2.0.0

awacs.py

@@ -0,0 +1,279 @@
+#!/usr/bin/python3
+#Awacs vulnerability scanner by @R00tendo
+import random
+from awacs_core.errors import handler
+from awacs_core.scan import nmap
+from awacs_core.xml import xml_parser
+from awacs_core.conf import read_conf
+from awacs_core.genocide_engine import scanner as genocide_engine_scanner
+from awacs_core.genocide_engine import api as genocide_engine_api
+from awacs_core.loading_screens import scanning
+from awacs_core.files import read_file
+from xml.dom import minidom
+from termcolor import colored as c
+from awacs_core.exploit_search import searchsploit
+from awacs_core.exploit_search import vulners
+from pathlib import Path
+import argparse
+import time
+import sys
+import os
+
+
+logo = c("""
+                                             GGGBBBBBBBBBBBBGG
+                                     GGMGGMMM               GMMMOMMMG
+                                 MPPP                               GGGGGG
+                              GM                                         GGGG
+                             M                                             GGG
+                        :~.               GGHHHH!MMMMMMMMMM                  GG                                     
+                        :GG!          GGGG                 GMMM                G                        
+                         YGB7                                  MM                                        
+                         ~BGBY     .:.                          GG                                     
+                         .PGGB5.!YB#&&B?    ...                  G                                   
+                        P5BBGGB##&&#BJ~. G*!!G&##B57!.                             :?5?^:.          
+                      .7#&&&&#BB##GPY~.FFGHKPL:JGBBBGGY~                        .~YPPP55J?J.        
+                 .~JPB&&&&&&&&&&&5JJJYK?^GGEHUFME^7YYJJY^                     ^JPPPGGG5YJ7.         
+               YB&&&&&##GPJ7!G&&&GPGGBBGGGJ.KOLBBBBB:J55J.                  :?PGPPPPGPYJ7.           
+                .!7~:.        ~G&&###&&GGGGGG.^FFJ5?????^7.                :75GGGP5555YJ?~..           
+                                ^P#&&&&&H#G4447GGHGHHHHGGG            .75GBBGGGGGG5J7^^^^~!^:        
+                                  :?B&&&&GGGGGGGGG?^.JFF          .!5GBBBBBBBBBPJJ^    .:^^.        
+                                     :JG#&&&&@@@&&&&&#5?^.     .!YGBBBBBBBBBBGYJ7.                  
+                                        .!5B&&&&&&@&&&&&&BP7:^YGBBBBBBBBBBBB5JJ^                    
+                                            ^?P#&&&&&&@&&&&&&#GPPGGGBBBBBBPJ?!                      
+                                               .^JG#&&&&&@@&&&&&#BGPPGGGPJ??:                       
+                                                 :!5PGB#&&&&&@@&&&&&#BG5??7^^:^~^:.                 
+                                            .^7YPGGGGGGGBB#&&&&&&@&&&&&&#BPJ7!^^::.                 
+                                        .^?5GGGGGGGGGGGGGGBBB#&&&&&&@@&&&&&&#GY~^                   
+                                    .~?5PGPPPP5PPPPPPPGGB##&@@@@##&&&&&&@@&&&&&&BPJ~.               
+                                :~?5PPP555555555PPGB#&&@@@&#GJ^. .~JG#&&&&&&@@&&&&&&#P?.            
+                           ..!?5PPP555555PPPGB##&@@@&&GY7:           .~5B&&&&&&&&&&@@@&P!           
+                      .:!7YPPGGGGGGGGGGB#&&@@@&&BY^^.                    ^?P#&&&&&@@@&#B#G:         
+                  .~JPGGGGGGGBBBBB##&@@@@&BJ!^~^:.                          .~JG#&@@@@@@@&#~        
+             .^75PGGGGGGGGGGB#&&@@@&GY!:.      .:^^^::^:                        :75#&@@@@@@&.       
+         .~?5PGGPPPPGGGB#&&@@&#P?^.               .:~!!^~                           :!75G#GG.       
+     .!5PGGGGGBBB##&&@@@&#5!^.                       ..:                                            
+       ^5B&&&&&@@@&#PJ~:^^:.                                                                        
+         .7B&#PJ!:.      .:^^^:^^.                                                                  
+                            :^~!^^~                                                                 
+                              .:::  
+                AWACS Scanner.                                    CODED BY:@R00tendo                                                                
+""", "cyan")
+
+
+#Scanners
+class scanners:
+
+ def vuln_search(target):
+   output = ""
+   try:
+    output += c("⦗Vulnerabilities⦘\n║\n║\n", "cyan")
+    scan_output = xml_parser.parse(f"{Path.home()}/.awacs/loot/{target}_nmap.xml")
+    for tech in scan_output:
+         exploits_searchsploit = searchsploit.search(tech['name'], tech['version'])
+         for exploit in exploits_searchsploit:
+            output += f"{c('╟╴', 'cyan')}" + c(f"Affected: {exploit['name']}  Exploit path: {exploit['exploit']}  Source: Searchsploit\n", "yellow")
+         if hasattr(session, "vulners_api"):
+           try: 
+            exploits_vulners = vulners.search(tech['name'], tech['version'], session.vulners_api)
+            for exploit in exploits_vulners:
+                output += f"{c('╟╴', 'cyan')}" + c(f"Affected: {tech['name']} {tech['version']}  Exploit: {exploit['vhref']}  cvss: {exploit['cvss']['score']}\n", "yellow")
+           except Exception as e:
+            handler.throw.vulners(e)
+         else:
+            print(c("⦗VULNERS_API⦘ Api token not found, ignoring", "grey"))
+    return output
+   except KeyboardInterrupt:
+    handler.throw.keyboardinterrupt()
+
+ def genocide_engine(target, char):
+   output = ""
+   try:
+    scanning.start_loadingscreen(target, char)
+    lines = genocide_engine_api.scan(target).split("\n")
+    scanning.stop_loadingscreen()
+    output += c("⦗Genocide_engine output⦘\n║\n║\n", "cyan")
+    for line in lines:
+       if len(line) > 0:
+        output += f"{c('╟╴','cyan')}{c(line, 'yellow')}\n"
+    return output
+   except KeyboardInterrupt:
+    handler.throw.keyboardinterrupt()
+
+
+ def nmap(target, flags, char):
+   output = ""
+   try:
+    scanning.start_loadingscreen(target, char)
+    nmap.scan(target, flags)
+    scanning.stop_loadingscreen()
+    output += c("⦗Nmap⦘\n║\n║\n", "cyan")
+    nmap_scan = minidom.parse(f"{Path.home()}/.awacs/loot/{target}_nmap.xml")
+    ports = nmap_scan.getElementsByTagName('port')
+    services = nmap_scan.getElementsByTagName('service')
+    for i,port in enumerate(ports):
+      service = services[i]
+      if port.hasAttribute('portid') and service.hasAttribute('name'):
+       try:
+        port_template = c(port.attributes['portid'].value + " " + service.attributes['name'].value,'yellow')
+       except:
+        port_template = c(port.attributes['portid'].value + " UKNOWN", 'yellow')
+       output += f"{c('╟╴Open port:','cyan')}{port_template}"
+    return output
+   except KeyboardInterrupt:
+    handler.throw.keyboardinterrupt()
+
+
+
+
+
+
+def setup():
+    handler.throw.setup()
+    os.system("apt update")
+    os.system("apt install -y golang")
+    os.system("apt install -y libmariadb3 libmariadb-dev")
+    os.system("apt install -y python3")
+    os.system("apt install -y python3-pip")
+
+    os.chdir(Path.home())
+
+    os.mkdir(".awacs")
+    os.chdir(".awacs")
+
+    os.mkdir("loot")
+
+    open("configuration.conf", "w").write("")
+    print(c(f"⦗SUCCESS ✈⦘ Awacs scanner is now successfully installed and set up at {Path.home()}/.awacs. Please run awacs again.", "cyan"))
+    sys.exit()
+
+def check_setup():
+    good_setup = True
+    if not os.path.isdir(f"{Path.home()}/.awacs"):
+        good_setup = False
+    if not os.path.isdir(f"{Path.home()}/.awacs/loot"):
+        good_setup = False
+    if not os.path.isfile(f"{Path.home()}/.awacs/configuration.conf"):
+        good_setup = False
+    if not good_setup:
+        setup()
+
+
+def after_scans():
+    os.system("clear")
+    print(logo)
+
+
+#Scan types
+def stealth_flight():
+  for target in session.target:
+
+    #Custom module (non intrusive)
+    scanning.start_loadingscreen(target, "")
+    lines = genocide_engine_scanner.url_finder(target).split("\n")
+    scanning.stop_loadingscreen()
+    after_scans()
+    print(c("⦗Genocide_engine output⦘\n║\n║", "cyan"))
+    for line in lines:
+       if len(line) > 0:
+        print(f"{c('╟╴','cyan')}{c(line, 'yellow')}")
+
+
+    output = scanners.nmap(target, "-sS -F -T2", "")
+    print(output)
+
+
+
+
+
+def vuln_scan():
+  for target in session.target:
+    if not session.flags:
+      session.flags = "" 
+    nmap_output = scanners.nmap(target, f"-Pn -sV -A {session.flags}", "◡")
+    vuln_output = scanners.vuln_search(target)
+    after_scans()
+    print(nmap_output)
+    print(vuln_output)
+
+
+
+
+
+
+def battering_ram():
+  for target in session.target:
+    if not session.flags:
+      session.flags = "" 
+    genocide_output = scanners.genocide_engine(target, "💣")
+    nmap_output = scanners.nmap(target, f"-T4 -p- -sV -A {session.flags}", "💣")
+    vuln_output = scanners.vuln_search(target)
+    after_scans()
+    print(genocide_output)
+    print(nmap_output)
+    print(vuln_output)
+
+
+
+
+
+
+
+
+#Parse arguments
+def get_args():
+    parser = argparse.ArgumentParser()
+    parser.add_argument("-t", "--target", help="Targets/target to scan in one of these formats: divided by \",\" or file of targets.", required=True)
+    parser.add_argument("-f", "--flags", help="Nmap flags (\"-sV -A\")")#, required=True)
+    parser.add_argument("--st", "--scan-type", help="stealth_flight, vuln_scan, battering_ram  (Read more about scans from github)", default="vuln_scan")
+    parser.add_argument("-c", "--configuration", help="Configuration file for awacs scanner (Syntax in github).", default=f"{Path.home()}/.awacs/configuration.conf")
+    args = parser.parse_args()
+    return args
+
+
+#MAIN
+def main(args):
+   global session
+   #Main "database" for the target and configuration
+   class session:
+    None
+
+
+   #Prerequisities
+   if "," not in args.target:
+    if os.path.isfile(args.target):
+        session.target = read_file.read(args.target)
+    else:
+        session.target = [args.target]
+   else:
+    session.target = args.target.split(",")
+
+   session.configuration = args.configuration
+   session.flags = args.flags
+   session.scan_type = args.st
+   session = read_conf.read(session)
+
+
+   if session.scan_type.lower() == "stealth_flight": #Done
+       stealth_flight()
+
+   elif session.scan_type.lower() == "vuln_scan":
+       vuln_scan()
+
+   elif session.scan_type.lower() == "battering_ram":
+       battering_ram()   
+   else:
+       handler.throw.invalid_scan_type()
+
+
+
+
+
+
+
+if __name__ == "__main__":
+   #Very cool logo
+   print(logo)
+   check_setup()
+   args = get_args()
+   main(args)

