Skip to content

Commit 4adde44

Browse files
author
WP Engine Marketing
committed
Sn1per Community Edition by @xer0dayz - https://xerosecurity.com 
1 parent caaa62a commit 4adde44

7 files changed

+12
-12
lines changed

CHANGELOG.md

+2
Original file line numberDiff line numberDiff line change
@@ -11,9 +11,11 @@
1111
* v6.1 - Fixed timeout setting in cutycapt
1212
* v6.1 - Fixed script errors with CVE-2018-15473 sshUsernameEnumExploit.py
1313
* v6.1 - Improved SSLyze scan options
14+
* v6.1 - Updated domain list used by Aquatone
1415
* v6.1 - Removed http-vuln-cve2017-5638.nse script due to outdated NMap libs
1516
* v6.1 - Removed serializekiller plugin from install.sh
1617
* v6.1 - Removed cansina plugin from install.sh
18+
* v6.1 - Removed testssll.sh plugin from install.sh
1719
* v6.1 - Fixed issue with Amass not running due to invalid command line options in latest release
1820
* v6.0 - Improved scan options for discover mode scans
1921
* v6.0 - Fixed issue with pip3 dependency package missing

install.sh

+1-3
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,6 @@ git clone https://github.com/Dionach/CMSmap.git
7777
git clone https://github.com/0xsauby/yasuo.git
7878
git clone https://github.com/aboul3la/Sublist3r.git
7979
git clone https://github.com/nccgroup/shocker.git
80-
git clone --depth 1 https://github.com/drwetter/testssl.sh.git
8180
git clone https://github.com/BishopFox/spoofcheck.git
8281
git clone https://github.com/arthepsy/ssh-audit
8382
git clone https://github.com/1N3/jexboss.git
@@ -96,7 +95,6 @@ cd ~/go/bin/;go get -u github.com/Ice3man543/SubOver; mv SubOver /usr/local/bin/
9695
cd ~/go/bin;go get -u github.com/OWASP/Amass/cmd/amass; mv amass /usr/local/bin/
9796
cd ~/go/bin;go get -u github.com/subfinder/subfinder; mv subfinder /usr/local/bin/subfinder
9897
cd $PLUGINS_DIR
99-
wget https://github.com/michenriksen/aquatone/blob/master/subdomains.lst -O /usr/share/sniper/plugins/Sublist3r/subdomains.lst
10098
wget https://raw.githubusercontent.com/xorrbit/nmap/865142904566e416944ebd6870d496c730934965/scripts/http-vuln-INTEL-SA-00075.nse -O /usr/share/nmap/scripts/http-vuln-INTEL-SA-00075.nse
10199
wget https://raw.githubusercontent.com/f3d0x0/GPON/master/gpon_rce.py -O /usr/share/sniper/bin/gpon_rce.py
102100
cp $INSTALL_DIR/bin/iis-buffer-overflow.nse /usr/share/nmap/scripts/iis-buffer-overflow.nse 2> /dev/null
@@ -131,7 +129,7 @@ rm -f /usr/bin/findsploit
131129
rm -f /usr/bin/copysploit
132130
rm -f /usr/bin/compilesploit
133131
rm -f /usr/bin/massbleed
134-
rm -f /usr/bin/testssl
132+
rm -f /usr/bin/dirsearch
135133
ln -s $INSTALL_DIR/sniper /usr/bin/sniper
136134
ln -s $PLUGINS_DIR/Goohak/goohak /usr/bin/goohak
137135
ln -s $PLUGINS_DIR/XSSTracer/xsstracer.py /usr/bin/xsstracer

modes/normal_webporthttp.sh

+2-2
Original file line numberDiff line numberDiff line change
@@ -32,9 +32,9 @@ if [ "$MODE" = "web" ];
3232
echo -e "${OKGREEN}====================================================================================${RESET}"
3333
echo -e "$OKRED RUNNING WORDPRESS VULNERABILITY SCAN $RESET"
3434
echo -e "${OKGREEN}====================================================================================${RESET}"
35-
wpscan --url http://$TARGET --batch --disable-tls-checks
35+
wpscan --url http://$TARGET --disable-tls-checks
3636
echo ""
37-
wpscan --url http://$TARGET/wordpress/ --batch --disable-tls-checks
37+
wpscan --url http://$TARGET/wordpress/ --disable-tls-checks
3838
echo ""
3939
echo -e "${OKGREEN}====================================================================================${RESET}"
4040
echo -e "$OKRED RUNNING CMSMAP $RESET"

