bbot 2.5.0.6803rc0__py3-none-any.whl → 2.5.0.6807rc0__py3-none-any.whl

bbot/__init__.py

@@ -1,5 +1,5 @@
 # version placeholder (replaced by poetry-dynamic-versioning)
-__version__ = "v2.5.0.6803rc"
+__version__ = "v2.5.0.6807rc"
 
 from .scanner import Scanner, Preset
 

bbot/core/helpers/depsinstaller/installer.py

@@ -223,11 +223,6 @@ class DepsInstaller:
         success = True
         preloaded = self.all_modules_preloaded[module]
 
-        # ansible tasks
-        ansible_tasks = preloaded["deps"]["ansible"]
-        if ansible_tasks:
-            success &= self.tasks(module, ansible_tasks)
-
         # apt
         deps_apt = preloaded["deps"]["apt"]
         if deps_apt:
@@ -258,6 +253,11 @@ class DepsInstaller:
                 self.setup_status[dep_common] = result
                 success &= result
 
+        # ansible tasks
+        ansible_tasks = preloaded["deps"]["ansible"]
+        if ansible_tasks:
+            success &= self.tasks(module, ansible_tasks)
+
         return success
 
     async def pip_install(self, packages, constraints=None):

bbot/modules/gowitness.py

@@ -16,7 +16,7 @@ class gowitness(BaseModule):
     flags = ["active", "safe", "web-screenshots"]
     meta = {"description": "Take screenshots of webpages", "created_date": "2022-07-08", "author": "@TheTechromancer"}
     options = {
-        "version": "2.4.2",
+        "version": "3.0.5",
         "threads": 0,
         "timeout": 10,
         "resolution_x": 1440,
@@ -161,6 +161,7 @@ class gowitness(BaseModule):
                 key = e.data["url"]
             event_dict[key] = e
         stdin = "\n".join(list(event_dict))
+        self.hugeinfo(f"Gowitness input: {stdin}")
 
         try:
             async for line in self.run_process_live(self.command, input=stdin, idle_timeout=self.idle_timeout):
@@ -174,12 +175,14 @@ class gowitness(BaseModule):
         new_screenshots = await self.get_new_screenshots()
         for filename, screenshot in new_screenshots.items():
             url = screenshot["url"]
+            url = self.helpers.clean_url(url).geturl()
             final_url = screenshot["final_url"]
             filename = self.screenshot_path / screenshot["filename"]
             filename = filename.relative_to(self.scan.home)
             # NOTE: this prevents long filenames from causing problems in BBOT, but gowitness will still fail to save it.
             filename = self.helpers.truncate_filename(filename)
             webscreenshot_data = {"path": str(filename), "url": final_url}
+            self.hugewarning(event_dict)
             parent_event = event_dict[url]
             await self.emit_event(
                 webscreenshot_data,
@@ -191,11 +194,11 @@ class gowitness(BaseModule):
         # emit URLs
         new_network_logs = await self.get_new_network_logs()
         for url, row in new_network_logs.items():
-            ip = row["ip"]
+            ip = row["remote_ip"]
             status_code = row["status_code"]
             tags = [f"status-{status_code}", f"ip-{ip}", "spider-danger"]
 
-            _id = row["url_id"]
+            _id = row["result_id"]
             parent_url = self.screenshots_taken[_id]
             parent_event = event_dict[parent_url]
             if url and url.startswith("http"):
@@ -210,7 +213,7 @@ class gowitness(BaseModule):
         # emit technologies
         new_technologies = await self.get_new_technologies()
         for row in new_technologies.values():
-            parent_id = row["url_id"]
+            parent_id = row["result_id"]
             parent_url = self.screenshots_taken[parent_id]
             parent_event = event_dict[parent_url]
             technology = row["value"]
@@ -224,28 +227,29 @@ class gowitness(BaseModule):
 
