private static async Task SourceSender(WitnessedServer obj)
{
//Cancel after 10s
//This cancellation time isn't as important as the screenshot one so we can hard code it
var cts = new CancellationTokenSource(10000);
cts.CancelAfter(10000);
try
{
await _Sourcepool.WaitAsync(10000);
Console.WriteLine("Grabbing source of: " + obj.remoteSystem);
await obj.SourcerAsync(cts.Token);
obj.CheckCreds(categoryDict, signatureDict);
_Sourcepool.Release();
}
catch (OperationCanceledException)
{
Console.WriteLine("[-] Thread aborted while grabbing source for: " + obj.remoteSystem);
}
catch (SemaphoreFullException)
{
//return;
}
}
public string Reporter(WitnessedServer incomingServer)
{
string tempHtmlOutput = "";
tempHtmlOutput += "<td><div style=\"display: inline-block; width: 300px; word-wrap: break-word\">";
tempHtmlOutput += "<a href=\"" + incomingServer.remoteSystem + "\" target=\"_blank\">" + incomingServer.remoteSystem + "</a>\n<br><br>";
tempHtmlOutput += "<br><b>Page Title: </b>" + incomingServer.webpageTitle + "<br>\n\n";
tempHtmlOutput += "<br><b>Headers: </b>\n\n";
// Split the header string into lines and make the variable bold
foreach (string line in incomingServer.headers.Split(new[] { Environment.NewLine }, StringSplitOptions.None))
{
if (line.Contains(":"))
{
string[] element = line.Split(new[] { ':' }, 2, StringSplitOptions.None);
//Escape any bad chars passed as a header
tempHtmlOutput += "<br> <b>" + SecurityElement.Escape(element[0]) + "</b>: " + SecurityElement.Escape(element[1]);
}
}
if (incomingServer.defaultCreds != null)
{
tempHtmlOutput += "<br>" + incomingServer.defaultCreds;
}
tempHtmlOutput += "<br><br> <a href=\"src\\" + incomingServer.urlSaveName + ".txt\" ";
tempHtmlOutput += "target=\"_blank\">Source Code</a></div></td><br>\n";
tempHtmlOutput += "<td><div id=\"screenshot\"><a href=\"images\\" + incomingServer.urlSaveName + ".bmp\" ";
tempHtmlOutput += "target=\"_blank\"><img src=\"images\\" + incomingServer.urlSaveName + ".bmp\" ";
tempHtmlOutput += "height=\"400\"></a></div></td></tr><tr>\n\n";
return(tempHtmlOutput);
}
private static async Task ScreenshotSender(WitnessedServer obj, int timeDelay)
{
//Cancel after 30s
var cts = new CancellationTokenSource(timeDelay);
cts.CancelAfter(timeDelay);
try
{
//Keep it syncronous for this slow version
//Allow the thread to exit somewhat cleanly before exiting the semaphore
_pool.WaitOne(40000);
Console.WriteLine("Grabbing screenshot for: " + obj.remoteSystem);
var task = await obj.RunWithTimeoutCancellation(cts.Token);
_pool.Release();
}
catch (OperationCanceledException)
{
Console.WriteLine("[-] Thread aborted while grabbing screenshot for: " + obj.remoteSystem);
}
catch (SemaphoreFullException)
{
//return;
}
}
public string CategorizeInitial(string category, WitnessedServer incomingServer)
{
string tempHTMLOutput = "";
if (incomingServer.systemCategory != null)
{
tempHTMLOutput += "<table><div align=\"left\"><tr><th><h2>" + category + "</h2></tr></th></div>";
tempHTMLOutput += "<table border=\"1\">";
tempHTMLOutput += @"
<tr>
<th>Web Request Info</th>
<th>Web Screenshot</th></tr>
<tr>";
}
return(tempHTMLOutput);
}
private static async Task ScreenshotSender(WitnessedServer obj, int timeDelay)
{
try
{
//Keep it syncronous for this slow version
//Allow the thread to exit somewhat cleanly before exiting the semaphore
Pool.WaitOne();
Console.WriteLine("Grabbing screenshot for: " + obj.remoteSystem);
WebsiteSnapshot websiteSnapshot = new WebsiteSnapshot(obj.remoteSystem);
try
{
