bbot 2.6.0.6856rc0__py3-none-any.whl → 2.6.0.6879rc0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of bbot might be problematic. Click here for more details.
- bbot/__init__.py +1 -1
- bbot/core/helpers/misc.py +7 -4
- bbot/core/helpers/regexes.py +25 -8
- bbot/test/test_step_1/test_helpers.py +1 -0
- bbot/test/test_step_1/test_regexes.py +21 -4
- {bbot-2.6.0.6856rc0.dist-info → bbot-2.6.0.6879rc0.dist-info}/METADATA +1 -1
- {bbot-2.6.0.6856rc0.dist-info → bbot-2.6.0.6879rc0.dist-info}/RECORD +10 -10
- {bbot-2.6.0.6856rc0.dist-info → bbot-2.6.0.6879rc0.dist-info}/LICENSE +0 -0
- {bbot-2.6.0.6856rc0.dist-info → bbot-2.6.0.6879rc0.dist-info}/WHEEL +0 -0
- {bbot-2.6.0.6856rc0.dist-info → bbot-2.6.0.6879rc0.dist-info}/entry_points.txt +0 -0
bbot/__init__.py
CHANGED
bbot/core/helpers/misc.py
CHANGED
|
@@ -216,26 +216,29 @@ def split_host_port(d):
|
|
|
216
216
|
host = None
|
|
217
217
|
port = None
|
|
218
218
|
scheme = None
|
|
219
|
+
|
|
220
|
+
# first, try to parse as an IP address
|
|
219
221
|
if is_ip(d):
|
|
220
222
|
return make_ip_type(d), port
|
|
221
223
|
|
|
224
|
+
# if not an IP address, try to parse as a host:port
|
|
222
225
|
match = bbot_regexes.split_host_port_regex.match(d)
|
|
223
226
|
if match is None:
|
|
224
|
-
raise ValueError(f'
|
|
227
|
+
raise ValueError(f'split_host_port() failed to parse "{d}"')
|
|
225
228
|
scheme = match.group("scheme")
|
|
226
229
|
netloc = match.group("netloc")
|
|
227
230
|
if netloc is None:
|
|
228
|
-
raise ValueError(f'
|
|
231
|
+
raise ValueError(f'split_host_port() failed to parse "{d}"')
|
|
229
232
|
|
|
230
233
|
match = bbot_regexes.extract_open_port_regex.match(netloc)
|
|
231
234
|
if match is None:
|
|
232
|
-
raise ValueError(f'
|
|
235
|
+
raise ValueError(f'split_host_port() failed to parse netloc "{netloc}" (original value: {d})')
|
|
233
236
|
|
|
234
237
|
host = match.group(2)
|
|
235
238
|
if host is None:
|
|
236
239
|
host = match.group(1)
|
|
237
240
|
if host is None:
|
|
238
|
-
raise ValueError(f'
|
|
241
|
+
raise ValueError(f'split_host_port() failed to locate host in netloc "{netloc}" (original value: {d})')
|
|
239
242
|
|
|
240
243
|
port = match.group(3)
|
|
241
244
|
if port is None and scheme is not None:
|
bbot/core/helpers/regexes.py
CHANGED
|
@@ -23,13 +23,28 @@ num_regex = re.compile(r"\d+")
|
|
|
23
23
|
_ipv4_regex = r"(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(?:\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}"
|
|
24
24
|
ipv4_regex = re.compile(_ipv4_regex, re.I)
|
|
25
25
|
|
|
26
|
-
# IPv6
|
|
27
|
-
#
|
|
28
|
-
# (
|
|
29
|
-
#
|
|
30
|
-
#
|
|
31
|
-
|
|
32
|
-
|
|
26
|
+
# IPv6 regex breakdown:
|
|
27
|
+
#
|
|
28
|
+
# (?: # —— address body ——
|
|
29
|
+
# We have to individually account for all possible variations of: "N left hextets :: M right hextets" with N+M ≤ 8 or fully expanded 8 hextets.
