secator 0.0.1__py3-none-any.whl → 0.3.5__py3-none-any.whl

secator/tasks/maigret.py

@@ -4,7 +4,7 @@ import os
 import re
 
 from secator.decorators import task
-from secator.definitions import (DELAY, EXTRA_DATA, OPT_NOT_SUPPORTED, PROXY,
+from secator.definitions import (DELAY, EXTRA_DATA, OPT_NOT_SUPPORTED, OUTPUT_PATH, PROXY,
 								 RATE_LIMIT, RETRIES, SITE_NAME, THREADS,
 								 TIMEOUT, URL, USERNAME)
 from secator.output_types import UserAccount
@@ -41,7 +41,7 @@ class maigret(ReconUser):
 			EXTRA_DATA: lambda x: x['status'].get('ids', {})
 		}
 	}
-	install_cmd = 'pip3 install maigret'
+	install_cmd = 'pipx install git+https://github.com/soxoj/maigret@6be2f409e58056b1ca8571a8151e53bef107dedc'
 	socks5_proxy = True
 	profile = 'io'
 
@@ -70,7 +70,7 @@ class maigret(ReconUser):
 
 	@staticmethod
 	def on_init(self):
-		output_path = self.get_opt_value('output_path')
+		output_path = self.get_opt_value(OUTPUT_PATH)
 		self.output_path = output_path
 
 	@staticmethod

secator/tasks/mapcidr.py

@@ -14,6 +14,7 @@ class mapcidr(ReconIp):
 	input_flag = '-cidr'
 	file_flag = '-cl'
 	install_cmd = 'go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest'
+	install_github_handle = 'projectdiscovery/mapcidr'
 	input_type = CIDR_RANGE
 	output_types = [Ip]
 	opt_key_map = {

secator/tasks/msfconsole.py

@@ -18,6 +18,7 @@ logger = logging.getLogger(__name__)
 class msfconsole(VulnMulti):
 	"""CLI to access and work with the Metasploit Framework."""
 	cmd = 'msfconsole --quiet'
+	version_flag = OPT_NOT_SUPPORTED
 	input_type = HOST
 	input_chunk_size = 1
 	output_types = []
@@ -44,6 +45,7 @@ class msfconsole(VulnMulti):
 	}
 	encoding = 'ansi'
 	ignore_return_code = True
+	# install_cmd = 'wget -O - https://raw.githubusercontent.com/freelabz/secator/main/scripts/msfinstall.sh | sh'
 
 	@staticmethod
 	def validate_input(self, input):
@@ -133,7 +135,7 @@ class msfconsole(VulnMulti):
 #         self.client = MsfRpcClient(pw, ssl=True, **run_opts)
 #
 #     # def start_msgrpc(self):
-#     #     code, out = run_command(f'msfrpcd -P {self.password}')
+#     #     code, out = Command.execute(f'msfrpcd -P {self.password}')
 #     #     logger.info(out)
 #
 #     def get_lhost(self):

secator/tasks/naabu.py

@@ -45,7 +45,8 @@ class naabu(ReconPort):
 		}
 	}
 	output_types = [Port]
-	install_cmd = 'sudo apt install -y libpcap-dev && go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest'
+	install_cmd = 'sudo apt install -y build-essential libpcap-dev && go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest'  # noqa: E501
+	install_github_handle = 'projectdiscovery/naabu'
 	proxychains = False
 	proxy_socks5 = True
 	proxy_http = False

secator/tasks/nmap.py

@@ -5,16 +5,15 @@ import re
 import xmltodict
 
 from secator.decorators import task
-from secator.definitions import (CONFIDENCE, CVSS_SCORE, DATA_FOLDER, DELAY,
+from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY,
 								 DESCRIPTION, EXTRA_DATA, FOLLOW_REDIRECT,
 								 HEADER, HOST, ID, IP, MATCHED_AT, NAME,
-								 OPT_NOT_SUPPORTED, PORT, PORTS, PROVIDER,
+								 OPT_NOT_SUPPORTED, OUTPUT_PATH, PORT, PORTS, PROVIDER,
 								 PROXY, RATE_LIMIT, REFERENCE, REFERENCES,
 								 RETRIES, SCRIPT, SERVICE_NAME, STATE, TAGS,
 								 THREADS, TIMEOUT, USER_AGENT)
 from secator.output_types import Exploit, Port, Vulnerability
 from secator.tasks._categories import VulnMulti
-from secator.utils import get_file_timestamp
 
 logger = logging.getLogger(__name__)
 
