OSCP Scripts

http-enum.py

#!/usr/bin/python
import os, sys, argparse, datetime


def scan(cmd, ip, dir, log, name, tool):
   print("[%s / %s] %s  starting...." % (ip, name, tool))
   os.system(cmd)
   print("\tLog: %s" % log)
   print("\tResults: %s" % dir)
   print("[%s / %s] %s complete." % (ip, name, tool))

def main():
   # binaries
   _gobuster = "/root/go/bin/gobuster"
   _eyewitness = "/usr/bin/eyewitness"
   _whatweb = "/usr/bin/whatweb"
   _nikto = "/usr/bin/nikto"

   _valid_codes = "'200,204,301,307,405,500'"
   _agent = "'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36'"                                                                                  
   _date = datetime.datetime.now().strftime('%Y%m%d')

   # tool args
   _gob_args = "-n -q -r -e -t 30 -k -s %s -a %s" % (_valid_codes, _agent)
   _eye_args = "--web --threads 10 --no-prompt --results 20 --user-agent %s" % (_agent)
   _nikto_args = "-Format txt -Save ."

   # user arguments
   parser = argparse.ArgumentParser()
   parser.add_argument("--ip", dest="_ip")
   args = parser.parse_args()

   # whatweb scan
   _ww_dir = "Enumeration/whatweb_%s.log" % _date
   _ww_log = "Logs/whatweb_%s.log" % _date
   _cmd = "%s --log-brief=%s %s > %s 2>&1" % (_whatweb, _ww_dir, args._ip, _ww_log)
   scan(_cmd, args._ip, _ww_dir, _ww_log, "normal", _whatweb)

   # nikto scan
   _nikto_dir = "Enumeration/nikto_%s.log" % _date
   _nikto_log = "Logs/nikto_%s.log" % _date
   _cmd = "%s %s -host %s -output %s > %s 2>&1" % (_nikto, _nikto_args, args._ip, _nikto_dir, _nikto_log)
   scan(_cmd, args._ip, _nikto_dir, _nikto_log, "normal", _nikto)

   # first gobuster scan
   _gob_dir = "Enumeration/gobuster_%s_%s.log" % ("fast", _date)
   _gob_log="Logs/gobuster_fast_%s.log" % (_date)
   _cmd = "%s %s -u %s -o %s -w %s > %s 2>&1" % (_gobuster, _gob_args, args._ip, _gob_dir, "/mnt/resources/WordLists/wordlist_small_20190319.log", _gob_log)                                                        
   scan(_cmd, args._ip, _gob_dir, _gob_log, "fast", _gobuster)

   # first eyewitness scan
   _eye_dir = "Enumeration/eyewitness_%s_%s.log" % ("fast", _date)
   _eye_log="Logs/eyewitness_fast_%s.log" % (_date)
   _cmd = "%s %s -d %s -f %s > %s 2>&1" % (_eyewitness, _eye_args, _eye_log, _gob_dir, _eye_log)
   scan(_cmd, args._ip, _eye_dir, _eye_log, "fast", _eyewitness)

if __name__ == "__main__":
   main()

nmap.py

!/usr/bin/python
import os, sys, argparse, datetime


def scan(cmd, ip, name, dir, log):
   print("[%s / %s] Nmap scan starting...." % (ip, name))
   os.system(cmd)
   print("\tLog: %s" % log)
   print("\tResults: %s" % dir)
   print("[%s / %s] Nmap scan complete." % (ip, name))


def main():
   _nmap = "/usr/bin/nmap"
   _args = "-sT -T4 --open"
   _date = datetime.datetime.now().strftime('%Y%m%d')
   _dir="Scanning/nmap_tcp_fast_%s" % (_date)
   _log="Logs/nmap_tcp_fast_%s.log" % (_date)

   parser = argparse.ArgumentParser()
   parser.add_argument("--ip", dest="_ip")
   args = parser.parse_args()

   # first nmap scan
   _cmd="%s %s --top-ports 25 -oA %s %s > %s 2>&1" % (_nmap, _args, _dir, args._ip, _log)
   scan(_cmd, args._ip, "fast", _dir, _log)

   # second nmap scan
   _dir="Scanning/nmap_tcp_medium_%s" % (_date)
   _log="Logs/nmap_tcp_medium_%s.log" % (_date)
   _cmd="%s %s --top-ports 25 -vv -A -oA %s %s > %s 2>&1" % (_nmap, _args, _dir, args._ip, _log)
   scan(_cmd, args._ip, "medium", _dir, _log)

   # third nmap scan
   _dir="Scanning/nmap_tcp_detailed_%s" % (_date)
   _log="Logs/nmap_tcp_detailed_%s.log" % (_date)
   _cmd="%s %s -p- -vvvv -A --script=default,vuln,discovery -oA %s %s > %s 2>&1" % (_nmap, _args, _dir, args._ip, _log)                                                                                             
   scan(_cmd, args._ip, "detailed", _dir, _log)

if __name__ == "__main__":
   main()

strip-ansi.sh

#!/bin/bash

/usr/bin/sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" -i~ $1