Inicio>Relacionado con la programación>Otro código fuente
Descargar

WebCopilot

Una herramienta de automatización que enumera subdominios, luego filtra los parámetros xss, sqli, open refund, lfi, ssrf y rce y luego busca vulnerabilidades.

Características • Instalación • Uso • WebCopilot • Herramientas utilizadas • Reconocimiento

WebCopilot es una herramienta de automatización diseñada para enumerar subdominios del objetivo y detectar errores utilizando diferentes herramientas de código abierto.

El script primero enumera todos los subdominios del dominio de destino dado usando activefinder, sublister, subfinder, amass, findomain, hackertarget, riddler y crt, luego realiza una enumeración activa de subdominios usando gobuster de la lista de palabras de SecLists, luego filtra todos los subdominios activos usando dnsx y luego extrae títulos de los subdominios usando httpx y escaneos para la adquisición de subdominios usando subjack. Luego usa gau/gauplus, waybackurls o waymore para rastrear todos los puntos finales de los subdominios dados, luego usa patrones gf para filtrar los parámetros xss, lfi, ssrf, sqli, redirección abierta y rce de esos subdominios dados, y luego escanea para vulnerabilidades en los subdominios utilizando diferentes herramientas de código abierto (como kxss, dalfox, openredirex, nuclei, etc.). Luego imprimirá el resultado del escaneo y guardará todo el resultado en un directorio específico.

Características

  • Enumeración de subdominios utilizando Assetfinder, SUBLIST3R_V2.0, subfinder, amass, findomain, etc.
  • Enumeración de subdominios activos usando gobuster y amass de la lista de palabras SecLists/DNS.
  • Extraiga títulos y tome capturas de pantalla de subdominios activos usando aquatone y httpx.
  • Rastree todos los puntos finales de los subdominios usando waymore y filtre los parámetros XSS, SQLi, SSRF, etc. usando patrones gf.
  • Ejecute diferentes herramientas de código abierto (como dalfox, nuclei, sqlmap, etc.) para buscar vulnerabilidades en estos parámetros y luego guarde todos los resultados en la carpeta.

Uso 

g ! 2m0: ~ webcopilot -h
                                ──────▄▀▄─────▄▀▄
                                ─────▄█░░▀▀▀▀▀░░█▄
                                ─▄▄──█░░░░░░░░░░░█──▄▄
                                █▄▄█─█░░▀░░┬░░▀░░█─█▄▄█
 ██╗░░░░░░░██╗███████╗██████╗░░█████╗░░█████╗░██████╗░██╗██╗░░░░░░█████╗░████████╗
░██║░░██╗░░██║██╔════╝██╔══██╗██╔══██╗██╔══██╗██╔══██╗██║██║░░░░░██╔══██╗╚══██╔══╝
░╚██╗████╗██╔╝█████╗░░██████╦╝██║░░╚═╝██║░░██║██████╔╝██║██║░░░░░██║░░██║░░░██║░░░
░░████╔═████║░██╔══╝░░██╔══██╗██║░░██╗██║░░██║██╔═══╝░██║██║░░░░░██║░░██║░░░██║░░░
░░╚██╔╝░╚██╔╝░███████╗██████╦╝╚█████╔╝╚█████╔╝██║░░░░░██║███████╗╚█████╔╝░░░██║░░░
░░░╚═╝░░░╚═╝░░╚══════╝╚═════╝░░╚════╝░░╚════╝░╚═╝░░░░░╚═╝╚══════╝░╚════╝░░░░╚═╝░░░
                                                                [  ] Version: 2.0 .0
                                                                [  ] @ h4r5h1t | G ! 2 m0


[ ] Warning: Use with caution . You are responsible for your own actions .
[ ] Developers assume no liability and are not responsible for any misuse or damage cause by this tool .


