diff --git a/Bluto/modules/bluto_logging.py b/Bluto/modules/bluto_logging.py index a11e8ad..2f9c119 100644 --- a/Bluto/modules/bluto_logging.py +++ b/Bluto/modules/bluto_logging.py @@ -9,7 +9,7 @@ if not os.path.exists(LOG_DIR): os.makedirs(LOG_DIR) - os.chmod(LOG_DIR, 0700) + os.chmod(LOG_DIR, 0o700) open(INFO_LOG_FILE,'a').close() # set up formatting diff --git a/Bluto/modules/data_mine.py b/Bluto/modules/data_mine.py index f72efbe..cf33efc 100644 --- a/Bluto/modules/data_mine.py +++ b/Bluto/modules/data_mine.py @@ -1,6 +1,6 @@ import pdfminer import requests -import urllib2 +import urllib.request, urllib.error, urllib.parse import oletools.thirdparty.olefile as olefile import os import traceback @@ -9,7 +9,7 @@ import random import math import sys -import Queue +import queue import time import threading import cgi @@ -17,10 +17,10 @@ from pdfminer.pdfparser import PDFParser from pdfminer.pdfdocument import PDFDocument from bs4 import BeautifulSoup -from bluto_logging import info, INFO_LOG_FILE -from get_file import get_user_agents -from search import doc_bing, doc_exalead -from general import get_size +from .bluto_logging import info, INFO_LOG_FILE +from .get_file import get_user_agents +from .search import doc_bing, doc_exalead +from .general import get_size @@ -29,7 +29,7 @@ def action_download(doc_list, docs): i = 0 download_list = [] initial_count = 0 - print 'Gathering Live Documents For Metadata Mining\n' + print('Gathering Live Documents For Metadata Mining\n') headers = { 'User-Agent': 'Mozilla/5.0 (Windows; U; Windows NT 6.0; pl; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 GTB7.1 ( .NET CLR 3.5.30729', 'Referer': 'https://www.google.co.uk/', @@ -52,7 +52,7 @@ def action_download(doc_list, docs): code.write(r.content) code.close() initial_count += 1 - print('\tDownload Count: {}\r'.format(str(initial_count))), + print(('\tDownload Count: {}\r'.format(str(initial_count))), end=' ') info(str(doc).replace('%20', ' ')) download_list.append(str(doc).replace('%20', ' ')) @@ -66,7 +66,7 @@ def action_download(doc_list, docs): code.write(r.content) code.close() initial_count += 1 - print('\tDownload Count: {}\r'.format(str(initial_count))), + print(('\tDownload Count: {}\r'.format(str(initial_count))), end=' ') download_list.append(str(doc).replace('%20', ' ')) info(str(doc).replace('%20', ' ')) continue @@ -96,14 +96,14 @@ def action_download(doc_list, docs): if i < 1: sys.exit() data_size = get_size(docs) - print '\tData Downloaded: {}MB'.format(str(math.floor(data_size))) + print('\tData Downloaded: {}MB'.format(str(math.floor(data_size)))) info('Documents Downloaded: {}'.format(initial_count)) return download_list def doc_search(domain, USERAGENT_F, prox): - q1 = Queue.Queue() - q2 = Queue.Queue() + q1 = queue.Queue() + q2 = queue.Queue() t1 = threading.Thread(target=doc_bing, args=(domain, USERAGENT_F, prox, q1)) t2 = threading.Thread(target=doc_exalead, args=(domain, USERAGENT_F, prox, q2)) t1.start() diff --git a/Bluto/modules/general.py b/Bluto/modules/general.py index 20e8b02..dc5470f 100644 --- a/Bluto/modules/general.py +++ b/Bluto/modules/general.py @@ -14,7 +14,7 @@ import dns.zone import traceback import os -from bluto_logging import info, INFO_LOG_FILE +from .bluto_logging import info, INFO_LOG_FILE default_s = False @@ -38,7 +38,7 @@ def action_whois(domain): try: company = whois_things['contacts']['registrant']['name'] except Exception: - print '\nThere seems to be no Registrar for this domain.' + print('\nThere seems to be no Registrar for this domain.') company = domain pass splitup = company.lower().split() @@ -46,13 +46,13 @@ def action_whois(domain): while True: if patern.search(domain): info('Whois Results Are Good ' + company) - print '\nThe Whois Results Look Promising: ' + colored('{}','green').format(company) - accept = raw_input(colored('\nIs The Search Term sufficient?: ','green')).lower() + print('\nThe Whois Results Look Promising: ' + colored('{}','green').format(company)) + accept = input(colored('\nIs The Search Term sufficient?: ','green')).lower() if accept in ('y', 'yes'): company = company break elif accept in ('n', 'no'): - temp_company = raw_input(colored('\nRegistered Company Name: ','green')) + temp_company = input(colored('\nRegistered Company Name: ','green')) if temp_company == '': info('User Supplied Blank Company') company = domain @@ -62,13 +62,13 @@ def action_whois(domain): company = temp_company break else: - print '\nThe Options Are yes|no Or y|no Not {}'.format(accept) + print('\nThe Options Are yes|no Or y|no Not {}'.format(accept)) else: info('Whois Results Not Good ' + company) - print colored("\n\tThe Whois Results Don't Look Very Promissing: '{}'","red") .format(company) - print'\nPlease Supply The Company Name\n\n\tThis Will Be Used To Query LinkedIn' - temp_company = raw_input(colored('\nRegistered Company Name: ','green')) + print(colored("\n\tThe Whois Results Don't Look Very Promissing: '{}'","red") .format(company)) + print('\nPlease Supply The Company Name\n\n\tThis Will Be Used To Query LinkedIn') + temp_company = input(colored('\nRegistered Company Name: ','green')) if temp_company == '': info('User Supplied Blank Company') company = domain @@ -86,8 +86,8 @@ def action_whois(domain): except KeyError: pass except pythonwhois.net.socket.errno.ETIMEDOUT: - print colored('\nWhoisError: You may be behind a proxy or firewall preventing whois lookups. Please supply the registered company name, if left blank the domain name ' + '"' + domain + '"' +' will be used for the Linkedin search. The results may not be as accurate.','red') - temp_company = raw_input(colored('\nRegistered Company Name: ','green')) + print(colored('\nWhoisError: You may be behind a proxy or firewall preventing whois lookups. Please supply the registered company name, if left blank the domain name ' + '"' + domain + '"' +' will be used for the Linkedin search. The results may not be as accurate.','red')) + temp_company = input(colored('\nRegistered Company Name: ','green')) if temp_company == '': company = domain else: @@ -95,9 +95,9 @@ def action_whois(domain): except Exception: info('An Unhandled Exception Has Occured, Please Check The Log For Details' + INFO_LOG_FILE) if 'company' not in locals(): - print 'There is no Whois data for this domain.