LuD1161 · December 18, 2023 06:24
diff --git a/master_script.sh b/master_script.sh
 #!/bin/bash

 if [ -z "$2" ]
  then
    echo "2nd Argument not supplied"
    echo "2nd argument can be basic or advanced,it used for nmap"
    echo "Usage : ./master_script.sh domain basic|advanced"
    echo "Also do set your expo token export expToken=xxxx to receive push notification when this gets completed"
    echo "Get your expo token here : https://play.google.com/store/apps/details?id=com.hackingsimplified.notifyme"
    exit 1
 fi

 #### COLORS #### ( Taken from : https://misc.flogisoft.com/bash/tip_colors_and_formatting )
 NORMAL='\e[0m'
 RED='\e[31m'
 LIGHT_GREEN='\e[92m'
 LIGHT_YELLOW='\e[93m'
 BLINK='\e[5m'
 BOLD='\e[1m'
 UNDERLINE='\e[4m'
 ###############

 domain=$1
 typeOfRecon=$2
 cd ~/tools
 dt=$(date +%F.%H.%M.%S)
 resultDir=~/tools/results/$domain-$dt
 echo -e "Results in : ${BOLD}$resultDir${NORMAL}"
 mkdir -p $resultDir
 ReconStartTime=$(date +%s)
 check_finished()
 {
    tool=$1         # tools="subfinder"
    toolOutput=$2   # toolOutput="subfinderOutput"
    toolScreen=$3   # toolScreen="subfinderScreen"
    echo -e "${LIGHT_YELLOW}Checking whether "$tool" finished working${NORMAL}"
    STARTTIME=$(date +%s)
    while : ;
    do
        sleep 5s # sleep for 5 seconds before again checking
        if [ -f $resultDir/$toolOutput.finished ]; then
            # Delete flag file
            rm $resultDir/$toolOutput.finished
            # kill screen
            screen -X -S $toolScreen quit
            echo -en "\rTime elapsed : $totalTime seconds"
            break;
        fi
        ENDTIME=$(date +%s)
        totalTime=$(( $ENDTIME-$STARTTIME ))
        echo -en "\rTime elapsed : ${BLINK}${LIGHT_GREEN}$totalTime${NORMAL} seconds"
    done
    echo ""
 }
 function subfinder_and_amass(){
    #################   SUBFINDER AND AMASS ################################
    amassScreen=$domain-amass
    screen -dmS $amassScreen bash
    sleep 1
    screen -S $amassScreen -X stuff "scripts/amass.sh $domain $resultDir
    "
    amassOutput=$domain.amass.txt

    subfinderScreen=$domain-subfinder
    screen -dmS $subfinderScreen bash
    sleep 1
    screen -S $subfinderScreen -X stuff "scripts/subfinder.sh $domain $resultDir
    "
    subfinderOutput=$domain.subfinder.txt
    # check whether both subfinder and amass have completed their work
    # close their screens
    # then merge them using sort -u

    STARTTIME=$(date +%s)
    echo -e "${LIGHT_YELLOW}Checking whether subfinder and amass finished working${NORMAL}"
    while : ;
    do
        sleep 5s # sleep for 5 seconds before again checking
        if [ -f $resultDir/$subfinderOutput.finished ] && [ -f $resultDir/$amassOutput.finished ]; then
            rm $resultDir/$subfinderOutput.finished
            rm $resultDir/$amassOutput.finished
            # kill both screens
            screen -X -S $subfinderScreen quit
            screen -X -S $amassScreen quit

            # Put sorted results of both in one file
            sort -u $resultDir/$subfinderOutput $resultDir/$amassOutput > $resultDir/$domain.amass_subfinder.txt
            echo -en "\rTime elapsed : $totalTime seconds"
            break;
        fi
        ENDTIME=$(date +%s)
        totalTime=$(( $ENDTIME-$STARTTIME ))
        echo -en "\rTime elapsed : ${BLINK}${LIGHT_GREEN}$totalTime${NORMAL} seconds"
    done
    echo ""

    echo -e "${LIGHT_GREEN}Done amass and subfinder${NORMAL}"

