-
Notifications
You must be signed in to change notification settings - Fork 1.9k
/
sniper
executable file
·689 lines (656 loc) · 28 KB
/
sniper
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
#!/bin/bash
# + -- --=[Sn1per Community Edition by @xer0dayz
# + -- --=[https://sn1persecurity.com
#
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
VER="9.2"
INSTALL_DIR="/usr/share/sniper"
LOOT_DIR="$INSTALL_DIR/loot/$TARGET"
SNIPER_PRO=$INSTALL_DIR/pro.sh
# INIT POSTGRESQL
service postgresql start 2> /dev/null
# LOAD DEFAULT SNIPER CONFIGURATION FILE
dos2unix $INSTALL_DIR/sniper.conf 2> /dev/null > /dev/null
source $INSTALL_DIR/sniper.conf
echo -e "$OKBLUE[*]$RESET Loaded configuration file from $INSTALL_DIR/sniper.conf $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
if [[ -f /root/.sniper.conf ]]; then
# LOAD USER SN1PER CONFIGURATION FILE
dos2unix /root/.sniper.conf 2> /dev/null > /dev/null
source /root/.sniper.conf
echo -e "$OKBLUE[*]$RESET Loaded configuration file from /root/.sniper.conf $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
if [[ -f /root/.sniper_api_keys.conf ]]; then
# LOAD USER API KEYS (PERSISTENT CONFIG)
dos2unix /root/.sniper_api_keys.conf 2> /dev/null > /dev/null
source /root/.sniper_api_keys.conf
echo -e "$OKBLUE[*]$RESET Loaded API keys from /root/.sniper_api_keys.conf $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
fi
else
# IF NO USER CONFIG PRESENT, CREATE IT FROM THE DEFAULT TEMPLATE
cp $INSTALL_DIR/sniper.conf /root/.sniper.conf 2> /dev/null
dos2unix /root/.sniper.conf 2> /dev/null > /dev/null
source /root/.sniper.conf
echo -e "$OKBLUE[*]$RESET Loaded configuration file from /root/.sniper.conf $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
fi
DISTRO=$(cat /etc/*-release | grep DISTRIB_ID= | cut -d'=' -f2)
function help {
logo
echo ""
echo -e "$OKBLUE[*]$RESET NORMAL MODE"
echo ' sniper -t <TARGET>'
echo ""
echo -e "$OKBLUE[*]$RESET SPECIFY CUSTOM CONFIG FILE"
echo ' sniper -c /full/path/to/sniper.conf -t <TARGET> -m <MODE> -w <WORKSPACE>'
echo ""
echo -e "$OKBLUE[*]$RESET NORMAL MODE + OSINT + RECON"
echo ' sniper -t <TARGET> -o -re'
echo ""
echo -e "$OKBLUE[*]$RESET STEALTH MODE + OSINT + RECON"
echo ' sniper -t <TARGET> -m stealth -o -re'
echo ""
echo -e "$OKBLUE[*]$RESET DISCOVER MODE"
echo ' sniper -t <CIDR> -m discover -w <WORSPACE_ALIAS>'
echo ""
echo -e "$OKBLUE[*]$RESET SCAN ONLY SPECIFIC PORT"
echo ' sniper -t <TARGET> -m port -p <portnum>'
echo ""
echo -e "$OKBLUE[*]$RESET FULLPORTONLY SCAN MODE"
echo ' sniper -t <TARGET> -fp'
echo ""
echo -e "$OKBLUE[*]$RESET WEB MODE - PORT 80 + 443 ONLY!"
