[scan]
This commit is contained in:
144
scan.yml
144
scan.yml
@@ -16,7 +16,11 @@
|
||||
6137356332636431643830666461333862613835336631333037
|
||||
# 163.172.0.0/24
|
||||
# 163.172.80.0/28
|
||||
target_network: 163.172.80.0/24
|
||||
target_network: 163.172.0.0/20
|
||||
# 163.172.0.0/20
|
||||
# 163.172.16.0/20
|
||||
# 163.172.31.0/20
|
||||
# 163.172.47.0/20
|
||||
ansible_user: stephane
|
||||
ansible_password: stephane
|
||||
ansible_become_password: stephane
|
||||
@@ -51,17 +55,6 @@
|
||||
force: true
|
||||
delegate_to: localhost
|
||||
|
||||
|
||||
- ansible.builtin.git:
|
||||
repo: https://github.com/maurosoria/dirsearch.git
|
||||
dest: "/home/stephane/dirsearch"
|
||||
single_branch: yes
|
||||
force: true
|
||||
|
||||
- name: Install specified python requirements
|
||||
ansible.builtin.pip:
|
||||
requirements: "/home/stephane/dirsearch/requirements.txt"
|
||||
|
||||
# apt install masscan
|
||||
- ansible.builtin.command:
|
||||
cmd: "masscan {{ target_network }} -p443"
|
||||
@@ -77,7 +70,7 @@
|
||||
# tags: test
|
||||
# delegate_to: localhost
|
||||
|
||||
- name: Get a cert from an https por
|
||||
- name: Get a cert from an https port
|
||||
community.crypto.get_certificate:
|
||||
host: "{{ item.split('on')[-1].strip() }}"
|
||||
port: 443
|
||||
@@ -91,13 +84,38 @@
|
||||
|
||||
# item.subject.CN
|
||||
- debug:
|
||||
msg: "{{ item.subject.CN }}"
|
||||
# msg: "{{ item.subject.CN }}"
|
||||
msg: "{{ item.invocation.module_args.host}}"
|
||||
loop: "{{ cert.results }}"
|
||||
# - "{{ cert.not_after }}"
|
||||
# - "{{ ansible_date_time.iso8601_basic }}"
|
||||
tags: test
|
||||
delegate_to: localhost
|
||||
|
||||
|
||||
- name: Change file ownership, group and permissions
|
||||
ansible.builtin.file:
|
||||
path: "{{ playbook_dir }}/scan/https/{{ item.invocation.module_args.host.split('.')[0] }}/{{ item.invocation.module_args.host.split('.')[1] }}/"
|
||||
state: directory
|
||||
loop: "{{ cert.results }}"
|
||||
|
||||
- name: Add a line to a file if the file does not exist, without passing regexp
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ playbook_dir }}/scan/https/{{ item.invocation.module_args.host.split('.')[0] }}/{{ item.invocation.module_args.host.split('.')[1] }}/{{ item.invocation.module_args.host.split('.')[2] }}"
|
||||
line: "{{ item.invocation.module_args.host }} ---- {{ item.subject.CN | default('---') }} ---- {{ item.issuer| default('---')}}"
|
||||
create: yes
|
||||
loop: "{{ cert.results }}"
|
||||
delegate_to: localhost
|
||||
|
||||
|
||||
# - name: Copy file with owner and permissions
|
||||
# ansible.builtin.copy:
|
||||
# dest: "{{ playbook_dir }}/scan/scan_https_{{ target_network.split('/')[0] }}_{{ target_network.split('/')[-1] }}"
|
||||
# content: |
|
||||
# "{{ item.invocation.module_args.host }} ---- {{ item.subject.CN }} ---- {{ item.issuer}}"
|
||||
# loop: "{{ cert.results }}"
|
||||
# delegate_to: localhost
|
||||
|
||||
# # item.subject.CN
|
||||
# - debug:
|
||||
# msg: "{{ item.item.split('on')[-1].strip() }}"
|
||||
@@ -107,83 +125,6 @@
|
||||
# tags: test
|
||||
# delegate_to: localhost
|
||||
|
||||
|
||||
# apt install masscan
|
||||
- ansible.builtin.command:
|
||||
cmd: "python3 /home/root/dirsearch/dirsearch.py -u https://{{ item.item.split('on')[-1].strip() }} --max-time 500"
|
||||
become: true
|
||||
