snackhack2 0.6.6 → 0.6.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b016f87e2b46dc87ffab71256f1b5880f3db8b1bf16ccbc35bbe7aeeb0e7fe26
-  data.tar.gz: 1a9accfc1fe6f09c5d3e5f624eeeb032441f0fac9a25523c0b08f8b34c9963da
+  metadata.gz: 0ebd87b5313f0ca67abbb146beb1990b448c4dbe073afbb46122440d35849063
+  data.tar.gz: 9ae6115bbe6a97494dab6dfd02acf854abcd4c9acd6b605b3de35103497fd767
 SHA512:
-  metadata.gz: ce184f5769d385950ebc9a5824f4788398cf301544eacc0dd59a7b2bd64e100f0b4816db9807e307287e8ef89085d18168a575f9b620177dd3bdac53916bcf49
-  data.tar.gz: 82efd660a7495c292a45c527cc9e937e73b143c00fb8e36800be34544c9447f3864f07f1d137d351ab2acd70aa126f8d2ace81080acd79cfcbba61a1b6350a54
+  metadata.gz: ae1dcbd9a7f7f43f74d37ca079ea24c0693eabd5b8bd0bf5467801341bb50dff9e7fc28a70a4795d45af2d5c3c847578560a7ee86f199edc26d7c35bef50deba
+  data.tar.gz: a5a50dd46b6b9870caba17892f620f42212ecada0cb430700184c004b8da2e39d50dbd760049e0a742636495cae3d261c5669e04faf5134913111b489956d428

data/lib/snackhack2/SSL.rb

@@ -0,0 +1,23 @@
+require 'net/http'
+require 'openssl'
+module Snackhack2
+	class SSLCert
+		attr_accessor :site
+
+	    def initialize
+	    	@site = site
+	    end
+		def get_cert
+			begin
+				if @site.downcase.include?("https://")
+					@site = @site.downcase.gsub("https://", "")
+				end
+				uri = URI::HTTPS.build(host: @site)
+				response = Net::HTTP.start(uri.host, uri.port, :use_ssl => true)
+				cert = response.peer_cert
+				puts cert.serial
+			rescue OpenSSL::SSL::SSLError,Net::OpenTimeout, Errno::EHOSTUNREACH
+			end
+		end
+	end
+end

data/lib/snackhack2/bannergrabber.rb

@@ -1,5 +1,4 @@
-# frozen_string_literal: true
-
+ # frozen_string_literal: true
 require 'socket'
 module Snackhack2
   class BannerGrabber
@@ -15,6 +14,7 @@ module Snackhack2
       nginx
       apache2
       wordpress
+      get_ssh_info
     end
     def headers
       @headers = Snackhack2.get(@site).headers
@@ -76,6 +76,15 @@ module Snackhack2
       # make a request to the site and grab the headers. 
       Snackhack2.get(@site).headers
     end
+
+    def get_tcp_info(ports: "")
+      ports = 22 if ports.empty?
+      begin
+        TCPSocket.new(@site, ports).recv(1024)
+      rescue => e
+        puts "ERROR OCCURRED"
+      end
+    end
     def cloudflare(print_status: true)
       # the purpose of this method is to 
       # check to see if a site has 

data/lib/snackhack2/drupal.rb

@@ -19,13 +19,12 @@ module Snackhack2
       drupal_score = 0
       d = Snackhack2.get(@site)
       if d.code == 200
-        d.headers.each do |k|
-          drupal_score += 10 if k.include?('drupal')
+        d.headers.each do |k,v|
+          drupal_score += 10 if k.downcase.include?('drupal')
+          drupal_score += 10 if v.downcase.include?('drupal')
         end
       end
-      d.headers.each do |v|
-        drupal_score += 10 if v.include?('drupal')
-      end
+      
       doc = Nokogiri::HTML(URI.open(@site))
       posts = doc.xpath('//meta')
       posts.each do |l|

data/lib/snackhack2/emails.rb

@@ -6,7 +6,7 @@ module Snackhack2
   class Email
     attr_accessor :max_depth
 
-    def initialize(site, save_file: true, max_depth: 4)
+    def initialize(site, save_file: true, max_depth: 2)
       @site = site
       @save_file = save_file
       @max_depth = max_depth

data/lib/snackhack2/phishing_tlds.rb

@@ -167,8 +167,6 @@ class PhishingTlds < PhishingData
           letters_with_more_than_one << key
       end
     end
-    
-    
     ds = remove_tlds
     new_ds = ds.shift
     
@@ -184,23 +182,19 @@ class PhishingTlds < PhishingData
         # removes ALL chracters ( l )
         remove_letters_out <<  new_ds.gsub(l, "")
     end
-    
-    domains_with_tlds = []
-    # adding the TLDS to the 'remove_letter_out' array
-    domains.each do |d|
-      remove_letters_out.each do |rl|
-        # adds the words ( rl ) and the TLDS ( d )
-        # to the domains_with_tld array.
-        domains_with_tlds << "#{rl}#{d}"
+  add_tlds(remove_letters_out)
+  end
+  def add_tlds(list)
+    # takes the newly created domains (list)
+    # and adds the tlds (domains) to the newly created
+    # ones. 
+    o = []
+    list.each do |rr|
+      domains.each do |dd|
+        o << "#{rr}#{dd}"
       end
     end
-    if array_out
-        domains_with_tlds
-    else
-       # will print the contents of the array
-       # instead of returning the array
-       domains_with_tlds.each  { |a| puts a }
-    end
+  o
   end
   def combosquatting
     # where the generated domains will be located.
@@ -232,16 +226,9 @@ class PhishingTlds < PhishingData
         end
       end
     end
-    final_results = []
-    
-    # Loops through the domains array in the PhishingData class
-    domains.each do |tlds|
-      results.each do |r|
-        new_domain = "#{r}#{tlds}"
-        final_results << new_domain
-      end
-    end
-    final_results
+  # adds the tlds to the newly created domains
+
+  add_tlds(results)
   end
   def change_tld(no_tld: true)
     # This method will take the inputted site in @site and 
@@ -270,18 +257,74 @@ class PhishingTlds < PhishingData
       # removes .com, .org, etc
       ds = remove_tlds
     
-      # join the elements together
+      # join the elements together with .
       ds = ds.join(".")
       
-      
       # loops through the tlds
       domains.each do |tlds|
           # adds the new domains to the array
-          list_of_domains <<  ds + tlds
+          list_of_domains << "#{ds}#{tlds}" 
+          #ds + tlds
       end
     list_of_domains
     end
   end
+  def idn_homograph 
+    letters = {
+      "o" => ["0", "О", "ó", "о","ο","օ","ȯ","ọ","ỏ","ơ","ó","ö"],
+      "i" => ["1","ı", "ỉ", "і", "í", "ï"],
+      "a" => ["а","α", "ạ"],
+      "h" => ["н", "һ", "ĥ"], 
+      "c" => ["с"],
+      "I" => "l",
+      "e" => ["е", "℮", "ё", "ė", "ẹ"],
+      "b" => [ "þ", "в", "B" ],
+      "g" => [ "ɢ"],
+      "l" => ["Ɩ", "Ι"],
+      "m" => ["m", "ʍ", "м"],
+      "t" => ["т", "ţ"],
+      "p" => ["р"],
+      "y" => ["у", "ý"],
+      "k" => ["ķ"],
+      "d" => ["ɗ"],
+      "z" => ["ź","ʐ", "ż"],
+      "s" => ["ś", "ṣ"],
+      "u" => ["ų", "υ", "ս","ü","ú","ù"],
+      "n" => ["ń", "ñ"],
+      "r" => ["ɾ", "R", "r", "ʀ", "Ի", "Ꮢ", "ᚱ", "Ｒ", "ｒ"],
+      "ll" => ["ǁ"],
+      "q" => ["զ"],
+      "j" => ["ј", "ʝ"],
+      "v" => ["ν", "ѵ"],
+      "x" => ["х" "ҳ"]
+    }
+    tlds = @site.split(".")
+    # removes the tlds
+    tlds.pop
+    # joins back the rest of the site
+    tlds = tlds.join(".")
+
+    new_domains = []
+    letters.each do |k, v|
+      tlds.split(//).each do |letter|
+        # if the letter elements
+        # are qual to the key vlaue 
+        # located in the letters hash
+        if letter.eql?(k)
+          # find the key and replace it 
+          # the v ( idn )
+          if v.kind_of?(Array)
+            # detct if the v ( value ) 
+            # is an array. If it is 
+            # then it will "randomly" pick an element
+            v = v.sample
+          end
+          new_domains <<  tlds.gsub(k, v)                                                                                          
+        end
+      end
+    end
+  add_tlds(new_domains)
+  end
   private :remove_tlds, :domain_split
   end
 end

data/lib/snackhack2/ssrf.rb

@@ -9,8 +9,9 @@ module Snackhack2
     def initialize
       @site = site
     end
-
-    def ssrf
+    def port_scan
+    end
+    def ssrf_google
       url = @site.gsub('SSRF', 'http://google.com')
       ht = HTTParty.get(url)
       if ht.body.include?("Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for.")

data/lib/snackhack2/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Snackhack2
-  VERSION = '0.6.6'
+  VERSION = '0.6.8'
 end

data/lib/snackhack2.rb

@@ -86,7 +86,17 @@ module Snackhack2
       File.delete(file)
     end
   end
-
+  def self.read_emails
+    email_filter = []
+    Dir['*_emails.txt'].each do |file|
+      File.readlines(file).each do |k|
+        domain =  k.split(".")[1].strip
+        unless domain.eql?("png")
+          puts k
+        end
+      end
+    end
+  end
   def self.read_portscan
     files = Dir['*_port_scan.txt']
     files.each do |f|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: snackhack2
 version: !ruby/object:Gem::Version
-  version: 0.6.6
+  version: 0.6.8
 platform: ruby
 authors:
 - mike
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2025-10-19 00:00:00.000000000 Z
+date: 2025-11-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -76,6 +76,7 @@ files:
 - lib/snackhack2.rb
 - lib/snackhack2/CVE-2017-9841.rb
 - lib/snackhack2/Honeywell_PM43.rb
+- lib/snackhack2/SSL.rb
 - lib/snackhack2/WP_Symposium.rb
 - lib/snackhack2/bannergrabber.rb
 - lib/snackhack2/bypass_403.rb