Commits

Tim Tomes  committed ae59baa

bug fixes in several new modules.

  • Participants
  • Parent commits dc008cd

Comments (0)

Files changed (16)

File modules/auxiliary/mcafee_affil.py

-import framework
-# unique to module
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
-        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'McAfee Domain Affiliation Lookup',
-                     'Author': 'Micah Hoffman (@WebBreacher)',
-                     'Description': 'Checks mcafee.com site for other domains affiliated with a domain.',
-                     'Comments': []
-                     }
-   
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.mcafee_affil()
-
-    def mcafee_affil(self):
-        verbose = self.options['verbose']['value']
-        domain = self.options['domain']['value']
-
-        url = 'http://www.mcafee.com/threat-intelligence/jsproxy/domain.ashx?q=affiliation&f=%s' % (domain)
-        if verbose: self.output('URL being retrieved: %s' % url)
-        try: resp = self.request(url)
-        except KeyboardInterrupt:
-            print ''
-            return
-        except Exception as e:
-            self.error(e.__str__())
-            return
-
-        # Output the results in table format
-        tdata = [] 
-        tdata.append(['Domain/URL', 'Category', 'Links'])
-        for col in resp.json:
-            tdata.append([col['label'], col['hover'], str(col['link'])]) 
-        self.table(tdata, True)

File modules/auxiliary/mcafee_dns.py

-import framework
-# unique to module
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
-        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        self.register_option('addhoststodb', False, 'no', 'Add hosts discovered to the database.')
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'McAfee Domain DNS Lookup',
-                     'Author': 'Micah Hoffman (@WebBreacher)',
-                     'Description': 'Checks mcafee.com site for DNS information about a domain. This module can update the \'hosts\' table of the database with the results.',
-                     'Comments': []
-                     }
-   
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.mcafee_dns()
-
-    def mcafee_dns(self):
-        verbose = self.options['verbose']['value']
-        domain = self.options['domain']['value']
-        addhosts = self.options['addhoststodb']['value']
-
-        url = 'http://www.mcafee.com/threat-intelligence/jsproxy/domain.ashx?q=dns&f=%s' % (domain)
-        if verbose: self.output('URL being retrieved: %s' % url)
-        try: resp = self.request(url)
-        except KeyboardInterrupt:
-            print ''
-            return
-        except Exception as e:
-            self.error(e.__str__())
-            return
-
-        # Output the results in table format
-        tdata = [] 
-        tdata.append(['Domain', 'Hostname', 'IP', 'First Seen', 'Last Seen', 'Risk', 'Type'])
-        for col in resp.json['data']:
-            if col.has_key('IP'):       # Sometimes no IP is in the response
-                ip = col['IP']
-            else:
-                ip = 'No IP'
-            tdata.append([col['Domain'], col['Hostname'], ip, col['First_Seen'], col['Last_Seen'],col['Risk'], col['Type']])
-            
-            # Add each host to the database
-            if addhosts: self.add_host(col['Hostname'], address=ip)
-            
-        # Print the table  
-        self.table(tdata, True)

File modules/auxiliary/mcafee_mail.py

-import framework
-# unique to module
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
-        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        self.register_option('addhoststodb', False, 'no', 'Add hosts discovered to the database.')
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'McAfee Mail Host Lookup',
-                     'Author': 'Micah Hoffman (@WebBreacher)',
-                     'Description': 'Checks mcafee.com site for mail servers for given domain. This module can update the \'hosts\' table of the database with the results.',
-                     'Comments': []
-                     }
-   
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.mcafee_mail()
-
-    def mcafee_mail(self):
-        verbose = self.options['verbose']['value']
-        domain = self.options['domain']['value']
-        addhosts = self.options['addhoststodb']['value']
-
-        url = 'http://www.mcafee.com/threat-intelligence/jsproxy/domain.ashx?q=mail&f=%s' % (domain)
-        if verbose: self.output('URL being retrieved: %s' % url)
-        try: resp = self.request(url)
-        except KeyboardInterrupt:
-            print ''
-            return
-        except Exception as e:
-            self.error(e.__str__())
-            return
-
-        # Output the results in table format
-        tdata = [] 
-        tdata.append(['Domain', 'MX_Data', 'IP_Address', 'Weight'])
-        for col in resp.json['data']:
-            tdata.append([col['Domain'], col['MX_Data'], col['IP_Address'], col['Weight']])
-            
-            # Add each host to the database
-            if addhosts: self.add_host(col['MX_Data'], address=col['IP_Address'])
-            
-        # Print the table            
-        self.table(tdata, True)