Usage :
webcopilot - d < target >
webcopilot - d < target > - a
webcopilot [ - d target ] [ - o output destination ] [ - t threads ] [ - b blind server URL ] [ - x exclude domains ] [ - f subdomains file ] [ - a ] [ - v ] [ - h ]
Flags :
  - d        Add your target [ Optional ]
  - o        To save outputs in folder [ Default : webcopilot - < timestamp > ]
  -t        Number of threads [Default: 100]
  -b        Add your server for BXSS [Default: False]
  -x        Exclude out of scope domains [Default: False]
  -f        Specify a file containing subdomains, this will skip subdomain enumeration [Optional]
  -a        Run all Enumeration by default it will run only subdomain enumeration [Default: False][Time Consuming]
  -v        Show version of the tool
  -h        Show this help message

Example:./webcopilot  -d domain.com -a -o domain -t 333 -x exclude.txt -b testServer.oast.fun
You can use  https://app.interactsh.com/ to get your server

Instalación de WebCopilot

WebCopilot requiere git para instalarse correctamente. Ejecute el siguiente comando como root para instalar webcopilot 

git clone https://github.com/h4r5h1t/webcopilot && cd webcopilot/ && chmod +x webcopilot install.sh && mv webcopilot /usr/bin/ && ./install.sh
 [ * ] Installing Tools
[ * ] Creating Directories
[ * ] Installing Dependencies and Checking is Installed or Not
[ * ] git is already installed
[ * ] python3 is already installed
[ * ] python3 - pip is already installed
[ * ] ruby is already installed
[ * ] golang - go is already installed
[ * ] snapd could not be found [ * ] Installing snapd
[ * ] snapd is not installed successfully , Please install it manually
[ * ] cmake is already installed
[ * ] jq is already installed
[ * ] gobuster is already installed
[ * ] chromium is already installed
[ * ] parallel is already installed
[ * ] Installing Python Tools
[ * ] Sublist3r could not be found [ * ] Installing Sublist3r
[ * ] Sublist3r is installed successfully
[ * ] sqlmap is already installed
[ * ] urldedupe is already installed
[ * ] openredirex is already installed
[ * ] waymore is already installed
[ * ] findomain is already installed
[ * ] uro is already installed
[ * ] Installing Wordlists and Payloads
[ * ] Skipping payloads / lfi . txt , already exists .
[ * ] Skipping resolvers . txt , already exists .
[ * ] Skipping subdomains . txt , already exists .
[ * ] Skipping fuzz . txt , already exists .
[ * ] Skipping dicc . txt , already exists .
[ * ] Skipping big . txt , already exists .
[ * ] Skipping dns . txt , already exists .
[ * ] Installing Go Tools
[ * ] anew is already installed
[ * ] gf is already installed
[ * ] aquatone could not be found [ * ] Installing aquatone
[ * ] aquatone is not installed successfully , Please install it manually
[ * ] assetfinder is already installed
[ * ] gau is already installed
[ * ] waybackurls is already installed
[ * ] httpx could not be found [ * ] Installing httpx
[ * ] httpx is not installed successfully , Please install it manually
[ * ] amass could not be found [ * ] Installing amass
[ * ] amass is not installed successfully , Please install it manually
[ * ] kxss is already installed
[ * ] subjack is already installed
[ * ] qsreplace is already installed
[ * ] dnsx could not be found [ * ] Installing dnsx
[ * ] dnsx is not installed successfully , Please install it manually
[ * ] dalfox is already installed
[ * ] crlfuzz is already installed
[ * ] nuclei could not be found [ * ] Installing nuclei
[ * ] nuclei is not installed successfully , Please install it manually
[ * ] subfinder could not be found [ * ] Installing subfinder
[ * ] subfinder is not installed successfully , Please install it manually
[ * ] Configuring Tools and Setting Up Environment
[ * ] All Tools are installed successfully

Herramientas utilizadas:

SubFinder • Sublist3r • Findomain • gf • OpenRedireX • dnsx • sqlmap • gobuster • activefinder • httpx • kxss • qsreplace • Nuclei • dalfox • anew • jq • aquatone • urldedupe • Amass • gauplus • waybackurls • crlfuzz • gau • waymore • SUBLIST3R_V2. 0 • uro

Ejecutando WebCopilot

Para ejecutar la herramienta en un objetivo, simplemente use el siguiente comando. 

