mirror of https://github.com/1N3/Sn1per.git
Sn1per by @Sn1perSecurity - https://sn1persecurity.com
This commit is contained in:
parent
7bcb639e3f
commit
c50af967c0
|
|
@ -1,4 +1,6 @@
|
|||
## CHANGELOG:
|
||||
* v9.1 - Updated Nuclei sc0pe templates
|
||||
* v9.1 - Fixed issue with Nuclei sc0pe parsers not working
|
||||
* v9.1 - Fixed issue with GAU installer/commmand not working
|
||||
* v9.1 - Fixed issue with passive URL fetching
|
||||
* v9.1 - Fixed issue with nuclei not being installed
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
[](https://sn1persecurity.com/)
|
||||
|
||||
## The ultimate pentesting toolkit.
|
||||
See how Sn1per can help your security team
|
||||
Integrate with the leading commercial and open source vulnerability scanners to scan for the latest CVEs and vulnerabilities.
|
||||
|
||||
[](https://sn1persecurity.com/)
|
||||
|
||||
|
|
@ -26,7 +26,7 @@ Security tools are expensive and time-consuming, but with Sn1per, you can save t
|
|||
[](https://sn1persecurity.com/)
|
||||
|
||||
### Find what you can't see.
|
||||
Hacking is a problem that's only getting worse. But, with Sn1per, you can find what you can’t see—hidden assets and vulnerabilities in your environment. Integrate with the leading commercial and open source vulnerability scanners to scan for the latest CVEs and vulnerabilities. Find out quickly how hackers can attack your business or organization before it’s too late.
|
||||
Hacking is a problem that's only getting worse. But, with Sn1per, you can find what you can’t see—hidden assets and vulnerabilities in your environment.
|
||||
|
||||
[](https://sn1persecurity.com/)
|
||||
|
||||
|
|
|
|||
|
|
@ -347,7 +347,7 @@ if [[ "$MODE" = "webporthttp" ]]; then
|
|||
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
|
||||
echo -e "$OKRED RUNNING NUCLEI SCAN $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
|
||||
nuclei -silent -t /usr/share/sniper/plugins/nuclei-templates/ -c $THREADS -target http://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-http-${TARGET}-port${PORT}.txt
|
||||
nuclei -silent -t /root/nuclei-templates/ -c $THREADS -target http://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-http-${TARGET}-port${PORT}.txt
|
||||
fi
|
||||
SSL="false"
|
||||
source $INSTALL_DIR/modes/web_autopwn.sh
|
||||
|
|
|
|||
|
|
@ -356,7 +356,7 @@ if [[ "$MODE" = "webporthttps" ]]; then
|
|||
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
|
||||
echo -e "$OKRED RUNNING NUCLEI SCAN $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
|
||||
nuclei -silent -t /usr/share/sniper/plugins/nuclei-templates/ -c $THREADS -target https://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-https-${TARGET}-port${PORT}.txt
|
||||
nuclei -silent -t /root/nuclei-templates/ -c $THREADS -target https://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-https-${TARGET}-port${PORT}.txt
|
||||
fi
|
||||
cd $INSTALL_DIR
|
||||
SSL="true"
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@ AUTHOR='@xer0dayz'
|
|||
VULN_NAME='Apache Tomcat Detected'
|
||||
URI='/404_DOES_NOT_EXIST'
|
||||
METHOD='GET'
|
||||
MATCH="Apache\ Tomcat"
|
||||
MATCH="Apache\ Tomcat\/[0-9]?[0-9]\.[0-9]?[0-9]\.[0-9]?[0-9]"
|
||||
SEVERITY='P5 - INFO'
|
||||
CURL_OPTS="--user-agent '' -s -L --insecure"
|
||||
SECONDARY_COMMANDS=''
|
||||
GREP_OPTIONS='-i'
|
||||
GREP_OPTIONS='-o'
|
||||
|
|
@ -2,8 +2,8 @@ AUTHOR='@xer0dayz'
|
|||
VULN_NAME='PHP Info Detected 1'
|
||||
URI='/phpinfo.php'
|
||||
METHOD='GET'
|
||||
MATCH='PHP Version '
|
||||
MATCH='>PHP Version \<'
|
||||
SEVERITY='P4 - LOW'
|
||||
CURL_OPTS="--user-agent '' -s -L --insecure"
|
||||
SECONDARY_COMMANDS=''
|
||||
GREP_OPTIONS='-i'
|
||||
GREP_OPTIONS='-e'
|
||||
|
|
@ -2,7 +2,7 @@ AUTHOR='@xer0dayz'
|
|||
VULN_NAME='VMware vCenter Unauthenticated Arbitrary File Read'
|
||||
URI='/eam/vib?id=C:\\ProgramData\\VMware\\vCenterServer\\cfg\\vmware-vpx\\vcdb.properties'
|
||||
METHOD='GET'
|
||||
MATCH="dbtype|password\.ecrypted"
|
||||
MATCH="dbtype\ |password\.ecrypted"
|
||||
SEVERITY='P2 - HIGH'
|
||||
CURL_OPTS="--user-agent '' -s -L --insecure"
|
||||
SECONDARY_COMMANDS=''
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Interesting Domain Found'
|
||||
FILENAME="$LOOT_DIR/domains/domains-all-sorted_NA.txt"
|
||||
MATCH='admin|dev|portal|stage|prod|tst|test'
|
||||
echo "$TARGET" > /tmp/target
|
||||
FILENAME="/tmp/target"
|
||||
MATCH="admin|dev|portal|stage|prod|tst|test"
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
SEARCH='positive'
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Possible Takeover Detected'
|
||||
FILENAME="$LOOT_DIR/nmap/takeovers-$TARGET.txt"
|
||||
