Interlace - Easily Plough Unmarried Threaded Ascendence Describe Of Piece Of Job Applications Into Fast, Multi Threaded Ones Amongst Cidr As Well As Glob Support
Easily plough unmarried threaded command line applications into fast, multi threaded application amongst CIDR in addition to glob support.
Setup
Install using:
$ python3 setup.py install
interlace
.Usage
Argument | Description |
---|---|
-t | Specify a target or domain refer either inward comma format, CIDR notation, or equally an private host. |
-tL | Specify a listing of targets or domain names |
-threads | Specify the maximum release of threads to run at whatsoever 1 fourth dimension (DEFAULT:5) |
-timeout | Specify a timeout value inward seconds for whatsoever 1 thread (DEFAULT:600) |
-c | Specify a unmarried ascendency to execute over each target or domain |
-cL | Specify a listing of commands to execute over each target or domain |
-o | Specify an output folder variable that tin move hold upwards used inward commands equally _output_ |
-p | Specify a listing of port variable that tin move hold upwards used inward commands equally _port_. This tin move hold upwards a unmarried port, a comma delimited list, or exercise dash notation |
-rp | Specify a existent port variable that tin move hold upwards used inward commands equally _realport_ |
--no-cidr | If ready in addition to thence CIDR musical note inward a target file volition non hold upwards automatically hold upwards expanded into private hosts. |
--no-color | If ready in addition to thence whatsoever foreground or background colours volition hold upwards stripped out |
--silent | If ready in addition to thence solely of import information volition hold upwards displayed in addition to banners in addition to other information volition hold upwards redacted. |
-v | If ready in addition to thence verbose output volition hold upwards displayed inward the terminal |
Further information regarding ports (-p)
Example | Notation Type |
---|---|
80 | Single port |
1-80 | Dash notation, perform a ascendency for each port from 1-80 |
80,443 | Perform a ascendency for both port 80, in addition to port 443 |
Further information regarding targets (-t or -tL)
Both
-t
in addition to -tL
volition hold upwards processed the same. You tin move move yesteryear targets the same equally y'all would when using nmap. This tin move hold upwards done using CIDR notation, dash notation, or a comma delimited listing of targets. Influenza A virus subtype H5N1 unmarried target listing file tin move besides exercise dissimilar musical note types per line.Variable Replacements
The next varaibles volition hold upwards replaced inward commands at runtime:
Variable | Replacement |
---|---|
_target_ | Replaced amongst the expanded target listing that the electrical flow thread is running against |
_host_ | Works the same equally _target_, tin move hold upwards used interchangably. |
_output_ | Replaced amongst the output folder variable from interlace |
_port_ | Replaced amongst the expanded port variable from interlace |
_realport_ | Replaced amongst the existent port variable from interlace |
Usage Examples
Run Nikto Over Multiple Sites
Let's assume that y'all had a file
targets.txt
that had the next contents:bugcrowd.com hackerone.com
You could exercise interlace to run over whatsoever release of targets inside this file using: bash➜ /tmp interlace -tL ./targets.txt -threads five -c "nikto --host _target_ > ./_target_-nikto.txt" -v ============================================== Interlace v1.0 yesteryear Michael Skelton (@codingo_) ============================================== [14:33:23] [THREAD] [nikto --host hackerone.com > ./hackerone.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host bugcrowd.com > ./bugcrowd.com-nikto.txt] Added to Queue
This would run nikto over each host in addition to relieve to a file for each target. Note that inward the inward a higher house instance since we're using the >
operator thence results won't hold upwards fed dorsum to the terminal, nonetheless this is desired functionality equally otherwise nosotros wouldn't hold upwards able to attribute which target Nikto results were returning for.For applications where y'all wishing feedback but move yesteryear commands equally y'all usually would (or exercise
tee
).Run Nikto Over Multiple Sites in addition to Ports
Using the inward a higher house example, let's assume y'all wishing independant scans to hold upwards run for both ports
80
in addition to 443
for the same targets. You would in addition to thence exercise the following:➜ /tmp interlace -tL ./targets.txt -threads five -c "nikto --host _target_:_port_ > ./_target_-_port_-nikto.txt" -p 80,443 -v ============================================== Interlace v1.0 yesteryear Michael Skelton (@codingo_) ============================================== [14:33:23] [THREAD] [nikto --host hackerone.com:80 > ./hackerone.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host bugcrowd.com:80 > ./hackerone.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host bugcrowd.com:443 > ./bugcrowd.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host hackerone.com:443 > ./hackerone.com-nikto.txt] Added to Queue
Run a List of Commands against Target Hosts
Often amongst penetration tests there's a listing of commands y'all wishing to run on near every job. Assuming that listing includes testssl.sh, nikto, in addition to sslscan, y'all could relieve a ascendency listing amongst the next inward a file called
commands.txt
:nikto --host _target_:_port_ > _output_/_target_-nikto.txt sslscan _target_:_port_ > _output_/_target_-sslscan.txt testssl.sh _target_:_port_ > _output_/_target_-testssl.txt
If y'all were in addition to thence given a target, example.com
y'all could run each of these commands against this target using the following:interlace -t example.com -o /Engagements/example/ -cL ./commands.txt -p 80,443
CIDR musical note amongst an application that doesn't back upwards it
Interlace automatically expands CIDR musical note when starting threads (unless the --no-cidr flag is passed). This allows y'all to move yesteryear CIDR musical note to a diverseness of applications:
To run a virtual host scan against every target inside 192.168.12.0/24 using a at 1 time ascendency y'all could use:
interlace -t 192.168.12.0/24 -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o /scans/ -threads 50
Glob musical note amongst an application that doesn't back upwards it
Interlace automatically expands glob ranges when starting threads. This allows y'all to move yesteryear glob ranges to a diverseness of applications:
To run a virtual host scan against every target inside 192.168.12.* using a at 1 time ascendency y'all could use:
interlace -t 192.168.12.* -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o /scans/ -threads 50
Threading Support for an application that doesn't back upwards it
Run a virtual host scan against each host inward a file (target-lst.txt), whilst besides limiting scans at whatsoever 1 fourth dimension to l maximum threads.
This could hold upwards done using a at 1 time command:
interlace -tL ./target-list.txt -c "vhostscan -t _target_ -oN _output_/_target_-vhosts.txt" -o /scans/ -threads 50
interlace -cL ./vhosts-commands.txt -tL ./target-list.txt -threads l -o /scans
vhostscan -t $target -oN _output_/_target_-vhosts.txt
This would output a file for each target inward the specified output folder. You could besides run multiple commands but yesteryear adding them into the ascendency file.Auhors in addition to Thanks
Originally written yesteryear Michael Skelton (codingo) in addition to Sajeeb Lohani (sml555) amongst attention from Charelle Collett (@Charcol0x89) for threading refactoring in addition to overall appraoch, in addition to Luke Stephens (hakluke) for testing in addition to approach.