File modules/auxiliary/mywot.py

-import framework
-# unique to module
-import re
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
-        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'MyWOT Domain Lookup',
-                     'Author': 'Micah Hoffman (@WebBreacher)',
-                     'Description': 'Checks mywot.com site for information about the security of a domain.',
-                     'Comments': []
-                     }
-   
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.mywot()
-
-    def mywot(self):
-        verbose = self.options['verbose']['value']
-        domain = self.options['domain']['value']
-
-        url = 'http://api.mywot.com/0.4/public_query2?target=%s' % (domain)
-        if verbose: self.output('URL being retrieved: %s' % url)
-        try: resp = self.request(url)
-        except KeyboardInterrupt:
-            print ''
-            return
-        except Exception as e:
-            self.error(e.__str__())
-            return
-
-        # Get the security results
-        findings = re.findall(r'<application name="(\d)" r="(\d+)" c="(\d+)"', resp.text)
-        
-        tdata = []
-        tdata.append(['Description', 'Reputation', 'Confidence'])
-        for line in findings:
-            # Description
-            if line[0] == '0':
-                descr = 'Trustworthiness'
-            elif line[0] == '1':
-                descr = 'Vendor Reliability'
-            elif line[0] == '2':
-                descr = 'Privacy'
-            elif line[0] == '4':
-                descr = 'Child Safety'
-            
-            # Reputation Scores
-            repTmp = int(line[1])
-            if repTmp >= 80:
-                rep = 'Excellent'
-            elif 80 > repTmp >= 60:
-                rep = 'Good'
-            elif 60 > repTmp >= 40:
-                rep = 'Unsatisfactory'
-            elif 40 > repTmp >= 20:
-                rep = 'Poor'
-            elif 20 > repTmp >= 0:
-                rep = 'Very poor'
-            
-            # Confidence Scores
-            confTmp = int(line[2])
-            if confTmp >= 45:
-                conf = '5 - High'
-            elif 45 > confTmp >= 34:
-                conf = '4 - MedHigh'
-            elif 34 > confTmp >= 23:
-                conf = '3 - Medium'
-            elif 23 > confTmp >= 12:
-                conf = '2 - MedLow'
-            elif 12 > confTmp >= 6:
-                conf = '1 - Low'
-            else:
-                conf = '0 - None'
-                
-            tdata.append([descr, rep, conf])
-        self.table(tdata, True)

File modules/auxiliary/siteadvisor_summary.py

-import framework
-# unique to module
-import re
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
-        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'McAfee SiteAdvisor Lookup',
-                     'Author': 'Micah Hoffman (@WebBreacher)',
-                     'Description': 'Checks siteadvisor.com site for links and other information with domains.',
-                     'Comments': []
-                     }
-   
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.siteadv_summ()
-
-    def siteadv_summ(self):
-        verbose = self.options['verbose']['value']
-        domain = self.options['domain']['value']
-
-        url = 'http://www.siteadvisor.com/sites/%s' % (domain)
-        if verbose: self.output('URL being retrieved: %s' % url)
-        try: resp = self.request(url)
-        except KeyboardInterrupt:
-            print ''
-            return
-        except Exception as e:
-            self.error(e.__str__())
-            return
-
-        # Get the overall security results
-        sec_results = re.findall(r'class="results">(.+)</p>', resp.text)
-        tdata_sec = [] 
-        tdata_sec.append(['Security Results'])
-        
-        # Get country of origin and number of users
-        finding_country = re.search(r'img src="/images/countryflags.+p> (.+)</td', resp.text)
-        finding_visitors = re.search(r'img src="/images/visitor.+p>(.+)</td', resp.text)
-        tdata_sec.append(['Country: ' + finding_country.group(1) + '                Visitors: ' + finding_visitors.group(1)])
-        tdata_sec.append([' '])
-        
-        # Line wrapping for long paragraph that breaks table formatting
-        paraMaxLen = 80
-        paraLen = len(sec_results[0])
-        if paraLen > paraMaxLen:
-            wrappedLines = []
-            for line in sec_results[0].split('\n'):
-                while True:
-                    wrappedLines.append(line[:paraMaxLen])
-                    line = line[paraMaxLen:]
-                    if not line: break
-            for item in wrappedLines:
-                tdata_sec.append([item])
-        self.table(tdata_sec, True)
-    
-        # Get the sites this domain's web site links to
-        finding = re.findall(r"area shape.+title='(.+)' onMouse", resp.text)
-        finding.sort()
-        tdata = [] 
-        tdata.append(['Domain(s) Linked to'])
-        for domain in finding:
-            tdata.append([domain])
-        self.table(tdata, True)

