Feat/check and screens (#38)

* feat: add command to run httx and gowitness

* update readme and version

* move files and folders to .yelaa

* fix: add correct file path

Co-authored-by: Julien Arrault <[email protected]>

README.md

@@ -44,27 +44,32 @@ You can run `Yelaa create -c <client> -s <PathToSharedFolder>`
 
 To run osint command on several domains run `Yelaa osint -t domains.txt`
 
+## How to run httpx then gowitness
+
+`Yelaa checkAndScreen -l domains.txt`
+
 ## Help 
 
 ``` 
-./yelaa -h 
- __   __         _
- \ \ / /   ___  | |
-  \ V /   / _ \ | |  / _` |  / _` |
-   | |   |  __/ | | | (_| | | (_| |
-   |_|    \___| |_|  \__,_|  \__,_|
+Yelaa -h
+ __   __         _                     _       _____       ____
+ \ \ / /   ___  | |   __ _    __ _    / |     |___ /      |___ \
+  \ V /   / _ \ | |  / _` |  / _` |   | |       |_ \        __) |
+   | |   |  __/ | | | (_| | | (_| |   | |  _   ___) |  _   / __/
+   |_|    \___| |_|  \__,_|  \__,_|   |_| (_) |____/  (_) |_____|
 Obtain a clean-cut architecture at the launch of a mission and make some tests
 
 Usage:
-  yelaa create -c [client name] [flags]
+  create -c [client name] [flags]
+  create [command]
 
 Available Commands:
-  help        Help about any command
-  create      Obtain a clean-cut architecture
-  osint       Run subfinder, dnsx and httpx to find ips and subdomains of a specific domain +screenshots them
-  scan        It will run Nuclei templates, gobuster and more.
+  checkAndScreen Run httpx and gowitness
+  help            Help about any command
+  osint           Run subfinder, dnsx and httpx to find ips and subdomains of a specific domain
+  scan            It will run Nuclei templates, sslscan, dirsearch and more.
 
-Flags for command create:
+Flags:
   -c, --client string         Client name
   -e, --excludedType string   excluded type
   -h, --help                  help for create

main.go

@@ -212,7 +212,7 @@ func scanDomain(domain string) {
 
 func main() {
 
-	version := figure.NewColorFigure("Yelaa 1.3.1", "", "cyan", true)
+	version := figure.NewColorFigure("Yelaa 1.3.2", "", "cyan", true)
 	version.Print()
 
 	var cmdScan = &cobra.Command{
@@ -251,6 +251,32 @@ func main() {
 		},
 	}
 
+	var checkAndScreen = &cobra.Command{
+		Use:   "checkAndScreen -l list_of_ip.txt",
+		Short: "Run httpx and gowitness",
+		Long:  "Run httpx on each IP and take screenshots of each server that are up",
+		Args:  cobra.MaximumNArgs(1),
+		Run: func(cmd *cobra.Command, args []string) {
+			checkProxy()
+
+			if targetPath == "" {
+				color.Red("Please provide a list of ips/domains")
+				return
+			}
+
+			color.Cyan("Running httpx to find http servers")
+			tool.Httpx(targetPath)
+
+			UserHomeDir, err := os.UserHomeDir()
+			if err != nil {
+				fmt.Println(err)
+			}
+
+			color.Cyan("Running gowitness on server found by httpx")
+			tool.Gowitness(UserHomeDir + "/.yelaa/checkAndScreen.txt")
+		},
+	}
+
 	var createDirectories = &cobra.Command{
 		Use:   "create -c [client name]",
 		Short: "It will create all directories to work",
@@ -281,7 +307,7 @@ func main() {
 
 	var rootCmd = createDirectories
 
-	rootCmd.AddCommand(cmdScan, cmdOsint)
+	rootCmd.AddCommand(cmdScan, cmdOsint, checkAndScreen)
 	rootCmd.Flags().StringVarP(&client, "client", "c", "", "Client name")
 	rootCmd.Flags().StringVarP(&shared, "shared", "s", "", "path to shared folder")
 	rootCmd.Flags().StringVarP(&excludedType, "excludedType", "e", "", "excluded type")
@@ -293,6 +319,8 @@ func main() {
 	cmdOsint.Flags().StringVarP(&domain, "domain", "d", "", "Target domain")
 	cmdOsint.Flags().StringVarP(&targetPath, "target", "t", "", "Target domains file")
 
+	checkAndScreen.Flags().StringVarP(&targetPath, "list", "l", "", "list of ips/domains")
+
 	if err := rootCmd.MarkFlagRequired("client"); err != nil {
 		panic(err)
 	}

tool/gowitness.go

@@ -4,23 +4,27 @@ import (
 	"fmt"
 	"os"
 	"os/exec"
+	"time"
 
 	"github.com/fatih/color"
 )
 
 func Gowitness(urls string) {
+	currentTime := time.Now().Local()
+
 	UserHomeDir, _ := os.UserHomeDir()
 	args := "file"
 	args2 := "-f"
 	DomainsFile := urls
 
 	args4 := "--screenshot-path"
-	destinationPath := UserHomeDir + "/.yelaa/screenshots"
+	destinationPath := fmt.Sprintf("%s-%d-%d-%d_%d-%d-%d", UserHomeDir+"/.yelaa/screenshots", currentTime.Year(), currentTime.Month(), currentTime.Day(), currentTime.Hour(), currentTime.Minute(), currentTime.Second())
+
 	_, err := exec.Command("gowitness", args, args2, DomainsFile, args4, destinationPath).Output()
 
 	if err != nil {
 		fmt.Printf("%s", err)
 	}
-	color.Yellow("Screenshot stored in ~/.yelaa/screenshots")
 
+	color.Yellow("Screenshot stored in " + destinationPath)
 }

tool/httpx.go

@@ -1,20 +1,56 @@
 package tool
 
 import (
+	"bufio"
 	"fmt"
+	"io/ioutil"
+	"os"
 	"os/exec"
+	"strings"
 )
 
 func Httpx(ipsFile string) {
+	tempFile, err := ioutil.TempFile(os.TempDir(), "yelaa-")
+	if err != nil {
+		fmt.Printf("%s", err)
+		return
+	}
+
 	out, err := exec.Command("httpx", "-l", ipsFile, "-title", "-content-length", "-content-type",
 		"-status-code", "-tech-detect", "-vhost", "-websocket", "-follow-redirects",
 		"-ports", "25,80,81,135,389,443,1080,3000,3306,8080,8443,8888,9090,8089",
-		"-retries", "2", "-timeout", "8", "-threads", "50").Output()
+		"-retries", "2", "-timeout", "8", "-threads", "50", "-o", tempFile.Name()).Output()
 
 	if err != nil {
 		fmt.Printf("%s", err)
+		return
 	}
 
 	output := string(out[:])
 	fmt.Println(output)
+
+	file, err := os.Open(tempFile.Name())
+	if err != nil {
+		fmt.Printf("%v, %+v", err, tempFile.Name())
+		return
+	}
+
+	scanner := bufio.NewScanner(file)
+	defer file.Close()
+
+	domains := ""
+
+	for scanner.Scan() {
+		result := scanner.Text()
+		domain := strings.Split(result, " ")[0]
+
+		domains += domain + "\n"
+	}
+
+	UserHomeDir, err := os.UserHomeDir()
+	if err != nil {
+		fmt.Println(err)
+	}
+
+	ioutil.WriteFile(UserHomeDir+"/.yelaa/checkAndScreen.txt", []byte(domains), 0644)
 }