Advertisement
zerobyte-id

TheBashter

Apr 8th, 2019
881
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. # TheBashter V 1.0 Beta
  3.  
  4. rm *.bshtr 2> /dev/null
  5.  
  6. RED='\e[31m'
  7. GRN='\e[32m'
  8. YEL='\e[33m'
  9. CLR='\e[0m'
  10.  
  11. echo -ne "" > formlist.bshtr
  12.  
  13. echo ' _____ _          ____            _     _  V 1.0 Beta'
  14. echo '|_   _| |__   ___| __ )  __ _ ___| |__ | |_ ___ _ __ '
  15. echo '  | | | `_ \ / _ \  _ \ / _` / __| `_ \| __/ _ \ `__|'
  16. echo '  | | | | | |  __/ |_) | (_| \__ \ | | | ||  __/ |   '
  17. echo '  |_| |_| |_|\___|____/ \__,_|___/_| |_|\__\___|_|   '
  18. echo '.:: FIND SOMETHING SHIT ON SITE - By @ZeroByte.ID ::.';
  19. echo '';
  20.  
  21. function UrlSelector() {
  22.     WebSite=${1}
  23.     TargetSite=${2}
  24.     WHTP=$(echo ${TargetSite} | sed 's|//| |g' | awk '{print $1}')
  25.     if [[ ${WebSite} == "#" ]] ;
  26.     then
  27.         echo -ne ""
  28.     elif [[ ! -z $(echo "${WebSite}" | grep -i "[.]pdf\|[.]doc\|docx\|[.]png\|[.]gif\|[.]jpg\|[.]jpeg\|[.]ico\|[.]svg\|[.]css\|[.]js") ]]
  29.     then
  30.         echo -ne ""
  31.     elif [[ ${WebSite} =~ ^"//" ]];
  32.     then
  33.         if [[ ${WebSite} =~ $(echo $TargetSite | sed 's/www.//g' | sed 's/\// /g' | awk '{print $2}') ]];
  34.         then
  35.             PARSEDURI=$(echo ${WebSite} | sed 's|//|/|g')
  36.             echo "[GET] ${WHTP}/${PARSEDURI}"
  37.         fi
  38.     elif [[ ${WebSite} =~ ^"/"[a-zA-Z0-9]* ]];
  39.     then
  40.         PARSEDURI=$(echo "${TargetSite}${WebSite}" | sed 's|//|/|g' | awk '{print $1}' | sed 's|:/|://|g')
  41.         echo "[GET] ${PARSEDURI}"
  42.     elif [[ ${WebSite} =~ ^"http" ]];
  43.     then
  44.         if [[ ${WebSite} =~ $(echo $TargetSite | sed 's/www.//g' | sed 's/\// /g' | awk '{print $2}') ]];
  45.         then
  46.             echo "[GET] ${WebSite}"
  47.         fi
  48.     elif [[ $(echo ${WebSite} | grep -v ^"http" | grep ^"[a-zA-Z0-9]" | grep -v ^'javascript:' | grep -v ^'android-app://' | grep -v ^'ios-app://') ]];
  49.     then
  50.         echo "[GET] ${TargetSite}/${WebSite}" | sed 's|//|/|g' | sed 's|:/|://|g'
  51.     else
  52.         echo -ne ""
  53.     fi 
  54. }
  55.  
  56. function ChkUrlXSS() {
  57.     FullpathSite=${1}
  58.     if [[ ! -z $(curl -sk "${FullpathSite}/Ghost%3Cbashter%22XSS" | grep 'Ghost<bashter"XSS') ]];
  59.     then
  60.         echo -e "${VulnFound}"
  61.     elif [[ ${FullpathSite} =~ "=" ]];
  62.     then
  63.         FullpathSite2=$(echo ${FullpathSite} | sed 's/=/=Ghost%3Cbashter%22XSS/g')
  64.         if [[ ! -z $(curl -sk "${FullpathSite2}" | grep 'Ghost<bashter"XSS') ]];
  65.         then
  66.             echo -e "${RED}$(date +"[%H:%M:%S]") FATAL: XSS on ${FullpathSite}${CLR}"
  67.         fi
  68.     fi
  69. }
  70.  