|
|
30
|
+
# (?:[A-F0-9]{1,4}:){7}[A-F0-9]{1,4} # 8 hextets, no compression.
|
|
31
|
+
# | (?:[A-F0-9]{1,4}:){1,7}: # 1–7 left, then "::" (0 right).
|
|
32
|
+
# | (?:[A-F0-9]{1,4}:){1,6}:[A-F0-9]{1,4} # 1–6 left, "::", 1 right.
|
|
33
|
+
# | (?:[A-F0-9]{1,4}:){1,5}(?::[A-F0-9]{1,4}){1,2} # 1–5 left, "::", 1–2 right.
|
|
34
|
+
# | (?:[A-F0-9]{1,4}:){1,4}(?::[A-F0-9]{1,4}){1,3} # 1–4 left, "::", 1–3 right.
|
|
35
|
+
# | (?:[A-F0-9]{1,4}:){1,3}(?::[A-F0-9]{1,4}){1,4} # 1–3 left, "::", 1–4 right.
|
|
36
|
+
# | (?:[A-F0-9]{1,4}:){1,2}(?::[A-F0-9]{1,4}){1,5} # 1–2 left, "::", 1–5 right.
|
|
37
|
+
# | [A-F0-9]{1,4}:(?::[A-F0-9]{1,4}){1,6} # 1 left, "::", 1–6 right.
|
|
38
|
+
# | :(?::[A-F0-9]{1,4}){1,7} # 0 left, "::", 1–7 right.
|
|
39
|
+
# | :: # all zeros.
|
|
40
|
+
# )
|
|
41
|
+
#
|
|
42
|
+
# Notes:
|
|
43
|
+
# - Does not match IPv4-embedded forms (e.g., ::ffff:192.0.2.1).
|
|
44
|
+
# - Does not match zone IDs (e.g., %eth0).
|
|
45
|
+
# - Pure syntax check; will not validate special ranges.
|
|
46
|
+
|
|
47
|
+
_ipv6_regex = r"(?:(?:[A-F0-9]{1,4}:){7}[A-F0-9]{1,4}|(?:[A-F0-9]{1,4}:){1,7}:|(?:[A-F0-9]{1,4}:){1,6}:[A-F0-9]{1,4}|(?:[A-F0-9]{1,4}:){1,5}(?::[A-F0-9]{1,4}){1,2}|(?:[A-F0-9]{1,4}:){1,4}(?::[A-F0-9]{1,4}){1,3}|(?:[A-F0-9]{1,4}:){1,3}(?::[A-F0-9]{1,4}){1,4}|(?:[A-F0-9]{1,4}:){1,2}(?::[A-F0-9]{1,4}){1,5}|[A-F0-9]{1,4}:(?::[A-F0-9]{1,4}){1,6}|:(?::[A-F0-9]{1,4}){1,7}|::)"
|
|
33
48
|
ipv6_regex = re.compile(_ipv6_regex, re.I)
|
|
34
49
|
|
|
35
50
|
_ip_range_regexes = (
|
|
@@ -173,7 +188,9 @@ button_tag_regex2 = re.compile(
|
|
|
173
188
|
)
|
|
174
189
|
tag_attribute_regex = re.compile(r"<[^>]*(?:href|action|src)\s*=\s*[\"\']?(?!mailto:)([^\'\"\>]+)[\"\']?[^>]*>")
|
|
175
190
|
|
|
176
|
-
|
|
191
|
+
_invalid_netloc_chars = r"\s!@#$%^&()=/?\\'\";~`<>"
|
|
192
|
+
# first char must not be a colon, even though it's a valid char for a netloc
|
|
193
|
+
valid_netloc = r"[^" + (_invalid_netloc_chars + ":") + r"]{1}[^" + _invalid_netloc_chars + "]*"
|
|
177
194
|
|
|
178
195
|
_split_host_port_regex = r"(?:(?P<scheme>[a-z0-9]{1,20})://)?(?:[^?]*@)?(?P<netloc>" + valid_netloc + ")"
|
|
179
196
|
split_host_port_regex = re.compile(_split_host_port_regex, re.I)
|
|
@@ -155,6 +155,7 @@ async def test_helpers_misc(helpers, scan, bbot_scanner, bbot_httpserver):
|
|
|
155
155
|
assert helpers.extract_host("https://[dead::beef]:22?a=b") == ("dead::beef", "https://[", "]:22?a=b")
|
|
156
156
|
assert helpers.extract_host("https://[dead::beef]/?a=b") == ("dead::beef", "https://[", "]/?a=b")
|
|
157
157
|
