SHARE
TWEET

TheBashter

zerobyte-id Apr 8th, 2019 395 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. # TheBashter V 1.0 Beta
  3.  
  4. rm *.bshtr 2> /dev/null
  5.  
  6. RED='\e[31m'
  7. GRN='\e[32m'
  8. YEL='\e[33m'
  9. CLR='\e[0m'
  10.  
  11. echo -ne "" > formlist.bshtr
  12.  
  13. echo ' _____ _          ____            _     _  V 1.0 Beta'
  14. echo '|_   _| |__   ___| __ )  __ _ ___| |__ | |_ ___ _ __ '
  15. echo '  | | | `_ \ / _ \  _ \ / _` / __| `_ \| __/ _ \ `__|'
  16. echo '  | | | | | |  __/ |_) | (_| \__ \ | | | ||  __/ |   '
  17. echo '  |_| |_| |_|\___|____/ \__,_|___/_| |_|\__\___|_|   '
  18. echo '.:: FIND SOMETHING SHIT ON SITE - By @ZeroByte.ID ::.';
  19. echo '';
  20.  
  21. function UrlSelector() {
  22.     WebSite=${1}
  23.     TargetSite=${2}
  24.     WHTP=$(echo ${TargetSite} | sed 's|//| |g' | awk '{print $1}')
  25.     if [[ ${WebSite} == "#" ]] ;
  26.     then
  27.         echo -ne ""
  28.     elif [[ ! -z $(echo "${WebSite}" | grep -i "[.]pdf\|[.]doc\|docx\|[.]png\|[.]gif\|[.]jpg\|[.]jpeg\|[.]ico\|[.]svg\|[.]css\|[.]js") ]]
  29.     then
  30.         echo -ne ""
  31.     elif [[ ${WebSite} =~ ^"//" ]];
  32.     then
  33.         if [[ ${WebSite} =~ $(echo $TargetSite | sed 's/www.//g' | sed 's/\// /g' | awk '{print $2}') ]];
  34.         then
  35.             PARSEDURI=$(echo ${WebSite} | sed 's|//|/|g')
  36.             echo "[GET] ${WHTP}/${PARSEDURI}"
  37.         fi
  38.     elif [[ ${WebSite} =~ ^"/"[a-zA-Z0-9]* ]];
  39.     then
  40.         PARSEDURI=$(echo "${TargetSite}${WebSite}" | sed 's|//|/|g' | awk '{print $1}' | sed 's|:/|://|g')
  41.         echo "[GET] ${PARSEDURI}"
  42.     elif [[ ${WebSite} =~ ^"http" ]];
  43.     then
  44.         if [[ ${WebSite} =~ $(echo $TargetSite | sed 's/www.//g' | sed 's/\// /g' | awk '{print $2}') ]];
  45.         then
  46.             echo "[GET] ${WebSite}"
  47.         fi
  48.     elif [[ $(echo ${WebSite} | grep -v ^"http" | grep ^"[a-zA-Z0-9]" | grep -v ^'javascript:' | grep -v ^'android-app://' | grep -v ^'ios-app://') ]];
  49.     then
  50.         echo "[GET] ${TargetSite}/${WebSite}" | sed 's|//|/|g' | sed 's|:/|://|g'
  51.     else
  52.         echo -ne ""
  53.     fi 
  54. }
  55.  
  56. function ChkUrlXSS() {
  57.     FullpathSite=${1}
  58.     if [[ ! -z $(curl -sk "${FullpathSite}/Ghost%3Cbashter%22XSS" | grep 'Ghost<bashter"XSS') ]];
  59.     then
  60.         echo -e "${VulnFound}"
  61.     elif [[ ${FullpathSite} =~ "=" ]];
  62.     then
  63.         FullpathSite2=$(echo ${FullpathSite} | sed 's/=/=Ghost%3Cbashter%22XSS/g')
  64.         if [[ ! -z $(curl -sk "${FullpathSite2}" | grep 'Ghost<bashter"XSS') ]];
  65.         then
  66.             echo -e "${RED}$(date +"[%H:%M:%S]") FATAL: XSS on ${FullpathSite}${CLR}"
  67.         fi
  68.     fi
  69. }
  70.  
