legba icon indicating copy to clipboard operation
legba copied to clipboard

Published 20 hours ago • verified publisher icon evilsocket

Scripting engine (LUA).

Open evilsocket opened this issue 8 months ago • 5 comments

I'm thinking to integrate a Lua interpreter to do stuff like:

function find_open_ports(host)
    legba("tcp.ports --tcp-ports 80-10000 --target " .. host .. "'")
end

function scan_web_resources(host, port)
    local schema = (tostring(port).endswith('3') and 'https' or 'http')
    legba("http.enum --payloads data/http-enum.txt --target '" .. schema .. "://" .. host .. ":" .. port .. "'")
end

if loot.plugin == 'dns'
    find_open_ports(loot.data.subdomain)

else if loot.plugin == 'tcp.ports'
    scan_web_resources(loot.data.host, loot.data.port)
end

The idea here is to start with the dns module to enumerate the subdomains of a given host. Then for each found subdomain, trigger the tcp.ports module to scan its ports and ultimately, for each open port, trigger the http.enum module to perform http pages enumeration.

This is just an example, i'm opening this issue to track ideas and (ideally) users suggestions.

evilsocket avatar Nov 04 '23 19:11 evilsocket