25Rd9LNwjP5qzMaOX4mUk+Rr+vNo9A0GLUfEHgnT4vF+lWNvqt5Youq6ZA/2i2SRkxLGCfvLkkd/TJ6n4L/AG6P2YNI+wajrNrcpHqum6VNqlpdO+ZZrOB4ke2uSeXK+cnlTH5iAY2yQrH7d+JPxLtPh7pSB5EvdYlgZoIbmVYl2Io8y5uHAAjiT7zvgDnCgsyqfyT/AGpf2o7z4palqOh6LqEtzos0qtqOqshik1aRD8gCf8s7aM58uH/gbZck1+DcBZfmeMzyeOy5+zoczbsmo8t+ieytok7t7dJSj9DmFSlCgqdXWVvn/X9evzhRRRX9iHxQV6B8NLX7FpV/rVvb20+rLqVhpVi95Cs0ds9x5zGby2BVmUW+0bgQN5OMgEef16l8H9BuvEug65ZC6tdJtI72xu49XvbqGCC3vIxP5KSeY6llZHnPyBmBQHaRmgD6v8AftT+JfhppfxVaHxjp3iO4isHvtPe+sVjvHvVZYZPNSNFRipbzNzE7hCB/FgegfC74x/FHwd8V/g9p/iLx5J410r4i6A+pT2t3ZwR/2fOYGlURsi5wp2Ag8EbuOmPn7UdW1Z7fxJp2peJPD2o6d4ms10yWy0PxDbfYNLgGH82OO5uEZpTMkbkADK+YN3z8d18PtLuvCvxF8AeIvHXiDwZZQ+FNEVdLtNP1JLaXVI3iWBLmRp2VS3k4YFPlfyQARndXzOKyTLpOdR4eD5/j9xNysrLpfTT0sdUK9VWXM9NtSt8Hf2t/ir4gvPhu9t8SR4u8S634gOnaj4Mm0mBRHZgr++85EUrlS3QgjGegNdxov7Q/iXxF+0Z478L678d5vA0Fh4rbTNE0dfDsV4L2M3DoI/MEfyYwi5Y/xZzxWf8ADj9nKw1j4efDLwx4V+Ifw+1Xx74Z8TP4hmm07UxJNNa5VvLVkQyEgqMgjA9a7AeFvFv7PPxy8f6jafEX4TaRaeLNbOtSWPii9kS+it2mkZNq4XaSrt6jIGDXkVaOUSrTpUaVNVnF2i4xUrKVr/BL3ez5X6mylW5U3J8t++m3rv8AM9d/Zo+Kvifx/wDF348aRrupm+03w74k+xaVbmGNBawb7gbAVUFuEXliTxXjvij9qT4gad+1ZfrZ6xbn4Z23iE+EF064ijWFr77GcM0wQuB54ySCeO3atTTfDXjz4B/F/wAY+MdF8ZfD3/hD/HWuf27J/as07Olh5xIl8xQsaLtnC7yxUs6AEkgH5D8UeGF0iHVNQn8aW2o3kOrHxHcavpuqi805Lo3IVS1rFul5DD98UAyyrnmvEy3hnLsZmmMzHlpzpVYRppRWzStUurJJ3SWmu97HRVxdWFKFLVNNv/I7X4nftDeI/FPjD416XrWqWmoaeDcHQpzpsBgma1mytuwZP3kYhmeRVk3YZEPU5r5d+LdtBa/EDU1treC0idYJfJtolijVnhjdtqKAFG5icAADPAr6P+I3hHQfF9j4vs7TWdE0qPX9fbxHpct7fw28unwMmEt5opHWRfMilJPynmJM4Br51+M48v4na9bYYPZyrZPuGPnhjWJvw3Ice2K/T8PhqOFpqnRiorySWyt08keVKcpu8mcXRRRXSQFdN4I8b694SvRBo+rXWnwXc8RuIoXwkpUkKWHQkB2A/wB4+tczQDg0Ae4z22q+DfF3xp1SytJ9KktEnFpcrblBDnVrZPkJGBlGZeOxIqLxJfa94o8T/CnxBqd3eTyf2baGbWLmza9WJY76dQzJg+YqKo+TuFxXlmpeNPEOs2Rs9Q13U760JBMFzeSSRnHT5WJHFLpvjfxHo1mlpp+v6pY2qZKwW17JGi5OThVYAc0AfpV+z58aDYeI9XvrzxPpPiAWWnm4ayi8I/2RILeNlaeZJ1jOXWIORGceYSBnOK+bdE0nxH+0r4v+LnjHW/A19reo69ZTW+j77u2tRpsitG0bKLiRC4jRIoyUB4kweXGfnH/hZfi/IP8Awlet5ByP+JjNwf8Avquw8b/tQ/E74jeFYPDviDxVcX2mRhA+Io45pwn3fOlVQ8uCAfnJ5APXmvCq4F08W8ZhacXUmoxlJtq0YttWSWu70ur6XdkrdEaicOSbdlr8z1fw34t8a+Kv2bfEnhySxuo00PTGs9QRrR/tFzb/AGiE2e5iMlIm85NowBuj6k1yPh7w5D4H8IeBfF0WgXGqyslzZ+JdCdHX7ZayTzLGxA55CMpP8LJCepFeSN8R/FrlC3ijWmKHKk6hN8pxjI+b0J/OoP8AhOPEZ1H+0P8AhINU+3+X5P2r7bJ5uzOdu7dnbnnHSvXp0adHm9nFK7u7dW+r8zFyct2ek/ETwPeP8OdF8Q3dld3njLXtXvLzVCsJJt4mjgeCMgD5SwlaX/dljHauT+OilfjP44VgQRrN2CD2/etWFaeOPEdhPczW3iDVLea5fzJ5Ir2RWlbpuYhvmPuax7i4lup5Jp5HmmkYu8kjFmZickknqTWxIyiiigAooooAKKKKACiiigAooooAKKKKACiiigD/2Q==\" />\n")