     def construct_command(self):
         # base executable
-        command = ["gowitness"]
+        command = ["gowitness", "scan"]
         # chrome path
         if self.chrome_path is not None:
             command += ["--chrome-path", str(self.chrome_path)]
         # db path
-        command += ["--db-path", str(self.db_path)]
+        command += ["--write-db"]
+        command += ["--write-db-uri", f"sqlite://{self.db_path}"]
         # screenshot path
         command += ["--screenshot-path", str(self.screenshot_path)]
         # user agent
-        command += ["--user-agent", f"{self.scan.useragent}"]
+        command += ["--chrome-user-agent", f"{self.scan.useragent}"]
         # proxy
         if self.proxy:
-            command += ["--proxy", str(self.proxy)]
+            command += ["--chrome-proxy", str(self.proxy)]
         # resolution
-        command += ["--resolution-x", str(self.resolution_x)]
-        command += ["--resolution-y", str(self.resolution_y)]
-        # input
-        command += ["file", "-f", "-"]
+        command += ["--chrome-window-x", str(self.resolution_x)]
+        command += ["--chrome-window-y", str(self.resolution_y)]
         # threads
         command += ["--threads", str(self.threads)]
         # timeout
         command += ["--timeout", str(self.timeout)]
+        # input
+        command += ["file", "-f", "-"]
         return command
 
     async def get_new_screenshots(self):
@@ -254,8 +258,10 @@ class gowitness(BaseModule):
             async with aiosqlite.connect(str(self.db_path)) as con:
                 con.row_factory = aiosqlite.Row
                 con.text_factory = self.helpers.smart_decode
-                async with con.execute("SELECT * FROM urls") as cur:
+                async with con.execute("SELECT * FROM results") as cur:
+                    self.critical(f"CUR: {cur}")
                     async for row in cur:
+                        self.critical(f"SCREENSHOT: {row}")
                         row = dict(row)
                         _id = row["id"]
                         if _id not in self.screenshots_taken:
@@ -270,8 +276,9 @@ class gowitness(BaseModule):
                 con.row_factory = aiosqlite.Row
                 async with con.execute("SELECT * FROM network_logs") as cur:
                     async for row in cur:
+                        self.critical(f"NETWORK LOG: {row}")
                         row = dict(row)
-                        url = row["final_url"]
+                        url = row["url"]
                         if url not in self.connections_logged:
                             self.connections_logged.add(url)
                             network_logs[url] = row
@@ -284,6 +291,7 @@ class gowitness(BaseModule):
                 con.row_factory = aiosqlite.Row
                 async with con.execute("SELECT * FROM technologies") as cur:
                     async for row in cur:
+                        self.critical(f"TECHNOLOGY: {row}")
                         _id = row["id"]
                         if _id not in self.technologies_found:
                             self.technologies_found.add(_id)

bbot/test/conftest.py

@@ -1,8 +1,8 @@
 import os
 import ssl
 import time
-import shutil
 import pytest
+import shutil
 import asyncio
 import logging
 from pathlib import Path

bbot/test/test_step_2/module_tests/test_module_gowitness.py

@@ -51,9 +51,9 @@ class TestGowitness(ModuleTestBase):
         )
 
         screenshots_path = self.home_dir / "scans" / module_test.scan.name / "gowitness" / "screenshots"
-        screenshots = list(screenshots_path.glob("*.png"))
+        screenshots = list(screenshots_path.glob("*.jpeg"))
         assert len(screenshots) == 1, (
-            f"{len(screenshots):,} .png files found at {screenshots_path}, should have been 1"
+            f"{len(screenshots):,} .jpeg files found at {screenshots_path}, should have been 1"
         )
         assert 1 == len([e for e in events if e.type == "URL" and e.data == "http://127.0.0.1:8888/"])
         assert 1 == len(
@@ -74,9 +74,9 @@ class TestGowitness_Social(TestGowitness):
 
     def check(self, module_test, events):
         screenshots_path = self.home_dir / "scans" / module_test.scan.name / "gowitness" / "screenshots"
-        screenshots = list(screenshots_path.glob("*.png"))
+        screenshots = list(screenshots_path.glob("*.jpeg"))
         assert len(screenshots) == 2, (
-            f"{len(screenshots):,} .png files found at {screenshots_path}, should have been 2"
+            f"{len(screenshots):,} .jpeg files found at {screenshots_path}, should have been 2"
         )
         assert 2 == len([e for e in events if e.type == "WEBSCREENSHOT"])
         assert 1 == len(
@@ -86,7 +86,7 @@ class TestGowitness_Social(TestGowitness):
                 if e.type == "WEBSCREENSHOT" and e.data["url"] == "http://127.0.0.1:8888/blacklanternsecurity"
             ]
         )
-        assert 1 == len(
+        assert len(
             [
                 e
                 for e in events

