Sn1per by @Sn1perSecurity - https://sn1persecurity.com

This commit is contained in:
root 2022-12-11 16:50:18 -07:00
parent 7bcb639e3f
commit c50af967c0
28 changed files with 71 additions and 80 deletions

View File

@ -1,4 +1,6 @@
## CHANGELOG:
* v9.1 - Updated Nuclei sc0pe templates
* v9.1 - Fixed issue with Nuclei sc0pe parsers not working
* v9.1 - Fixed issue with GAU installer/commmand not working
* v9.1 - Fixed issue with passive URL fetching
* v9.1 - Fixed issue with nuclei not being installed

View File

@ -16,7 +16,7 @@
[![](https://sn1persecurity.com/wordpress/wp-content/uploads/2022/05/Sn1per-Enterprise-workspace-navigator1-3.png)](https://sn1persecurity.com/)
## The ultimate pentesting toolkit.
See how Sn1per can help your security team
Integrate with the leading commercial and open source vulnerability scanners to scan for the latest CVEs and vulnerabilities.
[![](https://sn1persecurity.com/wordpress/wp-content/uploads/2022/05/Sn1per-Enterprise-workspace-report1-3.png)](https://sn1persecurity.com/)
@ -26,7 +26,7 @@ Security tools are expensive and time-consuming, but with Sn1per, you can save t
[![](https://sn1persecurity.com/wordpress/wp-content/uploads/2022/05/Sn1per-Enterprise-host-list3-1.png)](https://sn1persecurity.com/)
### Find what you can't see.
Hacking is a problem that's only getting worse. But, with Sn1per, you can find what you cant see—hidden assets and vulnerabilities in your environment. Integrate with the leading commercial and open source vulnerability scanners to scan for the latest CVEs and vulnerabilities. Find out quickly how hackers can attack your business or organization before its too late.
Hacking is a problem that's only getting worse. But, with Sn1per, you can find what you cant see—hidden assets and vulnerabilities in your environment.
[![](https://sn1persecurity.com/wordpress/wp-content/uploads/2022/05/Sn1per-Enterprise-host-list2-1.png)](https://sn1persecurity.com/)

View File

@ -347,7 +347,7 @@ if [[ "$MODE" = "webporthttp" ]]; then
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
echo -e "$OKRED RUNNING NUCLEI SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
nuclei -silent -t /usr/share/sniper/plugins/nuclei-templates/ -c $THREADS -target http://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-http-${TARGET}-port${PORT}.txt
nuclei -silent -t /root/nuclei-templates/ -c $THREADS -target http://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-http-${TARGET}-port${PORT}.txt
fi
SSL="false"
source $INSTALL_DIR/modes/web_autopwn.sh

View File

@ -356,7 +356,7 @@ if [[ "$MODE" = "webporthttps" ]]; then
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
echo -e "$OKRED RUNNING NUCLEI SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
nuclei -silent -t /usr/share/sniper/plugins/nuclei-templates/ -c $THREADS -target https://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-https-${TARGET}-port${PORT}.txt
nuclei -silent -t /root/nuclei-templates/ -c $THREADS -target https://$TARGET:${PORT} -o $LOOT_DIR/web/nuclei-https-${TARGET}-port${PORT}.txt
fi
cd $INSTALL_DIR
SSL="true"

View File

@ -2,8 +2,8 @@ AUTHOR='@xer0dayz'
VULN_NAME='Apache Tomcat Detected'
URI='/404_DOES_NOT_EXIST'
METHOD='GET'
MATCH="Apache\ Tomcat"
MATCH="Apache\ Tomcat\/[0-9]?[0-9]\.[0-9]?[0-9]\.[0-9]?[0-9]"
SEVERITY='P5 - INFO'
CURL_OPTS="--user-agent '' -s -L --insecure"
SECONDARY_COMMANDS=''
GREP_OPTIONS='-i'
GREP_OPTIONS='-o'

View File

@ -2,8 +2,8 @@ AUTHOR='@xer0dayz'
VULN_NAME='PHP Info Detected 1'
URI='/phpinfo.php'
METHOD='GET'
MATCH='PHP Version '
MATCH='>PHP Version \<'
SEVERITY='P4 - LOW'
CURL_OPTS="--user-agent '' -s -L --insecure"
SECONDARY_COMMANDS=''
GREP_OPTIONS='-i'
GREP_OPTIONS='-e'

View File

@ -2,7 +2,7 @@ AUTHOR='@xer0dayz'
VULN_NAME='VMware vCenter Unauthenticated Arbitrary File Read'
URI='/eam/vib?id=C:\\ProgramData\\VMware\\vCenterServer\\cfg\\vmware-vpx\\vcdb.properties'
METHOD='GET'
MATCH="dbtype|password\.ecrypted"
MATCH="dbtype\ |password\.ecrypted"
SEVERITY='P2 - HIGH'
CURL_OPTS="--user-agent '' -s -L --insecure"
SECONDARY_COMMANDS=''