+      
+      
+      file.write("</div>\n")
+      file.write("<div id=\"menu\">Pastenum - Search Results for: '#{@dork}'</div>\n")
+      file.write("<div id=\"content\">")
+        
+      #gist.github.com
+      unless @addresses_gist.empty?
+        file.write("<br /><h2>Site: Github Gist - Found: #{@addresses_gist.count} Items</h2>\n")
+        @addresses_gist.each do |links|
+          file.write("<p><script src=\"https://gist.github.com#{links}.js\"></script><p>link: <a href=\"#{links}\" target=\"_blank\">#{links}</a>\n")
+          print ".".green
+        end
+      end
+      
+      #Github.com
+      unless @addresses_github.empty?
+        file.write("<br /><h2>Site: Github - Found: #{@addresses_github.count} Items</h2>\n")
+        file.write("NOTE: Github passes 'x-frame-options deny' so iframes are useless.\n")
+        @addresses_github.each do |links|
+          file.write("<p>link: <a href=\"#{links}\" target=\"_blank\">#{links}</a></p>\n")
+          print ".".green
+        end
+      end 
+
+      # Pastebin.com
+      unless @addresses_pastebin.empty?         
+        file.write("<br /><h2>Site: Pastebin - Found: #{@addresses_pastebin.count} Items</h2>\n")  
+        @addresses_pastebin.each do |links|
+          file.write("<p><iframe src=\"http://pastebin.com/embed_iframe.php?i=#{links}\" style=\"border:none;width:100%;height:300px\"></iframe><p>link: <a href=\"http://pastebin.com/#{links}\" target=\"_blank\">http://pastebin.com/#{links}</a>\n")
+          print ".".green
+        end
+        file.write("<hr><hr>")
+      end
+
+      #Pastie.org
+      unless @addresses_pastie.empty?
+        file.write("<h2>Search Term: \"#{@dork}\" <br /> Site: Pastie - Found: #{@addresses_pastie.count} Items</h2>\n")
+        @addresses_pastie.each do |links|
+          file.write("<p><iframe src=#{links}/text style=\"width: 100%; height: 300px; background-color: white\"></iframe><p>link: <a href=\"#{links}\" target=\"_blank\">#{links}</a>\n")
+          print ".".green
+        end
+        file.write("<hr><hr>")
+      end
+
+      # Footer
+
+      file.write("</div>\n")
+      file.write("<div id=\"footer\">&copy; Corelan Team | Written by Nullthreat\n")
+      file.write("</div></body></html>\n")
+      file.close
+
+      puts "\n[*] HTML Report Created".green
+    end
+  end
+end

