From b5cae35bfd82fbb3a541499b8bb6a426ddf18070 Mon Sep 17 00:00:00 2001
From: Ekultek <god_lok1@protonmail.com>
Date: Thu, 5 Sep 2019 12:56:09 -0500
Subject: [PATCH 1/8] minor tweaks and updates

---
 etc/text_files/nmap_opts.lst |   2 +
 lib/banner.py                |   2 +-
 lib/scanner/nmap.py          | 306 +++++++++++++++++++++++++----------
 lib/settings.py              |   3 +-
 lib/term/terminal.py         | 118 ++++++++++----
 5 files changed, 310 insertions(+), 121 deletions(-)

diff --git a/etc/text_files/nmap_opts.lst b/etc/text_files/nmap_opts.lst
index 818bc5e..10dc88d 100644
--- a/etc/text_files/nmap_opts.lst
+++ b/etc/text_files/nmap_opts.lst
@@ -89,6 +89,8 @@
 -oG
 -oA
 -v
+-vv
+-vvv
 -d
 --reason
 --open
diff --git a/lib/banner.py b/lib/banner.py
index bb59e3e..b9a3289 100644
--- a/lib/banner.py
+++ b/lib/banner.py
@@ -1,7 +1,7 @@
 import os
 import random
 
-VERSION = "4.0"
+VERSION = "4.0.1"
 
 
 def banner_1(line_sep="#--", space=" " * 30):
diff --git a/lib/scanner/nmap.py b/lib/scanner/nmap.py
index 71187f7..c219b97 100644
--- a/lib/scanner/nmap.py
+++ b/lib/scanner/nmap.py
@@ -120,7 +120,12 @@ def do_scan(host, nmap_path, ports=None, arguments=None):
     perform the nmap scan
     """
     if arguments is None:
-        arguments = "-sV"
+        lib.output.misc_info("using default scan arguments")
+        arguments = [
+            "-sF", "-Pn", "-sV",
+            "-O", "-F", "--reason",
+            "-vvv"
+        ]
     launch_arguments = [
         nmap_path, '-oX', '-', host,
         '-p ' + ports if ports is not None else "",
@@ -150,106 +155,235 @@ def do_scan(host, nmap_path, ports=None, arguments=None):
     return output_data, "".join(nmap_warn_tracestack), "".join(nmap_error_tracestack)
 
