-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathnewbox
More file actions
executable file
·161 lines (114 loc) · 4.44 KB
/
newbox
File metadata and controls
executable file
·161 lines (114 loc) · 4.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#!/bin/bash
#
# Simple script to create dir layout for new htb box and to do an initial scan on it's ip
#
# Usage: ./new_box {box name} {box IP}
#
# By flatwhite
#
# if alias not installed, install it (so we can cd into places automagically)
function newboxheader() {
clear
echo ICAgICAgICAgICAgICAgICAgICAgIF8gICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgfCB8ICAgICAgICAgICAgICAKICBfIF9fICAgX19fX18gICAgICBffCB8X18gICBfX19fXyAgX18KIHwgJ18gXCAvIF8gXCBcIC9cIC8gLyAnXyBcIC8gXyBcIFwvIC8KIHwgfCB8IHwgIF9fL1wgViAgViAvfCB8XykgfCAoXykgPiAgPCAKIHxffCB8X3xcX19ffCBcXy9cXy8gfF8uX18vIFxfX18vXy9cX1wKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKYnkgZmxhdHdoaXRlCg== | base64 -d
echo ''
}
# the following runs only the first time the script is called
newboxAlias='alias newbox=". /usr/bin/newbox ; newboxFunction"'
if ! grep 'alias newbox' ~/.bashrc &>/dev/null ; then
newboxheader
echo 'First run, setting up...'
echo ''
# Install bashrc alias
echo '' >> ~/.bashrc
echo "# newbox alias for flatwhite's newbox script so that cd can happen automagically" >> ~/.bashrc
echo $newboxAlias >> ~/.bashrc
echo '' >> ~/.bashrc
echo '[+] Bashrc alias installed.'
# make data folder
cd ~
mkdir -p '.newbox-data'
cd - &> /dev/null
echo '[+] newbox-data directory created - store your cherrytree notes template in here. (~/.newbox-data/)'
echo ''
echo '[!] Setup complete, run again to start using!'
fi
function newboxFunction() {
newboxheader
if [ $# != 2 ]; then
echo "[?] Incorrect number of args."
echo "[-] Usage: $0 {box name} {box IP}"
else
# define functions
function webserver_scan {
serverPort=$1
echo ""
echo "[!] Detected web service on port $serverPort!"
echo "[+] Starting wfuzz and nikto against $boxIP:$serverPort..."
xfce4-terminal -e "bash -c 'nikto -host $boxIP:$serverPort -output $boxName/1_scans/nikto.$serverPort -Format txt'" -T "Nikto on $boxIP:$serverPort ($boxName)" &> /dev/null &
disown
xfce4-terminal -e "bash -c 'wfuzz -c -L --hc 404,403 -u http://$boxIP:$serverPort/FUZZ -w /home/flatwhite/wordlists/custom-url-fuzz-words.txt -f $boxName/1_scans/wfuzz.$serverPort'" -T "Wfuzz on $boxIP:$serverPort ($boxName)" &> /dev/null &
disown
echo "[+] Opening firefox at http://$boxIP:$serverPort (so you can do something while the scans are running)"
firefox $boxIP:$serverPort &> /dev/null &
disown
}
# define vars
boxName=$1
boxIP=$2
if ! ping -c 1 $boxIP &> /dev/null; then
echo "[?] $boxName ($boxIP) isn't reachable. Are you sure it's up?"
return 1
fi
echo "[+] Starting setup..."
sleep 1
echo "[+] Creating directory structure"
mkdir "$boxName"
mkdir "$boxName/1_scans"
mkdir "$boxName/2_foothold"
mkdir "$boxName/3_user"
mkdir "$boxName/4_root"
echo "[+] Creating IP reminder file"
echo "$boxIP" > "$boxName/ip"
echo "[+] Creating useful variables file"
echo "#!/bin/bash" > "$boxName/variables"
echo "export boxip='$boxIP'" >> "$boxName/variables"
echo "export boxname='$boxName'" >> "$boxName/variables"
chmod +x "$boxName/variables"
echo "[+] Copying newbox-data dir (e.g. useful scripts or notes files)"
cp -a ~/.newbox-data/. "$boxName"
# Start the scans!
echo "[+] Starting nmap scan (all ports)"
xfce4-terminal -e "bash -c 'sudo nmap -v -sV -sS -p- -T4 -sC -oN $boxName/1_scans/nmap $boxIP'" -T "Nmap on $boxName" &
# check for webserver on common web ports
# TODO: add https support
openBurp=0
# check if burp community is running
if ! pgrep java -a | grep BurpSuiteCommunity &> /dev/null ; then
echo "[!] Burp not running so will it start if a website is detected"
openBurp=1
fi
# scan common web ports for connection and if success, start burpsuite and further enum tools
for webport in 80 81 8080 ; do
if nc $boxIP $webport -z -w 3 &> /dev/null ; then
webserver_scan $webport
if [ $openBurp == 1 ] ; then
openBurp=0
echo "[+] Opening burp in case you need to intercept stuff"
~/BurpSuiteCommunity/BurpSuiteCommunity &> /dev/null &
disown
fi
fi
done
# open cherrytree notes if the file exists
if test -f "$boxName/notes.ctb" ; then
cherrytree $boxName/notes.ctb &>/dev/null &
fi
# import variables because useful
. $boxName/variables
echo "[+] Bash variables set (boxip=$boxip and boxname=$boxname)"
echo ""
echo "[+] Everything setup and started! Follow the white rabbit, $USER..."
cd $boxName
return 0
fi
}