echo ' sniper -t <TARGET> -m web'
echo ""
echo -e "$OKBLUE[*]$RESET HTTP WEB PORT MODE"
echo ' sniper -t <TARGET> -m webporthttp -p <port>'
echo ""
echo -e "$OKBLUE[*]$RESET HTTPS WEB PORT MODE"
echo ' sniper -t <TARGET> -m webporthttps -p <port>'
echo ""
echo -e "$OKBLUE[*]$RESET HTTP WEBSCAN MODE"
echo ' sniper -t <TARGET> -m webscan '
echo ""
echo -e "$OKBLUE[*]$RESET ENABLE BRUTEFORCE"
echo ' sniper -t <TARGET> -b'
echo ""
echo -e "$OKBLUE[*]$RESET AIRSTRIKE MODE"
echo ' sniper -f targets.txt -m airstrike'
echo ""
echo -e "$OKBLUE[*]$RESET NUKE MODE WITH TARGET LIST, BRUTEFORCE ENABLED, FULLPORTSCAN ENABLED, OSINT ENABLED, RECON ENABLED, WORKSPACE & LOOT ENABLED"
echo ' sniper -f targets.txt -m nuke -w <WORKSPACE_ALIAS>'
echo ""
echo -e "$OKBLUE[*]$RESET MASS PORT SCAN MODE"
echo ' sniper -f targets.txt -m massportscan -w <WORKSPACE_ALIAS>'
echo ""
echo -e "$OKBLUE[*]$RESET MASS WEB SCAN MODE"
echo ' sniper -f targets.txt -m massweb -w <WORKSPACE_ALIAS>'
echo ""
echo -e "$OKBLUE[*]$RESET MASS WEBSCAN SCAN MODE"
echo ' sniper -f targets.txt -m masswebscan -w <WORKSPACE_ALIAS>'
echo ""
echo -e "$OKBLUE[*]$RESET MASS VULN SCAN MODE"
echo ' sniper -f targets.txt -m massvulnscan -w <WORKSPACE_ALIAS>'
echo ""
echo -e "$OKBLUE[*]$RESET PORT SCAN MODE"
echo ' sniper -t <TARGET> -m port -p <PORT_NUM>'
echo ""
echo -e "$OKBLUE[*]$RESET LIST WORKSPACES"
echo ' sniper --list'
echo ""
echo -e "$OKBLUE[*]$RESET DELETE WORKSPACE"
echo ' sniper -w <WORKSPACE_ALIAS> -d'
echo ""
echo -e "$OKBLUE[*]$RESET DELETE HOST FROM WORKSPACE"
echo ' sniper -w <WORKSPACE_ALIAS> -t <TARGET> -dh'
echo ""
echo -e "$OKBLUE[*]$RESET DELETE TASKS FROM WORKSPACE"
echo ' sniper -w <WORKSPACE_ALIAS> -t <TARGET> -dt'
echo ""
echo -e "$OKBLUE[*]$RESET GET SNIPER SCAN STATUS"
echo ' sniper --status'
echo ""
echo -e "$OKBLUE[*]$RESET LOOT REIMPORT FUNCTION"
echo ' sniper -w <WORKSPACE_ALIAS> --reimport'
echo ""
echo -e "$OKBLUE[*]$RESET LOOT REIMPORTALL FUNCTION"
echo ' sniper -w <WORKSPACE_ALIAS> --reimportall'
echo ""
echo -e "$OKBLUE[*]$RESET LOOT REIMPORT FUNCTION"
echo ' sniper -w <WORKSPACE_ALIAS> --reload'
echo ""
echo -e "$OKBLUE[*]$RESET LOOT EXPORT FUNCTION"
echo ' sniper -w <WORKSPACE_ALIAS> --export'
echo ""
echo -e "$OKBLUE[*]$RESET SCHEDULED SCANS"
echo ' sniper -w <WORKSPACE_ALIAS> -s daily|weekly|monthly'
echo ""
echo -e "$OKBLUE[*]$RESET USE A CUSTOM CONFIG"
echo ' sniper -c /path/to/sniper.conf -t <TARGET> -w <WORKSPACE_ALIAS>'
echo ""
echo -e "$OKBLUE[*]$RESET UPDATE SNIPER"
echo ' sniper -u|--update'
echo ""
echo ""
exit
}
function logo {
echo -e "$OKRED ____ $RESET"
echo -e "$OKRED _________ / _/___ ___ _____$RESET"
echo -e "$OKRED / ___/ __ \ / // __ \/ _ \/ ___/$RESET"
echo -e "$OKRED (__ ) / / // // /_/ / __/ / $RESET"
echo -e "$OKRED /____/_/ /_/___/ .___/\___/_/ $RESET"
echo -e "$OKRED /_/ $RESET"
echo ""
echo -e "$OKORANGE + -- --=[ https://sn1persecurity.com$RESET"
echo -e "$OKORANGE + -- --=[ Sn1per v$VER by @xer0dayz$RESET"
echo ""
}
function sniper_status {
watch -n 1 -c 'ps -ef | egrep "sniper|slurp|hydra|ruby|python|dirsearch|amass|nmap|metasploit|curl|wget|nikto" && echo "NETWORK CONNECTIONS..." && netstat -an | egrep "TIME_WAIT|EST"'
}
# CHECK FOR UPDATES
function check_update {
if [[ "$ENABLE_AUTO_UPDATES" == "1" ]] && [[ "$ONLINE" == "1" ]]; then
LATEST_VER=$(curl --connect-timeout 5 -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
if [[ "$LATEST_VER" != "$VER" ]]; then
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] sniper v$LATEST_VER is available to download... To update, type$OKRED \"sniper -u\" $RESET"
fi
fi
touch /tmp/update-check.txt 2> /dev/null
}
# APPLY UPDATES
function update {
