Sn1per by 1N3@CrowdShield

Sn1per by 1N3CrowdShield
2017-11-18 23:35:55 -05:00 · 2017-11-16 23:01:22 -05:00 · 2017-09-18 12:40:20 -04:00
7 changed files with 152 additions and 76 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,13 @@
 ## CHANGELOG:
+* v2.9 - New improved fullportonly scan mode
+* v2.9 - Added online check to see if there's an active internet connection
+* v2.9 - Changed default browser to firefox to clear up errors in loot commmand
+* v2.9 - Created uninstall.sh script to uninstall sniper
+* v2.9 - Removed automatic workspace creation per scan
+* v2.9 - Added curl timeout in update command to fix lag
+* v2.9 - Fixed minor NMap UDP scan flag issue
+* v2.9 - Added Metagoofil
+* v2.9 - Updated theharvester scan options to include more results
 * v2.8 - Improved discovery mode scan performance and output
 * v2.8 - Improved fullportonly scan performance
 * v2.8 - Improved startup performance options
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-![alt tag](https://github.com/1N3/Sn1per/blob/master/Sn1per-logo.jpg)
+![alt tag](https://github.com/1N3/Sn1per/blob/master/sn1per-logo.png)

 ## ABOUT:
 Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. 
@@ -58,6 +58,8 @@ sniper <CIDR> discover
 sniper <target> port <portnum> 
 sniper <target> fullportonly <portnum>
 sniper <target> web <report>
+sniper <target> webporthttp <port>
+sniper <target> webporthttps <port>
 sniper <target> nobrute <report>
 sniper <targets.txt> airstrike <report>
 sniper <targets.txt> nuke <report>
@@ -72,6 +74,8 @@ sniper update
 * **PORT:** Scans a specific port for vulnerabilities. Reporting is not currently available in this mode.
 * **FULLPORTONLY:** Performs a full detailed port scan and saves results to XML.
 * **WEB:** Adds full automatic web application scans to the results (port 80/tcp & 443/tcp only). Ideal for web applications but may increase scan time significantly.   
+* **WEBPORTHTTP:** Launches a full HTTP web application scan against a specific host and port.
+* **WEBPORTHTTPS:** Launches a full HTTPS web application scan against a specific host and port.
 * **NOBRUTE:** Launches a full scan against a target host/domain without brute forcing services.
 * **AIRSTRIKE:** Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IP's that need to be scanned and run ./sn1per /full/path/to/targets.txt airstrike to begin scanning.
 * **NUKE:** Launch full audit of multiple hosts specified in text file of choice. Usage example: ./sniper /pentest/loot/targets.txt nuke. 
--- a/TODO.md
+++ b/TODO.md
@@ -1,4 +1,13 @@
 ###TODO:

+* Add command line parsing of options/modes
+
+sniper --target crowdshield.com --workspace crowdshield.com --report --bruteforce --web --recon --portscan
+sniper --target crowdshield.com --kalionly --offline --webportonly 443
+
+* Create a sniper-kali release to only use base Kali image toolsets
+* Check if there's an active internet connection, if not, run offline mode
+* Add automatic reporting and workspace creation for all scans by default
 * Add proxy support for all scans
-* Add automatic reporting for all scans by default
+* Create uninstall.sh script
+* Add AWS security checks
--- a/install.sh
+++ b/install.sh
@@ -32,11 +32,12 @@ mkdir $LOOT_DIR/screenshots 2> /dev/null
 mkdir $LOOT_DIR/nmap 2> /dev/null
 mkdir $LOOT_DIR/reports 2> /dev/null
 mkdir $LOOT_DIR/output 2> /dev/null
+mkdir $LOOT_DIR/osint 2> /dev/null
 cp -Rf $PWD/* $INSTALL_DIR 2> /dev/null
 cd $INSTALL_DIR

 echo -e "$OKORANGE + -- --=[Installing package dependencies...$RESET"
-apt-get install clusterd ruby rubygems python dos2unix zenmap sslyze arachni aha libxml2-utils rpcbind uniscan xprobe2 cutycapt unicornscan waffit host whois dirb dnsrecon curl nmap php php-curl hydra iceweasel wpscan sqlmap nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb sslscan amap
+apt-get install xdg-utils metagoofil clusterd ruby rubygems python dos2unix zenmap sslyze arachni aha libxml2-utils rpcbind uniscan xprobe2 cutycapt unicornscan waffit host whois dirb dnsrecon curl nmap php php-curl hydra iceweasel wpscan sqlmap nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb sslscan amap
 pip install dnspython colorama tldextract urllib3 ipaddress requests