    #################   SUBFINDER AND AMASS COMPLETE  #######################
 }

 function massdns(){
    ############################ MASSDNS ####################################
    echo -e "${LIGHT_YELLOW}Now doing massdns on the domain${NORMAL}"

    massdns_ip_screen=$domain-massdns
    screen -dmS $massdns_ip_screen bash
    sleep 1
    screen -S $domain-massdns -X stuff "scripts/massdns_ip.sh $domain $resultDir
    "
    # Do masscanning only when massdns is finished working
    massdnsOutput=$domain.massdns_ip
    check_finished "massdns_ip" $massdnsOutput $massdns_ip_screen

    echo -e "${LIGHT_GREEN}Massdns complete${NORMAL}"
    ############################ MASSDNS COMPLETE ###########################
 }

 function subjack(){
    #################   SUBJACK  ##########################################
    subjack_screen=$domain-subjack
    subjackOutput=$domain.subjack

    screen -dmS $subjack_screen bash
    sleep 1
    screen -S $subjack_screen -X stuff "scripts/subjack.sh $domain $resultDir
    "
    check_finished "subjack" $subjackOutput $subjack_screen
    echo -e "${LIGHT_GREEN}Done subjack${NORMAL}"
    #################   SUBJACK COMPLETE  #################################
 }

 function masscan(){
    ############################ MASSCAN ####################################
    echo -e "${LIGHT_YELLOW}Now doing masscan on all the obtained ip addreses from massdns${NORMAL}"

    masscan_ip_screen=$domain-masscan-ips
    screen -dmS $masscan_ip_screen bash
    sleep 1
    screen -S $masscan_ip_screen -X stuff "scripts/masscan.sh $resultDir/$domain.massdns_ip.ips.txt $domain $resultDir
    "

    masscanOutput=$domain.masscan
    check_finished "masscan-ip" $masscanOutput $masscan_ip_screen
    echo -e "${LIGHT_GREEN}Masscan complete${NORMAL}"
    #################   MASSCAN COMPLETE  ####################################
 }

 function nmap_sorted(){
    #################   NMAP SORTED FILE PYTHON  #############################
    echo -e "${LIGHT_YELLOW}Running python ~/tools/nmap-input-file-creator.py to create nmap suitable file${NORMAL}"
    python ~/tools/nmap-input-file-creator.py $resultDir/$domain.masscan-sorted.txt $resultDir/$domain.nmap-sorted.txt
    if [ $? -eq 0 ]; then
        echo -e "${LIGHT_YELLOW}Nmap input file created successfully${NORMAL}"
    else
        exit 1
    fi
    nmapFile=$resultDir/$domain.nmap-sorted.txt
    #################   NMAP SORTED FILE PYTHON COMPLETE  ###################
 }

 function nmap(){
    #################   NMAP  ###############################################
    nmapOutput=$domain.nmap
    nmapScreen=$domain-nmap
    screen -dmS $nmapScreen bash
    sleep 1
    screen -S $nmapScreen -X stuff "scripts/nmap.sh $nmapFile $resultDir $domain $typeOfRecon
    "
    check_finished "nmap" $nmapOutput $nmapScreen
    #################   NMAP COMPLETE  ######################################
 }

 function searchsploit(){
    #################   SEARCHSPLOIT  ###############################################
    searchsploitOutput=$domain.searchsploit
    searchsploitScreen=$domain-searchsploit
    screen -dmS $searchsploitScreen bash
    sleep 1
    screen -S $searchsploitScreen -X stuff "scripts/searchsploit.sh $domain $resultDir $typeOfRecon
    "
    check_finished "searchsploit" $searchsploitOutput $searchsploitScreen
    #################   SEARCHSPLOIT COMPLETE  ######################################
 }

 function aquatone(){
    #################   AQUATONE  #########################################
    #
    # Run aquatone on only valid domains found using massdns
    #
    aquatone_screen=$domain-aquatone
    aquatoneOutput=$domain.aquatone

