Sn1per by 1N3@CrowdShield
This commit is contained in:
root
@@ -1,4 +1,7 @@
|
||||
## CHANGELOG:
|
||||
* v2.2b - Added fullportonly mode to do exclusive full port scans
|
||||
* v2.2b - Fixed minor issue with Metasploit Pro not starting
|
||||
* v2.2b - Fixed minor issue with sniper loot command
|
||||
* v2.2a - Fixed minor issue with loot function
|
||||
* v2.2 - Added auto Metasploit Pro & Zenmap GUI integration
|
||||
* v2.2 - Added Sn1per workspaces to loot directory
|
||||
@@ -125,4 +128,4 @@
|
||||
* v1.4 - Removed debug output from goohak from displaying on console
|
||||
|
||||
## FUTURE:
|
||||
* Add scan config options to enabled/disable certain scan tasks (ie. brute force, osint, web scans, etc.)
|
||||
* Add auto logging and reporting to all scans
|
||||
|
||||
@@ -47,6 +47,7 @@ sniper <target> <report>
|
||||
sniper <target> stealth <report>
|
||||
sniper <CIDR> discover
|
||||
sniper <target> port <portnum>
|
||||
sniper <target> fullportonly <portnum>
|
||||
sniper <target> web <report>
|
||||
sniper <target> nobrute <report>
|
||||
sniper <targets.txt> airstrike <report>
|
||||
@@ -59,6 +60,7 @@ sniper loot
|
||||
* **STEALTH:** Quickly enumerate single targets using mostly non-intrusive scans to avoid WAF/IPS blocking
|
||||
* **DISCOVER:** Parses all hosts on a subnet/CIDR (ie. 192.168.0.0/16) and initiates a sniper scan against each host. Useful for internal network scans.
|
||||
* **PORT:** Scans a specific port for vulnerabilities. Reporting is not currently available in this mode.
|
||||
* **FULLPORTONLY:** Performs a full detailed port scan and saves results to XML.
|
||||
* **WEB:** Adds full automatic web application scans to the results (port 80/tcp & 443/tcp only). Ideal for web applications but may increase scan time significantly.
|
||||
* **NOBRUTE:** Launches a full scan against a target host/domain without brute forcing services.
|
||||
* **AIRSTRIKE:** Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IP's that need to be scanned and run ./sn1per /full/path/to/targets.txt airstrike to begin scanning.
|
||||
|
||||
48
sniper
48
sniper
@@ -4,7 +4,7 @@
|
||||
#
|
||||
# Sn1per - Automated Pentest Recon Tool
|
||||
#
|
||||
# FEATURED:
|
||||
# FEATURES:
|
||||
# - Automatically collect recon info (ie. whois, ping, DNS, etc.)
|
||||
# - Automatically collects Google hacking recon info
|
||||
# - Automatically run port scans
|
||||
@@ -25,6 +25,7 @@
|
||||
# sniper <CIDR> discover <report>
|
||||
# sniper <target> stealth <report>
|
||||
# sniper <target> port <portnum>
|
||||
# sniper <target fullportonly <portnum>
|
||||
# sniper <target> web <report>
|
||||
# sniper <targets.txt> airstrike <report>
|
||||
# sniper <targets.txt> nuke <report>
|
||||
@@ -76,6 +77,9 @@ function loot {
|
||||
ls -lh $LOOT_DIR/workspace/
|
||||
echo -e "$OKORANGE + -- --=[Enter a name for the workspace:$RESET"
|
||||
read WORKSPACE
|
||||
if [ -z $WORKSPACE ]; then
|
||||
WORKSPACE="default"
|
||||
fi
|
||||
mkdir -p $LOOT_DIR/workspace/$WORKSPACE 2> /dev/null
|
||||
echo -e "$OKORANGE + -- --=[Generating reports...$RESET"
|
||||
for a in `ls sniper-*.txt 2>/dev/null`;
|
||||
@@ -89,17 +93,18 @@ function loot {
|
||||
rm -f $LOOT_DIR/.fuse_* 2> /dev/null
|
||||
echo -e "$OKORANGE + -- --=[Starting Metasploit service...$RESET"
|
||||
/etc/init.d/metasploit start 2> /dev/null
|
||||
/etc/init.d/postgresql start 2> /dev/null
|
||||
echo -e "$OKORANGE + -- --=[Importing NMap XML files into Metasploit...$RESET"
|
||||
msfconsole -x "workspace -a $WORKSPACE; workspace $WORKSPACE; db_import $LOOT_DIR/nmap/nmap*.xml; hosts; services; exit;"
|
||||
echo -e "$OKORANGE + -- --=[Copying loot to workspace: $WORKSPACE...$RESET"
|
||||
