Wireframing for fuzzy-logic

Michael Skelton · Michael Skelton · commit ffeb9e8be816 · 2017-09-27T22:18:29.000+10:00
diff --git a/VHostScan.py b/VHostScan.py
@@ -27,7 +27,7 @@ def main():
     parser.add_argument('--ignore-content-length', dest='ignore_content_length', type=int, help='Ignore content lengths of specificed amount (default 0).', default=0)
     parser.add_argument('--unique-depth', dest='unique_depth', type=int, help='Show likely matches of page content that is found x times (default 1).', default=1)
     parser.add_argument("--ssl", dest="ssl",   action="store_true", help="If set then connections will be made over HTTPS instead of HTTP (default http).", default=False)
-    parser.add_argument("--fuzzy_logic", dest="fuzzy_logic", action="store_true", help="If set then fuzzy match will be performed against unique hosts (default off).", default=False)
+    parser.add_argument("--fuzzy-logic", dest="fuzzy_logic", action="store_true", help="If set then fuzzy match will be performed against unique hosts (default off).", default=False)
     parser.add_argument("--waf", dest="add_waf_bypass_headers",   action="store_true", help="If set then simple WAF bypass headers will be sent.", default=False)
     parser.add_argument("-oN",   dest="output_normal", help="Normal output printed to a file when the -oN option is specified with a filename argument." )
     parser.add_argument("-", dest="stdin", action="store_true", help="By passing a blank '-' you tell VHostScan to expect input from stdin (pipe).", default=False)
@@ -85,6 +85,9 @@ def main():
 
     print(output.output_normal_likely())
 
+    if(arguments.fuzzy_logic):
+        print(output.output_fuzzy())
+
     if(arguments.output_normal):
         output.write_normal(arguments.output_normal)
         print("\n[+] Writing normal ouptut to %s" % arguments.output_normal)
diff --git a/fuzzy_logic_concept.py b/fuzzy_logic_concept.py
@@ -5,13 +5,13 @@
 import itertools
 from fuzzywuzzy import fuzz
 
-headers = ('a.example.com', 'b.example.com', 'c.example.com')
+headers = ('lol', 'intranet.example.com', 'dev.example.com')
 
 request_data = {}
 
 for host in headers:
     headers = { 'Host': host }
-    req = requests.get('http://test.host.here/', headers=headers, verify=False)
+    req = requests.get('http://home.kent.id.au', headers=headers, verify=False)
     hash = hashlib.sha256(req.text.encode('utf-8')).hexdigest()
     request_data[hash] = req.content
 
diff --git a/lib/core/__version__.py b/lib/core/__version__.py
@@ -2,5 +2,5 @@
 # |V|H|o|s|t|S|c|a|n|  Developed by @codingo_ & @__timk
 # +-+-+-+-+-+-+-+-+-+  https://github.com/codingo/VHostScan
 
-__version__ = '0.7'
+__version__ = '1.0'
 
diff --git a/lib/core/discovered_host.py b/lib/core/discovered_host.py
@@ -7,4 +7,5 @@ def __init__(self):
         self.hostname = ''
         self.response_code = 0
         self.hash = ''
-        self.keys = []
+        self.keys = []
+        self.content = b''
diff --git a/lib/core/virtual_host_scanner.py b/lib/core/virtual_host_scanner.py
@@ -3,6 +3,7 @@
 import hashlib
 import pandas as pd
 from lib.core.discovered_host import *
+from fuzzywuzzy import fuzz
 
 
 class virtual_host_scanner(object):
@@ -88,6 +89,7 @@ def scan(self):
             host.hostname = hostname
             host.response_code = res.status_code
             host.hash = page_hash
+            host.content = res.content
 
             for key, val in res.headers.items():
                 output += '  {}: {}\n'.format(key, val)
@@ -120,3 +122,7 @@ def likely_matches(self):
         matches = ((segmented_data["key_col"].values).tolist())
 
         return matches
+
+    def fuzzy_logic(self):
+       # for host in self.hosts:
+       return
diff --git a/lib/helpers/output_helper.py b/lib/helpers/output_helper.py
@@ -12,7 +12,7 @@ def write_normal(self, filename):
 
         # todo: finish check_directory (needs regex to split out filename)
         # file.check_directory(filename)
-        file.write_file(self.generate_header() + self.output_normal_likely() + self.output_normal_detail())
+        file.write_file(self.generate_header() + self.output_normal_likely() + self.output_fuzzy() + self.output_normal_detail())
 
     def output_normal_likely(self):
         uniques = False
@@ -28,6 +28,13 @@ def output_normal_likely(self):
         else:
             return "\n[!] No matches with a unique count of {} or less.".format(depth)
 
+
+    def output_fuzzy(self):
+        output = "\n[+] Match similarity using fuzzy logic:".format(depth)
+
+        return output
+
+
     def output_normal_detail(self):
         output = "\n\n[+] Full scan results"
 
@@ -37,6 +44,7 @@ def output_normal_detail(self):
         
         return output
 
+
     def generate_header(self):
         output = "VHostScanner Log: {} {}\n".format(time.strftime("%d/%m/%Y"), time.strftime("%H:%M:%S"))
         output += "\tTarget: {}\n\tBase Host: {}\n\tPort: {}".format(self.scanner.target, self.scanner.base_host, self.scanner.port)
diff --git a/wordlists/testing.txt b/wordlists/testing.txt
@@ -0,0 +1,3 @@
+lol
+intranet.example.com
+dev.example.com

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+lol`
	`2`	`+intranet.example.com`
	`3`	`+dev.example.com`