RubyGems - snackhack2 - Versions diffs - 0.6.4 → 0.6.5 - Mend

snackhack2 0.6.4 → 0.6.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

checksums.yaml +4 -4
data/lib/snackhack2/CVE-2017-9841.rb +77 -0
data/lib/snackhack2/Honeywell_PM43.rb +25 -27
data/lib/snackhack2/WP_Symposium.rb +22 -22
data/lib/snackhack2/bannergrabber.rb +82 -82
data/lib/snackhack2/bypass_403.rb +68 -66
data/lib/snackhack2/comments.rb +29 -27
data/lib/snackhack2/cryptoextractor.rb +64 -64
data/lib/snackhack2/dns.rb +99 -0
data/lib/snackhack2/drupal.rb +47 -49
data/lib/snackhack2/emails.rb +31 -35
data/lib/snackhack2/forward_remote.rb +26 -24
data/lib/snackhack2/google_analytics.rb +30 -28
data/lib/snackhack2/indirect_command_injection.rb +34 -32
data/lib/snackhack2/iplookup.rb +52 -45
data/lib/snackhack2/list_users.rb +34 -31
data/lib/snackhack2/phishing_tlds.rb +197 -0
data/lib/snackhack2/phone_number.rb +53 -56
data/lib/snackhack2/portscan.rb +72 -73
data/lib/snackhack2/reverse_shell.rb +32 -31
data/lib/snackhack2/robots.rb +80 -81
data/lib/snackhack2/screenshots.rb +25 -23
data/lib/snackhack2/sitemap.rb +24 -22
data/lib/snackhack2/ssrf.rb +7 -6
data/lib/snackhack2/subdomains.rb +68 -68
data/lib/snackhack2/subdomains2.rb +41 -43
data/lib/snackhack2/tomcat.rb +23 -21
data/lib/snackhack2/version.rb +1 -1
data/lib/snackhack2/webserver_log_cleaner.rb +28 -27
data/lib/snackhack2/website_links.rb +28 -28
data/lib/snackhack2/website_meta.rb +33 -20
data/lib/snackhack2/wordpress.rb +120 -128
data/lib/snackhack2/wpForo_Forum.rb +23 -22
data/lib/snackhack2.rb +84 -81
metadata +23 -20