@@ -31,6 +30,8 @@ class nmap(VulnMulti):
 	opts = {
 		PORTS: {'type': str, 'help': 'Ports to scan', 'short': 'p'},
 		SCRIPT: {'type': str, 'default': 'vulners', 'help': 'NSE scripts'},
+		# 'tcp_connect': {'type': bool, 'short': 'sT', 'default': False, 'help': 'TCP Connect scan'},
+		'tcp_syn_stealth': {'is_flag': True, 'short': 'sS', 'default': False, 'help': 'TCP SYN Stealth'},
 		'output_path': {'type': str, 'short': 'oX', 'default': None, 'help': 'Output XML file path'}
 	}
 	opt_key_map = {
@@ -61,6 +62,14 @@ class nmap(VulnMulti):
 	proxy_http = False
 	profile = 'io'
 
+	@staticmethod
+	def on_init(self):
+		output_path = self.get_opt_value(OUTPUT_PATH)
+		if not output_path:
+			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.xml'
+		self.output_path = output_path
+		self.cmd += f' -oX {self.output_path}'
+
 	def yielder(self):
 		yield from super().yielder()
 		if self.return_code != 0:
@@ -86,15 +95,6 @@ class nmap(VulnMulti):
 		results['_host'] = self.input
 		return nmapData(results)
 
-	@staticmethod
-	def on_init(self):
-		output_path = self.get_opt_value('output_path')
-		if not output_path:
-			timestr = get_file_timestamp()
-			output_path = f'{DATA_FOLDER}/nmap_{timestr}.xml'
-		self.output_path = output_path
-		self.cmd += f' -oX {self.output_path}'
-
 
 class nmapData(dict):
 
@@ -279,7 +279,7 @@ class nmapData(dict):
 				vuln_data = VulnMulti.lookup_cve(vuln['id'], cpes=cpes)
 				if vuln_data:
 					vuln.update(vuln_data)
-					yield vuln
+				yield vuln
 			else:
 				# logger.debug(f'Vulscan provider {provider_name} is not supported YET.')
 				continue
@@ -334,11 +334,8 @@ class nmapData(dict):
 					vuln_data = VulnMulti.lookup_cve(vuln_id, cpes=cpes)
 					if vuln_data:
 						vuln.update(vuln_data)
-						yield vuln
+					yield vuln
 				else:
 					logger.debug(f'Vulners parser for "{vuln_type}" is not implemented YET.')
 			else:
 				logger.error(f'Unrecognized vulners output: {elems}')
-
-	def _parse_http_csrf_output(self, out, port_data):
-		pass

secator/tasks/nuclei.py

@@ -21,7 +21,7 @@ class nuclei(VulnMulti):
 		'tags': {'type': str, 'help': 'Tags'},
 		'exclude_tags': {'type': str, 'short': 'etags', 'help': 'Exclude tags'},
 		'exclude_severity': {'type': str, 'short': 'es', 'help': 'Exclude severity'},
-		'template_id': {'type': str, 'short': 'id', 'help': 'Template id'},
+		'template_id': {'type': str, 'short': 'tid', 'help': 'Template id'},
 		'debug': {'type': str, 'help': 'Debug mode'},
 	}
 	opt_key_map = {
@@ -67,7 +67,8 @@ class nuclei(VulnMulti):
 		}
 	}
 	ignore_return_code = True
-	install_cmd = 'go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest'
+	install_cmd = 'go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest && nuclei update-templates'
+	install_github_handle = 'projectdiscovery/nuclei'
 	proxychains = False
 	proxy_socks5 = True  # kind of, leaks data when running network / dns templates
 	proxy_http = True  # same
@@ -85,7 +86,7 @@ class nuclei(VulnMulti):
 		data = {}
 		data['data'] = item.get('extracted-results', [])
 		data['template_id'] = item['template-id']
-		data['template_url'] = item['template-url']
+		data['template_url'] = item.get('template-url', '')
 		return data
 
 	@staticmethod

secator/tasks/searchsploit.py

@@ -1,6 +1,6 @@
 from secator.decorators import task
 from secator.definitions import (CVES, EXTRA_DATA, ID, MATCHED_AT, NAME,
-								 PROVIDER, REFERENCE, TAGS)
+								 PROVIDER, REFERENCE, TAGS, OPT_NOT_SUPPORTED)
 from secator.output_types import Exploit
 from secator.runners import Command
 