logo
echo -e "$OKBLUE[*]$RESET Checking for updates...$OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
if [[ "$ONLINE" == "0" ]]; then
echo "You will need to download the latest release manually at https://github.com/1N3/Sn1per/"
else
LATEST_VER=$(curl --connect-timeout 5 -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
if [[ "$LATEST_VER" != "$VER" ]]; then
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] Sn1per $LATEST_VER is available to download...Do you want to update? (y or n)$RESET"
read ans
if [[ "$ans" = "y" ]]; then
rm -Rf /tmp/Sn1per/ 2>/dev/null
git clone https://github.com/1N3/Sn1per /tmp/Sn1per/
cd /tmp/Sn1per/
chmod +rx install.sh
bash install.sh
rm -Rf /tmp/Sn1per/ 2>/dev/null
exit
fi
fi
fi
}
if [[ "$UPDATE" = "1" ]]; then
update
exit
fi
# CHECK IF ONLINE
function check_online {
ONLINE=$(curl --connect-timeout 3 --insecure -s "https://sn1persecurity.com/community/updates.txt?$VER&mid=$(cat /etc/machine-id)" 2> /dev/null)
if [[ -z "$ONLINE" ]]; then
ONLINE=$(curl --connect-timeout 3 -s https://api.github.com/repos/1N3/Sn1per/tags | grep -Po '"name":.*?[^\\]",'| head -1 | cut -c11-13)
if [[ -z "$ONLINE" ]]; then
ONLINE="0"
echo -e "$OKBLUE[*]$RESET Checking for active internet connection $OKBLUE[$RESET${OKRED}FAIL${RESET}$OKBLUE]"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET sniper is running in offline mode.$RESET"
else
ONLINE="1"
echo -e "$OKBLUE[*]$RESET Checking for active internet connection $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
fi
else
ONLINE="1"
echo -e "$OKBLUE[*]$RESET Checking for active internet connection $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
fi
}
# COMMAND LINE SWITCHES
POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"
case $key in
-h|--help)
help
shift # past argument
;;
-c|--config)
CONFIG="$2"
echo -e "$OKBLUE[*]$RESET Creating backup of existing config to /root/.sniper.conf.bak...$OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
cp -f /root/.sniper.conf /root/.sniper.conf.bak
echo -e "$OKBLUE[*]$RESET Copying $CONFIG to /root/.sniper.conf...$OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
cp -f $CONFIG /root/.sniper.conf 2> /dev/null
dos2unix /root/.sniper.conf 2> /dev/null > /dev/null
source /root/.sniper.conf
sleep 1
shift
shift
;;
-t)
TARGET="$2"
shift # past argument
shift # past argument
;;
-b)
AUTO_BRUTE="1"
shift # past argument
;;
-fp|--fullportscan)
FULLNMAPSCAN="1"
shift # past argument
;;
-o|--osint)
OSINT="1"
shift # past argument
;;
-re|--recon)
RECON="1"
shift # past argument
;;
-m)
MODE="$2"
shift # past argument
shift # past argument
;;
-p)
PORT="$2"
shift # past argument
shift # past argument
;;
-f|--file)
FILE="$(realpath $2)"
shift # past argument
shift # past argument
;;
-ri|--reimport)
REIMPORT="1"
shift # past argument
;;
-ria|--reimportall)
REIMPORT_ALL="1"
shift # past argument
;;
-rl|--reload)
RELOAD="1"
shift # past argument
;;
-n|--noreport)
REPORT="0"
shift # past argument
;;
-nl|--noloot)
LOOT="0"
NOLOOT="1"
shift # past argument
;;
-w)
WORKSPACE="$(echo $2 | tr / -)"
WORKSPACE_DIR="$INSTALL_DIR/loot/workspace/$WORKSPACE"
shift # past argument
shift # past argument
;;
-s|--schedule)
if [[ -z "$WORKSPACE" ]]; then
echo "You need to set a workspace via the -w switch to schedule a scan task."
exit
fi
SCHEDULE_ARG="$2"
if [[ "$SCHEDULE_ARG" = "daily" ]] || [[ "$SCHEDULE_ARG" = "weekly" ]] || [[ "$SCHEDULE_ARG" = "monthly" ]]; then
SCHEDULE_TASK="$WORKSPACE_DIR/scans/scheduled/$SCHEDULE_ARG.sh"
vim $SCHEDULE_TASK
cat $WORKSPACE_DIR/scans/scheduled/*.sh 2> /dev/null
exit
else
echo "You need to specify either daily, weekly or monthly for the scheduled scan argument."