 
+# copy pasta :DD
+# https://github.com/komand/python-nmap/blob/master/nmap/nmap.py#L273
 def parse_xml_output(output, warnings, error):
     """
-    parse the XML data out of the file into a dict
+    Analyses NMAP xml scan ouput
+    May raise PortScannerError exception if nmap output was not xml
+    Test existance of the following key to know if something went wrong : ['nmap']['scaninfo']['error']
+    If not present, everything was ok.
+    :param nmap_xml_output: xml string to analyse
+    :returns: scan_result as dictionnary
     """
-    results = {}
+    # nmap xml output looks like :
+    # <host starttime="1267974521" endtime="1267974522">
+    #   <status state="up" reason="user-set"/>
+    #   <address addr="192.168.1.1" addrtype="ipv4" />
+    #   <hostnames><hostname name="neufbox" type="PTR" /></hostnames>
+    #   <ports>
+    #     <port protocol="tcp" portid="22">
+    #       <state state="filtered" reason="no-response" reason_ttl="0"/>
+    #       <service name="ssh" method="table" conf="3" />
+    #     </port>
+    #     <port protocol="tcp" portid="25">
+    #       <state state="filtered" reason="no-response" reason_ttl="0"/>
+    #       <service name="smtp" method="table" conf="3" />
+    #     </port>
+    #   </ports>
+    #   <hostscript>
+    #    <script id="nbstat" output="NetBIOS name: GROSTRUC, NetBIOS user: &lt;unknown&gt;, NetBIOS MAC: &lt;unknown&gt;&#xa;" />
+    #    <script id="smb-os-discovery" output=" &#xa;  OS: Unix (Samba 3.6.3)&#xa;  Name: WORKGROUP\Unknown&#xa;  System time: 2013-06-23 15:37:40 UTC+2&#xa;" />
+    #    <script id="smbv2-enabled" output="Server doesn&apos;t support SMBv2 protocol" />
+    #   </hostscript>
+    #   <times srtt="-1" rttvar="-1" to="1000000" />
+    # </host>
+    # <port protocol="tcp" portid="25">
+    #  <state state="open" reason="syn-ack" reason_ttl="0"/>
+    #   <service name="smtp" product="Exim smtpd" version="4.76" hostname="grostruc" method="probed" conf="10">
+    #     <cpe>cpe:/a:exim:exim:4.76</cpe>
+    #   </service>
+    #   <script id="smtp-commands" output="grostruc Hello localhost [127.0.0.1], SIZE 52428800, PIPELINING, HELP, &#xa; Commands supported: AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP "/>
+    # </port>
+    scan_result = {}
     try:
-        root = ElementTree.fromstring(output)
+        dom = ElementTree.fromstring(output)
     except Exception:
-        if len(error) != 0:
+        if len(error) > 0:
             raise lib.errors.NmapScannerError(error)
         else:
             raise lib.errors.NmapScannerError(output)
-    results['nmap_scan'] = {
-        'full_command_line': root.get('args'),
-        'scan_information': {},
-        'scan_stats': {
-            'time_string': root.find('runstats/finished').get('timestr'),
-            'elapsed': root.find('runstats/finished').get('elapsed'),
-            'hosts_up': root.find('runstats/hosts').get('up'),
-            'down_hosts': root.find('runstats/hosts').get('down'),
-            'total_hosts_scanned': root.find('runstats/hosts').get('total')
+    # nmap command line
+    scan_result['nmap'] = {
+        'command_line': dom.get('args'),
+        'scaninfo': {},
+        'scanstats': {
+            'timestr': dom.find("runstats/finished").get('timestr'),
+            'elapsed': dom.find("runstats/finished").get('elapsed'),
+            'uphosts': dom.find("runstats/hosts").get('up'),
+            'downhosts': dom.find("runstats/hosts").get('down'),
+            'totalhosts': dom.find("runstats/hosts").get('total')}
         }
-    }
-    if len(error) != 0:
-        results['nmap_scan']['scan_information']['errors'] = error
-    if len(warnings) != 0:
-        results['nmap_scan']['scan_information']['warnings'] = warnings
-    for info in root.findall('scaninfo'):
-        results['nmap_scan']['scan_information'][info.get('protocol')] = {
-            'method': info.get('type'),
-            'services': info.get('services')
-        }
-    for attempted_host in root.findall('host'):
+    # if there was an error
+    if len(error) > 0:
+        scan_result['nmap']['scaninfo']['error'] = error
+    # if there was a warning
+    if len(warnings) > 0:
+        scan_result['nmap']['scaninfo']['warning'] = warnings
+    # info about scan
+    for dsci in dom.findall('scaninfo'):
+        scan_result['nmap']['scaninfo'][dsci.get('protocol')] = {
+            'method': dsci.get('type'),
+            'services': dsci.get('services')
+            }
+    scan_result['scan'] = {}
+    for dhost in dom.findall('host'):
+        # host ip, mac and other addresses
         host = None
-        addresses = {}
-        vendors = {}
-        for address in attempted_host.findall("address"):
-            address_type = address.get('addrtype')
-            addresses[address_type] = address.get('addr')
-            if address_type == "ipv4":
-                host = addresses[address_type]
-            elif address_type == "mac" and address.get('vendor') is not None:
-                vendors[addresses[address_type]] = address.get('vendor')
+        address_block = {}
+        vendor_block = {}
+        for address in dhost.findall('address'):
+            addtype = address.get('addrtype')
+            address_block[addtype] = address.get('addr')
+            if addtype == 'ipv4':
+                host = address_block[addtype]
+            elif addtype == 'mac' and address.get('vendor') is not None:
+                vendor_block[address_block[addtype]] = address.get('vendor')
         if host is None:
-            host = attempted_host.find('address').get('addr')
+            host = dhost.find('address').get('addr')
         hostnames = []
-        if len(attempted_host.findall('hostnames/hostname')) != 0:
-            for current_hostnames in attempted_host.findall('hostnames/hostname'):
+        if len(dhost.findall('hostnames/hostname')) > 0:
+            for dhostname in dhost.findall('hostnames/hostname'):
                 hostnames.append({
-                    'hostname': current_hostnames.get('name'),
-                    'host_type': current_hostnames.get('type')
+                    'name': dhostname.get('name'),
+                    'type': dhostname.get('type'),
                 })
         else:
             hostnames.append({
-                'hostname': None,
-                'host_type': None
+                'name': '',
+                'type': '',
             })
-
-        results['nmap_scan'][host] = {}
-        results['nmap_scan'][host]['hostnames'] = hostnames
-        results['nmap_scan'][host]['addresses'] = addresses
-        results['nmap_scan'][host]['vendors'] = vendors
-
-        for status in attempted_host.findall('status'):
-            results['nmap_scan'][host]['status'] = {
-                    'state': status.get('state'),
-                    'reason': status.get('reason')
-            }
-        for uptime in attempted_host.findall('uptime'):
-            results['nmap_scan'][host]['uptime'] = {
-                    'seconds': uptime.get('seconds'),
-                    'lastboot': uptime.get('lastboot')
-            }
-        for discovered_port in attempted_host.findall('ports/port'):
-            protocol = discovered_port.get('protocol')
-            port_number = discovered_port.get('portid')
-            port_state = discovered_port.find('state').get('state')
-            port_reason = discovered_port.find('state').get('reason')
-
-            # this is actually a thing!!
-            name = discovered_config = discovered_version = extra_information = discovered_product = stuff = ""
-            for discovered_name in discovered_port.findall('service'):
-                name = discovered_name.get('name')
-                if discovered_name.get('product'):
-                    discovered_product = discovered_name.get('product')
-                if discovered_name.get('version'):
-                    discovered_version = discovered_name.get('version')
-                if discovered_name.get('extrainfo'):
-                    extra_information = discovered_name.get('extrainfo')
-                if discovered_name.get('conf'):
-                    discovered_config = discovered_name.get('conf')
-
-                for other_stuff in discovered_name.findall('cpe'):
-                    stuff = other_stuff.text
-            if protocol not in results['nmap_scan'][host].keys():
-                results['nmap_scan'][host][protocol] = list()
-            results['nmap_scan'][host][protocol].append({
-                    'port': port_number, 'state': port_state, 'reason': port_reason,
-                    'name': name, 'product': discovered_product, 'version': discovered_version,
-                    'extrainfo': extra_information, 'conf': discovered_config, 'cpe': stuff
+        scan_result['scan'][host] = {'hostnames': hostnames}
+        scan_result['scan'][host]['addresses'] = address_block
+        scan_result['scan'][host]['vendor'] = vendor_block
+        for dstatus in dhost.findall('status'):
+            # status : up...
+            scan_result['scan'][host]['status'] = {'state': dstatus.get('state'),
+                                                   'reason': dstatus.get('reason')}
+        for dstatus in dhost.findall('uptime'):
+            # uptime : seconds, lastboot
+            scan_result['scan'][host]['uptime'] = {'seconds': dstatus.get('seconds'),
+                                            'lastboot': dstatus.get('lastboot')}
+        for dport in dhost.findall('ports/port'):
+            # protocol
+            proto = dport.get('protocol')
+            # port number converted as integer
+            port = int(dport.get('portid'))
+            # state of the port
+            state = dport.find('state').get('state')
+            # reason
+            reason = dport.find('state').get('reason')
+            # name, product, version, extra info and conf if any
+            name = product = version = extrainfo = conf = cpe = ''
+            for dname in dport.findall('service'):
+                name = dname.get('name')
+                if dname.get('product'):
+                    product = dname.get('product')
+                if dname.get('version'):
+                    version = dname.get('version')
+                if dname.get('extrainfo'):
+                    extrainfo = dname.get('extrainfo')
+                if dname.get('conf'):
+                    conf = dname.get('conf')
+                for dcpe in dname.findall('cpe'):
+                    cpe = dcpe.text
+            # store everything
+            if proto not in list(scan_result['scan'][host].keys()):
+                scan_result['scan'][host][proto] = list()
+            # Komand - change proto from dict to list to ease output spec
+            scan_result['scan'][host][proto].append({