@@ -11,6 +11,7 @@ class searchsploit(Command):
 	cmd = 'searchsploit'
 	input_flag = None
 	json_flag = '--json'
+	version_flag = OPT_NOT_SUPPORTED
 	opts = {
 		'strict': {'short': 's', 'is_flag': True, 'default': False, 'help': 'Strict match'}
 	}
@@ -26,7 +27,8 @@ class searchsploit(Command):
 			EXTRA_DATA: lambda x: {'verified': x['Verified']}
 		}
 	}
-	install_cmd = 'sudo snap install searchsploit'
+	install_cmd = 'sudo git clone https://gitlab.com/exploit-database/exploitdb.git /opt/exploitdb || true && sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit'  # noqa: E501
+	install_github_handle = 'rad10/SearchSploit.py'
 	proxychains = False
 	proxy_socks5 = False
 	proxy_http = False

secator/tasks/subfinder.py

@@ -30,6 +30,7 @@ class subfinder(ReconDns):
 	}
 	output_types = [Subdomain]
 	install_cmd = 'go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest'
+	install_github_handle = 'projectdiscovery/subfinder'
 	proxychains = False
 	proxy_http = True
 	proxy_socks5 = False

secator/tasks/wpscan.py

@@ -4,13 +4,12 @@ import os
 from secator.decorators import task
 from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY, DESCRIPTION,
 							   EXTRA_DATA, FOLLOW_REDIRECT, HEADER, ID,
-							   MATCHED_AT, NAME, OPT_NOT_SUPPORTED, PROVIDER,
+							   MATCHED_AT, NAME, OPT_NOT_SUPPORTED, OUTPUT_PATH, PROVIDER,
 							   PROXY, RATE_LIMIT, REFERENCES, RETRIES,
-							   SEVERITY, TAGS, DATA_FOLDER, THREADS, TIMEOUT,
+							   SEVERITY, TAGS, THREADS, TIMEOUT,
 							   URL, USER_AGENT)
 from secator.output_types import Tag, Vulnerability
 from secator.tasks._categories import VulnHttp
-from secator.utils import get_file_timestamp
 
 
 @task()
@@ -67,22 +66,13 @@ class wpscan(VulnHttp):
 		},
 	}
 	output_types = [Vulnerability, Tag]
-	install_cmd = 'sudo gem install wpscan'
+	install_cmd = 'sudo apt install -y build-essential ruby-dev rubygems && sudo gem install wpscan'
 	proxychains = False
 	proxy_http = True
 	proxy_socks5 = False
 	ignore_return_code = True
 	profile = 'io'
 
-	@staticmethod
-	def on_init(self):
-		output_path = self.get_opt_value('output_path')
-		if not output_path:
-			timestr = get_file_timestamp()
-			output_path = f'{DATA_FOLDER}/wpscan_{timestr}.json'
-		self.output_path = output_path
-		self.cmd += f' -o {self.output_path}'
-
 	def yielder(self):
 		prev = self.print_item_count
 		self.print_item_count = False
@@ -177,3 +167,11 @@ class wpscan(VulnHttp):
 						)
 
 		self.print_item_count = prev
+
+	@staticmethod
+	def on_init(self):
+		output_path = self.get_opt_value(OUTPUT_PATH)
+		if not output_path:
+			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.output_path = output_path
+		self.cmd += f' -o {self.output_path}'

secator/utils.py

@@ -1,8 +1,6 @@
-import importlib
 import inspect
 import itertools
 import logging
-import mimetypes
 import operator
 import os
 import re
@@ -14,18 +12,21 @@ from importlib import import_module
 from inspect import isclass
 from pathlib import Path
 from pkgutil import iter_modules
-from urllib.parse import urlparse
+from urllib.parse import urlparse, quote
 
-import netifaces
+
+import ifaddr
 import yaml
-from furl import furl
 from rich.markdown import Markdown
 
-from secator.definitions import DEFAULT_STDIN_TIMEOUT, DEBUG, DEBUG_COMPONENT
+from secator.definitions import (DEBUG, DEBUG_COMPONENT, DEFAULT_STDIN_TIMEOUT, VERSION, DEV_PACKAGE, ROOT_FOLDER,
+								 LIB_FOLDER)
 from secator.rich import console
 
 logger = logging.getLogger(__name__)
 
+_tasks = []
+
 
 class TaskError(ValueError):
 	pass
@@ -107,50 +108,6 @@ def sanitize_url(http_url):
 	return url.geturl().rstrip('/')
 