exit
fi
shift # past argument
shift # past argument
;;
-d|--delete)
logo
echo "Are you sure you want to remove the following workspace? (Hit Ctrl+C to exit): /usr/share/sniper/loot/workspace/$WORKSPACE/"
read ANS
rm -Rf /usr/share/sniper/loot/workspace/$WORKSPACE/
echo "Workspace /usr/share/sniper/loot/workspace/$WORKSPACE/ was removed."
sniper -w default --reimport
exit
shift # past argument
;;
-dh|--delete-host)
echo "Removing $TARGET from $WORKSPACE"
sed -i "/$TARGET/d" $WORKSPACE_DIR/domains/* $WORKSPACE_DIR/reports/host-table-report.csv
egrep -R "$TARGET" $WORKSPACE_DIR/domains/* $WORKSPACE_DIR/reports/host-table-report.csv
rm -f $WORKSPACE_DIR/screenshots/$TARGET*.jpg 2> /dev/null
rm -f $WORKSPACE_DIR/nmap/dns-$TARGET.txt 2> /dev/null
rm -f $WORKSPACE_DIR/nmap/ports-$TARGET.txt 2> /dev/null
rm -f $WORKSPACE_DIR/web/title-*-$TARGET.txt 2> /dev/null
rm -f $WORKSPACE_DIR/web/headers-*-$TARGET.txt 2> /dev/null
rm -f $WORKSPACE_DIR/vulnerabilities/sc0pe-$TARGET-*.txt 2> /dev/null
rm -f $WORKSPACE_DIR/vulnerabilities/vulnerability-report-$TARGET.txt 2> /dev/null
rm -f $WORKSPACE_DIR/vulnerabilities/vulnerability-risk-$TARGET.txt 2> /dev/null
#sniper --reimportall -w $WORKSPACE
exit
shift # past argument
;;
-dt|--delete-task)
echo "Removing all running $TARGET tasks from $WORKSPACE"
rm -vf $WORKSPACE_DIR/scans/running_$TARGET_*.txt
ls -lh $LOOT_DIR/scans/running_*.txt 2> /dev/null | wc -l 2> /dev/null > $WORKSPACE_DIR/scans/tasks-running.txt 2> /dev/null
ps -ef | egrep "$TARGET|sniper"
ps -ef | egrep "sniper" | awk '{print $2}' | xargs -i sudo kill -9 {}
exit
shift # past argument
;;
--list)
logo
ls -l $INSTALL_DIR/loot/workspace/
echo ""
echo "cd /usr/share/sniper/loot/workspace/"
WORKSPACE_REPORT=$LOOT_DIR/sniper-report.html
if [[ -f $WORKSPACE_REPORT ]]; then
echo -e "$OKORANGE + -- --=[ Loading Sn1per Professional...$RESET"
$BROWSER $INSTALL_DIR/loot/workspace/sniper-report.html 2> /dev/null > /dev/null &
else
echo -e "$OKORANGE + -- --=[ Loading workspaces...$RESET"
$BROWSER $INSTALL_DIR/loot/workspace/ 2> /dev/null > /dev/null &
fi
exit
shift
;;
--export)
if [[ -z "$WORKSPACE" ]]; then
echo "You need to set a workspace via the -w switch to export a workspace."
exit
fi
echo "Archiving $WORKSPACE to $INSTALL_DIR/loot/$WORKSPACE.tar"
cd $INSTALL_DIR/loot/workspace/ && tar -cvf ../$WORKSPACE.tar $WORKSPACE
cp -Rf $WORKSPACE ${WORKSPACE}_`date +"%Y-%m-%d"`
echo "Done!"
exit
shift
;;
-s|--status)
sniper_status
exit
shift
;;
-u|--update)
UPDATE="1"
update
exit
shift # past argument
;;
*) # unknown option
POSITIONAL+=("$1") # save it in an array for later
echo "Unknown scan option $POSITIONAL...refer to the help menu for usage details."
exit
shift # past argument
;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters
if [[ ! -z "$TARGET" ]] && [[ -z "$WORKSPACE" ]]; then
WORKSPACE=$(echo "$TARGET")
fi
if [[ -z "$TARGET" ]] && [[ -z "$WORKSPACE" ]]; then
logo
echo "You need to specify a target or workspace to use. Type sniper --help for command usage."
