From 2e6439561d4bf07d66a7795829d5185a2bca2ae8 Mon Sep 17 00:00:00 2001 From: ProDigySML Date: Tue, 8 Jan 2019 19:15:42 -0800 Subject: [PATCH 1/4] Added in exclusion functionality --- Interlace/lib/core/input.py | 48 ++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/Interlace/lib/core/input.py b/Interlace/lib/core/input.py index 527ea3c..e5ace55 100644 --- a/Interlace/lib/core/input.py +++ b/Interlace/lib/core/input.py @@ -61,9 +61,13 @@ class InputHelper(object): commands = set() ranges = set() targets = set() + exclusions_ranges = set() + exclusions = set() final_commands = set() output = OutputHelper(arguments) + print(arguments.exclusions) + if "," in arguments.port: ports = arguments.port.split(",") elif "-" in arguments.port: @@ -80,6 +84,13 @@ class InputHelper(object): for target in arguments.target_list: ranges.add(target.strip()) + # process exclusions first + if arguments.exclusions: + exclusions_ranges.add(arguments.exclusions) + else: + for exclusion in arguments.exclusions_list: + exclusions_ranges.add(target.strip()) + # removing elements that may have spaces (helpful for easily processing comma notation) for target in ranges: target = target.replace(" ", "") @@ -97,6 +108,25 @@ class InputHelper(object): else: targets.add(ips) + # removing elements that may have spaces (helpful for easily processing comma notation) + for exclusion in exclusions_ranges: + exclusion = exclusion.replace(" ", "") + + for ips in exclusion.split(","): + # checking for CIDR + if not arguments.nocidr and "/" in ips: + exclusions.update(InputHelper._get_cidr_to_ips(ips)) + # checking for IPs in a range + elif "-" in ips: + exclusions.update(InputHelper._get_ips_from_range(ips)) + # checking for glob ranges + elif "*" in ips: + exclusions.update(InputHelper._get_ips_from_glob(ips)) + else: + exclusions.add(ips) + + targets -= exclusions + if arguments.command: commands.add(arguments.command) else: @@ -140,7 +170,7 @@ class InputParser(object): targets.add_argument( '-t', dest='target', required=False, help='Specify a target or domain name either in comma format, ' - 'CIDR notation, or a single target.' + 'CIDR notation, glob notation, or a single target.' ) targets.add_argument( @@ -150,6 +180,22 @@ class InputParser(object): type=lambda x: InputHelper.readable_file(parser, x) ) + # exclusions group + exclusions = parser.add_mutually_exclusive_group() + + exclusions.add_argument( + '-e', dest='exclusions', required=False, + help='Specify an exclusion either in comma format, ' + 'CIDR notation, or a single target.' + ) + + exclusions.add_argument( + '-eL', dest='exclusions_list', required=False, + help='Specify a list of exclusions.', + metavar="FILE", + type=lambda x: InputHelper.readable_file(parser, x) + ) + parser.add_argument( '-threads', dest='threads', required=False, help="Specify the maximum number of threads to run (DEFAULT:5)", From 3ea8a3ad1f13bb4836b1cfe7df4edd18ca157615 Mon Sep 17 00:00:00 2001 From: ProDigySML Date: Tue, 8 Jan 2019 19:16:12 -0800 Subject: [PATCH 2/4] Removed debug print statement --- Interlace/lib/core/input.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/Interlace/lib/core/input.py b/Interlace/lib/core/input.py index e5ace55..1a819bd 100644 --- a/Interlace/lib/core/input.py +++ b/Interlace/lib/core/input.py @@ -66,8 +66,6 @@ class InputHelper(object): final_commands = set() output = OutputHelper(arguments) - print(arguments.exclusions) - if "," in arguments.port: ports = arguments.port.split(",") elif "-" in arguments.port: From 9349dd9e62c059bba86ee45a8c34572e22870009 Mon Sep 17 00:00:00 2001 From: ProDigySML Date: Tue, 8 Jan 2019 19:22:56 -0800 Subject: [PATCH 3/4] Added in exclusions to the README file --- README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/README.md b/README.md index 0590f95..2521f6d 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,8 @@ Dependencies will then be installed and Interlace will be added to your path as |------------|--------------------------------------------------------------------------------------------------------------| | -t | Specify a target or domain name either in comma-delimited format, CIDR notation, or as an individual host | | -tL | Specify a list of targets or domain names | +| -e | Specify an exclusion either in comma-delimited format, CIDR notation, or as an individual host | +| -eL | Specify a list of exclusions | | -threads | Specify the maximum number of threads to run at any one time (DEFAULT:5) | | -timeout | Specify a timeout value in seconds for any single thread (DEFAULT:600) | | -c | Specify a single command to execute over each target or domain | @@ -136,6 +138,16 @@ vhostscan -t $target -oN _output_/_target_-vhosts.txt ``` This would output a file for each target in the specified output folder. You could also run multiple commands simply by adding them into the command file. +## Exclusions +Interlace automatically excludes any hosts provided when specified via the `-e` or `-eL` arguments. These arguments are also compatible with the above-mentinoed range notations (CIDR, Glob, and dash) + +To run a virtual host scan against every target within `192.168.12.0/24` despire targets within `192.168.12.0/26` using a direct command you could use: +```bash +interlace -t 192.168.12.0/24 -e 192.168.12.0/26 -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o ~/scans/ -threads 50 +``` + + + # Authors and Thanks Originally written by Michael Skelton ([codingo](https://twitter.com/codingo_)) and Sajeeb Lohani ([sml555](https://twitter.com/sml555_)) with help from Charelle Collett ([@Charcol0x89](https://twitter.com/Charcol0x89)) for threading refactoring and overall approach, and Luke Stephens ([hakluke](https://twitter.com/hakluke)) for testing and approach. From 6bd597c8d8e0cbd1c717f2f723cab0714b37fec0 Mon Sep 17 00:00:00 2001 From: ProDigySML Date: Tue, 8 Jan 2019 19:24:00 -0800 Subject: [PATCH 4/4] Added in Dash (-) notation support into README file --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index 2521f6d..8bb888c 100644 --- a/README.md +++ b/README.md @@ -120,6 +120,16 @@ interlace -t 192.168.12.* -c "vhostscan _target_ -oN _output_/_target_-vhosts.tx ``` Yet again, VHostScan does not have any inbuilt glob range format support. +## Dash (-) notation with an application that doesn't support it +Interlace automatically expands dash ranges when starting threads. This allows you to pass glob ranges to a variety of applications: + +To run a virtual host scan against every target within `192.168.12.1-15` using a direct command you could use: +```bash +interlace -t 192.168.12.1-15 -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o ~/scans/ -threads 50 +``` +Yet again, VHostScan does not have any inbuilt dash range format support. + + ## Threading Support for an application that doesn't support it Run a [virtual host scan](https://github.com/codingo/VHostScan) against each host in a file (`target-lst.txt`), whilst also limiting scans at any one time to 50 maximum threads.