+                'port': port,
+                'state': state,
+                'reason': reason,
+                'name': name,
+                'product': product,
+                'version': version,
+                'extrainfo': extrainfo,
+                'conf': conf,
+                'cpe': cpe
+            })
+            script_id = ''
+            script_out = ''
+            # get script output if any
+            for dscript in dport.findall('script'):
+                script_id = dscript.get('id')
+                script_out = dscript.get('output')
+                if 'script' not in list(scan_result['scan'][host][proto][port].keys()):
+                    scan_result['scan'][host][proto][port]['script'] = {}
+                scan_result['scan'][host][proto][port]['script'][script_id] = script_out
+        # <hostscript>
+        #  <script id="nbstat" output="NetBIOS name: GROSTRUC, NetBIOS user: &lt;unknown&gt;, NetBIOS MAC: &lt;unknown&gt;&#xa;" />
+        #  <script id="smb-os-discovery" output=" &#xa;  OS: Unix (Samba 3.6.3)&#xa;  Name: WORKGROUP\Unknown&#xa;  System time: 2013-06-23 15:37:40 UTC+2&#xa;" />
+        #  <script id="smbv2-enabled" output="Server doesn&apos;t support SMBv2 protocol" />
+        # </hostscript>
+        for dhostscript in dhost.findall('hostscript'):
+            for dname in dhostscript.findall('script'):
+                hsid = dname.get('id')
+                hsoutput = dname.get('output')
+                if 'hostscript' not in list(scan_result['scan'][host].keys()):
+                    scan_result['scan'][host]['hostscript'] = []
+                scan_result['scan'][host]['hostscript'].append(
+                    {
+                        'id': hsid,
+                        'output': hsoutput
+                        }
+                    )
+        # <osmatch name="Juniper SA4000 SSL VPN gateway (IVE OS 7.0)" accuracy="98" line="36241">
+        # <osclass type="firewall" vendor="Juniper" osfamily="IVE OS" osgen="7.X"
+        # accuracy="98"><cpe>cpe:/h:juniper:sa4000</cpe><cpe>cpe:/o:juniper:ive_os:7</cpe></osclass>
+        # </osmatch>
+        # <osmatch name="Cymphonix EX550 firewall" accuracy="98" line="17929">
+        # <osclass type="firewall" vendor="Cymphonix" osfamily="embedded"
+        # accuracy="98"><cpe>cpe:/h:cymphonix:ex550</cpe></osclass>
+        # </osmatch>
+        for dos in dhost.findall('os'):
+            osmatch = []
+            portused = []
+            for dportused in dos.findall('portused'):
+                # <portused state="open" proto="tcp" portid="443"/>
+                state = dportused.get('state')
+                proto = dportused.get('proto')
+                portid = dportused.get('portid')
+                portused.append({
+                    'state': state,
+                    'proto': proto,
+                    'portid': portid,
                 })
-
-    return results
+            scan_result['scan'][host]['portused'] = portused
+            for dosmatch in dos.findall('osmatch'):
+                # <osmatch name="Linux 3.7 - 3.15" accuracy="100" line="52790">
+                name = dosmatch.get('name')
+                accuracy = dosmatch.get('accuracy')
+                line = dosmatch.get('line')
+                osclass = []
+                for dosclass in dosmatch.findall('osclass'):
+                    # <osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="2.6.X" accuracy="98"/>
+                    ostype = dosclass.get('type')
+                    vendor = dosclass.get('vendor')
+                    osfamily = dosclass.get('osfamily')
+                    osgen = dosclass.get('osgen')
+                    accuracy = dosclass.get('accuracy')
+                    cpe = []
+                    for dcpe in dosclass.findall('cpe'):
+                        cpe.append(dcpe.text)
+                    osclass.append({
+                        'type': ostype,
+                        'vendor': vendor,
+                        'osfamily': osfamily,
+                        'osgen': osgen,
+                        'accuracy': accuracy,
+                        'cpe': cpe,
+                    })
+                osmatch.append({
+                    'name': name,
+                    'accuracy': accuracy,
+                    'line': line,
+                    'osclass': osclass
+                })
+            else:
+                scan_result['scan'][host]['osmatch'] = osmatch
+        for dport in dhost.findall('osfingerprint'):
+            # <osfingerprint fingerprint="OS:SCAN(V=5.50%D=11/[...]S)&#xa;"/>
+            fingerprint = dport.get('fingerprint')
+            scan_result['scan'][host]['fingerprint'] = fingerprint
+    return scan_result
\ No newline at end of file
diff --git a/lib/settings.py b/lib/settings.py
index d4eacbf..d15317d 100644
--- a/lib/settings.py
+++ b/lib/settings.py
@@ -55,8 +55,9 @@ def complete_text(self, text, state):
 personal/custom         Load a custom host file
 tokens/reset            Reset API tokens if needed
 external                View loaded external commands
-ver[sion]               View the current version of the program
+version                 View the current version of the program
 clean/clear             Clean the hosts.txt file of duplicate IP addresses
+nmap/mapper/mappy       Run an nmap scan on a provided host
 help/?                  Display this help
 """
 