exit
fi
cd $INSTALL_DIR
function init {
if [[ ! -z $WORKSPACE_DIR ]]; then
LOOT_DIR=$WORKSPACE_DIR
fi
echo -e "$OKBLUE[*]$RESET Saving loot to $LOOT_DIR $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
mkdir -p $LOOT_DIR 2> /dev/nul
mkdir $LOOT_DIR/domains 2> /dev/null
mkdir $LOOT_DIR/ips 2> /dev/null
mkdir $LOOT_DIR/screenshots 2> /dev/null
mkdir $LOOT_DIR/nmap 2> /dev/null
mkdir $LOOT_DIR/reports 2> /dev/null
mkdir $LOOT_DIR/output 2> /dev/null
mkdir $LOOT_DIR/osint 2> /dev/null
mkdir $LOOT_DIR/credentials 2> /dev/null
mkdir $LOOT_DIR/web 2> /dev/null
mkdir $LOOT_DIR/vulnerabilities 2> /dev/null
mkdir $LOOT_DIR/notes 2> /dev/null
mkdir -p $LOOT_DIR/scans/scheduled/ 2> /dev/null
touch $LOOT_DIR/scans/scheduled/daily.sh 2> /dev/null
touch $LOOT_DIR/scans/scheduled/weekly.sh 2> /dev/null
touch $LOOT_DIR/scans/scheduled/monthly.sh 2> /dev/null
touch $LOOT_DIR/scans/notifications.txt 2> /dev/null
touch $LOOT_DIR/scans/notifications_new.txt 2> /dev/null
chmod 777 -Rf $INSTALL_DIR 2> /dev/null
chown root $INSTALL_DIR/sniper 2> /dev/null
chmod 4777 $INSTALL_DIR/sniper 2> /dev/null
TARGET="$(echo $TARGET | sed 's/https:\/\///g' | sed 's/http:\/\///g')"
rm -f /tmp/out_of_scope 2> /dev/null
for key in "${OUT_OF_SCOPE[@]}"; do echo $TARGET | egrep ${key} >> /tmp/out_of_scope 2> /dev/null; done;
OUT_OF_SCOPE_NUM=$(wc -l /tmp/out_of_scope 2> /dev/null | awk '{print $1}' 2> /dev/null)
if [[ $OUT_OF_SCOPE_NUM > 0 ]]; then
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE] $TARGET is out of scope. Skipping! $RESET"
exit
else
echo -e "$OKBLUE[*]$RESET Scanning $TARGET $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
echo "$TARGET" >> $LOOT_DIR/domains/targets.txt 2> /dev/null
fi
service postgresql start 2> /dev/null > /dev/null
msfdb start 2> /dev/null > /dev/null
chown root /run/user/1000/gdm/Xauthority 2> /dev/null
LAST_USER=$(last | head -n 1 | awk '{print $1}')
sudo cp -a /home/$LAST_USER/.Xauthority /root/.Xauthority 2> /dev/null
sudo cp -a /root/.Xauthority /root/.Xauthority.bak 2> /dev/null
sudo cp -a /home/$USER/.Xauthority /root/.Xauthority 2> /dev/null
sudo cp -a /home/kali/.Xauthority /root/.Xauthority 2> /dev/null
sudo chown root: /root/.Xauthority 2> /dev/null
XAUTHORITY=/root/.Xauthority
UPDATED_TARGETS=$LOOT_DIR/scans/updated.txt
if [[ "$AUTO_BRUTE" == "1" ]]; then
echo "$TARGET AUTO_BRUTE `date +"%Y-%m-%d %H:%M"`" 2> /dev/null >> $LOOT_DIR/scans/tasks.txt
touch $LOOT_DIR/scans/$TARGET-AUTO_BRUTE.txt 2> /dev/null
fi
if [[ "$FULLNMAPSCAN" == "1" ]]; then
echo "$TARGET fullnmapscan `date +"%Y-%m-%d %H:%M"`" 2> /dev/null >> $LOOT_DIR/scans/tasks.txt
touch $LOOT_DIR/scans/$TARGET-fullnmapscan.txt 2> /dev/null
fi
if [[ "$OSINT" == "1" ]]; then
echo "$TARGET osint `date +"%Y-%m-%d %H:%M"`" 2> /dev/null >> $LOOT_DIR/scans/tasks.txt
touch $LOOT_DIR/scans/$TARGET-osint.txt 2> /dev/null
fi
if [[ "$RECON" == "1" ]]; then
echo "$TARGET recon `date +"%Y-%m-%d %H:%M"`" 2> /dev/null >> $LOOT_DIR/scans/tasks.txt
touch $LOOT_DIR/scans/$TARGET-recon.txt 2> /dev/null
fi
}
function loot {
if [[ ! $LOOT == "0" ]]; then
echo -e "$OKRED ____ $RESET"
echo -e "$OKRED _________ / _/___ ___ _____$RESET"
echo -e "$OKRED / ___/ __ \ / // __ \/ _ \/ ___/$RESET"
echo -e "$OKRED (__ ) / / // // /_/ / __/ / $RESET"