awacs_core/conf/read_conf.py

@@ -0,0 +1,8 @@
+
+def read(session):
+    with open(session.configuration) as lines:
+        for line in lines:
+            variable = line.strip().lower().split("=")[0]
+            value = ''.join(line.strip().split("=")[1::])
+            setattr(session, variable, value)
+    return session

awacs_core/errors/handler.py

@@ -0,0 +1,24 @@
+from termcolor import colored as c
+import sys
+
+class throw:
+   def no_internet():
+      print(c("⦗ERROR ✈💥⦘ No internet connection!", "red"))
+      sys.exit()
+   def nmap(e):
+      print(c("⦗ERROR ✈💥⦘ Error encountered during nmap scan!", "red"))
+      print(c(f"⦗ERROR DUMP⦘\n{e}", "red"))
+      sys.exit()
+   def vulners(e):
+      print(c("⦗ERROR ✈💥⦘ Error encountered during vulners exploit search!", "red"))
+      print(c(f"⦗ERROR DUMP⦘\n{e}", "red"))
+      sys.exit()
+   def invalid_scan_type():
+      print(c("⦗ERROR ✈💥⦘ You didn't select a valid scan type, the valid scan types are: stealth_flight, vuln_scan, battering_ram.", "red"))
+      sys.exit()
+   def keyboardinterrupt():
+      print(c("⦗ERROR ✈💥⦘ CNTRL+C Pressed! Stopping all scans.", "red"))
+      sys.exit()
+   def setup():
+      print(c("⦗ERROR ✈💥⦘ Your setup is not complete, automatically setting up awacs.", "red"))
+      return

awacs_core/exploit_search/searchsploit.py

@@ -0,0 +1,15 @@
+import json
+import subprocess
+
+def jsonify(object, attribute):
+    return json.loads(object)[attribute]
+
+def search(name,version):
+  exploits = []
+  template = f"{name} {version}"
+  output = subprocess.check_output(f"searchsploit --json \"{template}\"", shell=True).decode('latin-1').strip()
+  searchsploit_exploits = jsonify(output, 'RESULTS_EXPLOIT')
+  if len(searchsploit_exploits) > 0:
+      exploit = searchsploit_exploits[0]['Path']
+      exploits.append({"name":template, "exploit":exploit})
+  return exploits

awacs_core/exploit_search/vulners.py

@@ -0,0 +1,8 @@
+import vulners
+import warnings
+
+def search(name,version,api):
+  warnings.simplefilter('ignore')
+  vulners_api = vulners.Vulners(api_key=api)
+  results = vulners_api.searchExploit(name + " " + version)
+  return results

awacs_core/files/read_file.py

@@ -0,0 +1,4 @@
+def read_file(filename):
+    with open(filename, "r") as file:
+        lines = filename.read_lines
+    return lines

awacs_core/genocide_engine/api.py

@@ -0,0 +1,18 @@
+from awacs_core.genocide_engine import scanner
+from awacs_core.genocide_engine import host_up
+
+def scan(target):
+  target=target
+  web_threads="40"  
+  http = host_up.check2(target, 80) 
+  https = host_up.check2(target, 443)
+  ssh = host_up.check2(target, 22)
+  telnet = host_up.check2(target, 23)
+  ftp = host_up.check2(target, 21)
+  smtp = host_up.check2(target, 25)
+  rpcbind = host_up.check2(target, 110)
+  mysql = host_up.check2(target, 3306)
+  smb = host_up.check2(target, 445)  
+  rdp = host_up.check2(target, 3389)
+  resp = scanner.checks(target, http, https, ssh, telnet, ftp, smtp, rpcbind, mysql, smb, rdp, web_threads)
+  return resp