-
Notifications
You must be signed in to change notification settings - Fork 32
/
Copy pathmsdorkdump.py
294 lines (285 loc) · 19 KB
/
msdorkdump.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
from subprocess import getoutput
from colorama import Fore, Style, init
import urllib.request
import time
import sys
import os
from os.path import exists
from googlesearch import search
import random
import exiftool
import argparse
import textwrap
import json
global domain
def options():
opt_parser = argparse.ArgumentParser(formatter_class=argparse.RawDescriptionHelpFormatter, epilog=textwrap.dedent(
'''Example: python3 msdorkdump.py -t example.com -d
Example: python3 msdorkdump.py -t example.com
'''))
requiredNamed = opt_parser.add_argument_group('required arguments')
requiredNamed.add_argument(
'-t', '--target', help='Specifies the website to search for.', required=True)
opt_parser.add_argument(
'-d', '--download', help='Downloads files for inspection and metadata enumeration.', action='store_true')
opt_parser.add_argument(
'-n', '--number', help='Number of results per page. Default is 10. Increased numbers risk timeouts.')
global args
args = opt_parser.parse_args()
if len(sys.argv) == 1:
opt_parser.print_help()
opt_parser.exit()
global success, info, fail
success, info, fail = Fore.GREEN + Style.BRIGHT, Fore.YELLOW + \
Style.BRIGHT, Fore.RED + Style.BRIGHT
global file_types
file_types = ['doc', 'docm', 'docx', 'ppt', 'pptx', 'csv', 'pdf', 'xls', 'xlsx', 'jpg', 'png', 'svg', 'env', 'gitignore', 'ps1', 'log username putty', 'git']
global user_agents
user_agents = ['Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0', 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7', 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36', 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36']
def banner():
styles = [Fore.LIGHTBLACK_EX, Fore.LIGHTBLUE_EX, Fore.LIGHTCYAN_EX,
Fore.LIGHTGREEN_EX, Fore.LIGHTMAGENTA_EX, Fore.LIGHTWHITE_EX]
random_index = random.randint(0, len(styles)-1)
print(styles[random_index] + "")
print('██████╗ ██████╗ ██████╗ ██╗ ██╗ ██████╗ ██╗ ██╗███╗ ███╗██████╗ ')
print('██╔══██╗██╔═══██╗██╔══██╗██║ ██╔╝ ██╔══██╗██║ ██║████╗ ████║██╔══██╗')
print('██║ ██║██║ ██║██████╔╝█████╔╝ ██║ ██║██║ ██║██╔████╔██║██████╔╝')
print('██║ ██║██║ ██║██╔══██╗██╔═██╗ ██║ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ')
print('██████╔╝╚██████╔╝██║ ██║██║ ██╗ ██████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ')
print('╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ \n')
print(' Google Dork File Finder ')
print(' Version 1.0.1 ')
print(' A project by The Mayor ')
print(' python3 msdorkdump.py -h to start ' + Style.RESET_ALL)
print("-" * 73)
def msdorker():
request = 0
path = domain
isdir = os.path.isdir(path)
if isdir is True:
pass
else:
os.mkdir(domain)
os.chdir(domain)
for files in file_types:
try:
file_exists = exists('.google-cookie')
if file_exists == True:
os.remove('.google-cookie')
print(info + f'[info] Checking for {files} extensions.')
rand_user_agent = random.choice(user_agents)
if args.number:
num = int(args.number)
if args.number is None:
num = 10
for results in search(f'site:{domain} filetype:{files}', tld='com', lang='en', num=int(f'{num}'), start=0, stop=None, pause=5):
print(success + f'[{files} extension found] - {results}')
opener=urllib.request.build_opener()
opener.addheaders=[('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1941.0 Safari/537.36')]
urllib.request.install_opener(opener)
url_path = results
head, tail = os.path.split(url_path)
print(tail)
urllib.request.urlretrieve(url_path, f'{tail}')
request = request + 1
if request == 100:
break
filename = tail
ext = os.path.splitext(filename)[1]
if args.download:
if sys.platform.startswith('win32'):
with exiftool.ExifTool(exif) as et:
metadata = et.get_metadata(filename)
# print(metadata)
file_name = et.get_tag('File:FileName', filename)
print(f"\nMetadata results for {filename}")
print('-' * 50)
file_size = et.get_tag('File:FileSize', filename)
file_size = file_size / 1000
if file_size < 1000:
file_size = str(round(file_size, 2))
print(f"File Size: {file_size}kb")
elif file_size >= 1000:
file_size = file_size / 1000
file_size = str(round(file_size, 2))
print(f'File Size: {file_size}mb')
if ext == '.pdf':
file_title = et.get_tag('PDF:Title', filename)
print('File Title: ' + str(file_title))
create_date = et.get_tag('XMP:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('PDF:Author', filename)
print('Author: ' + str(author))
creator_software = et.get_tag('XMP:CreatorTool', filename)
print('Software: ' + str(creator_software))
extension_format = et.get_tag('XMP:Format', filename)
print('Extension Format: ' + str(extension_format))
pass
if ext == '.doc':
file_title = et.get_tag('FlashPix:Title', filename)
print('File Title: ' + file_title)
create_date = et.get_tag('FlashPix:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('FlashPix:Author', filename)
print('Author: ' + author)
creator_software = et.get_tag('FlashPix:Software', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('FlashPix:CompObjUserType', filename)
print('Extension Format: ' + str(extension_format))
if ext == '.docm':
file_title = et.get_tag('FlashPix:Title', filename)
print('File Title: ' + file_title)
create_date = et.get_tag('FlashPix:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('FlashPix:Author', filename)
print('Author: ' + author)
creator_software = et.get_tag('FlashPix:Software', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('FlashPix:CompObjUserType', filename)
