summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorroot <root@monitoring.shack>2012-09-13 23:39:58 +0000
committerroot <root@monitoring.shack>2012-09-13 23:39:58 +0000
commitdb849a18e1659ff28433384d2cdca2989a6d5df0 (patch)
treed600fb3f3e5f0a54b6254c85ee8a3b836ef3d90d
parentd5d39fc3d56b021b642ee6e1d5625524ebbc4d99 (diff)
parent88d4bdc29eb9ce5f62099f2be1488ae927aa09d5 (diff)
Merge branch 'master' of github.com:krebscode/painload
-rw-r--r--.gitmodules9
-rwxr-xr-xMonitoring/plugins/notify_irc87
-rwxr-xr-xReaktor/IRC/asybot.py50
-rwxr-xr-xReaktor/IRC/index3
-rw-r--r--Reaktor/Makefile23
l---------Reaktor/commands/revip1
l---------Reaktor/commands/subdomains1
-rwxr-xr-xReaktor/commands/whatweb7
-rw-r--r--Reaktor/repos/bxfr/bxfr.py238
-rw-r--r--Reaktor/repos/bxfr/bxfr_api.py238
-rwxr-xr-xReaktor/repos/consolidate_dns/index85
m---------Reaktor/repos/dnsrecon0
m---------Reaktor/repos/gxfr0
-rwxr-xr-xReaktor/repos/revip/revip48
m---------Reaktor/repos/whatweb0
-rw-r--r--Reaktor/startup/conf.d/reaktor2
-rwxr-xr-xReaktor/startup/init.d/reaktor-debian102
-rw-r--r--Reaktor/startup/supervisor/Reaktor.conf6
-rw-r--r--cholerab/bling/assets/krebsplug_0.23.pngbin0 -> 336375 bytes
-rwxr-xr-xgod/overlord/index2
-rw-r--r--god/soundboard/README5
-rw-r--r--god/soundboard/config.json13
-rw-r--r--god/soundboard/sound.py46
-rw-r--r--infest/bootstrap.sh38
-rwxr-xr-xoncology/bin/krebshostup2
-rw-r--r--ovh/README10
-rw-r--r--ovh/soapi/Makefile2
-rwxr-xr-xovh/soapi/zoneEntryAdd10
-rw-r--r--punani/Makefile6
-rwxr-xr-xpunani/autostart/punani-debian102
-rwxr-xr-xpunani/bin/punani16
-rw-r--r--retiolum/Makefile16
-rwxr-xr-xretiolum/bin/update-retiolum-hosts2
-rwxr-xr-xretiolum/bin/update_tinc_hosts2
-rw-r--r--retiolum/hosts/Shepherd17
-rw-r--r--retiolum/hosts/ThinkArmageddon2
-rw-r--r--retiolum/hosts/albi710
-rw-r--r--retiolum/hosts/also3
-rw-r--r--retiolum/hosts/armageddon421_de11
-rw-r--r--retiolum/hosts/bergwerk3
-rw-r--r--retiolum/hosts/box10
-rw-r--r--retiolum/hosts/chinaman10
-rw-r--r--retiolum/hosts/destroy3
-rw-r--r--retiolum/hosts/eigenserv3
-rw-r--r--retiolum/hosts/euer2
-rw-r--r--retiolum/hosts/filebitch2
-rw-r--r--retiolum/hosts/fuerkrebs2
-rw-r--r--retiolum/hosts/iiso3
-rw-r--r--retiolum/hosts/incept12
-rw-r--r--retiolum/hosts/karthus11
-rw-r--r--retiolum/hosts/krebsbitch10
-rw-r--r--retiolum/hosts/krebsbob11
-rw-r--r--retiolum/hosts/krebsnode11
-rw-r--r--retiolum/hosts/krebsplug10
-rw-r--r--retiolum/hosts/laqueus11
-rw-r--r--retiolum/hosts/luminos11
-rw-r--r--retiolum/hosts/miefda11
-rw-r--r--retiolum/hosts/miefda90110
-rw-r--r--retiolum/hosts/miefdahome9
-rw-r--r--retiolum/hosts/minikrebs10
-rw-r--r--retiolum/hosts/monitoring2
-rw-r--r--retiolum/hosts/pa_sharepoint7
-rw-r--r--retiolum/hosts/pico3
-rw-r--r--retiolum/hosts/pornocauster2
-rw-r--r--retiolum/hosts/radiotuxmini11
-rw-r--r--retiolum/hosts/random10
-rw-r--r--retiolum/hosts/senderechner10
-rw-r--r--retiolum/hosts/smove9
-rw-r--r--retiolum/hosts/taschenkrebs2
