-
-
Notifications
You must be signed in to change notification settings - Fork 803
Usage
By using --help
/-h
switch you can get the help menu (python nettacker.py --help
). As you are seeing the help menu and other messages are also available in multi-languages in OWASP Nettacker. We are supporting 20 languages at the time(el
, fr
, en
, nl
, ps
, tr
, de
, ko
, it
, ja
, fa
, hy
, ar
, zh-cn
, vi
, ru
, hi
, ur
, id
, es
).
- Note: Help menu is not updated in this section!
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
usage: Nettacker [-L LANGUAGE] [-v VERBOSE_LEVEL] [-V] [-c] [-o LOG_IN_FILE]
[--graph GRAPH_FLAG] [-h] [-W] [--profile PROFILE]
[-i TARGETS] [-l TARGETS_LIST] [-m SCAN_METHOD]
[-x EXCLUDE_METHOD] [-u USERS] [-U USERS_LIST] [-p PASSWDS]
[-P PASSWDS_LIST] [-g PORTS] [-T TIMEOUT_SEC] [-w TIME_SLEEP]
[-r] [-s] [-t THREAD_NUMBER] [-M THREAD_NUMBER_HOST]
[-R SOCKS_PROXY] [--retries RETRIES] [--ping-before-scan]
[--method-args METHODS_ARGS] [--method-args-list]
[--start-api] [--api-host API_HOST] [--api-port API_PORT]
[--api-debug-mode] [--api-access-key API_ACCESS_KEY]
[--api-client-white-list]
[--api-client-white-list-ips API_CLIENT_WHITE_LIST_IPS]
[--api-access-log]
[--api-access-log-filename API_ACCESS_LOG_FILENAME]
Engine:
Engine input options
-L LANGUAGE, --language LANGUAGE
select a language ['el', 'fr', 'en', 'nl', 'ps', 'tr',
'de', 'ko', 'it', 'ja', 'fa', 'hy', 'ar', 'zh-cn',
'vi', 'ru', 'hi', 'ur', 'id', 'es']
-v VERBOSE_LEVEL, --verbose VERBOSE_LEVEL
verbose mode level (0-5) (default 0)
-V, --version show software version
-c, --update check for update
-o LOG_IN_FILE, --output LOG_IN_FILE
save all logs in file (results.txt, results.html,
results.json)
--graph GRAPH_FLAG build a graph of all activities and information, you
must use HTML output. available graphs:
['d3_tree_v1_graph', 'd3_tree_v2_graph',
'jit_circle_v1_graph']
-h, --help Show Nettacker Help Menu
-W, --wizard start wizard mode
--profile PROFILE select profile ['info', 'scan', 'vulnerability',
'brute', 'vuln', 'information_gathering', 'all']
Target:
Target input options
-i TARGETS, --targets TARGETS
target(s) list, separate with ","
-l TARGETS_LIST, --targets-list TARGETS_LIST
read target(s) from file
Method:
Scan method options
-m SCAN_METHOD, --method SCAN_METHOD
choose scan method ['ftp_brute',
'http_basic_auth_brute', 'http_form_brute',
'http_ntlm_brute', 'smtp_brute', 'ssh_brute',
'telnet_brute', 'wp_xmlrpc_brute', 'admin_scan',
'cms_detection_scan', 'dir_scan', 'icmp_scan',
'joomla_template_scan', 'joomla_version_scan',
'pma_scan', 'port_scan', 'sender_policy_scan',
'subdomain_scan', 'viewdns_reverse_ip_lookup_scan',
'wappalyzer_scan', 'wordpress_version_scan',
'wp_plugin_scan', 'wp_theme_scan',
'wp_timthumbs_scan', 'wp_user_enum_scan',
'apache_struts_vuln', 'Bftpd_double_free_vuln',
'Bftpd_memory_leak_vuln',
'Bftpd_parsecmd_overflow_vuln',
'Bftpd_remote_dos_vuln', 'CCS_injection_vuln',
'clickjacking_vuln', 'content_security_policy_vuln',
'content_type_options_vuln', 'heartbleed_vuln',
'http_cors_vuln', 'options_method_enabled_vuln',
'ProFTPd_bypass_sqli_protection_vuln',
'ProFTPd_cpu_consumption_vuln',
'ProFTPd_directory_traversal_vuln',
'ProFTPd_exec_arbitary_vuln',
'ProFTPd_heap_overflow_vuln',
'ProFTPd_integer_overflow_vuln',
'ProFTPd_memory_leak_vuln',
'ProFTPd_restriction_bypass_vuln',
'self_signed_certificate_vuln', 'server_version_vuln',
'ssl_certificate_expired_vuln',
'weak_signature_algorithm_vuln',
'wordpress_dos_cve_2018_6389_vuln',
'wp_xmlrpc_bruteforce_vuln',
'wp_xmlrpc_pingback_vuln', 'XSS_protection_vuln',