assert helpers.extract_host("https://[dead::beef]?a=b") == ("dead::beef", "https://[", "]?a=b")
|
|
158
|
+
assert helpers.extract_host("https://[::1]") == ("::1", "https://[", "]")
|
|
158
159
|
assert helpers.extract_host("ftp://username:password@my-ftp.com/my-file.csv") == (
|
|
159
160
|
"my-ftp.com",
|
|
160
161
|
"ftp://username:password@",
|
|
@@ -6,9 +6,6 @@ from bbot.core.helpers import regexes
|
|
|
6
6
|
from bbot.errors import ValidationError
|
|
7
7
|
from bbot.core.event.helpers import EventSeed
|
|
8
8
|
|
|
9
|
-
# NOTE: :2001:db8:: will currently cause an exception...
|
|
10
|
-
# e.g. raised unknown error: split_port() failed to parse netloc ":2001:db8::"
|
|
11
|
-
|
|
12
9
|
|
|
13
10
|
def test_ip_regexes():
|
|
14
11
|
bad_ip = [
|
|
@@ -23,6 +20,15 @@ def test_ip_regexes():
|
|
|
23
20
|
"2001:db8:g::", # includes non-hex character,
|
|
24
21
|
"2001.db8.80", # weird dot separated thing that might actually resolve as a DNS_NAME
|
|
25
22
|
"9e:3e:53:29:43:64", # MAC address, poor regex patterning will often detect these.
|
|
23
|
+
"2001:db8:1:2:3:4:5", # only 7 groups, no zero-compression
|
|
24
|
+
"2001:db8:1:2:3:4:5:6:7", # too many groups
|
|
25
|
+
"2001:db8::1::1", # multiple ::
|
|
26
|
+
"2001:db8::zzzz", # non-hex character
|
|
27
|
+
"2001:db8::12345", # hex value too long
|
|
28
|
+
":2001:db8::1", # starts with :
|
|
29
|
+
":2001:db8::", # starts with :
|
|
30
|
+
"cafe:80", # looks like open port
|
|
31
|
+
"12:34:56:78:9A:BC", # mac address
|
|
26
32
|
]
|
|
27
33
|
|
|
28
34
|
good_ip = [
|
|
@@ -46,6 +52,17 @@ def test_ip_regexes():
|
|
|
46
52
|
"1::1",
|
|
47
53
|
"ffff::ffff",
|
|
48
54
|
"ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",
|
|
55
|
+
"2001:db8::ff00:42:8329",
|
|
56
|
+
"2001:0db8:0000:0000:0000:0000:0000:0001",
|
|
57
|
+
"2001:db8:0:0:0:0:0:1",
|
|
58
|
+
"2001:db8::1",
|
|
59
|
+
"2001:db8::dead:beef",
|
|
60
|
+
"2001:db8:1:2:3:4:5:6",
|
|
61
|
+
"2001:db8:1:2:3:4:5:ffff",
|
|
62
|
+
"::",
|
|
63
|
+
"::ffff",
|
|
64
|
+
"::dead:beef",
|
|
65
|
+
"::DEAD:BEEF",
|
|
49
66
|
]
|
|
50
67
|
|
|
51
68
|
ip_address_regexes = regexes.event_type_regexes["IP_ADDRESS"]
|
|
@@ -61,7 +78,7 @@ def test_ip_regexes():
|
|
|
61
78
|
if ip.startswith("["):
|
|
62
79
|
assert ip == "[2001:db8::]:80"
|
|
63
80
|
else:
|
|
64
|
-
assert ip
|
|
81
|
+
assert ip in ("cafe:80", "203.0.113.0:80")
|
|
65
82
|
continue
|
|
66
83
|
if event_type == "DNS_NAME":
|
|
67
84
|
if ip.startswith("2001"):
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.3
|
|
2
2
|
Name: bbot
|
|
3
|
-
Version: 2.6.0.