\n\nPlease supply a company name.' + print('There is no Whois data for this domain.\n\nPlease supply a company name.') while True: - temp_company = raw_input(colored('\nRegistered Company Name: ','green')) + temp_company = input(colored('\nRegistered Company Name: ','green')) if temp_company == '': info('User Supplied Blank Company') company = domain @@ -124,9 +124,9 @@ def action_country_id(countries_file, prox): key, value = line.strip().split(';') tcountries_dic.update({key: value}) - countries_dic = dict((k.lower(), v.lower()) for k,v in tcountries_dic.iteritems()) + countries_dic = dict((k.lower(), v.lower()) for k,v in tcountries_dic.items()) - for country, server in countries_dic.items(): + for country, server in list(countries_dic.items()): country_list.append(country) country_list = [item.capitalize() for item in country_list] @@ -147,9 +147,9 @@ def action_country_id(countries_file, prox): except ValueError as e: if o == 0: - print colored('\nUnable to connect to the CountryID, we will retry.', 'red') + print(colored('\nUnable to connect to the CountryID, we will retry.', 'red')) if o > 0: - print '\nThis is {} of 3 attempts' .format(o) + print('\nThis is {} of 3 attempts' .format(o)) time.sleep(2) o += 1 if o == 4: @@ -158,9 +158,9 @@ def action_country_id(countries_file, prox): break if o == 4: - print colored('\nWe have been unable to connect to the CountryID service.\n','red') - print '\nPlease let Bluto know what country you hale from.\n' - print colored('Available Countries:\n', 'green') + print(colored('\nWe have been unable to connect to the CountryID service.\n','red')) + print('\nPlease let Bluto know what country you hale from.\n') + print(colored('Available Countries:\n', 'green')) if len(country_list) % 2 != 0: country_list.append(" ") @@ -170,22 +170,22 @@ def action_country_id(countries_file, prox): l2 = country_list[split:] for key, value in zip(l1,l2): - print "{0:<20s} {1}".format(key, value) + print("{0:<20s} {1}".format(key, value)) country_list = [item.lower() for item in country_list] while True: - originCountry = raw_input('\nCountry: ').lower() + originCountry = input('\nCountry: ').lower() if originCountry in country_list: break if originCountry == '': - print '\nYou have not selected a country so the default server will be used' + print('\nYou have not selected a country so the default server will be used') originCountry = 'United Kingdom'.lower() break else: - print '\nCheck your spelling and try again' + print('\nCheck your spelling and try again') - for country, server in countries_dic.items(): + for country, server in list(countries_dic.items()): if country == originCountry: userCountry = country userServer = server @@ -193,7 +193,7 @@ def action_country_id(countries_file, prox): else: - for country, server in countries_dic.items(): + for country, server in list(countries_dic.items()): if country == originCountry.lower(): userCountry = country userServer = server @@ -203,11 +203,11 @@ def action_country_id(countries_file, prox): userCountry = 'DEAFULT' pass else: - print 'Bluto currently doesn\'t have your countries google server available.\nPlease navigate to "https://freegeoip.net/json/" and post an issue to "https://github.com/darryllane/Bluto/issues"\nincluding the country value as shown in the json output\nYou have been assigned to http://www.google.co.uk for now.' + print('Bluto currently doesn\'t have your countries google server available.\nPlease navigate to "https://freegeoip.net/json/" and post an issue to "https://github.com/darryllane/Bluto/issues"\nincluding the country value as shown in the json output\nYou have been assigned to http://www.google.co.uk for now.') userServer = 'http://www.google.co.uk/' userCountry = 'United Kingdom' - print '\n\tSearching From: {0}\n\tGoogle Server: {1}\n' .format(userCountry.title(), userServer) + print('\n\tSearching From: {0}\n\tGoogle Server: {1}\n' .format(userCountry.title(), userServer)) info('Country Identified: {}'.format(userCountry)) return (userCountry, userServer) @@ -230,13 +230,13 @@ def check_dom(domain, myResolver): if dom: pass except dns.resolver.NoNameservers: - print '\nError: \nDomain Not Valid, Check You Have Entered It Correctly\n' + print('\nError: \nDomain Not Valid, Check You Have Entered It Correctly\n') sys.exit() except dns.resolver.NXDOMAIN: - print '\nError: \nDomain Not Valid, Check You Have Entered It Correctly\n' + print('\nError: \nDomain Not Valid, Check You Have Entered It Correctly\n') sys.exit() except dns.exception.Timeout: - print '\nThe connection hit a timeout. Are you connected to the internet?\n' + print('\nThe connection hit a timeout. Are you connected to the internet?