BitMaster/Sn1per
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: BitMaster:v5.10
Branches Tags
BitMaster:master
BitMaster:v9.2 BitMaster:v9.1 BitMaster:v9.0 BitMaster:v8.9 BitMaster:v8.8 BitMaster:v8.7 BitMaster:v8.6 BitMaster:v8.5 BitMaster:v8.4 BitMaster:v8.3 BitMaster:v8.2 BitMaster:v8.1 BitMaster:v8.0 BitMaster:v7.4 BitMaster:v7.3 BitMaster:v7.2 BitMaster:v7.1 BitMaster:v7.0 BitMaster:v6.2 BitMaster:v6.1 BitMaster:v6.0 BitMaster:v5.10 BitMaster:v5.9 BitMaster:v5.8 BitMaster:v5.7 BitMaster:v5.6 BitMaster:v5.5 BitMaster:v5.4 BitMaster:v5.3 BitMaster:v5.2 BitMaster:v5.1 BitMaster:v5.0 BitMaster:v4.4 BitMaster:v4.3 BitMaster:v4.2 BitMaster:v4.1 BitMaster:v4.0 BitMaster:v3.0 BitMaster:v2.9 BitMaster:v2.8 BitMaster:v2.7 BitMaster:v2.6c BitMaster:v2.6 BitMaster:v2.5 BitMaster:v2.4 BitMaster:v2.3 BitMaster:v2.2 BitMaster:v2.1 BitMaster:v2.0 BitMaster:v1.9 BitMaster:v1.8c BitMaster:v1.8b BitMaster:v1.8a
..
compare: BitMaster:v6.0
Branches Tags
BitMaster:master
BitMaster:v9.2 BitMaster:v9.1 BitMaster:v9.0 BitMaster:v8.9 BitMaster:v8.8 BitMaster:v8.7 BitMaster:v8.6 BitMaster:v8.5 BitMaster:v8.4 BitMaster:v8.3 BitMaster:v8.2 BitMaster:v8.1 BitMaster:v8.0 BitMaster:v7.4 BitMaster:v7.3 BitMaster:v7.2 BitMaster:v7.1 BitMaster:v7.0 BitMaster:v6.2 BitMaster:v6.1 BitMaster:v6.0 BitMaster:v5.10 BitMaster:v5.9 BitMaster:v5.8 BitMaster:v5.7 BitMaster:v5.6 BitMaster:v5.5 BitMaster:v5.4 BitMaster:v5.3 BitMaster:v5.2 BitMaster:v5.1 BitMaster:v5.0 BitMaster:v4.4 BitMaster:v4.3 BitMaster:v4.2 BitMaster:v4.1 BitMaster:v4.0 BitMaster:v3.0 BitMaster:v2.9 BitMaster:v2.8 BitMaster:v2.7 BitMaster:v2.6c BitMaster:v2.6 BitMaster:v2.5 BitMaster:v2.4 BitMaster:v2.3 BitMaster:v2.2 BitMaster:v2.1 BitMaster:v2.0 BitMaster:v1.9 BitMaster:v1.8c BitMaster:v1.8b BitMaster:v1.8a

3 Commits
v5.10 ... v6.0

Author SHA1 Message Date
WP Engine Marketing
e7d933efcb Sn1per Community Edition by @xer0dayz - https://xerosecurity.com 2018-11-12 12:00:05 -07:00
WP Engine Marketing
2d96349e0c Sn1per Community Edition by @xer0dayz - https://xerosecurity.com 2018-11-10 14:16:02 -07:00
WP Engine Marketing
8a03e3a388 Sn1per Community Edition by @xer0dayz - https://xerosecurity.com 2018-11-10 14:05:24 -07:00
12 changed files with 70 additions and 60 deletions
Expand all files Collapse all files

4
CHANGELOG.md
View File

@@ -1,5 +1,7 @@
## CHANGELOG:
* v5.10 - Removed iceweasel from install.sh to fix apt error
* v6.0 - Improved scan options for discover mode scans
* v6.0 - Fixed issue with pip3 dependency package missing
* v6.0 - Removed iceweasel from install.sh to fix apt error
* v5.9 - Fixed issue with auto updates not notifying users of updates
* v5.8 - Fixed issue with subfinder not working due to lack of wordlist switch
* v5.8 - Fixed missing osint directory/file paths

