bbot 2.1.0.5040rc0__py3-none-any.whl → 2.1.0.5082rc0__py3-none-any.whl

bbot/__init__.py

@@ -1,4 +1,4 @@
 # version placeholder (replaced by poetry-dynamic-versioning)
-__version__ = "v2.1.0.5040rc"
+__version__ = "v2.1.0.5082rc"
 
 from .scanner import Scanner, Preset

bbot/modules/bufferoverrun.py

@@ -0,0 +1,48 @@
+from bbot.modules.templates.subdomain_enum import subdomain_enum_apikey
+
+
+class BufferOverrun(subdomain_enum_apikey):
+    watched_events = ["DNS_NAME"]
+    produced_events = ["DNS_NAME"]
+    flags = ["subdomain-enum", "passive", "safe"]
+    meta = {
+        "description": "Query BufferOverrun's TLS API for subdomains",
+        "created_date": "2024-10-23",
+        "author": "@TheTechromancer",
+        "auth_required": True,
+    }
+    options = {"api_key": "", "commercial": False}
+    options_desc = {"api_key": "BufferOverrun API key", "commercial": "Use commercial API"}
+
+    base_url = "https://tls.bufferover.run/dns"
+    commercial_base_url = "https://bufferover-run-tls.p.rapidapi.com/ipv4/dns"
+
+    async def setup(self):
+        self.commercial = self.config.get("commercial", False)
+        return await super().setup()
+
+    def prepare_api_request(self, url, kwargs):
+        if self.commercial:
+            kwargs["headers"]["x-rapidapi-host"] = "bufferover-run-tls.p.rapidapi.com"
+            kwargs["headers"]["x-rapidapi-key"] = self.api_key
+        else:
+            kwargs["headers"]["x-api-key"] = self.api_key
+        return url, kwargs
+
+    async def request_url(self, query):
+        url = f"{self.commercial_base_url if self.commercial else self.base_url}?q=.{query}"
+        return await self.api_request(url)
+
+    def parse_results(self, r, query):
+        j = r.json()
+        subdomains_set = set()
+        if isinstance(j, dict):
+            results = j.get("Results", [])
+            for result in results:
+                parts = result.split(",")
+                if len(parts) > 4:
+                    subdomain = parts[4].strip()
+                    if subdomain and subdomain.endswith(f".{query}"):
+                        subdomains_set.add(subdomain)
+            for subdomain in subdomains_set:
+                yield subdomain

bbot/test/run_tests.sh

@@ -10,7 +10,7 @@ echo
 
 echo "[+] Linting with flake8"
 echo "======================="
-flake8 --select F,E722 --ignore F403,F405,F541 --per-file-ignores="*/__init__.py:F401,F403" "$bbot_dir" || exit 1
+flake8 "$bbot_dir" || exit 1
 echo
 
 if [ "${1}x" != "x" ] ; then

bbot/test/test_step_2/module_tests/base.py

@@ -89,6 +89,10 @@ class ModuleTestBase:
     async def module_test(
         self, httpx_mock, bbot_httpserver, bbot_httpserver_ssl, monkeypatch, request, caplog, capsys
     ):
+        # Skip dastardly test if we're in the distro tests (because dastardly uses docker)
+        if os.getenv("BBOT_DISTRO_TESTS") and self.name == "dastardly":
+            pytest.skip("Skipping module_test for dastardly module due to BBOT_DISTRO_TESTS environment variable")
+
         self.log.info(f"Starting {self.name} module test")
         module_test = self.ModuleTest(
             self, httpx_mock, bbot_httpserver, bbot_httpserver_ssl, monkeypatch, request, caplog, capsys

bbot/test/test_step_2/module_tests/test_module_bufferoverrun.py

@@ -0,0 +1,35 @@
+from .base import ModuleTestBase
+
+
+class TestBufferOverrun(ModuleTestBase):
+    config_overrides = {"modules": {"bufferoverrun": {"api_key": "asdf", "commercial": False}}}
+
+    async def setup_before_prep(self, module_test):
+        # Mock response for non-commercial API
+        module_test.httpx_mock.add_response(
+            url="https://tls.bufferover.run/dns?q=.blacklanternsecurity.com",
+            match_headers={"x-api-key": "asdf"},
+            json={"Results": ["1.2.3.4,example.com,*,*,sub.blacklanternsecurity.com"]},
+        )
+
+    def check(self, module_test, events):
+        assert any(e.data == "sub.blacklanternsecurity.com" for e in events), "Failed to detect subdomain for free API"
+
+
+class TestBufferOverrunCommercial(ModuleTestBase):
+    modules_overrides = ["bufferoverrun"]
+    module_name = "bufferoverrun"
+    config_overrides = {"modules": {"bufferoverrun": {"api_key": "asdf", "commercial": True}}}
+
+    async def setup_before_prep(self, module_test):
+        # Mock response for commercial API
+        module_test.httpx_mock.add_response(
+            url="https://bufferover-run-tls.p.rapidapi.com/ipv4/dns?q=.blacklanternsecurity.com",
+            match_headers={"x-rapidapi-host": "bufferover-run-tls.p.rapidapi.com", "x-rapidapi-key": "asdf"},
+            json={"Results": ["5.6.7.8,blacklanternsecurity.com,*,*,sub.blacklanternsecurity.com"]},
+        )
+
+    def check(self, module_test, events):
+        assert any(
+            e.data == "sub.blacklanternsecurity.com" for e in events
+        ), "Failed to detect subdomain for commercial API"

{bbot-2.1.0.5040rc0.dist-info → bbot-2.1.0.5082rc0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: bbot
-Version: 2.1.0.5040rc0
+Version: 2.1.0.5082rc0
 Summary: OSINT automation for hackers.
 Home-page: https://github.com/blacklanternsecurity/bbot
 License: GPL-3.0

