Update malScraper.sh

Added comments to most of the code Added comments to each Function
rynmon · Nov 19, 2019 · c707664 · c707664
1 parent b29ad05
commit c707664
Showing 1 changed file with 62 additions and 10 deletions.
diff --git a/malScraper.sh b/malScraper.sh
@@ -1,6 +1,5 @@
 #!/usr/bin/env bash
 #global vars
-#QlQu8eC4
 #formatting
 RED='\033[0;31m' #red
 GRN='\033[0;32m' #green
@@ -12,14 +11,19 @@ Cyan='\033[1;36m' #cyan
 Yellow='\033[1;33m' #yellow
 
 #splash-text arrays
+#add your own by adding to the below arrays
 arr[0]=$(echo -e "\U0001F50E Generating list...")
 arr[1]=$(echo -e "\U0001F50E Scraping data...")
 arr[2]=$(echo -e "\U0001F50E Spinning web...")
+#arr[n]=$(echo -e "\U0001F50E YOUR TEXT GOES HERE")
+#a full list of emoji unicode can be found here:
+#https://github.com/carpedm20/emoji/blob/master/emoji/unicode_codes.py
 
 #time-on-run
 timestamp=$(date +%Y-%m-%d-%H:%M)
 
 #data locations
+#stores the default location of the download path of the various feeds - these can be modified to custom locations
 PayloadReport=/home/$USER/Desktop/malScraper/PayloadReport.txt
 AMPReport=/home/$USER/Desktop/malScraper/AMPReport.txt
 C2Report=/home/$USER/Desktop/malScraper/C2Report.txt
@@ -42,8 +46,13 @@ PhishTank=$(base64 -d <<<"H4sIAHFCXV0AA8soKSmw0tdPSSxJ1CvIyCzOKEnMy9ZLzs8FC+nn5+
 oid3DTAAAAA=" | gunzip)
 HausMalDown=$(base64 -d <<<"H4sIAJqXXl0AA8soKSkottLXLy3KyUgsLdZLTCotTtVLztBPyS/Py8lPTCnWTy4u0+cCAON9198o
 AAAA" | gunzip)
+#This section is fully modular, feel free to add additional feeds. To encode the feed links, open a terminal
+#and echo the feed URL through the following command: echo <FEEDURL> | gzip | base64
+
 
 #functions
+
+#this function stored the download path of each feed, and prints to screen when called
 dirList() {
 	printf "${GRN}${bold}Success - Files written to:\n${normal}${NC}"
 	printf "${GRN}${bold}1. ${normal}${RED}${bold}Payload Domains:${normal}${NC}"
@@ -60,10 +69,12 @@ dirList() {
 	printf "/home/$USER/Desktop/malScraper/${bold}Top100.txt${normal}\n\n"
 }
 
+#this function is responsible for performing a full scan - reports are scraped from all configured feeds
 fullScan() {
-	clear
-	echo $(date)
-	echo ${arr[$rand]}
+	clear #clear screen
+	echo $(date) #print current date & time
+	echo ${arr[$rand]} #print one if the spash text items from the array
+	#the below if statements verify if previous reports exist, and if found, delete them
 	if test -f "$PayloadReport"; then
 	rm /home/$USER/Desktop/malScraper/PayloadReport.txt
 	#echo "Updating existing payload report..."
@@ -103,8 +114,9 @@ fullScan() {
 	cd /home/$USER/Desktop/malScraper/Phishing
 	mv online-valid.csv PhishTank.csv
 	cd /home/$USER/Desktop/malScraper/
-	#strip domains of their http:// and www. headers for ez amp
+	#strip domains of their http:// and www. headers for easy blacklisting
 	cat PayloadReport.txt | egrep -o "http://([^/]*)/" | sed -e 's/^http:\/\///g' | sed 's/www\./ /g' | sed 's/\/$/ /g' | sed 's/ //g' >> AMPReport.txt
+	#only display the most recent 100 domains
 	head -100 /home/$USER/Desktop/malScraper/PayloadReport.txt > /home/$USER/Desktop/malScraper/Top100.txt
 	#sort temp1.txt | uniq > PayloadReport.txt
 	#sort temp2.txt | uniq > AMPReport.txt
@@ -124,6 +136,7 @@ fullScan() {
 
 		if [[ $option == "1" ]]
 		then
+			#xdg-open opens the specified file path
 			xdg-open /home/$USER/Desktop/malScraper/PayloadReport.txt
 			userOptions
 
@@ -226,12 +239,17 @@ exit() {
 			printf "\n"
 			userOptions
 	else
+		clear
 		printf "${RED}${bold}Error - ${normal}${NC}invalid operation\n"
 		helpText
 		userOptions
 	fi
 }
 
+########################################################
+#function responsible for storing#
+########################################################
+
 userOptions() {
 	read -p "malScraper>" option #store user input
 
@@ -269,13 +287,20 @@ userOptions() {
 	fi
 }
 
+##############################################################################################################
+#this function is responsible for ensuring the requirements have been installed on the host before continuing#
+#the function will run a test to determine if the following required tools are present on the machine:       #
+#figlet - used for presentation / formating - allows ascii art to be printed to the terminal                 #
+#wmctrl - used to manipulate the terminal window - allows the terminal to be maximized on script launch      #
+##############################################################################################################
+
 setupHost() {
 	#wmctrl -r :ACTIVE: -b add,maximized_vert,maximized_horz
 	#create working dirs
 	mkdir -p /home/$USER/Desktop/malScraper
 	mkdir -p /home/$USER/Desktop/malScraper/Phishing
 	#check if preRequisates are installed
-	figlet=/usr/bin/figlet
+	figlet=/usr/bin/figlet #figlet default install path
 	if test -f $figlet
 	then
 		#echo "Figlet is installed, continuing..."
@@ -287,7 +312,7 @@ setupHost() {
 		sudo apt-get install figlet
 		clear
 	fi
-	wmctrl=/usr/bin/wmctrl
+	wmctrl=/usr/bin/wmctrl #wmctrl default install path
 	if test -f $wmctrl
 	then
 		#echo "wmctrl is installed, continuing..."
@@ -317,11 +342,19 @@ setupHost() {
 	main
 }
 
+########################################################
+#function responsible for clearing users screen on call#
+########################################################
+
 clearScreen() {
 	clear
 	userOptions
 }
 
+###############################################################################
+#function responsible for storing the help text for usage in the help function#
+###############################################################################
+
 helpText() {
 	printf "${Cyan}HELP MENU${NC} ${bold}::${normal} Available ${Yellow}options${NC} shown below:\n\n"
 	printf "${bold}[*]${normal} ${Cyan}Tutorial${NC} of how to use this tool\t\t\t\t\t${Yellow}TUTORIAL${NC}\n"
@@ -335,18 +368,33 @@ helpText() {
 	printf "${bold}[*]${normal} Perform ${Cyan}Quick-Scan${NC} Most recent 100 Payload Domains\t\t\t${Yellow}QUICK,QUICK-SCAN,QSCAN${NC}\n\n"
 }
 
+###########################################################
+#function responsible for printing the help menu to screen#
+###########################################################
+
 help() {
 	helpText
 	userOptions
 }
 
+#####################################################################
+#function responsible for printing the usage tutorial menu to screen#
+#####################################################################
+
 tutorial() {
-	echo -e "Go away you egg, this menu is unfinished. \U0001F620cd "
-	sleep .5
-	printf "\n"
+	#echo -e "Go away you egg, this menu is unfinished. \U0001F620"
+	tutText="\n${bold}MalScraper\n\n${bold}NAME\n - ${normal}./malScraper.sh - malScraper scrapes a list of Payload Domains, IOC's & C2 IPs from from various feeds, for easy blacklisting.\n\n${bold}SYNOPSIS\n./extract ${normal}\e[4m[FILE]\e[0m\n${bold}e.g. - ${normal}./extract <infile> <outfile>\n\n${bold}DESCRIPTION\n - ${normal}To extract domains, invoke the script, and add the name of the file you would like to extract domains from, followed by the name of the output file.\n ${bold}- ${normal}Please enclose files with spaces between '', for example 'Hello World'\n"
+	clear
+	printf "$tutText"
+	#sleep .5
+	#printf "\n"
 	userOptions
 }
 
+########################################################################
+#this function allows the user to reopen a previously downloaded report#
+########################################################################
+
 reOpen() {
 	clear
 	dirList
@@ -406,6 +454,10 @@ reOpen() {
 	userOptions
 }
 
+###########################################################
+#function responsible for printing the main menu to screen#
+###########################################################
+
 main() {
 	clear
 	#force maximum window