Sn1per Community Edition by @xer0dayz - https://xerosecurity.com

CHANGELOG.md

@@ -1,4 +1,5 @@
 ## CHANGELOG:
+* v7.4 - Fixed issue with webscreenshot.py not running
 * v7.4 - Added reverse whois DNS search via AMass
 * v7.4 - Disabled MassDNS/DNSGen/AltDNS in default configuration (Can be enabled in ~/.sniper.conf)
 * v7.4 - Disabled crt.sh sub-domain retrieval since service is disabled

install.sh

@@ -46,6 +46,7 @@ apt-get install -y python-pip
 apt-get remove -y python3-pip
 apt-get install -y python3-pip
 apt-get install -y xmlstarlet
+apt-get install -y chromium
 pip install dnspython colorama tldextract urllib3 ipaddress requests
 curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.8/install.sh | bash
 

modes/flyover.sh

@@ -70,7 +70,6 @@ if [ "$MODE" = "flyover" ]; then
         echo "$TARGET" >> $LOOT_DIR/web/webhosts-unsorted.txt 2> /dev/null
       fi
       cat $LOOT_DIR/nmap/dns-$TARGET.txt 2> /dev/null | egrep -i "wordpress|instapage|heroku|github|bitbucket|squarespace|fastly|feed|fresh|ghost|helpscout|helpjuice|instapage|pingdom|surveygizmo|teamwork|tictail|shopify|desk|teamwork|unbounce|helpjuice|helpscout|pingdom|tictail|campaign|monitor|cargocollective|statuspage|tumblr|amazon|hubspot|cloudfront|modulus|unbounce|uservoice|wpengine|cloudapp" 2>/dev/null | tee $LOOT_DIR/nmap/takeovers-$TARGET.txt 2>/dev/null & 2> /dev/null
-
       if [ $CUTYCAPT = "1" ]; then
         if [ ${DISTRO} == "blackarch"  ]; then
           /bin/CutyCapt --url=http://$TARGET:80 --out=$LOOT_DIR/screenshots/$TARGET-port80.jpg --insecure --max-wait=5000 2> /dev/null &
@@ -82,8 +81,8 @@ if [ "$MODE" = "flyover" ]; then
       fi
       if [ $WEBSCREENSHOT = "1" ]; then
         cd $LOOT_DIR
-        python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 http://$TARGET:80 2> /dev/null > /dev/null &
-        python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 https://$TARGET:443 2> /dev/null > /dev/null &
+        python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium http://$TARGET:80 2> /dev/null > /dev/null &
+        python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium https://$TARGET:443 2> /dev/null > /dev/null &
       fi
       echo "$TARGET" >> $LOOT_DIR/scans/updated.txt
       echo "$TARGET" >> $LOOT_DIR/domains/targets-all-presorted.txt

modes/normal.sh

@@ -440,7 +440,7 @@ else
   fi
   if [ $WEBSCREENSHOT = "1" ]; then
     cd $LOOT_DIR
-    python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 http://$TARGET:80
+    python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium http://$TARGET:80
   fi
   source $INSTALL_DIR/modes/normal_webporthttp.sh
   source $INSTALL_DIR/modes/osint_stage_2.sh
@@ -724,7 +724,7 @@ else
 
   if [ $WEBSCREENSHOT = "1" ]; then
     cd $LOOT_DIR
-    python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 https://$TARGET:443
+    python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium https://$TARGET:443
   fi
   source $INSTALL_DIR/modes/normal_webporthttps.sh
   source $INSTALL_DIR/modes/osint_stage_2.sh

