lillypad/recon-bin.sh

## recon-bin.sh
#!/usr/bin/env bash

bin=$1
db=$2
useragent="Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
joblimit=1

DARKGREEN=$'\e[00;32m'
GREEN=$'\e[01;32m'
TEAL=$'\e[00;36m'
DARKGREY=$'\e[01;30m'
CYAN=$'\e[01;36m'
LIGHTGREY=$'\e[00;37m'
RED=$'\e[00;31m' #?
PINK=$'\e[01;31m' #?
BLACK=$'\e[00;30m'
BLUE=$'\e[01;34m'
DARKBLUE=$'\e[00;34m'
WHITE=$'\e[01;38m'
RESET=$'\e[0m'
YELLOW=$'\e[01;33m'
MAGENTA=$'\e[01;35m'
PURPLE=$'\e[00;35m'

[ -n "$bin" ] || bin=termbin
loot=$bin-loot
[ -d "$loot" ] || mkdir $loot
[ -n "$db" ] || db=visited.db

function sqlite_execute(){
    while :; do
        result=$(sqlite3 $1 "${2}" 2>&1)
        if [ "${result}" = "Error: database is locked" ]; then
            continue
        else
            break
        fi
    done
    echo "${result}"
}

if [ ! -f $db ]; then
    echo "${YELLOW}[*] binbuster database not found creating a new one"
    touch $db
    sqlite_execute $db "create table urls(id integer primary key autoincrement, url varchar(2083) unique, response integer, pii integer, hashes_id integer);"
    sqlite_execute $db "create table hashes(id integer primary key autoincrement, hash varchar(32) unique);"
fi

function gen_url(){
    case "$bin" in
        termbin)
            n=4
            charset=a-z0-9
            prefix="http://termbin.com"
            suffix=$(cat /dev/urandom | tr -dc $charset | head -c $n)
            echo "${prefix}/${suffix}"
            ;;
        pastebin)
            n=8
            charset=a-z0-9
            prefix="https://pastebin.com/raw"
            suffix=$(cat /dev/urandom  | tr -dc $charset | head -c $n)
            echo "${prefix}/${suffix}"
            ;;
        ghostbin)
            n=5
            charset=a-z0-9
            prefix="https://ghostbin.com/paste"
            key=$(cat /dev/urandom | tr -dc $charset | head -c $n)
            suffix="raw"
            echo "${prefix}/${key}/${suffix}"
            ;;
        pasteee)
            n=5
            charset=a-z0-9
            prefix="https://paste.ee/p"
            key=$(cat /dev/urandom  | tr -dc $charset | head -c $n)
            echo "${prefix}/${key}"
            ;;
        pipfi)
            n=4
            charset=a-z0-9
            prefix="http://p.ip.fi"
            key=$(cat /dev/urandom | tr -dc $charset | head -c $n)
            echo "${prefix}/${key}"
            ;;
    esac
}

function pii(){
    reg_cc="(?:4[0-9]{12}(?:[0-9]{3})?|[25][1-7][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})"
    reg_email="[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}"
    reg_pii="${reg_email}|username|password|doxed|credit|user|pass"
    data_pii=$(echo $data | grep -Eio $reg_pii)
    if echo $data | grep -Eiq $reg_pii
        then echo $data_pii
        else echo 1
    fi
}

function process_url(){
    while :; do
        url=$(gen_url)
        db_url=$(sqlite_execute $db "select url from urls where url = '${url}'")
        if [ "${url}" = "${db_url}" ]; then
            echo "${YELLOW}[*] ${url} has already visited generating another"
        else
            break
        fi
    done
    response=$(curl -A "${useragent}" --write-out %{http_code} --silent --output /dev/null "${url}")
    if [ "$response" = "200" ]; then
        data=$(curl -s -A "${useragent}" "${url}")
        md5=$(echo -e "${data}" | md5sum | cut -d ' ' -f 1)
        data_pii=$(pii)
        db_md5=$(sqlite_execute $db "select hash from hashes where hash = '${md5}';")
        if [ "${db_md5}" != "${md5}" ]; then
            sqlite3 $db "insert into hashes(hash) values('${md5}');"
            hashes_id=$(sqlite_execute $db "select id from hashes where hash = '${md5}'")
            sqlite3 $db "insert into urls(url, response, pii, hashes_id) values('${url}', '${response}', 1, ${hashes_id});"
            echo "${GREEN}[-] fetched ${url} with response ${response} and md5sum of ${md5}"
            echo "${BLUE}---BEGIN DATA---"
            echo "${BLUE}${data}"
            echo "${BLUE}---END DATA---"
            echo "${BLUE}[-] writing loot to ${loot}/${md5}"
            echo "${data}" > $loot/$md5
        else
            echo "${YELLOW}[*] fetched ${url} however data alredy collected for hash ${md5}"
        fi
    else
        sqlite_execute $db "insert into urls(url, response, pii) values('${url}', '${response}', 0);"
        echo "${RED}[x] fetching ${url} failed with response ${response}"
    fi
}

function throttle(){
  joblimit=$1
  joblist=($(jobs -p))
  while (( ${#joblist[*]} >= $joblimit )); do
    sleep 1
    joblist=($(jobs -p))
  done
}

if [ "${joblimit}" = "1" ]; then
    while :; do
        process_url
    done
else
    while :; do
        process_url &
        throttle $joblimit
    done
fi
	#!/usr/bin/env bash

	bin=$1
	db=$2
	useragent="Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
	joblimit=1