|
|
3
|
+
Version: 2.6.0.6879rc0
|
|
4
4
|
Summary: OSINT automation for hackers.
|
|
5
5
|
License: GPL-3.0
|
|
6
6
|
Keywords: python,cli,automation,osint,threat-intel,intelligence,neo4j,scanner,python-library,hacking,recursion,pentesting,recon,command-line-tool,bugbounty,subdomains,security-tools,subdomain-scanner,osint-framework,attack-surface,subdomain-enumeration,osint-tool
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
bbot/__init__.py,sha256=
|
|
1
|
+
bbot/__init__.py,sha256=0zLArYXvP2IYuEdyudSmse_PpwWOH8rmqpQc9oijqpY,163
|
|
2
2
|
bbot/cli.py,sha256=1QJbANVw9Q3GFM92H2QRV2ds5756ulm08CDZwzwPpeI,11888
|
|
3
3
|
bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
|
|
4
4
|
bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
|
|
@@ -29,13 +29,13 @@ bbot/core/helpers/files.py,sha256=9tVr3973QvX8l6o3TweD5_MCZiQpuJVffbzW0U7Z30U,57
|
|
|
29
29
|
bbot/core/helpers/helper.py,sha256=u-q_Ka9pY1atvC-FChxYpURM7b3_0gaCNIHSG__Wi74,8538
|
|
30
30
|
bbot/core/helpers/interactsh.py,sha256=VBYYH6-rWBofRsgemndK6iZNmyifOps8vgQOw2mac4k,12624
|
|
31
31
|
bbot/core/helpers/libmagic.py,sha256=QMHyxjgDLb2jyjBvK1MQ-xt6WkGXhKcHu9ZP1li-sik,3460
|
|
32
|
-
bbot/core/helpers/misc.py,sha256=
|
|
32
|
+
bbot/core/helpers/misc.py,sha256=kQzxGBvD87nyEIXiT8JjIpPh5KKC_rKyHrOVoPG14cw,89035
|
|
33
33
|
bbot/core/helpers/names_generator.py,sha256=zmo4MyuOnAYjiUDiORhq9T9bHmA_gW72Y2kHMAqVENU,10594
|
|
34
34
|
bbot/core/helpers/ntlm.py,sha256=P2Xj4-GPos2iAzw4dfk0FJp6oGyycGhu2x6sLDVjYjs,2573
|
|
35
35
|
bbot/core/helpers/process.py,sha256=00uRpLMFi3Pt3uT8qXwAIhsXdoa7h-ifoXh0sGYgwqs,1702
|
|
36
36
|
bbot/core/helpers/ratelimiter.py,sha256=fQp5mKfqfCkDkZzgntDu4NWlRsWSMCto0V8vaV8-34k,2115
|
|
37
37
|
bbot/core/helpers/regex.py,sha256=02gRS9DZjGfyuc16SsC9vSweBy6ATV3cz23LZMLgjoo,4578
|
|
38
|
-
bbot/core/helpers/regexes.py,sha256=
|
|
38
|
+
bbot/core/helpers/regexes.py,sha256=8bPyUKQJZ6Oor5wuJ4n4VJ0R8zPDrOAIdZ4GRU57OMA,8771
|
|
39
39
|
bbot/core/helpers/url.py,sha256=eunp4PNNulhitjDpl9tXJkgbTmLgGXmPaGAEaExRqTY,6352
|
|
40
40
|
bbot/core/helpers/validators.py,sha256=-WBYvjlwi5SsVtn_LankKGI8vaBza2NqvM1lGbVmiN4,9711
|
|
41
41
|
bbot/core/helpers/web/__init__.py,sha256=tSDInpfUIj9Gi0m4Icwbrx21uc6Jj1-keE7SIfO9g20,35
|
|
@@ -282,13 +282,13 @@ bbot/test/test_step_1/test_engine.py,sha256=3HkCPtYhUxiZzfA-BRHpLsyaRj9wIXKbb49B
|
|
|
282
282
|