File modules/auxiliary/urlvoid.py

-import framework
-# unique to module
-import re
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
-        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'URLVoid Domain Lookup',
-                     'Author': 'Micah Hoffman (@WebBreacher)',
-                     'Description': 'Checks urlvoid.com site for information about the security of a domain.',
-                     'Comments': []
-                     }
-   
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.urlvoid()
-
-    def urlvoid(self):
-        verbose = self.options['verbose']['value']
-        domain = self.options['domain']['value']
-
-        url = 'http://www.urlvoid.com/scan/%s/' % (domain)
-        if verbose: self.output('URL being retrieved: %s' % url)
-        try: resp = self.request(url)
-        except KeyboardInterrupt:
-            print ''
-            return
-        except Exception as e:
-            self.error(e.__str__())
-            return
-
-        # Get the security results
-        av_engines = re.findall(r'<td>(.+)</td>\n.*images/(.+)\.png" alt=""', resp.text)
-        tdata = []
-        tdata.append(['Site', 'Status'])
-        for line in av_engines:
-            tdata.append([line[0], line[1]])
-        self.table(tdata, True)

File modules/auxiliary/xssed.py

-import framework
-# unique to module
-import re
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
-        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'XSSed Host Lookup',
-                     'Author': 'Micah Hoffman (@WebBreacher)',
-                     'Description': 'Checks XSSed.com site for XSS records for given domain and displays first 20 hits.',
-                     'Comments': []
-                     }
-   
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.xssed()
-
-    def xssed(self):
-        verbose = self.options['verbose']['value']
-        domain = self.options['domain']['value']
-
-        url = 'http://xssed.com/search?key=%s' % (domain)
-        if verbose: self.output('URL for XSSED.com: %s' % url)
-        try: resp = self.request(url)
-        except KeyboardInterrupt:
-            print ''
-            return
-        except Exception as e:
-            self.error(e.__str__())
-            return
-        
-        content = resp.text
-
-        # Find if there are any results for the domain search
-        results = re.findall(r"Results for.*", content)
-       
-        if results:
-            rows = re.split('<br>', str(results))
-            for row in rows:
-                finding = re.findall(r"mirror/([0-9]+)/.+blank\\'>(.+?)</a>", row)
-                if finding:
-                
-                    # Go fetch and parse the specific page for this item
-                    urlDetail = 'http://xssed.com/mirror/%s/' % finding[0][0]
-                    try: respDetail = self.request(urlDetail)
-                    except KeyboardInterrupt:
-                        print ''
-                    except Exception as e:
-                        self.error(e.__str__())
-                    if not respDetail: return
-                    
-                    # Parse the response and get the details
-                    details = []
-                    for line in respDetail.text.split('\n'):
-                        if "row3" in line:
-                            try: 
-                                a = re.search(r'">(.+)</th', line.strip())
-                                details.append(a.group(1))
-                            except: pass
-                            
-                    # Output the results in table format
-                    status = re.search(r';([UNFIXED]+)$',details[2])
-                                          
-                    tdata = [] 
-                    tdata.append(['Category', 'Details Retrieved'])
-                    tdata.append(details[4].split(":",1))                           # Domain
-                    
-                    # Line wrapping for long XSS URLs that break table formatting
-                    urlMaxLen = 80
-                    xssUrlLen = len(details[7].split(":",1)[1])
-                    if xssUrlLen > urlMaxLen:
-                        wrappedLines = []
-                        for line in details[7].split(":",1)[1].strip().split('\n'):
-                            while True:
-                                wrappedLines.append(line[:urlMaxLen])
-                                line = line[urlMaxLen:]
-                                if not line: break
-                        counter = 1
-                        for item in wrappedLines:
-                            if counter == 1:
-                                tdata.append(['URL:', ' ' + item])
-                            else:
-                                tdata.append(["URL (con't):", '   ' + item])
-                            counter += 1
-                    else:
-                        tdata.append(details[7].split(":",1))                       # URL
-                        
-                    tdata.append(details[0].replace('&nbsp;', ' ').split(":",1))    # Date submitted
-                    tdata.append(details[1].replace('&nbsp;', ' ').split(":",1))    # Date Published
-                    tdata.append(details[5].split(":",1))                           # Category
-                    tdata.append(['STATUS', ' ' + status.group(1)])                 # Fixed
-                    self.table(tdata, True)   
-                        
-        else:
-            self.output('No results found')
-        