data/lib/snackhack2/cryptoextractor.rb CHANGED Viewed

@@ -1,64 +1,64 @@
-# frozen_string_literal: true
-require 'httparty'
-require 'uri'
-module Snackhack2
-  class CryptoExtractWebsite
-    attr_accessor :save_file
-    def initialize(site, save_file: true)
-      @http = Snackhack2::get(site).body
-      @site = site
-      @save_file = save_file
-    end
-    def all
-      addresses = []
-      addresses << monero unless monero.nil?
-      addresses << bitcoin unless bitcoin.nil?
-      addresses << dash unless dash.nil?
-      addresses << ethereum unless ethereum.nil?
-      addresses << bitcoincash unless bitcoincash.nil?
-      addresses << litecoin unless litecoin.nil?
-      addresses << dogecoin unless dogecoin.nil?
-      addresses << stellar unless stellar.nil?
-      if @save_file
-        Snackhack2::file_save(@site, "cryptoaddresses", addresses.uniq.join("\n"))
-      else
-        puts addresses.join("\n")
-      end
-    end
-    def monero
-        @http.scan(/([48][0-9AB][1-9A-HJ-NP-Za-km-z]{93})/)
-    end
-    def bitcoin
-      @http.scan(/(bc(0([ac-hj-np-z02-9]{39}|[ac-hj-np-z02-9]{59})|1[ac-hj-np-z02-9]{8,87})|[13][a-km-zA-HJ-NP-Z1-9]{25,35})/)
-    end
-    def dash
-      @http.scan(/(X[1-9A-HJ-NP-Za-km-z]{33})/)
-    end
-    def stellar
-      @http.scan(/(G[A-Z0-9]{55}$)/)
-    end
-    def litecoin
-      @http.scan(/([LM3][a-km-zA-HJ-NP-Z1-9]{26,33})/)
-    end
-    def dogecoin
-      @http.scan(/(D{1}[56789ABCDEFGHJKLMNPQRSTU]{1}[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]{32}$)/)
-    end
-    def ethereum
-      @http.scan(/(0x[a-fA-F0-9]{40})/)
-    end
-    def bitcoincash
-      @http.scan(/([13][a-km-zA-HJ-NP-Z1-9]{33})/)
-    end
-  end
-end
+# frozen_string_literal: true
+require 'httparty'
+require 'uri'
+module Snackhack2
+  class CryptoExtractWebsite
+    attr_accessor :save_file
+    def initialize(site, save_file: true)
+      @http = Snackhack2.get(site).body
+      @site = site
+      @save_file = save_file
+    end
+    def all
+      addresses = []
+      addresses << monero unless monero.nil?
+      addresses << bitcoin unless bitcoin.nil?
+      addresses << dash unless dash.nil?
+      addresses << ethereum unless ethereum.nil?
+      addresses << bitcoincash unless bitcoincash.nil?
+      addresses << litecoin unless litecoin.nil?
+      addresses << dogecoin unless dogecoin.nil?
+      addresses << stellar unless stellar.nil?
+      if @save_file
+        Snackhack2.file_save(@site, 'cryptoaddresses', addresses.uniq.join("\n"))
+      else
+        puts addresses.join("\n")
+      end
+    end
+    def monero
+      @http.scan(/([48][0-9AB][1-9A-HJ-NP-Za-km-z]{93})/)
+    end
+    def bitcoin
+      @http.scan(/(bc(0([ac-hj-np-z02-9]{39}|[ac-hj-np-z02-9]{59})|1[ac-hj-np-z02-9]{8,87})|[13][a-km-zA-HJ-NP-Z1-9]{25,35})/)
+    end
+    def dash
+      @http.scan(/(X[1-9A-HJ-NP-Za-km-z]{33})/)
+    end
+    def stellar
+      @http.scan(/(G[A-Z0-9]{55}$)/)
+    end
+    def litecoin
+      @http.scan(/([LM3][a-km-zA-HJ-NP-Z1-9]{26,33})/)
+    end
+    def dogecoin
+      @http.scan(/(D{1}[56789ABCDEFGHJKLMNPQRSTU]{1}[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]{32}$)/)
+    end
+    def ethereum
+      @http.scan(/(0x[a-fA-F0-9]{40})/)
+    end
+    def bitcoincash
+      @http.scan(/([13][a-km-zA-HJ-NP-Z1-9]{33})/)
+    end
+  end
+end

data/lib/snackhack2/dns.rb ADDED Viewed

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+require 'resolv'
+module Snackhack2
+  class Dns
+    attr_accessor :site
+    def initialize()
+      @site = site
+    end
+    def all_dns
+      nameserver
+      soa
+      txt
+      aaaa
+      mx
+    end
+    def a
+      a = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources @site.to_s, Resolv::DNS::Resource::IN::A
+        ress.each do |l|
+          a << l.address.to_s
+        end
+      end
+      a
+    end
+    def nameserver
+      ns = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources @site.to_s, Resolv::DNS::Resource::IN::NS
+        ress.each do |l|
+          ns << l.name.to_s
+        end
+      end
+      ns
+    end
+    def soa
+      soa = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources @site.to_s, Resolv::DNS::Resource::IN::SOA
+        ress.each do |l|
+          soa << l.rname
+          soa << l.mname
+          soa << l.ttl
+        end
+      end
+      soa
+    end
+    def txt
+      txt = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources @site.to_s, Resolv::DNS::Resource::IN::TXT
+        ress.each do |l|
+          txt << l.strings.to_s
+        end
+      end
+      txt
+    end
+    def aaaa
+      aaaa = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources @site.to_s, Resolv::DNS::Resource::IN::AAAA
+        ress.each do |l|
+          aaaa << l.address
+        end
+      end
+      aaaa
+    end
+    def hinfo
+      hinfo = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources @site.to_s, Resolv::DNS::Resource::IN::HINFO
+        ress.each do |l|
+          hinfo << l.exchange.to_s
+        end
+      end
+      hinfo
+    end
+    def mx
+      mx = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources @site.to_s, Resolv::DNS::Resource::IN::MX
+        ress.each do |l|
+          mx << l.exchange.to_s
+        end
+      end
+      mx
+    end
+  end
+end

data/lib/snackhack2/drupal.rb CHANGED Viewed

@@ -1,49 +1,47 @@
-require 'nokogiri'
-require 'open-uri'
-module Snackhack2
-  class Drupal
-    def initialize(site)
-      @site = site
-    end
-    def all
-      drupal_score
-      user_brute
-    end
-    def drupal_score
-      drupal_score = 0
-      d = Snackhack2::get(@site)
-      if d.code == 200
-        d.headers.each do |k|
-          if k.include?("drupal")
-            drupal_score += 10
-          end
-        end
-      end
-      d.headers.each do |v|
-        if v.include?("drupal")
-          drupal_score += 10
-        end
-      end
-      doc = Nokogiri::HTML(URI.open(@site))
-      posts = doc.xpath('//meta')
-      posts.each do |l|
-        if l.attributes['content'].to_s.include?("Drupal")
-          puts "[+] Drupal Version: #{l.attributes['content']}\n"
-        end
-      end
-      puts "Drupal Score: #{drupal_score}"
-    end
-    def user_brute
-      for user in 1..1000 do
-        u = Snackhack2::get(File.join(@site, "user", user.to_s)).body
-        if u.include?("Page not found")
-          puts "User count: #{user - 1}"
-          break
-        end
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+require 'nokogiri'
+require 'open-uri'
+module Snackhack2
+  class Drupal
+    attr_accessor :site
+    def initialize
+      @site = site
+    end
+    def all
+      drupal_score
+      user_brute
+    end
+    def drupal_score
+      drupal_score = 0
+      d = Snackhack2.get(@site)
+      if d.code == 200
+        d.headers.each do |k|
+          drupal_score += 10 if k.include?('drupal')
+        end
+      end
+      d.headers.each do |v|
+        drupal_score += 10 if v.include?('drupal')
+      end
+      doc = Nokogiri::HTML(URI.open(@site))
+      posts = doc.xpath('//meta')
+      posts.each do |l|
+        puts "\n\n[+] Drupal Version: #{l.attributes['content']}\n" if l.attributes['content'].to_s.include?('Drupal')
+      end
+      puts "\nDrupal Score: #{drupal_score}\n"
+    end
+    def user_brute
+      (1..1000).each do |user|
+        u = Snackhack2.get(File.join(@site, 'user', user.to_s)).body
+        if u.include?('Page not found')
+          puts "\nUser count: #{user - 1}\n"
+          break
+        end
+      end
+    end
+  end
+end

data/lib/snackhack2/emails.rb CHANGED Viewed

@@ -1,35 +1,31 @@
-require 'httparty'
-require 'spidr'
-module Snackhack2
-  class Email
-    attr_accessor :max_depth
-    def initialize(site, save_file: true, max_depth: 4)
-      @site = site
-      @save_file = save_file
-      @max_depth = max_depth
-    end
-    def max_depth
-      @max_depth
-    end
-    def run
-      found_emails = []
-      Spidr.start_at(@site, max_depth: @max_depth) do |agent|
-        agent.every_page do |page|
-          body = page.to_s
-          if body.scan(/[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}/)
-            email = body.scan(/[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}/).uniq
-            if !email.include?(found_emails)
-              if !email.empty?
-                found_emails << email
-              end
-            end
-          end
-        end
-      end
-      Snackhack2::file_save(@site, "emails", found_emails.uniq.join("\n")) if @save_file
-    end
-  end
-end
+# frozen_string_literal: true
+require 'httparty'
+require 'spidr'
+module Snackhack2
+  class Email
+    attr_accessor :max_depth
+    def initialize(site, save_file: true, max_depth: 4)
+      @site = site
+      @save_file = save_file
+      @max_depth = max_depth
+    end
+    attr_reader :max_depth
+    def run
+      found_emails = []
+      Spidr.start_at(@site, max_depth: @max_depth) do |agent|
+        agent.every_page do |page|
+          body = page.to_s
+          if body.scan(/[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}/)
+            email = body.scan(/[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}/).uniq
+            found_emails << email if !email.include?(found_emails) && !email.empty?
+          end
+        end
+      end
+      Snackhack2.file_save(@site, 'emails', found_emails.uniq.join("\n")) if @save_file
+    end
+  end
+end

