diff --git a/README.md b/README.md index 949a7c6..79bb3fd 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,9 @@ It's an information security audit tool that creates intelligent wordlists based Ongoing projects :construction_worker:: [D4N155 in docker :gift:](https://github.com/OWASP/D4N155/tree/docker), [Web API D4N155 :cloud:](https://github.com/OWASP/D4N155/tree/api) ## Install -Need to: [Python3.6](https://realpython.com/installing-python/), [Bash (GNU Bourne-Again SHell)](https://www.gnu.org/software/bash/#download) +Need to: [Python3.6](https://realpython.com/installing-python/), [Bash (GNU Bourne-Again SHell)](https://www.gnu.org/software/bash/#download), [Go](https://golang.org/dl/) -Optional: [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git), [Groff](https://www.gnu.org/software/groff/) +Optional: [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) ## Source ```bash diff --git a/main b/main index fead33a..a4ed3db 100755 --- a/main +++ b/main @@ -61,7 +61,7 @@ help=""" FILE File, for save the result, get urls or using in wordlist - Version: 0.9 + Version: 1.3 It's GNU/GPL version 3 Project page: https://github.com/owasp/D4N155""" @@ -73,6 +73,13 @@ printf "\033[32m" trap -- "printf \"\n$bug\";kill $! &> /dev/null;exit 2" "SIGINT" +__compile(){ + go build -o modules/GoMutation modules/GoMutation.go && \ + echo "$success Compiled GoMutation" || echo "$error Golang dont installed" +} + +test -x "modules/GoMutation" || __compile + # Menu __interative(){ printf "\033[0m" diff --git a/modules/GoMutation.go b/modules/GoMutation.go new file mode 100644 index 0000000..d9edefc --- /dev/null +++ b/modules/GoMutation.go @@ -0,0 +1,118 @@ +package main + +import ( + "fmt" + "strings" + "io/ioutil" + "os" + "strconv" +) +// Check if err +func check(e error) { + if e != nil { + panic(e) + } +} +// Removing duplicated items +func unique(intSlice []string) []string { + keys := make(map[string]bool) + list := []string {} + for _, entry := range intSlice { + if _, value := keys[entry]; !value { + keys[entry] = true + list = append(list, entry) + } + } + return list +} + +// Pure functions +func leet(word string) string { + return strings.NewReplacer("A","4", "E", "3", "I", "1", "O", "0", "S", "5", "T", "7", "B", "8").Replace(word) +} +func count1to8(word string) []string { + list := []string {word} + for i := 0; i < 9; i++ { + list = append(list,list[len(list)-1]+strconv.Itoa(i)) + } + return list +} +func year90(word string) []string { + list := []string {word} + for i := 99; i > 89; i-- { + list = append(list,word+strconv.Itoa(i)) + } + return list +} +func year2000(word string) []string { + list := []string {word} + for i := 2020; i > 1999; i-- { + list = append(list,word+strconv.Itoa(i)) + } + return list +} +func swapCase(r rune) rune { + switch { + case 'a' <= r && r <= 'z': + return r - 'a' + 'A' + case 'A' <= r && r <= 'Z': + return r - 'A' + 'a' + default: + return r + } +} +func inverter(word string) string { + runes := []rune(string(word)) + for i, j := 0, len(runes)-1; i < j; i, j = i+1, j-1 { + runes[i], runes[j] = runes[j], runes[i] + } + return string(runes) +} +func mess(word string, allList []string) []string { + list := []string {} + for _, i := range allList { + list = append(list, word + i) + } + return list +} +func combine(allList []string) []string { + finalWords := []string {} + + for _, i := range allList { + finalWords = append(finalWords, mess(i, allList)...) + } + + return finalWords +} + +func main() { + finalContent := []string {} + // Read base file + blob, err := ioutil.ReadFile(os.Args[1]) + check(err) + content := strings.Fields(string(blob)) + finalContent = append(content, combine(content)...) + + // Running functions for make wordlist + for _, word := range content { + finalContent = append(finalContent, leet(word)) + finalContent = append(finalContent, count1to8(word)...) + finalContent = append(finalContent, year90(word)...) + finalContent = append(finalContent, year2000(word)...) + finalContent = append(finalContent, strings.ToUpper(word)) + finalContent = append(finalContent, strings.ToLower(word)) + finalContent = append(finalContent, strings.Map(swapCase, word)) + finalContent = append(finalContent, inverter(word)) + } + + // Save data + file, errCreate := os.Create(os.Args[2]) + check(errCreate) + defer file.Close() + data := []byte(strings.Join(unique(finalContent), "\n")) + numberWrote, errWrite := file.Write(data) + check(errWrite) + if numberWrote < 1 { + fmt.Println("1b?") + } +} diff --git a/modules/colors.sh b/modules/colors.sh index 53554d5..33294a0 100644 --- a/modules/colors.sh +++ b/modules/colors.sh @@ -7,5 +7,5 @@ end='\e[0m' bgred='\e[41m' # Status -correct="[\e[1m\e[92m ✔ $end$green]" -incorrect="[\e[1m\e[92m ✘ $end$green]" +correct="$end$green[\e[1m\e[92m ✔ $end$green]$end" +incorrect="$end$green[\e[1m\e[92m ✘ $end$green]$end" diff --git a/modules/functions.sh b/modules/functions.sh index 8264975..2e77ae2 100644 --- a/modules/functions.sh +++ b/modules/functions.sh @@ -81,18 +81,18 @@ __wordlist(){ if [ "$?" == "0" ] then - echo -e "Finalized search to $target, database\nhas been saved in$orange reports/db/$target.txt$green" + echo -e "Finalized search to $target, database\nhas been saved in$orange reports/db/$target.txt$end" else - echo -e "$red The file dont has been saved, the result was found?$green" + echo -e "$red The file dont has been saved, the result was found?$end" exit 2 fi - echo "Make the wordlist *-*" + echo "Reading urls content 0-0" . modules/operations/calc.sh "reports/db/$target.txt" "$target" "$dest" test "$?" == 0 && \ - echo -e "$green Wordlist has been saved in\n$orange$dest$end" || \ + echo -e "\n$green Wordlist has been saved in\n→ $orange$dest$end" || \ exit 1 # clear trash files @@ -138,7 +138,7 @@ __cus() { [ $2 ] && export save="$2" || export save="_wordlist.txt" echo "$save" echo "Processing all data..." - python3 "modules/generator.py" "$1" >> "$save" && \ + ./modules/GoMutation "$1" "$save" && \ ( echo -e "$correct Wordlist been created in $save"; exit 0 ) || \ echo -e "$incorrect Error fatal, don't create file"; exit 2 diff --git a/modules/generator.py b/modules/generator.py deleted file mode 100644 index 030b1a5..0000000 --- a/modules/generator.py +++ /dev/null @@ -1,56 +0,0 @@ -from sys import argv -from multiprocessing.dummy import Pool as ThreadPool -from permutations.main import * # All modules for permutations -details = False - - -# Root text -texts = open(argv[1], 'r').read().split() -new = [] -# Alternations -texts = texts+list(map(inverter, texts)) -pool = ThreadPool(2) -def run(fuction, value): - # Thread will be parameter type flag - # --------------------| All word > 3 and < 30 - return list(filter(lambda x: True if (len(x) > 3 and len(x) < 30) else False, list(pool.map(fuction, value)))) - -# Main -def make(): - # EX - # counting 3: → x+"123" - blob = run(counting1, texts) - blob = blob + run(counting2, texts) - blob = blob + run(counting3, texts) - blob = blob + run(counting4, texts) - blob = blob + run(counting8, texts) - blob = blob + run(counting81, texts) - # EX - # year9 : → x+"2019" - blob = blob + run(year20, texts) - blob = blob + run(year9, texts) - blob = blob + run(year8, texts) - blob = blob + run(year7, texts) - blob = blob + run(year6, texts) - # EX - # YEAR : → "Y34R" - blob = blob + run(textnumber, texts) - # EX - # year : → "YeAr" - blob = blob + run(ullual, texts) - blob = blob + run(luulal, texts) - blob = blob + run(inverter, texts) - blob = blob + run(uppall, texts) - blob = blob + run(lowera, texts) - # EX - # New Yeah : → "YeahNew" - blob = blob + comb(texts) - - # Are finals test details - if details == True: - blob = blob + pool.comb(blob) - - return blob - -# Reduce all output for best precision -print('\n'.join(set(texts+make()))) diff --git a/modules/load.sh b/modules/load.sh index 8a8a2d6..da328fb 100644 --- a/modules/load.sh +++ b/modules/load.sh @@ -10,6 +10,6 @@ spin() { _load(){ while :;do spin "$1" - done & trap "kill -9 $!" exit &> /dev/null - eval "$2" + done & trap "kill -9 $! 