File modules/recon/hosts/enum/dns/resolve.py

+import framework
+# unique to module
+import dns.resolver
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('nameserver', '8.8.8.8', 'yes', 'ip address of a valid nameserver')
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'Hostname Resolver',
+                     'Author': 'Tim Tomes (@LaNMaSteR53)',
+                     'Description': 'Resolves IP addresses to hosts. This module updates the \'hosts\' table of the database with the results.',
+                     'Comments': [
+                                  'Note: Nameserver must be in IP form.']
+                     }
+
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.resolve_hosts()
+    
+    def resolve_hosts(self):
+        q = dns.resolver.get_default_resolver()
+        q.nameservers = [self.options['nameserver']['value']]
+        hosts = self.query('SELECT rowid, host FROM hosts ORDER BY host')
+        for host in hosts:
+            row = host[0]
+            host = host[1]
+            try:
+                answers = q.query(host)
+                address = answers[0].address
+            except KeyboardInterrupt:
+                print ''
+                return
+            except dns.resolver.NXDOMAIN: address = 'Unknown'
+            except dns.resolver.NoAnswer: address = 'No answer'
+            except dns.exception.SyntaxError:
+                self.error('Nameserver must be in IP form.')
+                return
+            except: address = 'Error'
+            self.output('%s => %s' % (host, address))
+            self.query('UPDATE hosts SET address="%s" WHERE rowid="%s"' % (address, row))

File modules/recon/hosts/enum/http/mywot.py

+import framework
+# unique to module
+import re
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
+        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'MyWOT Domain Lookup',
+                     'Author': 'Micah Hoffman (@WebBreacher)',
+                     'Description': 'Checks mywot.com site for information about the security of a domain.',
+                     'Comments': []
+                     }
+   
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.mywot()
+
+    def mywot(self):
+        verbose = self.options['verbose']['value']
+        domain = self.options['domain']['value']
+
+        url = 'http://api.mywot.com/0.4/public_query2?target=%s' % (domain)
+        if verbose: self.output('URL being retrieved: %s' % url)
+        try: resp = self.request(url)
+        except KeyboardInterrupt:
+            print ''
+            return
+        except Exception as e:
+            self.error(e.__str__())
+            return
+
+        # Get the security results
+        findings = re.findall(r'<application name="(\d)" r="(\d+)" c="(\d+)"', resp.text)
+        
+        tdata = []
+        tdata.append(['Description', 'Reputation', 'Confidence'])
+        for line in findings:
+
+            # Description
+            if line[0] == '0':
+                descr = 'Trustworthiness'
+            elif line[0] == '1':
+                descr = 'Vendor Reliability'
+            elif line[0] == '2':
+                descr = 'Privacy'
+            elif line[0] == '4':
+                descr = 'Child Safety'
+
+            # Reputation Scores
+            repTmp = int(line[1])
+            if repTmp >= 80:
+                rep = 'Excellent'
+            elif 80 > repTmp >= 60:
+                rep = 'Good'
+            elif 60 > repTmp >= 40:
+                rep = 'Unsatisfactory'
+            elif 40 > repTmp >= 20:
+                rep = 'Poor'
+            elif 20 > repTmp >= 0:
+                rep = 'Very poor'
+
+            # Confidence Scores
+            confTmp = int(line[2])
+            if confTmp >= 45:
+                conf = '5 - High'
+            elif 45 > confTmp >= 34:
+                conf = '4 - MedHigh'
+            elif 34 > confTmp >= 23:
+                conf = '3 - Medium'
+            elif 23 > confTmp >= 12:
+                conf = '2 - MedLow'
+            elif 12 > confTmp >= 6:
+                conf = '1 - Low'
+            else:
+                conf = '0 - None'
+
+            tdata.append([descr, rep, conf])
+
+        self.table(tdata, True)

File modules/recon/hosts/enum/http/resolve.py

-import framework
-# unique to module
-import dns.resolver
-
-class Module(framework.module):
-
-    def __init__(self, params):
-        framework.module.__init__(self, params)
-        self.register_option('nameserver', '8.8.8.8', 'yes', 'ip address of a valid nameserver')
-        self.classify = 'passive'
-        self.info = {
-                     'Name': 'Hostname Resolver',
-                     'Author': 'Tim Tomes (@LaNMaSteR53)',
-                     'Description': 'Resolves IP addresses to hosts. This module updates the \'hosts\' table of the database with the results.',
-                     'Comments': [
-                                  'Note: Nameserver must be in IP form.']
-                     }
-
-    def do_run(self, params):
-        if not self.validate_options(): return
-        # === begin here ===
-        self.resolve_hosts()
-    
-    def resolve_hosts(self):
-        q = dns.resolver.get_default_resolver()
-        q.nameservers = [self.options['nameserver']['value']]
-        hosts = self.query('SELECT rowid, host FROM hosts ORDER BY host')
-        for host in hosts:
-            row = host[0]
-            host = host[1]
-            try:
-                answers = q.query(host)
-                address = answers[0].address
-            except KeyboardInterrupt:
-                print ''
-                return
-            except dns.resolver.NXDOMAIN: address = 'Unknown'
-            except dns.resolver.NoAnswer: address = 'No answer'
-            except dns.exception.SyntaxError:
-                self.error('Nameserver must be in IP form.')
-                return
-            except: address = 'Error'
-            self.output('%s => %s' % (host, address))
-            self.query('UPDATE hosts SET address="%s" WHERE rowid="%s"' % (address, row))

File modules/recon/hosts/enum/http/siteadvisor_summary.py

+import framework
+# unique to module
+import re
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
+        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'McAfee SiteAdvisor Lookup',
+                     'Author': 'Micah Hoffman (@WebBreacher)',
+                     'Description': 'Checks siteadvisor.com site for links and other information with domains.',
+                     'Comments': []
+                     }
+   
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.siteadv_summ()
+
+    def siteadv_summ(self):
+        verbose = self.options['verbose']['value']
+        domain = self.options['domain']['value']
+
+        url = 'http://www.siteadvisor.com/sites/%s' % (domain)
+        if verbose: self.output('URL being retrieved: %s' % url)
+        try: resp = self.request(url)
+        except KeyboardInterrupt:
+            print ''
+            return
+        except Exception as e:
+            self.error(e.__str__())
+            return
+
+        # Get the overall security results
+        
+        
+        # Get country of origin and number of users
+        country = re.search(r'img src="/images/countryflags.+p> (.+)</td', resp.text)
+        visitors = re.search(r'img src="/images/visitor.+p>(.+)</td', resp.text)
+        results = re.search(r'class="results">(.+)</p>', resp.text)
+        self.output('Country: %s' % (country.group(1)))
+        self.output('Visitors: %s' % (visitors.group(1)))
+        self.output(results.group(1))
+    
+        # Get the sites this domain's web site links to
+        sites = re.findall(r"area shape.+title='(.+)' onMouse", resp.text)
+        tdata = [] 
+        tdata.append(['Linked to...'])
+        for site in sorted(sites):
+            tdata.append([site])
+        self.table(tdata, True)