{bbot-2.5.0.6803rc0.dist-info → bbot-2.5.0.6807rc0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: bbot
-Version: 2.5.0.6803rc0
+Version: 2.5.0.6807rc0
 Summary: OSINT automation for hackers.
 License: GPL-3.0
 Keywords: python,cli,automation,osint,threat-intel,intelligence,neo4j,scanner,python-library,hacking,recursion,pentesting,recon,command-line-tool,bugbounty,subdomains,security-tools,subdomain-scanner,osint-framework,attack-surface,subdomain-enumeration,osint-tool

{bbot-2.5.0.6803rc0.dist-info → bbot-2.5.0.6807rc0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-bbot/__init__.py,sha256=psvZSLfHy5t3AIe_f5WcJGV67hsBRzebgolsC2TQ89Y,163
+bbot/__init__.py,sha256=mXR46kJz4_7NK7UMuE16LjE9yGcgU-aGNljCPSHMGLA,163
 bbot/cli.py,sha256=1QJbANVw9Q3GFM92H2QRV2ds5756ulm08CDZwzwPpeI,11888
 bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
 bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
@@ -16,7 +16,7 @@ bbot/core/helpers/bloom.py,sha256=gk02rO6x3F5MICa7ZUDsinRudwoGAifsbiyiMCwd0Gs,27
 bbot/core/helpers/cache.py,sha256=1aMr3HVD45cDtHEG5xlznDUCywRgO9oRFidscrs_5sA,1537
 bbot/core/helpers/command.py,sha256=ZiLp71iEEcnnHLkvyD_TVeBKl9Uz9PGpTcpl9EHLCgQ,12938
 bbot/core/helpers/depsinstaller/__init__.py,sha256=C2jF_ymSPIO68F649csYQql37ppPfUjFc8eq8LhgDkQ,66
-bbot/core/helpers/depsinstaller/installer.py,sha256=eos-Q9KUPHQRUU8iRiT5pVJccuHaLouMxxFvjPgR_1s,22154
+bbot/core/helpers/depsinstaller/installer.py,sha256=6_7SehcsYRVoU9gYzve85Y5PIzJQUBCgf8THCsqjaAM,22154
 bbot/core/helpers/depsinstaller/sudo_askpass.py,sha256=yGa2OQv30RO75QkMuG1iruKqb7amQxRVRRcHmvIeGhk,1276
 bbot/core/helpers/diff.py,sha256=X9MnHfz3IjWhD2grYTHzVPYoiWI9ZqjJul2Bp_BRGcE,10841
 bbot/core/helpers/dns/__init__.py,sha256=SboBeh4o81Xd4mAKhV10QzoRPDH4g28xC5PZVqVmJ28,35
@@ -113,7 +113,7 @@ bbot/modules/github_usersearch.py,sha256=G8knkQBJsn7EKcMhcEaFPiB_Y5S96e2VaseBubs
 bbot/modules/github_workflows.py,sha256=xKntAFDeGuE4MqbEmhJyYXKbzoSh9tWYlHNlnF37PYA,10040
 bbot/modules/gitlab.py,sha256=9oWWpBijeHCjuFBfWW4HvNqt7bvJvrBgBjaaz_UPPnE,5964
 bbot/modules/google_playstore.py,sha256=N4QjzQag_bgDXfX17rytBiiWA-SQtYI2N0J_ZNEOdv0,3701
-bbot/modules/gowitness.py,sha256=o4nIBbHVX9tYVW9CpwTsaftWDZu41nhxS0KEp4FoiBs,13003
+bbot/modules/gowitness.py,sha256=ioh66xQEQ3dz7FfZzR5dPNFdELhJrwiOIm3nGvYl8n8,13466
 bbot/modules/graphql_introspection.py,sha256=-BAzNhBegup2sIYQdJ0jcafZFTGTZl3WoMygilyvfVA,4144
 bbot/modules/hackertarget.py,sha256=IsKs9PtxUHdLJKZydlRdW_loBE2KphQYi3lKDAd4odc,1029
 bbot/modules/host_header.py,sha256=uDjwidMdeNPMRfzQ2YW4REEGsZqnGOZHbOS6GgdNd9s,7686
@@ -261,7 +261,7 @@ bbot/scanner/target.py,sha256=lI0Tn5prQiPiJE3WW-ZLx_l6EFqzAVabtyL-nfXJ8cE,10636