-rw-r--r--retiolum/hosts/temperator10
-rw-r--r--retiolum/hosts/urkrebs10
-rw-r--r--retiolum/hosts/ytart2
-rw-r--r--retiolum/hosts/zerg10
-rwxr-xr-xretiolum/openwrt/tinc-up19
-rwxr-xr-xretiolum/openwrt/updater6
-rwxr-xr-xretiolum/scripts/adv_graphgen/all_the_graphs.sh20
-rwxr-xr-xretiolum/scripts/adv_graphgen/anonytize.sh2
-rwxr-xr-xretiolum/scripts/adv_graphgen/parse_tinc_anon.py19
-rwxr-xr-xretiolum/scripts/adv_graphgen/parse_tinc_stats.py28
-rwxr-xr-xretiolum/scripts/adv_graphgen/sanitize.sh2
-rw-r--r--retiolum/scripts/tinc_setup/write_channel.py8
-rwxr-xr-xstreams/mpdstreams113
-rw-r--r--streams/stream.db25
-rw-r--r--streams/streams.py116
-rwxr-xr-xutil/bin/naturalvoices2.sh6
-rwxr-xr-xutil/bin/statsc4
-rwxr-xr-xutil/bin/timer14
87 files changed, 1639 insertions, 211 deletions
diff --git a/.gitmodules b/.gitmodules
index 2823cad5..b51a2b2e 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -19,3 +19,12 @@
[submodule "submodules/github/jbalogh/python-irclib"]
path = submodules/github/jbalogh/python-irclib
url = https://github.com/jbalogh/python-irclib.git
+[submodule "Reaktor/repos/gxfr"]
+ path = Reaktor/repos/gxfr
+ url = https://github.com/makefu/gxfr.git
+[submodule "Reaktor/repos/dnsrecon"]
+ path = Reaktor/repos/dnsrecon
+ url = https://github.com/makefu/dnsrecon.git
+[submodule "Reaktor/repos/whatweb"]
+ path = Reaktor/repos/whatweb
+ url = https://github.com/urbanadventurer/WhatWeb.git
diff --git a/Monitoring/plugins/notify_irc b/Monitoring/plugins/notify_irc
new file mode 100755
index 00000000..e1de0866
--- /dev/null
+++ b/Monitoring/plugins/notify_irc
@@ -0,0 +1,87 @@
+#! /usr/bin/env python
+#
+# Example program using irclib.py.
+#
+# This program is free without restrictions; do anything you like with
+# it.
+#
+# Joel Rosdahl <joel@rosdahl.net>
+
+import irclib
+import sys
+#irclib.DEBUG= True
+class IRCCat(irclib.SimpleIRCClient):
+ def __init__(self, target,msg=""):
+ irclib.SimpleIRCClient.__init__(self)
+ self.target = target
+ self.msg = msg
+
+ def on_welcome(self, connection, event):
+ if irclib.is_channel(self.target):
+ connection.join(self.target)
+ else:
+ self.send_it()
+
+ def on_join(self, connection, event):
+ self.send_it()
+
+ def on_disconnect(self, connection, event):
+ sys.exit(0)
+
+ def send_it(self):
+ if self.msg:
+ print "writing given argv privmsg",self.msg
+ self.connection.privmsg(self.target, self.msg)
+ else:
+ print "writing stdin privmsg:"
+ while 1:
+ line = sys.stdin.readline()
+ if not line:
+ break
+ print line
+ self.connection.privmsg(self.target, line)
+ self.connection.quit("Using irclib.py")
+def findGreatNick(prefix='shinken'):
+ import random
+ import re
+ dic="/usr/share/dict/danish"
+ found=False
+ while not found:
+ w = random.choice(list(open(dic)))
+ found = re.match(r"^[a-zA-Z_-]+$",w)
+ return prefix +"|"+w.strip()
+
+def main():
+ if len(sys.argv) < 3:
+ print "Usage: notify_irc <server[:port]> <target> [message]"
+ print "\ntarget is a nickname or a channel."