data/lib/pastenum/target.rb

@@ -0,0 +1,26 @@
+module Pastenum
+  class Target
+    
+    attr_accessor :max_pages, :verbose
+    attr_reader :dork, :results, :vendor
+
+    def initialize(dork_url)
+      @dork = dork_url
+      @vendor = "TargetTemplate"
+      @results = Array.new
+    end
+
+    def search
+      raise TargetTemplateErrorDirectCall
+    end
+    
+    def summary
+      if results.count == 0
+        puts "[!] No Items Found on #{@vendor}, Try Harder".red if @verbose
+      else
+        puts "[*] Total Items found on #{@vendor}: #{@results.count}".green if @verbose
+      end 
+    end
+    
+  end
+end

data/lib/pastenum/targets/gist.rb

@@ -0,0 +1,77 @@
+# Internal Gist Gist.github Search 
+module Pastenum
+  class Gist < Target
+    
+    def initialize(dork)
+      @dork = URI.escape(dork)
+      @agent = Mechanize.new
+      @max_pages = 25
+      @results = Array.new
+      @vendor = "gist.github.com"
+    end
+
+    def search
+      puts "[*] Searching Gist".green if @verbose
+      current_page = 1
+      page_numbers.times do
+        print ".".green if @verbose
+        page = @agent.get("https://gist.github.com/search?page=#{current_page}&q=#{@dork}")
+          page.links.each do |link|   
+              
+            # Example Hits to find
+            # "/shadowbq/4556950"
+            # "/shadowbq/2718948"
+              
+            if link.href.match(/\w+\/[0-9]+/)
+               @results << link.href unless @results.include?(link.href)
+            end
+        end
+        current_page += 1
+      end
+      puts "\n" if @verbose
+      return @results
+    end
+  
+    private 
+    
+    #TODO: This is very inefficient. This is double fetch reading.  
+    def page_numbers
+      page_num = 1
+      next_page = true
+      
+      print "[*] Parsing pages:".green if @verbose
+      while next_page && page_num < @max_pages
+
+        print "#".green if @verbose
+        begin
+          page = @agent.get("https://gist.github.com/search?page=#{page_num}&q=#{@dork}")
+        rescue
+          raise TargetUnreachable, "[!] ERROR: Can not load gist.github - Check Connectivity"
+        end
+        
+        # Find the link with the -> arrow, is it enabled?
+        # //div[@class='pagination']
+        pagination_parsed = false
+        
+        page.links.each do |link|
+          if link.href.match(/\/search\?page\=/)
+            if link.text.match(/#x2192/)
+              page_num += 1
+            else
+              next_page = false
+            end
+            pagination_parsed = true
+          end
+        end
+        
+        #handle single page of results
+        next_page = false unless pagination_parsed
+        
+      end
+      
+      return page_num
+      
+    end
+  
+  end
+end  

data/lib/pastenum/targets/github.rb

@@ -0,0 +1,67 @@
+#Internal www.github.com search scraper
+module Pastenum
+  class Github < Target
+    
+    def initialize(dork)
+      @dork = URI.escape(dork)
+      @agent = Mechanize.new
+      @max_pages = 25
+      @results = Array.new
+      @vendor = "github.com"
+    end
+
+    def search
+      puts "[*] Searching Github".green if @verbose
+      current_page = 1
+      page_numbers.times do
+        print ".".green if @verbose
+        page = @agent.get("https://github.com/search?langOverride=&language=&q=#{@dork}&repo=&start_value=#{current_page}&type=Code&x=21&y=22")
+        page.links.each do |link|
+          if link.text.match(/\//)
+            address = "https://github.com#{link.href}"
+            @results << address unless @results.include?(address)
+          end
+          current_page += 1
+        end
+      end
+      puts "\n" if @verbose
+      return @results
+    end
+  
+    private
+  
+    def page_numbers
+      print "[*] Parsing pages:".green if @verbose
+      
+      print "#".green if @verbose
+      
+      begin
+        page = @agent.get("http://github.com/search?langOverride=&language=&q=#{@dork}&repo=&start_value=1&type=Code&x=21&y=22")
+      rescue
+        raise TargetUnreachable, "[!] ERROR: Can not load github - Check Connectivity"
+      end
+    
+      page_count = []
+      
+      page.links.each do |link|
+        if link.href.match(/search\?langOverride/)
+          pagenum = link.text
+          if pagenum.match(/\d/)
+            page_count << pagenum.to_i
+          end
+        else
+        end
+      end
+      
+      if page_count.max > @max_pages
+        #puts "[*] #{page_count.max} pages of results found.".green
+        #puts "[*] Getting the first #{@max_pages} pages".green
+        return @max_pages
+      else
+        #puts "[*] #{page_count.max} pages of results found.".green
+        return page_count.max
+      end
+    end
+  
+  end
+end  