2
install.sh
View File

@@ -40,6 +40,8 @@ cd $INSTALL_DIR
echo -e "$OKORANGE + -- --=[Installing package dependencies...$RESET"
apt-get install nfs-common eyewitness nodejs wafw00f xdg-utils metagoofil clusterd ruby rubygems python dos2unix zenmap sslyze arachni aha libxml2-utils rpcbind uniscan xprobe2 cutycapt host whois dirb dnsrecon curl nmap php php-curl hydra wpscan sqlmap nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb sslscan amap jq golang adb xsltproc
apt-get install waffit 2> /dev/null
apt-get remove python3-pip
apt-get install python3-pip
pip install dnspython colorama tldextract urllib3 ipaddress requests
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.8/install.sh | bash

1
modes/airstrike.sh
View File

@@ -57,7 +57,6 @@ if [ "$MODE" = "airstrike" ]; then
echo -e "$OKRED |__||| | |---|---|||___| |___-----|||||"
echo -e "$OKRED | ||. | | | ||| |||||"
echo -e "$OKRED __________________________________________________________"
echo -e "$OKRED Bomb raid (contributed by Michael aka SNOOPY@DRYCAS.CLUB.CC.CMU.EDU)"
echo -e "$RESET"
if [ ! -z "$WORKSPACE_DIR" ]; then
echo "sniper -t $TARGET -m $MODE --noreport $args" >> $LOOT_DIR/scans/$TARGET-$MODE.txt

16
modes/bruteforce.sh Normal file
View File

@@ -0,0 +1,16 @@
if [ "$AUTOBRUTE" = "0" ]; then
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED SKIPPING BRUTE FORCE $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
else
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED RUNNING BRUTE FORCE $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
brutex $TARGET | tee $LOOT_DIR/credentials/brutex-$TARGET 2> /dev/null
sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" $LOOT_DIR/credentials/brutex-$TARGET 2> /dev/null > $LOOT_DIR/credentials/brutex-$TARGET.txt 2> /dev/null
rm -f $LOOT_DIR/credentials/brutex-$TARGET
cd $INSTALL_DIR
rm -f hydra.restore
rm -f scan.log
echo ""
fi

