ffufPostprocess part2

six2dez · Jan 28, 2025 · dca8d33 · dca8d33
1 parent 0f5c006
commit dca8d33
Show file tree

Hide file tree

Showing 3 changed files with 54 additions and 42 deletions.
diff --git a/.github/workflows/docker_nightly.yml b/.github/workflows/docker_nightly.yml
@@ -1,36 +1,36 @@
 name: ci
 
+permissions:
+  contents: read
+  packages: write
+  id-token: write
+
 on:
   release:
     types:
-      - 'published'
+      - published
   # push:
-    # branches:
-      # - 'master'
-      # - 'main'
+  # branches:
+  # - 'master'
+  # - 'main'
   schedule:
-    - cron: '0 2 * * *' # run at 2 AM UTC
-    
+    - cron: 0 2 * * * # run at 2 AM UTC
+
 jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
-      -
-        name: Set up QEMU
+      - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
-      -
-        name: Set up Docker Buildx
+      - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
-      -
-        name: Login to DockerHub
-        uses: docker/login-action@v1 
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - 
-        uses: actions/checkout@v2
-      -
-        name: Build and push
+      - uses: actions/checkout@v2
+      - name: Build and push
         id: docker_build
         uses: docker/build-push-action@v2
         with:

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -1,5 +1,18 @@
 name: tests
 
+permissions:
+  contents: read
+  issues: write
+  pull-requests: write
+  actions: read
+  checks: read
+  deployments: read
+  discussions: read
+  packages: read
+  repository-projects: read
+  security-events: read
+  statuses: read
+
 on: [push, pull_request]
 
 jobs:
@@ -10,7 +23,7 @@ jobs:
         os:
           - ubuntu-20.04
           - ubuntu-22.04
-          - ubuntu-24.04
+          - ubuntu-latest
 
     name: ${{ matrix.os }}
     runs-on: ${{ matrix.os }}

diff --git a/reconftw.sh b/reconftw.sh
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/bash
 
 # Welcome to reconFTW main script
 #	 ██▀███  ▓█████  ▄████▄   ▒█████   ███▄    █   █████▒▄▄▄█████▓ █     █░
@@ -336,7 +336,7 @@ function github_dorks() {
 }
 
 function github_repos() {
-	mkdir -p .tmp
+	mkdir -p osint
 
 	if { [[ ! -f "$called_fn_dir/.${FUNCNAME[0]}" ]] || [[ $DIFF == true ]]; } && [[ $GITHUB_REPOS == true ]] && [[ $OSINT == true ]]; then
 		start_func "${FUNCNAME[0]}" "Github Repos analysis in process"
@@ -1091,6 +1091,8 @@ function sub_tls() {
 			fi
 		fi
 
+		touch .tmp/subdomains_tlsx_resolved.txt
+
 		if ! NUMOFLINES=$(anew subdomains/subdomains.txt <.tmp/subdomains_tlsx_resolved.txt | sed '/^$/d' | wc -l); then
 			printf "%b[!] Counting new subdomains failed.%b\n" "$bred" "$reset"
 			return 1
@@ -2643,6 +2645,8 @@ function webprobe_simple() {
 			fi
 		fi
 
+		touch .tmp/probed_tmp.txt
+
 		# Count new websites
 		if ! NUMOFLINES=$(anew webs/webs.txt <.tmp/probed_tmp.txt 2>/dev/null | sed '/^$/d' | wc -l); then
 			printf "%b[!] Failed to count new websites.%b\n" "$bred" "$reset"
@@ -3092,7 +3096,6 @@ function portscan() {
 			nmapurls <hosts/portscan_active.xml 2>>"$LOGFILE" | anew -q hosts/webs.txt
 		fi
 
-
 		if [[ $FARADAY == true ]]; then
 			# Check if the Faraday server is running
 			if ! faraday-cli status 2>>"$LOGFILE" >/dev/null; then
@@ -3104,7 +3107,6 @@ function portscan() {
 			fi
 		fi
 
-
 		if [[ -s "hosts/webs.txt" ]]; then
 			if ! NUMOFLINES=$(wc -l <hosts/webs.txt); then
 				printf "%b[!] Failed to count lines in hosts/webs.txt.%b\n" "$bred" "$reset"
@@ -3379,32 +3381,29 @@ function fuzz() {
 				for sub in $(cat webs/webs_all.txt); do
 					sub_out=$(echo $sub | sed -e 's|^[^/]*//||' -e 's|/.*$||')
 
