Tuesday, June 25, 2019

How to use Sniper

welcome to Hacking A Rise i am the laughing man wit another tutorial this time on sniper automated scanner

What is sniper

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information ,
go to find out more

FEATURES

  • ## SN1PER COMMUNITY FEATURES:
    – [x] Automatically collects basic recon (ie. whois, ping, DNS, etc.)
    – [x] Automatically launches Google hacking queries against a target domain
    – [x] Automatically enumerates open ports via NMap port scanning
    – [x] Automatically brute forces sub-domains, gathers DNS info and checks for zone transfers
    – [x] Automatically checks for sub-domain hijacking
    – [x] Automatically runs targeted NMap scripts against open ports
    – [x] Automatically runs targeted Metasploit scan and exploit modules
    – [x] Automatically scans all web applications for common vulnerabilities
    – [x] Automatically brute forces ALL open services
    – [x] Automatically test for anonymous FTP access
    – [x] Automatically runs WPScan, Arachni and Nikto for all web services
    – [x] Automatically enumerates NFS shares
    – [x] Automatically test for anonymous LDAP access
    – [x] Automatically enumerate SSL/TLS ciphers, protocols and vulnerabilities
    – [x] Automatically enumerate SNMP community strings, services and users
    – [x] Automatically list SMB users and shares, check for NULL sessions and exploit MS08-067
    – [x] Automatically exploit vulnerable JBoss, Java RMI and Tomcat servers
    – [x] Automatically tests for open X11 servers
    – [x] Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
    – [x] Performs high level enumeration of multiple hosts and subnets
    – [x] Automatically integrates with Metasploit Pro, MSFConsole and Zenmap for reporting
    – [x] Automatically gathers screenshots of all web sites
    – [x] Create individual workspaces to store all scan output

  • ## EXPLOITS:
    – [x] Drupal RESTful Web Services unserialize() SA-CORE-2019-003
    – [x] Apache Struts: S2-057 (CVE-2018-11776): Security updates available for Apache Struts
    – [x] Drupal: CVE-2018-7600: Remote Code Execution – SA-CORE-2018-002
    – [x] GPON Routers – Authentication Bypass / Command Injection CVE-2018-10561
    – [x] MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
    – [x] Apache Tomcat: Remote Code Execution (CVE-2017-12617)
    – [x] Oracle WebLogic wls-wsat Component Deserialization Remote Code Execution CVE-2017-10271
    – [x] Apache Struts Content-Type arbitrary command execution (CVE-2017-5638)
    – [x] Apache Struts 2 Framework Checks – REST plugin with XStream handler (CVE-2017-9805)
    – [x] Apache Struts Content-Type arbitrary command execution (CVE-2017-5638)
    – [x] Microsoft IIS WebDav ScStoragePathFromUrl Overflow CVE-2017-7269
    – [x] ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Vulnerability CVE-2015-8249
    – [x] Shellshock Bash Shell remote code execution CVE-2014-6271
    – [x] HeartBleed OpenSSL Detection CVE-2014-0160
    – [x] MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
    – [x] Tomcat Application Manager Default Ovwebusr Password Vulnerability CVE-2009-3843
    – [x] MS08-067 Microsoft Server Service Relative Path Stack Corruption
    – [x] Webmin File Disclosure CVE-2006-3392
    – [x] VsFTPd 2.3.4 Backdoor
    – [x] ProFTPd 1.3.3C Backdoor
    – [x] MS03-026 Microsoft RPC DCOM Interface Overflow
    – [x] DistCC Daemon Command Execution
    – [x] JBoss Java De-Serialization
    – [x] HTTP Writable Path PUT/DELETE File Access
    – [x] Apache Tomcat User Enumeration
    – [x] Tomcat Application Manager Login Bruteforce
    – [x] Jenkins-CI Enumeration
    – [x] HTTP WebDAV Scanner
    – [x] Android Insecure ADB
    – [x] Anonymous FTP Access
    – [x] PHPMyAdmin Backdoor
    – [x] PHPMyAdmin Auth Bypass
    – [x] OpenSSH User Enumeration
    – [x] LibSSH Auth Bypass
    – [x] SMTP User Enumeration
    – [x] Public NFS Mounts

