From eaadde00dce004cc9c2aa0bef49c20e61453e4e7 Mon Sep 17 00:00:00 2001
From: "@xer0dayz" <1n3@hushmail.com>
Date: Mon, 14 Sep 2020 12:36:54 -0700
Subject: [PATCH] * v8.7 - Updated web file bruteforce lists * v8.7 - Added
 updated Slack API integration/notifications * v8.7 - Added Arachni, Nikto,
 Nessus, NMap + 20 passive sc0pe vulnerability parsers

---
 modes/sc0pe-active-webscan.sh  | 4 ++--
 modes/sc0pe-network-scan.sh    | 4 ++--
 modes/sc0pe-passive-webscan.sh | 8 ++++----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/modes/sc0pe-active-webscan.sh b/modes/sc0pe-active-webscan.sh
index 4007d04..60496f1 100644
--- a/modes/sc0pe-active-webscan.sh
+++ b/modes/sc0pe-active-webscan.sh
@@ -6,12 +6,12 @@
                 if [[ -z "$PORT" ]]; then
                     PORT="443"
                 fi
-                curl --connect-timeout 3 --max-time 5 -k -X $METHOD $CURL_OPTS "https://${TARGET}:${PORT}${URI}" 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME,https://${TARGET}:${PORT}${URI},$(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$PORT-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: https://$TARGET:$PORT/$URI - EVIDENCE: $(cat /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: https://${TARGET}:${PORT}${URI} - EVIDENCE: $(cat /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$PORT-$OUTPUT_NAME.txt" 2> /dev/null 
+                curl --connect-timeout 3 --max-time 5 -k -X $METHOD $CURL_OPTS "https://${TARGET}:${PORT}${URI}" 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME,https://${TARGET}:${PORT}${URI},$(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$PORT-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: https://$TARGET:$PORT/$URI - EVIDENCE: $(cat /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: https://${TARGET}:${PORT}${URI} - EVIDENCE: $(cat /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null 
             else
                 if [[ -z "$PORT" ]]; then
                     PORT="80"
                 fi
-                curl --connect-timeout 3 --max-time 5 -k -X $METHOD $CURL_OPTS "http://${TARGET}:${PORT}${URI}" 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME,http://${TARGET}:${PORT}${URI},$(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$PORT-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(cat /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://${TARGET}:${PORT}${URI} - EVIDENCE: $(cat /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$PORT-$OUTPUT_NAME.txt" 2> /dev/null
+                curl --connect-timeout 3 --max-time 5 -k -X $METHOD $CURL_OPTS "http://${TARGET}:${PORT}${URI}" 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME,http://${TARGET}:${PORT}${URI},$(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$PORT-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(cat /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://${TARGET}:${PORT}${URI} - EVIDENCE: $(cat /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null
             fi
             rm -f /tmp/match.out 2> /dev/null
         done
\ No newline at end of file
diff --git a/modes/sc0pe-network-scan.sh b/modes/sc0pe-network-scan.sh
index 7501e10..7fc5835 100644
--- a/modes/sc0pe-network-scan.sh
+++ b/modes/sc0pe-network-scan.sh
@@ -5,9 +5,9 @@
               source $file
               OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
               if [[ "$SEARCH" == "negative" ]]; then
-                    cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out || echo "$SEVERITY, $VULN_NAME, $TARGET, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
+                    cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out || echo "$SEVERITY, $VULN_NAME, $TARGET, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null
               else
-                    cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, $TARGET, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $FILENME - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
+                    cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, $TARGET, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $FILENME - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null
               fi
               rm -f /tmp/match.out 2> /dev/null
         done
diff --git a/modes/sc0pe-passive-webscan.sh b/modes/sc0pe-passive-webscan.sh
index c786c90..bb8af7b 100644
--- a/modes/sc0pe-passive-webscan.sh
+++ b/modes/sc0pe-passive-webscan.sh
@@ -6,24 +6,24 @@
                             if [[ -z "$PORT" ]]; then
                                 PORT="443"
                             fi
-                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out || echo "$SEVERITY, $VULN_NAME, https://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$OUTPUT_NAME.txt" 2> /dev/null 
+                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out || echo "$SEVERITY, $VULN_NAME, https://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null 
                         else
                             if [[ -z "$PORT" ]]; then
                                 PORT="80"
                             fi
-                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out || echo "$SEVERITY, $VULN_NAME, http://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$OUTPUT_NAME.txt" 2> /dev/null
+                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out || echo "$SEVERITY, $VULN_NAME, http://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null
                         fi
                   else
                         if [[ "$SSL" == "true" ]]; then
                             if [[ -z "$PORT" ]]; then
                                 PORT="443"
                             fi
-                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, https://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$OUTPUT_NAME.txt" 2> /dev/null 
+                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, https://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-https-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: $TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null 
                         else
                             if [[ -z "$PORT" ]]; then
                                 PORT="80"
                             fi
-                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, http://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt || rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$OUTPUT_NAME.txt" 2> /dev/null
+                            cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null >/tmp/match.out && echo "$SEVERITY, $VULN_NAME, http://$TARGET:$PORT/$URI, $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g")" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-http-$OUTPUT_NAME.txt" 2> /dev/null && /bin/bash "$INSTALL_DIR/bin/slack.sh" "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" && echo "[xerosecurity.com] •?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - URL: http://$TARGET:$PORT/$URI - EVIDENCE: $(head -n 1 /tmp/match.out | sed -r "s/</\&lh\;/g") (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications.txt 2> /dev/null
                         fi
                   fi
                   rm -f /tmp/match.out 2> /dev/null