superhedgy / attacksurfacemapper Goto Github PK
View Code? Open in Web Editor NEWAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Home Page: https://AttackSurfaceMapper.com
License: GNU General Public License v3.0
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Home Page: https://AttackSurfaceMapper.com
License: GNU General Public License v3.0
Hello I'm trying to use this tool but I get this error message when I try to use it:
[*] Error: Could not authenticate to LinkedIn. cannot use a string pattern on a bytes-like object
Traceback (most recent call last):
File "asm.py", line 941, in <module>
main(keychain, sw1, output_path, c1)
File "asm.py", line 745, in main
keychain["linkedin_password"], answer2, 0)
File "/home/username/Projects/Github/OSINT/AttackSurfaceMapper/modules/linkedinner.py", line 93, in get_emails_for_company_name
cookies['JSESSIONID'] = 'ajax:0397788525211216808'
TypeError: 'NoneType' object does not support item assignment
Is there any chance to add the api into the tool set?
I just ran this tool against my own organization's website, and the results are pretty stupefyingly accurate. However, when it comes to S3 buckets, it found the following:
We do not use any S3 buckets, so I would have expected this list to be empty. I have never heard of any of these S3 buckets.
The keylists.asm has 2 lines for LinkedIn, the username and password. LinkedIn doesn't have usernames from what I can tell, only your email address. When I give my registered email address and password I still get an error:
"[*] Error: Could not authenticate to LinkedIn. cannot use a string pattern on a bytes-like object"
It seems that the weleakinfo.com domain has been seized by the FBI, is there another site where we could get leaked credentials from and should this module be removed since the site no longer is available?
When running this from a linux box (ive tried ubuntu and kali) the scan just hangs for a couple of minutes then says 'killed'
Also is this supposed to work? I get -ln not valid..
python3 asm.py -t your_site.com -ln -w resources/top100_sublist.txt -o demo_run
[i] Searching Linkedin with Company Name: Company
[DEBUG] Cookie Value
[*] Error: Could not authenticate to LinkedIn. object of type 'NoneType' has no len()
Traceback (most recent call last):
File "asm.py", line 946, in
main(keychain, sw1, output_path, c1)
File "asm.py", line 741, in main
keychain["linkedin_password"], answer2, 0)
File "/mydir/AttackSurfaceMapper/modules/linkedinner.py", line 93, in get_emails_for_company_name
cookies['JSESSIONID'] = 'ajax:0397788525211216808'
TypeError: 'NoneType' object does not support item assignment
python -m pip install --no-cache-dir -r requirements.txt
gives the error
Double requirement given: selenium>=3.141.0 (from -r requirements.txt (line 16)) (already in selenium (from -r requirements.txt (line 11)), name='selenium')
Resolved by removing line 11 or 16
Just some friendly feedback but might be a good idea to run flake8 over this code base.
Just looking through it on Github, I'm seeing lots of little Python formatting issues throughout the code; like comma separated arguments without spaces, variables assigned with no spaces between the =
sign, too many empty lines in functions, doc strings / function comments outside of the actual function, etc.
E.g.,
# sslGrabber Function
def sslGrabber(resolvedIP,port):
cert=ssl.get_server_certificate((resolvedIP.address, port))
x509=OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
Hi
followed installation instruction as well as requirements.txt
im getting this error during scan
Any suggestions ?