  71. function ChkCORS() {
  72.     FullpathSite=${1}
  73.     WebSource=${2}
  74.     if [[ ! -z $(cat ${WebSource} | grep ^'^' | grep -i "access-control-allow") ]]
  75.     then
  76.         curl -vsk -H "Origin: http://example.com/" ${FullpathSite} &> CORS-Test.gbash
  77.         if [[ $(cat CORS-Test.gbash | grep -i "Access-Control-Allow-Origin" | grep "example.com") ]];
  78.         then
  79.             echo -e "${YEL}$(date +"[%H:%M:%S]") WARN: CORS Missconfiguration on ${FullpathSite}${CLR}"
  80.         fi
  81.     fi
  82. }
  83.  
  84. function ChkClickjacking() {
  85.     FullpathSite=${1}
  86.     WebSource=${2}
  87.     if [[ -z $(cat ${WebSource} | grep ^'<' | grep -i x-frame-options) ]];
  88.     then
  89.         echo -e "${YEL}$(date +"[%H:%M:%S]") WARN: Clickjacking on \"${FullpathSite}\" X-Frame-Options is not present${CLR}"
  90.     fi
  91. }
  92.  
  93. function GetSource() {
  94.     WebSrc="${1}"
  95.     cat ${WebSrc} | grep -o 'href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^href=["'"'"']//' -e 's/["'"'"']$//'
  96.     cat ${WebSrc} | grep -o 'src=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^src=["'"'"']//' -e 's/["'"'"']$//'
  97. }
  98.  
  99. function ChkForm() {
  100.     WEBSRC="${1}"
  101.     FILESRC="${2}"
  102.     IFS=$'\n'
  103.     for FORM in $(cat ${FILESRC} | grep -Po '<form\K.*?(?=>)' | sed 's/^/<form/g' | sed 's/$/>/g')
  104.     do
  105.         FORMPOST=$(echo $FORM | grep -o 'method=['"'"'"][^"'"'"']*['"'"'"]' | grep -i post)
  106.         if [[ $(cat formlist.bshtr | grep ''$FORM'') ]]
  107.         then
  108.             echo -ne ""
  109.         elif [[ -z $FORMPOST ]]
  110.         then
  111.             echo "$(date +"[%H:%M:%S]") INFO: Form GET on \"${WEBSRC}\""
  112.         else
  113.             echo "$(date +"[%H:%M:%S]") INFO: Form POST on \"${WEBSRC}\""
  114.         fi
  115.         echo $FORM >> formlist.bshtr
  116.     done
  117. }
  118.  
  119. echo -ne "[?] Input Website : "
  120. read TargetSite
  121. curl -vsk ${TargetSite} &> websourcetemp.bshtr
  122. echo -ne "" > webpathtemp.bshtr
  123. echo -ne "" > websiteslist.bshtr
  124. echo ""
  125. echo "$(date +"[%H:%M:%S]") INFO: Scanning ${TargetSite}..."
  126. ChkForm ${TargetSite} websourcetemp.bshtr
  127. ChkUrlXSS ${TargetSite}
  128. ChkClickjacking ${TargetSite} websourcetemp.bshtr
  129. ChkCORS ${TargetSite} websourcetemp.bshtr
  130. for WebPath in $(GetSource websourcetemp.bshtr)
  131. do
  132.     UrlSelector ${WebPath} ${TargetSite} | awk '{print $2}' >> websiteslist.bshtr
  133. done
  134. echo "${TargetSite}" > websitedone.bshtr
  135. ########## SECOND ##########
  136. COMPARV=0
  137. while true
  138. do
  139.     for TargetSite2 in $(cat websiteslist.bshtr)
  140.     do
  141.         if [[ -z $(cat websitedone.bshtr | grep "${TargetSite2}"$) ]]
  142.         then
  143.             curl -vsk ${TargetSite2} &> websourcetemp.bshtr
  144.             ChkForm ${TargetSite2} websourcetemp.bshtr
  145.             ChkUrlXSS ${TargetSite2}
  146.             ChkClickjacking ${TargetSite2} websourcetemp.bshtr
  147.             ChkCORS ${TargetSite2} websourcetemp.bshtr
  148.             for WebPath in $(GetSource websourcetemp.bshtr)
  149.             do
  150.                 UrlSelector ${WebPath} ${TargetSite} | awk '{print $2}' >> websiteslist.bshtr
  151.             done
  152.             echo "${TargetSite2}" >> websitedone.bshtr
  153.             COMPART=$(cat websitedone.bshtr | wc -l)
  154.         fi
  155.     done
  156.     if [[ $COMPARV -eq $COMPART ]];
  157.     then
  158.         break
  159.     else
  160.         COMPARV=${COMPART}
  161.     fi
  162. done
  163. rm *.bshtr 2> /dev/null
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top