loop: "{{ cert.results }}"
|
||||
# vars:
|
||||
# ansible_command_timeout: 500
|
||||
ignore_errors: true
|
||||
register: fuff
|
||||
|
||||
#ffuf -w SecLists/Discovery/Web-Content/directory-list-1.0.txt -u https://dstrn.if.ua/FUZZ
|
||||
|
||||
# # loop: "{{ scan443.stdout_lines }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
|
||||
|
||||
# tags: test
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: " URL =======> {{ item.subject }} || Host ====> {{ item.invocation.module_args.host }} || port ======> {{ item.invocation.module_args.port }} || proxy_port =========> {{ item.invocation.module_args.proxy_port }}"
|
||||
# loop: "{{ cert.results }}"
|
||||
# when: item.subject is defined
|
||||
# # loop: "{{ scan443.stdout_lines }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
# tags: test
|
||||
# ignore_errors: true
|
||||
# delegate_to: localhost
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ item.stdout.split('\n\nError Log')[0].split('Output File: ')[-1] }}"
|
||||
# loop: "{{ fuff.results }}"
|
||||
# # when: item.stdout_lines is search('200 -')
|
||||
# # loop: "{{ scan443.stdout_lines }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
# tags: test
|
||||
# ignore_errors: true
|
||||
# delegate_to: localhost
|
||||
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ fuff }}"
|
||||
|
||||
|
||||
|
||||
- ansible.builtin.find:
|
||||
paths: "/home/stephane/reports"
|
||||
recurse: yes
|
||||
register: scan_path
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ item.path }}"
|
||||
# loop: "{{ scan_path.files }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
# delegate_to: localhost
|
||||
|
||||
- ansible.builtin.fetch:
|
||||
src: "{{ item.path }}"
|
||||
dest: "{{ playbook_dir }}/scan/"
|
||||
flat: false
|
||||
loop: "{{ scan_path.files }}"
|
||||
|
||||
- debug:
|
||||
msg: "{{ item.path }}"
|
||||
loop: "{{ scan_path.files }}"
|
||||
# - "{{ cert.not_after }}"
|
||||
# - "{{ ansible_date_time.iso8601_basic }}"
|
||||
delegate_to: localhost
|
||||
|
||||
- ansible.builtin.shell: |
|
||||
git config user.email "stephane.gratiasquiquandon@gmail.com"
|
||||
git config user.name "staffadmin"
|
||||
@@ -195,20 +136,6 @@
|
||||
run_once: true
|
||||
delegate_to: localhost
|
||||
|
||||
# https://github.com/danielmiessler/SecLists.git
|
||||
|
||||
# ffuf -w SecLists/Discovery/Web-Content/raft-small-words.txt -u https://flix.iberica-tv.net/FUZZ
|
||||
|
||||
|
||||
|
||||
# - name: Set host_interfaces list
|
||||
# ansible.builtin.set_fact:
|
||||
# host_interfaces: "{{ host_interfaces + [item.subject]}}"
|
||||
# vars:
|
||||
# host_interfaces: []
|
||||
# when: item.subject is defined
|
||||
# loop: "{{ cert.results }}"
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ host_interfaces }}"
|
||||
@@ -221,15 +148,10 @@
|
||||
# user: "{{ username }}"
|
||||
# password: "{{ password }}"
|
||||
# headers:
|
||||
# Title: "SCAN HTTPS"
|
||||
# Title: "SCAN HTTPS "
|
||||
# ta: "file_folder"
|
||||
# body: "{{ target_network }}"
|
||||
# status_code: 200
|
||||
# tags: test1
|
||||
# delegate_to: localhost
|
||||
# when: fetch_files_backup.changed is true
|
||||
|
||||
# https://raw.githubusercontent.com/bobbyiliev/bash-ssl-checker-tool/master/ssl
|
||||
# amass enum -passive -d togofirst.com
|
||||
# sudo masscan 163.172.0.0/16 -p443 --rate=1000000
|
||||
# sublist3r -d fitnetmanager.com
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
6137356332636431643830666461333862613835336631333037
|
||||
# 163.172.0.0/24
|
||||
# 163.172.80.0/28
|
||||
target_network: 163.172.80.0/28
|
||||
target_network: 163.172.80.0/24
|
||||
ansible_user: stephane
|
||||
ansible_password: stephane
|
||||
ansible_become_password: stephane
|
||||
@@ -51,6 +51,17 @@
|
||||
force: true
|
||||
delegate_to: localhost
|
||||
|
||||
|
||||
- ansible.builtin.git:
|
||||
repo: https://github.com/maurosoria/dirsearch.git
|
||||
dest: "/home/stephane/dirsearch"
|
||||
single_branch: yes
|
||||
force: true
|
||||
|
||||
- name: Install specified python requirements
|
||||
ansible.builtin.pip:
|
||||
requirements: "/home/stephane/dirsearch/requirements.txt"
|
||||
|
||||
# apt install masscan
|
||||
- ansible.builtin.command:
|
||||
cmd: "masscan {{ target_network }} -p443"
|
||||
@@ -66,7 +77,7 @@
|
||||
# tags: test
|
||||
# delegate_to: localhost
|
||||
|
||||
- name: Get a cert from an https port
|
||||
- name: Get a cert from an https por
|
||||
community.crypto.get_certificate:
|
||||
host: "{{ item.split('on')[-1].strip() }}"
|
||||
port: 443
|
||||
@@ -80,38 +91,13 @@
|
||||
|
||||
# item.subject.CN
|
||||
- debug:
|
||||
# msg: "{{ item.subject.CN }}"
|
||||
msg: "{{ item.invocation.module_args.host}}"
|
||||
msg: "{{ item.subject.CN }}"
|
||||
loop: "{{ cert.results }}"
|
||||
# - "{{ cert.not_after }}"
|
||||
# - "{{ ansible_date_time.iso8601_basic }}"
|
||||
tags: test
|
||||
delegate_to: localhost
|
||||
|
||||
|
||||
- name: Change file ownership, group and permissions
|
||||
ansible.builtin.file:
|
||||
path: "{{ playbook_dir }}/scan/https/{{ item.invocation.module_args.host.split('.')[0] }}/{{ item.invocation.module_args.host.split('.')[1] }}/"
|
||||
state: directory
|
||||
loop: "{{ cert.results }}"
|
||||
|
||||
- name: Add a line to a file if the file does not exist, without passing regexp
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ playbook_dir }}/scan/https/{{ item.invocation.module_args.host.split('.')[0] }}/{{ item.invocation.module_args.host.split('.')[1] }}/{{ item.invocation.module_args.host.split('.')[2] }}"
|
||||
line: "{{ item.invocation.module_args.host }} ---- {{ item.subject.CN | default('---') }} ---- {{ item.issuer| default('---')}}"
|
||||
create: yes
|
||||
loop: "{{ cert.results }}"
|
||||
delegate_to: localhost
|
||||
|
||||
|
||||
# - name: Copy file with owner and permissions
|
||||
# ansible.builtin.copy:
|
||||
# dest: "{{ playbook_dir }}/scan/scan_https_{{ target_network.split('/')[0] }}_{{ target_network.split('/')[-1] }}"
|
||||
# content: |
|
||||
# "{{ item.invocation.module_args.host }} ---- {{ item.subject.CN }} ---- {{ item.issuer}}"
|
||||
# loop: "{{ cert.results }}"
|
||||
# delegate_to: localhost
|
||||
|
||||
# # item.subject.CN
|
||||
# - debug:
|
||||
# msg: "{{ item.item.split('on')[-1].strip() }}"
|
||||
@@ -121,6 +107,83 @@
|
||||
# tags: test
|
||||
# delegate_to: localhost
|
||||
|
||||
|
||||
# apt install masscan
|
||||
- ansible.builtin.command:
|
||||
cmd: "python3 /home/root/dirsearch/dirsearch.py -u https://{{ item.item.split('on')[-1].strip() }} --max-time 500"
|
||||
become: true
|
||||
loop: "{{ cert.results }}"
|
||||
# vars:
|
||||
# ansible_command_timeout: 500
|
||||
ignore_errors: true
|
||||