'x_powered_by_vuln', 'all']
-x EXCLUDE_METHOD, --exclude EXCLUDE_METHOD
choose scan method to exclude ['ftp_brute',
'http_basic_auth_brute', 'http_form_brute',
'http_ntlm_brute', 'smtp_brute', 'ssh_brute',
'telnet_brute', 'wp_xmlrpc_brute', 'admin_scan',
'cms_detection_scan', 'dir_scan', 'icmp_scan',
'joomla_template_scan', 'joomla_version_scan',
'pma_scan', 'port_scan', 'sender_policy_scan',
'subdomain_scan', 'viewdns_reverse_ip_lookup_scan',
'wappalyzer_scan', 'wordpress_version_scan',
'wp_plugin_scan', 'wp_theme_scan',
'wp_timthumbs_scan', 'wp_user_enum_scan',
'apache_struts_vuln', 'Bftpd_double_free_vuln',
'Bftpd_memory_leak_vuln',
'Bftpd_parsecmd_overflow_vuln',
'Bftpd_remote_dos_vuln', 'CCS_injection_vuln',
'clickjacking_vuln', 'content_security_policy_vuln',
'content_type_options_vuln', 'heartbleed_vuln',
'http_cors_vuln', 'options_method_enabled_vuln',
'ProFTPd_bypass_sqli_protection_vuln',
'ProFTPd_cpu_consumption_vuln',
'ProFTPd_directory_traversal_vuln',
'ProFTPd_exec_arbitary_vuln',
'ProFTPd_heap_overflow_vuln',
'ProFTPd_integer_overflow_vuln',
'ProFTPd_memory_leak_vuln',
'ProFTPd_restriction_bypass_vuln',
'self_signed_certificate_vuln', 'server_version_vuln',
'ssl_certificate_expired_vuln',
'weak_signature_algorithm_vuln',
'wordpress_dos_cve_2018_6389_vuln',
'wp_xmlrpc_bruteforce_vuln',
'wp_xmlrpc_pingback_vuln', 'XSS_protection_vuln',
'x_powered_by_vuln']
-u USERS, --usernames USERS
username(s) list, separate with ","
-U USERS_LIST, --users-list USERS_LIST
read username(s) from file
-p PASSWDS, --passwords PASSWDS
password(s) list, separate with ","
-P PASSWDS_LIST, --passwords-list PASSWDS_LIST
read password(s) from file
-g PORTS, --ports PORTS
port(s) list, separate with ","
-T TIMEOUT_SEC, --timeout TIMEOUT_SEC
read passwords(s) from file
-w TIME_SLEEP, --time-sleep TIME_SLEEP
time to sleep between each request
-r, --range scan all IPs in the range
-s, --sub-domains find and scan subdomains
-t THREAD_NUMBER, --thread-connection THREAD_NUMBER
thread numbers for connections to a host
-M THREAD_NUMBER_HOST, --thread-hostscan THREAD_NUMBER_HOST
thread numbers for scan hosts
-R SOCKS_PROXY, --socks-proxy SOCKS_PROXY
outgoing connections proxy (socks). example socks5:
127.0.0.1:9050, socks://127.0.0.1:9050
socks5://127.0.0.1:9050 or socks4:
socks4://127.0.0.1:9050, authentication:
socks://username: password@127.0.0.1,
socks4://username:password@127.0.0.1,
socks5://username:password@127.0.0.1
--retries RETRIES Retries when the connection timeout (default 3)
--ping-before-scan ping before scan the host
--method-args METHODS_ARGS
enter methods inputs, example: ftp_brute_users=test,ad
min&ftp_brute_passwds=read_from_file:/tmp/pass.txt&ftp
_brute_port=21
--method-args-list list all methods args
API:
API options
--start-api start the API service
--api-host API_HOST API host address
--api-port API_PORT API port number
--api-debug-mode API debug mode
--api-access-key API_ACCESS_KEY
API access key
--api-client-white-list
just allow white list hosts to connect to the API
--api-client-white-list-ips API_CLIENT_WHITE_LIST_IPS
define white list hosts, separate with , (examples:
127.0.0.1, 192.168.0.1/24, 10.0.0.1-10.0.0.255)
--api-access-log generate API access log
--api-access-log-filename API_ACCESS_LOG_FILENAME
API access log filename
Please read license and agreements https://github.com/viraintel/OWASP-Nettacker
- Your terminal/cmd must support Unicode to use other languages. Google "How to use Farsi on cmd/terminal"
- You can fix Persian (Farsi) and other Unicode languages RTL and Chars with bicon in terminal/windows bash.
