AutoPWN-Suite icon indicating copy to clipboard operation
AutoPWN-Suite copied to clipboard
verified publisher icon GamehunterKaan

API key

Open AnonymousRonin opened this issue 2 years ago • 2 comments

I was wondering of there was or is there plans to be able to store the API within the tool, somewhere in a config file maybe and it would just use it automatically? Or have you thought about just one API key for the whole tool? Thanks for for your work, so far it's been working great.

AnonymousRonin avatar Oct 29 '23 11:10 AnonymousRonin

Hello @AnonymousRonin

Could you please tell me how to make it work? For me It was working perfectly at the beginning, but after the changes applied by NIST on this URL: https://services.nvd.nist.gov/rest/json/cves/1.0 , I'm constantly getting these errors and unfortunately, I'm unable to solve the issue. : json_results = scanner.scan("192.168.0.1") File "/usr/local/lib/python3.9/dist-packages/autopwn_suite/api.py", line 166, in scan Vulnerablities = self.SearchVuln(nm[host]["tcp"][port], apiKey, debug) File "/usr/local/lib/python3.9/dist-packages/autopwn_suite/api.py", line 114, in SearchVuln Vulnerablities = searchCVE(keyword, log, apiKey) File "/usr/local/lib/python3.9/dist-packages/autopwn_suite/modules/nist_search.py", line 105, in searchCVE if not "result" in data: UnboundLocalError: local variable 'data' referenced before assignment

Any help would be appreciated

ShahinR avatar Dec 19 '23 12:12 ShahinR

I'm not the developer. But, log in as root with your working dir. your home dir (/home/*****) , then I installed using pip. Then I just type # autopwnsuite and it comes right up. I enter my NIST api manually for each scan. The scans don't enumerate real line vuln (generally). Unless you incorporate nmap, but then just use nmap. What the do is enumerate all potential vuln related to the config found. You still gotta do the work. You may have to rewrite some of the code to suite the env variables, application use or configuration. I use this to find all the related potential vulns rather than looking each one up. This won't pop a shell on a target if that's what your hoping. As far as I can tell it's a scanner, not an exploit tool and certaily not automatic. Unless he's figured out the ultimate AI hack. But I would contactact the developer, I'm just building a new distro for work, I've only used this a handfull of times.

Sent from Proton Mail mobile

-------- Original Message -------- On Dec 19, 2023, 4:50 AM, ShahinR wrote:

Hello @.***(https://github.com/AnonymousRonin)

Could you please tell me how to make it work? For me It was working perfectly at the beginning, but after the changes applied by NIST on this URL: https://services.nvd.nist.gov/rest/json/cves/1.0 , I'm constantly getting these errors and unfortunately, I'm unable to solve the issue. : json_results = scanner.scan("192.168.0.1") File "/usr/local/lib/python3.9/dist-packages/autopwn_suite/api.py", line 166, in scan Vulnerablities = self.SearchVuln(nm[host]["tcp"][port], apiKey, debug) File "/usr/local/lib/python3.9/dist-packages/autopwn_suite/api.py", line 114, in SearchVuln Vulnerablities = searchCVE(keyword, log, apiKey) File "/usr/local/lib/python3.9/dist-packages/autopwn_suite/modules/nist_search.py", line 105, in searchCVE if not "result" in data: UnboundLocalError: local variable 'data' referenced before assignment

Any help is appriciated, Thank you

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: @.***>

AnonymousRonin avatar Dec 20 '23 10:12 AnonymousRonin

You can store API in config file https://github.com/GamehunterKaan/AutoPWN-Suite/blob/827e26f467fe40703ecd8a8b63a5a89c443ec0e3/modules/utils.py#L603

GamehunterKaan avatar Feb 27 '24 18:02 GamehunterKaan