Cmdline Whitelist Feature (#110)

* Added whitelist arg and modified the Exploiter call

* added the whitelist_wash function

* added whitelist prompt to terminal

* added check for isspace()

Author: atucom

lib/cmdline/cmd.py

@@ -67,6 +67,8 @@ def optparser():
                           help="pass the path to your framework if it is not in your ENV PATH")
         misc.add_argument("--ethics", action="store_true", dest="displayEthics",
                           help=argparse.SUPPRESS)  # easter egg!
+        misc.add_argument("--whitelist", metavar="PATH", dest="whitelist",
+                             help="only exploit hosts listed in the whitelist file")
         opts = parser.parse_args()
         return opts
 
@@ -160,10 +162,13 @@ def single_run_args(opt, keys, loaded_modules):
                 keys["censys"][1], keys["censys"][0], opt.searchQuery, proxy=headers[0], agent=headers[1]
             ).censys()
         if opt.startExploit:
+            hosts = open(lib.settings.HOST_FILE).readlines()
+            if opt.whitelist:
+                hosts = lib.exploitation.exploiter.whitelist_wash(hosts, whitelist_file=opt.whitelist)
             lib.exploitation.exploiter.AutoSploitExploiter(
                 opt.msfConfig,
                 loaded_modules,
-                open(lib.settings.HOST_FILE).readlines(),
+                hosts,
                 ruby_exec=opt.rubyExecutableNeeded,
                 msf_path=opt.pathToFramework
             ).start_exploit()

lib/exploitation/exploiter.py

@@ -1,6 +1,22 @@
 import lib.settings
 import lib.output
 
+def whitelist_wash(hosts, whitelist_file):
+    """
+    remove IPs from hosts list that do not appear in WHITELIST_FILE
+    """
+    whitelist_hosts = open(whitelist_file).readlines()
+    lib.output.info('Found {} entries in whitelist.txt, scrubbing'.format(str(len(whitelist_hosts))))
+    washed_hosts = []
+    #return supplied hosts if whitelist file is empty
+    if len(whitelist_hosts) == 0:
+        return hosts
+    else:
+        for host in hosts:
+            if host in whitelist_hosts:
+                washed_hosts.append(host)
+
+    return washed_hosts
 
 class AutoSploitExploiter(object):
 

lib/term/terminal.py

@@ -169,10 +169,19 @@ def exploit_gathered_hosts(self, loaded_mods, hosts=None):
         """
         ruby_exec = False
         msf_path = None
+        whitelist_file = lib.output.prompt("specify full path to a whitelist file, otherwise hit enter", lowercase=False)
         if hosts is None:
-            host_file = open(self.host_path).readlines()
+            if whitelist_file is not "" and not whitelist_file.isspace():
+                # If whitelist is specified, return a washed hosts list
+                host_file = lib.exploitation.exploiter.whitelist_wash(open(self.host_path).readlines(), whitelist_file)
+            else:
+                host_file = open(self.host_path).readlines()
         else:
-            host_file = open(hosts).readlines()
+            if whitelist_file is not "" and not whitelist_file.isspace():
+                # If whitelist is specified, return a washed hosts list
+                host_file = lib.exploitation.exploiter.whitelist_wash(open(hosts).readlines(), whitelist_file)
+            else:
+                host_file = open(hosts).readlines()
         if not lib.settings.check_for_msf():
             msf_path = lib.output.prompt(
                 "it appears that MSF is not in your PATH, provide the full path to msfconsole"