    screen -dmS $aquatone_screen bash
    sleep 1
    screen -S $aquatone_screen -X stuff "scripts/aquatone.sh $domain $resultDir $typeOfRecon
    "
    check_finished "aquatone" $aquatoneOutput $aquatone_screen
    echo -e "${LIGHT_GREEN}Done aquatone${NORMAL}"
    #################   AQUATONE COMPLETE  ################################
 }

 function send_push_notification(){
 curl 'https://exp.host/--/api/v2/push/send' \
  -H 'authority: exp.host' \
  -H 'accept: application/json' \
  -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36' \
  -H 'content-type: application/json' \
  -H 'origin: https://expo.io' \
  -H 'sec-fetch-site: cross-site' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-dest: empty' \
  -H 'referer: https://expo.io/' \
  -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \
  --data-binary '[{"to":"'"$expToken"'","title":"Scanning complete For '"$domain"'","body":"'"$link"'"}]' \
  --compressed
 }
 subfinder_and_amass
 massdns
 subjack
 masscan
 nmap_sorted
 nmap
 searchsploit
 aquatone

 ReconEndTime=$(date +%s)
 link=http://$(curl ifconfig.co)/$domain.zip
 if [ -z "expToken" ]; then 
    send_push_notification
 else
    echo "expToken not set, no Push notificatons for you :p"
 fi
 echo -e "${BOLD}${LIGHT_GREEN}Reconnaissance finished${NORMAL}"
 echo -e "Results in : ${LIGHT_GREEN}$resultDir${NORMAL}"
 cd $resultDir && zip "/var/www/html/$domain.zip" -r .
 echo -e "${LIGHT_GREEN}" && tree $resultDir && echo -en "${NORMAL}"
 echo -e "Download your zip from : ${BOLD}${LIGHT_GREEN}${UNDERLINE}$link${NORMAL}"
 echo -e "Total Time taken : ${LIGHT_GREEN} $(( $ReconEndTime-$ReconStartTime )) ${NORMAL}seconds"
	#!/bin/bash

	if [ -z "$2" ]
	then
	echo "2nd Argument not supplied"
	echo "2nd argument can be basic or advanced,it used for nmap"
	echo "Usage : ./master_script.sh domain basic\|advanced"
	echo "Also do set your expo token export expToken=xxxx to receive push notification when this gets completed"
	echo "Get your expo token here : https://play.google.com/store/apps/details?id=com.hackingsimplified.notifyme"
	exit 1
	fi

	#### COLORS #### ( Taken from : https://misc.flogisoft.com/bash/tip_colors_and_formatting )
	NORMAL='\e[0m'
	RED='\e[31m'
	LIGHT_GREEN='\e[92m'
	LIGHT_YELLOW='\e[93m'
	BLINK='\e[5m'
	BOLD='\e[1m'
	UNDERLINE='\e[4m'
	###############

	domain=$1
	typeOfRecon=$2
	cd ~/tools
	dt=$(date +%F.%H.%M.%S)
	resultDir=~/tools/results/$domain-$dt
	echo -e "Results in : ${BOLD}$resultDir${NORMAL}"
	mkdir -p $resultDir
	ReconStartTime=$(date +%s)
	check_finished()
	{
	tool=$1 # tools="subfinder"
	toolOutput=$2 # toolOutput="subfinderOutput"
	toolScreen=$3 # toolScreen="subfinderScreen"
	echo -e "${LIGHT_YELLOW}Checking whether "$tool" finished working${NORMAL}"
	STARTTIME=$(date +%s)
	while : ;
	do
	sleep 5s # sleep for 5 seconds before again checking
	if [ -f $resultDir/$toolOutput.finished ]; then
	# Delete flag file
	rm $resultDir/$toolOutput.finished
	# kill screen
	screen -X -S $toolScreen quit
	echo -en "\rTime elapsed : $totalTime seconds"
	break;
	fi
	ENDTIME=$(date +%s)
	totalTime=$(( $ENDTIME-$STARTTIME ))
	echo -en "\rTime elapsed : ${BLINK}${LIGHT_GREEN}$totalTime${NORMAL} seconds"
	done
	echo ""
	}
	function subfinder_and_amass(){
	################# SUBFINDER AND AMASS ################################
	amassScreen=$domain-amass
	screen -dmS $amassScreen bash
	sleep 1
	screen -S $amassScreen -X stuff "scripts/amass.sh $domain $resultDir
	"
	amassOutput=$domain.amass.txt