data/lib/pastenum/targets/pastebin.rb

@@ -0,0 +1,45 @@
+#Google sitesearch for pastebin using GScraper
+module Pastenum
+  class Pastebin < Target
+    
+    def initialize(dork)
+      @dork = dork
+      @max_pages = 25
+      @results = Array.new
+      @vendor = "pastebin.com"
+    end
+  
+    def search
+      puts "[*] Searching Pastebin.com (Limit: First #{@max_pages} Pages)".green if @verbose
+      q = GScraper::Search.query(:query => @dork, :site => 'pastebin.com')
+      print "[*] Parsing pages: ".green if @verbose
+      begin
+        for i in 1..@max_pages do
+          print ".".green if @verbose
+          page = q.page(i)
+          page.each do |result|
+            result_url = result.url
+            url2 = result_url.to_s.split("&").first
+            url3 = url2.split("=").last
+            # url3 -> "http://pastebin.com/E7SmXKMs"
+            url4 = url3.split("/").last
+            # url4 -> "E7SmXKMs"
+            if url4.length == 8
+              if 
+                @results.include?(url4) == true
+              else
+                # result.cached_url.to_s
+                @results << url4
+              end
+            end
+          end
+        end
+      rescue
+        raise TargetUnreachable, "[!] ERROR: Google search unreachable , Maybe the googles banned you?"
+      end
+      puts "\n" if @verbose
+      return @results
+    end
+
+  end
+end  

data/lib/pastenum/targets/pastie.rb

@@ -0,0 +1,57 @@
+#Internal search implementation for pastie.org (deprecated, migrate to Gscraper)
+module Pastenum
+  class Pastie < Target
+    
+    def initialize(dork)
+      @dork = URI.escape(dork)
+      @agent = Mechanize.new
+      @results = Array.new
+      @vendor = "pastie.org"
+    end
+
+    def search
+      print "[*] Parsing pages:".green if @verbose
+      current_page = 1
+      page_numbers.times do
+        print ".".green if @verbose
+        page = @agent.get("http://pastie.org/search?&commit=Start+Search&page=#{current_page}&q=#{@dork}")
+        page.links.each do |link|
+          if link.href.match(/pastie\.org\/pastes/)
+            @results << link.href
+          end
+        end
+        current_page += 1
+      end
+      puts "\n" if @verbose
+      return @results
+    end
+  
+    private
+  
+    def page_numbers
+      puts "[*] Getting Results".green
+      begin
+        results = @agent.get("http://pastie.org/search?&commit=Start+Search&page=1&q=#{@dork}")
+      rescue
+        raise TargetUnreachable, "[!] ERROR: Can not load pastie.org - Check Connectivity"
+      end
+      puts "[*] Searching Pastie.org (Limit: 1000 Results)".green if @verbose
+      page_count = []
+      results.links.each do |link|
+        if link.href.match(/pastie.org\/pastes\//)
+          page_count << 1
+        else
+          page_count << 0
+        end
+        if link.href.match(/Start%2BSearch&page=/)
+          uri = link.href
+          url = URI("http://pastie.org/search/" + uri)
+          page_num = url.query_params['page']
+          page_count << page_num.to_i
+        end
+      end
+      page_count.max
+    end
+  
+  end
+end

data/lib/pastenum/version.rb

@@ -0,0 +1,3 @@
+module Pastenum
+    VERSION = '0.2.2'
+end

data/pastenum.gemspec

@@ -0,0 +1,17 @@
+$LOAD_PATH.unshift File.expand_path('../lib', __FILE__)
+name = "pastenum"
+require "#{name}/version"
+
+Gem::Specification.new name, Pastenum::VERSION do |s|
+  s.platform    = Gem::Platform::RUBY
+  s.summary     = "Search Pastebins for content, fork from nullthreat corelan pastenum2"
+  s.authors     = ["nullthreat", "shadowbq"]
+  s.email       = ["shadowbq@github.com"]
+  s.homepage    = "http://github.com/shadowbq/#{name}"
+  s.files       = `git ls-files`.split("\n")
+  s.license     = 'MIT'
+  
+  s.required_rubygems_version = ">= 1.8.1"
+  
+  s.executables = ["pastenum"]
+end

data/public/css/main.css

@@ -0,0 +1,121 @@
+/* Layout */
+
+body {
+	background-color: #931B1C;
+	color: #AAA;
+	font-family: Tahoma, Arial, Helvetica, sans-serif;
+	font-size: .75em;
+}
+
+#container {
+	background-color: #000000;
+	margin: 0 auto;
+	padding: 10px;
+	width: 90%;
+}
+
+#logo {
+	float: left;
+	width: 124px;
+}
+
+#menu {
+	background-color: #333333;
+	float: right;
+	padding: 10px;
+	text-align: right;
+	width: 70%;
+	height: 17px;
+}
+
+#footer {
+	background-color: #333333;
+	clear: both;
+	font-size: .80em;
+	padding: 2px;
+	text-align: center;
+	width: 100%;
+}
+
+#content {
+	clear: both;
+	padding-top: 5px;
+	padding-bottom: 10px;
+}
+
+img {
+	border: none;
+}
+
+
+/* Menu */
+#menu li {
+	display: inline;
+	margin-left: 10px;
+}
+
+#menu ul{
+	margin: 0;
+	padding: 0;
+	list-style-type: none;
+}
+
+
+/* Portfolio */
+#portfolio li {
+	display: inline;
+	margin-right: 10px;
+	
+}
+
+#portfolio ul{
+	margin: 0;
+	padding: 0;
+	list-style-type: none;
+	padding-bottom: 10px;
+}
+
+
+/* Text */
+a:hover {
+	color: #CCCCCC;
+ 	text-decoration: none;
+ }
+
+a {
+	color: #888888;
+	text-decoration: none;
+}
+
+a.on {
+	color: #CCCCCC;
+ 	text-decoration: none;
+}
+
+h1 {
+	font-family: Georgia, "Times New Roman", Times, serif;
+	font-weight: normal;
+	font-size: 1.3em;
+}
+
+.center {
+	text-align: center;
+}
+
+input {
+	background-color:#000000;
+	font-family:Tahoma, Arial, Helvetica, sans-serif;
+	font-size:1em;
+	color:#FFFFFF;
+	border-color:#FFFFFF;
+	border-width:thin;
+}
+
+textarea {
+	background-color:#000000;
+	font-family:Tahoma, Arial, Helvetica, sans-serif;
+	font-size:1em;
+	color:#FFFFFF;
+	border-color:#FFFFFF;
+	border-width:thin;
+}

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification
+name: pastenum
+version: !ruby/object:Gem::Version
+  version: 0.2.2
+  prerelease: 
+platform: ruby
+authors:
+- nullthreat
+- shadowbq
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-02-14 00:00:00.000000000 Z
+dependencies: []
+description: 
+email:
+- shadowbq@github.com
+executables:
+- pastenum
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- LICENSE
+- README.md
+- RELEASE_NOTES
+- bin/pastenum
+- lib/pastenum.rb
+- lib/pastenum/cli.rb
+- lib/pastenum/json.rb
+- lib/pastenum/main.rb
+- lib/pastenum/report.rb
+- lib/pastenum/target.rb
+- lib/pastenum/targets/gist.rb
+- lib/pastenum/targets/github.rb
+- lib/pastenum/targets/pastebin.rb
+- lib/pastenum/targets/pastie.rb
+- lib/pastenum/version.rb
+- pastenum.gemspec
+- public/css/main.css
+- public/img/corelanlogo_small.jpg
+homepage: http://github.com/shadowbq/pastenum
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.8.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Search Pastebins for content, fork from nullthreat corelan pastenum2
+test_files: []