MATCH='netlify|wordpress|instapage|heroku|github|bitbucket|squarespace|fastly|feed|fresh|ghost|helpscout|helpjuice|instapage|pingdom|surveygizmo|teamwork|tictail|shopify|desk|teamwork|unbounce|helpjuice|helpscout|pingdom|tictail|campaign|monitor|cargocollective|statuspage|tumblr|amazon|hubspot|modulus|unbounce|uservoice|wpengine|cloudapp'
|
||||
MATCH='anima|bitly|wordpress|instapage|heroku|github|bitbucket|squarespace|fastly|feed|fresh|ghost|helpscout|helpjuice|instapage|pingdom|surveygizmo|teamwork|tictail|shopify|desk|teamwork|unbounce|helpjuice|helpscout|pingdom|tictail|campaign|monitor|cargocollective|statuspage|tumblr|amazon|hubspot|cloudfront|modulus|unbounce|uservoice|wpengine|cloudapp|azure|trafficmanager|netifly|brandpa'
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
SEARCH='positive'
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Component With Known Vulnerabilities - NMap'
|
||||
FILENAME="$LOOT_DIR/nmap/nmap-$TARGET.txt $LOOT_DIR/output/nmap-$TARGET.txt $LOOT_DIR/output/nmap-$TARGET-*.txt"
|
||||
OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
|
||||
MATCH="vulners.com"
|
||||
GREP_OPTIONS='-ih'
|
||||
TYPE="network"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Interesting Ports Found'
|
||||
FILENAME="$LOOT_DIR/nmap/ports-$TARGET.txt"
|
||||
MATCH="21\ |22\ |23\ |137\ |139\ |445\ |8080\ |8443\ |3306\ |5900\ |53\ |8081\ "
|
||||
MATCH="21\ |22\ |23\ |137\ |139\ |445\ |8080\ |8443\ |3306\ |5900\ |53\ |8081\ |5432\ "
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
SECONDARY_COMMANDS=''
|
||||
|
|
@ -9,6 +9,15 @@ OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
|
|||
TYPE='network'
|
||||
|
||||
rm -f /tmp/match.out 2> /dev/null
|
||||
cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null | head -n 1 2> /dev/null > /tmp/match.out
|
||||
|
||||
CHARS="$(wc -c /tmp/match.out 2> /dev/null | awk '{print $1}' 2> /dev/null)"
|
||||
if [[ $CHARS > 0 ]]; then
|
||||
echo "$SEVERITY, $VULN_NAME, $TARGET, $(cat /tmp/match.out 2> /dev/null)" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
|
||||
# /bin/bash "$INSTALL_DIR/bin/slack.sh" "[+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out | tr '\n' ' ') (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•"
|
||||
#echo "•?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications_new.txt
|
||||
else
|
||||
rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
|
||||
cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, $TARGET, $(cat /tmp/match.out | tr '\n' ' ' | sed -r "s/</\&lh\;/g")" 2> /dev/null | tee -a "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[sn1persecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out | tr '\n' ' ') (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[sn1persecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out | tr '\n' ' ' | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
|
||||
fi
|
||||
|
||||
rm -f /tmp/match.out 2> /dev/null
|
||||
|
|
|
|||
|
|
@ -1,14 +0,0 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Nessus Import'
|
||||
FILENAME="${LOOT_DIR}/output/nessus-report_${TARGET}_*.csv"
|
||||
OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
|
||||
TYPE="network"
|
||||
|
||||
rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
grep Critical $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P1 - CRITICAL, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
|
||||
grep High $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P2 - HIGH, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
|
||||
grep Medium $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P3 - MEDIUM, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
|
||||
grep Low $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P4 - LOW, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
|
||||
grep None $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P5 - INFO, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' | grep -v "None" 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
|
||||
|
||||
cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Autocomplete Enabled'
|
||||
FILENAME="$LOOT_DIR/web/websource-$TARGET-*.txt"
|
||||
FILENAME="$LOOT_DIR/web/websource-htt*-$TARGET-*.txt"
|
||||
MATCH='autocomplete=\"on\"'
|
||||
SEVERITY='P4 - LOW'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='CORS Policy - Allow-Credentials Enabled'
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
|
||||
MATCH='Access-Control-Allow-Credentials: true'
|
||||
SEVERITY='P4 - LOW'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='CORS Policy - Allow-Origin Wildcard'
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
|
||||
MATCH='Access-Control-Allow-Origin: *'
|
||||
SEVERITY='P4 - LOW'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -1,12 +1,10 @@
|
|||
if [ "$SSL" = "false" ]; then
|