using (Bitmap bitMap = websiteSnapshot.GenerateWebSiteImage(timeDelay))
{
bitMap?.Save(obj.imgPath);
}
}
catch (AccessViolationException e)
{
Console.WriteLine(e);
throw;
}
}
catch (OperationCanceledException e)
{
Console.WriteLine($"[-] Thread aborted while grabbing screenshot for: {obj.remoteSystem} - {e.Message}");
}
catch (SemaphoreFullException)
{
//return;
}
finally
{
Pool?.Release();
}
}
static void Main(string[] args)
{
Console.WriteLine("[+] Firing up EyeWitness...\n");
string[] allUrls = null;
List <string> faveUrls = null;
int delay = 30000;
var watch = new System.Diagnostics.Stopwatch();
watch.Start();
//Parse arguments passed
var parser = new Parser(with =>
{
with.CaseInsensitiveEnumValues = true;
with.CaseSensitive = false;
with.HelpWriter = null;
});
var parserResult = parser.ParseArguments <Options>(args);
parserResult.WithParsed <Options>(o =>
{
if (o.Delay != 30)
{
Console.WriteLine("[+] Using a custom timeout of " + o.Delay + " seconds per URL thread");
delay = o.Delay * 1000;
}
else
{
Console.WriteLine("[+] Using the default timeout of 30 seconds per URL thread");
}
if (o.Compress)
{
Console.WriteLine("[+] Compressing files afterwards\n");
}
if (o.Favorites)
{
// Parse faves
Console.WriteLine("[+] Searching and parsing favorites for IE/Chrome...Skipping FireFox for now");
faveUrls = FavoritesParser();
}
if (o.Favorites == true && o.File == null)
{
Console.WriteLine("[+] No input file, only using parsed favorites (if any)");
try
{
allUrls = faveUrls.ToArray();
}
catch (NullReferenceException)
{
Console.WriteLine("[-] No favorites or bookmarks found, please try specifying a URL file instead");
System.Environment.Exit(1);
}
}
if (o.File != null)
{
try
{
if (o.Favorites)
{
Console.WriteLine("[+] Combining parsed favorites and input file and using that array...");
//Combine favorites array and input URLs
string[] allUrlsTemp = System.IO.File.ReadAllLines(o.File);
string[] faveUrlsArray = faveUrls.ToArray();
allUrls = allUrlsTemp.Concat(faveUrlsArray).ToArray();
}
else
{
Console.WriteLine("[+] Using input text file");
allUrls = System.IO.File.ReadAllLines(o.File);
}
}
catch (FileNotFoundException)
{
Console.WriteLine("[-] ERROR: The file containing the URLS to scan does not exist!");
Console.WriteLine("[-] ERROR: Please make sure you've provided the correct filepath and try again.");
System.Environment.Exit(1);
}
}
Options.Instance = o;
})
.WithNotParsed(errs => DisplayHelp(parserResult, errs));
DirMaker();
DictMaker();
var options = Options.Instance;
Console.WriteLine("\n");
// Check for favorites flag and if so add the URLs to the list
// build an array containing all the web server objects
WitnessedServer[] serverArray = new WitnessedServer[allUrls.Length];
//WitnessedServer.SetFeatureBrowserEmulation(); // enable HTML5
List <Task> SourceTaskList = new List <Task>();
List <Task> ScreenshotTaskList = new List <Task>();
int arrayPosition = 0;
foreach (var url in allUrls)
{
WitnessedServer singleSite = new WitnessedServer(url);
serverArray[arrayPosition] = singleSite;
arrayPosition++;
SourceTaskList.Add(Task.Run(async() =>
{
try
{
await SourceSender(singleSite);
}
finally
{
_Sourcepool.Release();
}
}));
}
Task.WaitAll(SourceTaskList.ToArray());
CategoryCounter(serverArray, categoryDict); //Get a list of how many of each category there are
Writer(serverArray, allUrls); //Write the reportz
foreach (var entry in serverArray)
{
// Grab screenshots separately
try
{
ScreenshotTaskList.Add(ScreenshotSender(entry, delay));
}
catch
{
