From 09f571a25fc3dd0e5358dbbc899cbc1343c27462 Mon Sep 17 00:00:00 2001 From: Andres Julian Lopez Date: Tue, 3 Oct 2017 12:22:18 +0200 Subject: [PATCH 1/6] Closes 15. Add JSON output support --- VHostScan.py | 5 +++++ lib/helpers/output_helper.py | 16 ++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/VHostScan.py b/VHostScan.py index 8fa5c84..4df57ea 100644 --- a/VHostScan.py +++ b/VHostScan.py @@ -34,6 +34,7 @@ def main(): parser.add_argument("--rate-limit", dest="rate_limit", type=int, help='Amount of time in seconds to delay between each scan (default 0).', default=0) parser.add_argument("--waf", dest="add_waf_bypass_headers", action="store_true", help="If set then simple WAF bypass headers will be sent.", default=False) parser.add_argument("-oN", dest="output_normal", help="Normal output printed to a file when the -oN option is specified with a filename argument." ) + parser.add_argument("-oJ", dest="output_json", help="JSON output printed to a file when the -oJ option is specified with a filename argument." ) parser.add_argument("-", dest="stdin", action="store_true", help="By passing a blank '-' you tell VHostScan to expect input from stdin (pipe).", default=False) arguments = parser.parse_args() @@ -104,6 +105,10 @@ def main(): output.write_normal(arguments.output_normal) print("\n[+] Writing normal ouptut to %s" % arguments.output_normal) + if(arguments.output_json): + output.output_json(arguments.output_json) + print("\n[+] Writing json ouptut to %s" % arguments.output_json) + if __name__ == "__main__": main() diff --git a/lib/helpers/output_helper.py b/lib/helpers/output_helper.py index e0aeb44..020dcfe 100644 --- a/lib/helpers/output_helper.py +++ b/lib/helpers/output_helper.py @@ -4,6 +4,7 @@ from fuzzywuzzy import fuzz import itertools import numpy as np +import json class output_helper(object): @@ -43,6 +44,21 @@ def output_normal_likely(self): return "\n[!] No matches with a unique count of {} or less.".format(depth) + def output_json(self, filename): + file = file_helper(filename) + list = dict() + for host in self.scanner.hosts: + headers = {} + for header in host.keys: + headers[header.split(':')[0]] = header.split(':')[1].strip() + + list[host.hostname] = {'Code': host.response_code, + 'Hash': host.hash, + 'Response': host.content, + 'Headers': headers} + file.write_file(json.dumps(list)) + + def output_fuzzy(self): output = "\n\n[+] Match similarity using fuzzy logic:" request_hashes = {} From 86494f860d97e3fb3a650eef038ce9df19f2cb0e Mon Sep 17 00:00:00 2001 From: Andres Julian Lopez Date: Tue, 3 Oct 2017 13:51:03 +0200 Subject: [PATCH 2/6] Added requierement for dns-lookup option --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index 70f6425..f76d010 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ +dnspython==1.15.0 fuzzywuzzy==0.15.1 numpy==1.12.0 pandas==0.19.2 From 0496a93ce038cf9a558cf4128b51be3529aaded4 Mon Sep 17 00:00:00 2001 From: Michael <886344+codingo@users.noreply.github.com> Date: Wed, 4 Oct 2017 09:29:05 +1000 Subject: [PATCH 3/6] Update __version__.py --- lib/core/__version__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/core/__version__.py b/lib/core/__version__.py index 6331142..d1d6262 100644 --- a/lib/core/__version__.py +++ b/lib/core/__version__.py @@ -2,5 +2,5 @@ # |V|H|o|s|t|S|c|a|n| Developed by @codingo_ & @__timk # +-+-+-+-+-+-+-+-+-+ https://github.com/codingo/VHostScan -__version__ = '1.2' +__version__ = '1.5.1' From 277f82e21daab46abc8e382e6135ea30d819964b Mon Sep 17 00:00:00 2001 From: Michael <886344+codingo@users.noreply.github.com> Date: Wed, 4 Oct 2017 09:30:09 +1000 Subject: [PATCH 4/6] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index ad84658..ac9340d 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,7 @@ $ pip install -r requirements.txt | --rate-limit | Amount of time in seconds to delay between each scan (default 0). | | --waf | If set then simple WAF bypass headers will be sent. | | -oN OUTPUT_NORMAL | Normal output printed to a file when the -oN option is specified with a filename argument. | +| -oJ OUTPUT_JSON | JSON output printed to a file when the -oJ option is specified with a filename argument. | | - | By passing a blank '-' you tell VHostScan to expect input from stdin (pipe). | ## Usage Examples From c3a9832b623fb1c3ea111d537bbfa0d07337c81d Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 4 Oct 2017 09:54:22 +1000 Subject: [PATCH 5/6] Fixed spacing --- lib/core/virtual_host_scanner.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/core/virtual_host_scanner.py b/lib/core/virtual_host_scanner.py index d84123a..5a1c3f7 100644 --- a/lib/core/virtual_host_scanner.py +++ b/lib/core/virtual_host_scanner.py @@ -116,7 +116,7 @@ def scan(self): self.results.append(hostname + ',' + page_hash) #rate limit the connection, if the int is 0 it is ignored - time.sleep(self.rate_limit) + time.sleep(self.rate_limit) self.completed_scan=True From 8f8a1eb74db04b593143c0df3f9a7e2328d62567 Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 4 Oct 2017 10:02:38 +1000 Subject: [PATCH 6/6] Removed host.content from json output --- lib/helpers/output_helper.py | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/helpers/output_helper.py b/lib/helpers/output_helper.py index 020dcfe..6071318 100644 --- a/lib/helpers/output_helper.py +++ b/lib/helpers/output_helper.py @@ -54,7 +54,6 @@ def output_json(self, filename): list[host.hostname] = {'Code': host.response_code, 'Hash': host.hash, - 'Response': host.content, 'Headers': headers} file.write_file(json.dumps(list))