 
-def match_extensions(response, allowed_ext=['.html']):
-	"""Check if a URL is a file from the HTTP response by looking at the content_type and the URL.
-
-	Args:
-		response (dict): httpx response.
-
-	Returns:
-		bool: True if is a file, False otherwise.
-	"""
-	content_type = response.get('content_type', '').split(';')[0]
-	url = response.get('final_url') or response['url']
-	ext = mimetypes.guess_extension(content_type)
-	ext2 = os.path.splitext(urlparse(url).path)[1]
-	if (ext and ext in allowed_ext) or (ext2 and ext2 in allowed_ext):
-		return True
-	return False
-
-
-def filter_urls(urls, **remove_parts):
-	"""Filter a list of URLs using `furl`.
-
-	Args:
-		urls (list): List of URLs to filter.
-		remove_parts (dict): Dict of URL pieces to remove.
-
-	Example:
-		>>> urls = ['http://localhost/test.js', 'http://localhost/test?a=1&b=2']
-		>>> filter_urls(urls, filter_ext=True)
-		['http://localhost/test']
-
-	Returns:
-		list: List of filtered URLs.
-	"""
-	if not remove_parts:
-		return urls
-	furl_remove_args = {
-		k.replace('remove_', ''): v for k, v in remove_parts.items()
-	}
-	return [
-		sanitize_url(furl(url).remove(**furl_remove_args).url)
-		for url in urls
-	]
-
-
 def deduplicate(array, attr=None):
 	"""Deduplicate list of OutputType items.
 
@@ -172,17 +129,6 @@ def deduplicate(array, attr=None):
 	return sorted(list(dict.fromkeys(array)))
 
 
-def setup_logger(level='info', format='%(message)s'):
-	logger = logging.getLogger('secator')
-	level = logging.getLevelName(level.upper())
-	logger.setLevel(level)
-	handler = logging.StreamHandler()
-	formatter = logging.Formatter(format)
-	handler.setFormatter(formatter)
-	logger.addHandler(handler)
-	return logger
-
-
 def discover_internal_tasks():
 	"""Find internal secator tasks."""
 	from secator.runners import Runner
@@ -193,7 +139,9 @@ def discover_internal_tasks():
 			continue
 		try:
 			module = import_module(f'secator.tasks.{module_name}')
-		except ImportError:
+		except ImportError as e:
+			console.print(f'[bold red]Could not import secator.tasks.{module_name}:[/]')
+			console.print(f'\t[bold red]{type(e).__name__}[/]: {str(e)}')
 			continue
 		for attribute_name in dir(module):
 			attribute = getattr(module, attribute_name)
@@ -228,7 +176,10 @@ def discover_external_tasks():
 
 def discover_tasks():
 	"""Find all secator tasks (internal + external)."""
-	return discover_internal_tasks() + discover_external_tasks()
+	global _tasks
+	if not _tasks:
+		_tasks = discover_internal_tasks() + discover_external_tasks()
+	return _tasks
 
 
 def import_dynamic(cls_path, cls_root='Command'):
@@ -243,7 +194,7 @@ def import_dynamic(cls_path, cls_root='Command'):
 	"""
 	try:
 		package, name = cls_path.rsplit(".", maxsplit=1)
-		cls = getattr(importlib.import_module(package), name)
+		cls = getattr(import_module(package), name)
 		root_cls = inspect.getmro(cls)[-2]
 		if root_cls.__name__ == cls_root:
 			return cls
@@ -262,7 +213,7 @@ def get_command_cls(cls_name):
 	Returns:
 		cls: Class.
 	"""
-	tasks_classes = discover_internal_tasks() + discover_external_tasks()
+	tasks_classes = discover_tasks()
 	for task_cls in tasks_classes:
 		if task_cls.__name__ == cls_name:
 			return task_cls
@@ -329,12 +280,6 @@ def pluralize(word):
 		return f'{word}s'
 
