Feature/hack-the-box-update (#76)

version 0.20.0 LTS

.github/workflows/witch_craft.yml

@@ -13,7 +13,7 @@ on:
       - "build"
       - "stable"
   schedule:
-    - cron: "0 0 * * *" # This schedule runs at midnight every day
+    - cron: "0 0 28-31 * *"
 
 env:
   CARGO_TERM_COLOR: always

README.md

@@ -7,34 +7,84 @@
 ![GitHub License](https://img.shields.io/github/license/th3maid/witch_craft)
 ![GitHub top language](https://img.shields.io/github/languages/top/th3maid/witch_craft)
 
-<center>
-<br>
-<h1>WITCH_CRAFT</h1>
-<br>
-</center>
+<p align="center">
+  <h1>WITCH_CRAFT</h1>
+</p>
 
+<p align="center">
+  🎉 Welcome to the witch_craft Community!
+</p>
 
-<center>
+---
 
-        🚧 warning: For detailed information about how to use witch_craft
-        run or witch_craft help.
+### WITCH_CRAFT
 
-</center>
-<hr>
+WITCH_CRAFT is a versatile task automation software designed to serve as the foundation for various cybersecurity modules. Whether you're diving into forensic research, conducting OSINT (Open Source Intelligence), running scans, setting up backup and copying workflows, or even performing intrusion tests on applications and APIs, WITCH_CRAFT aims to be your go-to platform.
 
-### WITCH_CRAFT
+### Visit the wiki:
+
+https://cosmic-zip.github.io/wiki/wiki.html
+
+### Plugins
+
+The witch_craft project is extensible through static files and Rust code. Moreover, it is possible to extend its functionalities using `db.json`. This file contains a list of small shell scripts, which means you can integrate anything that interacts with the terminal using ARGS (argsv, readargs(), sys.args(), etc).
+
+**Note**: There is a Python script called sort.py inside /var/witch_craft/witch_spells/dataset. It is used to create a sorted version of the dataset.
+
+```json
+{
+  "description": "Securely deletes and overwrites the contents of a device seven times",
+  "name": "nuke.hd",
+  "command": "shred -vzn 7 @@device"
+}
+```
+
+### Evilpages
+
+Put your cloned pages in /var/witch_craft/witch_spells/evilpages. Use the SingleFile extension or a similar tool to clone webpages:
+
+https://addons.mozilla.org/en-US/firefox/addon/single-file/
+
+### RC File
+
+To record logs of all your interactions, create a file named `.witchrc` in your home folder and add the following line to it:
+
+```txt
+
+path_log_file=~/my_frog.jsonl
+```
+
+You can use `~/` to represent your home directory or specify the complete path, such as:
+
+```txt
+
+path_log_file=/path/to/my/file.jsonl
 
-  WITCH_CRAFT is a versatile task automation software designed to serve as the
-  foundation for various cybersecurity modules. It provides capabilities for tasks
-  such as forensic research, OSINT (Open Source Intelligence), scanning, backup and
-  copying, intrusion testing of applications and APIs, and more.
+```
 
 ### Instalation
 
 The project initially includes a set of default files. These files
 are created using the best possible data analysis techniques, and
 their final versions are merged into the main project.
 
+The witch_spells package also provide:
+
+- **Unique Wordlists**:
+
+  - _Moth_
+  - _Ladybug_
+
+- **Default Credentials Database**
+- **IP Geolocation**
+- **IP Reputation/Score**
+- **A Set of Social Media Pages for Evil Twin Attacks**
+- **General Wordlists for Directories and Subdomains**
+- **MAC Address Vendor Database**
+- **Usernames Wordlist**
+- **XSS Wordlist**
+- **And more, UwU!**
+
 ### Install using snap
 
 <a href="https://snapcraft.io/witchcraft-cybersecurity">
@@ -61,62 +111,38 @@ chmod +x build.sh
 ./build.sh
 ```
 
-The script will prompt you to enter the root password, create a folder called release, and place the built executables inside it.
-Step 3: Explore the Release Folder
-
-Navigate to the release folder to find the built components:
-
-- **witch_craft**: The cli application executable.
-- **witch_oracle**: The gui application executable.
-
-**Usage**
-
-After building the project, you can run each component individually. Here's a brief overview:
+The script will prompt you to enter the root password, create a folder called 'release,' and place the built executables inside it. Additionally, it will prompt you to run the commands for extracting the archive files for OSINT and wordlists. You can choose to extract one, both, or neither, but keep in mind that the archives are required for OSINT operations.
 
 **Running Witch_Craft**
 
 Execute the following command to run the witch_craft application:
 
 ```bash
-
-./release/witch_craft
-
+witch_craft
 ```
 
-**Running Witch Oracle**
+**Note**: The first argument will always not have a "-" (minus) before it.
 
-To visualize data, run the Witch Oracle application:
+#### This script will run like:
 