modes/normal_webporthttps.sh

+2-2
Original file line numberDiff line numberDiff line change
@@ -32,9 +32,9 @@ if [ "$MODE" = "web" ];
3232
echo -e "${OKGREEN}====================================================================================${RESET}"
3333
echo -e "$OKRED RUNNING WORDPRESS VULNERABILITY SCAN $RESET"
3434
echo -e "${OKGREEN}====================================================================================${RESET}"
35-
wpscan --url https://$TARGET --batch --disable-tls-checks
35+
wpscan --url https://$TARGET --disable-tls-checks
3636
echo ""
37-
wpscan --url https://$TARGET/wordpress/ --batch --disable-tls-checks
37+
wpscan --url https://$TARGET/wordpress/ --disable-tls-checks
3838
echo -e "${OKGREEN}====================================================================================${RESET}"
3939
echo -e "$OKRED RUNNING CMSMAP $RESET"
4040
echo -e "${OKGREEN}====================================================================================${RESET}"

modes/recon.sh

+1-1
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ if [ "$RECON" = "1" ]; then
6060
echo -e "${OKGREEN}====================================================================================${RESET}"
6161
echo -e "$OKRED STARTING DOMAIN FLYOVER $RESET"
6262
echo -e "${OKGREEN}====================================================================================${RESET}"
63-
aquatone-discover -d $TARGET -t 100 --wordlist $PLUGINS_DIR/Sublist3r/subdomains.lst | tee $LOOT_DIR/nmap/aquatone-$TARGET-discover 2>/dev/null
63+
aquatone-discover -d $TARGET -t 100 --wordlist $INSTALL_DIR/wordlists/domains-all.txt | tee $LOOT_DIR/nmap/aquatone-$TARGET-discover 2>/dev/null
6464
sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" $LOOT_DIR/nmap/aquatone-$TARGET-discover > $LOOT_DIR/nmap/aquatone-$TARGET-discover.txt 2> /dev/null
6565
rm -f $LOOT_DIR/nmap/aquatone-$TARGET-discover 2> /dev/null
6666
aquatone-takeover -d $TARGET -t 100 | tee $LOOT_DIR/nmap/aquatone-$TARGET-takeovers 2>/dev/null

modes/webporthttp.sh

+2-2
Original file line numberDiff line numberDiff line change
@@ -134,9 +134,9 @@ if [ "$MODE" = "webporthttp" ]; then
134134
echo -e "${OKGREEN}====================================================================================${RESET}"
135135
echo -e "$OKRED RUNNING WORDPRESS VULNERABILITY SCAN $RESET"
136136
echo -e "${OKGREEN}====================================================================================${RESET}"
137-
wpscan --url http://$TARGET:$PORT --batch --disable-tls-checks
137+
wpscan --url http://$TARGET:$PORT --disable-tls-checks
138138
echo ""
139-
wpscan --url http://$TARGET:$PORT/wordpress/ --batch --disable-tls-checks
139+
wpscan --url http://$TARGET:$PORT/wordpress/ --disable-tls-checks
140140
echo ""
141141
echo -e "${OKGREEN}====================================================================================${RESET}"
142142
echo -e "$OKRED RUNNING CMSMAP $RESET"

modes/webporthttps.sh

+2-2
Original file line numberDiff line numberDiff line change
@@ -144,9 +144,9 @@ if [ "$MODE" = "webporthttps" ]; then
144144
echo -e "${OKGREEN}====================================================================================${RESET}"
145145
echo -e "$OKRED RUNNING WORDPRESS VULNERABILITY SCAN $RESET"
146146
echo -e "${OKGREEN}====================================================================================${RESET}"
147-
wpscan --url https://$TARGET:$PORT --batch --disable-tls-checks
147+
wpscan --url https://$TARGET:$PORT --disable-tls-checks
148148
echo ""
149-
wpscan --url https://$TARGET:$PORT/wordpress/ --batch --disable-tls-checks
149+
wpscan --url https://$TARGET:$PORT/wordpress/ --disable-tls-checks
150150
echo -e "${OKGREEN}====================================================================================${RESET}"
151151
echo -e "$OKRED RUNNING CMSMAP $RESET"
152152
echo -e "${OKGREEN}====================================================================================${RESET}"

0 commit comments

Comments
 (0)