bbot 2.4.2.6608rc0__py3-none-any.whl → 2.4.2.6611rc0__py3-none-any.whl

bbot/__init__.py

@@ -1,5 +1,5 @@
 # version placeholder (replaced by poetry-dynamic-versioning)
-__version__ = "v2.4.2.6608rc"
+__version__ = "v2.4.2.6611rc"
 
 from .scanner import Scanner, Preset
 

bbot/test/test_step_2/module_tests/base.py

@@ -91,9 +91,9 @@ class ModuleTestBase:
     async def module_test(
         self, httpx_mock, bbot_httpserver, bbot_httpserver_ssl, monkeypatch, request, caplog, capsys
     ):
-        # Skip dastardly test if we're in the distro tests (because dastardly uses docker)
+        # If a test uses docker, we can't run it in the distro tests
         if os.getenv("BBOT_DISTRO_TESTS") and self.skip_distro_tests:
-            pytest.skip("Skipping module_test for dastardly module due to BBOT_DISTRO_TESTS environment variable")
+            pytest.skip("Skipping test since it uses docker")
 
         self.log.info(f"Starting {self.name} module test")
         module_test = self.ModuleTest(

{bbot-2.4.2.6608rc0.dist-info → bbot-2.4.2.6611rc0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: bbot
-Version: 2.4.2.6608rc0
+Version: 2.4.2.6611rc0
 Summary: OSINT automation for hackers.
 License: GPL-3.0
 Keywords: python,cli,automation,osint,threat-intel,intelligence,neo4j,scanner,python-library,hacking,recursion,pentesting,recon,command-line-tool,bugbounty,subdomains,security-tools,subdomain-scanner,osint-framework,attack-surface,subdomain-enumeration,osint-tool

{bbot-2.4.2.6608rc0.dist-info → bbot-2.4.2.6611rc0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-bbot/__init__.py,sha256=f4ki_KyS_oJVQYdFblwwJ7F8FE7Xj0I-rDoOOdUzd9E,163
+bbot/__init__.py,sha256=Sj6Ww0s5mr9AjzAEu-u6gU8g5aBo7xw-OHJg-aVo95Q,163
 bbot/cli.py,sha256=1QJbANVw9Q3GFM92H2QRV2ds5756ulm08CDZwzwPpeI,11888
 bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
 bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
@@ -83,7 +83,6 @@ bbot/modules/code_repository.py,sha256=x70Z45VnNNMF8BPkHfGWZXsZXw_fStGB3y0-8jbP1
 bbot/modules/credshed.py,sha256=HAF5wgRGKIIpdMAe4mIAtkZRLmFYjMFyXtjjst6RJ20,4203
 bbot/modules/crt.py,sha256=6Zm90VKXwYYN6Sab0gwwhTARrtnQIqALJTVtFWMMTGk,1369
 bbot/modules/crt_db.py,sha256=xaIm2457_xGJjnKss73l1HpPn7pLPHksVzejsimTfZA,2198
-bbot/modules/dastardly.py,sha256=lLKfd00UTSXlKd2XUdbv5SYI-oUuLfQcBJ_iuXoWsbU,5325
 bbot/modules/dehashed.py,sha256=iyzWHmJs6zC7FsRhw9_AdkckQKCf_0oNnL9RwG409r0,5071
 bbot/modules/digitorus.py,sha256=XQY0eAQrA7yo8S57tGncP1ARud-yG4LiWxx5VBYID34,1027
 bbot/modules/dnsbimi.py,sha256=A4cqhvhytmEEd-tY4CgFwMLbsVtMjkRY9238Aj8aVtU,6921
@@ -295,7 +294,7 @@ bbot/test/test_step_1/test_web.py,sha256=qzMb5v_1l6fK6SvJZoHpBI3Zb7iaHU_VnenQ8UQ
