snackhack2 0.6.4 → 0.6.5

data/lib/snackhack2/robots.rb

@@ -1,81 +1,80 @@
-# frozen_string_literal: true
-
-module Snackhack2
-  class Robots
-    
-    def initialize(site, save_file: true)
-      @site = site
-      @http = Snackhack2::get(File.join(@site, "robots.txt"))
-      @save_file = save_file
-    end
-
-    attr_reader :save_file
-
-    def run
-      save_txt_file = ''
-      allow    = allow_robots
-      disallow = disallow_robots
-      if @save_file
-        save_txt_file += "ALLOW:\n\n"
-        unless allow.empty?
-          allow.each do |list|
-            save_txt_file += list
-          end
-        end
-        save_txt_file += "DISALLOW:\n\n"
-        unless disallow.empty?
-          disallow.each do |list|
-            save_txt_file += list
-          end
-        end
-      else
-        puts allow
-        puts disallow
-      end
-      Snackhack2::file_save(@site, "robots", save_txt_file) if @save_file
-    end
-
-    def allow_robots
-      allow_dir = []
-      if @http.code == 200
-        body = @http.body.lines
-        body.each do |l|
-          allow_dir << l.split('Allow: ')[1] if l.match(/Allow:/)
-        end
-      else
-        puts "[+] Not giving code 200.\n"
-      end
-      open_links = []
-      allow_dir.each do |path|
-        link = Snackhack2::get(File.join(@site, path.strip))
-        if link.code == 200
-          valid_links = "#{@site}#{path}"
-          open_links << valid_links
-        end
-      end
-      open_links
-    end
-
-    def disallow_robots
-      disallow_dir = []
-      if @http.code == 200
-        body = @http.body.lines
-        body.each do |l|
-          disallow_dir << l.split('Disallow: ')[1] if l.match(/Disallow:/)
-        end
-      else
-        puts "[+] Not giving code 200.\n"
-      end
-      open_links = []
-      disallow_dir.each do |path|
-        link = Snackhack2::get(File.join(@site, path.strip))
-        if link.code == 200
-          valid_links = "#{@site}#{path}"
-          open_links << valid_links
-        end
-      rescue StandardError
-      end
-      open_links
-    end
-  end
-end
+# frozen_string_literal: true
+
+module Snackhack2
+  class Robots
+    def initialize(site, save_file: true)
+      @site = site
+      @http = Snackhack2.get(File.join(@site, 'robots.txt'))
+      @save_file = save_file
+    end
+
+    attr_reader :save_file
+
+    def run
+      save_txt_file = ''
+      allow    = allow_robots
+      disallow = disallow_robots
+      if @save_file
+        save_txt_file += "ALLOW:\n\n"
+        unless allow.empty?
+          allow.each do |list|
+            save_txt_file += list
+          end
+        end
+        save_txt_file += "DISALLOW:\n\n"
+        unless disallow.empty?
+          disallow.each do |list|
+            save_txt_file += list
+          end
+        end
+      else
+        puts allow
+        puts disallow
+      end
+      Snackhack2.file_save(@site, 'robots', save_txt_file) if @save_file
+    end
+
+    def allow_robots
+      allow_dir = []
+      if @http.code == 200
+        body = @http.body.lines
+        body.each do |l|
+          allow_dir << l.split('Allow: ')[1] if l.match(/Allow:/)
+        end
+      else
+        puts "[+] Not giving code 200.\n"
+      end
+      open_links = []
+      allow_dir.each do |path|
+        link = Snackhack2.get(File.join(@site, path.strip))
+        if link.code == 200
+          valid_links = "#{@site}#{path}"
+          open_links << valid_links
+        end
+      end
+      open_links
+    end
+
+    def disallow_robots
+      disallow_dir = []
+      if @http.code == 200
+        body = @http.body.lines
+        body.each do |l|
+          disallow_dir << l.split('Disallow: ')[1] if l.match(/Disallow:/)
+        end
+      else
+        puts "[+] Not giving code 200.\n"
+      end
+      open_links = []
+      disallow_dir.each do |path|
+        link = Snackhack2.get(File.join(@site, path.strip))
+        if link.code == 200
+          valid_links = "#{@site}#{path}"
+          open_links << valid_links
+        end
+      rescue StandardError
+      end
+      open_links
+    end
+  end
+end