2> /dev/null" exit 2> /dev/null + eval "$2" > /dev/null } diff --git a/modules/operations/calc.sh b/modules/operations/calc.sh index 20e2e74..e374947 100644 --- a/modules/operations/calc.sh +++ b/modules/operations/calc.sh @@ -14,7 +14,7 @@ echo -e ":.........................................$correct" || \ echo -e ":.........................................$incorrect" sleep $time - done && _load "Make operations:" """python3 'modules/generator.py' reports/db/$2.blob.txt > $3 + done && _load "Make operations" """./modules/GoMutation reports/db/$2.blob.txt $3 if [ \"$?\" != \"0\" ] then echo -e \"\n$red Error fatal$green\" @@ -22,5 +22,5 @@ exit 2 fi """ - kill -9 $! &> /dev/null + kill $! 1> /dev/null } diff --git a/modules/permutations/main.py b/modules/permutations/main.py deleted file mode 100755 index 16d0fde..0000000 --- a/modules/permutations/main.py +++ /dev/null @@ -1,70 +0,0 @@ -#!/usr/bin/env python3 -# Elimine the max. number -# of variables -global_list = [] -# Texts to numbers -def textnumber(x): - return x.translate(str.maketrans('aeioAEIOBTbtsS', '43104310878755')) -# make the number -def counting1(x): - return x+"1" -def counting2(x): - return x+"12" -def counting3(x): - return x+"123" -def counting4(x): - return x+"1234" -def counting8(x): - return x+"12345678" -def counting81(x): - return x+"87654321" -# Weaks year -def year9(x): - return x+"2019" -def year8(x): - return x+"2018" -def year7(x): - return x+"2017" -def year6(x): - return x+"2016" -def year20(x): - return x+"2020" - - -# Variant, all uppercase or lowercase -# Up, Low, and upper lower lower up -# and inverter -def uppall(x): - return x.upper() -def lowera(x): - return x.lower() -def ullual(x): - # k = key - # k[0] -> position - # k[1] -> value - return ''.join( - list( - map( - lambda k: k[1].upper() if k[0] % 2 == 0 else k[1].lower(), - enumerate(x) - ) - ) - ) -def luulal(x): - return ullual(x).swapcase() -def inverter(x): - return x.swapcase() -# Combinatories analysis -# comb -> mess & ssem -> parsing -# returning all parsing strings -def comb(allist): - # Get value [[1,2,3],[3,2,1]] to - # parse [1,2,3,3,2,1] - def parsing(x): - global global_list - for i in x: - global_list = global_list + i - return global_list - - # Mergeds values - return parsing(list(map(lambda x: [x+i for i in allist], allist))) diff --git a/modules/report/main.sh b/modules/report/main.sh index 23df70f..1b59547 100644 --- a/modules/report/main.sh +++ b/modules/report/main.sh @@ -110,38 +110,8 @@ echo -e """ </body> </html> """ >> ./report-$name.html && \ - ( echo -e "$correct The file has been saved in\n $orange \t→ report-$name.html $end" ) || \ - ( echo -e "$incorrect Dont can write in this directory?" ) - - # Head default of groff - # https://www.gnu.org/software/groff/manual/groff.html#Page-Layout - echo """ -.TL -Report of $name -.PP -Was processed \fB$numberOfUrls\fP -urls with \fB$numberOfContents\fP letters and -\fB$numberOfWords\fP words, -resulted in \fB$numberOfResult\fP passwords possibles, based on these -.HnS 1 -.HR -.URL https://adasecurity.github.io/D4N155/theories/ operations -.HR -.HnE - -Urls analyzed: -.CDS -$contentsOfUrls -.CDE - -.PP -\fIGenerated by D4N155\fP - -""" | groff -ms -mwww -T pdf > "./report-$name.pdf" && \ - ( echo -e "$correct The file has been saved in\n $orange \t→ report-$name.pdf $end " ) || \ - ( echo -e "$incorrect groff dont are installed?";exit 2 ) + echo -e "$correct The file has been saved in\n $orange \t→ report-$name.html $end" || \ + echo -e "$incorrect Dont can write in this directory?" } - # call __make - diff --git a/requirements.txt b/requirements.txt index 25e660d..80a0ca5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,5 +4,5 @@ numpy==1.15.4 requests==2.20.1 mechanicalsoup==0.12.0 selenium==3.14.1 -getrails==1.5 +getrails==3.0 objetive==0.6