File modules/recon/hosts/enum/http/urlvoid.py

+import framework
+# unique to module
+import re
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
+        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'URLVoid Domain Lookup',
+                     'Author': 'Micah Hoffman (@WebBreacher)',
+                     'Description': 'Checks urlvoid.com site for information about the security of a domain.',
+                     'Comments': []
+                     }
+   
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.urlvoid()
+
+    def urlvoid(self):
+        verbose = self.options['verbose']['value']
+        domain = self.options['domain']['value']
+
+        url = 'http://www.urlvoid.com/scan/%s/' % (domain)
+        if verbose: self.output('URL being retrieved: %s' % url)
+        try: resp = self.request(url)
+        except KeyboardInterrupt:
+            print ''
+            return
+        except Exception as e:
+            self.error(e.__str__())
+            return
+
+        # Get the security results
+        av_engines = re.findall(r'<td>(.+)</td>\n.*images/(.+)\.png" alt=""', resp.text)
+        tdata = []
+        tdata.append(['Site', 'Status'])
+        for line in av_engines:
+            tdata.append([line[0], line[1]])
+        self.table(tdata, True)

File modules/recon/hosts/enum/http/xssed.py

+import framework
+# unique to module
+import re
+import textwrap
+import time
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
+        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'XSSed Host Lookup',
+                     'Author': 'Micah Hoffman (@WebBreacher)',
+                     'Description': 'Checks XSSed.com site for XSS records for given domain and displays first 20 hits.',
+                     'Comments': []
+                     }
+   
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.xssed()
+
+    def xssed(self):
+        verbose = self.options['verbose']['value']
+        domain = self.options['domain']['value']
+
+        url = 'http://xssed.com/search?key=%s' % (domain)
+        if verbose: self.output('URL for XSSED.com: %s' % url)
+        try: resp = self.request(url)
+        except KeyboardInterrupt:
+            print ''
+            return
+        except Exception as e:
+            self.error(e.__str__())
+            return
+        
+        content = resp.text
+
+        # Find if there are any results for the domain search
+        results = re.findall(r"Results for.*", content)
+       
+        if results:
+            rows = re.split('<br>', str(results))
+            print self.ruler*50
+            for row in rows:
+                finding = re.findall(r"mirror/([0-9]+)/.+blank\\'>(.+?)</a>", row)
+                if finding:
+                    # Go fetch and parse the specific page for this item
+                    urlDetail = 'http://xssed.com/mirror/%s/' % finding[0][0]
+                    try: respDetail = self.request(urlDetail)
+                    except KeyboardInterrupt:
+                        print ''
+                        return
+                    except Exception as e:
+                        self.error(e.__str__())
+                        continue
+                    
+                    # Parse the response and get the details
+                    details = []
+                    for line in respDetail.text.split('\n'):
+                        if "row3" in line:
+                            try: 
+                                a = re.search(r'">(.+)</th', line.strip())
+                                details.append(a.group(1))
+                            except: pass
+                    # Output the results in table format
+                    status = re.search(r';([UNFIXED]+)',details[2]).group(1)
+                    self.output('Mirror: %s' % (urlDetail))
+                    self.output(details[4])
+                    self.output(textwrap.fill(details[7], 100, initial_indent='', subsequent_indent=self.spacer*2))
+                    self.output(details[0])
+                    self.output(details[1])
+                    self.output(details[5])
+                    self.output('Status: %s' % (status))
+                    print self.ruler*50
+                    time.sleep(1) # results in 503 errors if not throttled
+        else:
+            self.output('No results found')