||||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Clear-Text Protocol - HTTP'
|
||||
FILENAME="$LOOT_DIR/web/headers-http-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-http-$TARGET-*.txt"
|
||||
MATCH="200\ OK"
|
||||
SEVERITY='P2 - HIGH'
|
||||
GREP_OPTIONS='-i'
|
||||
SEARCH='positive'
|
||||
SECONDARY_COMMANDS=''
|
||||
else
|
||||
break
|
||||
fi
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Drupal Detected'
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
|
||||
MATCH="X\-Generator\:\ Drupal\ "
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Expired SSL Certificate'
|
||||
FILENAME="$LOOT_DIR/web/curldebug-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/curldebug-$TARGET-*.txt"
|
||||
MATCH='certificate has expired'
|
||||
SEVERITY='P3 - MEDIUM'
|
||||
GREP_OPTIONS=''
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Fortinet FortiGate SSL VPN Panel Passive Detection'
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
|
||||
MATCH="Server\:\ xxxxxxxx-xxxxx"
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Insecure Cookie - HTTPOnly Not Set'
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
|
||||
MATCH='Set-Cookie'
|
||||
SEVERITY='P3 - MEDIUM'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Insecure Cookie - Secure Not Set'
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
|
||||
MATCH='Set-Cookie'
|
||||
SEVERITY='P3 - MEDIUM'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -1,10 +1,8 @@
|
|||
if [ "$SSL" = "true" ]; then
|
||||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Weak SSL TLS Protocols'
|
||||
FILENAME="$LOOT_DIR/web/sslscan-$TARGET.txt"
|
||||
MATCH=' SSLv'
|
||||
FILENAME="$LOOT_DIR/web/sslscan-$TARGET.txt $LOOT_DIR/web/sslscan-$TARGET-*.txt"
|
||||
MATCH="SSLv* enabled"
|
||||
SEVERITY='P2 - HIGH'
|
||||
GREP_OPTIONS='-i'
|
||||
SEARCH='positive'
|
||||
SECONDARY_COMMANDS=''
|
||||
fi
|
||||
|
|
@ -1,4 +1,3 @@
|
|||
if [ "$SSL" = "true" ]; then
|
||||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Insecure SSL TLS Connection CN Mismatch'
|
||||
FILENAME="$LOOT_DIR/web/curldebug-$TARGET.txt"
|
||||
|
|
@ -8,6 +7,3 @@ if [ "$SSL" = "true" ]; then
|
|||
SEARCH='positive'
|
||||
SECONDARY_COMMANDS=''
|
||||
URI="/"
|
||||
else
|
||||
break
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Interesting Title Found'
|
||||
FILENAME="$LOOT_DIR/web/title-htt*-$TARGET.txt"
|
||||
MATCH='admin|dev|portal'
|
||||
FILENAME="$LOOT_DIR/web/title-htt*-$TARGET-*.txt"
|
||||
MATCH='admin|dev|portal|login|sign|signup|registration|account'
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
SEARCH='positive'
|
||||
|
|
|
|||
|
|
@ -1,18 +1,18 @@
|
|||
if [ "$SSL" = "false" ]; then
|
||||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Server Header Disclosure - HTTP'
|
||||
FILENAME="$LOOT_DIR/web/headers-http-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-http-$TARGET-*.txt"
|
||||
MATCH="Server\:"
|
||||
SEVERITY='P4 - LOW'
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
SEARCH='positive'
|
||||
SECONDARY_COMMANDS=''
|
||||
else
|
||||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='Server Header Disclosure - HTTPS'
|
||||
FILENAME="$LOOT_DIR/web/headers-https-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-https-$TARGET-*.txt"
|
||||
MATCH="Server\:"
|
||||
SEVERITY='P4 - LOW'
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
SEARCH='positive'
|
||||
SECONDARY_COMMANDS=''
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
AUTHOR='@xer0dayz'
|
||||
VULN_NAME='X-Powered-By Header Found'
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
|
||||
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
|
||||
MATCH='X-Powered-By'
|
||||
SEVERITY='P5 - INFO'
|
||||
GREP_OPTIONS='-i'
|
||||
|
|
|
|||
|
|
@ -6,14 +6,14 @@ GREP_OPTIONS='-ih'
|
|||
|
||||
rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[critical\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[high\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[medium\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[low\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[info\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
|
||||
cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
|
|
@ -6,14 +6,14 @@ GREP_OPTIONS='-ih'
|
|||
|
||||
rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[critical\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[high\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[medium\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[low\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
MATCH="\[info\]"
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
|
||||
cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
|
||||
Loading…
Reference in New Issue