g ! 2m0: ~ webcopilot -d example.com

El comando -o se puede utilizar para especificar un directorio de salida. 

g ! 2m0: ~ webcopilot -d example.com -o example

El comando -a se puede utilizar para ejecutar todas las enumeraciones (Enumeración de subdominios + Escaneo de vulnerabilidades). 

g ! 2m0: ~ webcopilot -d example.com -o example -a

El comando -t se puede utilizar para agregar subprocesos a su escaneo para obtener resultados más rápidos. 

g ! 2m0: ~ webcopilot -d example.com -o example -t 333

El comando -b se puede usar para xss ciego (OOB), puede hacer que su servidor interactúe 

g ! 2m0: ~ webcopilot -d example.com -o example -t 333 -b eeuyhzfnsezrraragtd70ex5oc2hsw.oast.fun

El comando -x se puede utilizar para excluir dominios fuera de alcance. 

g ! 2m0: ~ echo out.example.com > excludeDomain.txt
g ! 2m0: ~ webcopilot -d example.com -o example -t 333 -x excludeDomain.txt -b eeuyhzfnsezrraragtd70ex5oc2hsw.oast.fun

El comando -f se puede usar para pasar archivos que contienen subdominios (usando esta enumeración de subdominio activo + pasivo para omitir) 

g ! 2m0: ~ webcopilot -d example.com -o example -f /home/ubuntu/subdomains.txt -a

Ejemplo

Las opciones predeterminadas se ven así: 

g ! 2m0: ~ webcopilot -d http://testphp.vulnweb.com/ -a -b eeuyhzfpwgnsezrraragtd70ex5oc2hsw.oast.fun
                                ──────▄▀▄─────▄▀▄
                                ─────▄█░░▀▀▀▀▀░░█▄
                                ─▄▄──█░░░░░░░░░░░█──▄▄
                                █▄▄█─█░░▀░░┬░░▀░░█─█▄▄█
 ██╗░░░░░░░██╗███████╗██████╗░░█████╗░░█████╗░██████╗░██╗██╗░░░░░░█████╗░████████╗
░██║░░██╗░░██║██╔════╝██╔══██╗██╔══██╗██╔══██╗██╔══██╗██║██║░░░░░██╔══██╗╚══██╔══╝
░╚██╗████╗██╔╝█████╗░░██████╦╝██║░░╚═╝██║░░██║██████╔╝██║██║░░░░░██║░░██║░░░██║░░░
░░████╔═████║░██╔══╝░░██╔══██╗██║░░██╗██║░░██║██╔═══╝░██║██║░░░░░██║░░██║░░░██║░░░
░░╚██╔╝░╚██╔╝░███████╗██████╦╝╚█████╔╝╚█████╔╝██║░░░░░██║███████╗╚█████╔╝░░░██║░░░
░░░╚═╝░░░╚═╝░░╚══════╝╚═════╝░░╚════╝░░╚════╝░╚═╝░░░░░╚═╝╚══════╝░╚════╝░░░░╚═╝░░░
                                                                [  ] Version: 2.0 .0
                                                                [  ] @ h4r5h1t | G ! 2 m0


[ ] Warning: Use with caution . You are responsible for your own actions .
[ ] Developers assume no liability and are not responsible for any misuse or damage cause by this tool .


Target :  http: //testphp.vulnweb.com/
Output:  / home / ubuntu / github / webcopilot / webcopilot - 1714304809
Threads: 100
Server:  eeuyhzfpwgnsezdyeragtd70ex5oc2hsw . oast . fun
Exclude: False
Mode:    Running all Enumeration
Time :    28 - 04 - 2024 17 : 16 : 49

[ ! ] Please wait while scanning . . .