data/lib/snackhack2/screenshots.rb

@@ -1,23 +1,25 @@
-require 'shellwords'
-module Snackhack2
-  class ScreenShot
-    attr_accessor :zip, :time
-
-    # https://lolbas-project.github.io/lolbas/Binaries/Psr/
-    def initialize
-      @zip = "screenshots.zip"
-      @time = 60
-    end
-
-    def run
-      File.open("lol.bat", 'w+') { |file| file.write("psr.exe /start /output #{@zip} /sc 1 /gui 0") }
-      File.open("lol2.bat", 'w+') { |file| file.write("psr.exe /stop") }
-      Process.spawn("lol.bat")
-      sleep @time.to_i
-      system("lol2.bat")
-      sleep 2
-      File.delete("lol.bat")
-      File.delete("lol2.bat")
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'shellwords'
+module Snackhack2
+  class ScreenShot
+    attr_accessor :zip, :time
+
+    # https://lolbas-project.github.io/lolbas/Binaries/Psr/
+    def initialize
+      @zip = 'screenshots.zip'
+      @time = 60
+    end
+
+    def run
+      File.open('lol.bat', 'w+') { |file| file.write("psr.exe /start /output #{@zip} /sc 1 /gui 0") }
+      File.open('lol2.bat', 'w+') { |file| file.write('psr.exe /stop') }
+      Process.spawn('lol.bat')
+      sleep @time.to_i
+      system('lol2.bat')
+      sleep 2
+      File.delete('lol.bat')
+      File.delete('lol2.bat')
+    end
+  end
+end

data/lib/snackhack2/sitemap.rb

@@ -1,22 +1,24 @@
-require 'httparty'
-require 'nokogiri'
-module Snackhack2
-  class SiteMap
-    def initialize(site)
-      @site = site
-    end
-
-    def run
-      sm = Snackhack2::get(File.join(@site, "sitemap.xml"))
-      if sm.code == 200
-        if !sm.body.include?("Not Found")
-          Snackhack2::file_save(@site, "site.xml", sm.body)
-        else
-          puts "[+] Eh. I don't think the site has a sitemap. Manually check just in case... :(\n\n"
-        end
-      else
-        puts "[+] Status Code: #{sm.code}"
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'httparty'
+require 'nokogiri'
+module Snackhack2
+  class SiteMap
+    def initialize(site)
+      @site = site
+    end
+
+    def run
+      sm = Snackhack2.get(File.join(@site, 'sitemap.xml'))
+      if sm.code == 200
+        if !sm.body.include?('Not Found')
+          Snackhack2.file_save(@site, 'site.xml', sm.body)
+        else
+          puts "[+] Eh. I don't think the site has a sitemap. Manually check just in case... :(\n\n"
+        end
+      else
+        puts "[+] Status Code: #{sm.code}"
+      end
+    end
+  end
+end

data/lib/snackhack2/ssrf.rb

@@ -1,20 +1,21 @@
+# frozen_string_literal: true
 
-
-#Process.spawn("ruby -run -ehttpd . -p8008")
-#sleep 10
+# Process.spawn("ruby -run -ehttpd . -p8008")
+# sleep 10
 module Snackhack2
   class SSRF
     attr_accessor :site
+
     def initialize
       @site = site
     end
+
     def ssrf
-      url = @site.gsub("SSRF", "http://google.com")
+      url = @site.gsub('SSRF', 'http://google.com')
       ht = HTTParty.get(url)
       if ht.body.include?("Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for.")
         puts "Boom Shaka. It's vulnerable to SSRF..."
       end
-    
     end
   end
-end
+end