-					pushd "${tools}/ffufPostprocessing" >/dev/null || {
-						echo "Failed to cd directory in ${FUNCNAME[0]} @ line ${LINENO}"
-					}
-					./ffufPostprocessing -result-file $dir/.tmp/fuzzing/${sub_out}.json -overwrite-result-file 2>>"$LOGFILE" >/dev/null
-					popd >/dev/null || {
-						echo "Failed to popd in ${FUNCNAME[0]} @ line ${LINENO}"
-					}
+#					pushd "${tools}/ffufPostprocessing" >/dev/null || {
+#						echo "Failed to cd directory in ${FUNCNAME[0]} @ line ${LINENO}"
+#					}
+#					./ffufPostprocessing -result-file $dir/.tmp/fuzzing/${sub_out}.json -overwrite-result-file 2>>"$LOGFILE" >/dev/null
+#					popd >/dev/null || {
+#						echo "Failed to popd in ${FUNCNAME[0]} @ line ${LINENO}"
+#					}
 
 					[ -s "$dir/.tmp/fuzzing/${sub_out}.json" ] && cat $dir/.tmp/fuzzing/${sub_out}.json | jq -r 'try .results[] | "\(.status) \(.length) \(.url)"' | sort -k1 | anew -q $dir/fuzzing/${sub_out}.txt
 				done
 				find $dir/fuzzing/ -type f -iname "*.txt" -exec cat {} + 2>>"$LOGFILE" | sort -k1 | anew -q $dir/fuzzing/fuzzing_full.txt
 			else
-				axiom-exec "mkdir -p /home/op/lists/seclists/Discovery/Web-Content/" &>/dev/null
-				axiom-exec "wget -q -O - ${fuzzing_remote_list} > /home/op/lists/fuzz_wordlist.txt" &>/dev/null
-				axiom-exec "wget -q -O - ${fuzzing_remote_list} > /home/op/lists/seclists/Discovery/Web-Content/big.txt" &>/dev/null
-				axiom-scan webs/webs_all.txt -m ffuf_base -H "${HEADER}" $FFUF_FLAGS -s -maxtime $FFUF_MAXTIME -o $dir/.tmp/ffuf-content.json $AXIOM_EXTRA_ARGS 2>>"$LOGFILE" >/dev/null
-				pushd "${tools}/ffufPostprocessing" >/dev/null || {
-					echo "Failed to cd directory in ${FUNCNAME[0]} @ line ${LINENO}"
-				}
-				[ -s "$dir/.tmp/ffuf-content.json" ] && ./ffufPostprocessing -result-file $dir/.tmp/ffuf-content.json -overwrite-result-file 2>>"$LOGFILE" >/dev/null
-				popd >/dev/null || {
-					echo "Failed to popd in ${FUNCNAME[0]} @ line ${LINENO}"
-				}
+				axiom-scan webs/webs_all.txt -m ffuf -wL ${fuzzing_remote_list} -H "${HEADER}" $FFUF_FLAGS -s -maxtime $FFUF_MAXTIME -o $dir/.tmp/ffuf-content.json $AXIOM_EXTRA_ARGS 2>>"$LOGFILE" >/dev/null
+#				pushd "${tools}/ffufPostprocessing" >/dev/null || {
+#					echo "Failed to cd directory in ${FUNCNAME[0]} @ line ${LINENO}"
+#				}
+#				[ -s "$dir/.tmp/ffuf-content.json" ] && ./ffufPostprocessing -result-file $dir/.tmp/ffuf-content.json -overwrite-result-file 2>>"$LOGFILE" >/dev/null
+#				popd >/dev/null || {
+#					echo "Failed to popd in ${FUNCNAME[0]} @ line ${LINENO}"
+#				}
 				for sub in $(cat webs/webs_all.txt); do
 					sub_out=$(echo $sub | sed -e 's|^[^/]*//||' -e 's|/.*$||')
-					[ -s "$dir/.tmp/ffuf-content.json" ] && cat .tmp/ffuf-content.json | jq -r 'try .results[] | "\(.status) \(.length) \(.url)"' | grep $sub | sort -k1 | anew -q fuzzing/${sub_out}.txt
+					[ -s "$dir/.tmp/ffuf-content.json" ] && cat $dir/.tmp/ffuf-content.json 	 | grep $sub | sort -k1 | anew -q fuzzing/${sub_out}.txt
 				done
 				find $dir/fuzzing/ -type f -iname "*.txt" -exec cat {} + 2>>"$LOGFILE" | sort -k1 | anew -q $dir/fuzzing/fuzzing_full.txt
 			fi
@@ -6122,7 +6121,7 @@ function help() {
 
 # macOS PATH initialization, thanks @0xtavian <3
 if [[ $OSTYPE == "darwin"* ]]; then
-	if ! command -v brew &> /dev/null; then
+	if ! command -v brew &>/dev/null; then
 		printf "\n%bBrew is not installed or not in the PATH.%b\n\n" "$bred" "$reset"
 		exit 1
 	fi