 echo -e "$OKORANGE + -- --=[Installing gem dependencies...$RESET"
--- a/sn1per-logo.png
+++ b/sn1per-logo.png
--- a/169
+++ b/169
@@ -3,13 +3,13 @@
 # + -- --=[http://crowdshield.com
 #

-VER="2.8"
+VER="2.9"
 TARGET="$1"
 MODE="$2"
 OPT1="$3"
 OPT2="$4"
 DISABLE_POSTGRESQL="true"
-BROWSER="iceweasel" # SET DEFAULT BROWSER FOR OPENING LOOT DIR. CAN ALSO SET TO xdg-open... 
+BROWSER="firefox" # SET DEFAULT BROWSER 
 INSTALL_DIR="/usr/share/sniper"
 LOOT_DIR="/usr/share/sniper/loot"
 PLUGINS_DIR="/usr/share/sniper/plugins"
@@ -51,38 +51,64 @@ ENABLE_AUTO_UPDATES="1"
 # CHECK DISTRO TYPE
 DISTRO=$(cat /etc/*-release | grep DISTRIB_ID= | cut -d'=' -f2)

-# CHECK FOR BLACKARCH LINUX
-if grep -q BlackArch /etc/issue; then
-  DISTRO='blackarch'
-  echo "Detected BlackArch GNU/Linux"
-  INSTALL_DIR=$(pwd)
-  echo "Setting current path to $INSTALL_DIR"
-fi
+function logo {
+  echo -e "$OKRED                ____               $RESET"
+  echo -e "$OKRED    _________  /  _/___  ___  _____$RESET"
+  echo -e "$OKRED   / ___/ __ \ / // __ \/ _ \/ ___/$RESET"
+  echo -e "$OKRED  (__  ) / / // // /_/ /  __/ /    $RESET"
+  echo -e "$OKRED /____/_/ /_/___/ .___/\___/_/     $RESET"
+  echo -e "$OKRED               /_/                 $RESET"
+  echo ""
+  echo -e "$OKORANGE + -- --=[http://crowdshield.com$RESET"
+  echo -e "$OKORANGE + -- --=[sniper v$VER by 1N3$RESET"
+  echo ""
+}

 cd $INSTALL_DIR

+function check_online {
+  ONLINE=$(curl --connect-timeout 3 -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
+  if [ "$ONLINE" == "" ]; then
+    ONLINE="0"
+    echo -e "$OKBLUE[*] Checking for active internet connection [$RESET${OKRED}FAIL${RESET}$OKBLUE]"
+    echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] sniper is running in offline mode.$RESET"
+  else
+    ONLINE="1"
+    echo -e "$OKBLUE[*] Checking for active internet connection [$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
+  fi
+}
+
 function check_update {
-  if [ "$ENABLE_AUTO_UPDATES" = "1" ]; then
-    # echo -e "$OKBLUE + -- --=[Checking for updates...$RESET"
-    LATEST_VER=$(curl -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
+  if [ -z "$ONLINE" ]; then
+    check_online
+  fi
+
+  if [ "$ENABLE_AUTO_UPDATES" == "1" ] && [ "$ONLINE" == "1" ]; then
+    LATEST_VER=$(curl --connect-timeout 3 -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
    if [ "$LATEST_VER" != "$VER" ]; then
-      echo -e "$OKRED + -- --=[Sn1per v$LATEST_VER is available to download... To update, type \"sniper update\" $RESET"
+      echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] sniper v$LATEST_VER is available to download... To update, type$OKRED \"sniper update\" $RESET"
    fi
  fi
 }