+ sys.exit(1)
+
+ s = sys.argv[1].split(":", 1)
+ server = s[0]
+ if len(s) == 2:
+ try:
+ port = int(s[1])
+ except ValueError:
+ print "Error: Erroneous port."
+ sys.exit(1)
+ else:
+ port = 6667
+ import random
+ nickname = findGreatNick()
+ print nickname
+ target = sys.argv[2]
+ msg = ""
+ if len(sys.argv) == 4:
+ msg = sys.argv[3]
+ c = IRCCat(target,msg)
+ try:
+ print "trying to connect to ",server,port,nickname
+ c.connect(server, port, nickname )
+ except irclib.ServerConnectionError, x:
+ print x
+ sys.exit(1)
+ c.start()
+
+if __name__ == "__main__":
+ main()
diff --git a/Reaktor/IRC/asybot.py b/Reaktor/IRC/asybot.py
index 657cee40..df758ed6 100755
--- a/Reaktor/IRC/asybot.py
+++ b/Reaktor/IRC/asybot.py
@@ -9,12 +9,14 @@ def is_executable(x):
from asynchat import async_chat as asychat
from asyncore import loop
-from socket import AF_INET, SOCK_STREAM
+from socket import AF_INET, SOCK_STREAM,gethostname
from signal import SIGALRM, signal, alarm
from datetime import datetime as date, timedelta
+import shlex
+from time import sleep
from sys import exit
from re import split, search
-
+from textwrap import TextWrapper
import logging,logging.handlers
log = logging.getLogger('asybot')
hdlr = logging.handlers.SysLogHandler(facility=logging.handlers.SysLogHandler.LOG_DAEMON)
@@ -37,6 +39,7 @@ class asybot(asychat):
self.set_terminator('\r\n')
self.create_socket(AF_INET, SOCK_STREAM)
self.connect((self.server, self.port))
+ self.wrapper = TextWrapper(subsequent_indent=" ",width=400)
# When we don't receive data for alarm_timeout seconds then issue a
# PING every hammer_interval seconds until kill_timeout seconds have
@@ -105,8 +108,10 @@ class asybot(asychat):
def on_privmsg(self, prefix, command, params, rest):
def PRIVMSG(text):
- msg = 'PRIVMSG %s :%s' % (','.join(params), text)
- self.push(msg)
+ for line in self.wrapper.wrap(text):
+ msg = 'PRIVMSG %s :%s' % (','.join(params), line)
+ self.push(msg)
+ sleep(1)
def ME(text):
PRIVMSG('ACTION ' + text + '')
@@ -125,7 +130,7 @@ class asybot(asychat):
from os.path import realpath, dirname, join
from subprocess import Popen as popen, PIPE
-
+ from time import time
Reaktor_dir = dirname(realpath(dirname(__file__)))
public_commands = join(Reaktor_dir, 'public_commands')
command = join(public_commands, _command)
@@ -133,29 +138,28 @@ class asybot(asychat):
if is_executable(command):
env = {}
+ args = []
+ start = time()
if _argument != None:
env['argument'] = _argument
-
+ args = shlex.split(_argument)
try:
- p = popen([command], stdin=PIPE, stdout=PIPE, stderr=PIPE, env=env)
+ p = popen([command] + args,bufsize=1, stdout=PIPE, stderr=PIPE, env=env)
except OSError, error:
ME('brain damaged')
log.error('OSError@%s: %s' % (command, error))
return
-
- stdout, stderr = [ x[:len(x)-1] for x in
- [ x.split('\n') for x in p.communicate()]]
- code = p.returncode
pid = p.pid
+ for line in iter(p.stdout.readline,""):
+ PRIVMSG(line)
+ log.debug('%s stdout: %s' % (pid, line))
+ p.wait()
+ elapsed = time() - start
+ code = p.returncode
+ log.info('command: %s -> %s in %d seconds' % (command, code,elapsed))
+ [log.debug('%s stderr: %s' % (pid, x)) for x in p.stderr.readlines()]
