laramies/theHarvester
1
1
Fork 0
mirror of https://github.com/laramies/theHarvester.git synced 2025-02-24 22:42:56 +08:00
Code Issues Projects Releases Packages Wiki Activity

Integrated security trails into all mode, and touched up minor cosmetics.

Browse source
This commit is contained in:
NotoriousRebel 2018-12-21 17:47:15 -05:00
parent 9d35d59fdf
commit 52b7a7d427
5 changed files with 18 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
discovery/censys.py
View file

@ -32,7 +32,7 @@ def process(self):
try: try:
self.page = str(self.counter) self.page = str(self.counter)
self.url = "https://" + self.server + "/ipv4/_search?q=" + str(self.word) + "&page=" + str(self.page) self.url = "https://" + self.server + "/ipv4/_search?q=" + str(self.word) + "&page=" + str(self.page)
print("\t - Searching Censys results page " + self.page + "...") print("\t -Searching Censys results page " + self.page + "...")
self.do_search() self.do_search()
time.sleep(getDelay()) time.sleep(getDelay())
except Exception as e: except Exception as e:

2
discovery/crtsh.py
View file

@ -26,7 +26,7 @@ def do_search(self):
links = self.get_info(r.text) links = self.get_info(r.text)
for link in links: for link in links:
params = {'User-Agent': getUserAgent()} params = {'User-Agent': getUserAgent()}
print ("\t\tSearching " + link) #print("\tSearching " + link)
r = requests.get(link, headers=params) r = requests.get(link, headers=params)
time.sleep(getDelay()) time.sleep(getDelay())
self.results = r.text self.results = r.text

3
discovery/securitytrailssearch.py
View file

@ -7,7 +7,6 @@ class search_securitytrail:
def __init__(self, word): def __init__(self, word):
self.word = word self.word = word
self.limit = 100
self.key = "" self.key = ""
if self.key == "": if self.key == "":
print("You need an API key in order to use the SecurityTrails search engine. You can get one here: https://securitytrails.com/") print("You need an API key in order to use the SecurityTrails search engine. You can get one here: https://securitytrails.com/")
@ -35,7 +34,7 @@ def do_search(self):
url = self.database + 'domain/' + self.word url = self.database + 'domain/' + self.word
headers = {'APIKEY': self.key} headers = {'APIKEY': self.key}
r = requests.get(url, headers=headers) r = requests.get(url, headers=headers)
time.sleep(2) time.sleep(2) #not random delay because 2 seconds is required due to rate limit
except Exception as e: except Exception as e:
print(e) print(e)
self.results = r.text self.results = r.text

3
securitytrailsparser.py
View file

@ -4,7 +4,6 @@ def __init__(self, word, text):
self.word = word self.word = word
self.text = text self.text = text
self.hostnames = set() self.hostnames = set()
self.urls = []
self.ips = set() self.ips = set()
def parse_text(self): def parse_text(self):
@ -35,4 +34,4 @@ def parse_text(self):
self.hostnames.add(str(line).replace('"', '').replace(',', '') + '.' + self.word) self.hostnames.add(str(line).replace('"', '').replace(',', '') + '.' + self.word)
else: else:
continue continue
return list(self.ips), list(self.hostnames) return list(self.ips), list(self.hostnames)

17
theHarvester.py
View file

@ -489,6 +489,19 @@ def start(argv):
# all_emails = sorted(set(all_emails)) # all_emails = sorted(set(all_emails))
db.store_all(word, emails, 'email', 'hunter') db.store_all(word, emails, 'email', 'hunter')
print("[-] Searching in securityTrails:")
from discovery import securitytrailssearch
search = securitytrailssearch.search_securitytrail(word)
search.process()
hosts = search.get_hostnames()
all_hosts.extend(hosts)
db = stash.stash_manager()
db.store_all(word, hosts, 'host', 'securityTrails')
ips = search.get_ips()
all_ip.extend(ips)
db = stash.stash_manager()
db.store_all(word, ips, 'ip', 'securityTrails')
print("[-] Searching in Google Certificate transparency report..") print("[-] Searching in Google Certificate transparency report..")
search = googlecertificates.search_googlecertificates(word, limit, start) search = googlecertificates.search_googlecertificates(word, limit, start)
search.process() search.process()
@ -769,7 +782,6 @@ def start(argv):
file.write('<?xml version="1.0" encoding="UTF-8"?><theHarvester>') file.write('<?xml version="1.0" encoding="UTF-8"?><theHarvester>')
for x in all_emails: for x in all_emails:
file.write('<email>' + x + '</email>') file.write('<email>' + x + '</email>')
for x in full: for x in full:
x = x.split(":") x = x.split(":")
if len(x) == 2: if len(x) == 2:
@ -796,13 +808,12 @@ def start(argv):
file.write('<port>' + res[2] + '</port>') file.write('<port>' + res[2] + '</port>')
# page.pre(res[1]) # page.pre(res[1])
file.write('<banner><!--' + res[1] + '--></banner>') file.write('<banner><!--' + res[1] + '--></banner>')
reg_server = re.compile('Server:.*') reg_server = re.compile('Server:.*')
temp = reg_server.findall(res[1]) temp = reg_server.findall(res[1])
if temp != []: if temp != []:
shodanalysis.append(res[0] + ":" + temp[0]) shodanalysis.append(res[0] + ":" + temp[0])
file.write('</shodan>') file.write('</shodan>')
if shodanalysis != []: if shodanalysis != []:
shodanalysis = sorted(set(shodanalysis)) shodanalysis = sorted(set(shodanalysis))
file.write('<servers>') file.write('<servers>')