 function update {
-  echo -e "$OKBLUE + -- --=[Checking for updates...$RESET"
-  LATEST_VER=$(curl -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
-  if [ "$LATEST_VER" != "$VER" ]; then
-    echo -e "$OKRED + -- --=[Sn1per $LATEST_VER is available to download...Do you want to update? (y or n)$RESET"
-    read ans
-    if [ "$ans" = "y" ]; then
-      rm -Rf /tmp/Sn1per/ 2>/dev/null
-      git clone https://github.com/1N3/Sn1per /tmp/Sn1per/
-      bash /tmp/Sn1per/install.sh
-      rm -Rf /tmp/Sn1per/ 2>/dev/null
-      exit
+  logo
+  echo -e "$OKBLUE[*] Checking for updates...[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
+  check_online
+  if [ "$ONLINE" == "0" ]; then
+    echo "You will need to download the latest release manually at https://github.com/1N3/Sn1per/"
+  else
+    LATEST_VER=$(curl --connect-timeout 3 -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
+    if [ "$LATEST_VER" != "$VER" ]; then
+      echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] Sn1per $LATEST_VER is available to download...Do you want to update? (y or n)$RESET"
+      read ans
+      if [ "$ans" = "y" ]; then
+        rm -Rf /tmp/Sn1per/ 2>/dev/null
+        git clone https://github.com/1N3/Sn1per /tmp/Sn1per/
+        bash /tmp/Sn1per/install.sh
+        rm -Rf /tmp/Sn1per/ 2>/dev/null
+        exit
+      fi
    fi
  fi
 }
@@ -128,10 +154,6 @@ function loot {
    # HTML OUTPUT
    echo "$a" | aha --black > $LOOT_DIR/reports/$a.html
    cat "$a" | aha --black >> $LOOT_DIR/reports/$a.html
-    # TEXT OUTPUT DISABLED
-    #echo "$a" | aha --black > $LOOT_DIR/reports/$a
-    #sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" $a >> $LOOT_DIR/reports/$a
-    # CONSOLE OUTPUT
    mv $a $LOOT_DIR/output/
  done
  echo -e "$OKORANGE + -- --=[Removing blank web screenshots...$RESET"
@@ -151,6 +173,7 @@ function loot {
  cp -Rf $LOOT_DIR/imports/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
  cp -Rf $LOOT_DIR/notes/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
  cp -Rf $LOOT_DIR/web/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
+  cp -Rf $LOOT_DIR/osint/ $LOOT_DIR/workspace/$WORKSPACE/ 2> /dev/null
  rm -Rf $LOOT_DIR/{screenshots,nmap,domains,output,reports,imports,notes,web}/ 2> /dev/null
  mkdir $LOOT_DIR/{screenshots,nmap,domains,output,reports,imports,notes,web}/ -p 2> /dev/null
  echo -e "$OKORANGE + -- --=[Opening workspace directory...$RESET"
@@ -164,8 +187,6 @@ function loot {
  sleep 2
  echo -e "$OKORANGE + -- --=[Launching Metasploit Pro Web UI...$RESET"
  $BROWSER http://localhost:3001/login 2> /dev/null &
-  #echo -e "$OKORANGE + -- --=[Launching Zenmap...$RESET"
-  #zenmap -f $LOOT_DIR/workspace/$WORKSPACE/nmap/ 2> /dev/null &
  echo -e "$OKORANGE + -- --=[Done!$RESET"
 }