    • How to install Sniper

    right lads open terminal and type
    git clone https://github.com/1N3/Sn1per.git
    Hacking A Rise sniperclone-300x153

    now type cd Sn1per
    Hacking A Rise cdsniperinstall-300x74

    now you wanna gave the install.sh promissions to run in the system so type chmod +x install.sh this ./install.sh
    Hacking A Rise installsinper1-300x128
    (Press Enter )
    Hacking A Rise install2sniper-300x198
    (let it finish )

    How to use Sniper

    right since you mead it this far ya didnt brake the pc/laptop hahaha no we cd back to home before and type sniper --help
    Hacking A Rise helpsniper-278x300

    now lets try a normal scan type sniper -t url
    Hacking A Rise normalscan-91x300

    okiedokie lets try a osint scan type sniper -t -o
    Hacking A Rise osintscansniper-176x300

    ok now a recon scan type sniper -t -re
    Hacking A Rise reconscan-195x300
    Hacking A Rise reconscan2-164x300

    now we are going to try a osint and recon scan on hacking a rise site type sniper -t -o -re
    Hacking A Rise osintreconscan-223x300

    right lads the last one i am going to show ye is the brute in sniper so type sniper -t -b
    Hacking A Rise brutesniper-107x300
    And the recon osint with brute
    Hacking A Rise osintreconbrute-220x300

    heres the rest the commands lads
    [*] NORMAL MODE
    sniper -t|–target

    [*] NORMAL MODE + OSINT + RECON + FULL PORT SCAN + BRUTE FORCE
    sniper -t|–target -o|–osint -re|–recon -fp|–fullportonly -b|–bruteforce

    [*] STEALTH MODE + OSINT + RECON
    sniper -t|–target -m|–mode stealth -o|–osint -re|–recon

    [*] DISCOVER MODE
    sniper -t|–target -m|–mode discover -w|–workspace

    [*] FLYOVER MODE
    sniper -t|–target -m|–mode flyover -w|–workspace

    [*] AIRSTRIKE MODE
    sniper -f|–file /full/path/to/targets.txt -m|–mode airstrike

    [*] NUKE MODE WITH TARGET LIST, BRUTEFORCE ENABLED, FULLPORTSCAN ENABLED, OSINT ENABLED, RECON ENABLED, WORKSPACE & LOOT ENABLED
    sniper -f–file /full/path/to/targets.txt -m|–mode nuke -w|–workspace

    [*] SCAN ONLY SPECIFIC PORT
    sniper -t|–target -m port -p|–port

    [*] FULLPORTONLY SCAN MODE
    sniper -t|–target -fp|–fullportonly

    [*] PORT SCAN MODE
    sniper -t|–target -m|–mode port -p|–port

    [*] WEB MODE – PORT 80 + 443 ONLY!
    sniper -t|–target -m|–mode web

    [*] HTTP WEB PORT HTTP MODE
    sniper -t|–target -m|–mode webporthttp -p|–port

    [*] HTTPS WEB PORT HTTPS MODE
    sniper -t|–target -m|–mode webporthttps -p|–port

    [*] WEBSCAN MODE
    sniper -t|–target -m|–mode webscan

    [*] ENABLE BRUTEFORCE
    sniper -t|–target -b|–bruteforce

    [*] ENABLE LOOT IMPORTING INTO METASPLOIT
    sniper -t|–target

    [*] LOOT REIMPORT FUNCTION
    sniper -w –reimport

    [*] LOOT REIMPORTALL FUNCTION
    sniper -w –reimportall

    [*] DELETE WORKSPACE
    sniper -w -d

    [*] DELETE HOST FROM WORKSPACE
    sniper -w -t -dh

    [*] SCHEDULED SCANS’
    sniper -w -s daily|weekly|monthly’

    [*] SCAN STATUS
    sniper –status

    [*] UPDATE SNIPER
    sniper -u|–update

    right lads listen hope this comes in handy i will do a video on this in the next coming days so make sure keep a eye on facebook and discord for that and dont forget to sub to the site to be the first to view are posts 🙂

    HAPPY HACKING LAUGHINGMAN

    Posted by at
    Labels:

    No comments:

    Post a Comment

    Note: Only a member of this blog may post a comment.

    Subscribe to: Post Comments (Atom)