Console.WriteLine("Error starting runwithouttimeout on url: " + entry.remoteSystem);
}
}
Thread.Sleep(1000);
Task.WaitAll(ScreenshotTaskList.ToArray());
Thread.Sleep(1000);
watch.Stop();
Console.WriteLine("Execution time: " + watch.ElapsedMilliseconds / 1000 + " Seconds");
if (options.Compress)
{
Console.WriteLine("Compressing output directory...");
try
{
string ZipFileName = witnessDir + ".zip";
ZipFile.CreateFromDirectory(witnessDir, ZipFileName, CompressionLevel.Optimal, false);
Directory.Delete(witnessDir, true);
}
catch (Exception ex)
{
Console.WriteLine("[-] Error zipping file");
Console.WriteLine(ex);
}
}
Console.WriteLine("Finished! Exiting shortly...");
Thread.Sleep(5000);
return;
}
static void Main(string[] args)
{
Console.WriteLine("[+] Firing up EyeWitness...");
DirMaker();
DictMaker();
string[] allUrls = null;
int delay = 30000;
var watch = new System.Diagnostics.Stopwatch();
watch.Start();
// Read in URLs
//Account for 2 arguments - the first is the file of URLs the second is the timeout
if (args.Length == 2)
{
try
{
allUrls = System.IO.File.ReadAllLines(args[0]);
delay = Int32.Parse(args[1]);
}
catch (FileNotFoundException)
{
Console.WriteLine("\n[*] ERROR: The file containing the URLS to scan does not exist!");
Console.WriteLine("[*] ERROR: Please make sure you've provided the correct filepath and try again.");
return;
}
catch
{
Console.WriteLine("Invalid int for timeout, using the default of 30 seconds");
delay = 30000; //Set the delay to default to 10s
}
}
else if (args.Length == 1)
{
try
{
allUrls = System.IO.File.ReadAllLines(args[0]);
Console.WriteLine("Using the default timeout of 10 seconds");
}
catch (Exception e)
{
Console.WriteLine("Error when running. Error thrown: \n" + e);
}
}
else
{
Console.WriteLine("\n[*] ERROR: Please specify a URL file to use\n");
Console.WriteLine("\n\n[++] Usage: EyeWitness.exe c:\\Path\\To\\URLs.txt [Timeout] (ex. 10000 = 10 seconds)");
Console.WriteLine("[++] EyeWitness.exe c:\\users\\test\\urls.txt");
Console.WriteLine("[++] EyeWitness.exe c:\\users\\test\\urls.txt 20000");
System.Environment.Exit(1);
}
// build an array containing all the web server objects
WitnessedServer[] serverArray = new WitnessedServer[allUrls.Length];
// Build an array containing the objects so we can easily loop over them
Console.WriteLine("[+] Using a delay of: " + delay + " (in milliseconds)");
//WitnessedServer.SetFeatureBrowserEmulation(); // enable HTML5
List <Task> SourceTaskList = new List <Task>();
List <Task> ScreenshotTaskList = new List <Task>();
int arrayPosition = 0;
foreach (var url in allUrls)
{
WitnessedServer singleSite = new WitnessedServer(url);
serverArray[arrayPosition] = singleSite;
arrayPosition++;
SourceTaskList.Add(Task.Run(async() =>
{
try
{
await SourceSender(singleSite);
}
finally
{
_Sourcepool.Release();
}
}));
}
Task.WaitAll(SourceTaskList.ToArray());
CategoryCounter(serverArray, categoryDict); //Get a list of how many of each category there are
Writer(serverArray, allUrls); //Write the reportz
foreach (var entry in serverArray)
{
// Grab screenshots separately
try
{
ScreenshotTaskList.Add(ScreenshotSender(entry, delay));
}
catch
{
Console.WriteLine("Error starting runwithouttimeout on url: " + entry.remoteSystem);
}
}
Thread.Sleep(1000);
Task.WaitAll(ScreenshotTaskList.ToArray());
Thread.Sleep(1000);
watch.Stop();
Console.WriteLine("Execution time: " + watch.ElapsedMilliseconds / 1000 + " Seconds");
Console.WriteLine("Finished! Exiting shortly...");
Thread.Sleep(5000);
return;
}
