Sn1per Community Edition by @xer0dayz - https://xerosecurity.com

1N3 · Nov 16, 2019 · e85d169 · e85d169
1 parent cb8802a
commit e85d169
Show file tree

Hide file tree

Showing 15 changed files with 271 additions and 71 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,14 @@
 ## CHANGELOG:
+* v7.4 - Added LDAP anomyous search to port 389/tcp checks (Shoutout @D0rkerDevil)
+* v7.4 - Added Java RMI dump registry scan checks and exploits to port 8001/tcp (Shoutout @D0rkerDevil)
+* v7.4 - Added CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure MSF module
+* v7.4 - Added virtualhost scanning via web mode
+* v7.4 - Added Gobuster
+* v7.4 - Addd URLCrazy DNS alterations check to OSINT mode
+* v7.4 - Added Ultratools Whois Lookups to OSINT mode
+* v7.4 - Added Email-Format.com Email Retreival to OSINT mode
+* v7.4 - Added Metasploit OSINT email retrieval to OSINT mode
+* v7.4 - Added Hackertarget URL API retrieval to web modes
 * v7.4 - Fixed error in massvulnscan mode
 * v7.4 - Fixed issue with webscreenshot.py not running
 * v7.4 - Added reverse whois DNS search via AMass
@@ -9,6 +19,7 @@
 * v7.4 - Improved performance of AltDNS/DNSgen/MassDNS retrieval
 * v7.4 - Changed webscreenshot.py setting to use chrome browser and increased timeout
 * v7.4 - Fixed issue with missing xmlstarlet package for OpenVAS scans
+* v7.4 - Improved active web spider URL consolidation
 * v7.3 - Added CVE-2019-15107 Webmin <= 1.920 - Unauthenticated RCE MSF exploit
 * v7.3 - Added massdns plugin
 * v7.3 - Added altdns plugin

diff --git a/README.md b/README.md
@@ -201,7 +201,7 @@ https://gist.github.com/1N3/8214ec2da2c91691bcbc
 - [x] Sn1per Configuration Options (https://github.com/1N3/Sn1per/wiki/Sn1per-Configuration-Options)
 
 ## LICENSE:
-This software is free to distribute, modify and use with the condition that credit is provided to the creator (@xer0dayz @XeroSecurity) and is not for commercial use or resold and rebranded. Permission to distribute any part of the code for sale is strictly prohibited.
+This software is free to distribute and use with the condition that credit is provided to the creator (@xer0dayz @XeroSecurity), is not renamed and is not for commercial use or resold and rebranded. Permission to distribute any part of the code for sale is strictly prohibited.
 
 ## LEGAL DISCLAIMER:
 You may not rent or lease, distribute, modify, sell or transfer the software to a third party. Sn1per Community is free for distribution, and modification with the condition that credit is provided to the creator and not used for commercial use. You may not use software for illegal or nefarious purposes. No liability for consequential damages to the maximum extent permitted by all applicable laws. In no event shall XeroSecurity or any person be liable for any consequential, reliance, incidental, special, direct or indirect damages whatsoever (including without limitation, damages for loss of business profits, business interruption, loss of business information, personal injury, or any other loss) arising out of or in connection with the use or inability to use this product, even if XeroSecurity has been advised of the possibility of such damages. 

diff --git a/install.sh b/install.sh
@@ -15,15 +15,16 @@ echo -e "$OKRED  (__  ) / / // // /_/ /  __/ /    $RESET"
 echo -e "$OKRED /____/_/ /_/___/ .___/\___/_/     $RESET"
 echo -e "$OKRED               /_/                 $RESET"
 echo -e "$RESET"
-echo -e "$OKORANGE + -- --=[https://xerosecurity.com$RESET"
+echo -e "$OKORANGE + -- --=[ https://xerosecurity.com$RESET"
+echo -e "$OKORANGE + -- --=[ Sn1per by @xer0dayz$RESET"
 echo ""
 
 INSTALL_DIR=/usr/share/sniper
 LOOT_DIR=/usr/share/sniper/loot
 PLUGINS_DIR=/usr/share/sniper/plugins
 GO_DIR=~/go/bin
 
-echo -e "$OKGREEN + -- --=[This script will install sniper under $INSTALL_DIR. Are you sure you want to continue? (Hit Ctrl+C to exit)$RESET"
+echo -e "$OKGREEN + -- --=[ This script will install sniper under $INSTALL_DIR. Are you sure you want to continue? (Hit Ctrl+C to exit)$RESET"
 read answer
 
 mkdir -p $INSTALL_DIR 2> /dev/null
@@ -37,9 +38,9 @@ mkdir $LOOT_DIR/osint 2> /dev/null
 cp -Rf * $INSTALL_DIR 2> /dev/null
 cd $INSTALL_DIR
 
