Skip to content

Fixed PentestTools data source #833

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
shelld3v wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

Fixed PentestTools data source #833

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bdd468f
Fixed PentestTools data source
shelld3v May 22, 2022
2f3af46
Small fix
shelld3v Jun 1, 2022
3b5615a
Merge branch 'develop' into patch-61
caffix Jun 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
99 changes: 52 additions & 47 deletions resources/scripts/api/pentesttools.ads
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,111 +34,116 @@ function vertical(ctx, domain)
return
end

local id = start_scan(domain, c.key)
if id == "" then
local id, err = start_scan(ctx, domain, c.key)
if (err ~= nil and err ~= "") then
log(ctx, "start_scan request to service failed: " .. err)
return
end

while(true) do
local status = get_scan_status(id, c.key)
if status == "failed" then
local status, err = get_scan_status(ctx, id, c.key)
if (err ~= nil and err ~= "") then
log(ctx, "get_scan_status request to service failed: " .. err)
return
elseif status == "finished" then
elseif (status ~= "waiting" and status ~= "running") then
break
end

for _=1,5 do check_rate_limit() end
end

local output = get_output(id, c.key)
if output ~= "" then
for _, r in pairs(output) do
new_name(ctx, r[1])
new_addr(ctx, r[2], r[1])
local output, err = get_output(ctx, id, c.key)
if (err ~= nil and err ~= "") then
log(ctx, "get_output request to service failed: " .. err)
return
end

if (output ~= nil and output ~= "") then
for _, obj in pairs(output) do
new_name(ctx, obj.hostname)
new_addr(ctx, obj.ip_address, obj.hostname)
end
end
end

function start_scan(domain, key)
local body = json.encode({
function start_scan(ctx, domain, key)
local body, err = json.encode({
['op']="start_scan",
['tool_id']=20,
['target']=domain,
['tool_params'] = {
['subdom_details']="on",
['web_details']="off",
['do_bing_search']="off",
},
})
if (err ~= nil and err ~= "") then
return nil, err
end

local resp, err = request(ctx, {
['url']=build_url(key),
method="POST",
data=body,
headers={['Content-Type']="application/json"}
['method']="POST",
['data']=body,
['headers']={['Content-Type']="application/json"}
})
if (err ~= nil and err ~= "") then
log(ctx, "start_scan request to service failed: " .. err)
return ""
return nil, err
end

d = json.decode(resp)
if (d == nil or d.op_status ~= "success") then
return ""
j = json.decode(resp)
if j.op_status ~= "success" then
return nil, j.error
end
return d.scan_id

return j.scan_id, nil
end

function get_scan_status(id, key)
function get_scan_status(ctx, id, key)
local body = json.encode({
['op']="get_scan_status",
['scan_id']=id,
})

local resp, err = request(ctx, {
['url']=build_url(key),
method="POST",
data=body,
headers={['Content-Type']="application/json"}
['method']="POST",
['data']=body,
['headers']={['Content-Type']="application/json"}
})
if (err ~= nil and err ~= "") then
log(ctx, "get_scan_status request to service failed: " .. err)
return "failed"
return nil, err
end

d = json.decode(resp)
if (d == nil or d.op_status ~= "success") then
return "failed"
elseif (d.scan_status == "waiting" or d.scan_status == "running") then
return "progress"
else
return "finished"
j = json.decode(resp)
if j.op_status ~= "success" then
return nil, j.error
end

return j.scan_status, nil
end

function get_output(id, key)
function get_output(ctx, id, key)
local body = json.encode({
['op']="get_output",
['scan_id']=id,
['output_format']="json",
})

local resp, err = request(ctx, {
['url']=build_url(key),
method="POST",
data=body,
headers={['Content-Type']="application/json"}
['method']="POST",
['data']=body,
['headers']={['Content-Type']="application/json"}
})
if (err ~= nil and err ~= "") then
log(ctx, "get_output request to service failed: " .. err)
return ""
return nil, err
end

d = json.decode(resp)
if (d == nil or d.op_status ~= "success" or
d.output_json == nil or #(d['output_json'].output_data) == 0) then
return ""
j = json.decode(resp)
if j.op_status ~= "success" then
return nil, j.error
end
return d['output_json'][1].output_data

return j['scan_output']['scan_tests']
end

function build_url(key)
Expand Down