@@ -179,7 +200,6 @@ function help {
  echo ""
  echo -e "$OKORANGE + -- --=[http://crowdshield.com$RESET"
  echo -e "$OKORANGE + -- --=[sniper v$VER by 1N3$RESET"
-  echo -e "$OKORANGE + -- --=[Usage:"
  echo ""
  echo ' [*] sniper <target> <report>'
  echo ' [*] sniper <target> stealth <report>'
@@ -190,28 +210,12 @@ function help {
  echo ' [*] sniper <target> webporthttp <port>'
  echo ' [*] sniper <target> webporthttps <port>'
  echo ' [*] sniper <target> nobrute <report>'
-  echo ' [*] sniper <targets.txt> airstrike <report>'
-  echo ' [*] sniper <targets.txt> nuke <report>'
+  echo ' [*] sniper /full/path/to/targets.txt airstrike <report>'
+  echo ' [*] sniper /full/path/to/targets.txt nuke <report>'
  echo ' [*] sniper loot'
  echo ' [*] sniper update'
  echo ""
-  echo ' + -- --=[Modes:'
-  echo ''
-  echo ' + -- --=[REPORT: Outputs all results to text in the loot directory for later reference. To enable reporting, append report to any sniper mode or command.'
-  echo ' + -- --=[STEALTH: Quickly enumerate single targets using mostly non-intrusive scans to avoid WAF/IPS blocking'
-  echo ' + -- --=[DISCOVER: Parses all hosts on a subnet/CIDR (ie. 192.168.0.0/16) and initiates a sniper scan against each host. Useful for internal network scans.'
-  echo ' + -- --=[PORT: Scans a specific port for vulnerabilities. Reporting is not currently available in this mode.'
-  echo ' + -- --=[FULLPORTONLY:  Performs a full detailed port scan and saves results to XML.'
-  echo ' + -- --=[WEB: Adds full automatic web application scans to the results (port 80/tcp & 443/tcp only). Ideal for web applications but may increase scan time significantly.'
-  echo ' + -- --=[WEBPORTHTTP: Runs a full HTTP web application scan on the specified port.'
-  echo ' + -- --=[WEBPORTHTTPS: Runs a full HTTPS web application scan on the specified port.'
-  echo ' + -- --=[NOBRUTE: Launches a full scan against a target host/domain without brute forcing services.'
-  echo ' + -- --=[AIRSTRIKE: Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IPs that need to be scanned and run ./sn1per /full/path/to/targets.txt airstrike to begin scanning.'
-  echo ' + -- --=[NUKE: Launch full audit of multiple hosts specified in text file of choice. Usage example: ./sniper /pentest/loot/targets.txt nuke.'
-  echo -e " + -- --=[LOOT: Automatically organizes and displays loot folder in your browser and opens Zenmap GUI with all port scan results. To run, type sniper loot.$RESET"
  echo ""
-  echo ""
-  check_update
 }

 if [ -z $TARGET ]; then
@@ -226,7 +230,6 @@ if [ -z $TARGET ]; then
  echo -e "$OKORANGE + -- --=[sniper v$VER by 1N3$RESET"
  echo -e "$OKORANGE + -- --=[Usage: sniper <target>$RESET"
  echo ""
-  check_update
  exit
 fi

@@ -242,12 +245,23 @@ else
  SCAN_TYPE="DOMAIN"
 fi

-# INITILIZE()
+# INITILIZE
 init

+# CHECK CONNECTION STATUS
+check_online
+
 # CHECK FOR UPDATES
 check_update

+# CHECK FOR BLACKARCH LINUX
+if grep -q BlackArch /etc/issue; then
+  DISTRO='blackarch'
+  echo "Detected BlackArch GNU/Linux"
+  INSTALL_DIR=$(pwd)
+  echo "Setting current path to $INSTALL_DIR"
+fi
+
 if [ "$MODE" = "report" ]; then
  $INSTALL_DIR/sniper $TARGET | tee $LOOT_DIR/sniper-$TARGET-`date +%Y%m%d%H%M`.txt 2>&1
  exit
@@ -691,7 +705,7 @@ if [ "$MODE" = "stealth" ]; then
  echo -e "$RESET"
  echo -e "$OKORANGE + -- --=[http://crowdshield.com"
  echo -e "$OKORANGE + -- --=[sniper v$VER by 1N3"
-  echo -e "$OKRED "
+  echo -e "$OKRED "   
  echo -e "$OKRED     ./\."
  echo -e "$OKRED   ./    '\."
  echo -e "$OKRED   \.       '\."
@@ -704,7 +718,7 @@ if [ "$MODE" = "stealth" ]; then
  echo -e "$OKRED       \-------\            '>   '\."
  echo -e "$OKRED         '\=====>        ___<       '\."
  echo -e "$OKRED        ./-----/             __________'\."
-  echo -e "$OKRED       \.------\       _____   ___(_)(_\."\'
+  echo -e "$OKRED "'       \.------\       _____   ___(_)(_\."\'
  echo -e "$OKRED          '\=====>          <            ./'"
  echo -e "$OKRED         ./-----/            '>        ./"
  echo -e "$OKRED         \.               ___<       ./"
@@ -730,7 +744,8 @@ if [ "$MODE" = "stealth" ]; then
    echo -e "$OKGREEN + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +$RESET"
    whois $TARGET
    echo -e "$OKGREEN + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +$RESET"
-    theharvester -d $TARGET -l 100 -b bing 2> /dev/null
+    theharvester -d $TARGET -l 200 -b all 2> /dev/null
+    metagoofil -d $TARGET -t doc,pdf,xls,csv,txt -l 200 -n 50 -o $LOOT_DIR/osint/ -f $LOOT_DIR/osint/$TARGET.html
    echo -e "$OKGREEN + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +$RESET"
    dig -x $TARGET
    dnsenum $TARGET
@@ -888,7 +903,8 @@ if [ "$MODE" = "airstrike" ]; then
      echo -e "$OKGREEN + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +$RESET"
      whois $a
      echo -e "$OKGREEN + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +$RESET"
-      theharvester -d $a -l 100 -b bing 2> /dev/null
+      theharvester -d $a -l 200 -b all 2> /dev/null
+      metagoofil -d $a -t doc,pdf,xls,csv,txt -l 200 -n 50 -o $LOOT_DIR/osint/ -f $LOOT_DIR/osint/$a.html
      echo -e "$OKGREEN + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +$RESET"
      dig -x $a
      dnsenum $a
@@ -989,28 +1005,35 @@ if [ "$MODE" = "airstrike" ]; then
 fi