- log.info('command: %s -> %s' % (command, code))
- [log.debug('%s stdout: %s' % (pid, x)) for x in stdout]
- [log.debug('%s stderr: %s' % (pid, x)) for x in stderr]
-
- if code == 0:
- [PRIVMSG(x) for x in stdout]
- [PRIVMSG(x) for x in stderr]
- else:
+ if code != 0:
ME('mimimi')
else:
@@ -181,8 +185,12 @@ if __name__ == "__main__":
lol = logging.DEBUG if env.get('debug',False) else logging.INFO
logging.basicConfig(level=lol)
- name = getconf1('Name', '/etc/tinc/retiolum/tinc.conf')
- hostname = '%s.retiolum' % name
+ try:
+ name = getconf1('Name', '/etc/tinc/retiolum/tinc.conf')
+ hostname = '%s.retiolum' % name
+ except:
+ name = gethostname()
+ hostname = name
nick = str(env.get('nick', name))
host = str(env.get('host', 'supernode'))
port = int(env.get('port', 6667))
diff --git a/Reaktor/IRC/index b/Reaktor/IRC/index
index 24982c76..50022ec9 100755
--- a/Reaktor/IRC/index
+++ b/Reaktor/IRC/index
@@ -3,5 +3,4 @@ set -xeuf
# cd //Reaktor
cd $(dirname $(readlink -f $0))/..
-
-exec python IRC/asybot.py "$@"
+host=irc.freenode.net target='#krebsco' python IRC/asybot.py "$@"
diff --git a/Reaktor/Makefile b/Reaktor/Makefile
new file mode 100644
index 00000000..2241dba6
--- /dev/null
+++ b/Reaktor/Makefile
@@ -0,0 +1,23 @@
+submodules = gxfr dnsrecon bxfr whatweb
+security_modules = subdomains revip whatweb
+
+all: init all-mods
+
+init: init-submodules $(submodules)
+init-submodules:
+ cd ..;git submodule init; git submodule update
+$(submodules):
+ cd repos/$@ ; git checkout master;git pull
+
+all-mods: $(addprefix public_commands/,$(security_modules))
+public_commands/%:commands/%
+ ln -s ../$< $@
+
+debian-autostart:
+ useradd reaktor ||:
+ cp startup/init.d/reaktor-debian /etc/init.d/reaktor
+ cp startup/conf.d/reaktor /etc/default/
+ update-rc.d reaktor defaults
+supervisor-autostart:
+ useradd reaktor ||:
+ cp startup/supervisor/Reaktor.conf /etc/supervisor/conf.d/
diff --git a/Reaktor/commands/revip b/Reaktor/commands/revip
new file mode 120000
index 00000000..e2c3b7ab
--- /dev/null
+++ b/Reaktor/commands/revip
@@ -0,0 +1 @@
+../repos/revip/revip \ No newline at end of file
diff --git a/Reaktor/commands/subdomains b/Reaktor/commands/subdomains
new file mode 120000
index 00000000..0489555f
--- /dev/null
+++ b/Reaktor/commands/subdomains
@@ -0,0 +1 @@
+../repos/consolidate_dns/index \ No newline at end of file
diff --git a/Reaktor/commands/whatweb b/Reaktor/commands/whatweb
new file mode 100755
index 00000000..84130d5c
--- /dev/null
+++ b/Reaktor/commands/whatweb
@@ -0,0 +1,7 @@
+#!/bin/sh
+#wrapper for WhatWeb
+here=$(dirname `readlink -f $0`)
+whatweb_bin="$here/../repos/whatweb/whatweb"
+[ -e "$whatweb_bin" ] || ( echo "!! Whatweb app does not exist" && exit 1 )
+[ "balls$1" = "balls" ] && ( echo "!! no host given" && exit 1)
+exec $whatweb_bin -a 3 "$1"
diff --git a/Reaktor/repos/bxfr/bxfr.py b/Reaktor/repos/bxfr/bxfr.py
new file mode 100644
index 00000000..8e6bd101
--- /dev/null
+++ b/Reaktor/repos/bxfr/bxfr.py
@@ -0,0 +1,238 @@
+#!/usr/bin/python -tt
+
+# gxfr replicates dns zone transfers by enumerating subdomains using advanced search engine queries and conducting dns lookups.