print('Extension Format: ' + str(extension_format))
if ext == '.docx':
file_title = et.get_tag('XMP:Title', filename)
print('File Title: ' + str(file_title))
create_date = et.get_tag('XML:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('XMP:Creator', filename)
print('Author: ' + author)
creator_software = et.get_tag('XML:Application', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('File:FileTypeExtension', filename)
print('Extension Format: ' + str(extension_format))
if ext == '.ppt':
file_title = et.get_tag('FlashPix:Title', filename)
print('File Title: ' + file_title)
create_date = et.get_tag('FlashPix:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('FlashPix:Author', filename)
print('Author: ' + author)
creator_software = et.get_tag('FlashPix:Software', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('File:FileTypeExtension', filename)
print('Extension Format: ' + str(extension_format))
if ext == '.pptx':
file_title = et.get_tag('XMP:Title', filename)
print('File Title: ' + file_title)
create_date = et.get_tag('XML:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('XMP:Creator', filename)
print('Author: ' + author)
creator_software = et.get_tag('XML:Application', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('File:FileTypeExtension', filename)
print('Extension Format: ' + str(extension_format))
if ext == '.xlsx':
tab_title = et.get_tag('XML:TitlesOfParts', filename)
print('Tab Titles: ' + str(tab_title))
create_date = et.get_tag('XML:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('XMP:Creator', filename)
print('Author: ' + author)
creator_software = et.get_tag('XML:Application', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('File:FileTypeExtension', filename)
print('Extension Format: ' + str(extension_format))
if ext == '.xls':
file_title = et.get_tag('FlashPix:TitleOfParts', filename)
print('Tab Titles: ' + str(file_title))
create_date = et.get_tag('FlashPix:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('FlashPix:Author', filename)
print('Author: ' + author)
creator_software = et.get_tag('FlashPix:Software', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('File:FileTypeExtension', filename)
print('Extension Format: ' + str(extension_format))
if ext == '.csv':
file_title = et.get_tag('FlashPix:TitleOfParts', filename)
print('Tab Titles: ' + str(file_title))
create_date = et.get_tag('FlashPix:CreateDate', filename)
print('File Creation Date: ' + str(create_date))
author = et.get_tag('FlashPix:Author', filename)
print('Author: ' + author)
creator_software = et.get_tag('FlashPix:Software', filename)
print('Software: ' + creator_software)
extension_format = et.get_tag('File:FileTypeExtension', filename)
print('Extension Format: ' + str(extension_format))
else:
print(f"\nMetadata results for {filename}")
print('-' * 50)
if ext == '.pdf':
cmd = f'exiftool {filename} -s -FileSize -*Title* -*CreateDate* -Author -CreatorTool -Format'
response = getoutput(cmd)
print(response + '\n')
if ext == '.doc':
cmd = f'exiftool {filename} -s -FileSize -Title -CreateDate -Author -Software -*CompObjUserType*'
response = getoutput(cmd)
print(response + '\n')
if ext == '.docx':
cmd = f'exiftool {filename} -s -FileSize -Title -CreateDate -Creator -Application -*FileTypeExtension*'
response = getoutput(cmd)
print(response + '\n')
if ext == '.ppt':
cmd = f'exiftool {filename} -s -FileSize -Title -CreateDate -Author -Software -*FileTypeExtension*'
response = getoutput(cmd)
print(response + '\n')
if ext == '.pptx':
cmd = f'exiftool {filename} -s -FileSize -Title -CreateDate -Creator -Application -*FileTypeExtension*'
response = getoutput(cmd)
print(response + '\n')
if ext == '.xls':
cmd = f'exiftool {filename} -s -FileSize -*Parts* -CreateDate -Author -Software -*FileTypeExtension*'
response = getoutput(cmd)
print(response + '\n')
if ext == '.xlsx':
cmd = f'exiftool {filename} -s -FileSize -*Parts* -CreateDate -Creator -Application -*FileTypeExtension*'
response = getoutput(cmd)
print(response + '\n')
time.sleep(1)
except urllib.error.HTTPError as e:
if e.code == 404:
print(
fail + f'[Error Code 404] Web server is responding with 404 error. Skipping.')
continue
if e.code == 403:
print(fail + f'[error Code 403] Web server is responding with 403 error. Skipping.')
if e.code == 429:
print(
fail + f'\n[Error Code 429] Google is timing out queries. Wait a while and try again.\n')
quit()
#else:
# print(
# fail + f'\n[warn] Error code {e.code} identified. Please create a new issue on the Github repo so it can be added.\n')
# continue
except OSError:
continue
except AttributeError:
pass
except urllib.error.URLError:
print(fail + f'[Error] File could not be downloaded. Skipping.')
continue
except ModuleNotFoundError:
print(fail + f'[Error] Run sudo pip3 -r requirements.txt to install necessary imports.')
except UnicodeDecodeError:
continue
except json.decoder.JSONDecodeError:
print(fail + f'[Error]A JSON error is preventing the file from downloading. Continuing.')
continue
except TypeError:
continue
if __name__ == "__main__":
try:
init()
banner()
options()
if sys.platform.startswith('win32'):
cur_path = os.path.abspath(os.getcwd())
exif = f'{cur_path}\\tools\\exiftool.exe'
domain = args.target
msdorker()
print(info + f'\n[info] Dork scanning for {domain} completed.\n')
except KeyboardInterrupt:
print("\nYou either fat fingered this, or meant to do it. Either way, goodbye!\n")
quit()
except IndexError:
print(fail + '\nSyntax - python3 msdorkdump.py -t <domain>\n')