 
-def get_task_name_padding(classes=None):
-	all_tasks = discover_tasks()
-	classes = classes or all_tasks
-	return max([len(cls.__name__) for cls in discover_tasks() if cls in classes]) + 2
-
-
 def load_fixture(name, fixtures_dir, ext=None, only_path=False):
 	fixture_path = f'{fixtures_dir}/{name}'
 	exts = ['.json', '.txt', '.xml', '.rc']
@@ -358,17 +303,13 @@ def get_file_timestamp():
 
 
 def detect_host(interface=None):
-	ifaces = netifaces.interfaces()
-	host = None
-	for iface in ifaces:
-		addrs = netifaces.ifaddresses(iface)
+	adapters = ifaddr.get_adapters()
+	for adapter in adapters:
+		iface = adapter.name
 		if (interface and iface != interface) or iface == 'lo':
 			continue
-		host = addrs[netifaces.AF_INET][0]['addr']
-		interface = iface
-		if 'tun' in iface:
-			break
-	return host
+		return adapter.ips[0].ip
+	return None
 
 
 def find_list_item(array, val, key='id', default=None):
@@ -417,9 +358,10 @@ def rich_to_ansi(text):
 
 def debug(msg, sub='', id='', obj=None, obj_after=True, obj_breaklines=False, level=1):
 	"""Print debug log if DEBUG >= level."""
-	if not DEBUG >= level:
+	debug_comp_empty = DEBUG_COMPONENT == [""] or not DEBUG_COMPONENT
+	if not debug_comp_empty and not any(sub.startswith(s) for s in DEBUG_COMPONENT):
 		return
-	if DEBUG_COMPONENT and not any(s.startswith(sub) for s in DEBUG_COMPONENT):
+	elif debug_comp_empty and not DEBUG >= level:
 		return
 	s = ''
 	if sub:
@@ -443,3 +385,43 @@ def debug(msg, sub='', id='', obj=None, obj_after=True, obj_breaklines=False, le
 		s += f' [italic dim white]\[{id}][/] '
 	s = rich_to_ansi(f'[dim red]\[debug] {s}[/]')
 	print(s)
+
+
+def escape_mongodb_url(url):
+	"""Escape username / password from MongoDB URL if any.
+
+	Args:
+		url (str): Full MongoDB URL string.
+
+	Returns:
+		str: Escaped MongoDB URL string.
+	"""
+	match = re.search('mongodb://(?P<userpass>.*)@(?P<url>.*)', url)
+	if match:
+		url = match.group('url')
+		user, password = tuple(match.group('userpass').split(':'))
+		user, password = quote(user), quote(password)
+		return f'mongodb://{user}:{password}@{url}'
+	return url
+
+
+def print_version():
+	"""Print secator version information."""
+	from secator.installer import get_version_info
+	console.print(f'[bold gold3]Current version[/]: {VERSION}', highlight=False, end='')
+	info = get_version_info('secator', github_handle='freelabz/secator', version=VERSION)
+	latest_version = info['latest_version']
+	status = info['status']
+	location = info['location']
+	if status == 'outdated':
+		console.print('[bold red] (outdated)[/]')
+	else:
+		console.print('')
+	console.print(f'[bold gold3]Latest version[/]: {latest_version}', highlight=False)
+	console.print(f'[bold gold3]Location[/]: {location}')
+	console.print(f'[bold gold3]Python binary[/]: {sys.executable}')
+	if DEV_PACKAGE:
+		console.print(f'[bold gold3]Root folder[/]: {ROOT_FOLDER}')
+	console.print(f'[bold gold3]Lib folder[/]: {LIB_FOLDER}')
+	if status == 'outdated':
+		console.print('[bold red]secator is outdated, run "secator update" to install the latest version.')

secator/utils_test.py

@@ -49,9 +49,9 @@ if TEST_SCANS:
 else:
 	TEST_SCANS = ALL_SCANS
 
-#-------------#
+#-------------------#
 # TEST INPUTS_TASKS #
-#-------------#
+#-------------------#
 INPUTS_TASKS = {
 	URL: 'https://fake.com',
 	HOST: 'fake.com',
@@ -92,6 +92,7 @@ META_OPTS = {
 	'msfconsole.resource': load_fixture('msfconsole_input', FIXTURES_DIR, only_path=True),
 	'dirsearch.output_path': load_fixture('dirsearch_output', FIXTURES_DIR, only_path=True),
 	'maigret.output_path': load_fixture('maigret_output', FIXTURES_DIR, only_path=True),
+	'nuclei.template_id': 'prometheus-metrics',
 	'wpscan.output_path': load_fixture('wpscan_output', FIXTURES_DIR, only_path=True),
 	'h8mail.output_path': load_fixture('h8mail_output', FIXTURES_DIR, only_path=True),
 	'h8mail.local_breach': load_fixture('h8mail_breach', FIXTURES_DIR, only_path=True)