 bbot/scripts/docs.py,sha256=aYAHlcHtMAhM-XGTDiSpzccnX1dh0Xi_WxmC2bgylQ4,11373
 bbot/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 bbot/test/bbot_fixtures.py,sha256=XrCQDLVe80BG3QTUDnXb0y-cWnBpJJoRh2Z3J3xJn_w,9961
-bbot/test/conftest.py,sha256=OacpJ98g00HqCoHpEnuzzMK47LkbZdJWr25Pm0SbTM0,11783
+bbot/test/conftest.py,sha256=194ckIxGs5EUp2wa1VOIFwClavFSlIPOKU5tKjAaN4k,11783
 bbot/test/coverage.cfg,sha256=ko9RacAYsJxWJCL8aEuNtkAOtP9lexYiDbeFWe8Tp8Y,31
 bbot/test/fastapi_test.py,sha256=9OhOFRyagXTshMsnuzuKIcR4uzS6VW65m7h9KgB4jSA,381
 bbot/test/owasp_mastg.apk,sha256=Hai_V9JmEJ-aB8Ab9xEaGXXOAfGQudkUvNOuPb75byE,66651
@@ -364,7 +364,7 @@ bbot/test/test_step_2/module_tests/test_module_github_usersearch.py,sha256=IIQ0t
 bbot/test/test_step_2/module_tests/test_module_github_workflows.py,sha256=o_teEaskm3H22QEKod5KJayFvvcgOQoG4eItGWv8C8E,38006
 bbot/test/test_step_2/module_tests/test_module_gitlab.py,sha256=fnwE7BWTU6EQquKdGLCiaX_LwVwvzOLev3Y9GheTLSY,11859
 bbot/test/test_step_2/module_tests/test_module_google_playstore.py,sha256=uTRqpAGI9HI-rOk_6jdV44OoSqi0QQQ3aTVzvuV0dtc,3034
-bbot/test/test_step_2/module_tests/test_module_gowitness.py,sha256=EH3NIMDA3XgZz1yffu-PnRCrlZJODakGPfzgnU7Ls_s,6501
+bbot/test/test_step_2/module_tests/test_module_gowitness.py,sha256=8kSeBowX4eejMW791mIaFqP9SDn1l2EDRJatvmZVWug,6500
 bbot/test/test_step_2/module_tests/test_module_graphql_introspection.py,sha256=qac8DJ_exe6Ra4UgRvVMSdgBhLIZP9lmXyKhi9RPOK8,1241
 bbot/test/test_step_2/module_tests/test_module_hackertarget.py,sha256=ldhNKxGk5fwq87zVptQDyfQ-cn3FzbWvpadKEO3h4ic,609
 bbot/test/test_step_2/module_tests/test_module_host_header.py,sha256=w1x0MyKNiUol4hlw7CijhMwEMEL5aBddbZZjOcEgv_k,2672
@@ -453,8 +453,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ZSIVebs7ptMvHx
 bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
 bbot/wordlists/valid_url_schemes.txt,sha256=0B_VAr9Dv7aYhwi6JSBDU-3M76vNtzN0qEC_RNLo7HE,3310
 bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
-bbot-2.5.0.6803rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
-bbot-2.5.0.6803rc0.dist-info/METADATA,sha256=RafoLsvxll-6fDNfVENz3dKWCZBy4nwrtx3qVZfkjw0,18308
-bbot-2.5.0.6803rc0.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
-bbot-2.5.0.6803rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
-bbot-2.5.0.6803rc0.dist-info/RECORD,,
+bbot-2.5.0.6807rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
+bbot-2.5.0.6807rc0.dist-info/METADATA,sha256=ZU7RYR_FtYAUEZ3P_OtV8slLhE7G-LXXGHV_7OrKYbo,18308
+bbot-2.5.0.6807rc0.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
+bbot-2.5.0.6807rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
+bbot-2.5.0.6807rc0.dist-info/RECORD,,