echo -e "$OKRED /____/_/ /_/___/ .___/\___/_/ $RESET"
echo -e "$OKRED /_/ $RESET"
echo ""
if [[ ! -z $WORKSPACE_DIR ]]; then
LOOT_DIR=$WORKSPACE_DIR
fi
rm -f $INSTALL_DIR/stash.sqlite 2> /dev/null
rm -f $INSTALL_DIR/hydra.restore 2> /dev/null
rm -f /tmp/update-check.txt 2> /dev/null
ls -lh $LOOT_DIR/scans/running_*.txt 2> /dev/null | wc -l 2> /dev/null > $LOOT_DIR/scans/tasks-running.txt 2> /dev/null
echo -e "$OKBLUE[*]$RESET Opening loot directory $LOOT_DIR $OKBLUE[$RESET${OKGREEN}OK${RESET}$OKBLUE]$RESET"
cd $LOOT_DIR
if [[ "$METASPLOIT_IMPORT" == "1" ]]; then
echo -e "$OKORANGE + -- --=[ Starting Metasploit service...$RESET"
/etc/init.d/metasploit start 2> /dev/null > /dev/null
msfdb start
echo -e "$OKORANGE + -- --=[ Importing NMap XML files into Metasploit...$RESET"
msfconsole -x "workspace -a $WORKSPACE; workspace $WORKSPACE; db_import $LOOT_DIR/nmap/nmap*.xml; hosts; services; exit;" | tee $LOOT_DIR/notes/msf-$WORKSPACE.txt
fi
echo -e "$OKORANGE + -- --=[ Generating reports...$RESET"
cd $LOOT_DIR/output 2> /dev/null
echo -en "$OKGREEN[$OKBLUE"
for a in `ls sniper-*.txt 2>/dev/null`;
do
echo "$a" 2> /dev/null | aha 2> /dev/null > $LOOT_DIR/reports/$a.html 2> /dev/null
cat "$a" 2> /dev/null | aha 2> /dev/null >> $LOOT_DIR/reports/$a.html 2> /dev/null
echo -n '|'
done
echo -en "$OKGREEN]$RESET"
echo ""
cd ..
chmod 777 -Rf $LOOT_DIR
echo -e "$OKORANGE + -- --=[ Sorting all files...$RESET"
cat $LOOT_DIR/scans/notifications_new.txt 2> /dev/null >> $LOOT_DIR/scans/notifications.txt 2> /dev/null
sort -u $LOOT_DIR/domains/*-full.txt 2> /dev/null > $LOOT_DIR/domains/domains-all-presorted.txt 2> /dev/null
sed -E "s/^\.//g" $LOOT_DIR/domains/domains-all-presorted.txt 2> /dev/null | sed -E "s/^\*\.//g" | tr '[:upper:]' '[:lower:]' | sort -u > $LOOT_DIR/domains/domains-all-presorted2.txt 2> /dev/null
sort -u $LOOT_DIR/domains/targets.txt 2> /dev/null > $LOOT_DIR/domains/targets-all-presorted.txt 2> /dev/null
sed -E "s/^\.//g" $LOOT_DIR/domains/targets-all-presorted.txt 2> /dev/null | sed -E "s/^\*\.//g" | tr '[:upper:]' '[:lower:]' | sort -u > $LOOT_DIR/domains/targets-all-sorted.txt 2> /dev/null
sort -u $LOOT_DIR/ips/ips-all-unsorted.txt 2> /dev/null > $LOOT_DIR/ips/ips-all-sorted.txt 2> /dev/null
sed -i -E 's/address//g' $LOOT_DIR/ips/ips-all-sorted.txt 2> /dev/null
sort -u $LOOT_DIR/domains/domains-all-presorted2.txt $LOOT_DIR/domains/targets-all-sorted.txt 2> /dev/null > $LOOT_DIR/domains/domains-all-sorted.txt 2> /dev/null
diff $LOOT_DIR/domains/targets-all-sorted.txt $LOOT_DIR/domains/domains-all-sorted.txt 2> /dev/null | grep \> | awk '{print $2}' > $LOOT_DIR/domains/targets-all-unscanned.txt
rm -f $LOOT_DIR/domains/targets-all-presorted.txt $LOOT_DIR/domains/targets-all-presorted2.txt 2> /dev/null
rm -f $LOOT_DIR/domains/domains-all-presorted.txt $LOOT_DIR/domains/domains-all-presorted2.txt 2> /dev/null
sort -u $LOOT_DIR/nmap/openports-unsorted.txt 2> /dev/null > $LOOT_DIR/nmap/openports-sorted.txt 2> /dev/null
sort -u $LOOT_DIR/nmap/livehosts-unsorted.txt 2> /dev/null > $LOOT_DIR/nmap/livehosts-sorted.txt 2> /dev/null
find $LOOT_DIR/web/ -type f -size -1c -exec rm -f {} \;
cd $LOOT_DIR/web/ && rm -f webhosts-all-sorted-* 2> /dev/null
cd $LOOT_DIR/domains/ && rm -f domains-all-sorted-* 2> /dev/null
