Last active
May 7, 2021 12:32
-
-
Save manasmbellani/cde4672e5d257f9aec0c2eb820cacf0b to your computer and use it in GitHub Desktop.
invoke_kiterunner.sh - Run kiterunner from Assetnote with large wordlists
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Directory where the kiterunner wordlist files should be written | |
| WORDLISTS_DIR="/opt/wordlists" | |
| KITERUNNER_PATH="/opt/kiterunner/kiterunner" | |
| KITERUNNER_WORDLIST_ZIP="routes-large.kite.tar.gz" | |
| KITERUNNER_WORDLIST="$WORDLISTS_DIR/routes-large.kite" | |
| USAGE=" | |
| [-] <...hosts...> | $0 run | |
| " | |
| if [ $# -lt 1 ]; then | |
| echo "$USAGE" | |
| exit 1 | |
| fi | |
| echo "[*] Read hosts from stdin" | |
| hosts_file=$(mktemp -u) | |
| echo "$(cat -)" > "$hosts_file" | |
| if [ ! -f "$WORDLISTS_DIR/$KITERUNNER_WORDLIST" ]; then | |
| echo "[*] Extract the $KITERUNNER_WORDLIST_ZIP file in $WORDLISTS_DIR" | |
| cwd=$(pwd) | |
| cd $WORDLISTS_DIR | |
| tar xzvf "$KITERUNNER_WORDLIST_ZIP" | |
| cd "$cwd" | |
| fi | |
| echo "[*] Executing kiterunner on wordlists" | |
| set -x | |
| $KITERUNNER_PATH scan "$hosts_file" -w "$KITERUNNER_WORDLIST" --progress -x 20 -j 100 --fail-status-codes 400,401,404,403,501,502,426,411 | |
| set +x | |
| echo "[*] Clear the routes-large.kite extracted file" | |
| rm "$KITERUNNER_WORDLIST" | |
| echo "[*] Clearing the extracted hosts file" | |
| rm "$hosts_file" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment