-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathSSH_Reaper.py
112 lines (103 loc) · 4.18 KB
/
SSH_Reaper.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
import requests
import os
import argparse
from simple_term_menu import TerminalMenu
from time import sleep
from requests.exceptions import ConnectionError, Timeout, RequestException
from urllib3.exceptions import ConnectionError
from datetime import datetime
from src.do_setup import *
from src.do_keywords import *
def do_request(reap, notor, port, targ):
# Setup session
s = requests.Session()
pre = requests.get("http://icanhazip.com")
print(f"Current External IP: {pre.content.decode()}", end="")
if (notor == False):
s.proxies.update({'http': 'socks5://127.0.0.1:9050'})
post = s.get("http://icanhazip.com")
print(f"TOR External IP: {post.content.decode()}", end="")
if (post.content == pre.content):
print("\nERR: With and without tor are same.")
print("If you are not running tor specify -t")
exit()
if (targ == False):
fp = open("result.txt", "r")
targets = fp.readlines()
fp.close()
else:
targets = []
targets.append(targ)
fp = open("history.txt", "r")
history = fp.readlines()
fp.close()
w_history = open("history.txt", "w+")
w_history.writelines(history)
print("Current histfile:")
lc = 0
for ip in history:
# If ip is too short add an extra tab
if (len(ip) <= 8):
ext = "\t"
else:
ext = ""
if (lc == 3):
print(f"{ip.strip()}\t{ext}\n", end="")
lc = 0
else:
print(f"{ip.strip()}\t{ext}\n", end="")
lc += 1
for target in targets:
try:
if (target.strip() + "\n" not in history):
r = s.get(f"http://{target.strip()}:{port}/.ssh/", timeout=10)
print(Fore.RESET + f"http://{target.strip()}:{port}/.ssh/ --> Status Code: {r.status_code}")
w_history.write(target.strip() + "\n")
# will return bool True | False depending if key word was found
key, find = ssh_words(r.content, target.strip())
if ((key and reap) or (targ and reap)):
print(f"{target.strip()} contains:")
# print(r.content.decode().split("\n"))
for line in r.content.decode().split("\n"):
if ("<a href=\"" in line):
file = line.split("href=\"")[1].split("\"")[0]
print("\t" + file)
except (ConnectionError, Timeout, RequestException):
print(Fore.RED + f"{target.strip()}, is not responsive")
w_history.close()
if __name__ == "__main__":
# print the banner
banner()
notor = False
parser = argparse.ArgumentParser(
prog='Data Scraper',
description='Querys shodan for indexable http servers',
epilog='Made by Aznable and ice-wzl')
parser.add_argument('-q', '--query', action='store_true', help="Conduct shodan query and update result.txt")
parser.add_argument('-s', '--scan', action='store_true',
help="Conduct scans and enumeration of targets in result.txt")
parser.add_argument('-n', '--notor', action='store_true', help="Dont use tor")
parser.add_argument('-p', '--port', help="Specify port number (Default 8000)")
parser.add_argument('-t', '--target', help="Specify a target to Scan/Reap")
args = parser.parse_args()
# conduct the shodan query to get the results
if len(sys.argv) == 2:
parser.print_help()
sys.exit(1)
if (args.query):
if (args.port):
do_query(setup_api(), f'Title:"Directory listing for /" port:{args.port}')
else:
do_query(setup_api(), 'Title:"Directory listing for /" port:8000')
sleep(1.0)
# perform the requests which will loop through the results in results.txt
if (args.target):
if (args.port):
do_request(args.reap, args.notor, True, args.port, args.target)
else:
do_request(args.reap, args.notor, True, "8000", args.target)
if (args.scan):
if (args.port):
do_request(True, args.notor, args.port, False)
else:
do_request(True, args.notor, "8000", False)