	subfinderScreen=$domain-subfinder
	screen -dmS $subfinderScreen bash
	sleep 1
	screen -S $subfinderScreen -X stuff "scripts/subfinder.sh $domain $resultDir
	"
	subfinderOutput=$domain.subfinder.txt
	# check whether both subfinder and amass have completed their work
	# close their screens
	# then merge them using sort -u

	STARTTIME=$(date +%s)
	echo -e "${LIGHT_YELLOW}Checking whether subfinder and amass finished working${NORMAL}"
	while : ;
	do
	sleep 5s # sleep for 5 seconds before again checking
	if [ -f $resultDir/$subfinderOutput.finished ] && [ -f $resultDir/$amassOutput.finished ]; then
	rm $resultDir/$subfinderOutput.finished
	rm $resultDir/$amassOutput.finished
	# kill both screens
	screen -X -S $subfinderScreen quit
	screen -X -S $amassScreen quit

	# Put sorted results of both in one file
	sort -u $resultDir/$subfinderOutput $resultDir/$amassOutput > $resultDir/$domain.amass_subfinder.txt
	echo -en "\rTime elapsed : $totalTime seconds"
	break;
	fi
	ENDTIME=$(date +%s)
	totalTime=$(( $ENDTIME-$STARTTIME ))
	echo -en "\rTime elapsed : ${BLINK}${LIGHT_GREEN}$totalTime${NORMAL} seconds"
	done
	echo ""

	echo -e "${LIGHT_GREEN}Done amass and subfinder${NORMAL}"

	################# SUBFINDER AND AMASS COMPLETE #######################
	}

	function massdns(){
	############################ MASSDNS ####################################
	echo -e "${LIGHT_YELLOW}Now doing massdns on the domain${NORMAL}"

	massdns_ip_screen=$domain-massdns
	screen -dmS $massdns_ip_screen bash
	sleep 1
	screen -S $domain-massdns -X stuff "scripts/massdns_ip.sh $domain $resultDir
	"
	# Do masscanning only when massdns is finished working
	massdnsOutput=$domain.massdns_ip
	check_finished "massdns_ip" $massdnsOutput $massdns_ip_screen

	echo -e "${LIGHT_GREEN}Massdns complete${NORMAL}"
	############################ MASSDNS COMPLETE ###########################
	}

	function subjack(){
	################# SUBJACK ##########################################
	subjack_screen=$domain-subjack
	subjackOutput=$domain.subjack

	screen -dmS $subjack_screen bash
	sleep 1
	screen -S $subjack_screen -X stuff "scripts/subjack.sh $domain $resultDir
	"
	check_finished "subjack" $subjackOutput $subjack_screen
	echo -e "${LIGHT_GREEN}Done subjack${NORMAL}"
	################# SUBJACK COMPLETE #################################
	}

	function masscan(){
	############################ MASSCAN ####################################
	echo -e "${LIGHT_YELLOW}Now doing masscan on all the obtained ip addreses from massdns${NORMAL}"

	masscan_ip_screen=$domain-masscan-ips
	screen -dmS $masscan_ip_screen bash
	sleep 1
	screen -S $masscan_ip_screen -X stuff "scripts/masscan.sh $resultDir/$domain.massdns_ip.ips.txt $domain $resultDir
	"

	masscanOutput=$domain.masscan
	check_finished "masscan-ip" $masscanOutput $masscan_ip_screen
	echo -e "${LIGHT_GREEN}Masscan complete${NORMAL}"
	################# MASSCAN COMPLETE ####################################
	}