	DARKGREEN=$'\e[00;32m'
	GREEN=$'\e[01;32m'
	TEAL=$'\e[00;36m'
	DARKGREY=$'\e[01;30m'
	CYAN=$'\e[01;36m'
	LIGHTGREY=$'\e[00;37m'
	RED=$'\e[00;31m' #?
	PINK=$'\e[01;31m' #?
	BLACK=$'\e[00;30m'
	BLUE=$'\e[01;34m'
	DARKBLUE=$'\e[00;34m'
	WHITE=$'\e[01;38m'
	RESET=$'\e[0m'
	YELLOW=$'\e[01;33m'
	MAGENTA=$'\e[01;35m'
	PURPLE=$'\e[00;35m'

	[ -n "$bin" ] \|\| bin=termbin
	loot=$bin-loot
	[ -d "$loot" ] \|\| mkdir $loot
	[ -n "$db" ] \|\| db=visited.db

	function sqlite_execute(){
	while :; do
	result=$(sqlite3 $1 "${2}" 2>&1)
	if [ "${result}" = "Error: database is locked" ]; then
	continue
	else
	break
	fi
	done
	echo "${result}"
	}

	if [ ! -f $db ]; then
	echo "${YELLOW}[*] binbuster database not found creating a new one"
	touch $db
	sqlite_execute $db "create table urls(id integer primary key autoincrement, url varchar(2083) unique, response integer, pii integer, hashes_id integer);"
	sqlite_execute $db "create table hashes(id integer primary key autoincrement, hash varchar(32) unique);"
	fi

	function gen_url(){
	case "$bin" in
	termbin)
	n=4
	charset=a-z0-9
	prefix="http://termbin.com"
	suffix=$(cat /dev/urandom \| tr -dc $charset \| head -c $n)
	echo "${prefix}/${suffix}"
	;;
	pastebin)
	n=8
	charset=a-z0-9
	prefix="https://pastebin.com/raw"
	suffix=$(cat /dev/urandom \| tr -dc $charset \| head -c $n)
	echo "${prefix}/${suffix}"
	;;
	ghostbin)
	n=5
	charset=a-z0-9
	prefix="https://ghostbin.com/paste"
	key=$(cat /dev/urandom \| tr -dc $charset \| head -c $n)
	suffix="raw"
	echo "${prefix}/${key}/${suffix}"
	;;
	pasteee)
	n=5
	charset=a-z0-9
	prefix="https://paste.ee/p"
	key=$(cat /dev/urandom \| tr -dc $charset \| head -c $n)
	echo "${prefix}/${key}"
	;;
	pipfi)
	n=4
	charset=a-z0-9
	prefix="http://p.ip.fi"
	key=$(cat /dev/urandom \| tr -dc $charset \| head -c $n)
	echo "${prefix}/${key}"
	;;
	esac
	}

	function pii(){
	reg_cc="(?:4[0-9]{12}(?:[0-9]{3})?\|[25][1-7][0-9]{14}\|6(?:011\|5[0-9][0-9])[0-9]{12}\|3[47][0-9]{13}\|3(?:0[0-5]\|[68][0-9])[0-9]{11}\|(?:2131\|1800\|35\d{3})\d{11})"
	reg_email="[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}"
	reg_pii="${reg_email}\|username\|password\|doxed\|credit\|user\|pass"
	data_pii=$(echo $data \| grep -Eio $reg_pii)
	if echo $data \| grep -Eiq $reg_pii
	then echo $data_pii
	else echo 1
	fi
	}

	function process_url(){
	while :; do
	url=$(gen_url)
	db_url=$(sqlite_execute $db "select url from urls where url = '${url}'")
	if [ "${url}" = "${db_url}" ]; then
	echo "${YELLOW}[*] ${url} has already visited generating another"
	else
	break
	fi
	done
	response=$(curl -A "${useragent}" --write-out %{http_code} --silent --output /dev/null "${url}")
	if [ "$response" = "200" ]; then
	data=$(curl -s -A "${useragent}" "${url}")
	md5=$(echo -e "${data}" \| md5sum \| cut -d ' ' -f 1)
	data_pii=$(pii)
	db_md5=$(sqlite_execute $db "select hash from hashes where hash = '${md5}';")
	if [ "${db_md5}" != "${md5}" ]; then
	sqlite3 $db "insert into hashes(hash) values('${md5}');"
	hashes_id=$(sqlite_execute $db "select id from hashes where hash = '${md5}'")
	sqlite3 $db "insert into urls(url, response, pii, hashes_id) values('${url}', '${response}', 1, ${hashes_id});"
	echo "${GREEN}[-] fetched ${url} with response ${response} and md5sum of ${md5}"
	echo "${BLUE}---BEGIN DATA---"
	echo "${BLUE}${data}"
	echo "${BLUE}---END DATA---"
	echo "${BLUE}[-] writing loot to ${loot}/${md5}"
	echo "${data}" > $loot/$md5
	else
	echo "${YELLOW}[*] fetched ${url} however data alredy collected for hash ${md5}"
	fi
	else
	sqlite_execute $db "insert into urls(url, response, pii) values('${url}', '${response}', 0);"
	echo "${RED}[x] fetching ${url} failed with response ${response}"
	fi
	}

	function throttle(){
	joblimit=$1
	joblist=($(jobs -p))
	while (( ${#joblist[*]} >= $joblimit )); do
	sleep 1
	joblist=($(jobs -p))
	done
	}

	if [ "${joblimit}" = "1" ]; then
	while :; do
	process_url
	done
	else
	while :; do
	process_url &
	throttle $joblimit
	done
	fi