-echo -e "$OKORANGE + -- --=[Installing package dependencies...$RESET"
+echo -e "$OKORANGE + -- --=[ Installing package dependencies...$RESET"
 apt-get update
-apt-get install -y python3-uritools python3-paramiko nfs-common eyewitness nodejs wafw00f xdg-utils metagoofil clusterd ruby rubygems python dos2unix sslyze arachni aha libxml2-utils rpcbind cutycapt host whois dnsrecon curl nmap php php-curl hydra wpscan sqlmap nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb sslscan amap jq golang adb xsltproc
+apt-get install -y python3-uritools python3-paramiko nfs-common eyewitness nodejs wafw00f xdg-utils metagoofil clusterd ruby rubygems python dos2unix sslyze arachni aha libxml2-utils rpcbind cutycapt host whois dnsrecon curl nmap php php-curl hydra wpscan sqlmap nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb sslscan amap jq golang adb xsltproc urlcrazy ldapscripts
 apt-get install -y waffit 2> /dev/null
 apt-get install -y libssl-dev 2> /dev/null
 apt-get install -y python-pip 
@@ -50,22 +51,22 @@ apt-get install -y chromium
 pip install dnspython colorama tldextract urllib3 ipaddress requests
 curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.8/install.sh | bash
 
-echo -e "$OKORANGE + -- --=[Installing gem dependencies...$RESET"
+echo -e "$OKORANGE + -- --=[ Installing gem dependencies...$RESET"
 gem install rake
 gem install ruby-nmap net-http-persistent mechanize text-table
 gem install public_suffix
 
-echo -e "$OKORANGE + -- --=[Setting up Ruby...$RESET"
+echo -e "$OKORANGE + -- --=[ Setting up Ruby...$RESET"
 dpkg-reconfigure ruby
 
-echo -e "$OKORANGE + -- --=[Cleaning up old extensions...$RESET"
+echo -e "$OKORANGE + -- --=[ Cleaning up old extensions...$RESET"
 rm -Rf $PLUGINS_DIR 2> /dev/null
 mkdir $PLUGINS_DIR 2> /dev/null
 cd $PLUGINS_DIR
 mkdir -p $PLUGINS_DIR/nmap_scripts/ 2> /dev/null
 mkdir -p $GO_DIR 2> /dev/null
 