 if [ "$MODE" = "fullportonly" ]; then
-  echo -e "$OKRED    ___     ____              __            __    $RESET"
-  echo -e "$OKRED   / _/_ __/ / /__  ___  ____/ /____  ___  / /_ __$RESET"
-  echo -e "$OKRED  / _/ // / / / _ \/ _ \/ __/ __/ _ \/ _ \/ / // /$RESET"
-  echo -e "$OKRED /_/ \_,_/_/_/ .__/\___/_/  \__/\___/_//_/_/\_, / $RESET"
-  echo -e "$OKRED            /_/                            /___/  $RESET"
-  echo -e "$RESET"
-  echo -e "$OKGREEN + -- ----------------------------=[Performing TCP Port Scan]=---------------- -- +$RESET"
+  logo
  if [ -z "$OPT1" ]; then
-    nmap -sV -T5 -PP -PE -PM -PI -PA20,53,80,113,443,5060,10043 --host-timeout=300m -O --open --max-rtt-timeout=3000ms --initial-rtt-timeout=1000ms --min-rtt-timeout=1000ms --max-retries=2 --stats-every 10s --traceroute --min-hostgroup=64 --min-rate=500 -PU45146 -PS$DEFAULT_TCP_PORTS -p$DEFAULT_TCP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
-    echo -e "$OKGREEN + -- ----------------------------=[Performing UDP Port Scan]=---------------- -- +$RESET"
-    nmap -sU sV -T5 -PP -PE -PM -PI -PA20,53,80,113,443,5060,10043 --host-timeout=300m -O --open --max-rtt-timeout=3000ms --initial-rtt-timeout=1000ms --min-rtt-timeout=1000ms --max-retries=2 --stats-every 10s --traceroute --min-hostgroup=64 --min-rate=500 -PU45146 -PS$DEFAULT_UDP_PORTS -p$DEFAULT_UDP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET-udp.xml 
-    echo -e "$OKGREEN + -- ----------------------------=[Enumerating Exploits]=------------------- -- +$RESET"
+    nmap -Pn -A -v -T4 -p$DEFAULT_TCP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    echo -e "$OKRED PERFORMING UDP PORT SCAN $RESET"
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    nmap -Pn -sU -A -T4 -v -p$DEFAULT_UDP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET-udp.xml 
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    echo -e "$OKRED SEARCHING FOR EXPLOITS $RESET"
+    echo -e "${OKGREEN}====================================================================================${RESET}"
    searchsploit -v --nmap $LOOT_DIR/nmap/nmap-$TARGET.xml
    searchsploit -v --nmap $LOOT_DIR/nmap/nmap-$TARGET-udp.xml
  else
-    nmap -sV -T5 -PP -PE -PM -PI --host-timeout=300m -O --max-rtt-timeout=3000ms --initial-rtt-timeout=1000ms --min-rtt-timeout=1000ms --max-retries=2 --stats-every 10s --traceroute --min-hostgroup=64 -PS $OPT1 --min-rate=500 -p $OPT1 -Pn $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
-    nmap -sV -T5 -PP -PE -PM -PI --host-timeout=300m -O --max-rtt-timeout=3000ms --initial-rtt-timeout=1000ms --min-rtt-timeout=1000ms --max-retries=2 --stats-every 10s --traceroute --min-hostgroup=64 -PS $OPT1 --min-rate=500 -p $OPT1 -Pn $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
-    echo -e "$OKGREEN + -- ----------------------------=[Enumerating Exploits]=------------------- -- +$RESET"
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    echo -e "$OKRED PERFORMING TCP PORT SCAN $RESET"
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    nmap -Pn -A -v -T4 -p $OPT1 $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    echo -e "$OKRED PERFORMING UDP PORT SCAN $RESET"
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    nmap -Pn -A -v -T4 -sU -p $OPT1 -Pn $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml
+    echo -e "${OKGREEN}====================================================================================${RESET}"
+    echo -e "$OKRED SEARCHING FOR EXPLOITS $RESET"
+    echo -e "${OKGREEN}====================================================================================${RESET}"
    searchsploit -v --nmap $LOOT_DIR/nmap/nmap-$TARGET.xml
  fi
-  echo -e "$OKGREEN + -- ----------------------------=[Done]=------------------------------------ -- +$RESET"
-  loot
+  echo -e "${OKGREEN}====================================================================================${RESET}"
+  echo -e "$OKRED DONE $RESET"
+  echo -e "${OKGREEN}====================================================================================${RESET}"
  exit
 fi