diff --git a/lib/term/terminal.py b/lib/term/terminal.py
index a320dc3..cee06d3 100644
--- a/lib/term/terminal.py
+++ b/lib/term/terminal.py
@@ -45,7 +45,7 @@ class object for the main terminal of the program
         # reset API tokens
         "reset", "tokens",
         # show the version number
-        "ver", "version",
+        "version",
         # clean the hosts file of duplicate IP's
         "clean", "clear",
         # easter eggs!
@@ -371,11 +371,11 @@ def do_exploit_targets(self, workspace_info, shodan_token=None):
 
         Command Format:
         --------------
-        exploit[/run/attack] IP PORT WORKSPACE_NAME [whitewash list]
+        exploit[/run/attack] IP PORT WORKSPACE_NAME [whitewash list] [honeycheck] [nmap]
 
         Examples:
         ---------
-        exploit 127.0.0.1 9065 default whitelist.txt
+        exploit 127.0.0.1 9065 default whitelist.txt honeycheck nmap
         """
         if workspace_info[3] is not None and workspace_info[3] != "honeycheck":
             lib.output.misc_info("doing whitewash on hosts file")
@@ -483,8 +483,11 @@ def do_nmap_scan(self, target, arguments):
 
         sep = "-" * 30
         if arguments is not None:
-            arguments = arguments.split(",")
-            passable_arguments = lib.scanner.nmap.parse_nmap_args(arguments)
+            if not type(arguments) == list:
+                arguments = arguments.split(",")
+                passable_arguments = lib.scanner.nmap.parse_nmap_args(arguments)
+            else:
+                passable_arguments = lib.scanner.nmap.parse_nmap_args(arguments)
         else:
             passable_arguments = None
         try:
@@ -499,18 +502,25 @@ def do_nmap_scan(self, target, arguments):
             formatted_results_output = lib.scanner.nmap.parse_xml_output(output, warnings, errors)
             save_file = lib.scanner.nmap.write_data(target, formatted_results_output, is_xml=False)
             lib.output.misc_info("JSON data dumped to file: '{}'".format(save_file))
-            print("{sep}\n{data}\n{sep}".format(
-                data=json.dumps(formatted_results_output["nmap_scan"][target], indent=4), sep=sep
-            ))
+            try:
+                print("{sep}\n{data}\n{sep}".format(
+                    data=json.dumps(formatted_results_output['scan'][target], indent=4), sep=sep
+                ))
+            except KeyError:
+                lib.output.error(
+                    formatted_results_output['nmap']['scaninfo']['error']
+                )
         except lib.errors.NmapScannerError as e:
             lib.output.error(str(e).strip())
 
     def terminal_main_display(self, tokens, extra_commands=None, save_history=True):
-        # idk what the fuck the problem is but this seems to fix it so...
-        import lib.output
         """
         terminal main display
         """
+        # idk what the fuck the problem is but this seems to fix it so...
+        # if you remove the lib.output the below warning will cause an Exception
+        # saying that lib.output was never imported, so like WHAT?!
+        import lib.output
         lib.output.warning(
             "no arguments have been parsed at run time, dropping into terminal session. "
             "to get help type `help` to quit type `exit/quit` to get help on "
@@ -595,7 +605,7 @@ def terminal_main_display(self, tokens, extra_commands=None, save_history=True):
                             if choice_data_list is None or len(choice_data_list) < 4:
                                 lib.output.error(
                                     "must provide at least LHOST, LPORT, workspace name with `{}` keyword "
-                                    "(IE {} 127.0.0.1 9076 default [whitelist-path] [honeycheck])".format(
+                                    "(IE {} 127.0.0.1 9076 default [whitelist-path] [honeycheck] [nmap])".format(
                                         choice.split(" ")[0].strip(), choice.split(" ")[0].strip()
                                     )
                                 )
@@ -605,15 +615,17 @@ def terminal_main_display(self, tokens, extra_commands=None, save_history=True):
                                         workspace = (
                                             choice_data_list[1], choice_data_list[2],
                                             choice_data_list[3], choice_data_list[4],
-                                            True if "honeycheck" in choice_data_list else False
+                                            True if "honeycheck" in choice_data_list else False,
+                                            True if "nmap" in choice_data_list else False,
                                         )
                                     except IndexError:
                                         workspace = (
                                             choice_data_list[1], choice_data_list[2],
                                             choice_data_list[3], None,
-                                            True if "honeycheck" in choice_data_list else False
+                                            True if "honeycheck" in choice_data_list else False,
+                                            True if "nmap" in choice_data_list else False
                                         )
-                                    if workspace[-1]:
+                                    if workspace[4]:
                                         honeyscore = None
                                         while honeyscore is None:
                                             honeyscore = lib.output.prompt(
@@ -624,6 +636,44 @@ def terminal_main_display(self, tokens, extra_commands=None, save_history=True):
                                             except:
                                                 honeyscore = None
                                                 lib.output.error("honey score must be a float (IE 0.3)")
+                                    if workspace[5]:
+                                        # perform an nmap scan on every IP address before they're exploited.
+                                        # this will probably be really annoying, but you also get the option
+                                        # to skip them. I think the `nmap` command is probably a better idea
+                                        # given the circumstances of how it works. But really in the end
+                                        # it's completely up to you.
+                                        big_question = lib.output.prompt(
+                                            "do you want to initiate a port scan on all gathered IP addresses "
+                                            "before beginning the initial exploitation phase[y/N]"
+                                        )
+                                        if big_question.lower().startswith("y"):
+                                            lib.output.info("scanning gathered IP addresses before starting attacks")
+                                            self.__reload()
+                                            for ip in self.loaded_hosts:
+                                                ip = ip.strip()
+                                                option = lib.output.prompt(
+                                                    "scan IP address: {}[y/N]".format(ip), lowercase=True
+                                                )
+                                                if option.lower().startswith("y"):
+                                                    provided_arguments = []
+                                                    done_providing = False
+                                                    # pass arguments to nmap by being prompted by them
+                                                    # as soon as the prompt receives `STOP` it breaks out
+                                                    # of the loop and adds the arguments to the nmap
+                                                    # scan call.
+                                                    while not done_providing:
+                                                        argument = lib.output.prompt(
+                                                            "provide an argument that you want to pass to nmap "
+                                                            "(type 'STOP' to continue)",
+                                                            lowercase=False
+                                                        )
+                                                        if argument != "STOP":
+                                                            provided_arguments.append(argument)
+                                                        else:
+                                                            break
+                                                    self.do_nmap_scan(ip, provided_arguments)
+                                                else:
+                                                    lib.output.misc_info("skipping scan for {}".format(ip))
                                     self.do_exploit_targets(
                                         workspace, shodan_token=self.tokens["shodan"][0]
                                     )
@@ -696,27 +746,29 @@ def terminal_main_display(self, tokens, extra_commands=None, save_history=True):
                                 else:
                                     lib.output.error("cannot reset {} API credentials".format(choice))
                         elif any(c in choice for c in ["nmap", "mapper", "mappy"]):
-                            try:
-                                if "help" in choice_data_list:
-                                    print(self.do_nmap_scan.__doc__)
-                            except TypeError:
-                                pass
-                            target = choice_data_list[1]
-                            try:
-                                arguments = choice_data_list[2]
+                            if choice_data_list is not None and not len(choice_data_list) == 1:
+                                try:
+                                    if "help" in choice_data_list:
+                                        print(self.do_nmap_scan.__doc__)
+                                except TypeError:
+                                    pass
+                                target = choice_data_list[1]
+                                try:
+                                    arguments = choice_data_list[2]
+                                    lib.output.warning(
+                                        "arguments that have a space in them most likely will not be processed correctly, "
+                                        "(IE --dns-servers 1.1.1.1 will most likely cause issues)"
+                                    )
+                                except IndexError:
+                                    arguments = None
+                                # to do ports just pass the -p flag to nmap, simple and easy. You're welcome
+                                if "help" not in choice_data_list:
+                                    self.do_nmap_scan(target, arguments)
+                            else:
                                 lib.output.warning(
-                                    "arguments that have a space in them most likely will not be processed correctly, "
-                                    "(IE --dns-servers 1.1.1.1 will most likely cause issues)"
+                                    "must supply at least an IP address to initiate a nmap scan "
+                                    "nmap IP [arg1,arg2,arg3]"
                                 )
-                            except IndexError:
-                                arguments = None
-                            # don't know how im going to implement ports yet
-                            # try:
-                            #     ports = choice_data_list[3]
-                            # except IndexError:
-                            #     ports = None
-                            if "help" not in choice_data_list:
-                                self.do_nmap_scan(target, arguments)
                         self.history.append(choice)
                         self.__reload()
                 except KeyboardInterrupt:

From 9b1b1cb39d1c938bfbe9e9f28bcda5355ed10bc7 Mon Sep 17 00:00:00 2001
From: Ekultek <ekultek@noreply.github.com>
Date: Mon, 2 Dec 2019 18:58:30 -0600
Subject: [PATCH 2/8] fixes issue #1213

---
 lib/term/terminal.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/term/terminal.py b/lib/term/terminal.py
index cee06d3..2100c30 100644
--- a/lib/term/terminal.py
+++ b/lib/term/terminal.py
@@ -74,7 +74,10 @@ def __init__(self, tokens, modules):
             self.loaded_hosts = open(lib.settings.HOST_FILE, "a+").readlines()
 
     def __reload(self):
-        self.loaded_hosts = open(lib.settings.HOST_FILE).readlines()
+        try:
+            self.loaded_hosts = open(lib.settings.HOST_FILE).readlines()
+        except IOError:
+            lib.output.warning("there's no hosts file to reload")
 
     def reflect_memory(self, max_memory=100):
         """

From 03020fd08bf6869ee240cf5d7d3499cd03452846 Mon Sep 17 00:00:00 2001
From: Ekultek <ekultek@noreply.github.com>
Date: Mon, 2 Dec 2019 19:05:23 -0600
Subject: [PATCH 3/8] fixes issue #1210

---
 lib/exploitation/exploiter.py |  6 ++++--
 lib/settings.py               | 14 ++++++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/lib/exploitation/exploiter.py b/lib/exploitation/exploiter.py
index f5863a8..c5b73d3 100644
--- a/lib/exploitation/exploiter.py
+++ b/lib/exploitation/exploiter.py
@@ -137,7 +137,7 @@ def start_exploit(self, sep="*" * 10):
                         )
 
                     cmd_template = (
-                        "sudo {use_ruby} {msf_path} -r {rc_script_path} -q"
+                        "{use_sudo} {use_ruby} {msf_path} -r {rc_script_path} -q"
                     )
 
                     use_ruby = "ruby" if self.ruby_exec else ""
@@ -162,6 +162,7 @@ def start_exploit(self, sep="*" * 10):
                     lhost = self.configuration[1]
                     lport = self.configuration[2]
                     rhost = host.strip()
+                    is_docker = "sudo" if lib.settings.we_dockered() else ""
 
                     current_rc_script_path = path.join(current_host_path, mod.replace("/", '-').strip())
                     with open(current_rc_script_path, 'w') as f:
@@ -172,7 +173,8 @@ def start_exploit(self, sep="*" * 10):
                             lhost=lhost,
                             lport=lport,
                             rhost=rhost,
-                            rhosts=rhost
+                            rhosts=rhost,
+                            use_sudo=is_docker
                         ))
 
                     with open(report_path, 'a') as f:
diff --git a/lib/settings.py b/lib/settings.py
index d15317d..0d60394 100644
--- a/lib/settings.py
+++ b/lib/settings.py
@@ -491,3 +491,17 @@ def find_similar(command, internal, external):
         if exter.startswith(first_char):
             retval.append(exter)
     return retval
+
+
+def we_dockered():
+    """
+    determine if we are inside a docker container or not
+    """
+    try:
+        with open("/proc/1/cgroup") as cgroup:
+            searcher = re.compile("docker", re.I)
+            if searcher.search(cgroup.read()) is not None:
+                return True
+            return False
+    except Exception:
+        return False
\ No newline at end of file

From cc4319f288d11a66b4ea93d47557f282b9fd8e33 Mon Sep 17 00:00:00 2001
From: Ekultek <ekultek@noreply.github.com>
Date: Mon, 2 Dec 2019 19:07:10 -0600
Subject: [PATCH 4/8] fixes issue #1205

---
 lib/term/terminal.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/term/terminal.py b/lib/term/terminal.py
index 2100c30..c676b62 100644
--- a/lib/term/terminal.py
+++ b/lib/term/terminal.py
@@ -249,7 +249,10 @@ def do_api_search(self, requested_api_data, query, tokens):
             api_list = requested_api_data.split(",")
         except:
             api_list = [requested_api_data]
-        prompt_for_save = len(open(lib.settings.HOST_FILE).readlines()) != 0
+        try:
+            prompt_for_save = len(open(lib.settings.HOST_FILE).readlines()) != 0
+        except IOError:
+            prompt_for_save = False
         if prompt_for_save:
             save_mode = lib.output.prompt(
                 "would you like to [a]ppend or [o]verwrite the file[a/o]", lowercase=True

From fd907d314c596c8be81c606f678139c5bf20cebe Mon Sep 17 00:00:00 2001
From: Ekultek <ekultek@noreply.github.com>
Date: Mon, 2 Dec 2019 19:09:40 -0600
Subject: [PATCH 5/8] fixes issue #1200

---
 lib/term/terminal.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/term/terminal.py b/lib/term/terminal.py
index c676b62..b7bd072 100644
--- a/lib/term/terminal.py
+++ b/lib/term/terminal.py
@@ -202,9 +202,15 @@ def do_token_reset(self, api, token, username):
         if api.lower() == "censys":
             lib.output.info("resetting censys API credentials")
             with open(lib.settings.API_KEYS["censys"][0], 'w') as token_:
-                token_.write(token)
+                try:
+                    token_.write(token)
+                except:
+                    lib.output.warning("issue writing token, is it blank?")
             with open(lib.settings.API_KEYS["censys"][1], 'w') as username_:
-                username_.write(username)
+                try:
+                    username_.write(username)
+                except:
+                    lib.output.warning("issue writing username, is it blank?")
         else:
             with open(lib.settings.API_KEYS["shodan"][0], 'w') as token_:
                 token_.write(token)

From 7763c0032b5f9942706b11235cf897d8c069c555 Mon Sep 17 00:00:00 2001
From: Ekultek <ekultek@noreply.github.com>
Date: Mon, 2 Dec 2019 19:12:26 -0600
Subject: [PATCH 6/8] fixes issue #1199

---
 lib/term/terminal.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/lib/term/terminal.py b/lib/term/terminal.py
index b7bd072..90b0136 100644
--- a/lib/term/terminal.py
+++ b/lib/term/terminal.py
@@ -205,12 +205,12 @@ def do_token_reset(self, api, token, username):
                 try:
                     token_.write(token)
                 except:
-                    lib.output.warning("issue writing token, is it blank?")
+                    lib.output.warning("issue writing token, is it blank? Try again")
             with open(lib.settings.API_KEYS["censys"][1], 'w') as username_:
                 try:
                     username_.write(username)
                 except:
-                    lib.output.warning("issue writing username, is it blank?")
+                    lib.output.warning("issue writing username, is it blank? Try again")
         else:
             with open(lib.settings.API_KEYS["shodan"][0], 'w') as token_:
                 token_.write(token)
@@ -465,7 +465,13 @@ def do_load_custom_hosts(self, file_path):
             return
         lib.output.warning("overwriting hosts file with provided, and backing up current")
         backup_path = lib.settings.backup_host_file(lib.settings.HOST_FILE, lib.settings.HOST_FILE_BACKUP)
-        shutil.copy(file_path, lib.settings.HOST_FILE)
+        try:
+            shutil.copy(file_path, lib.settings.HOST_FILE)
+        except Exception as e:
+            if "are the same file" in str(e):
+                lib.output.warning("there hasn't been any changes to the file since last save")
+            else:
+                raise e.__class__(str(e))
         lib.output.info("host file replaced, backup stored under '{}'".format(backup_path))
         self.loaded_hosts = open(lib.settings.HOST_FILE).readlines()
 

From a447f5028ea039972663bef40ff23ccfe0eaf5a4 Mon Sep 17 00:00:00 2001
From: Ekultek <ekultek@noreply.github.com>
Date: Mon, 2 Dec 2019 19:14:00 -0600
Subject: [PATCH 7/8] bumps version number for the 5 new commits

---
 lib/banner.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/banner.py b/lib/banner.py
index b9a3289..64e29c3 100644
--- a/lib/banner.py
+++ b/lib/banner.py
@@ -1,7 +1,7 @@
 import os
 import random
 
-VERSION = "4.0.1"
+VERSION = "4.0.6"
 
 
 def banner_1(line_sep="#--", space=" " * 30):

From b7259f302b9295af51be1634f1417e7b3139973c Mon Sep 17 00:00:00 2001
From: Ekultek <ekultek@noreply.github.com>
Date: Sat, 21 Mar 2020 16:03:53 -0500
Subject: [PATCH 8/8] fuck you @cryptollama

---
 lib/cmdline/cmd.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/cmdline/cmd.py b/lib/cmdline/cmd.py
index 647e8b3..2b9e82a 100644
--- a/lib/cmdline/cmd.py
+++ b/lib/cmdline/cmd.py
@@ -12,6 +12,7 @@
 import lib.exploitation.exploiter
 
 
+# I'm just pushing to say FUCK YOU @cryptollama
 class AutoSploitParser(argparse.ArgumentParser):
 
     def __init__(self):