\n') sys.exit() except Exception: info('An Unhandled Exception Has Occured, Please Check The Log For Details' + INFO_LOG_FILE) diff --git a/Bluto/modules/get_dns.py b/Bluto/modules/get_dns.py index f8d3556..c0bddc0 100644 --- a/Bluto/modules/get_dns.py +++ b/Bluto/modules/get_dns.py @@ -8,7 +8,7 @@ import dns.resolver import random import string -from bluto_logging import info, INFO_LOG_FILE +from .bluto_logging import info, INFO_LOG_FILE from multiprocessing.dummy import Pool as ThreadPool from termcolor import colored @@ -29,7 +29,7 @@ def get_dns_details(domain, myResolver): zn_list =[] mx_list = [] try: - print "\nName Server:\n" + print("\nName Server:\n") myAnswers = myResolver.query(domain, "NS") for data in myAnswers.rrset: data1 = str(data) @@ -40,12 +40,12 @@ def get_dns_details(domain, myResolver): list(set(ns_list)) ns_list.sort() for i in ns_list: - print colored(i, 'green') + print(colored(i, 'green')) except dns.resolver.NoNameservers: info('\tNo Name Servers\nConfirm The Domain Name Is Correct.' + INFO_LOG_FILE, exc_info=True) sys.exit() except dns.resolver.NoAnswer: - print "\tNo DNS Servers" + print("\tNo DNS Servers") except dns.resolver.NXDOMAIN: info("\tDomain Does Not Exist" + INFO_LOG_FILE, exc_info=True) sys.exit() @@ -56,7 +56,7 @@ def get_dns_details(domain, myResolver): info('An Unhandled Exception Has Occured, Please Check The Log For Details\n' + INFO_LOG_FILE, exc_info=True) try: - print "\nMail Server:\n" + print("\nMail Server:\n") myAnswers = myResolver.query(domain, "MX") for data in myAnswers: data1 = str(data) @@ -66,9 +66,9 @@ def get_dns_details(domain, myResolver): list(set(mx_list)) mx_list.sort() for i in mx_list: - print colored(i, 'green') + print(colored(i, 'green')) except dns.resolver.NoAnswer: - print "\tNo Mail Servers" + print("\tNo Mail Servers") except Exception: info('An Unhandled Exception Has Occured, Please Check The Log For Details' + INFO_LOG_FILE) @@ -125,7 +125,7 @@ def action_brute_start(subs, myResolver): global myResolverG myResolverG = myResolver info('Bruting SubDomains') - print '\nBrute Forcing Sub-Domains\n' + print('\nBrute Forcing Sub-Domains\n') pool = ThreadPool(8) pool.map(action_brute, subs) pool.close() @@ -169,7 +169,7 @@ def action_brute_wild(sub_list, domain, myResolver): def action_zone_transfer(zn_list, domain): info('Attempting Zone Transfers') global clean_dump - print "\nAttempting Zone Transfers" + print("\nAttempting Zone Transfers") zn_list.sort() vuln = True vulnerable_listT = [] @@ -178,7 +178,7 @@ def action_zone_transfer(zn_list, domain): for ns in zn_list: try: z = dns.zone.from_xfr(dns.query.xfr(ns, domain, timeout=3)) - names = z.nodes.keys() + names = list(z.nodes.keys()) names.sort() if vuln == True: info('Vuln: {}'.format(ns)) @@ -197,21 +197,21 @@ def action_zone_transfer(zn_list, domain): if vulnerable_listF: - print "\nNot Vulnerable:\n" + print("\nNot Vulnerable:\n") for ns in vulnerable_listF: - print colored(ns, 'green') + print(colored(ns, 'green')) if vulnerable_listT: info('Vulnerable To Zone Transfers') - print "\nVulnerable:\n" + print("\nVulnerable:\n") for ns in vulnerable_listT: - print colored(ns,'red'), colored("\t" + "TCP/53", 'red') + print(colored(ns,'red'), colored("\t" + "TCP/53", 'red')) z = dns.zone.from_xfr(dns.query.xfr(vulnerable_listT[0], domain)) - names = z.nodes.keys() + names = list(z.nodes.keys()) names.sort() - print "\nRaw Zone Dump\n" + print("\nRaw Zone Dump\n") for n in names: data1 = "{}.{}" .format(n,domain) try: @@ -227,7 +227,7 @@ def action_zone_transfer(zn_list, domain): else: info('An Unhandled Exception Has Occured, Please Check The Log For Details\n' + INFO_LOG_FILE, exc_info=True) - print z[n].to_text(n) + print(z[n].to_text(n)) info('Completed Attempting Zone Transfers') clean_dump = sorted(set(dump_list)) diff --git a/Bluto/modules/get_file.py b/Bluto/modules/get_file.py index 9d6aa4c..1fdd23f 100644 --- a/Bluto/modules/get_file.py +++ b/Bluto/modules/get_file.py @@ -5,7 +5,7 @@ import sys import random from termcolor import colored -from bluto_logging import info, INFO_LOG_FILE +from .bluto_logging import info, INFO_LOG_FILE def get_user_agents(useragent_f): info('Gathering UserAgents') diff --git a/Bluto/modules/output.py b/Bluto/modules/output.py index 14668fb..be5d3f8 100644 --- a/Bluto/modules/output.py +++ b/Bluto/modules/output.py @@ -8,8 +8,8 @@ import webbrowser import shutil import os -from search import action_pwned -from bluto_logging import info, INFO_LOG_FILE, LOG_DIR +from .search import action_pwned +from .bluto_logging import info, INFO_LOG_FILE, LOG_DIR def action_output_vuln_zone(google_results, bing_results, linkedin_results, time_spent_email, time_spent_total, clean_dump, sub_intrest, domain, report_location, company, data_mine): @@ -63,33 +63,33 @@ def action_output_vuln_zone(google_results, bing_results, linkedin_results, time pwned_results = action_pwned(f_emails) c_accounts = len(pwned_results) - print '\n\nEmail Addresses:\n' + print('\n\nEmail Addresses:\n') write_html(email_evidence_results, linkedin_evidence_results, pwned_results, report_location, company, data_mine) if f_emails: for email in f_emails: - print str(email).replace("u'","").replace("'","").replace('[','').replace(']','') + print(str(email).replace("u'","").replace("'","").replace('[','').replace(']','')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nCompromised Accounts:\n' + print('\nCompromised Accounts:\n') if pwned_results: sorted_pwned = sorted(pwned_results) for account in sorted_pwned: - print 'Account: \t{}'.format(account[0]) - print 'Domain: \t{}'.format(account[1]) - print 'Date: \t{}\n'.format(account[3]) + print('Account: \t{}'.format(account[0])) + print('Domain: \t{}'.format(account[1])) + print('Date: \t{}\n'.format(account[3])) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nLinkedIn Results:\n' + print('\nLinkedIn Results:\n') sorted_person = sorted(person_seen) if sorted_person: for person in sorted_person: - print person + print(person) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') if data_mine is not None: user_names = data_mine[0] @@ -99,20 +99,20 @@ def action_output_vuln_zone(google_results, bing_results, linkedin_results, time username_count = len(user_names) software_count = len(software_list) - print '\nData Found In Document MetaData' - print '\nPotential Usernames:\n' + print('\nData Found In Document MetaData') + print('\nPotential Usernames:\n') if user_names: for user in user_names: - print '\t' + colored(user, 'red') + print('\t' + colored(user, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nSoftware And Versions Found:\n' + print('\nSoftware And Versions Found:\n') if software_list: for software in software_list: - print '\t' + colored(software, 'red') + print('\t' + colored(software, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') else: user_names = [] software_list = [] @@ -122,27 +122,27 @@ def action_output_vuln_zone(google_results, bing_results, linkedin_results, time target_dict = dict((x.split(' ') for x in clean_dump)) clean_target = collections.OrderedDict(sorted(target_dict.items())) - print "\nProcessed Dump\n" + print("\nProcessed Dump\n") bruted_count = len(clean_target) for item in clean_target: if item in sub_intrest: - print colored(item, 'red'), colored("\t" + clean_target[item], 'red') + print(colored(item, 'red'), colored("\t" + clean_target[item], 'red')) else: - print item, "\t" + target_dict[item] + print(item, "\t" + target_dict[item]) time_spent_email_f = str(datetime.timedelta(seconds=(time_spent_email))).split('.')[0] time_spent_total_f = str(datetime.timedelta(seconds=(time_spent_total))).split('.')[0] - print '\nHosts Identified: {}' .format(str(bruted_count)) - print 'Potential Emails Found: {}' .format(str(email_count)) - print 'Potential Staff Members Found: {}' .format(str(staff_count)) - print 'Compromised Accounts: {}' .format(str(c_accounts)) - print 'Potential Usernames Found: {}'.format(username_count) - print 'Potential Software Found: {}'.format(software_count) - print 'Documents Downloaded: {}'.format(download_count) - print "Email Enumeration:", time_spent_email_f - print "Total Time:", time_spent_total_f + print('\nHosts Identified: {}' .format(str(bruted_count))) + print('Potential Emails Found: {}' .format(str(email_count))) + print('Potential Staff Members Found: {}' .format(str(staff_count))) + print('Compromised Accounts: {}' .format(str(c_accounts))) + print('Potential Usernames Found: {}'.format(username_count)) + print('Potential Software Found: {}'.format(software_count)) + print('Documents Downloaded: {}'.format(download_count)) + print("Email Enumeration:", time_spent_email_f) + print("Total Time:", time_spent_total_f) info('Hosts Identified: {}' .format(str(bruted_count))) info("Total Time:" .format(str(time_spent_total_f))) @@ -160,24 +160,24 @@ def action_output_vuln_zone(google_results, bing_results, linkedin_results, time docs = os.path.expanduser('~/Bluto/doc/{}/'.format(domain_r[0])) answers = ['no','n','y','yes'] while True: - answer = raw_input("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:").lower() + answer = input("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:").lower() if answer in answers: if answer == 'y' or answer == 'yes': domain - print '\nThe documents are located here: {}'.format(docs) - print 'The logs are located here: {}.'.format(LOG_DIR) - print "\nAn evidence report has been written to {}\n".format(report_location) + print('\nThe documents are located here: {}'.format(docs)) + print('The logs are located here: {}.'.format(LOG_DIR)) + print("\nAn evidence report has been written to {}\n".format(report_location)) while True: - answer = raw_input("Would you like to open this report now? ").lower() + answer = input("Would you like to open this report now? ").lower() if answer in answers: if answer == 'y' or answer == 'yes': - print '\nOpening {}' .format(report_location) + print('\nOpening {}' .format(report_location)) webbrowser.open('file://' + str(report_location)) break else: break else: - print 'Your answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('Your answer needs to be either yes|y|no|n rather than, {}' .format(answer)) break else: shutil.rmtree(docs) @@ -185,7 +185,7 @@ def action_output_vuln_zone(google_results, bing_results, linkedin_results, time os.remove(report_location) break else: - print '\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer)) def action_output_vuln_zone_hunter(google_results, bing_results, linkedin_results, time_spent_email, time_spent_total, clean_dump, sub_intrest, domain, emailHunter_results, args, report_location, company, data_mine): @@ -244,32 +244,32 @@ def action_output_vuln_zone_hunter(google_results, bing_results, linkedin_result pwned_results = action_pwned(f_emails) c_accounts = len(pwned_results) - print '\n\nEmail Addresses:\n' + print('\n\nEmail Addresses:\n') write_html(email_evidence_results, linkedin_evidence_results, pwned_results, report_location, company, data_mine) if f_emails: for email in f_emails: - print str(email).replace("u'","").replace("'","").replace('[','').replace(']','') + print(str(email).replace("u'","").replace("'","").replace('[','').replace(']','')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nCompromised