From 75cd3a77f63e870916ab3e7558a02f75afdf4f2d Mon Sep 17 00:00:00 2001 From: Kian Date: Tue, 10 Dec 2019 22:45:54 -0800 Subject: [PATCH 1/8] Added a notify option to the Track command --- cmd/amass/track.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cmd/amass/track.go b/cmd/amass/track.go index cc7581069..5a6a8a062 100644 --- a/cmd/amass/track.go +++ b/cmd/amass/track.go @@ -29,6 +29,7 @@ type trackArgs struct { Since string Options struct { History bool + Notify bool } Filepaths struct { ConfigFile string @@ -53,6 +54,7 @@ func runTrackCommand(clArgs []string) { trackCommand.IntVar(&args.Last, "last", 0, "The number of recent enumerations to include in the tracking") trackCommand.StringVar(&args.Since, "since", "", "Exclude all enumerations before (format: "+timeFormat+")") trackCommand.BoolVar(&args.Options.History, "history", false, "Show the difference between all enumeration pairs") + trackCommand.BoolVar(&args.Options.Notify, "notify", false, "Receive a report showing the difference between the two enumerations") trackCommand.StringVar(&args.Filepaths.ConfigFile, "config", "", "Path to the INI configuration file. Additional details below") trackCommand.StringVar(&args.Filepaths.Directory, "dir", "", "Path to the directory containing the graph database") trackCommand.StringVar(&args.Filepaths.Domains, "df", "", "Path to a file providing root domain names") From 380b0a22fbfaa7025df74d925dbc26363e57cbe0 Mon Sep 17 00:00:00 2001 From: Kian Date: Wed, 11 Dec 2019 21:34:30 -0800 Subject: [PATCH 2/8] Added a gmail notification feature to the track cmd --- cmd/amass/track.go | 21 +++++++++++++++++++++ net/smtp/smtp.go | 30 ++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+) create mode 100644 net/smtp/smtp.go diff --git a/cmd/amass/track.go b/cmd/amass/track.go index 5a6a8a062..e8bf00bb1 100644 --- a/cmd/amass/track.go +++ b/cmd/amass/track.go @@ -15,6 +15,7 @@ import ( "github.com/OWASP/Amass/v3/graph" "github.com/OWASP/Amass/v3/requests" "github.com/OWASP/Amass/v3/stringset" + "github.com/OWASP/Amass/v3/net/smtp" "github.com/fatih/color" ) @@ -169,6 +170,17 @@ func runTrackCommand(clArgs []string) { return } cumulativeOutput(args.Domains.Slice(), enums, earliest, latest, db) + + if args.Options.Notify { + apikeys := cfg.GetAPIKey("notification_settings") + sendNotification(args.Domains.Slice(),apikeys.Username, apikeys.Key) + return + } +} + +func sendNotification(domain []string, username string, password string) { + smtp.SendReport(domain[0], username, password) + fmt.Fprintf(color.Output, "%s", green("Sent an email notification")) } func cumulativeOutput(domains []string, enums []string, ea, la []time.Time, db *graph.Graph) { @@ -240,6 +252,15 @@ func blueLine() { fmt.Println() } +func Line() string { + var line string + for i := 0; i < 8; i++ { + line = line + "----------" + } + line = line + "\n" + return line +} + func diffEnumOutput(out1, out2 []*requests.Output) []string { omap1 := make(map[string]*requests.Output) omap2 := make(map[string]*requests.Output) diff --git a/net/smtp/smtp.go b/net/smtp/smtp.go new file mode 100644 index 000000000..85451c690 --- /dev/null +++ b/net/smtp/smtp.go @@ -0,0 +1,30 @@ +package smtp + +import ( + "log" + "net/smtp" +) + +const ( + SmtpServer = "smtp.gmail.com:587" +) + +func SendReport(domain string, to string, pass string) { + + from := "test243565@gmail.com" + body := "test" + + msg := "From: " + from + "\n" + + "To: " + to + "\n" + + "Subject: Amass report: New subdomains found for " + domain + "\n\n" + + body + + err := smtp.SendMail(SmtpServer, + smtp.PlainAuth("", from, pass, "smtp.gmail.com"), + from, []string{to}, []byte(msg)) + + if err != nil { + log.Printf("smtp error: %s", err) + return + } +} \ No newline at end of file From 6201c67525e22d89beff82e69ca1b362fe7b6709 Mon Sep 17 00:00:00 2001 From: Kian Date: Wed, 11 Dec 2019 22:23:07 -0800 Subject: [PATCH 3/8] Added a new color to printf in Red --- cmd/amass/main.go | 1 + 1 file changed, 1 insertion(+) diff --git a/cmd/amass/main.go b/cmd/amass/main.go index 2b3dc4fcc..2934f2a72 100644 --- a/cmd/amass/main.go +++ b/cmd/amass/main.go @@ -34,6 +34,7 @@ var ( yellow = color.New(color.FgHiYellow).SprintFunc() green = color.New(color.FgHiGreen).SprintFunc() blue = color.New(color.FgHiBlue).SprintFunc() + red = color.New(color.FgHiRed).SprintFunc() ) func commandUsage(msg string, cmdFlagSet *flag.FlagSet, errBuf *bytes.Buffer) { From 5e625ba9cf78c4cf224c8cd1d4459b22631864d1 Mon Sep 17 00:00:00 2001 From: Kian Date: Wed, 11 Dec 2019 22:25:43 -0800 Subject: [PATCH 4/8] Added some logs to the Notification feature of the track cmd --- cmd/amass/track.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cmd/amass/track.go b/cmd/amass/track.go index e8bf00bb1..dd96607d2 100644 --- a/cmd/amass/track.go +++ b/cmd/amass/track.go @@ -179,7 +179,12 @@ func runTrackCommand(clArgs []string) { } func sendNotification(domain []string, username string, password string) { - smtp.SendReport(domain[0], username, password) + err := smtp.SendReport(domain[0], username, password) + if err != nil { + fmt.Fprintf(color.Output, "%s", red("Could not send an email notification")) + return + } + fmt.Fprintf(color.Output, "%s", green("Sent an email notification")) } From 32d11a73b43705df9b4b2b1431acb6e21bbd8290 Mon Sep 17 00:00:00 2001 From: Kian Date: Thu, 12 Dec 2019 01:41:15 -0800 Subject: [PATCH 5/8] Update the email content sent by the track command --- cmd/amass/track.go | 14 +++++++++----- net/smtp/smtp.go | 34 +++++++++++++++++++++++++++------- 2 files changed, 36 insertions(+), 12 deletions(-) diff --git a/cmd/amass/track.go b/cmd/amass/track.go index dd96607d2..0965bf0a8 100644 --- a/cmd/amass/track.go +++ b/cmd/amass/track.go @@ -39,7 +39,9 @@ type trackArgs struct { } } + func runTrackCommand(clArgs []string) { + var newReport = smtp.NewReport(stringset.New(), make([]string,0),true) var args trackArgs var help1, help2 bool trackCommand := flag.NewFlagSet("track", flag.ContinueOnError) @@ -169,17 +171,17 @@ func runTrackCommand(clArgs []string) { completeHistoryOutput(args.Domains.Slice(), enums, earliest, latest, db) return } - cumulativeOutput(args.Domains.Slice(), enums, earliest, latest, db) + cumulativeOutput(args.Domains.Slice(), enums, earliest, latest, db, newReport) if args.Options.Notify { apikeys := cfg.GetAPIKey("notification_settings") - sendNotification(args.Domains.Slice(),apikeys.Username, apikeys.Key) + sendNotification(args.Domains.Slice(),apikeys.Username, apikeys.Key, newReport) return } } -func sendNotification(domain []string, username string, password string) { - err := smtp.SendReport(domain[0], username, password) +func sendNotification(domain []string, username string, password string, newReport *smtp.Report) { + err := smtp.SendReport(domain[0], username, password, newReport) if err != nil { fmt.Fprintf(color.Output, "%s", red("Could not send an email notification")) return @@ -188,7 +190,7 @@ func sendNotification(domain []string, username string, password string) { fmt.Fprintf(color.Output, "%s", green("Sent an email notification")) } -func cumulativeOutput(domains []string, enums []string, ea, la []time.Time, db *graph.Graph) { +func cumulativeOutput(domains []string, enums []string, ea, la []time.Time, db *graph.Graph, newReport *smtp.Report) { idx := len(enums) - 1 filter := stringset.NewStringFilter() @@ -197,6 +199,7 @@ func cumulativeOutput(domains []string, enums []string, ea, la []time.Time, db * for _, out := range getUniqueDBOutput(enums[i], domains, db) { if domainNameInScope(out.Name, domains) && !filter.Duplicate(out.Name) { cum = append(cum, out) + newReport.Found = append(newReport.Found,out.Name) } } } @@ -214,6 +217,7 @@ func cumulativeOutput(domains []string, enums []string, ea, la []time.Time, db * fmt.Fprintln(color.Output, d) } if !updates { + newReport.New = false g.Println("No differences discovered") } } diff --git a/net/smtp/smtp.go b/net/smtp/smtp.go index 85451c690..cf2ed582a 100644 --- a/net/smtp/smtp.go +++ b/net/smtp/smtp.go @@ -3,28 +3,48 @@ package smtp import ( "log" "net/smtp" + "errors" + "github.com/OWASP/Amass/v3/stringset" ) const ( SmtpServer = "smtp.gmail.com:587" + From = "amasstest1234@gmail.com" + Subject = "Amass report" ) -func SendReport(domain string, to string, pass string) { +type Report struct { + Domains stringset.Set + Found []string + New bool +} + +func NewReport(domains stringset.Set, found []string, new bool) *Report { + r := &Report{Domains: domains, Found: found, New: new} + return r +} + +func SendReport(domain string, to string, pass string, newReport *Report) (error) { - from := "test243565@gmail.com" body := "test" - msg := "From: " + from + "\n" + + if !newReport.New { + body = "No new domain was found." + } + + msg := "From: " + From + "\n" + "To: " + to + "\n" + - "Subject: Amass report: New subdomains found for " + domain + "\n\n" + + "Subject: " + Subject + "\n\n" + body err := smtp.SendMail(SmtpServer, - smtp.PlainAuth("", from, pass, "smtp.gmail.com"), - from, []string{to}, []byte(msg)) + smtp.PlainAuth("", From, pass, "smtp.gmail.com"), + From, []string{to}, []byte(msg)) if err != nil { log.Printf("smtp error: %s", err) - return + return errors.New("Could not send the email") } + + return nil } \ No newline at end of file From 4fb65c76b24c308a3823fe08e6363c33ea231c95 Mon Sep 17 00:00:00 2001 From: Kian Date: Thu, 12 Dec 2019 02:32:55 -0800 Subject: [PATCH 6/8] Added all the new domains to the email body --- cmd/amass/track.go | 8 +++++++- net/smtp/smtp.go | 24 ++++++++++++++++++++---- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/cmd/amass/track.go b/cmd/amass/track.go index 0965bf0a8..4acef752a 100644 --- a/cmd/amass/track.go +++ b/cmd/amass/track.go @@ -41,7 +41,7 @@ type trackArgs struct { func runTrackCommand(clArgs []string) { - var newReport = smtp.NewReport(stringset.New(), make([]string,0),true) + var newReport = smtp.NewReport(true) var args trackArgs var help1, help2 bool trackCommand := flag.NewFlagSet("track", flag.ContinueOnError) @@ -62,6 +62,8 @@ func runTrackCommand(clArgs []string) { trackCommand.StringVar(&args.Filepaths.Directory, "dir", "", "Path to the directory containing the graph database") trackCommand.StringVar(&args.Filepaths.Domains, "df", "", "Path to a file providing root domain names") + newReport.Domains = args.Domains + if len(clArgs) < 1 { commandUsage(trackUsageMsg, trackCommand, trackBuf) return @@ -210,6 +212,10 @@ func cumulativeOutput(domains []string, enums []string, ea, la []time.Time, db * blue("and"), yellow(ea[idx].Format(timeFormat)), blue(" -> "), yellow(la[idx].Format(timeFormat))) blueLine() + newReport.FromEnumeration = append(newReport.FromEnumeration,ea[0],la[0]) + newReport.ToEnumeration = append(newReport.ToEnumeration,ea[idx],la[idx]) + + var updates bool out := getUniqueDBOutput(enums[idx], domains, db) for _, d := range diffEnumOutput(cum, out) { diff --git a/net/smtp/smtp.go b/net/smtp/smtp.go index cf2ed582a..965979931 100644 --- a/net/smtp/smtp.go +++ b/net/smtp/smtp.go @@ -5,32 +5,48 @@ import ( "net/smtp" "errors" "github.com/OWASP/Amass/v3/stringset" + "time" + "strings" ) const ( SmtpServer = "smtp.gmail.com:587" From = "amasstest1234@gmail.com" Subject = "Amass report" + timeFormat = "01/02 15:04:05 2006 MST" ) type Report struct { Domains stringset.Set Found []string New bool + FromEnumeration []time.Time + ToEnumeration []time.Time } -func NewReport(domains stringset.Set, found []string, new bool) *Report { - r := &Report{Domains: domains, Found: found, New: new} +func NewReport(new bool) *Report { + r := &Report{New: new} return r } func SendReport(domain string, to string, pass string, newReport *Report) (error) { - - body := "test" + var wordDomain string + var body string if !newReport.New { body = "No new domain was found." + } else { + if len(newReport.Domains.Slice()) == 1 { + wordDomain = "domain " + } else { + wordDomain = "domains " + } + body = "Tracking the " + wordDomain + strings.Join(newReport.Domains.Slice(),",") + "\n\n" + + "Between " + newReport.FromEnumeration[0].Format(timeFormat) + " -> " + newReport.FromEnumeration[1].Format(timeFormat) + "\n" + + "and " + newReport.ToEnumeration[0].Format(timeFormat) + " -> " + newReport.ToEnumeration[1].Format(timeFormat) + "\n\n" + + "Found: " + strings.Join(newReport.Found,"\nFound:") } + msg := "From: " + From + "\n" + "To: " + to + "\n" + From e215c068896c9b2791113930209c8c3900bfa2d7 Mon Sep 17 00:00:00 2001 From: Kian Date: Mon, 27 Jan 2020 00:46:33 -0800 Subject: [PATCH 7/8] Update: Formatting --- cmd/amass/track.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/amass/track.go b/cmd/amass/track.go index 4acef752a..0bc2f839a 100644 --- a/cmd/amass/track.go +++ b/cmd/amass/track.go @@ -189,7 +189,7 @@ func sendNotification(domain []string, username string, password string, newRepo return } - fmt.Fprintf(color.Output, "%s", green("Sent an email notification")) + fmt.Fprintf(color.Output, "%s", green("Sent an email notification\n")) } func cumulativeOutput(domains []string, enums []string, ea, la []time.Time, db *graph.Graph, newReport *smtp.Report) { From 3ed2e1df78fc9c2a1edf035f13e5baa0bd234119 Mon Sep 17 00:00:00 2001 From: Kian Date: Mon, 27 Jan 2020 01:43:06 -0800 Subject: [PATCH 8/8] Removed the unused Line function --- cmd/amass/track.go | 9 --------- 1 file changed, 9 deletions(-) diff --git a/cmd/amass/track.go b/cmd/amass/track.go index 0bc2f839a..496186bb7 100644 --- a/cmd/amass/track.go +++ b/cmd/amass/track.go @@ -267,15 +267,6 @@ func blueLine() { fmt.Println() } -func Line() string { - var line string - for i := 0; i < 8; i++ { - line = line + "----------" - } - line = line + "\n" - return line -} - func diffEnumOutput(out1, out2 []*requests.Output) []string { omap1 := make(map[string]*requests.Output) omap2 := make(map[string]*requests.Output)