Sn1per Community Edition by @xer0dayz - https://xerosecurity.com

CHANGELOG.md

@@ -1,6 +1,12 @@
 ## CHANGELOG:
-* v7.5 - Fixed issue with theHarvester package on Ubuntu systems
-* v7.5 - Added net-tools package for Ubuntu OS deps
+* v8.0 - Added ASnip tool to retrieve ASN's via 'recon' mode
+* v8.0 - Added Shodan sub-domain lookup
+* v8.0 - Added script timeout flag for NMap scripts
+* v8.0 - Fixed issue with dnsenum getting stuck on gathering dns info stage
+* v8.0 - Added option to force upgrade/install.sh without user prompt (ie. ./install.sh force)
+* v8.0 - Fixed issue with theHarvester package on Ubuntu systems
+* v8.0 - Fixed error "[: ==: unary operator expected" in all modes
+* v8.0 - Added net-tools package for Ubuntu OS deps
 * v7.4 - Added LDAP anomyous search to port 389/tcp checks (Shoutout @D0rkerDevil)
 * v7.4 - Added Java RMI dump registry scan checks and exploits to port 8001/tcp (Shoutout @D0rkerDevil)
 * v7.4 - Added CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure MSF module

install.sh

@@ -15,8 +15,8 @@ echo -e "$OKRED  (__  ) / / // // /_/ /  __/ /    $RESET"
 echo -e "$OKRED /____/_/ /_/___/ .___/\___/_/     $RESET"
 echo -e "$OKRED               /_/                 $RESET"
 echo -e "$RESET"
-echo -e "$OKORANGE + -- --=[ https://xerosecurity.com$RESET"
-echo -e "$OKORANGE + -- --=[ Sn1per by @xer0dayz$RESET"
+echo -e "$OKORANGE + -- --=[ https://xerosecurity.com $RESET"
+echo -e "$OKORANGE + -- --=[ Sn1per by @xer0dayz $RESET"
 echo ""
 
 INSTALL_DIR=/usr/share/sniper
@@ -25,7 +25,9 @@ PLUGINS_DIR=/usr/share/sniper/plugins
 GO_DIR=~/go/bin
 
 echo -e "$OKGREEN + -- --=[ This script will install sniper under $INSTALL_DIR. Are you sure you want to continue? (Hit Ctrl+C to exit)$RESET"
-read answer
+if [ "$1" != "force" ]; then
+	read answer
+fi
 
 mkdir -p $INSTALL_DIR 2> /dev/null
 mkdir -p $LOOT_DIR 2> /dev/null
@@ -84,6 +86,7 @@ git clone https://github.com/1N3/jexboss.git
 git clone https://github.com/maurosoria/dirsearch.git
 git clone https://github.com/jekyc/wig.git
 git clone https://github.com/rbsec/dnscan.git
+git clone https://github.com/RUB-NDS/CORStest.git
 git clone https://github.com/christophetd/censys-subdomain-finder.git
 pip install -r $PLUGINS_DIR/censys-subdomain-finder/requirements.txt
 pip3 install -r $PLUGINS_DIR/dnscan/requirements.txt 
@@ -108,6 +111,8 @@ unzip slurp.zip
 rm -f slurp.zip
 cd ~/go/bin/;go get github.com/haccer/subjack
 cd ~/go/bin/;go get -u github.com/Ice3man543/SubOver; mv SubOver /usr/local/bin/subover
+go get github.com/harleo/asnip
+ln -s ~/go/bin/asnip /usr/bin/asnip
 rm -Rf ~/go/src/amass*
 wget https://github.com/OWASP/Amass/releases/download/v3.1.10/amass_v3.1.10_linux_amd64.zip -O ~/go/src/amass.zip
 cd ~/go/src/
@@ -136,7 +141,10 @@ rm 3.0.6.tar.gz
 rm -f /usr/bin/theharvester
 ln -s /usr/share/sniper/plugins/theHarvester-3.0.6/theHarvester.py /usr/bin/theharvester
 git clone https://github.com/laramies/metagoofil.git
-
+git clone https://github.com/achillean/shodan-python
+cd shodan-python 
+python setup.py install
+cd ..
 echo -e "$OKORANGE + -- --=[ Setting up environment...$RESET"
 mv ~/.sniper.conf ~/.sniper.conf.old 2> /dev/null
 cp $INSTALL_DIR/sniper.conf ~/.sniper.conf 2> /dev/null

modes/flyover.sh

@@ -53,6 +53,7 @@ if [ "$MODE" = "flyover" ]; then
 
       dig all +short $TARGET 2> /dev/null > $LOOT_DIR/nmap/dns-$TARGET.txt 2> /dev/null & 
       dig all +short -x $TARGET 2> /dev/null >> $LOOT_DIR/nmap/dns-$TARGET.txt 2> /dev/null & 
+      sed -i -E 's/,//g' $LOOT_DIR/ips/ips-all-sorted.txt 2> /dev/null
       host $TARGET 2> /dev/null | grep address 2> /dev/null | awk '{print $4}' 2> /dev/null >> $LOOT_DIR/ips/ips-all-unsorted.txt 2> /dev/null &
 
       wget -qO- -T 1 --connect-timeout=5 --read-timeout=5 --tries=1 http://$TARGET |  perl -l -0777 -ne 'print $1 if /<title.*?>\s*(.*?)\s*<\/title/si' 2> /dev/null > $LOOT_DIR/web/title-https-$TARGET.txt & 2> /dev/null
@@ -71,7 +72,7 @@ if [ "$MODE" = "flyover" ]; then
       fi
       cat $LOOT_DIR/nmap/dns-$TARGET.txt 2> /dev/null | egrep -i "wordpress|instapage|heroku|github|bitbucket|squarespace|fastly|feed|fresh|ghost|helpscout|helpjuice|instapage|pingdom|surveygizmo|teamwork|tictail|shopify|desk|teamwork|unbounce|helpjuice|helpscout|pingdom|tictail|campaign|monitor|cargocollective|statuspage|tumblr|amazon|hubspot|cloudfront|modulus|unbounce|uservoice|wpengine|cloudapp" 2>/dev/null | tee $LOOT_DIR/nmap/takeovers-$TARGET.txt 2>/dev/null & 2> /dev/null
       if [ $CUTYCAPT = "1" ]; then
-        if [ ${DISTRO} == "blackarch"  ]; then
+        if [ $DISTRO == "blackarch"  ]; then
           /bin/CutyCapt --url=http://$TARGET:80 --out=$LOOT_DIR/screenshots/$TARGET-port80.jpg --insecure --max-wait=5000 2> /dev/null &
           /bin/CutyCapt --url=https://$TARGET:443 --out=$LOOT_DIR/screenshots/$TARGET-port443.jpg --insecure --max-wait=5000 2> /dev/null &
         else