Accounts:\n' + print('\nCompromised Accounts:\n') if pwned_results: sorted_pwned = sorted(pwned_results) for account in sorted_pwned: - print 'Account: \t{}'.format(account[0]) - print 'Domain: \t{}'.format(account[1]) - print 'Date: \t{}\n'.format(account[3]) + print('Account: \t{}'.format(account[0])) + print('Domain: \t{}'.format(account[1])) + print('Date: \t{}\n'.format(account[3])) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nLinkedIn Results:\n' + print('\nLinkedIn Results:\n') sorted_person = sorted(person_seen) if sorted_person: for person in sorted_person: - print person + print(person) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') if data_mine is not None: user_names = data_mine[0] @@ -279,20 +279,20 @@ def action_output_vuln_zone_hunter(google_results, bing_results, linkedin_result username_count = len(user_names) software_count = len(software_list) - print '\nData Found In Document MetaData' - print '\nPotential Usernames:\n' + print('\nData Found In Document MetaData') + print('\nPotential Usernames:\n') if user_names: for user in user_names: - print '\t' + colored(user, 'red') + print('\t' + colored(user, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nSoftware And Versions Found:\n' + print('\nSoftware And Versions Found:\n') if software_list: for software in software_list: - print '\t' + colored(software, 'red') + print('\t' + colored(software, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') else: user_names = [] software_list = [] @@ -303,26 +303,26 @@ def action_output_vuln_zone_hunter(google_results, bing_results, linkedin_result target_dict = dict((x.split(' ') for x in clean_dump)) clean_target = collections.OrderedDict(sorted(target_dict.items())) - print "\nProcessed Dump\n" + print("\nProcessed Dump\n") bruted_count = len(clean_target) for item in clean_target: if item in sub_intrest: - print colored(item, 'red'), colored("\t" + clean_target[item], 'red') + print(colored(item, 'red'), colored("\t" + clean_target[item], 'red')) else: - print item, "\t" + target_dict[item] + print(item, "\t" + target_dict[item]) time_spent_email_f = str(datetime.timedelta(seconds=(time_spent_email))).split('.')[0] time_spent_total_f = str(datetime.timedelta(seconds=(time_spent_total))).split('.')[0] - print '\nHosts Identified: {}' .format(str(bruted_count)) - print 'Potential Emails Found: {}' .format(str(email_count)) - print 'Potential Staff Members Found: {}' .format(str(staff_count)) - print 'Compromised Accounts: {}' .format(str(c_accounts)) - print 'Potential Usernames Found: {}'.format(username_count) - print 'Potential Software Found: {}'.format(software_count) - print 'Documents Downloaded: {}'.format(download_count) - print "Email Enumeration:", time_spent_email_f - print "Total Time:", time_spent_total_f + print('\nHosts Identified: {}' .format(str(bruted_count))) + print('Potential Emails Found: {}' .format(str(email_count))) + print('Potential Staff Members Found: {}' .format(str(staff_count))) + print('Compromised Accounts: {}' .format(str(c_accounts))) + print('Potential Usernames Found: {}'.format(username_count)) + print('Potential Software Found: {}'.format(software_count)) + print('Documents Downloaded: {}'.format(download_count)) + print("Email Enumeration:", time_spent_email_f) + print("Total Time:", time_spent_total_f) info('Hosts Identified: {}' .format(str(bruted_count))) info("Total Time:" .format(str(time_spent_total_f))) @@ -340,24 +340,24 @@ def action_output_vuln_zone_hunter(google_results, bing_results, linkedin_result docs = os.path.expanduser('~/Bluto/doc/{}/'.format(domain_r[0])) answers = ['no','n','y','yes'] while True: - answer = raw_input("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:").lower() + answer = input("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:").lower() if answer in answers: if answer == 'y' or answer == 'yes': domain - print '\nThe documents are located here: {}'.format(docs) - print 'The logs are located here: {}.'.format(LOG_DIR) - print "\nAn evidence report has been written to {}\n".format(report_location) + print('\nThe documents are located here: {}'.format(docs)) + print('The logs are located here: {}.'.format(LOG_DIR)) + print("\nAn evidence report has been written to {}\n".format(report_location)) while True: - answer = raw_input("Would you like to open this report now? ").lower() + answer = input("Would you like to open this report now? ").lower() if answer in answers: if answer == 'y' or answer == 'yes': - print '\nOpening {}' .format(report_location) + print('\nOpening {}' .format(report_location)) webbrowser.open('file://' + str(report_location)) break else: break else: - print 'Your answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('Your answer needs to be either yes|y|no|n rather than, {}' .format(answer)) break else: shutil.rmtree(docs) @@ -365,7 +365,7 @@ def action_output_vuln_zone_hunter(google_results, bing_results, linkedin_result os.remove(report_location) break else: - print '\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer)) def action_output_wild_false(brute_results_dict, sub_intrest, google_results, bing_true_results, linkedin_results, check_count, domain, time_spent_email, time_spent_brute, time_spent_total, report_location, company, data_mine): @@ -419,34 +419,34 @@ def action_output_wild_false(brute_results_dict, sub_intrest, google_results, bi pwned_results = action_pwned(f_emails) c_accounts = len(pwned_results) - print '\n\nEmail Addresses:\n' + print('\n\nEmail Addresses:\n') write_html(email_evidence_results, linkedin_evidence_results, pwned_results, report_location, company, data_mine) if f_emails: for email in f_emails: - print str(email).replace("u'","").replace("'","").replace('[','').replace(']','') + print(str(email).replace("u'","").replace("'","").replace('[','').replace(']','')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nCompromised Accounts:\n' + print('\nCompromised Accounts:\n') if pwned_results: sorted_pwned = sorted(pwned_results) for account in sorted_pwned: - print 'Account: \t{}'.format(account[0]) - print 'Domain: \t{}'.format(account[1]) - print 'Date: \t{}\n'.format(account[3]) + print('Account: \t{}'.format(account[0])) + print('Domain: \t{}'.format(account[1])) + print('Date: \t{}\n'.format(account[3])) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nLinkedIn Results:\n' + print('\nLinkedIn Results:\n') sorted_person = sorted(person_seen) if sorted_person: for person in sorted_person: - print person + print(person) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') if data_mine is not None: user_names = data_mine[0] @@ -456,20 +456,20 @@ def action_output_wild_false(brute_results_dict, sub_intrest, google_results, bi username_count = len(user_names) software_count = len(software_list) - print '\nData Found In Document MetaData' - print '\nPotential Usernames:\n' + print('\nData Found In Document MetaData') + print('\nPotential Usernames:\n') if user_names: for user in user_names: - print '\t' + colored(user, 'red') + print('\t' + colored(user, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nSoftware And Versions Found:\n' + print('\nSoftware And Versions Found:\n') if software_list: for software in software_list: - print '\t' + colored(software, 'red') + print('\t' + colored(software, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') else: user_names = [] software_list = [] @@ -479,28 +479,28 @@ def action_output_wild_false(brute_results_dict, sub_intrest, google_results, bi sorted_dict = collections.OrderedDict(sorted(brute_results_dict.items())) bruted_count = len(sorted_dict) - print "\nBluto Results: \n" + print("\nBluto Results: \n") for item in sorted_dict: if item in sub_intrest: - print colored(item + "\t", 'red'), colored(sorted_dict[item], 'red') + print(colored(item + "\t", 'red'), colored(sorted_dict[item], 'red')) else: - print item + "\t",sorted_dict[item] + print(item + "\t",sorted_dict[item]) time_spent_email_f = str(datetime.timedelta(seconds=(time_spent_email))).split('.')[0] time_spent_brute_f = str(datetime.timedelta(seconds=(time_spent_brute))).split('.')[0] time_spent_total_f = str(datetime.timedelta(seconds=(time_spent_total))).split('.')[0] - print '\nHosts Identified: {}' .format(str(bruted_count)) - print 'Potential Emails Found: {}' .format(str(email_count)) - print 'Potential Staff Members Found: {}' .format(str(staff_count)) - print 'Compromised Accounts: {}' .format(str(c_accounts)) - print 'Potential Usernames Found: {}'.format(username_count) - print 'Potential Software Found: {}'.format(software_count) - print 'Documents Downloaded: {}'.format(download_count) - print "Email Enumeration:", time_spent_email_f - print "Requests executed:", str(check_count) + " in ", time_spent_brute_f - print "Total Time:", time_spent_total_f + print('\nHosts Identified: {}' .format(str(bruted_count))) + print('Potential Emails Found: {}' .format(str(email_count))) + print('Potential Staff Members Found: {}' .format(str(staff_count))) + print('Compromised Accounts: {}' .format(str(c_accounts))) + print('Potential Usernames Found: {}'.format(username_count)) + print('Potential Software Found: {}'.format(software_count)) + print('Documents Downloaded: {}'.format(download_count)) + print("Email Enumeration:", time_spent_email_f) + print("Requests executed:", str(check_count) + " in ", time_spent_brute_f) + print("Total Time:", time_spent_total_f) info('Hosts Identified: {}' .format(str(bruted_count))) info("Email Enumeration: {}" .format(str(time_spent_email_f))) @@ -518,24 +518,24 @@ def action_output_wild_false(brute_results_dict, sub_intrest, google_results, bi docs = os.path.expanduser('~/Bluto/doc/{}/'.format(domain_r[0])) answers = ['no','n','y','yes'] while True: - answer = raw_input("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:").lower() + answer = input("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:").lower() if answer in answers: if answer == 'y' or answer == 'yes': domain - print '\nThe documents are located here: {}'.format(docs) - print 'The logs are located here: {}.'.format(LOG_DIR) - print "\nAn evidence report has been written to {}\n".format(report_location) + print('\nThe documents are located here: {}'.format(docs)) + print('The logs are located here: {}.'