bbot/test/test_step_1/test_event_seeds.py,sha256=s_0BRqkahX4MYYqkmPqgcCsFrMbiXdTfLuKqNU2jkEU,6652
|
|
283
283
|
bbot/test/test_step_1/test_events.py,sha256=Evm_rw5Y6W3H6eAGTlNcSWGALVo9PpKi_Rs80trPuXE,54312
|
|
284
284
|
bbot/test/test_step_1/test_files.py,sha256=5Q_3jPpMXULxDHsanSDUaj8zF8bXzKdiJZHOmoYpLhQ,699
|
|
285
|
-
bbot/test/test_step_1/test_helpers.py,sha256=
|
|
285
|
+
bbot/test/test_step_1/test_helpers.py,sha256=7GP6-95yWRBGhx0-p6N7zZVEDcF9EO9wc0rkhs1JDsg,40281
|
|
286
286
|
bbot/test/test_step_1/test_manager_deduplication.py,sha256=hZQpDXzg6zvzxFolVOcJuY-ME8NXjZUsqS70BRNXp8A,15594
|
|
287
287
|
bbot/test/test_step_1/test_manager_scope_accuracy.py,sha256=JV1bQHt9EIM0GmGS4T4Brz_L2lfcwTxtNC06cfv7r64,79763
|
|
288
288
|
bbot/test/test_step_1/test_modules_basic.py,sha256=ELpGlsthSq8HaxB5My8-ESVHqMxqdL5Of0STMIyaWzA,20001
|
|
289
289
|
bbot/test/test_step_1/test_presets.py,sha256=HnJhKwDnVh9Y6adgxqe85677rWpnFil_WS5GjX21ZvM,40959
|
|
290
290
|
bbot/test/test_step_1/test_python_api.py,sha256=Fk5bxEsPSjsMZ_CcRMTJft8I48EizwHJivG9Fy4jIu0,5502
|
|
291
|
-
bbot/test/test_step_1/test_regexes.py,sha256=
|
|
291
|
+
bbot/test/test_step_1/test_regexes.py,sha256=GEJE4NY6ge0WnG3BcFgRiT78ksy2xpFk6UdS9vGQMPs,15254
|
|
292
292
|
bbot/test/test_step_1/test_scan.py,sha256=vnUF646MinLTdRAD_AwZ5sAqq6gmoHV7WlgNp5sjc_M,10875
|
|
293
293
|
bbot/test/test_step_1/test_scope.py,sha256=S2nssENKJKCvgXUMyU8MFQmXHeUIz0C_sbWGkdYti2A,3063
|
|
294
294
|
bbot/test/test_step_1/test_target.py,sha256=4Xz6Fns_6wa2O3AXDBvd7W04LCfZSCiit2lezQJicTI,19472
|
|
@@ -453,8 +453,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ZSIVebs7ptMvHx
|
|
|
453
453
|
bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
|
|
454
454
|
bbot/wordlists/valid_url_schemes.txt,sha256=0B_VAr9Dv7aYhwi6JSBDU-3M76vNtzN0qEC_RNLo7HE,3310
|
|
455
455
|
bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
|
|
456
|
-
bbot-2.6.0.
|
|
457
|
-
bbot-2.6.0.
|
|
458
|
-
bbot-2.6.0.
|
|
459
|
-
bbot-2.6.0.
|
|
460
|
-
bbot-2.6.0.
|
|
456
|
+
bbot-2.6.0.6879rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
|
|
457
|
+
bbot-2.6.0.6879rc0.dist-info/METADATA,sha256=SXUifolZS0-aYkrdnMuC1pRGhEvZ6oR-GwVsZqMd0j4,18308
|
|
458
|
+
bbot-2.6.0.6879rc0.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
|
|
459
|
+
bbot-2.6.0.6879rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
|
|
460
|
+
bbot-2.6.0.6879rc0.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|