README example, how to get to result files?
egberts opened this issue · 9 comments
I ran the example on Debian 11 (Bullseye):
git clone https://github.com/1N3/BlackWidow.git
cd BlackWidow
docker build -t blackwidow .
docker run -it blackwidow -h htttps://egbert.net/
Seems to build and run fine. Got a bunch of analyzed reports made.
And got the following ending:
__________________________________________________________________________________________________
[+] Loot Saved To:
/usr/share/blackwidow/egbert.net_80/
__________________________________________________________________________________________________
Then back in the main shell:
~/work/github# cd /usr/share/blackwidow/egbert.net_80
-bash: cd: /usr/share/blackwidow/egbert.net_80: No such file or directory
But no way to get access to the reports. Did I misread the README?
Hi, looks like you ran docker run -it blackwidow -h htttps://egbert.net/
with the help flag which doesn't scan, it just shows the help screen. I also noticed you have an extra "t" in htttps which could also cause problems.
Try docker run -it blackwidow -u https://egbert.net/
Ooops, that is multiple typos on my part.
I just re-ran it and got the same result.
[+] Dynamic URL's Discovered:
/usr/share/blackwidow/egbert.net_80/egbert.net_80-dynamic-sorted.txt
__________________________________________________________________________________________________
https://egbert.net/blog/authors/egberts.html?and&in&url=""
[+] Form URL's Discovered:
/usr/share/blackwidow/egbert.net_80/egbert.net_80-forms-sorted.txt
__________________________________________________________________________________________________
[+] Unique Dynamic Parameters Discovered:
/usr/share/blackwidow/egbert.net_80/egbert.net_80-dynamic-unique.txt
__________________________________________________________________________________________________
https://egbert.net/blog/authors/egberts.html?and&in&url=""
[+] Sub-domains Discovered:
/usr/share/blackwidow/egbert.net_80/egbert.net_80-subdomains-sorted.txt
__________________________________________________________________________________________________
[+] Emails Discovered:
/usr/share/blackwidow/egbert.net_80/egbert.net_80-emails-sorted.txt
__________________________________________________________________________________________________
[+] Phones Discovered:
/usr/share/blackwidow/egbert.net_80/egbert.net_80-phones-sorted.txt
__________________________________________________________________________________________________
[+] Loot Saved To:
/usr/share/blackwidow/egbert.net_80/
__________________________________________________________________________________________________
# cd /usr/share/blackwidow/egbert.net_80/
-bash: cd: /usr/share/blackwidow/egbert.net_80/: No such file or directory
Also, I noticed that the following output were highlighted in RED foreground color:
[+] Loot Saved To:
/usr/share/blackwidow/egbert.net_80/
Just realized this is HTTPS, so the correct command is actually docker run -it blackwidow -u https://egbert.net:443/
Same result. Loot Save To: .... nowhere.
Execuuted:
docker run -it blackwidow -u https://egbert.net:443/
Output:
cat /tmp/docker.log
Script started on 2020-10-03 15:34:53-04:00 [TERM="xterm-256color" TTY="/dev/pts/1" COLUMNS="80" LINES="24"]
root@arca:~/work/github/BlackWidow# docker run -it blackwidow -u https://egbert.net:443/
_.._
.' '.
/ __ \
, | >< | ,
. \ \ / / .
\_'--`( )'--'_/
.--'/()'--.
@xer0dayz / /` '' `\ \
| |
\ /
+ -- --=[ https://xerosecurity.com
+ -- --=[ blackwidow v1.3 by @xer0dayz
==================================================================================================
https://egbert.net:443/
==================================================================================================
https://egbert.net/
https://egbert.net/
...
__________________________________________________________________________________________________
==================================================================================================
https://egbert.net/blog/articles/index.html
==================================================================================================
https://egbert.net/
...
__________________________________________________________________________________________________
==================================================================================================
https://egbert.net/blog/tags/index.html
==================================================================================================
https://egbert.net/
...
__________________________________________________________________________________________________
==================================================================================================
https://egbert.net/
==================================================================================================
https://egbert.net/
https://egbert.net/
...
__________________________________________________________________________________________________
==================================================================================================
...
==================================================================================================
https://egbert.net/
...
__________________________________________________________________________________________________
_.._
.' '.
/ __ \
, | >< | ,
. \ \ / / .
\_'--`( )'--'_/
.--'/()'--.
@xer0dayz / /` '' `\ \
| |
\ /
+ -- --=[ https://xerosecurity.com
+ -- --=[ blackwidow v1.3 by @xer0dayz
[+] URL's Discovered:
/usr/share/blackwidow/egbert.net_443/egbert.net_443-urls-sorted.txt
__________________________________________________________________________________________________
https://egbert.net/
...
[+] Dynamic URL's Discovered:
/usr/share/blackwidow/egbert.net_443/egbert.net_443-dynamic-sorted.txt
__________________________________________________________________________________________________
https://egbert.net/blog/authors/egberts.html?and&in&url=""
[+] Form URL's Discovered:
/usr/share/blackwidow/egbert.net_443/egbert.net_443-forms-sorted.txt
__________________________________________________________________________________________________
[+] Unique Dynamic Parameters Discovered:
/usr/share/blackwidow/egbert.net_443/egbert.net_443-dynamic-unique.txt
__________________________________________________________________________________________________
https://egbert.net/blog/authors/egberts.html?and&in&url=""
[+] Sub-domains Discovered:
/usr/share/blackwidow/egbert.net_443/egbert.net_443-subdomains-sorted.txt
__________________________________________________________________________________________________
[+] Emails Discovered:
/usr/share/blackwidow/egbert.net_443/egbert.net_443-emails-sorted.txt
__________________________________________________________________________________________________
[+] Phones Discovered:
/usr/share/blackwidow/egbert.net_443/egbert.net_443-phones-sorted.txt
__________________________________________________________________________________________________
[+] Loot Saved To:
/usr/share/blackwidow/egbert.net_443/
__________________________________________________________________________________________________
root:~/work/github/BlackWidow# exit
exit
Script done on 2020-10-03 15:35:05-04:00 [COMMAND_EXIT_CODE="0"]
root@arca:~/work/github/BlackWidow#
Then I went to look for a 'blackwidow' subdirectory in my entire filesystem.
find / -name "blackwidow" -print
/root/work/github/BlackWidow/blackwidow
No other files found.
Never mind....
I had to wait longer. And find
found the missing partitions ... waaaaaay over in /var/lib/docker/overlay2/65f60403c52138b109709160593701e41c9c46ce2d5bd63620f6823617a088e5/diff/usr/share/blackwidow/egbert.net_443
Surely there must be a faster way to get into the docker's filesystem once that docker run
finishes then closes?
Marking this issue as invalid.
I haven't actually seen that before but will try to test the Docker build to confirm. It should just install and save everything to /usr/share/blackwidow
it did save to the /usr/share/blackwidow (but it was missing the /var/lib/docker/overylay2/
part).
The command docker run
returned back to its original parent shell and a natural inclination (of those who reads this README is to execute cd /usr/share/blackwidow
to get to the desired reports: and that approach doesn't work.
Using the find /usr/share -name "blackwidow" -print
would have found it for me.
Running fresh-install Debian 11 (bullseye), Linux 5.8.0-2, Docker.io 19.03.13+dfsg1-2
, ...