	function nmap_sorted(){
	################# NMAP SORTED FILE PYTHON #############################
	echo -e "${LIGHT_YELLOW}Running python ~/tools/nmap-input-file-creator.py to create nmap suitable file${NORMAL}"
	python ~/tools/nmap-input-file-creator.py $resultDir/$domain.masscan-sorted.txt $resultDir/$domain.nmap-sorted.txt
	if [ $? -eq 0 ]; then
	echo -e "${LIGHT_YELLOW}Nmap input file created successfully${NORMAL}"
	else
	exit 1
	fi
	nmapFile=$resultDir/$domain.nmap-sorted.txt
	################# NMAP SORTED FILE PYTHON COMPLETE ###################
	}

	function nmap(){
	################# NMAP ###############################################
	nmapOutput=$domain.nmap
	nmapScreen=$domain-nmap
	screen -dmS $nmapScreen bash
	sleep 1
	screen -S $nmapScreen -X stuff "scripts/nmap.sh $nmapFile $resultDir $domain $typeOfRecon
	"
	check_finished "nmap" $nmapOutput $nmapScreen
	################# NMAP COMPLETE ######################################
	}

	function searchsploit(){
	################# SEARCHSPLOIT ###############################################
	searchsploitOutput=$domain.searchsploit
	searchsploitScreen=$domain-searchsploit
	screen -dmS $searchsploitScreen bash
	sleep 1
	screen -S $searchsploitScreen -X stuff "scripts/searchsploit.sh $domain $resultDir $typeOfRecon
	"
	check_finished "searchsploit" $searchsploitOutput $searchsploitScreen
	################# SEARCHSPLOIT COMPLETE ######################################
	}

	function aquatone(){
	################# AQUATONE #########################################
	#
	# Run aquatone on only valid domains found using massdns
	#
	aquatone_screen=$domain-aquatone
	aquatoneOutput=$domain.aquatone

	screen -dmS $aquatone_screen bash
	sleep 1
	screen -S $aquatone_screen -X stuff "scripts/aquatone.sh $domain $resultDir $typeOfRecon
	"
	check_finished "aquatone" $aquatoneOutput $aquatone_screen
	echo -e "${LIGHT_GREEN}Done aquatone${NORMAL}"
	################# AQUATONE COMPLETE ################################
	}

	function send_push_notification(){
	curl 'https://exp.host/--/api/v2/push/send' \
	-H 'authority: exp.host' \
	-H 'accept: application/json' \
	-H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36' \
	-H 'content-type: application/json' \
	-H 'origin: https://expo.io' \
	-H 'sec-fetch-site: cross-site' \
	-H 'sec-fetch-mode: cors' \
	-H 'sec-fetch-dest: empty' \
	-H 'referer: https://expo.io/' \
	-H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \
	--data-binary '[{"to":"'"$expToken"'","title":"Scanning complete For '"$domain"'","body":"'"$link"'"}]' \
	--compressed
	}
	subfinder_and_amass
	massdns
	subjack
	masscan
	nmap_sorted
	nmap
	searchsploit
	aquatone

	ReconEndTime=$(date +%s)
	link=http://$(curl ifconfig.co)/$domain.zip
	if [ -z "expToken" ]; then
	send_push_notification
	else
	echo "expToken not set, no Push notificatons for you :p"
	fi
	echo -e "${BOLD}${LIGHT_GREEN}Reconnaissance finished${NORMAL}"
	echo -e "Results in : ${LIGHT_GREEN}$resultDir${NORMAL}"
	cd $resultDir && zip "/var/www/html/$domain.zip" -r .
	echo -e "${LIGHT_GREEN}" && tree $resultDir && echo -en "${NORMAL}"
	echo -e "Download your zip from : ${BOLD}${LIGHT_GREEN}${UNDERLINE}$link${NORMAL}"
	echo -e "Total Time taken : ${LIGHT_GREEN} $(( $ReconEndTime-$ReconStartTime )) ${NORMAL}seconds"