27
modes/discover.sh
View File

@@ -6,7 +6,8 @@ if [ "$MODE" = "discover" ]; then
LOOT_DIR=$INSTALL_DIR/loot/workspace/$WORKSPACE
echo -e "$OKBLUE[*] Saving loot to $LOOT_DIR [$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
mkdir -p $LOOT_DIR 2> /dev/null
mkdir $LOOT_DIR/domains 2> /dev/null
mkdir $LOOT_DIR/ips 2> /dev/null
mkdir $LOOT_DIR/ips 2> /dev/null
mkdir $LOOT_DIR/screenshots 2> /dev/null
mkdir $LOOT_DIR/nmap 2> /dev/null
mkdir $LOOT_DIR/notes 2> /dev/null
@@ -20,7 +21,7 @@ if [ "$MODE" = "discover" ]; then
exit
fi
echo -e "$OKRED ____ /\\"
echo -e "$OKRED Sn1per by 1N3 @CrowdShield \ \\"
echo -e "$OKRED Sn1per by @xer0dayz @XeroSecurity \ \\"
echo -e "$OKRED https://xerosecurity.com \ \\"
echo -e "$OKRED ___ / \\"
echo -e "$OKRED \ \\"
@@ -38,25 +39,27 @@ if [ "$MODE" = "discover" ]; then
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED RUNNING PING DISCOVERY SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
nmap -sP $TARGET | tee $LOOT_DIR/domains/sniper-$OUT_FILE-ping-ips.txt
cat $LOOT_DIR/domains/sniper-$OUT_FILE-ping-ips.txt | grep "scan report" | awk '{print $5}' > $LOOT_DIR/domains/sniper-$OUT_FILE-ping-ips-sorted.txt
nmap -sP $TARGET | tee $LOOT_DIR/ips/sniper-$OUT_FILE-ping.txt
cat $LOOT_DIR/ips/sniper-$OUT_FILE-ping.txt 2> /dev/null | grep "scan report" | awk '{print $5}' > $LOOT_DIR/ips/sniper-$OUT_FILE-ping-sorted.txt
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED RUNNING TCP PORT SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
nmap -T4 -v -sC -sA -sV -F $TARGET 2>/dev/null | tee $LOOT_DIR/domains/sniper-$OUT_FILE-tcp-ports.txt 2>/dev/null
cat $LOOT_DIR/domains/sniper-$OUT_FILE-tcp-ports.txt | grep open | grep on | awk '{print $6}' > $LOOT_DIR/domains/sniper-$OUT_FILE-tcp-ips.txt
#nmap -T4 -v -sC -sA -sV -F $TARGET 2>/dev/null | tee $LOOT_DIR/ips/sniper-$OUT_FILE-tcp.txt 2>/dev/null
nmap -T4 -v -p $QUICK_PORTS -sS $TARGET 2> /dev/null | tee $LOOT_DIR/ips/sniper-$OUT_FILE-tcp.txt 2>/dev/null
cat $LOOT_DIR/ips/sniper-$OUT_FILE-tcp.txt | grep open | grep on | awk '{print $6}' > $LOOT_DIR/ips/sniper-$OUT_FILE-tcpips.txt
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED CURRENT TARGETS $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
cat $LOOT_DIR/domains/sniper-$OUT_FILE-ping-ips-sorted.txt $LOOT_DIR/domains/sniper-$OUT_FILE-tcp-ips.txt > $LOOT_DIR/domains/sniper-$OUT_FILE-ips-unsorted.txt
sort -u $LOOT_DIR/domains/sniper-$OUT_FILE-ips-unsorted.txt > $LOOT_DIR/domains/sniper-$OUT_FILE-ips.txt
cat $LOOT_DIR/domains/sniper-$OUT_FILE-ips.txt
cat $LOOT_DIR/ips/sniper-$OUT_FILE-ping-sorted.txt $LOOT_DIR/ips/sniper-$OUT_FILE-tcpips.txt 2> /dev/null > $LOOT_DIR/ips/sniper-$OUT_FILE-ips-unsorted.txt
sort -u $LOOT_DIR/ips/sniper-$OUT_FILE-ips-unsorted.txt > $LOOT_DIR/ips/discover-$OUT_FILE-sorted.txt
cat $LOOT_DIR/ips/discover-$OUT_FILE-sorted.txt
echo ""
echo -e "$OKRED[+]$RESET Target list saved to $LOOT_DIR/domains/sniper-$OUT_FILE-ips.txt "
echo -e "$OKRED[i] To scan all IP's, use sniper -f $LOOT_DIR/domains/sniper-$OUT_FILE-ips.txt -m flyover, airstrike or nuke modes. $RESET"
echo -e "$OKRED[+]$RESET Target list saved to $LOOT_DIR/ips/discover-$OUT_FILE-sorted.txt "
echo -e "$OKRED[i] To scan all IP's, use sniper -f $LOOT_DIR/ips/discover-$OUT_FILE-sorted.txt -m flyover -w $WORKSPACE $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED SCAN COMPLETE! $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
loot
#loot
sniper -f $LOOT_DIR/ips/discover-$OUT_FILE-sorted.txt -m flyover -w $WORKSPACE
exit
fi

6
modes/flyover.sh
View File

@@ -87,17 +87,17 @@ if [ "$MODE" = "flyover" ]; then
fi
done
sort -u $LOOT_DIR/domains/targets.txt >> $LOOT_DIR/domains/domains-all-sorted.txt
sort -u $LOOT_DIR/domains/targets.txt 2>/dev/null >> $LOOT_DIR/domains/domains-all-sorted.txt
sleep 20
rm -f $INSTALL_DIR/wget-log*
rm -f $INSTALL_DIR/wget-log* 2> /dev/null
echo -e "$OKRED=====================================================================================$RESET"
if [ "$LOOT" = "1" ]; then
loot
exit
else
for HOST in `sort -u $LOOT_DIR/domains/domains-all-sorted.txt $LOOT_DIR/domains/targets-all-sorted.txt`; do
for HOST in `sort -u $LOOT_DIR/domains/domains-all-sorted.txt $LOOT_DIR/domains/targets-all-sorted.txt 2> /dev/null`; do
TARGET="$HOST"
echo -e "$OKRED=====================================================================================$RESET"
echo -e "${OKBLUE}HOST:$RESET $TARGET"