cp -Rf $LOOT_DIR/screenshots/ $LOOT_DIR/workspace/$WORKSPACE/screenshots/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/nmap/ $LOOT_DIR/workspace/$WORKSPACE/nmap/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/domains/ $LOOT_DIR/workspace/$WORKSPACE/domains/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/output/ $LOOT_DIR/workspace/$WORKSPACE/output/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/reports/ $LOOT_DIR/workspace/$WORKSPACE/reports/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/imports/ $LOOT_DIR/workspace/$WORKSPACE/imports/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/notes/ $LOOT_DIR/workspace/$WORKSPACE/notes/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/web/ $LOOT_DIR/workspace/$WORKSPACE/web/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/screenshots/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/nmap/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/domains/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/output/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/reports/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/imports/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/notes/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
cp -Rf $LOOT_DIR/web/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
|
||||
rm -Rf $LOOT_DIR/screenshots/ 2> /dev/null
|
||||
rm -Rf $LOOT_DIR/nmap/ 2> /dev/null
|
||||
rm -Rf $LOOT_DIR/domains/ 2> /dev/null
|
||||
@@ -117,9 +122,12 @@ function loot {
|
||||
mkdir $LOOT_DIR/notes -p 2> /dev/null
|
||||
mkdir $LOOT_DIR/web -p 2> /dev/null
|
||||
echo -e "$OKORANGE + -- --=[Opening workspace directory...$RESET"
|
||||
iceweasel 2> /dev/null &
|
||||
sleep 2
|
||||
iceweasel $LOOT_DIR/workspace/$WORKSPACE 2> /dev/null &
|
||||
sleep 2
|
||||
echo -e "$OKORANGE + -- --=[Launching Metasploit Pro Web UI...$RESET"
|
||||
iceweasel http://localhost:3001/login 2> /dev/null
|
||||
iceweasel http://localhost:3001/login 2> /dev/null &
|
||||
echo -e "$OKORANGE + -- --=[Launching Zenmap...$RESET"
|
||||
zenmap -f $LOOT_DIR/workspace/$WORKSPACE/nmap/ 2> /dev/null &
|
||||
echo -e "$OKORANGE + -- --=[Done!$RESET"
|
||||
@@ -140,7 +148,8 @@ function help {
|
||||
echo ' [*] sniper <target> <report>'
|
||||
echo ' [*] sniper <target> stealth <report>'
|
||||
echo ' [*] sniper <CIDR> discover'
|
||||
echo ' [*] sniper <target> port <portnum> '
|
||||
echo ' [*] sniper <target> port <portnum>'
|
||||
echo ' [*] sniper <target> fullportonly <portnum>'
|
||||
echo ' [*] sniper <target> web <report>'
|
||||
echo ' [*] sniper <target> nobrute <report>'
|
||||
echo ' [*] sniper <targets.txt> airstrike <report>'
|
||||
@@ -532,6 +541,23 @@ if [ "$MODE" = "airstrike" ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$MODE" = "fullportonly" ]; then
|
||||
echo -e "$OKRED ___ ____ __ __ $RESET"
|
||||
echo -e "$OKRED / _/_ __/ / /__ ___ ____/ /____ ___ / /_ __$RESET"
|
||||
echo -e "$OKRED / _/ // / / / _ \/ _ \/ __/ __/ _ \/ _ \/ / // /$RESET"
|
||||
echo -e "$OKRED /_/ \_,_/_/_/ .__/\___/_/ \__/\___/_//_/_/\_, / $RESET"
|
||||
echo -e "$OKRED /_/ /___/ $RESET"
|
||||
echo -e "$RESET"
|
||||
echo -e "$OKGREEN + -- ----------------------------=[Performing Port Scan]=------------------- -- +$RESET"
|
||||
if [ -z "$OPT1" ]; then
|
||||
nmap -T4 -sV -O -v -p 1-65535 $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
|
||||
else
|
||||
nmap -T4 -sV -O -v -p $OPT1 $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
|
||||
fi
|
||||
echo -e "$OKGREEN + -- ----------------------------=[Done]=------------------------------------ -- +$RESET"
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$MODE" = "port" ]; then
|
||||
if [ -z "$OPT1" ]; then
|
||||
echo -e "$OKRED + -- --=[Error: You need to enter a port number. $RESET"
|
||||
|
||||
Reference in New Issue
Block a user