Skip to content

Commit 4a318ae

Browse files
codingocodingo
authored
Merge pull request #46 from tizz98/ecw/multi-word-list
Support multiple word lists
2 parents dbf3b90 + 7439e19 commit 4a318ae

File tree

3 files changed

+58
-35
lines changed

3 files changed

+58
-35
lines changed

VHostScan.py

+27-33
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77
from socket import gethostbyaddr
88
from lib.core.virtual_host_scanner import *
99
from lib.helpers.output_helper import *
10+
from lib.helpers.file_helper import get_combined_word_lists
1011
from lib.core.__version__ import __version__
1112

1213

@@ -20,7 +21,7 @@ def main():
2021
print_banner()
2122
parser = ArgumentParser()
2223
parser.add_argument("-t", dest="target_hosts", required=True, help="Set a target range of addresses to target. Ex 10.11.1.1-255" )
23-
parser.add_argument("-w", dest="wordlist", required=False, type=str, help="Set the wordlist to use (default ./wordlists/virtual-host-scanning.txt)", default=False)
24+
parser.add_argument("-w", dest="wordlists", required=False, type=str, help="Set the wordlists to use (default ./wordlists/virtual-host-scanning.txt)", default=False)
2425
parser.add_argument("-b", dest="base_host", required=False, help="Set host to be used during substitution in wordlist (default to TARGET).", default=False)
2526
parser.add_argument("-p", dest="port", required=False, help="Set the port to use (default 80).", default=80)
2627
parser.add_argument("-r", dest="real_port", required=False, help="The real port of the webserver to use in headers when not 80 (see RFC2616 14.23), useful when pivoting through ssh/nc etc (default to PORT).", default=False)
@@ -37,39 +38,32 @@ def main():
3738
parser.add_argument("-", dest="stdin", action="store_true", help="By passing a blank '-' you tell VHostScan to expect input from stdin (pipe).", default=False)
3839

3940
arguments = parser.parse_args()
40-
wordlist = list()
41-
42-
if(arguments.stdin and not arguments.wordlist):
41+
wordlist = []
42+
43+
word_list_types = []
44+
45+
default_wordlist = "./wordlists/virtual-host-scanning.txt" if not arguments.stdin else None
46+
47+
if arguments.stdin:
48+
word_list_types.append('stdin')
4349
wordlist.extend(list(line for line in sys.stdin.read().splitlines()))
44-
print("[+] Starting virtual host scan for %s using port %s and stdin data" % (arguments.target_hosts,
45-
str(arguments.port)))
46-
elif(arguments.stdin and arguments.wordlist):
47-
if not os.path.exists(arguments.wordlist):
48-
wordlist.extend(list(line for line in sys.stdin.read().splitlines()))
49-
print("[!] Wordlist %s doesn't exist and can't be appended to stdin." % arguments.wordlist)
50-
print("[+] Starting virtual host scan for %s using port %s and stdin data" % (arguments.target_hosts,
51-
str(arguments.port)))
52-
else:
53-
wordlist.extend(list(line for line in open(arguments.wordlist).read().splitlines()))
54-
print("[+] Starting virtual host scan for %s using port %s, stdin data, and wordlist %s" % (arguments.target_hosts,
55-
str(arguments.port),
56-
arguments.wordlist))
57-
else:
58-
if not arguments.wordlist:
59-
wordlist.extend(list(line for line in open("./wordlists/virtual-host-scanning.txt").read().splitlines()))
60-
print("[+] Starting virtual host scan for %s using port %s and wordlist %s" % ( arguments.target_hosts,
61-
str(arguments.port),
62-
"./wordlists/virtual-host-scanning.txt"))
63-
else:
64-
if not os.path.exists(arguments.wordlist):
65-
print("[!] Wordlist %s doesn't exist, unable to scan." % arguments.wordlist)
66-
sys.exit()
67-
else:
68-
wordlist.extend(list(line for line in open(arguments.wordlist).read().splitlines()))
69-
print("[+] Starting virtual host scan for %s using port %s and wordlist %s" % ( arguments.target_hosts,
70-
str(arguments.port),
71-
str(arguments.wordlist)))
72-
50+
51+
combined = get_combined_word_lists(arguments.wordlists or default_wordlist)
52+
word_list_types.append('wordlists: {}'.format(
53+
', '.join(combined['file_paths']),
54+
))
55+
wordlist.extend(combined['words'])
56+
57+
if len(wordlist) == 0:
58+
print("[!] No words found in provided wordlists, unable to scan.")
59+
sys.exit(1)
60+
61+
print("[+] Starting virtual host scan for {host} using port {port} and {inputs}".format(
62+
host=arguments.target_hosts,
63+
port=arguments.port,
64+
inputs=', '.join(word_list_types),
65+
))
66+
7367
if(arguments.ssl):
7468
print("[>] SSL flag set, sending all results over HTTPS")
7569

lib/core/__version__.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -2,5 +2,5 @@
22
# |V|H|o|s|t|S|c|a|n| Developed by @codingo_ & @__timk
33
# +-+-+-+-+-+-+-+-+-+ https://github.com/codingo/VHostScan
44

5-
__version__ = '1.2'
5+
__version__ = '1.3'
66

lib/helpers/file_helper.py

+30-1
Original file line numberDiff line numberDiff line change
@@ -25,4 +25,33 @@ def is_json(json_file):
2525

2626
def write_file(self, contents):
2727
with open(self.output_file, "w") as o:
28-
o.write(contents)
28+
o.write(contents)
29+
30+
31+
def parse_word_list_argument(argument):
32+
if not argument:
33+
return []
34+
35+
if ',' in argument:
36+
files = [arg.strip() for arg in argument.split(',')]
37+
else:
38+
files = [argument.strip()]
39+
40+
return [
41+
path for path in files
42+
if os.path.exists(path)
43+
]
44+
45+
46+
def get_combined_word_lists(argument):
47+
files = parse_word_list_argument(argument)
48+
words = []
49+
50+
for path in files:
51+
with open(path) as f:
52+
words.extend(f.read().splitlines())
53+
54+
return {
55+
'file_paths': files,
56+
'words': words,
57+
}

0 commit comments

Comments
 (0)