{bbot-2.1.0.5040rc0.dist-info → bbot-2.1.0.5082rc0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-bbot/__init__.py,sha256=j4saq3Qh_SIZDA6Mrly67tKCR9u2KJAhWf--5YaEp5g,130
+bbot/__init__.py,sha256=ySHQPiAGcGB9Q3oG9Il3s_EB6K2_oDGzjNwuHWeZkdQ,130
 bbot/cli.py,sha256=7S3a4eB-Dl8yodc5WC-927Z30CNlLl9EXimGvIVypJo,10434
 bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
 bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
@@ -67,6 +67,7 @@ bbot/modules/bucket_digitalocean.py,sha256=QtTRWAsKgWHaVHSiTfLmesIiVlVNExxPv-NlK
 bbot/modules/bucket_file_enum.py,sha256=MsjXKNQoHon_M0-IvlsyYY9esKrqBi_a0fSUTJJpM20,2388
 bbot/modules/bucket_firebase.py,sha256=fburk4quEWbGeixD-PUJh5X06pigHtvbV_mETUX-e4s,1380
 bbot/modules/bucket_google.py,sha256=IHTfWZEy8wsf8QJ8HXUiVlfo9wxBobrPBVzuERDPcvk,2545
+bbot/modules/bufferoverrun.py,sha256=FcHzj04iSyBqyfUY6lBPLlkD-hT-hBgICKJqlgIGkHY,1865
 bbot/modules/builtwith.py,sha256=A2Q70GtHtMHQgLYgX-UhUNzBwIZ7n0p5IOEI5lPSBk4,5369
 bbot/modules/bypass403.py,sha256=Qrszg-vVfjKA0IosM88CekpW6BcazJThpl5moXIdeiQ,6843
 bbot/modules/c99.py,sha256=cvyLZ7oHk6kxq6UWu0oISbXLKwnZW9yNBmsvT1RTGwI,1388
@@ -222,7 +223,7 @@ bbot/test/bbot_fixtures.py,sha256=J1_MfpCMXftfGHZc-dgn42ODpTmSJidoBibOltfthac,98
 bbot/test/conftest.py,sha256=QBLUuJSsjYpy8mX1iQTZh9xYMJju3EORUwOEwA-nlH0,10350
 bbot/test/coverage.cfg,sha256=ko9RacAYsJxWJCL8aEuNtkAOtP9lexYiDbeFWe8Tp8Y,31
 bbot/test/owasp_mastg.apk,sha256=Hai_V9JmEJ-aB8Ab9xEaGXXOAfGQudkUvNOuPb75byE,66651
-bbot/test/run_tests.sh,sha256=1OeabJIr_MiWzyoixe-x25qlTu2Ax9U8eO-Ex40ufHA,1030
+bbot/test/run_tests.sh,sha256=0oprBl970NAqXS4YQa8nRUtKljPeS_WNSvd-QmO5FNY,945
 bbot/test/test.conf,sha256=HrE7z3O91wg2MeauqIP-rwq10FAB5K6WrHJrX1eN7oc,963
 bbot/test/test_output.ndjson,sha256=Jfor8nUJ3QTEwXxD6UULrFXM4zhP5wflWo_UNekM3V8,323
 bbot/test/test_step_1/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -250,7 +251,7 @@ bbot/test/test_step_1/test_target.py,sha256=jjG9FUmYIfyqmcmvxzBHRDkP45LIQkbym07u
 bbot/test/test_step_1/test_web.py,sha256=DZGQK1ABda2Sr9cy06BzVvSNIY1vroQM1Z6n2myB3OA,18649
 bbot/test/test_step_2/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 bbot/test/test_step_2/module_tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-bbot/test/test_step_2/module_tests/base.py,sha256=AW467GsMdH6YYaemX6yiRe0Hwdur_RRil2LDaF6e264,5542
+bbot/test/test_step_2/module_tests/base.py,sha256=ewnKM4yQr0HfZD51L2iEwtwlR8sCvGz7qA9yqPU5OM4,5821
 bbot/test/test_step_2/module_tests/test_module_affiliates.py,sha256=d6uAzb_MF4oNGFEBG7Y6T2y0unWpf1gqNxUXRaYqOdk,673
 bbot/test/test_step_2/module_tests/test_module_aggregate.py,sha256=hjxbMxAEFhS7W8RamBrM1t6T-tsLHq95MmQVfrYsock,487
 bbot/test/test_step_2/module_tests/test_module_ajaxpro.py,sha256=0sPzcm0O3mmeqcOb8BUPijdAwt5TJvyaGDdbJdDMgYI,2789
@@ -272,6 +273,7 @@ bbot/test/test_step_2/module_tests/test_module_bucket_digitalocean.py,sha256=EFz
 bbot/test/test_step_2/module_tests/test_module_bucket_file_enum.py,sha256=aOgtrsb32nnTZBvX1tf6Fvfjc-GvuxA8Tu7LGq2oDJo,2301
 bbot/test/test_step_2/module_tests/test_module_bucket_firebase.py,sha256=gM3h1staY3tEHF2l9cYgRhaVwEg7ykfo4E0mvhqTA0g,506
 bbot/test/test_step_2/module_tests/test_module_bucket_google.py,sha256=wXROpF9TSQVOa8cGTOo8k9uDEj7H5pNAcppj4WR3qnY,1312
+bbot/test/test_step_2/module_tests/test_module_bufferoverrun.py,sha256=os7A6vdwlAAXvprwBdNBD05kylva7ZVxyhchkhQiSs4,1580
 bbot/test/test_step_2/module_tests/test_module_builtwith.py,sha256=c_Ta6OXWYdUdcwuE-AbaT-tzj8SUuglMecQX6mDavuE,5051
 bbot/test/test_step_2/module_tests/test_module_bypass403.py,sha256=-MV06l6Q7d_sM0L2OIw1ReXJc2dj30xC3suOl2HhZTY,3551
 bbot/test/test_step_2/module_tests/test_module_c99.py,sha256=-xyL1y3eX_rGuBR-U0N1HDZuAw_A_UysN5PupWe0iDI,7427
@@ -393,8 +395,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ruUQwVfia1_m2u
 bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
 bbot/wordlists/valid_url_schemes.txt,sha256=VciB-ww0y-O8Ii1wpTR6rJzGDiC2r-dhVsIJApS1ZYU,3309
 bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
-bbot-2.1.0.5040rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
-bbot-2.1.0.5040rc0.dist-info/METADATA,sha256=Jf78WfmvMNOkzQKIetVKqCOfYWXZfa9Jtq_3qp7jNSg,16930
-bbot-2.1.0.5040rc0.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
-bbot-2.1.0.5040rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
-bbot-2.1.0.5040rc0.dist-info/RECORD,,
+bbot-2.1.0.5082rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
+bbot-2.1.0.5082rc0.dist-info/METADATA,sha256=4fRHOgeCohCtqez5Cudegh46ZG2vJmKvC62Q1x-VfAo,16930
+bbot-2.1.0.5082rc0.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
+bbot-2.1.0.5082rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
+bbot-2.1.0.5082rc0.dist-info/RECORD,,