Skip to content

Commit 5ae3ff0

Browse files
robotshellrobotshell
committed
Reorder phases script
1 parent 08ea640 commit 5ae3ff0

File tree

1 file changed

+22
-23
lines changed

1 file changed

+22
-23
lines changed

magicRecon.sh

Lines changed: 22 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -21,10 +21,10 @@ echo -e "${BOLD}${GREEN}[+] Welcome to MagicRecon"
2121
echo -e ""
2222
echo -e "${BOLD}${GREEN}[+] MagicRecon has 5 steps: "
2323
echo -e "${BOLD}${GREEN}[+] STEP 1: Subdomain Enumeration"
24-
echo -e "${BOLD}${GREEN}[+] STEP 2: JavaScript files and Hidden Endpoints"
25-
echo -e "${BOLD}${GREEN}[+] STEP 3: Find directories and hidden files"
26-
echo -e "${BOLD}${GREEN}[+] STEP 4: Port scan for alive domains"
27-
echo -e "${BOLD}${GREEN}[+] STEP 5: Subdomain headers and response bodies"
24+
echo -e "${BOLD}${GREEN}[+] STEP 2: Subdomain headers and response bodies"
25+
echo -e "${BOLD}${GREEN}[+] STEP 3: JavaScript files and Hidden Endpoints"
26+
echo -e "${BOLD}${GREEN}[+] STEP 4: Find directories and hidden files"
27+
echo -e "${BOLD}${GREEN}[+] STEP 5: Port scan for alive domains"
2828

2929
echo -e ""
3030
echo -e "${BOLD}${GREEN}[+] STEP 1: Starting Subdomain Enumeration"
@@ -87,9 +87,24 @@ cat alive.txt | python -c "import sys; import json; print (json.dumps({'domains'
8787

8888
cat domains.txt | python -c "import sys; import json; print (json.dumps({'domains':list(sys.stdin)}))" > domains.json
8989

90+
#########SUBDOMAIN HEADERS#########
91+
echo -e ""
92+
echo -e "${BOLD}${GREEN}[+] STEP 2: Storing subdomain headers and response bodies"
93+
94+
mkdir headers
95+
96+
CURRENT_PATH=$(pwd)
97+
98+
for x in $(cat alive.txt)
99+
do
100+
NAME=$(echo $x | awk -F/ '{print $3}')
101+
curl -X GET -H "X-Forwarded-For: evil.com" $x -I > "$CURRENT_PATH/headers/$NAME"
102+
curl -s -X GET -H "X-Forwarded-For: evil.com" -L $x > "$CURRENT_PATH/responsebody/$NAME"
103+
done
104+
90105
#########JAVASCRIPT FILES#########
91106
echo -e ""
92-
echo -e "${BOLD}${GREEN}[+] STEP 2: Collecting JavaScript files and Hidden Endpoints"
107+
echo -e "${BOLD}${GREEN}[+] STEP 3: Collecting JavaScript files and Hidden Endpoints"
93108

94109
mkdir scripts
95110
mkdir scriptsresponse
@@ -165,7 +180,7 @@ done
165180

166181
#########FILES AND DIRECTORIES#########
167182
echo -e ""
168-
echo -e "${BOLD}${GREEN}[+] STEP 3: Starting Gobuster to find directories and hidden files"
183+
echo -e "${BOLD}${GREEN}[+] STEP 4: Starting Gobuster to find directories and hidden files"
169184

170185
mkdir directories
171186

@@ -182,27 +197,11 @@ done
182197

183198
#########NMAP#########
184199
echo -e ""
185-
echo -e "${BOLD}${GREEN}[+]STEP 4: Starting Nmap Scan for alive domains"
200+
echo -e "${BOLD}${GREEN}[+]STEP 5: Starting Nmap Scan for alive domains"
186201

187202
mkdir nmapscans
188203

189204
for domain in $(cat domains.txt)
190205
do
191206
nmap -sC -sV -v $domain | tee nmapscans/$domain
192207
done
193-
194-
#########SUBDOMAIN HEADERS#########
195-
echo -e ""
196-
echo -e "${BOLD}${GREEN}[+] STEP 5: Storing subdomain headers and response bodies"
197-
198-
mkdir headers
199-
200-
CURRENT_PATH=$(pwd)
201-
202-
for x in $(cat alive.txt)
203-
do
204-
NAME=$(echo $x | awk -F/ '{print $3}')
205-
curl -X GET -H "X-Forwarded-For: evil.com" $x -I > "$CURRENT_PATH/headers/$NAME"
206-
curl -s -X GET -H "X-Forwarded-For: evil.com" -L $x > "$CURRENT_PATH/responsebody/$NAME"
207-
done
208-

0 commit comments

Comments
 (0)