register: fuff
|
||||
|
||||
#ffuf -w SecLists/Discovery/Web-Content/directory-list-1.0.txt -u https://dstrn.if.ua/FUZZ
|
||||
|
||||
# # loop: "{{ scan443.stdout_lines }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
|
||||
|
||||
# tags: test
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: " URL =======> {{ item.subject }} || Host ====> {{ item.invocation.module_args.host }} || port ======> {{ item.invocation.module_args.port }} || proxy_port =========> {{ item.invocation.module_args.proxy_port }}"
|
||||
# loop: "{{ cert.results }}"
|
||||
# when: item.subject is defined
|
||||
# # loop: "{{ scan443.stdout_lines }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
# tags: test
|
||||
# ignore_errors: true
|
||||
# delegate_to: localhost
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ item.stdout.split('\n\nError Log')[0].split('Output File: ')[-1] }}"
|
||||
# loop: "{{ fuff.results }}"
|
||||
# # when: item.stdout_lines is search('200 -')
|
||||
# # loop: "{{ scan443.stdout_lines }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
# tags: test
|
||||
# ignore_errors: true
|
||||
# delegate_to: localhost
|
||||
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ fuff }}"
|
||||
|
||||
|
||||
|
||||
- ansible.builtin.find:
|
||||
paths: "/home/stephane/reports"
|
||||
recurse: yes
|
||||
register: scan_path
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ item.path }}"
|
||||
# loop: "{{ scan_path.files }}"
|
||||
# # - "{{ cert.not_after }}"
|
||||
# # - "{{ ansible_date_time.iso8601_basic }}"
|
||||
# delegate_to: localhost
|
||||
|
||||
- ansible.builtin.fetch:
|
||||
src: "{{ item.path }}"
|
||||
dest: "{{ playbook_dir }}/scan/"
|
||||
flat: false
|
||||
loop: "{{ scan_path.files }}"
|
||||
|
||||
- debug:
|
||||
msg: "{{ item.path }}"
|
||||
loop: "{{ scan_path.files }}"
|
||||
# - "{{ cert.not_after }}"
|
||||
# - "{{ ansible_date_time.iso8601_basic }}"
|
||||
delegate_to: localhost
|
||||
|
||||
- ansible.builtin.shell: |
|
||||
git config user.email "stephane.gratiasquiquandon@gmail.com"
|
||||
git config user.name "staffadmin"
|
||||
@@ -132,6 +195,20 @@
|
||||
run_once: true
|
||||
delegate_to: localhost
|
||||
|
||||
# https://github.com/danielmiessler/SecLists.git
|
||||
|
||||
# ffuf -w SecLists/Discovery/Web-Content/raft-small-words.txt -u https://flix.iberica-tv.net/FUZZ
|
||||
|
||||
|
||||
|
||||
# - name: Set host_interfaces list
|
||||
# ansible.builtin.set_fact:
|
||||
# host_interfaces: "{{ host_interfaces + [item.subject]}}"
|
||||
# vars:
|
||||
# host_interfaces: []
|
||||
# when: item.subject is defined
|
||||
# loop: "{{ cert.results }}"
|
||||
|
||||
|
||||
# - debug:
|
||||
# msg: "{{ host_interfaces }}"
|
||||
@@ -144,10 +221,15 @@
|
||||
# user: "{{ username }}"
|
||||
# password: "{{ password }}"
|
||||
# headers:
|
||||
# Title: "SCAN HTTPS "
|
||||
# Title: "SCAN HTTPS"
|
||||
# ta: "file_folder"
|
||||
# body: "{{ target_network }}"
|
||||
# status_code: 200
|
||||
# tags: test1
|
||||
# delegate_to: localhost
|
||||
# when: fetch_files_backup.changed is true
|
||||
|
||||
# https://raw.githubusercontent.com/bobbyiliev/bash-ssl-checker-tool/master/ssl
|
||||
# amass enum -passive -d togofirst.com
|
||||
# sudo masscan 163.172.0.0/16 -p443 --rate=1000000
|
||||
# sublist3r -d fitnetmanager.com
|
||||
Reference in New Issue
Block a user