$ python nettacker.py --help -L fa
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
usage: Nettacker [-L LANGUAGE] [-v VERBOSE_LEVEL] [-V] [-c] [-o LOG_IN_FILE]
[--graph GRAPH_FLAG] [-h] [-W] [--profile PROFILE]
[-i TARGETS] [-l TARGETS_LIST] [-m SCAN_METHOD]
[-x EXCLUDE_METHOD] [-u USERS] [-U USERS_LIST] [-p PASSWDS]
[-P PASSWDS_LIST] [-g PORTS] [-T TIMEOUT_SEC] [-w TIME_SLEEP]
[-r] [-s] [-t THREAD_NUMBER] [-M THREAD_NUMBER_HOST]
[-R SOCKS_PROXY] [--retries RETRIES] [--ping-before-scan]
[--method-args METHODS_ARGS] [--method-args-list]
انجین:
گزینه های ورودی انجین
-L LANGUAGE, --language LANGUAGE
لطفا یک زبان انتخاب کنید ['el', 'fr', 'en', 'nl',
'ps', 'tr', 'de', 'ko', 'it', 'ja', 'fa', 'hy', 'ar',
'zh-cn', 'vi', 'ru', 'hi', 'ur', 'id', 'es']
-v VERBOSE_LEVEL, --verbose VERBOSE_LEVEL
سطح حالت پرگویی (0-5) (پیشفرض 0)
-V, --version نمایش ورژن نرم افزار
-c, --update چک کردن جهت آپدیت
-o LOG_IN_FILE, --output LOG_IN_FILE
ذخیره کردن کل لاگ ها در فایل (result.txt، result.html،
results.json)
--graph GRAPH_FLAG ساخت گراف از همه فعالیت ها و اطلاعات، شما باید از
خروجی HTML استفاده کنید. گراف های در دسترس:
['d3_tree_v1_graph', 'd3_tree_v2_graph',
'jit_circle_v1_graph']
-h, --help نشان دادن منوی راهنمای Nettacker
-W, --wizard شروع به حالت ویزارد مود
--profile PROFILE انتخاب پروفایل ['vulnerabilities',
'information_gathering', 'all']
هدف:
گزینه های ورودی هدف
-i TARGETS, --targets TARGETS
لیست هدف (ها)، با "," جدا کنید
-l TARGETS_LIST, --targets-list TARGETS_LIST
خواندن هدف (ها) از فایل
Method:
گزینه های متود های اسکن
-m SCAN_METHOD, --method SCAN_METHOD
متود اسکن را انتخاب کنید ['ftp_brute', 'smtp_brute',
'ssh_brute', 'dir_scan', 'subdomain_scan',
'tcp_connect_port_scan',
'viewdns_reverse_ip_lookup_scan', 'heartbleed_vuln',
'all']
-x EXCLUDE_METHOD, --exclude EXCLUDE_METHOD
انتخاب متود اسکن استثنا ['ftp_brute', 'smtp_brute',
'ssh_brute', 'dir_scan', 'subdomain_scan',
'tcp_connect_port_scan',
'viewdns_reverse_ip_lookup_scan', 'heartbleed_vuln']
-u USERS, --usernames USERS
لیست نام کاربری (ها)، با "," جدا شود
-U USERS_LIST, --users-list USERS_LIST
خواندن نام کاربری (ها) از لیست
-p PASSWDS, --passwords PASSWDS
لیست کلمه عبور (ها)، با "," جدا شود
-P PASSWDS_LIST, --passwords-list PASSWDS_LIST
خواندن کلمه عبور (ها) از فایل
-g PORTS, --ports PORTS
لیست درگاه (ها)، با "," جدا شود
-T TIMEOUT_SEC, --timeout TIMEOUT_SEC
خواندن کلمه عبور (ها) از فایل
-w TIME_SLEEP, --time-sleep TIME_SLEEP
زمان مکث بین هر درخواست