data/lib/snackhack2/forward_remote.rb CHANGED Viewed

@@ -1,24 +1,26 @@
-require 'net/ssh'
-module Snackhack2
-  class SSHForwardRemote
-    attr_accessor :site, :user, :pass, :key, :lport, :lsite, :rport
-    def initialize
-      @site = site
-      @user = user
-      @pass = pass
-      @key  = key
-      @lport = lport
-      @lsite = lsite
-      @rport = rport
-    end
-    def run
-      Net::SSH.start(@site, @user, :password => @pass, :keys => @key) do |ssh|
-        ssh.forward.remote(@lport, @lsite, @rport)
-        puts "[+] Starting SSH remote forward tunnel"
-        ssh.loop { true }
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+require 'net/ssh'
+module Snackhack2
+  class SSHForwardRemote
+    attr_accessor :site, :user, :pass, :key, :lport, :lsite, :rport
+    def initialize
+      @site = site
+      @user = user
+      @pass = pass
+      @key  = key
+      @lport = lport
+      @lsite = lsite
+      @rport = rport
+    end
+    def run
+      Net::SSH.start(@site, @user, password: @pass, keys: @key) do |ssh|
+        ssh.forward.remote(@lport, @lsite, @rport)
+        puts '[+] Starting SSH remote forward tunnel'
+        ssh.loop { true }
+      end
+    end
+  end
+end

data/lib/snackhack2/google_analytics.rb CHANGED Viewed

@@ -1,28 +1,30 @@
-# frozen_string_literal: true
-require 'httparty'
-module Snackhack2
-  class GoogleAnalytics
-    attr_accessor :site
-    def initialize
-      @site = site
-    end
-    def run
-      a = Snackhack2::get(@site).body
-      case a
-      when /UA-\d{8}-\d/
-        puts a.match(/UA-\d{8}-\d/)
-      when /GTM-[A-Z0-9]{7}/
-        puts a.match(/GTM-[A-Z0-9]{7}/)
-      when /G-([0-9]+([A-Za-z]+[0-9]+)+)/
-        puts a.match(/G-([0-9]+([A-Za-z]+[0-9]+)+)/)
-      when /G-[A-Za-z0-9]+/
-        puts a.match(/G-[A-Za-z0-9]+/)
-      else
-        puts '[+] No Google Analytics found :('
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+require 'httparty'
+module Snackhack2
+  class GoogleAnalytics
+    attr_accessor :site
+    def initialize
+      @site = site
+    end
+    def run
+      a = Snackhack2.get(@site).body
+      case a
+      when /UA-\d{8}-\d/
+        puts a.match(/UA-\d{8}-\d/)
+      when /GTM-[A-Z0-9]{7}/
+        puts a.match(/GTM-[A-Z0-9]{7}/)
+      when /G-([0-9]+([A-Za-z]+[0-9]+)+)/
+        puts a.match(/G-([0-9]+([A-Za-z]+[0-9]+)+)/)
+      when /G-[A-Za-z0-9]+/
+        puts a.match(/G-[A-Za-z0-9]+/)
+      when /GT-[A-Za-z0-9]+/
+        puts a.match(/GT-[A-Za-z0-9]+/)
+      else
+        puts '[+] No Google Analytics found :('
+      end
+    end
+  end
+end