View File

@ -1,7 +1,8 @@
AUTHOR='@xer0dayz'
VULN_NAME='Interesting Domain Found'
FILENAME="$LOOT_DIR/domains/domains-all-sorted_NA.txt"
MATCH='admin|dev|portal|stage|prod|tst|test'
echo "$TARGET" > /tmp/target
FILENAME="/tmp/target"
MATCH="admin|dev|portal|stage|prod|tst|test"
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'
SEARCH='positive'

View File

@ -1,7 +1,7 @@
AUTHOR='@xer0dayz'
VULN_NAME='Possible Takeover Detected'
FILENAME="$LOOT_DIR/nmap/takeovers-$TARGET.txt"
MATCH='netlify|wordpress|instapage|heroku|github|bitbucket|squarespace|fastly|feed|fresh|ghost|helpscout|helpjuice|instapage|pingdom|surveygizmo|teamwork|tictail|shopify|desk|teamwork|unbounce|helpjuice|helpscout|pingdom|tictail|campaign|monitor|cargocollective|statuspage|tumblr|amazon|hubspot|modulus|unbounce|uservoice|wpengine|cloudapp'
MATCH='anima|bitly|wordpress|instapage|heroku|github|bitbucket|squarespace|fastly|feed|fresh|ghost|helpscout|helpjuice|instapage|pingdom|surveygizmo|teamwork|tictail|shopify|desk|teamwork|unbounce|helpjuice|helpscout|pingdom|tictail|campaign|monitor|cargocollective|statuspage|tumblr|amazon|hubspot|cloudfront|modulus|unbounce|uservoice|wpengine|cloudapp|azure|trafficmanager|netifly|brandpa'
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'
SEARCH='positive'

View File

@ -1,6 +1,7 @@
AUTHOR='@xer0dayz'
VULN_NAME='Component With Known Vulnerabilities - NMap'
FILENAME="$LOOT_DIR/nmap/nmap-$TARGET.txt $LOOT_DIR/output/nmap-$TARGET.txt $LOOT_DIR/output/nmap-$TARGET-*.txt"
OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
MATCH="vulners.com"
GREP_OPTIONS='-ih'
TYPE="network"

View File

@ -1,7 +1,7 @@
AUTHOR='@xer0dayz'
VULN_NAME='Interesting Ports Found'
FILENAME="$LOOT_DIR/nmap/ports-$TARGET.txt"
MATCH="21\ |22\ |23\ |137\ |139\ |445\ |8080\ |8443\ |3306\ |5900\ |53\ |8081\ "
MATCH="21\ |22\ |23\ |137\ |139\ |445\ |8080\ |8443\ |3306\ |5900\ |53\ |8081\ |5432\ "
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'
SECONDARY_COMMANDS=''
@ -9,6 +9,15 @@ OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
TYPE='network'
rm -f /tmp/match.out 2> /dev/null
cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null | head -n 1 2> /dev/null > /tmp/match.out
CHARS="$(wc -c /tmp/match.out 2> /dev/null | awk '{print $1}' 2> /dev/null)"
if [[ $CHARS > 0 ]]; then
echo "$SEVERITY, $VULN_NAME, $TARGET, $(cat /tmp/match.out 2> /dev/null)" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
# /bin/bash "$INSTALL_DIR/bin/slack.sh" "[+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out | tr '\n' ' ') (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•"
#echo "•?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications_new.txt
else
rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, $TARGET, $(cat /tmp/match.out | tr '\n' ' ' | sed -r "s/</\&lh\;/g")" 2> /dev/null | tee -a "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[sn1persecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out | tr '\n' ' ') (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[sn1persecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out | tr '\n' ' ' | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
fi
rm -f /tmp/match.out 2> /dev/null

View File

@ -1,14 +0,0 @@
AUTHOR='@xer0dayz'
VULN_NAME='Nessus Import'
FILENAME="${LOOT_DIR}/output/nessus-report_${TARGET}_*.csv"
OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
TYPE="network"
rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
grep Critical $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P1 - CRITICAL, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
grep High $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P2 - HIGH, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
grep Medium $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P3 - MEDIUM, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
grep Low $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P4 - LOW, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
grep None $FILENAME 2> /dev/null | egrep "tcp|udp" | cut -d, -f4,5,6,7,8,9 | tr \" " " | tr \, " " | sort -u | awk -F ' ' '{print "P5 - INFO, " $5 ", " $2 ":" $4 ", " $6}' | grep -v 'was found to be open' | grep -v "None" 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='Autocomplete Enabled'
FILENAME="$LOOT_DIR/web/websource-$TARGET-*.txt"
FILENAME="$LOOT_DIR/web/websource-htt*-$TARGET-*.txt"
MATCH='autocomplete=\"on\"'
SEVERITY='P4 - LOW'
GREP_OPTIONS='-i'

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='CORS Policy - Allow-Credentials Enabled'
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
MATCH='Access-Control-Allow-Credentials: true'
SEVERITY='P4 - LOW'
GREP_OPTIONS='-i'

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='CORS Policy - Allow-Origin Wildcard'
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
MATCH='Access-Control-Allow-Origin: *'
SEVERITY='P4 - LOW'
GREP_OPTIONS='-i'

View File

@ -1,12 +1,10 @@
if [ "$SSL" = "false" ]; then
AUTHOR='@xer0dayz'
VULN_NAME='Clear-Text Protocol - HTTP'
FILENAME="$LOOT_DIR/web/headers-http-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-http-$TARGET-*.txt"
MATCH="200\ OK"
SEVERITY='P2 - HIGH'
GREP_OPTIONS='-i'
SEARCH='positive'
SECONDARY_COMMANDS=''
else
break
fi

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='Drupal Detected'
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
MATCH="X\-Generator\:\ Drupal\ "
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='Expired SSL Certificate'
FILENAME="$LOOT_DIR/web/curldebug-$TARGET.txt"
FILENAME="$LOOT_DIR/web/curldebug-$TARGET-*.txt"
MATCH='certificate has expired'
SEVERITY='P3 - MEDIUM'
GREP_OPTIONS=''

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='Fortinet FortiGate SSL VPN Panel Passive Detection'
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
MATCH="Server\:\ xxxxxxxx-xxxxx"
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='Insecure Cookie - HTTPOnly Not Set'
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
MATCH='Set-Cookie'
SEVERITY='P3 - MEDIUM'
GREP_OPTIONS='-i'

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='Insecure Cookie - Secure Not Set'
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
MATCH='Set-Cookie'
SEVERITY='P3 - MEDIUM'
GREP_OPTIONS='-i'

View File

@ -1,10 +1,8 @@
if [ "$SSL" = "true" ]; then
AUTHOR='@xer0dayz'
VULN_NAME='Weak SSL TLS Protocols'
FILENAME="$LOOT_DIR/web/sslscan-$TARGET.txt"
MATCH=' SSLv'
FILENAME="$LOOT_DIR/web/sslscan-$TARGET.txt $LOOT_DIR/web/sslscan-$TARGET-*.txt"
MATCH="SSLv* enabled"
SEVERITY='P2 - HIGH'
GREP_OPTIONS='-i'
SEARCH='positive'
SECONDARY_COMMANDS=''
fi

View File

@ -1,4 +1,3 @@
if [ "$SSL" = "true" ]; then
AUTHOR='@xer0dayz'
VULN_NAME='Insecure SSL TLS Connection CN Mismatch'
FILENAME="$LOOT_DIR/web/curldebug-$TARGET.txt"
@ -8,6 +7,3 @@ if [ "$SSL" = "true" ]; then
SEARCH='positive'
SECONDARY_COMMANDS=''
URI="/"
else
break
fi

View File

@ -1,7 +1,7 @@
AUTHOR='@xer0dayz'
VULN_NAME='Interesting Title Found'
FILENAME="$LOOT_DIR/web/title-htt*-$TARGET.txt"
MATCH='admin|dev|portal'
FILENAME="$LOOT_DIR/web/title-htt*-$TARGET-*.txt"
MATCH='admin|dev|portal|login|sign|signup|registration|account'
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'
SEARCH='positive'

View File

@ -1,18 +1,18 @@
if [ "$SSL" = "false" ]; then
AUTHOR='@xer0dayz'
VULN_NAME='Server Header Disclosure - HTTP'
FILENAME="$LOOT_DIR/web/headers-http-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-http-$TARGET-*.txt"
MATCH="Server\:"
SEVERITY='P4 - LOW'
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'
SEARCH='positive'
SECONDARY_COMMANDS=''
else
AUTHOR='@xer0dayz'
VULN_NAME='Server Header Disclosure - HTTPS'
FILENAME="$LOOT_DIR/web/headers-https-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-https-$TARGET-*.txt"
MATCH="Server\:"
SEVERITY='P4 - LOW'
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'
SEARCH='positive'
SECONDARY_COMMANDS=''

View File

@ -1,6 +1,6 @@
AUTHOR='@xer0dayz'
VULN_NAME='X-Powered-By Header Found'
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET.txt"
FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
MATCH='X-Powered-By'
SEVERITY='P5 - INFO'
GREP_OPTIONS='-i'

View File

@ -6,14 +6,14 @@ GREP_OPTIONS='-ih'
rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[critical\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[high\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[medium\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[low\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[info\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null

View File

@ -6,14 +6,14 @@ GREP_OPTIONS='-ih'
rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[critical\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[high\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[medium\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[low\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
MATCH="\[info\]"
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $3 ", " $6}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null