-r, --range اسکن کل آی پی ها در رنج
-s, --sub-domains یافتن و اسکن کردن ساب دامین ها
-t THREAD_NUMBER, --thread-connection THREAD_NUMBER
تعداد ریسه ها برای ارتباطات با یک هاست
-M THREAD_NUMBER_HOST, --thread-hostscan THREAD_NUMBER_HOST
تعداد ریسه ها برای اسکن هاست ها
-R SOCKS_PROXY, --socks-proxy SOCKS_PROXY
پراکسی ارتباطات خروجی (socks) مثال: 127.0.0.1:9050،
socks://127.0.0.1:9050، socks5:127.0.0.1:9050 یا
socks4: socks4://127.0.0.1:9050, احراز هویت:
socks://username:password@127.0.0.1,
socks4://username:password@127.0.0.1,
socks5://username:password@127.0.0.1
--retries RETRIES سعی مجدد وقتی که ارتباط قطع شد (پیشفرض 3)
--ping-before-scan پینگ کردن هست قبل از اسکن
--method-args METHODS_ARGS
ورودی های متود ها را وارد کنید، مثال: "ftp_brute_users
=test,admin&ftp_brute_passwds=read_from_file:/tmp/pass
.txt&ftp_brute_port=21"
--method-args-list لیست کردن کل args مربوط به متود ها
لطفا مجوز و موافقت نامه را مطالعه فرمایید https://github.com/viraintel/OWASP-Nettacker
Target inputs Option ####################
- OWASP Nettacker support several Type of target which could be
IPv4
,IPv4_Range
,IPv4_CIDR
,DOMAIN
,HTTP
(which it may be useful for some of the modules)
192.168.1.1
192.168.1.1-192.168.255.255
192.168.1.1.1-192.255.255.255
192.168.1.1/24
owasp.org
http://owasp.org
https://owasp.org
- Targets could be read from a list by using
-l
or--target-list
command line. or also you can split them with,
if you don't want to use a text list.
python nettacker.py -i 192.168.1.1,192.168.1.2-192.168.1.10,127.0.0.1,owasp.org,192.168.2.1/24 -m port_scan -g 20-100 -t 10
python nettacker.py -l targets.txt -m all -x port_scan -g 20-100 -t 5 -u root -p 123456,654321,123123
- Here are more command line examples
python nettacker.py -i 192.168.1.1/24 -m port_scan -t 10 -M 35 -g 20-100 --graph d3_tree_v2_graph -o result.html
python nettacker.py -i 192.168.1.1/24 -m port_scan -t 10 -M 35 -g 20-100 -o file.html --graph jit_circle_v1_graph
python nettacker.py -i 192.168.1.1/24 -m all -t 10 -M 35 -g 20-100 -o result.json -u root,user -P passwords.txt
python nettacker.py -i 192.168.1.1/24 -m all -x ssh_brute -t 10 -M 35 -g 20-100 -o file.txt -U users.txt -P passwords.txt -T 3 -w 2
- OWASP Nettacker also can scan subdomains by using this command (
-s
)
python nettacker.py -i owasp.org -s -m port_scan -t 10 -M 35 -g 20-100 --graph d3_tree_v2_graph
- and if you use
-r
command, it will scan IP range automaticlly by getting the range from RIPE database online.