.format(LOG_DIR)) + print("\nAn evidence report has been written to {}\n".format(report_location)) while True: - answer = raw_input("Would you like to open this report now? ").lower() + answer = input("Would you like to open this report now? ").lower() if answer in answers: if answer == 'y' or answer == 'yes': - print '\nOpening {}' .format(report_location) + print('\nOpening {}' .format(report_location)) webbrowser.open('file://' + str(report_location)) break else: break else: - print 'Your answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('Your answer needs to be either yes|y|no|n rather than, {}' .format(answer)) break else: shutil.rmtree(docs) @@ -543,7 +543,7 @@ def action_output_wild_false(brute_results_dict, sub_intrest, google_results, bi os.remove(report_location) break else: - print '\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer)) def action_output_wild_false_hunter(brute_results_dict, sub_intrest, google_results, bing_true_results, linkedin_results, check_count, domain, time_spent_email, time_spent_brute, time_spent_total, emailHunter_results, args, report_location, company, data_mine): @@ -602,34 +602,34 @@ def action_output_wild_false_hunter(brute_results_dict, sub_intrest, google_resu pwned_results = action_pwned(f_emails) c_accounts = len(pwned_results) - print '\n\nEmail Addresses:\n' + print('\n\nEmail Addresses:\n') write_html(email_evidence_results, linkedin_evidence_results, pwned_results, report_location, company, data_mine) if f_emails: for email in f_emails: - print '\t' + str(email).replace("u'","").replace("'","").replace('[','').replace(']','') + print('\t' + str(email).replace("u'","").replace("'","").replace('[','').replace(']','')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nCompromised Accounts:\n' + print('\nCompromised Accounts:\n') if pwned_results: sorted_pwned = sorted(pwned_results) for account in sorted_pwned: - print 'Account: \t{}'.format(account[0]) - print ' Domain: \t{}'.format(account[1]) - print ' Date: \t{}\n'.format(account[3]) + print('Account: \t{}'.format(account[0])) + print(' Domain: \t{}'.format(account[1])) + print(' Date: \t{}\n'.format(account[3])) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nLinkedIn Results:\n' + print('\nLinkedIn Results:\n') sorted_person = sorted(person_seen) if sorted_person: for person in sorted_person: - print person + print(person) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') if data_mine is not None: user_names = data_mine[0] @@ -639,20 +639,20 @@ def action_output_wild_false_hunter(brute_results_dict, sub_intrest, google_resu username_count = len(user_names) software_count = len(software_list) - print '\nData Found In Document MetaData' - print '\nPotential Usernames:\n' + print('\nData Found In Document MetaData') + print('\nPotential Usernames:\n') if user_names: for user in user_names: - print '\t' + colored(user, 'red') + print('\t' + colored(user, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') - print '\nSoftware And Versions Found:\n' + print('\nSoftware And Versions Found:\n') if software_list: for software in software_list: - print '\t' + colored(software, 'red') + print('\t' + colored(software, 'red')) else: - print '\tNo Data To Be Found' + print('\tNo Data To Be Found') else: user_names = [] software_list = [] @@ -662,29 +662,29 @@ def action_output_wild_false_hunter(brute_results_dict, sub_intrest, google_resu sorted_dict = collections.OrderedDict(sorted(brute_results_dict.items())) bruted_count = len(sorted_dict) - print "\nBluto Results: \n" + print("\nBluto Results: \n") for item in sorted_dict: if item is not '*.' + domain: if item is not '@.' + domain: if item in sub_intrest: - print colored(item + "\t", 'red'), colored(sorted_dict[item], 'red') + print(colored(item + "\t", 'red'), colored(sorted_dict[item], 'red')) else: - print item + "\t",sorted_dict[item] + print(item + "\t",sorted_dict[item]) time_spent_email_f = str(datetime.timedelta(seconds=(time_spent_email))).split('.')[0] time_spent_brute_f = str(datetime.timedelta(seconds=(time_spent_brute))).split('.')[0] time_spent_total_f = str(datetime.timedelta(seconds=(time_spent_total))).split('.')[0] - print '\nHosts Identified: {}' .format(str(bruted_count)) - print 'Potential Emails Found: {}' .format(str(email_count)) - print 'Potential Staff Members Found: {}' .format(str(staff_count)) - print 'Compromised Accounts: {}' .format(str(c_accounts)) - print 'Potential Usernames Found: {}'.format(username_count) - print 'Potential Software Found: {}'.format(software_count) - print 'Documents Downloaded: {}'.format(download_count) - print "Email Enumeration:", time_spent_email_f - print "Requests executed:", str(check_count) + " in ", time_spent_brute_f - print "Total Time:", time_spent_total_f + print('\nHosts Identified: {}' .format(str(bruted_count))) + print('Potential Emails Found: {}' .format(str(email_count))) + print('Potential Staff Members Found: {}' .format(str(staff_count))) + print('Compromised Accounts: {}' .format(str(c_accounts))) + print('Potential Usernames Found: {}'.format(username_count)) + print('Potential Software Found: {}'.format(software_count)) + print('Documents Downloaded: {}'.format(download_count)) + print("Email Enumeration:", time_spent_email_f) + print("Requests executed:", str(check_count) + " in ", time_spent_brute_f) + print("Total Time:", time_spent_total_f) info('Hosts Identified: {}' .format(str(bruted_count))) info("Email Enumeration: {}" .format(str(time_spent_email_f))) @@ -700,25 +700,25 @@ def action_output_wild_false_hunter(brute_results_dict, sub_intrest, google_resu docs = os.path.expanduser('~/Bluto/doc/{}/'.format(domain_r[0])) answers = ['no','n','y','yes'] while True: - print colored("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:", "red") - answer = raw_input("").lower() + print(colored("\nWould you like to keep all local data?\n(Local Logs, Downloded Documents, HTML Evidence Report)\n\nYes|No:", "red")) + answer = input("").lower() if answer in answers: if answer == 'y' or answer == 'yes': domain - print '\nThe documents are located here: {}'.format(docs) - print 'The logs are located here: {}.'.format(LOG_DIR) - print "\nAn evidence report has been written to {}\n".format(report_location) + print('\nThe documents are located here: {}'.format(docs)) + print('The logs are located here: {}.'.format(LOG_DIR)) + print("\nAn evidence report has been written to {}\n".format(report_location)) while True: - answer = raw_input("Would you like to open this report now? ").lower() + answer = input("Would you like to open this report now? ").lower() if answer in answers: if answer == 'y' or answer == 'yes': - print '\nOpening {}' .format(report_location) + print('\nOpening {}' .format(report_location)) webbrowser.open('file://' + str(report_location)) break else: break else: - print 'Your answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('Your answer needs to be either yes|y|no|n rather than, {}' .format(answer)) break else: shutil.rmtree(docs) @@ -726,7 +726,7 @@ def action_output_wild_false_hunter(brute_results_dict, sub_intrest, google_resu os.remove(report_location) break else: - print '\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer) + print('\tYour answer needs to be either yes|y|no|n rather than, {}' .format(answer)) def write_html(email_evidence_results, linkedin_evidence_results, pwned_results, report_location, company, data_mine): @@ -959,7 +959,7 @@ def write_html(email_evidence_results, linkedin_evidence_results, pwned_results, myFile.write('') myFile.close() info('Completed HTML Report') - except IOError,e: + except IOError as e: info('IOError', exc_info=True) except Exception: info('An Unhandled Exception Occured', exc_info=True) diff --git a/Bluto/modules/search.py b/Bluto/modules/search.py index c3cb949..e111b8b 100644 --- a/Bluto/modules/search.py +++ b/Bluto/modules/search.py @@ -9,11 +9,11 @@ import requests import random import time -import urllib2 +import urllib.request, urllib.error, urllib.parse import json from termcolor import colored from bs4 import BeautifulSoup -from bluto_logging import info, INFO_LOG_FILE +from .bluto_logging import info, INFO_LOG_FILE requests.packages.urllib3.disable_warnings() @@ -63,7 +63,7 @@ def action_google(domain, userCountry, userServer, q, user_agents, prox): url = div.find('cite').text email = str(match).replace("u'",'').replace('[','').replace(']','').replace("'",'') entries_tuples.append((email.lower(),str(url).replace("u'",'').replace("'",""))) - except Exception, e: + except Exception as e: pass time.sleep(3) for urls in entries_tuples: @@ -154,21 +154,21 @@ def action_emailHunter(domain, api, user_agents, q, prox): elif response.status_code == 401: json_data = response.json() if json_data['message'] =='Too many calls for this period.': - print colored("\tError:\tIt seems the Hunter API key being used has reached\n\t\tit's limit for this month.", 'red') - print colored('\tAPI Key: {}\n'.format(api),'red') + print(colored("\tError:\tIt seems the Hunter API key being used has reached\n\t\tit's limit for this month.", 'red')) + print(colored('\tAPI Key: {}\n'.format(api),'red')) q.put(None) return None if json_data['message'] == 'Invalid or missing api key.': - print colored("\tError:\tIt seems the Hunter API key being used is no longer valid,\nit was probably deleted.", 'red') - print colored('\tAPI Key: {}\n'.format(api),'red') - print colored('\tWhy don\'t you grab yourself a new one (they are free)','green') - print colored('\thttps://hunter.io/api_keys','green') + print(colored("\tError:\tIt seems the Hunter API key being used is no longer valid,\nit was probably deleted.", 'red')) + print(colored('\tAPI Key: {}\n'.format(api),'red')) + print(colored('\tWhy don\'t you grab yourself a new one (they are free)','green')) + print(colored('\thttps://hunter.io/api_keys','green')) q.put(None) return None else: raise ValueError('No Response From Hunter') - except UnboundLocalError,e: - print e + except UnboundLocalError as e: + print(e) except KeyError: pass except ValueError: @@ -245,7 +245,7 @@ def doc_exalead(domain, user_agents, prox, q): break for div in soup.findAll('li', {'class': 'media'}): document = div.find('a', href=True)['href'] - document = urllib2.unquote(document) + document = urllib.parse.unquote(document) document_list.append(document) except Exception: @@ -287,7 +287,7 @@ def doc_bing(domain, user_agents, prox, q): for div in divs: h2 = div.find('h2') document = h2.find('a', href=True)['href'] - document = urllib2.unquote(document) + document = urllib.parse.unquote(document) document_list.append(document) except requests.models.ChunkedEncodingError: continue @@ -351,7 +351,7 @@ def action_linkedin(domain, userCountry, q, company, user_agents, prox): def action_netcraft(domain, myResolver): info('NetCraft Search Started') netcraft_list = [] - print "\nPassive Gatherings From NetCraft\n" + print("\nPassive Gatherings From NetCraft\n") try: link = "http://searchdns.netcraft.com/?restriction=site+contains&host=*.{}&lookup=wait..&position=limited" .format (domain) response = requests.get(link) @@ -369,7 +369,7 @@ def action_netcraft(domain, myResolver): netcheck = myResolver.query(item + '.' + domain) for data in netcheck: netcraft_list.append(item + '.' + domain + ' ' + str(data)) - print colored(item + '.' + domain, 'red') + print(colored(item + '.' + domain, 'red')) except dns.exception.Timeout: pass except dns.resolver.NXDOMAIN: @@ -377,7 +377,7 @@ def action_netcraft(domain, myResolver): except Exception: info('An Unhandled Exception Has Occured, Please Check The Log For Details\n' + INFO_LOG_FILE, exc_info=True) else: - print '\tNo Results Found' + print('\tNo Results Found') info('NetCraft Completed') return netcraft_list