 bbot/test/test_step_1/test_web_envelopes.py,sha256=28cwm_HZvdGo__uiaShO2AwTJ728FTKwpESRB418AIc,18259
 bbot/test/test_step_2/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 bbot/test/test_step_2/module_tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-bbot/test/test_step_2/module_tests/base.py,sha256=ZlmcRyiui3FrNIlErxDL6LjR1xg2pomyMVzmbROenq0,6017
+bbot/test/test_step_2/module_tests/base.py,sha256=tLaO3Csb4DPv4Nuu5xjEPdYhsj70f_vZVV0voTisjyM,5942
 bbot/test/test_step_2/module_tests/test_module_affiliates.py,sha256=d6uAzb_MF4oNGFEBG7Y6T2y0unWpf1gqNxUXRaYqOdk,673
 bbot/test/test_step_2/module_tests/test_module_aggregate.py,sha256=hjxbMxAEFhS7W8RamBrM1t6T-tsLHq95MmQVfrYsock,487
 bbot/test/test_step_2/module_tests/test_module_ajaxpro.py,sha256=S2pFV0TgOJ01SMHnIxcoBkGZ8SAaQVY9o32DOFoZ1u4,3857
@@ -330,7 +329,6 @@ bbot/test/test_step_2/module_tests/test_module_credshed.py,sha256=ipkCFL7YmZBLWW
 bbot/test/test_step_2/module_tests/test_module_crt.py,sha256=V15tE1jcXdXJEzEEdAJvSMRWhKBFtxBBUJ_eewvV3U4,717
 bbot/test/test_step_2/module_tests/test_module_crt_db.py,sha256=R0CvLnzhN5T7XNPVSDRYD9vSwYMTNED6w-EPGoWPVII,849
 bbot/test/test_step_2/module_tests/test_module_csv.py,sha256=UJqMqdiPjx-UjJw10OoVMAj378wu5mWIq0v04TCljTM,579
-bbot/test/test_step_2/module_tests/test_module_dastardly.py,sha256=jjpJD9mdCcbaJgnG63xE-J_Qqpjt9hpm_WvfHDLfTsc,2353
 bbot/test/test_step_2/module_tests/test_module_dehashed.py,sha256=BZ0LFO4xBwDsXzsqjZCYRMTbXdwwUEma2OeJh8YQIEs,3625
 bbot/test/test_step_2/module_tests/test_module_digitorus.py,sha256=1GwxQGny6TxHsV8Fx7cR-aaLU8ZZkcF065VM_XoG1Hs,1612
 bbot/test/test_step_2/module_tests/test_module_discord.py,sha256=Z66fGb-kkdZTQfUh6WZiM35Ad-gDyvwxlA7mUUB2vnQ,1838
@@ -450,8 +448,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ZSIVebs7ptMvHx
 bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
 bbot/wordlists/valid_url_schemes.txt,sha256=0B_VAr9Dv7aYhwi6JSBDU-3M76vNtzN0qEC_RNLo7HE,3310
 bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
-bbot-2.4.2.6608rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
-bbot-2.4.2.6608rc0.dist-info/METADATA,sha256=ZB2AKLHmK3TscBywNyHDAqDpd25QDc90iPu5X_NDksI,18308
-bbot-2.4.2.6608rc0.dist-info/WHEEL,sha256=fGIA9gx4Qxk2KDKeNJCbOEwSrmLtjWCwzBz351GyrPQ,88
-bbot-2.4.2.6608rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
-bbot-2.4.2.6608rc0.dist-info/RECORD,,
+bbot-2.4.2.6611rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
+bbot-2.4.2.6611rc0.dist-info/METADATA,sha256=LDoYczD9e_LGiKrrwmi9WHdJDFoT_v57p5oNaJAFfIc,18308
+bbot-2.4.2.6611rc0.dist-info/WHEEL,sha256=fGIA9gx4Qxk2KDKeNJCbOEwSrmLtjWCwzBz351GyrPQ,88
+bbot-2.4.2.6611rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
+bbot-2.4.2.6611rc0.dist-info/RECORD,,

bbot/modules/dastardly.py

@@ -1,137 +0,0 @@
-from lxml import etree
-from bbot.modules.base import BaseModule
-
-
-class dastardly(BaseModule):
-    watched_events = ["HTTP_RESPONSE"]
-    produced_events = ["FINDING", "VULNERABILITY"]
-    flags = ["active", "aggressive", "slow", "web-thorough", "deadly"]
-    meta = {
-        "description": "Lightweight web application security scanner",
-        "created_date": "2023-12-11",
-        "author": "@domwhewell-sage",
-    }
-
-    deps_pip = ["lxml~=5.3.0"]
-    deps_common = ["docker"]
-    per_hostport_only = True
-
-    default_discovery_context = "{module} performed a light web scan against {event.parent.data['url']} and discovered {event.data['description']} at {event.data['url']}"
-
-    async def setup(self):
-        await self.run_process("systemctl", "start", "docker", sudo=True)
-        await self.run_process("docker", "pull", "public.ecr.aws/portswigger/dastardly:latest", sudo=True)
-        self.output_dir = self.scan.home / "dastardly"
-        self.helpers.mkdir(self.output_dir)
-        return True
-
-    async def filter_event(self, event):
-        # Reject redirects. This helps to avoid scanning the same site twice.
-        is_redirect = str(event.data["status_code"]).startswith("30")
-        if is_redirect:
-            return False, "URL is a redirect"
-        return True
-
-    async def handle_event(self, event):
-        host = event.parsed_url._replace(path="/").geturl()
-        self.verbose(f"Running Dastardly scan against {host}")
-        command, output_file = self.construct_command(host)
-        finished_proc = await self.run_process(command, sudo=True)
-        self.debug(f"dastardly stdout: {getattr(finished_proc, 'stdout', '')}")
-        self.debug(f"dastardly stderr: {getattr(finished_proc, 'stderr', '')}")
-        for testsuite in self.parse_dastardly_xml(output_file):
-            url = testsuite.endpoint
-            for testcase in testsuite.testcases:
-                for failure in testcase.failures:
-                    if failure.severity == "Info":
-                        await self.emit_event(
-                            {
-                                "host": str(event.host),
-                                "url": url,
-                                "description": failure.instance,
-                            },
-                            "FINDING",
-                            event,
-                            context=f"{{module}} executed web scan against {host} and identified {{event.type}}: {failure.instance}",
-                        )
-                    else:
-                        await self.emit_event(
-                            {
-                                "severity": failure.severity,
-                                "host": str(event.host),
-                                "url": url,
-                                "description": failure.instance,
-                            },
-                            "VULNERABILITY",
-                            event,
-                            context=f"{{module}} executed web scan against {host} and identified {failure.severity.lower()} {{event.type}}: {failure.instance}",
-                        )
-
-    def construct_command(self, target):
-        date_time = self.helpers.make_date()
-        file_name = self.helpers.tagify(target)
-        temp_path = self.output_dir / f"{date_time}_{file_name}.xml"
-        command = [
-            "docker",
-            "run",
-            "--user",
-            "0",
-            "--rm",
-            "-v",
-            f"{self.output_dir}:/dastardly",
-            "-e",
-            f"BURP_START_URL={target}",
-            "-e",
-            f"BURP_REPORT_FILE_PATH=/dastardly/{temp_path.name}",
-            "public.ecr.aws/portswigger/dastardly:latest",
-        ]
-        return command, temp_path
-
-    def parse_dastardly_xml(self, xml_file):
-        try:
-            with open(xml_file, "rb") as f:
-                et = etree.parse(f, parser=etree.XMLParser(recover=True, resolve_entities=False))
-                for testsuite in et.iter("testsuite"):
-                    yield TestSuite(testsuite)
-        except FileNotFoundError:
-            self.debug(f"Could not find Dastardly XML file at {xml_file}")
-        except OSError as e:
-            self.verbose(f"Error opening Dastardly XML file at {xml_file}: {e}")
-        except etree.ParseError as e:
-            self.warning(f"Error parsing Dastardly XML at {xml_file}: {e}")
-
-
-class Failure:
-    def __init__(self, xml):
-        self.etree = xml
-
-        # instance information
-        self.instance = self.etree.attrib.get("message", "")
-        self.severity = self.etree.attrib.get("type", "")
-        self.text = self.etree.text
-
-
-class TestCase:
-    def __init__(self, xml):
-        self.etree = xml
-
-        # title information
-        self.title = self.etree.attrib.get("name", "")
-
-        # findings / failures(as dastardly names them)
-        self.failures = []
-        for failure in self.etree.findall("failure"):
-            self.failures.append(Failure(failure))
-
-
-class TestSuite:
-    def __init__(self, xml):
-        self.etree = xml
-
-        # endpoint information
-        self.endpoint = self.etree.attrib.get("name", "")
-
-        # test cases
-        self.testcases = []
-        for testcase in self.etree.findall("testcase"):
-            self.testcases.append(TestCase(testcase))

bbot/test/test_step_2/module_tests/test_module_dastardly.py

@@ -1,70 +0,0 @@
-import json
-from werkzeug import Response
-
-from .base import ModuleTestBase
-
-
-class TestDastardly(ModuleTestBase):
-    targets = ["http://127.0.0.1:5556/"]
-    modules_overrides = ["httpx", "dastardly"]
-    skip_distro_tests = True
-
-    web_response = """<!DOCTYPE html>
-    <html>
-    <body>
-        <a href="/test?test=yes">visit this<a/>
-    </body>
-    </html>"""
-
-    def xss_handler(self, request):
-        response = f"""<!DOCTYPE html>
-    <html>
-    <head>
-        <title>Email Form</title>
-    </head>
-    <body>
-        {request.args.get("test", "")}
-    </body>
-    </html>"""
-        return Response(response, content_type="text/html")
-
-    async def get_docker_ip(self, module_test):
-        docker_ip = "172.17.0.1"
-        try:
-            ip_output = await module_test.scan.helpers.run(["ip", "-j", "-4", "a", "show", "dev", "docker0"])
-            interface_json = json.loads(ip_output.stdout)
-            docker_ip = interface_json[0]["addr_info"][0]["local"]
-        except Exception:
-            pass
-        return docker_ip
-
-    async def setup_after_prep(self, module_test):
-        httpserver = module_test.request_fixture.getfixturevalue("bbot_httpserver_allinterfaces")
-        httpserver.expect_request("/").respond_with_data(self.web_response)
-        httpserver.expect_request("/test").respond_with_handler(self.xss_handler)
-
-        # get docker IP
-        docker_ip = await self.get_docker_ip(module_test)
-        module_test.scan.target.seeds.add(docker_ip)
-
-        # replace 127.0.0.1 with docker host IP to allow dastardly access to local http server
-        old_filter_event = module_test.module.filter_event
-
-        def new_filter_event(event):
-            self.new_url = f"http://{docker_ip}:5556/"
-            event.data["url"] = self.new_url
-            event.parsed_url = module_test.scan.helpers.urlparse(self.new_url)
-            return old_filter_event(event)
-
-        module_test.monkeypatch.setattr(module_test.module, "filter_event", new_filter_event)
-
-    def check(self, module_test, events):
-        assert 1 == len(
-            [
-                e
-                for e in events
-                if e.type == "VULNERABILITY"
-                and f"{self.new_url}test" in e.data["description"]
-                and "Cross-site scripting".lower() in e.data["description"].lower()
-            ]
-        )