python nettacker.py -i owasp.org -s -r -m port_scan -t 10 -M 35 -g 20-100 --graph d3_tree_v2_graph
python nettacker.py -i nettackerwebsiteblabla.com,owasp.org,192.168.1.1 -s -r -m all -t 10 -M 35 -g 20-100 -o file.txt -u root,user -P passwords.txt
- Notice: if host scan was finished, and couldn't get any result nothing will be list in result output file unless you change verbosity mod to 1-5
python nettacker.py -i 192.168.1.1/24 -m all -t 10 -M 35 -g 20-100 -o file.txt -u root,user -P passwords.txt -v 1
- use
*
pattern for selecting modules
python nettacker.py -i 192.168.1.1/24 -m *_scan
python nettacker.py -i 192.168.1.1/24 -m *_scan,*_vuln
- use profiles for scanning
python nettacker.py -i 192.168.1.1/24 --profile information_gathering
python nettacker.py -i 192.168.1.1/24 --profile information_gathering,vulnerabilities
python nettacker.py -i 192.168.1.1/24 --profile all
- use
-W
,--wizard
to use the framework in an easy way! (Pressenter
to choose default answer`)
$ python nettacker.py -W
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
[+] please enter the targets | Default[None] > 127.0.0.1
[+] please enter the thread number | Default[100] >
[+] please enter the thread numbers for scan hosts | Default[30] >
[+] please enter the output filename | Default[results/results_2018_01_15_13_04_49_zctsvejskf.html] >
[+] please enter the scan methods | choices[ftp_brute, smtp_brute, ssh_brute, dir_scan, subdomain_scan, tcp_connect_port_scan, viewdns_reverse_ip_lookup_scan, heartbleed_vuln, all] | Default[None] > tcp_connect_port_scan
[+] please enter the scan methods to exclude | choices[ftp_brute, smtp_brute, ssh_brute, dir_scan, subdomain_scan, tcp_connect_port_scan, viewdns_reverse_ip_lookup_scan, heartbleed_vuln] | Default[None] >
[+] please enter the usernames | Default[None] >
[+] please enter the passwords | Default[None] >
[+] please enter the timeout seconds | Default[3.0] >
[+] please enter the port numbers | Default[None] >
[+] please enter the verbose level | Default[0] >
[+] please enter the socks proxy | Default[None] >
[+] please enter the retries number | Default[3] >
[+] please enter a graph | choices[d3_tree_v1_graph, d3_tree_v2_graph, jit_circle_v1_graph] | Default[d3_tree_v1_graph] >
[+] Nettacker engine started ...
...
- Use socks proxy for outgoing connections (default socks version is 5)
python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks://127.0.0.1:9050
python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks4://127.0.0.1:9050
python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks5://127.0.0.1:9050
python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks://username:password@127.0.0.1:9050
python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks4://username:password@127.0.0.1:9050
python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks5://username:password@127.0.0.1:9050
- separate inputs for every module by using
--method-args
, get the list with--method-args-list
python nettacker.py --method-args-list
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
[+] tcp_connect_port_scan --> tcp_connect_port_scan_ports
[+] viewdns_reverse_ip_lookup_scan -->
[+] dir_scan --> dir_scan_ports, dir_scan_random_agent, dir_scan_http_method, dir_scan_list
[+] ssh_brute --> ssh_brute_users, ssh_brute_passwds, ssh_brute_ports
[+] smtp_brute --> smtp_brute_ports, smtp_brute_split_user_set_pass, smtp_brute_users, smtp_brute_split_user_set_pass_prefix, smtp_brute_passwds
[+] subdomain_scan --> subdomain_scan_use_ptrarchive, subdomain_scan_use_comodo_crt, subdomain_scan_use_dnsdumpster, subdomain_scan_use_virustotal, subdomain_scan_use_netcraft, subdomain_scan_use_threatcrowd
[+] heartbleed_vuln --> heartbleed_vuln_ports
[+] ftp_brute --> ftp_brute_users, ftp_brute_passwds, ftp_brute_ports
- and then use them.