[  ] Passive Subdomain Scanning is in progress :

[  ] Subdomain Scanned  -  [ assetfinder✔ ]                 Subdomain Found : 0
[  ] Subdomain Scanned  -  [ SUBLIST3R_V2 .0  ]              Subdomain Found : 0
[  ] Subdomain Scanned  -  [ subfinder✔ ]                   Subdomain Found : 1
[  ] Subdomain Scanned  -  [ amass✔ ]                       Subdomain Found : 0
[  ] Subdomain Scanned  -  [ findomain✔ ]                   Subdomain Found : 1

[  ] Subdomain Scanned  -  [ crt . sh✔ ]                      Subdomain Found : 0
[  ] Subdomain Scanned  -  [ hackertarget✔ ]                Subdomain Found : 1
[  ] Subdomain Scanned  -  [ riddler✔ ]                     Subdomain Found : 0
[  ] Subdomain Scanned  -  [ certspotter✔ ]                 Subdomain Found : 0

[  ] Active Subdomain Scanning is in progress :
[ ! ] Please be patient . This may take a while ...
[  ] Active Subdomain Scanned  -  [ gobuster✔ ]             Subdomain Found : 0
[  ] Active Subdomain Scanned  -  [ amass✔ ]                Subdomain Found : 0

[  ] Subdomain Filtering : Filtering Alive subdomains
[  ] Subdomain Filtering  -   Filtering alive subdomains is completed .    Check : / subdomains / alivesub . txt
[  ] Subdomain Scanning : Getting titles of valid subdomains
[  ] Visual inspection of Subdomains is completed .        Check : / subdomains / aquatone /

[  ] Subdomain Enumeration Completed .    Total : 1 | Alive : 1

[  ] Endpoints Scanning Completed .  Total : 0
[  ] Vulnerabilities Scanning is in progress : Getting all vulnerabilities of 
[  ] Vulnerabilities Scanning is in progress :

[  ] Vulnerabilities Scanned  -  [ XSS✔ ]                   Found : 0
[  ] Vulnerabilities Scanned  -  [ SQLi✔ ]                  Found : 0
[  ] Vulnerabilities Scanned  -  [ LFI✔ ]                   Found : 0
[  ] Vulnerabilities Scanned  -  [ CRLF✔ ]                  Found : 0
[  ] Vulnerabilities Scanned  -  [ SSRF✔ ]                  Found : 0
[  ] Vulnerabilities Scanned  -  [ Open redirect✔ ]         Found : 0
[  ] Vulnerabilities Scanned  -  [ Subdomain Takeover✔ ]    Found : 0
[  ] Vulnerabilities Scanned  -  [ Nuclie✔ ]                Found : 0
[  ] Vulnerabilities Scanning Completed .    Check : / vulnerabilities /


▒█▀▀█ █▀▀ █▀▀ █░░█ █░░ ▀▀█▀▀
▒█▄▄▀ █▀▀ ▀▀█ █░░█ █░░ ░░█░░
▒█░▒█ ▀▀▀ ▀▀▀ ░▀▀▀ ▀▀▀ ░░▀░░

[ + ] Subdomains of http : //testphp.vulnweb.com/
[ + ] Subdomains Found : 1
[ + ] Subdomains Alive : 1
[ + ] Endpoints : 0
[ + ] XSS : 0
[ + ] SQLi : 0
[ + ] Open Redirect : 0
[ + ] SSRF : 0
[ + ] CRLF : 0
[ + ] LFI : 0
[ + ] Subdomain Takeover : 0
[ + ] Nuclei : 0

Reconocimiento

WebCopilot está inspirado en Garud & Pinaak por ROX4R.

Gracias a los autores de las herramientas y listas de palabras utilizadas en este script.

@aboul3la @tomnomnom @lc @hahwul @projectdiscovery @maurosoria @shelld3v @devanshbatham @michenriksen @defparam @projectdiscovery @bp0lr @ameenmaali @sqlmapproject @dwisiswant0 @OWASP @OJ @Findomain @danielmiessler @1ndianl33t @ROX4R @xnl-h4ck3r @hxlx @s0md3v @s0md3v

Advertencia: los desarrolladores no asumen ninguna responsabilidad y no son responsables del mal uso o daño causado por esta herramienta. Por lo tanto, tenga cuidado porque usted es responsable de sus propias acciones.
Expandir
Información adicional
Aplicaciones relacionadas
Recomendado para ti
Información relacionada Todo
Comentarios de los usuarios