Skip to content

Add new tool to run after initial scan

Jump to bottom
Ugo Meguerditchian edited this page May 30, 2023 · 5 revisions

Getting started

OrgASM let you easly add your tools after the initial scan completed. This will let you modify the res.result object that contains all the data of initial scans and previous runned tools.

You don't need to modify the orc.py !

1 - Add the script inside /tools

You need to create a .py script with an appealing name inside de tools folder.

2 - The script himslef

You first need to import basic lib of OrgASM :

from lib.result import result
import lib.generics as gen

The script also need to have a main def (example for ports_scanner tool) :

from lib.ip import ip as ip_lib
from lib.result import result
import lib.generics as gen
import lib.custom_logger as custom_logger

logger = custom_logger.logger


def main(config: gen.configuration, res: result):
    if not "ports_scanner" in config.config["TOOLS"]:
        logger.error("[*] Missing ports_scanner in TOOLS in config file")
        return
    this_tool_config = config.config["TOOLS"]["ports_scanner"]
    to_have = ["workers", "activate"]
    for i in to_have:
        if i not in this_tool_config:
            logger.error(f"[*] Missing {i} in config file")
            return
    if not this_tool_config["activate"]:
        logger.info("[*] Skipping ports_scanner")
        return
    changed = False
    if not config.ip_trough_proxy and config.handler.there_is_proxy():
        logger.info("[*] Disabling proxy for ports scan")
        olds = config.handler.remove_proxys()
    logger.info("[*] Scanning ports")
    ports_range = range(1, 65535)
    for ip in res.result:
        logger.info(f"[*] Scanning ports for {ip.ip}")
        ip.ping()
        if ip.status:
            ip.ports_scan(ports_range, this_tool_config["workers"])
            res.result[ip]["ports"] = ip.ports
        else:
            logger.info(
                f"[*] Skipping port scan for {ip.ip} because it is not reachable"
            )
    logger.info("[*] Port scan finished")
    if changed:
        logger.info("[*] Re-enabling proxy")
        config.handler.add_proxys(olds)
    return res

Then you can do whathever you want with the res object.

res object as an res.result and a res.deads

res.result is in this form after the initial scan :

{
    "1.1.1.1":{
        "fqdns":{
            "example.com":{},
            "example2.com":{}
        }
    },
    "2.2.2.2":{
        "fqdns":{
            "example3.com":{},
            "example4.com":{}
        }
    }
}

res.result will be modified (normally) by all the tools that have runned before.

You just need to return the res object

3 - Configuration file

The configuration file must contains all the external inforamtion about the tool that you need. You can add them to the TOOLS section inside the configuration.yaml :

TOOLS :
    ports_scanner:
        file: "ports_scanner"
        activate: true
        workers: 2000
    detect_services:
        file: "detect_services"
        activate: true
        workers: 2000    
    analyze_web_techno:
        file: "analyze_web_techno"
        activate: true
        workers: 2000
    nuclei:
        file: "nuclei"
        headless_browser: True
        activate: true
        conf_file: null

Objects 'file' and 'activate' are mandatory. Also you need to name the tool inside this section to the name of the related file (without the '.py')

After this all the other object passed here will not be touched by OrgASM directly. You need to access them by the config given inside the main def of the tool.

For example for nuclei tool if i want to retreive the headless_browser value :

config.config["TOOLS"]["nuclei"]["headless_browser"]
Clone this wiki locally