- Notice: don't use
-g
command in the command line if you want change ports.
python nettacker.py -i 127.0.0.1 -m tcp_connect_port_scan,dir_scan --method-args "dir_scan_ports=443"
python nettacker.py -i 127.0.0.1 -m tcp_connect_port_scan,dir_scan --method-args "dir_scan_list=read_from_file:/tmp/list.txt"
python nettacker.py -i 127.0.0.1 -m subdomain_scan,dir_scan --method-args "subdomain_scan_use_ptrarchive=False&subdomain_scan_use_netcraft=False&dir_scan_http_method=HEAD"
- Some more command line examples:
python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan --profile vulnerabilities
python nettacker.py -W --profile information_gathering
- You may want to create a new profile, to do that edit the
core/config.py
in the main directory and add your profiles to theget_profiles
function in JSON style.
def get_profiles():
return {
"information_gathering": ["tcp_connect_port_scan"],
"vulnerabilities": ["heartbleed_vuln"],
"mycustomprofile": ["subdomain_scan", "dir_scan"]
}
- You may want to change the defaults values (
timeout
,socks proxy
,target
,ports
) or anything could be set with the command line, to doing that you can edit them in config.pyget_config
function in the main directory with JSON style.
def get_config():
return { # OWASP Nettacker Default Configuration
"language": "fa",
"verbose_level": 0,
"show_version": False,
"check_update": False,
"log_in_file": "results.json",
"graph_flag": None,
"help_menu_flag": False,
"targets": "127.0.0.1,192.168.1.1",
"targets_list": None,
"scan_method": None,
"exclude_method": None,
"users": "user1,user2",
"users_list": None,
"passwds": "pass1,pass2",
"passwds_list": None,
"ports": "1-65535",
"timeout_sec": 3.0,
"time_sleep": 0.0,
"check_ranges": True,
"check_subdomains": True,
"thread_number": 1000,
"thread_number_host": 30,
"socks_proxy": "socks://127.0.0.1:9050",
"retries": 3,
"ping_flag": True,
"methods_args": None,
"method_args_list": False,
"startup_check_for_update": True,
"wizard_mode": False,
"profile": "information_gathering"
}
API and WebUI are new interfaces you can work with to send your commands to Nettacker, technically WebUI developed based on present API to make an example of API and be used as another easier interface, to start using this feature, simple run python nettacker.py --start-api
.
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
* API Key: 203c113633fdd806d0316fdcb09f9daf
* Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
You can modify the default API config by editing the core.config.py
.
def _api_config():
"""
API Config (could be modify by user)
Returns:
a JSON with API configuration
"""
return { # OWASP Nettacker API Default Configuration
"api_host": "127.0.0.1",
"api_port": 5000,
"api_debug_mode": False,
"api_access_key": "".join(random.choice("0123456789abcdef") for x in range(32)),
"api_client_white_list": {
"enabled": False,
"ips": ["127.0.0.1", "10.0.0.0/24", "192.168.1.1-192.168.1.255"]
},
"api_access_log": {
"enabled": False,
"filename": "nettacker_api_access.log"
},
"api_db_name": _paths()["home_path"] + "/database.sqlite3"
}
As you can see, the API key will be a random MD5 everytime you run the API, to change options through the commandline, it's not neccesorry to modify this config, just run the command!
--start-api start the API service
--api-host API_HOST API host address
--api-port API_PORT API port number
--api-debug-mode API debug mode
--api-access-key API_ACCESS_KEY
API access key
--api-client-white-list
just allow white list hosts to connect to the API
--api-client-white-list-ips API_CLIENT_WHITE_LIST_IPS
define white list hosts, separate with , (examples:
127.0.0.1, 192.168.0.1/24, 10.0.0.1-10.0.0.255)
--api-access-log generate API access log
--api-access-log-filename API_ACCESS_LOG_FILENAME
API access log filename
python nettacker.py --start-api --api-access-key mysecretkey
python nettacker.py --start-api --api-client-white-list
python nettacker.py --start-api --api-client-white-list --api-client-white-list-ips 127.0.0.1,192.168.0.1/24,10.0.0.1-10.0.0.255
python nettacker.py --start-api --api-access-log
python nettacker.py --start-api --api-access-log --api-access-log-filename log.txt
python nettacker.py --start-api --api-access-key mysecretkey --api-client-white-list --api-access-log
python nettacker.py --start-api --api-access-key mysecretkey --api-client-white-list --api-access-log
python nettacker.py --start-api --api-access-key mysecretkey --api-host 192.168.1.2 --api-port 80
python nettacker.py --start-api --api-access-log --api-port 8080 --api-debug-mode
- for farther information to use RESTful API please visit the API page.
Let me know if you have more questions.