Thanks
Traceback (most recent call last):
File "/home/tass/Desktop/AttackSurfaceMapper/modules/buckethunter.py", line 43, in passive_query
if gwf_api["buckets_count"] > 0:
KeyError: 'buckets_count'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "ASM.py", line 890, in <module>
main(keychain,sw1,output_path,c1)
File "ASM.py", line 666, in main
buckethunter.passive_query(target_list[key],keychain["grayhatwarfare"])# Passive
File "/home/tass/Desktop/AttackSurfaceMapper/modules/buckethunter.py", line 52, in passive_query
cprint ("error","[*] Error: connecting with GrayHatWarfare API",1)
File "/home/tass/Desktop/AttackSurfaceMapper/modules/buckethunter.py", line 14, in cprint
colorama.init()
NameError: name 'colorama' is not defined
Traceback (most recent call last):
File "ASM.py", line 890, in
main(keychain,sw1,output_path,c1)
File "ASM.py", line 623, in main
if (add_target_ip(target_list,line) == False):
File "ASM.py", line 384, in add_target_ip
add_target_domain(list,domain,validated_input)
File "ASM.py", line 356, in add_target_domain
if t.primary_domain in list.keys():
AttributeError: type object 'list' has no attribute 'keys'
A syntax error is in the code, list data structures don't use the keys() method, only dict does.
After leaving it running for several minutes and getting a number of "added target" messages, I get the following traceback:
Traceback (most recent call last):
File "/home/ojensen/bin/repos/AttackSurfaceMapper/modules/buckethunter.py", line 22, in passive_query
if gwf_api["buckets_count"] > 0:
KeyError: 'buckets_count'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "ASM.py", line 890, in <module>
main(keychain,sw1,output_path,c1)
File "ASM.py", line 666, in main
buckethunter.passive_query(target_list[key],keychain["grayhatwarfare"])# Passive
File "/home/ojensen/bin/repos/AttackSurfaceMapper/modules/buckethunter.py", line 31, in passive_query
cprint ("error","[*] Error: connecting with GrayHatWarfare API",1)
NameError: name 'cprint' is not defined
Working off of commit c5d85fbd9ec9b2d994eb59a402a8523c8ce670cf
and with invocation python ASM.py -v -t [domain]
using python 3.
Traceback (most recent call last):
File "/home/siphon/AttackSurfaceMapper/modules/buckethunter.py", line 43, in passive_query
if gwf_api["buckets_count"] > 0:
KeyError: 'buckets_count'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "ASM.py", line 890, in
main(keychain,sw1,output_path,c1)
File "ASM.py", line 666, in main
buckethunter.passive_query(target_list[key],keychain["grayhatwarfare"])# Passive
File "/home/siphon/AttackSurfaceMapper/modules/buckethunter.py", line 52, in passive_query
cprint ("error","[*] Error: connecting with GrayHatWarfare API",1)
File "/home/siphon/AttackSurfaceMapper/modules/buckethunter.py", line 14, in cprint
colorama.init()
NameError: name 'colorama' is not defined
I've tried ASM directly in Windows 10, in a Windows 10 VM and in CentOS VM.
Both Windows have given me this error:
The command is just the standard command:
python ASM.py -t DSM.com -ln -o demo_run -w resources/top100_sublist.txt
And yes it should be using python 3.7.3 as I typed python --version and got that.
The documentation/examples in the readme mention the -a
option for active checks but this option seems to be missing/removed from the script:
ASM.py: error: unrecognized arguments: -a
Bro, you better check your keylist.asm
as it seems that you forgot to delete all of your creds.
in ASM.py, #34 from modules import subhunter
subhunter does not exist in the the modules folder.
Hi Guys, hope all is well
I have recently stepped across this tool and is perfect for automating recon. I must specify that I am a junior analyst, with experience in Bash and Ruby, very little in Python.
The install went well, however, as soon as I attempted to boot the tool, I received this error:
File "asm.py", line 529
print(style + msg, end="")
^
SyntaxError: invalid syntax
I should add that I have experimented with a lot of trial and error regarding this line of code and still can't seem to find the solution... Have now reverted the entire source code back to default and yet still the same error?
I was wandering if I could get any help/suggestion on how to solve this issue, and if it's common for anyone else.
Thanks!
Traceback (most recent call last):
File "asm.py", line 939, in
keyloader(keychain, sw1) # Key Loader
File "asm.py", line 428, in keyloader
keychain[tmp[0]] = tmp[2].replace(""", "")
IndexError: list index out of range
Tried with and without wordlist, different domains.
keys look ok, although couldnt add weleakinfo keys as they are no longer around.
File "asm.py", line 529
print(style + msg, end= "")
Just submitting the issue I found. I also have the fix for it
Hi
I seem to be battling to successfully run the ASM. I have cloned, run installation of the requirements.txt in MacOSx and Kali still getting same error below;
<pre><font color="#EF2929"><b>root@kali</b></font>:<font color="#729FCF"><b>/home/AttackSurfaceMapper</b></font># python3 ASM.py -t bbc.co.uk -ln -o demo_run -w resources/top100_sublist.txt Traceback (most recent call last): File "ASM.py", line 39, in <module> from modules import urlscanio File "/home/AttackSurfaceMapper/modules/urlscanio.py", line 8, in <module> import ASM File "/home/AttackSurfaceMapper/ASM.py", line 41, in <module> from modules import screencapture File "/home/AttackSurfaceMapper/modules/screencapture.py", line 22, in <module> from selenium import webdriver ModuleNotFoundError: No module named 'selenium' </pre>
See log above. Tried installing all modules separately still no success running ASM.py
[*] Error: Could not authenticate to LinkedIn. cannot use a string pattern on a bytes-like object
Traceback (most recent call last):
File "asm.py", line 951, in
main(keychain, sw1, output_path, c1)
File "asm.py", line 756, in main
keychain["linkedin_password"], answer2, 0)
File "/root/AttackSurfaceMapper/modules/linkedinner.py", line 93, in get_emails_for_company_name
cookies['JSESSIONID'] = 'ajax:0397788525211216808'
TypeError: 'NoneType' object does not support item assignment
Hi,
When trying to use the LinkedInner module in a run I keep getting this error:
`During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/Users/brianrosen/AttackSurfaceMapper/modules/linkedinner.py", line 66, in loadPage
response = client.open(url)
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/urllib/request.py", line 525, in open
response = self._open(req, data)
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/urllib/request.py", line 543, in _open
'_open', req)
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/urllib/request.py", line 503, in _call_chain
result = func(*args)
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/urllib/request.py", line 1360, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/urllib/request.py", line 1319, in do_open
raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)>
[*] Error: Could not authenticate to LinkedIn. object of type 'NoneType' has no len()
Traceback (most recent call last):
File "ASM.py", line 890, in
main(keychain,sw1,output_path,c1)
File "ASM.py", line 708, in main
linkedinner.get_emails_for_company_name(switch,target_list[key],keychain["linkedin_username"],keychain["linkedin_password"],answer2,0)
File "/Users/brianrosen/AttackSurfaceMapper/modules/linkedinner.py", line 83, in get_emails_for_company_name
cookies['JSESSIONID'] = 'ajax:0397788525211216808'
TypeError: 'NoneType' object does not support item assignment`
Thanks for any help!
Could you kindly provide the requirements.txt for installing ?
Thank you
I am getting this error which looks like a pattern in the email dns entries is unexpected. Given the chance of this happening, it seems like this should be caught and allowed to proceed.
launched with args:
--stealth -v -t something.com -o /home/user/ASM-something -f CSV -sc
Traceback (most recent call last):
File "ASM.py", line 890, in
main(keychain,sw1,output_path,c1)
File "ASM.py", line 672, in main
hosthunter.dnslookup(target_list[key]) # Passive
File "/home/user/AttackSurfaceMapper/modules/hosthunter.py", line 96, in dnslookup
if (word[4] == "TXT") and ("v=spf1" in word[5]):
IndexError: list index out of range
selenium is required, but not listed in requirements.txt
After running this overnight because I am trying to use the 100k list, I got this error message due to using the screenshot feature. Yes I did a pip install on selenium.
Command I used was
python3 ASM.py -t url.com -ln -o URL_com -w resources/bitquark_top100k_sublist.txt -sc
url.com and URL_com are sort of sensitive info so I just changed those.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.