data/lib/snackhack2/subdomains.rb

@@ -1,68 +1,68 @@
-# frozen_string_literal: true
-
-require 'uri'
-require 'resolv'
-require 'async/http/internet'
-module Snackhack2
-  class Subdomains
-    def initialize(site, wordlist: nil)
-      @site     = site
-      @wordlist = wordlist
-    end
-
-    def site
-      @site.gsub("https://", "")
-    end
-
-    def wordlist
-      File.join(__dir__, 'lists', 'subdomains.txt')
-    end
-
-    def run
-      File.readlines(wordlist).each do |sd|
-        resolv(sd)
-      end
-    end
-
-    def brute
-      found = ""
-      File.readlines(wordlist).each do |l|
-        s = "#{l.strip}.#{site}"
-        begin
-          puts File.join("https://", s)
-          g = Snackhack2::get(File.join("https://", s))
-          if g.code == 200
-            found += s + "\n"
-          elsif g.code == 300
-            found += s + "\n"
-          else
-            puts "HTTP Code: #{g.code}"
-          end
-        rescue => e
-          puts e
-        end
-      end
-      Snackhack2::file_save(@site, "subdomain_brute", found)
-    end
-
-    def resolv(sd)
-      # NOTE: this is really slow & multi thread does not work
-      # due to resolv
-      active = []
-      subdomains = []
-      Resolv::DNS.open do |dns|
-        ress = dns.getresources "#{sd}.#{@site}", Resolv::DNS::Resource::IN::A
-        unless ress.map(&:address).empty?
-          address = ress.map(&:address)
-          unless active.include?(address)
-            active << address
-            subdomains << "#{sd}.#{@site}" unless subdomains.include?(sd)
-          end
-        end
-      end
-      host = URI.parse(@site).host
-      File.open("#{host}_subdomains.txt", 'w+') { |file| file.write(subdomains.join("\n")) }
-      File.open("#{host}_ips.txt", 'w+') { |file| file.write(active.join("\n")) }
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'uri'
+require 'resolv'
+require 'async/http/internet'
+module Snackhack2
+  class Subdomains
+    def initialize(site, wordlist: nil)
+      @site     = site
+      @wordlist = wordlist
+    end
+
+    def site
+      @site.gsub('https://', '')
+    end
+
+    def wordlist
+      File.join(__dir__, 'lists', 'subdomains.txt')
+    end
+
+    def run
+      File.readlines(wordlist).each do |sd|
+        resolv(sd)
+      end
+    end
+
+    def brute
+      found = ''
+      File.readlines(wordlist).each do |l|
+        s = "#{l.strip}.#{site}"
+        begin
+          puts File.join('https://', s)
+          g = Snackhack2.get(File.join('https://', s))
+          if g.code == 200
+            found += "#{s}\n"
+          elsif g.code == 300
+            found += "#{s}\n"
+          else
+            puts "HTTP Code: #{g.code}"
+          end
+        rescue StandardError => e
+          puts e
+        end
+      end
+      Snackhack2.file_save(@site, 'subdomain_brute', found)
+    end
+
+    def resolv(sd)
+      # NOTE: this is really slow & multi thread does not work
+      # due to resolv
+      active = []
+      subdomains = []
+      Resolv::DNS.open do |dns|
+        ress = dns.getresources "#{sd}.#{@site}", Resolv::DNS::Resource::IN::A
+        unless ress.map(&:address).empty?
+          address = ress.map(&:address)
+          unless active.include?(address)
+            active << address
+            subdomains << "#{sd}.#{@site}" unless subdomains.include?(sd)
+          end
+        end
+      end
+      host = URI.parse(@site).host
+      File.open("#{host}_subdomains.txt", 'w+') { |file| file.write(subdomains.join("\n")) }
+      File.open("#{host}_ips.txt", 'w+') { |file| file.write(active.join("\n")) }
+    end
+  end
+end