  71. function ChkCORS() {
  72.     FullpathSite=${1}
  73.     WebSource=${2}
  74.     if [[ ! -z $(cat ${WebSource} | grep ^'^' | grep -i "access-control-allow") ]]
  75.     then
  76.         curl -vsk -H "Origin: http://example.com/" ${FullpathSite} &> CORS-Test.gbash
  77.         if [[ $(cat CORS-Test.gbash | grep -i "Access-Control-Allow-Origin" | grep "example.com") ]];
  78.         then
  79.             echo -e "${YEL}$(date +"[%H:%M:%S]") WARN: CORS Missconfiguration on ${FullpathSite}${CLR}"
  80.         fi
  81.     fi
  82. }
  83.  
  84. function ChkClickjacking() {
  85.     FullpathSite=${1}
  86.     WebSource=${2}
  87.     if [[ -z $(cat ${WebSource} | grep ^'<' | grep -i x-frame-options) ]];
  88.     then
  89.         echo -e "${YEL}$(date +"[%H:%M:%S]") WARN: Clickjacking on \"${FullpathSite}\" X-Frame-Options is not present${CLR}"
  90.     fi
  91. }
  92.  
  93. function GetSource() {
  94.     WebSrc="${1}"
  95.     cat ${WebSrc} | grep -o 'href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^href=["'"'"']//' -e 's/["'"'"']$//'
  96.     cat ${WebSrc} | grep -o 'src=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^src=["'"'"']//' -e 's/["'"'"']$//'
  97. }
  98.  
  99. function ChkForm() {
  100.     WEBSRC="${1}"
  101.     FILESRC="${2}"
  102.     IFS=$'\n'
  103.     for FORM in $(cat ${FILESRC} | grep -Po '<form\K.*?(?=>)' | sed 's/^/<form/g' | sed 's/$/>/g')
  104.     do
  105.         FORMPOST=$(echo $FORM | grep -o 'method=['"'"'"][^"'"'"']*['"'"'"]' | grep -i post)
  106.         if [[ $(cat formlist.bshtr | grep ''$FORM'') ]]
  107.         then
  108.             echo -ne ""
  109.         elif [[ -z $FORMPOST ]]
  110.         then
  111.             echo "$(date +"[%H:%M:%S]") INFO: Form GET on \"${WEBSRC}\""
  112.         else
  113.             echo "$(date +"[%H:%M:%S]") INFO: Form POST on \"${WEBSRC}\""
  114.         fi
  115.         echo $FORM >> formlist.bshtr
  116.     done
  117. }
  118.  
  119. echo -ne "[?] Input Website : "
  120. read TargetSite
  121. curl -vsk ${TargetSite} &> websourcetemp.bshtr
  122. echo -ne "" > webpathtemp.bshtr
  123. echo -ne "" > websiteslist.bshtr
  124. echo ""
  125. echo "$(date +"[%H:%M:%S]") INFO: Scanning ${TargetSite}..."
  126. ChkForm ${TargetSite} websourcetemp.bshtr
  127. ChkUrlXSS ${TargetSite}
  128. ChkClickjacking ${TargetSite} websourcetemp.bshtr
  129. ChkCORS ${TargetSite} websourcetemp.bshtr
  130. for WebPath in $(GetSource websourcetemp.bshtr)
  131. do
  132.     UrlSelector ${WebPath} ${TargetSite} | awk '{print $2}' >> websiteslist.bshtr
  133. done
  134. echo "${TargetSite}" > websitedone.bshtr
  135. ########## SECOND ##########
  136. COMPARV=0
  137. while true
  138. do
  139.     for TargetSite2 in $(cat websiteslist.bshtr)
  140.     do
  141.         if [[ -z $(cat websitedone.bshtr | grep "${TargetSite2}"$) ]]
  142.         then
  143.             curl -vsk ${TargetSite2} &> websourcetemp.bshtr
  144.             ChkForm ${TargetSite2} websourcetemp.bshtr
  145.             ChkUrlXSS ${TargetSite2}
  146.             ChkClickjacking ${TargetSite2} websourcetemp.bshtr
  147.             ChkCORS ${TargetSite2} websourcetemp.bshtr
  148.             for WebPath in $(GetSource websourcetemp.bshtr)
  149.             do
  150.                 UrlSelector ${WebPath} ${TargetSite} | awk '{print $2}' >> websiteslist.bshtr
  151.             done
  152.             echo "${TargetSite2}" >> websitedone.bshtr
  153.             COMPART=$(cat websitedone.bshtr | wc -l)
  154.         fi
  155.     done
  156.     if [[ $COMPARV -eq $COMPART ]];
  157.     then
  158.         break
  159.     else
  160.         COMPARV=${COMPART}
  161.     fi
  162. done
  163. rm *.bshtr 2> /dev/null
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement