takeover.py
===========
This small script tries to detect subdomain takeovers from a list of
domains. Fingerprints are taken from
https://github.com/EdOverflow/can-i-take-over-xyz.
|Twitter|
Installation
------------
::
pip install takeover.py
Usage
-----
::
takeover blog.example.com
Using with other tools:
::
subfinder -d "example.com" -silent | takeover
Automation:
Creating a automated scan server:
.. code:: python
import json, asyncio, pickle, os
from pathlib import Path
from takeover.takeover import takeover
home = str(Path.home())
# config is an dictionary. See ~/.config/takeover/config.json for structure
config = json.load(open(home + "/.config/takeover/config.json"))
# Do not forget to replace pointer to fingerprints with the valid data. See ~/.config/takeover/fingerprints.json for structure
config['fingerprints'] = json.load(open(home + "/.config/takeover/fingerprints.json"))
async def loop():
print("Starting infinite loop:")
while True:
takeoverObject = takeover(config)
try:
takeoverObject.found = pickle.load(open("found.pickle", 'rb'))
except FileNotFoundError:
print("No old data found.", end="\r")
try:
with open("subdomains.txt") as subdomainFile:
subdomains = enumerate(subdomainFile)
await takeoverObject.checkHosts(subdomains)
except FileNotFoundError:
continue
with open("found.pickle", 'wb') as foundFile:
pickle.dump(takeoverObject.found, foundFile)
os.remove("subdomains.txt")
print("Enumerated all targets in subdomains.txt for takeover")
asyncio.run(loop())
The above automation script can be used along with any subdomain enumeration tool:
::
subfinder -d example.com -o subdomains.txt
and the running infinite loop will automatically detect `subdomains.txt` file and start looking for takeovers. After completion, it also deletes the subdomains.txt so that you can add new targets. Obviously, you can tweak it however you want.
How it Works
------------
- Matches CNAME against takeover-able services
- If CNAME found, matches fingerprints in the body.
Note
----
- The output is a lot verbose so it is recommended to use a discord
webhook to get notified. I am planning to change it in a major
update.
- If you need some extra features, feel free to submit a new issue on
GitHub.
License
-------
`LICENSE.md <LICENSE.md>`__
Disclaimer
----------
I make guns, I sell guns, I give away guns but I take no responsibility
of who dies with the guns.
*Legally speaking, What you do with this has nothing to do with me. I am
not responsible for your actions.*
.. |Twitter| image:: https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Fgithub.com%2F0xcrypto%2Ftakeover
:target: https://twitter.com/intent/tweet?text=Wow:&url=https%3A%2F%2Fgithub.com%2F0xcrypto%2Ftakeover
Raw data
{
"_id": null,
"home_page": "http://github.com/0xcrypto/takeover",
"name": "takeover.py",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "subdomain takeover",
"author": "Vikrant Singh Chauhan",
"author_email": "vi@hackberry.xyz",
"download_url": "https://files.pythonhosted.org/packages/6b/ad/0ee5e67dd1358c8595287d18a00ce4bb6c08f63b503c62891b0c6d9e9e09/takeover.py-0.0.11.tar.gz",
"platform": null,
"description": "takeover.py\n===========\n\nThis small script tries to detect subdomain takeovers from a list of\ndomains. Fingerprints are taken from\nhttps://github.com/EdOverflow/can-i-take-over-xyz.\n\n|Twitter|\n\nInstallation\n------------\n\n::\n\n pip install takeover.py\n\nUsage\n-----\n\n::\n\n takeover blog.example.com\n\nUsing with other tools:\n\n::\n\n subfinder -d \"example.com\" -silent | takeover\n\nAutomation:\n\nCreating a automated scan server:\n\n.. code:: python\n\n import json, asyncio, pickle, os\n from pathlib import Path\n from takeover.takeover import takeover\n\n home = str(Path.home())\n\n # config is an dictionary. See ~/.config/takeover/config.json for structure\n config = json.load(open(home + \"/.config/takeover/config.json\"))\n\n # Do not forget to replace pointer to fingerprints with the valid data. See ~/.config/takeover/fingerprints.json for structure\n config['fingerprints'] = json.load(open(home + \"/.config/takeover/fingerprints.json\"))\n\n async def loop():\n print(\"Starting infinite loop:\")\n while True:\n takeoverObject = takeover(config)\n try:\n takeoverObject.found = pickle.load(open(\"found.pickle\", 'rb'))\n except FileNotFoundError:\n print(\"No old data found.\", end=\"\\r\")\n\n try:\n with open(\"subdomains.txt\") as subdomainFile:\n subdomains = enumerate(subdomainFile)\n await takeoverObject.checkHosts(subdomains)\n except FileNotFoundError:\n continue\n\n with open(\"found.pickle\", 'wb') as foundFile:\n pickle.dump(takeoverObject.found, foundFile)\n\n os.remove(\"subdomains.txt\")\n print(\"Enumerated all targets in subdomains.txt for takeover\")\n\n asyncio.run(loop())\n\nThe above automation script can be used along with any subdomain enumeration tool:\n\n::\n\n subfinder -d example.com -o subdomains.txt\n\nand the running infinite loop will automatically detect `subdomains.txt` file and start looking for takeovers. After completion, it also deletes the subdomains.txt so that you can add new targets. Obviously, you can tweak it however you want.\n\nHow it Works\n------------\n\n- Matches CNAME against takeover-able services\n- If CNAME found, matches fingerprints in the body.\n\nNote\n----\n\n- The output is a lot verbose so it is recommended to use a discord\n webhook to get notified. I am planning to change it in a major\n update.\n- If you need some extra features, feel free to submit a new issue on\n GitHub.\n\nLicense\n-------\n\n`LICENSE.md <LICENSE.md>`__\n\nDisclaimer\n----------\n\nI make guns, I sell guns, I give away guns but I take no responsibility\nof who dies with the guns.\n\n*Legally speaking, What you do with this has nothing to do with me. I am\nnot responsible for your actions.*\n\n.. |Twitter| image:: https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Fgithub.com%2F0xcrypto%2Ftakeover\n :target: https://twitter.com/intent/tweet?text=Wow:&url=https%3A%2F%2Fgithub.com%2F0xcrypto%2Ftakeover\n\n\n",
"bugtrack_url": null,
"license": "WTFPL",
"summary": "This small script tries to detect subdomain takeovers from a list of domains. Fingerprints are taken from https://github.com/EdOverflow/can-i-take-over-xyz.",
"version": "0.0.11",
"split_keywords": [
"subdomain",
"takeover"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "2a9e5a3c1b5b658c33f8fe1cff895644",
"sha256": "97829387c4d3404e58e2edcbac6f7900cb9143b3800ef31739ee71049128b258"
},
"downloads": -1,
"filename": "takeover.py-0.0.11-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2a9e5a3c1b5b658c33f8fe1cff895644",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 6070,
"upload_time": "2022-12-05T11:10:49",
"upload_time_iso_8601": "2022-12-05T11:10:49.265467Z",
"url": "https://files.pythonhosted.org/packages/c8/52/4e6772c3297459bcf3b0b25b70d2268a95fd0ba59d0bb310d50b0e714de1/takeover.py-0.0.11-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "bfdf205be651cd58a3cdd34e78095212",
"sha256": "6f74a53a15571fa51df0e19584e2fd4da803cebd7d2d894300845c64fe080be1"
},
"downloads": -1,
"filename": "takeover.py-0.0.11.tar.gz",
"has_sig": false,
"md5_digest": "bfdf205be651cd58a3cdd34e78095212",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 5636,
"upload_time": "2022-12-05T11:10:51",
"upload_time_iso_8601": "2022-12-05T11:10:51.092996Z",
"url": "https://files.pythonhosted.org/packages/6b/ad/0ee5e67dd1358c8595287d18a00ce4bb6c08f63b503c62891b0c6d9e9e09/takeover.py-0.0.11.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-12-05 11:10:51",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "0xcrypto",
"github_project": "takeover",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "takeover.py"
}