cd $LOOT_DIR/nmap/ && rm -f openports-all-sorted-* 2> /dev/null
cd $LOOT_DIR/nmap/ && rm -f livehosts-all-sorted-* 2> /dev/null
cd $LOOT_DIR/web/ 2> /dev/null
egrep -Hi 'HTTP/1.' headers-* 2> /dev/null | cut -d':' -f1 | sed "s/headers\-http\(\|s\)\-//g" | sed "s/\.txt//g" | cut -d \- -f1 | sort -u 2> /dev/null > $LOOT_DIR/web/webhosts-sorted.txt 2> /dev/null
split -d -l $MAX_HOSTS -e $LOOT_DIR/web/webhosts-sorted.txt webhosts-all-sorted- 2> /dev/null
cd $LOOT_DIR/domains/ 2> /dev/null
split -d -l $MAX_HOSTS -e $LOOT_DIR/domains/domains-all-sorted.txt domains-all-sorted- 2> /dev/null
cd $LOOT_DIR/nmap/ 2> /dev/null
split -d -l $MAX_HOSTS -e $LOOT_DIR/nmap/openports-sorted.txt openports-all-sorted- 2> /dev/null
split -d -l $MAX_HOSTS -e $LOOT_DIR/nmap/livehosts-sorted.txt livehosts-all-sorted- 2> /dev/null
echo -e "$OKORANGE + -- --=[ Removing blank screenshots and files...$RESET"
chmod 777 -Rf $LOOT_DIR 2> /dev/null
cd $LOOT_DIR/screenshots/
find $LOOT_DIR/screenshots/ -type f -size -9000c -exec rm -f {} \;
find $LOOT_DIR/nmap/ -type f -size -1c -exec rm -f {} \;
find $LOOT_DIR/ips/ -type f -size -1c -exec rm -f {} \;
find $LOOT_DIR/osint/ -type f -size -1c -exec rm -f {} \;
find $LOOT_DIR/vulnerabilities/ -type f -size -1c -exec rm -f {} \;
cd $LOOT_DIR
if [[ -f $SNIPER_PRO ]]; then
wc -l $LOOT_DIR/scans/notifications.txt 2> /dev/null | awk '{print $1}' > $LOOT_DIR/scans/notifications_total.txt 2> /dev/null
wc -l $LOOT_DIR/scans/notifications_new.txt 2> /dev/null | awk '{print $1}' > $LOOT_DIR/scans/notifications_new_total.txt 2> /dev/null
cat $LOOT_DIR/scans/tasks-running.txt 2> /dev/null > $LOOT_DIR/scans/tasks-running_total.txt 2> /dev/null
wc -l $LOOT_DIR/scans/tasks.txt 2> /dev/null | awk '{print $1}' 2> /dev/null > $LOOT_DIR/scans/tasks_total.txt 2> /dev/null
wc -l $LOOT_DIR/scans/scheduled/*.sh 2> /dev/null | awk '{print $1}' 2> /dev/null > $LOOT_DIR/scans/scheduled_tasks_total.txt 2> /dev/null
grep "Host\ status" $LOOT_DIR/scans/notifications.txt 2> /dev/null | wc -l | awk '{print $1}' 2> /dev/null > $LOOT_DIR/scans/host_status_changes_total.txt 2> /dev/null
grep "Port\ change" $LOOT_DIR/scans/notifications.txt 2> /dev/null | wc -l | awk '{print $1}' 2> /dev/null > $LOOT_DIR/scans/port_changes_total.txt 2> /dev/null
wc -l $LOOT_DIR/domains/domains_new-*.txt 2> /dev/null | awk '{print $1}' 2> /dev/null > $LOOT_DIR/scans/domain_changes_total.txt 2> /dev/null
cat $LOOT_DIR/web/dirsearch-new-*.txt $LOOT_DIR/web/spider-new-*.txt 2> /dev/null | wc -l | awk '{print $1}' 2> /dev/null > $LOOT_DIR/scans/url_changes_total.txt 2> /dev/null
if [[ -f "$LOOT_DIR/notes/notepad.html" ]]; then
echo -n "" 2>/dev/null
else
cp "$INSTALL_DIR/pro/notepad.html" "$LOOT_DIR/notes/notepad.html" 2>/dev/null
PRE_NAME=$(echo $WORKSPACE | sed "s/\./-/g")
sed -i "s/notepad/notepad-$PRE_NAME/g" "$LOOT_DIR/notes/notepad.html" 2> /dev/null
fi
if [[ "$SN1PER_AUTOLOAD" = "1" ]] && [[ ! -f "$INSTALL_DIR/pro/settings.php" ]]; then
echo -e "$OKORANGE + -- --=[ Loading Sn1per Professional...$RESET"
source $INSTALL_DIR/pro.sh
sudo $LAST_USER -c $BROWSER $LOOT_DIR/sniper-report.html 2> /dev/null > /dev/null &
else
echo -e "$OKORANGE + -- --=[ Generating Sn1per Professional reports...$RESET"
source $INSTALL_DIR/pro.sh
fi
else