3
modes/fullportonly.sh
View File

@@ -25,7 +25,8 @@ if [ "$MODE" = "fullportonly" ]; then
logo
echo "$TARGET" >> $LOOT_DIR/domains/targets.txt
if [ -z "$PORT" ]; then
nmap -Pn -A -v -T4 -p$DEFAULT_TCP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml | tee $LOOT_DIR/nmap/nmap-$TARGET.txt
#nmap -Pn -A -v -T4 -p$DEFAULT_TCP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml | tee $LOOT_DIR/nmap/nmap-$TARGET.txt
nmap -vv -sT -O -A -T4 -oX $LOOT_DIR/nmap/nmap-$TARGET.xml $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET.txt
xsltproc $INSTALL_DIR/bin/nmap-bootstrap.xsl $LOOT_DIR/nmap/nmap-$TARGET.xml -o $LOOT_DIR/nmap/nmapreport-$TARGET.html 2> /dev/null
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED PERFORMING UDP PORT SCAN $RESET"

16
modes/fullportscan.sh Normal file
View File

@@ -0,0 +1,16 @@
if [ "$FULLNMAPSCAN" = "0" ]; then
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED SKIPPING FULL NMAP PORT SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
else
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED RUNNING FULL PORT SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
#nmap -Pn -A -v -T4 -p$DEFAULT_TCP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml | tee $LOOT_DIR/nmap/nmap-$TARGET.txt
nmap -vv -sT -O -A -T4 -oX $LOOT_DIR/nmap/nmap-$TARGET.xml $TARGET | tee $LOOT_DIR/nmap/nmap-$TARGET.txt
xsltproc $INSTALL_DIR/bin/nmap-bootstrap.xsl $LOOT_DIR/nmap/nmap-$TARGET.xml -o $LOOT_DIR/nmap/nmapreport-$TARGET.html 2> /dev/null
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED PERFORMING UDP PORT SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
nmap -Pn -sU -A -T4 -v -p$DEFAULT_UDP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET-udp.xml
fi

41
modes/normal.sh
View File

@@ -355,7 +355,9 @@ else
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED RUNNING INURLBR OSINT QUERIES $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
php $INURLBR --dork "site:$TARGET" -s inurlbr-$TARGET.txt | tee $LOOT_DIR/osint/inurlbr-$TARGET.txt
php $INURLBR --dork "site:$TARGET" -s inurlbr-$TARGET | tee $LOOT_DIR/osint/inurlbr-$TARGET
sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" $LOOT_DIR/osint/inurlbr-$TARGET > $LOOT_DIR/osint/inurlbr-$TARGET.txt 2> /dev/null
rm -f $LOOT_DIR/osint/inurlbr-$TARGET
rm -Rf output/ cookie.txt exploits.conf
GHDB="1"
fi
@@ -1203,40 +1205,9 @@ else
ruby yasuo.rb -r $TARGET -b all | tee $LOOT_DIR/vulnerabilities/yasuo-$TARGET.txt 2> /dev/null
fi
cd $SNIPER_DIR
if [ "$FULLNMAPSCAN" = "0" ]; then
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED SKIPPING FULL NMAP PORT SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
else
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED RUNNING FULL PORT SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
nmap -Pn -A -v -T4 -p$DEFAULT_TCP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET.xml | tee $LOOT_DIR/nmap/nmap-$TARGET.txt
xsltproc $INSTALL_DIR/bin/nmap-bootstrap.xsl $LOOT_DIR/nmap/nmap-$TARGET.xml -o $LOOT_DIR/nmap/nmapreport-$TARGET.html 2> /dev/null
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED PERFORMING UDP PORT SCAN $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
nmap -Pn -sU -A -T4 -v -p$DEFAULT_UDP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-$TARGET-udp.xml
fi
if [ "$AUTOBRUTE" = "0" ]; then
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED SKIPPING BRUTE FORCE $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
else
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED RUNNING BRUTE FORCE $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
brutex $TARGET | tee $LOOT_DIR/credentials/brutex-$TARGET 2> /dev/null
sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" $LOOT_DIR/credentials/brutex-$TARGET > $LOOT_DIR/credentials/brutex-$TARGET.txt 2> /dev/null
rm -f $LOOT_DIR/credentials/brutex-$TARGET
cd $INSTALL_DIR
rm -f hydra.restore
rm -f scan.log
echo ""
fi
cd $INSTALL_DIR
source modes/fullportscan.sh
source modes/bruteforce.sh
rm -f $LOOT_DIR/.fuse_* 2> /dev/null