File modules/recon/hosts/gather/http/mcafee/mcafee_affil.py

+import framework
+# unique to module
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('host', 'www.google.com', 'yes', 'target host')
+        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'McAfee Domain Affiliation Lookup',
+                     'Author': 'Micah Hoffman (@WebBreacher)',
+                     'Description': 'Checks mcafee.com site for other domains affiliated with a domain.',
+                     'Comments': []
+                     }
+   
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.mcafee_affil()
+
+    def mcafee_affil(self):
+        verbose = self.options['verbose']['value']
+        host = self.options['host']['value']
+
+        url = 'http://www.mcafee.com/threat-intelligence/jsproxy/domain.ashx?q=affiliation&f=%s' % (host)
+        if verbose: self.output('URL being retrieved: %s' % url)
+        try: resp = self.request(url)
+        except KeyboardInterrupt:
+            print ''
+            return
+        except Exception as e:
+            self.error(e.__str__())
+            return
+
+        # Output the results in table format
+        tdata = [] 
+        tdata.append(['Domain/URL', 'Category', 'Links'])
+        for col in resp.json:
+            tdata.append([col['label'], col['hover'], str(col['link'])]) 
+        self.table(tdata, True)

File modules/recon/hosts/gather/http/mcafee/mcafee_dns.py

+import framework
+# unique to module
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
+        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
+        self.register_option('add_to_db', False, 'yes', 'add discovered hosts to the database.')
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'McAfee Domain DNS Lookup',
+                     'Author': 'Micah Hoffman (@WebBreacher)',
+                     'Description': 'Checks mcafee.com site for DNS information about a domain. This module can update the \'hosts\' table of the database with the results.',
+                     'Comments': []
+                     }
+   
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.mcafee_dns()
+
+    def mcafee_dns(self):
+        verbose = self.options['verbose']['value']
+        domain = self.options['domain']['value']
+        add_hosts = self.options['add_to_db']['value']
+
+        url = 'http://www.mcafee.com/threat-intelligence/jsproxy/domain.ashx?q=dns&f=%s' % (domain)
+        if verbose: self.output('URL being retrieved: %s' % url)
+        try: resp = self.request(url)
+        except KeyboardInterrupt:
+            print ''
+            return
+        except Exception as e:
+            self.error(e.__str__())
+            return
+
+        # Output the results in table format
+        tdata = [] 
+        tdata.append(['Domain', 'Hostname', 'IP', 'First Seen', 'Last Seen', 'Risk', 'Type'])
+        for col in resp.json['data']:
+            address = col['IP'] if col.has_key('IP') else ''
+            tdata.append([col['Domain'], col['Hostname'], address, col['First_Seen'], col['Last_Seen'],col['Risk'], col['Type']])
+            
+            # Add each host to the database
+            if add_hosts: self.add_host(col['Hostname'])
+            
+        # Print the table  
+        self.table(tdata, True)

File modules/recon/hosts/gather/http/mcafee/mcafee_mail.py

+import framework
+# unique to module
+
+class Module(framework.module):
+
+    def __init__(self, params):
+        framework.module.__init__(self, params)
+        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
+        self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
+        self.register_option('add_to_db', False, 'no', 'Add hosts discovered to the database.')
+        self.classify = 'passive'
+        self.info = {
+                     'Name': 'McAfee Mail Host Lookup',
+                     'Author': 'Micah Hoffman (@WebBreacher)',
+                     'Description': 'Checks mcafee.com site for mail servers for given domain. This module can update the \'hosts\' table of the database with the results.',
+                     'Comments': []
+                     }
+   
+    def do_run(self, params):
+        if not self.validate_options(): return
+        # === begin here ===
+        self.mcafee_mail()
+
+    def mcafee_mail(self):
+        verbose = self.options['verbose']['value']
+        domain = self.options['domain']['value']
+        add_hosts = self.options['add_to_db']['value']
+
+        url = 'http://www.mcafee.com/threat-intelligence/jsproxy/domain.ashx?q=mail&f=%s' % (domain)
+        if verbose: self.output('URL being retrieved: %s' % url)
+        try: resp = self.request(url)
+        except KeyboardInterrupt:
+            print ''
+            return
+        except Exception as e:
+            self.error(e.__str__())
+            return
+
+        # Output the results in table format
+        tdata = [] 
+        tdata.append(['Domain', 'MX_Data', 'IP_Address', 'Weight'])
+        for col in resp.json['data']:
+            tdata.append([col['Domain'], col['MX_Data'], col['IP_Address'], col['Weight']])
+            
+            # Add each host to the database
+            if add_hosts: self.add_host(col['MX_Data'])
+            
+        # Print the table            
+        self.table(tdata, True)