Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

File Download Module #754

Closed
wants to merge 29 commits into from
Closed

File Download Module #754

wants to merge 29 commits into from

Conversation

TheTechromancer
Copy link
Collaborator

@TheTechromancer TheTechromancer commented Sep 21, 2023
edited
Loading

Adds a module that downloads common/interesting file types (such as PDFs and Word documents) out to a scope distance of 1. The files are downloaded into a subdirectory in the scan's output folder.

Executing the following scan will automatically spider every subdomain up to depth 2 and download any interesting file it encounters. It will even detect files without extensions by the content-type, and download them too.

bbot -t evilcorp.com -f subdomain-enum -m filedownload -c web_spider_distance=2 web_spider_depth=2

image

This module should serve as a good jumping-off point for a FOCA-like metadata extraction module.

During development of this module, an SSL-related error in the download() helper was discovered. The fix is included.

Note: this PR depends on #692.

@TheTechromancer
fix poetry.lock conflicts
62da222
@TheTechromancer
documenting Scanner() class
ebd7954
@TheTechromancer
steadily working through helpers
8687cfe
@TheTechromancer
refactor module inheritance
7b69ccc
@TheTechromancer
code cleanup in geoip modules
4a59895
@TheTechromancer
fix tests
35c8174
@TheTechromancer
commenting base module
4a84439
@TheTechromancer
tweak scanner docs
e16e9a7
@TheTechromancer
documentation for Target
69c4ceb
@TheTechromancer
documentation for ScanManager, Event
9f5f1a8
@TheTechromancer
fix agent tests
2a67437
@TheTechromancer
more scanner documentation
aabac42
@TheTechromancer
even more scanner docs
052b11e
@TheTechromancer
blacked
394d963
@TheTechromancer
steady progress on documenting helpers
d5c8427
@TheTechromancer
finished documenting misc helpers
4988f6e
@TheTechromancer
steady work on developer documentation
585f8da
@TheTechromancer
fix tests, started interact.sh developer docs
19da10d
@TheTechromancer
interactsh developer documentation
40088f8
@TheTechromancer
ongoing work on developer documentation
4b9a7ea
@TheTechromancer
docs for dns mutator, massdns module
17dd57a
@TheTechromancer
blacked
89931dc
@TheTechromancer
add per_domain_only module attribute (cleaning up module inheritance)
499c85a
@TheTechromancer
remove unused root_domains template
cfe76ca
@TheTechromancer
Added filedownload module
4bc355e
@TheTechromancer
improve ssl disablement, filedownload improvements
8e9ede2
@TheTechromancer TheTechromancer self-assigned this Sep 21, 2023
@TheTechromancer TheTechromancer mentioned this pull request Sep 21, 2023
Closed
@codecov
Copy link

codecov bot commented Sep 21, 2023
edited
Loading

Codecov Report

Merging #754 (1b6d8c9) into dev (6e17307) will increase coverage by 1%.
Report is 72 commits behind head on dev.
The diff coverage is 91%.

❗ Current head 1b6d8c9 differs from pull request most recent head 032d3ff. Consider uploading reports for the commit 032d3ff to get more accurate results

@@          Coverage Diff           @@
##             dev    #754    +/-   ##
======================================
+ Coverage     92%     92%    +1%     
======================================
  Files        284     287     +3     
  Lines      16692   16885   +193     
======================================
+ Hits       15243   15439   +196     
+ Misses      1449    1446     -3
Files Coverage Δ
bbot/cli.py 88% <100%> (ø)
bbot/core/event/base.py 95% <ø> (ø)
bbot/core/event/helpers.py 90% <ø> (ø)
bbot/core/helpers/command.py 97% <ø> (ø)
bbot/core/helpers/dns.py 86% <100%> (+2%) ⬆️
bbot/core/helpers/files.py 65% <ø> (ø)
bbot/core/helpers/helper.py 98% <ø> (ø)
bbot/core/helpers/interactsh.py 78% <100%> (ø)
bbot/core/helpers/misc.py 91% <100%> (+1%) ⬆️
bbot/core/helpers/modules.py 97% <100%> (+1%) ⬆️
... and 61 more

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

aconite33
aconite33 reviewed Sep 22, 2023
View reviewed changes
bbot/agent/agent.py Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the purpose of changing agent.py? Is this for downloading specifically or is it a change required in order to allow for downloading?

Copy link
Collaborator Author

@TheTechromancer TheTechromancer Sep 22, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm I think I must have been trying to get the tests to pass. We can test it during the troubleshooting call with @batgoose tomorrow.

There were no changes to agent.py as part of this module. The reason you're seeing here it is because we need to merge this one first.

@TheTechromancer TheTechromancer mentioned this pull request Sep 22, 2023
Merged
@TheTechromancer TheTechromancer changed the base branch from stable to dev September 25, 2023 15:28
@TheTechromancer TheTechromancer deleted the filedownload-module branch October 24, 2023 02:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aconite33 aconite33 aconite33 left review comments

@liquidsec liquidsec Awaiting requested review from liquidsec

Assignees

@TheTechromancer TheTechromancer

Labels
None yet
Projects
None yet
Milestone
BBOT 1.1.1 - difficult_larry
Development

Successfully merging this pull request may close these issues.
2 participants
@TheTechromancer @aconite33