data/lib/snackhack2/subdomains2.rb

@@ -1,43 +1,41 @@
-require 'async/http/internet'
-module Snackhack2
-  class Subdomains2
-    def initialize(site)
-      @site = site
-      @urls = []
-    end
-
-    def wordlist
-      File.join(__dir__, 'lists', 'subdomains.txt')
-    end
-
-    def save
-      Snackhack2::file_save(@site, "subdomain_brute2", @urls.join("\n"))
-    end
-
-    def run
-      File.readlines(wordlist).each do |a|
-        url = "https://" + a.strip + "." + @site.gsub("https://", "")
-        fetch(url)
-        puts url
-      end
-      save
-    end
-
-    def fetch(url)
-      begin
-        Sync do |task|
-          task.with_timeout(2) do
-            internet = Async::HTTP::Internet.new
-            m = internet.get(url, { "user-agent" => Snackhack2::UA })
-            if m.status == 200 or m.status == 301
-              @urls << url
-            end
-            m.read
-          end
-        end
-      rescue => e
-        puts e
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'async/http/internet'
+module Snackhack2
+  class Subdomains2
+    def initialize(site)
+      @site = site
+      @urls = []
+    end
+
+    def wordlist
+      File.join(__dir__, 'lists', 'subdomains.txt')
+    end
+
+    def save
+      Snackhack2.file_save(@site, 'subdomain_brute2', @urls.join("\n"))
+    end
+
+    def run
+      File.readlines(wordlist).each do |a|
+        url = "https://#{a.strip}.#{@site.gsub('https://', '')}"
+        fetch(url)
+        puts url
+      end
+      save
+    end
+
+    def fetch(url)
+      Sync do |task|
+        task.with_timeout(2) do
+          internet = Async::HTTP::Internet.new
+          m = internet.get(url, { 'user-agent' => Snackhack2::UA })
+          @urls << url if (m.status == 200) || (m.status == 301)
+          m.read
+        end
+      end
+    rescue StandardError => e
+      puts e
+    end
+  end
+end

data/lib/snackhack2/tomcat.rb

@@ -1,21 +1,23 @@
-require 'nokogiri'
-module Snackhack2
-  class TomCat
-    def initialize(site)
-      @site = site
-    end
-
-    def run
-      tc = Snackhack2::get(File.join(@site, "/docs/"))
-      if tc.code == 404
-        if tc.body.include?("Tomcat")
-          doc = Nokogiri::HTML(tc.body)
-          version = doc.at('h3').text
-          puts "[+] Looks like the site is Tomcat, running #{version}."
-        end
-      else
-        puts "[+] Status code: #{tc.code}"
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'nokogiri'
+module Snackhack2
+  class TomCat
+    def initialize(site)
+      @site = site
+    end
+
+    def run
+      tc = Snackhack2.get(File.join(@site, '/docs/'))
+      if tc.code == 404
+        if tc.body.include?('Tomcat')
+          doc = Nokogiri::HTML(tc.body)
+          version = doc.at('h3').text
+          puts "[+] Looks like the site is Tomcat, running #{version}."
+        end
+      else
+        puts "[+] Status code: #{tc.code}"
+      end
+    end
+  end
+end

data/lib/snackhack2/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Snackhack2
-  VERSION = '0.6.4'
+  VERSION = '0.6.5'
 end

data/lib/snackhack2/webserver_log_cleaner.rb

@@ -1,27 +1,28 @@
-# frozen_string_literal: true
-
-module Snackhack2
-  class WebServerCleaner
-    attr_accessor :ip
-    def initialize(path: File.join('/var/log', 'access.log'))
-      @ip   = ip
-      @path = path
-    end
-
-    def run
-      out = ''
-      # generate random IP
-      new_ip = Array.new(4) { rand(256) }.join('.')
-      File.readlines(@path).each do |line|
-        old_ip = line.match(/((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/)
-        out += if old_ip.to_s == @ip
-                 line.gsub(old_ip.to_s, new_ip)
-               else
-                 line
-               end
-      end
-      File.delete(@path)
-      File.open(@path, 'w+') { |file| file.write(out) }
-    end
-  end
-end
+# frozen_string_literal: true
+
+module Snackhack2
+  class WebServerCleaner
+    attr_accessor :ip
+
+    def initialize(path: File.join('/var/log', 'access.log'))
+      @ip   = ip
+      @path = path
+    end
+
+    def run
+      out = ''
+      # generate random IP
+      new_ip = Array.new(4) { rand(256) }.join('.')
+      File.readlines(@path).each do |line|
+        old_ip = line.match(/((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/)
+        out += if old_ip.to_s == @ip
+                 line.gsub(old_ip.to_s, new_ip)
+               else
+                 line
+               end
+      end
+      File.delete(@path)
+      File.open(@path, 'w+') { |file| file.write(out) }
+    end
+  end
+end