data/lib/snackhack2/indirect_command_injection.rb CHANGED Viewed

@@ -1,32 +1,34 @@
-module Snackhack2
-  class CommandInjection
-    attr_accessor :exe, :title, :prompt
-    def initialize
-      @exe = "calc.exe"
-      @title = "Click me!"
-      @prompt = "To run calculator"
-    end
-    def wlrmdr_With_prompt
-      Process.spawn("wlrmdr.exe -s 3600 -f 0 -t #{title} -m #{@prompt} -a 10 -u #{@exe}")
-    end
-    def wlrmdr_without_prompt
-      Process.spawn("wlrmdr.exe -s 3600 -f 0 -t _ -m _ -a 11 -u #{@exe}")
-    end
-    def conhost
-      Process.spawn("conhost.exe #{@exe}")
-    end
-    def conhost_hide
-      # Specify --headless parameter to hide child process window (if applicable)
-      Process.spawn("conhost.exe --headless #{@exe}")
-    end
-    def ssh
-      Process.spawn("ssh -o ProxyCommand=#{@exe} .")
-    end
-  end
-end
+# frozen_string_literal: true
+module Snackhack2
+  class CommandInjection
+    attr_accessor :exe, :title, :prompt
+    def initialize(exe, title, prompt)
+      @exe = 'calc.exe'
+      @title = 'Click me!'
+      @prompt = 'To run calculator'
+    end
+    def wlrmdr_With_prompt
+      Process.spawn("wlrmdr.exe -s 3600 -f 0 -t #{title} -m #{@prompt} -a 10 -u #{@exe}")
+    end
+    def wlrmdr_without_prompt
+      Process.spawn("wlrmdr.exe -s 3600 -f 0 -t _ -m _ -a 11 -u #{@exe}")
+    end
+    def conhost
+      Process.spawn("conhost.exe #{@exe}")
+    end
+    def conhost_hide
+      # Specify --headless parameter to hide child process window (if applicable)
+      Process.spawn("conhost.exe --headless #{@exe}")
+    end
+    def ssh
+      Process.spawn("ssh -o ProxyCommand=#{@exe} .")
+    end
+  end
+end

data/lib/snackhack2/iplookup.rb CHANGED Viewed

@@ -1,45 +1,52 @@
-# frozen_string_literal: true
-require 'socket'
-module Snackhack2
-  class IpLookup
-    attr_accessor :site
-    def initialize
-      @site = site
-    end
-    def run
-      get_ip
-      nslookup
-      socket
-    end
-    def get_ip
-      ips = []
-      ip = `ping -c 2 #{@site.gsub('https://', '')}`.lines
-      ip.each do |l|
-        new_ip = l.match(/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/)
-        ips << new_ip.to_s unless ips.include?(new_ip)
-      end
-      puts "IP via ping: #{ips.shift}\n\n\n\n"
-    end
-    def nslookup
-      ips = []
-      ns = `nslookup #{@site.gsub('https://', '')}`.lines
-      ns.each do |ip|
-        new_ip = ip.gsub("Address: ", "").strip if ip.include?('Address')
-        if !ips.include?(new_ip)
-          if !new_ip.nil?
-            ips << new_ip
-          end
-        end
-      end
-      Snackhack2::file_save(@site, "ip_lookup", ips.to_a.drop(1).join("\n"))
-    end
-    def socket
-      puts IPSocket::getaddress(@site.gsub("https://", ""))
-    end
-  end
-end
+# frozen_string_literal: true
+require 'socket'
+require 'colorize'
+module Snackhack2
+  class IpLookup
+    attr_accessor :site
+    def initialize(file_save: false)
+      @file_save = file_save
+      @site = site
+    end
+    def run
+      get_ip
+      nslookup
+      socket
+    end
+    def get_ip
+      ips = []
+      ip = `ping -c 2 #{@site.gsub('https://', '')}`.lines
+      ip.each do |l|
+        new_ip = l.match(/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/)
+        ips << new_ip.to_s if !new_ip.to_s.empty? && !ips.include?(new_ip)
+      end
+      ips
+    end
+    def nslookup
+      ips = []
+      ns = `nslookup #{@site.gsub('https://', '')}`.lines
+      ns.each do |ip|
+        new_ip = ip.gsub('Address: ', '').strip if ip.include?('Address')
+        if !ips.include?(new_ip) && !new_ip.nil?
+          ips << new_ip.split('Addresses:  ')[1].to_s
+        end
+      end
+      if @file_save
+        Snackhack2.file_save(@site, 'ip_lookup', ips.to_a.drop(1).join("\n"))
+      else
+        ips
+      end
+    end
+    def socket
+      puts IPSocket.getaddress(@site.gsub('https://', ''))
+    end
+  end
+end