@@ -1085,7 +1108,8 @@ then
  echo -e "$OKGREEN + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +$RESET"
  whois $TARGET
  echo -e "$OKGREEN + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +$RESET"
-  theharvester -d $TARGET -l 100 -b bing 2> /dev/null
+  theharvester -d $TARGET -l 200 -b all 2> /dev/null
+  metagoofil -d $TARGET -t doc,pdf,xls,csv,txt -l 200 -n 50 -o $LOOT_DIR/osint/ -f $LOOT_DIR/osint/$TARGET.html
  echo -e "$OKGREEN + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +$RESET"
  dig -x $TARGET
  dnsenum $TARGET
@@ -2026,5 +2050,4 @@ fi
 rm -f $LOOT_DIR/.fuse_* 2> /dev/null

 echo -e "$OKGREEN + -- ----------------------------=[Done]=------------------------------------ -- +$RESET"
-loot
 exit 0
--- a/uninstall.sh
+++ b/uninstall.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+# Uninstall script for sn1per
+#
+# VARS
+OKBLUE='\033[94m'
+OKRED='\033[91m'
+OKGREEN='\033[92m'
+OKORANGE='\033[93m'
+RESET='\e[0m'
+
+echo -e "$OKRED                ____               $RESET"
+echo -e "$OKRED    _________  /  _/___  ___  _____$RESET"
+echo -e "$OKRED   / ___/ __ \ / // __ \/ _ \/ ___/$RESET"
+echo -e "$OKRED  (__  ) / / // // /_/ /  __/ /    $RESET"
+echo -e "$OKRED /____/_/ /_/___/ .___/\___/_/     $RESET"
+echo -e "$OKRED               /_/                 $RESET"
+echo -e "$RESET"
+echo -e "$OKORANGE + -- --=[http://crowdshield.com$RESET"
+echo ""
+
+INSTALL_DIR=/usr/share/sniper
+
+echo -e "$OKGREEN + -- --=[This script will uninstall sniper and remove ALL files under $INSTALL_DIR. Are you sure you want to continue?$RESET"
+read answer 
+
+rm -Rf /usr/share/sniper/
+rm -f /usr/bin/sniper
+
+echo -e "$OKORANGE + -- --=[Done!$RESET"
+echo -e "$OKORANGE + -- --=[To run, type 'sniper'! $RESET"
Author	SHA1	Message	Date
root	7c36aa07fd	Sn1per by 1N3@CrowdShield	2017-11-18 23:35:55 -05:00
root	5b536188be	Sn1per by 1N3CrowdShield	2017-11-16 23:01:22 -05:00
root	8aed89d29f	Sn1per by 1N3CrowdShield	2017-09-18 12:40:20 -04:00