-echo -e "$OKORANGE + -- --=[Downloading extensions...$RESET"
+echo -e "$OKORANGE + -- --=[ Downloading extensions...$RESET"
 git clone https://github.com/1N3/BruteX.git 
 git clone https://github.com/1N3/Goohak.git 
 git clone https://github.com/1N3/BlackWidow
@@ -122,8 +123,13 @@ rm -f /usr/share/nmap/scripts/vulners.nse
 wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse
 mkdir -p ~/.msf4/modules/exploits/web
 wget https://raw.githubusercontent.com/1N3/Exploits/master/defcon_webmin_unauth_rce.rb -O ~/.msf4/modules/exploits/web/defcon_webmin_unauth_rce.rb
+wget https://github.com/OJ/gobuster/releases/download/v3.0.1/gobuster-linux-amd64.7z -O /tmp/gobuster.7z
+cd /tmp/
+7z e gobuster.7z
+chmod +rx gobuster 
+mv gobuster /usr/bin/gobuster 
 cd $PLUGINS_DIR
-echo -e "$OKORANGE + -- --=[Setting up environment...$RESET"
+echo -e "$OKORANGE + -- --=[ Setting up environment...$RESET"
 mv ~/.sniper.conf ~/.sniper.conf.old 2> /dev/null
 cp $INSTALL_DIR/sniper.conf ~/.sniper.conf 2> /dev/null
 cd $PLUGINS_DIR/BruteX/ && bash install.sh 2> /dev/null
@@ -145,5 +151,5 @@ ln -s $INSTALL_DIR/sniper /usr/bin/sniper
 ln -s $PLUGINS_DIR/Goohak/goohak /usr/bin/goohak
 ln -s $PLUGINS_DIR/dirsearch/dirsearch.py /usr/bin/dirsearch
 msfdb init 
-echo -e "$OKORANGE + -- --=[Done!$RESET"
-echo -e "$OKORANGE + -- --=[To run, type 'sniper'! $RESET"
+echo -e "$OKORANGE + -- --=[ Done!$RESET"
+echo -e "$OKORANGE + -- --=[ To run, type 'sniper'! $RESET"
diff --git a/install_debian_ubuntu.sh b/install_debian_ubuntu.sh
@@ -15,17 +15,18 @@ echo -e "$OKRED  (__  ) / / // // /_/ /  __/ /    $RESET"
 echo -e "$OKRED /____/_/ /_/___/ .___/\___/_/     $RESET"
 echo -e "$OKRED               /_/                 $RESET"
 echo -e "$RESET"
-echo -e "$OKORANGE + -- --=[https://xerosecurity.com$RESET"
+echo -e "$OKORANGE + -- --=[ https://xerosecurity.com$RESET"
+echo -e "$OKORANGE + -- --=[ Sn1per by @xer0dayz$RESET"
 echo ""
-echo -e "$OKGREEN + -- --=[This script will setup Ubuntu and Debian based OS's for the Sn1per installation. (Hit enter to continue): $RESET"
+echo -e "$OKGREEN + -- --=[ This script will setup Ubuntu and Debian based OS's for the Sn1per installation. (Hit enter to continue): $RESET"
 read answer
 if [ ! -f "/etc/apt/sources.list.bak" ]; then
 	cp /etc/apt/sources.list /etc/apt/sources.list.bak
 	echo "deb http://http.kali.org/kali kali-rolling main non-free contrib" >> /etc/apt/sources.list
 	echo "deb-src http://http.kali.org/kali kali-rolling main non-free contrib" >> /etc/apt/sources.list
 fi
-wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.2_all.deb
-apt install ./kali-archive-keyring_2018.2_all.deb
+wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2018.1_all.deb
+apt install ./kali-archive-keyring_2018.1_all.deb
 apt update
 cp /root/.Xauthority /root/.Xauthority.bak 2> /dev/null
 cp -a /run/user/1000/gdm/Xauthority /root/.Xauthority 2> /dev/null
@@ -34,4 +35,4 @@ chown root /root/.Xauthority
 XAUTHORITY=/root/.Xauthority
 git clone https://github.com/1N3/Sn1per /tmp/Sn1per
 cd /tmp/Sn1per
-bash install.sh
+bash install.sh
diff --git a/modes/fullportonly.sh b/modes/fullportonly.sh
@@ -33,7 +33,7 @@ if [ "$MODE" = "fullportonly" ]; then
     echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
     echo -e "$OKRED PERFORMING TCP PORT SCAN $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
-    nmap -v -sV -A -O --script=/usr/share/nmap/scripts/vulscan/vulscan.nse,/usr/share/nmap/scripts/vulners -oX $LOOT_DIR/nmap/nmap-$TARGET-fullport.xml -p $FULL_PORTSCAN_PORTS $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET
+    nmap -Pn -v -sV -A -O --script=/usr/share/nmap/scripts/vulscan/vulscan.nse,/usr/share/nmap/scripts/vulners -oX $LOOT_DIR/nmap/nmap-$TARGET-fullport.xml -p $FULL_PORTSCAN_PORTS $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET
     cp -f $LOOT_DIR/nmap/nmap-$TARGET-fullport.xml $LOOT_DIR/nmap/nmap-$TARGET.xml 2> /dev/null
     sed -r "s/</\&lh\;/g" $LOOT_DIR/nmap/nmap-$TARGET 2> /dev/null > $LOOT_DIR/nmap/nmap-$TARGET.txt 2> /dev/null
     rm -f $LOOT_DIR/nmap/nmap-$TARGET 2> /dev/null
@@ -48,7 +48,7 @@ if [ "$MODE" = "fullportonly" ]; then
     echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
     echo -e "$OKRED PERFORMING TCP PORT SCAN $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
-    nmap -v -sV -A -O --script=/usr/share/nmap/scripts/vulscan/vulscan.nse,/usr/share/nmap/scripts/vulners -p $PORT -oX $LOOT_DIR/nmap/nmap-$TARGET-tcp-port$PORT.xml $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET
+    nmap -Pn -v -sV -A -O --script=/usr/share/nmap/scripts/vulscan/vulscan.nse,/usr/share/nmap/scripts/vulners -p $PORT -oX $LOOT_DIR/nmap/nmap-$TARGET-tcp-port$PORT.xml $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET
     sed -r "s/</\&lh\;/g" $LOOT_DIR/nmap/nmap-$TARGET 2> /dev/null > $LOOT_DIR/nmap/nmap-$TARGET.txt 2> /dev/null
     rm -f $LOOT_DIR/nmap/nmap-$TARGET 2> /dev/null
     xsltproc $INSTALL_DIR/bin/nmap-bootstrap.xsl $LOOT_DIR/nmap/nmap-$TARGET.xml -o $LOOT_DIR/nmap/nmapreport-$TARGET.html 2> /dev/null

diff --git a/modes/fullportscan.sh b/modes/fullportscan.sh
@@ -9,7 +9,7 @@ else
   if [ "$SLACK_NOTIFICATIONS" == "1" ]; then
     /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• Started Sn1per full portscan: $TARGET [$MODE] (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•"
   fi
-  nmap -v -sV -A -O --script=/usr/share/nmap/scripts/vulscan/vulscan.nse,/usr/share/nmap/scripts/vulners -oX $LOOT_DIR/nmap/nmap-$TARGET-fullport.xml -p $FULL_PORTSCAN_PORTS $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET
+  nmap -Pn -v -sV -A -O --script=/usr/share/nmap/scripts/vulscan/vulscan.nse,/usr/share/nmap/scripts/vulners -oX $LOOT_DIR/nmap/nmap-$TARGET-fullport.xml -p $FULL_PORTSCAN_PORTS $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET
   cp -f $LOOT_DIR/nmap/nmap-$TARGET-fullport.xml $LOOT_DIR/nmap/nmap-$TARGET.xml 2> /dev/null
   sed -r "s/</\&lh\;/g" $LOOT_DIR/nmap/nmap-$TARGET 2> /dev/null > $LOOT_DIR/nmap/nmap-$TARGET.txt 2> /dev/null
   rm -f $LOOT_DIR/nmap/nmap-$TARGET 2> /dev/null