+# By Tim Tomes (LaNMaSteR53)
+# Available for download at http://LaNMaSteR53.com or http://code.google.com/p/gxfr/
+
+import sys, os.path, urllib, urllib2, re, time, socket, random, socket
+
+
+def help():
+ print """ Syntax: ./gxfr.py domain [options]
+
+ -h, --help this screen
+ -v enable verbose mode
+ -t [num of seconds] set number of seconds to wait between queries (default=15)
+ -q [max num of queries] restrict to maximum number of queries (default=0, indefinite)
+ --dns-lookup enable dns lookups of all subdomains
+ --proxy [file|ip:port|-] use a proxy or list of open proxies to send queries (@random w/list)
+ - [file] must consist of 1 or more ip:port pairs
+ - replace filename with '-' (dash) to accept stdin
+ --user-agent ['string'] set custom user-agent string
+ --timeout [seconds] set socket timeout (default=system default)
+ --csv [file]
+
+ Examples:
+ $ ./gxfr.py foxnews.com --dns-lookup -v
+ $ ./gxfr.py foxnews.com --dns-lookup --proxy open_proxies.txt --timeout 10
+ $ ./gxfr.py foxnews.com --dns-lookup -t 5 -q 5 -v --proxy 127.0.0.1:8080
+ $ curl http://rmccurdy.com/scripts/proxy/good.txt | ./gxfr.py website.com -v -t 3 --proxy -
+ """
+ sys.exit(2)
+
+if len(sys.argv) < 2:
+ help()
+
+if '-h' in sys.argv or '--help' in sys.argv:
+ help()
+
+# declare vars and process arguments
+#http://www.bing.com/search?q=site%3agoogle.de&qs=n&filt=all&pq=site%3agoogle.d&sc=8-5&sp=-1&sk=&first=1&FORM=PORE
+query_cnt = 0
+csvname = False
+domain = sys.argv[1]
+sys.argv = sys.argv[2:]
+lookup = False
+encrypt = True
+base_url = 'http://www.bing.com'
+base_uri = '/search?qs=n&form=QBRE&sc=0-0&sp=-1&sk='
+base_query = 'site:' + domain
+pattern = '//([\.\w-]*)\.%s.+?' % (domain)
+proxy = False
+user_agent = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FDM; .NET CLR 2.0.50727; InfoPath.2; .NET CLR 1.1.4322)'
+verbose = False
+secs = 15
+max_queries = 10 # default = 10 queries
+# process command line arguments
+if len(sys.argv) > 0:
+ if '--dns-lookup' in sys.argv:
+ lookup = True
+ if '--csv' in sys.argv:
+ csvname = sys.argv[sys.argv.index('--csv') + 1]
+ if '--proxy' in sys.argv:
+ proxy = True
+ filename = sys.argv[sys.argv.index('--proxy') + 1]
+ if filename == '-':
+ proxies = sys.stdin.read().split()
+ elif os.path.exists(filename):
+ content = open(filename).read()
+ proxies = re.findall('\d+\.\d+\.\d+\.\d+:\d+', content)
+ elif re.match(r'^\d+\.\d+\.\d+\.\d+:\d+$', filename):
+ proxies = [filename]
+ else:
+ help()
+ if '--timeout' in sys.argv:
+ timeout = int(sys.argv[sys.argv.index('--timeout') + 1])
+ socket.setdefaulttimeout(timeout)
+ if '--user-agent' in sys.argv:
+ user_agent = sys.argv[sys.argv.index('--user-agent') + 1]
+ if '-v' in sys.argv:
+ verbose = True
+ if '-t' in sys.argv:
+ secs = int(sys.argv[sys.argv.index('-t') + 1])
+ if '-q' in sys.argv:
+ max_queries = int(sys.argv[sys.argv.index('-q') + 1])
+subs = []
+new = True
+page = 0
+
+# --begin--
+print '[-] domain:', domain
+print '[-] user-agent:', user_agent
+# execute search engine queries and scrape results storing subdomains in a list
+print '[-] querying search engine, please wait...'
+# loop until no new subdomains are found
+while new == True: