sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

push scan to use gowisper

Browse Source
This commit is contained in:
sgratias
2025-03-30 17:28:57 +02:00
parent db4176840e
commit 5b508f682a
5 changed files with 417 additions and 390 deletions
Download Patch File Download Diff File Expand all files Collapse all files

271
scan_toto.yml Normal file
View File

@@ -0,0 +1,271 @@
---
- name: SCAN in DOCKER [subfinder + dnsx + httpx + nuclei]
hosts: ovh01
become: true
gather_facts: true
vars:
fqdn: arion.space
ansible_user: stephane
user: staffadmin
token: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
36663034636138333863626233623737363834333134333235656132333933356237396132383266
3266326438656130623337653464633062343433623333620a386561353637613263323837313230
66666633373066363862343766646431396632653332333830323136343230336464333635343136
3732643432306338640a666334373636653164646135633966333339323935363433663130313235
36613831356265373964623464356263333666366539663131396535613633346138613665383864
6331393663346638663832313035653765303938376230363936
cloud_upload: true
ansible_password: stephane
ansible_become_password: stephane
username: jingohalert
password: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
66346630333538386564396632636161316239326530653037666465616165393135666532643264
3037363865363531636635306535663736353734333733340a363639636638396662616538343335
65366439343135636634393832636436353764303066653530346232323164376265313039373630
3863613961373430340a303866363962353262623030373061616134303366336237346631383539
3130
PDCP_API_KEY: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
33346636623263376335323265323163643534613835643363386630316666663336333435323438
3135313264626663663436346239306264666563303463380a643366633161326634316662313465
31646466666531656565356565383932356162323030346330356563323266396361376339313437
6637633235633635330a353539333366346331303134373433346462343736316437306136633361
37346537373861313361656338616438646533666639623533323433353365363836656532323938
3139363338653666656339303763333837313731383739363164
tasks:
- community.docker.docker_image_pull:
name: "{{ item }}"
loop:
- projectdiscovery/subfinder
- projectdiscovery/httpx
- projectdiscovery/dnsx
- projectdiscovery/nuclei
- ansible.builtin.git:
repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/staffadmin/scan.git
dest: "$HOME/scan"
single_branch: yes
force: true
become_user: root
- name: Remove all before
ansible.builtin.file:
path: $HOME/scan/{{ fqdn }}
state: absent
- name: Create a directory if it does not exist
ansible.builtin.file:
path: "{{ item.path }}"
state: "{{ item.state |default('touch') }}"
loop:
- path: $HOME/scan/{{ fqdn }}
state: directory
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__nuclei.json
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx.json
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt
# - path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx__full.txt
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__dnsx.json
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt
# - path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__dnsx__full.txt
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt
become_user: root
- name: subfinder
community.docker.docker_container:
image: projectdiscovery/subfinder
name: subfinder
command: "-d {{ fqdn }} -silent -o /{{ fqdn }}__subfinder.txt"
recreate: true
auto_remove: true
volumes:
- /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
become_user: root
- name: dnsx
community.docker.docker_container:
image: projectdiscovery/dnsx
name: "{{ item.name }}"
command: "{{ item.command }}"
recreate: true
auto_remove: true
volumes: "{{ item.volumes }}"
become_user: root
loop:
- command: -silent -l /{{ fqdn }}__subfinder.txt -o /{{ fqdn }}__dnsx.txt
name: dnsx
volumes:
- /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
# - command: -silent -a -cname -asn -resp -l /{{ fqdn }}__subfinder.txt -o /{{ fqdn }}__dnsx__full.txt
# volumes:
# - /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx__full.txt:/{{ fqdn }}__dnsx__full.txt:rw
- command: -silent -a -cname -asn -resp -l /{{ fqdn }}__subfinder.txt -j -o /{{ fqdn }}__dnsx.json
name: dnsx-json
volumes:
- /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.json:/{{ fqdn }}__dnsx.json:rw
loop_control:
#* seconds
pause: 30
# - name: httpx
# community.docker.docker_container:
# image: projectdiscovery/httpx
# name: httpx
# command: -silent -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.txt
# recreate: true
# auto_remove: true
# volumes:
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
# - /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt:/{{ fqdn }}__httpx.txt:rw
# become_user: root
# - name: httpx
# community.docker.docker_container:
# image: projectdiscovery/httpx
# name: httpx
# command: -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.json -j
# recreate: true
# auto_remove: true
# volumes:
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
# - /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.json:/{{ fqdn }}__httpx.json:rw
# become_user: root
# - name: httpx
# community.docker.docker_container:
# image: projectdiscovery/httpx
# name: httpx
# command: "PDCP_API_KEY={{ PDCP_API_KEY }} -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -dashboard"
# recreate: true
# auto_remove: true
# volumes:
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
# become_user: root
- name: httpx
community.docker.docker_container:
image: projectdiscovery/httpx
name: "{{ item.name }}"
command: "{{ item.command }}"
recreate: true
auto_remove: true
volumes: "{{ item.volumes }}"
become_user: root
loop:
- command: -silent -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.txt
name: httpx
volumes:
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
- /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt:/{{ fqdn }}__httpx.txt:rw
- command: -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.json -j
name: httpx_json
volumes:
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
- /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.json:/{{ fqdn }}__httpx.json:rw
# - command: "PDCP_API_KEY={{ PDCP_API_KEY }} -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -dashboard"
# name: httpx_dashboard
# volumes:
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
# - command: "PDCP_API_KEY={{ PDCP_API_KEY }} -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -dashboard"
# name: httpx_dashboard_2
# volumes:
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
loop_control:
#* seconds
pause: 60
- ansible.builtin.pause:
seconds: 60
- ansible.builtin.shell: |
git config user.email "stephane.gratiasquiquandon@gmail.com"
git config user.name "staffadmin"
git add .
git commit -m "Push scan {{ fqdn }} with access token"
git push https://{{ user }}:{{ token }}@gitea.jingoh.fr/staffadmin/scan.git
args:
chdir: "$HOME/scan"
run_once: true
become_user: root
register: push_git
# - debug:
# msg: "{{ push_git.changed }}"
# - debug:
# msg: "{{ push_git.changed }}"
# when: push_git.changed is true
- ansible.builtin.git:
repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/staffadmin/scan.git
dest: "$HOME/scan"
single_branch: yes
force: true
delegate_to: scaleway
become_user: stephane
- copy:
src: "{{ item }}"
dest: /opt/dockerapps/appdata/ivre/ivre-share/{{ item.split('/')[-1] }}
remote_src: true
loop:
- /home/{{ ansible_user }}/scan/{{ fqdn }}/{{ fqdn }}__dnsx.json
- /home/{{ ansible_user }}/scan/{{ fqdn }}/{{ fqdn }}__httpx.json
delegate_to: scaleway
- name: Run a simple command (argv)
community.docker.docker_container_exec:
container: ivreclient
argv:
- ivre
- scan2db
- "-c"
- "{{ fqdn }}"
- "-s"
- "{{ ansible_play_hosts }}"
- "-r"
- /ivre-share/{{ fqdn }}__dnsx.json
delegate_to: scaleway
- name: Run a simple command (argv)
community.docker.docker_container_exec:
container: ivreclient
argv:
- ivre
- scan2db
- "-c"
- "{{ fqdn }}"
- "-s"
- "{{ ansible_play_hosts }}"
- "-r"
- "/ivre-share/{{ fqdn }}__httpx.json"
delegate_to: scaleway
- name: Run a simple command (argv)
community.docker.docker_container_exec:
container: ivreclient
argv:
- ivre
- db2view
- all
delegate_to: scaleway
- name: NTFY when docker compose changed
uri:
url: "https://alert.jingoh.fr/scaleway"
method: POST
user: "{{ username }}"
password: "{{ password }}"
headers:
Title: "SCAN {{ fqdn }}"
ta: "globe_with_meridians"
body: "scan finished !"
status_code: 200
tags: test1
delegate_to: localhost