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET ⚡ Upgrade to Sn1per Professional and unlock a world of powerful benefits! 🚀 $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 💡 Don't miss out on important updates by using the Community version. $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 🔝 The latest Professional version ( ${OKRED}10.6 ${RESET}) offers unparalleled features, including: $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 💻 Sleek Web UI $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 🛠️ Extensive add-ons $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 🔄 Seamless integrations $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 🤝 Experience priority support, continuous updates, and enhanced capabilities tailored for professionals like you. $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 💰 Maximize your investment and achieve exceptional results with Sn1per Professional. $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 🔍 Learn more about the differences between the versions at: ${OKBLUE}https://sn1persecurity.com/wordpress/sn1per-community-vs-professional-whats-the-difference/ $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET $RESET"
echo -e "$OKBLUE[$RESET${OKRED}i${RESET}$OKBLUE]$RESET 🛒 Purchase your Sn1per Professional license now at: ${OKBLUE}https://sn1persecurity.com/ $RESET"
sudo $LAST_USER -c $BROWSER https://sn1persecurity.com 2> /dev/null > /dev/null &
fi
rm -f $UPDATED_TARGETS 2> /dev/null
touch $UPDATED_TARGETS 2> /dev/null
echo -e "$OKORANGE + -- --=[ Done!$RESET"
fi
}
if [[ "$REIMPORT" = "1" ]]; then
if [[ ! -z "$WORKSPACE_DIR" ]]; then
LOOT="1"
loot
exit
fi
fi
if [[ "$REIMPORT_ALL" = "1" ]]; then
if [[ ! -z "$WORKSPACE_DIR" ]]; then
touch $WORKSPACE_DIR/domains/targets.txt $WORKSPACE_DIR/domains/targets-all-sorted.txt $WORKSPACE_DIR/domains/domains-all-sorted.txt
cat $WORKSPACE_DIR/domains/targets.txt $WORKSPACE_DIR/domains/targets-all-sorted.txt $WORKSPACE_DIR/domains/domains-all-sorted.txt | sort -u > $WORKSPACE_DIR/scans/updated.txt
rm -f $WORKSPACE_DIR/nmap/openports-unsorted.txt 2> /dev/null
rm -f $WORKSPACE_DIR/nmap/openports-sorted.txt 2> /dev/null
rm -f $WORKSPACE_DIR/reports/host-table-report.csv 2> /dev/null
LOOT="1"
loot
exit
fi
fi
if [[ "$RELOAD" = "1" ]]; then
if [[ ! -z "$WORKSPACE_DIR" ]]; then
$BROWSER $WORKSPACE_DIR/sniper-report.html 2> /dev/null > /dev/null &
exit
fi
fi
if [[ ${TARGET:0:1} =~ $REGEX ]];
then
SCAN_TYPE="IP"
else
SCAN_TYPE="DOMAIN"
fi
# INITILIZE
init
if [[ ! -f /tmp/update-check.txt ]]; then
# CHECK CONNECTION STATUS
check_online
fi
if [[ ! -f /tmp/update-check.txt ]]; then
# CHECK FOR UPDATES
check_update
fi
# CHECK FOR BLACKARCH LINUX
if grep -q BlackArch /etc/issue; then
DISTRO='blackarch'
echo "Detected BlackArch GNU/Linux"
INSTALL_DIR=$(pwd)
echo "Setting current path to $INSTALL_DIR"
fi
source modes/discover.sh
source modes/flyover.sh
source modes/vulnscan.sh
source modes/fullportonly.sh
source modes/web.sh
source modes/webporthttp.sh
source modes/webporthttps.sh
source modes/webscan.sh
source modes/massweb.sh
source modes/masswebscan.sh
source modes/massvulnscan.sh
source modes/massportscan.sh
source modes/stealth.sh
source modes/airstrike.sh
source modes/nuke.sh
source modes/normal.sh
rm -f /tmp/update-check.txt 2> /dev/null
exit 0