4
modes/osint.sh
View File

@@ -2,6 +2,6 @@ if [ "$OSINT" = "1" ]; then
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED GATHERING OSINT INFO $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
python2.7 $THEHARVESTER -d $TARGET -l 100 -b all 2> /dev/null | tee $LOOT_DIR/osint/theharvester-$TARGET.txt 2> /dev/null
metagoofil -d $TARGET -t doc,pdf,xls,csv,txt -l 25 -n 25 -o $LOOT_DIR/osint/ -f $LOOT_DIR/osint/$TARGET.html 2> /dev/null | tee $LOOT_DIR/osint/metagoofil-$TARGET.txt 2> /dev/null
python2.7 $THEHARVESTER -d $TARGET -l 100 -b all 2> /dev/null | tee $LOOT_DIR/osint/theharvester-$TARGET.txt 2> /dev/null
metagoofil -d $TARGET -t doc,pdf,xls,csv,txt -l 25 -n 25 -o $LOOT_DIR/osint/ -f $LOOT_DIR/osint/$TARGET.html 2> /dev/null | tee $LOOT_DIR/osint/metagoofil-$TARGET.txt 2> /dev/null
fi

2
modes/recon.sh
View File

@@ -21,7 +21,7 @@ if [ "$RECON" = "1" ]; then
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED GATHERING DNS SUBDOMAINS VIA SUBFINDER $RESET"
echo -e "${OKGREEN}====================================================================================${RESET}"
subfinder -o $LOOT_DIR/domains/domains-$TARGET-subfinder.txt -b -w $DOMAINS_DEFAULT -d $TARGET 2>/dev/null
subfinder -o $LOOT_DIR/domains/domains-$TARGET-subfinder.txt -b -d $TARGET 2>/dev/null
fi
echo -e "${OKGREEN}====================================================================================${RESET}"
echo -e "$OKRED BRUTE FORCING DNS SUBDOMAINS VIA DNSCAN (THIS COULD TAKE A WHILE...) $RESET"

8
sniper
View File

@@ -3,7 +3,7 @@
# + -- --=[https://xerosecurity.com
#
VER="5.10"
VER="6.0"
INSTALL_DIR="/usr/share/sniper"
# LOAD SNIPER CONFIGURATION FILE
@@ -123,7 +123,7 @@ function check_update {
if [ "$ENABLE_AUTO_UPDATES" == "1" ] && [ "$ONLINE" == "1" ]; then
LATEST_VER=$(curl --connect-timeout 3 -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
if [ "$LATEST_VER" != "$VER" ]; then
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] sniper v$LATEST_VER is available to download... To update, type$OKRED \"sniper update\" $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] sniper v$LATEST_VER is available to download... To update, type$OKRED \"sniper -u\" $RESET"
fi
fi
}
@@ -270,14 +270,14 @@ function init {
LOOT_DIR=$WORKSPACE_DIR
fi
echo -e "$OKBLUE[*] Saving loot to $LOOT_DIR [$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
mkdir -p $LOOT_DIR 2> /dev/null
mkdir -p $LOOT_DIR 2> /dev/nul
mkdir $LOOT_DIR/domains 2> /dev/null
mkdir $LOOT_DIR/ips 2> /dev/null
mkdir $LOOT_DIR/screenshots 2> /dev/null
mkdir $LOOT_DIR/nmap 2> /dev/null
mkdir $LOOT_DIR/reports 2> /dev/null
mkdir $LOOT_DIR/output 2> /dev/null
mkdir $LOOT_DIR/credentials 2> /dev/null
mkdir $LOOT_DIR/osint 2> /dev/null
mkdir $LOOT_DIR/vulnerabilities 2> /dev/null
mkdir $LOOT_DIR/exploits 2> /dev/null
mkdir $LOOT_DIR/web 2> /dev/null