modes/recon.sh

@@ -84,10 +84,10 @@ if [ "$RECON" = "1" ]; then
     echo -e "$OKRED RUNNING MASSDNS ON SUBDOMAINS $RESET"
     echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"
     sort -u $LOOT_DIR/domains/domains-$TARGET-presorted.txt $LOOT_DIR/domains/domains-$TARGET-dnsgen.txt $LOOT_DIR/domains/domains-$TARGET-altdns.txt 2> /dev/null > $LOOT_DIR/domains/domains-$TARGET-alldns.txt 2> /dev/null 
-    massdns -s 5000 -r /usr/share/sniper/plugins/massdns/lists/resolvers.txt $LOOT_DIR/domains/domains-$TARGET-alldns.txt -o S -t A -w $LOOT_DIR/domains/domains-$TARGET-massdns.txt
+    massdns -r /usr/share/sniper/plugins/massdns/lists/resolvers.txt $LOOT_DIR/domains/domains-$TARGET-alldns.txt -o S -t A -w $LOOT_DIR/domains/domains-$TARGET-massdns.txt
     awk -F ". " '{print $1}' $LOOT_DIR/domains/domains-$TARGET-massdns.txt | grep -v "*" | sort -u | tee $LOOT_DIR/domains/domains-$TARGET-massdns-sorted.txt
     cat $LOOT_DIR/domains/domains-$TARGET-massdns-sorted.txt 2> /dev/null >> $LOOT_DIR/domains/domains-$TARGET-presorted.txt 2> /dev/null
-    grep "IN CNAME" $LOOT_DIR/domains/domains-$TARGET-massdns.txt | awk '{print $3}' | grep -v "*" | sort -u | tee $LOOT_DIR/domains/domains-$TARGET-massdns-CNAME.txt
+    grep "CNAME" $LOOT_DIR/domains/domains-$TARGET-massdns.txt | awk '{print $3}' | grep -v "*" | sort -u | tee $LOOT_DIR/domains/domains-$TARGET-massdns-CNAME.txt
     grep "A " $LOOT_DIR/domains/domains-$TARGET-massdns.txt | awk '{print $3}' | grep -v "*" | sort -u | tee $LOOT_DIR/domains/domains-$TARGET-massdns-A-records.txt
     cat $LOOT_DIR/domains/domains-$TARGET-massdns-A-records.txt >> $LOOT_DIR/ips/ips-all-unsorted.txt 2> /dev/null
   fi

modes/stealth.sh

@@ -276,7 +276,7 @@ if [ "$MODE" = "stealth" ]; then
     fi
     if [ $WEBSCREENSHOT = "1" ]; then
       cd $LOOT_DIR
-      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 http://$TARGET:80
+      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium http://$TARGET:80
     fi
   fi
 
@@ -426,7 +426,7 @@ if [ "$MODE" = "stealth" ]; then
     fi
     if [ $WEBSCREENSHOT = "1" ]; then
       cd $LOOT_DIR
-      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 https://$TARGET:443
+      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium https://$TARGET:443
     fi
     echo -e "$OKRED[+]$RESET Screenshot saved to $LOOT_DIR/screenshots/$TARGET-port443.jpg"
   fi

modes/webporthttp.sh

@@ -138,7 +138,7 @@ if [ "$MODE" = "webporthttp" ]; then
     fi
     if [ $WEBSCREENSHOT = "1" ]; then
       cd $LOOT_DIR
-      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 http://$TARGET:$PORT
+      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium http://$TARGET:$PORT
     fi
     if [ "$BURP_SCAN" == "1" ]; then
         echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"

modes/webporthttps.sh

@@ -148,7 +148,7 @@ if [ "$MODE" = "webporthttps" ]; then
     fi
     if [ $WEBSCREENSHOT = "1" ]; then
       cd $LOOT_DIR
-      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 https://$TARGET:$PORT
+      python2 $INSTALL_DIR/bin/webscreenshot.py -t 5 -r chromium https://$TARGET:$PORT
     fi
     if [ "$BURP_SCAN" == "1" ]; then
         echo -e "${OKGREEN}====================================================================================${RESET}•x${OKGREEN}[`date +"%Y-%m-%d](%H:%M)"`${RESET}x•"