 ```bash
-./release/witch_oracle
+witch_craft nuke.hd --device /dev/sdx1
 ```
 
-Feel free to contribute to witch_craft by submitting issues or pull requests. Your input is valuable!
-
-### Plugins
-
-The Witch_Craft project is extensible through static files and Rust code. Moreover, it is possible to extend its functionalities using `db.json`. This file contains a list of small shell scripts, which means you can integrate anything that interacts with the terminal using ARGS (argsv, readargs(), sys.args(), etc).
-
-```json
-{
-  "description": "Securely deletes and overwrites the contents of a device seven times",
-  "name": "nuke.hd",
-  "command": "shred -vzn 7 @@device"
-}
+```bash
+witch_craft search.meta --keywork "Anonymous"
 ```
 
-#### This script will run like:
-
 ```bash
-witchcraft nuke.hd --device /dev/sdx1
+witch_craft search.ipscore --ip 127.0.0.1
 ```
 
 ### License
 
-<center>
-  <div class="center">
-  <b>This project is licensed under the GNU General Public License v3.0.</b>
-  </div>
-</center>
+<p align="center">
+  🎉 This project is licensed under the GNU General Public License v3.0.
+</p>
+
+**WITCH_CRAFT includes IP2Proxy LITE data available from https://www.ip2location.com/proxy-database**
 
-#### WITCH_CRAFT includes IP2Proxy LITE data available from https://www.ip2location.com/proxy-database.
+**WITCH_CRAFT includes cinsscore data available from https://www.cinsscore.com**

SECURITY.md

@@ -1,4 +1,4 @@
- Security Policy
+# Security Policy
 
 Although we do our best to prevent vulnerabilities, and have tools to help
 catch most of them, we are humans after all, and there will be inevitably
@@ -9,77 +9,9 @@ witch_craft suite, or in our presence online (website, forum, emails,
 DNS, etc.).
 
 Depending on which category they fall into, different information is
-needed. We
-do believe in coordinated disclosure, so in order to address them, and
+needed. We do believe in coordinated disclosure, so in order to address them, and
 coordinate disclosure with you (and properly credit you for the
-discovery),
-report them to us. Do not open bug reports or pull requests.
+discovery), report them to us. Do not open bug reports or pull requests.
 
-Our contact email for security issues is TBA
-
-If you are unsure how to proceed, need clarifications or have questions or
-remarks about this policy, feel free to email us to inquire.
-
-## witch_craft suite vulnerabilities
-
-### Supported versions
-
-We only support the latest stable present on TBA
-
-For security issues present in our GitHub repository (master or any
-recently
-active branch), open a pull request or bug report.
-
-For any security issue affecting older versions of witch_craft still
-present
-in currently supported Linux or BSD distributions, file a report with
-them,
-and email us a short description of the vulnerability along with a link to
-the bug report.
-
-### Reporting
-
-There is no particular template to report the vulnerabilities. Keep
-in mind
-that a vulnerability is essentially a bug, so please provide us detailed
-information on how to reproduce it, such as:
-
-- Which witch_craft tools are affected? And how? Any proof of concept to
-demonstrate it?
-- Operating systems involved, kernel versions (`uname -a` and
-`lsb_release -a` for example).
-- CPU architecture (`witch_craft -v` output is useful); a vulnerability
-on a
-x86 32 bit may not be exploitable on ARM 64 bit. A bug may also only
-be present
-when witch_craft is compiled a certain way.
-- All the commands needed to trigger the issue.
-- Did you compile it yourself or did you get it from a package?
-- What equipment did you use? A packet capture may be useful; different
-equipment behaves differently, they have different Wi-Fi stacks,
-drivers, and
-firmware.
-- A patch to fix the issue, if available.
-- If CVE numbers have been assigned, please provide them as well.
-
-### Public disclosure
-
-Although it is essentially a bug, do not submit a bug report or a pull
-request,
-but email us the data first, so we can coordinate fixing the issue
-and assist
-you in filing the bug reports, and if you provided a patch, the pull
-request; a
-patch may need to be broken down in multiple commits for clarity,
-for example.
-
-## Online presence
-
-For any security issue affecting us specifically (any witch_craft.org
-subdomain) such as misconfiguration of our hosting, DNS, email, servers,
-or misconfiguration of the software we are using, email us with all the
-details regarding your findings.
-
-Anything else should be reported to the author or provider of the
-software,
-hardware, or hosting.
+Bug found? Questions? Access witch_craft community:
+[discussions](https://github.com/cosmic-zip/witch_craft/discussions)

build.sh

@@ -16,10 +16,15 @@ fi
 
 # Install packages
 if [ "$package_manager" == "apt" ]; then
+    echo && echo "Trying to install chromium, its used for social media OSINT!"
+    sudo snap install chromium
+
+    echo && echo "Install apt depedencies"
     sudo apt update
     sudo apt install -y nmap whois dirb dnsenum libc-bin iproute2 xxd iptables coreutils wget curl \
     dnsutils traceroute openssl openssh-server xattr libimage-exiftool-perl tor foremost pkg-config \
-    libssl-dev steghide doas nala
+    libssl-dev steghide doas nala libwebkit2gtk-4.1-dev build-essential curl wget file libxdo-dev 7zip \
+    libayatana-appindicator3-dev librsvg2-dev
 elif [ "$package_manager" == "yum" ]; then
     sudo yum update -y
     sudo yum install -y nmap dirb dnsenum glibc-utils xxd iptables-utils iproute wget curl bind-utils traceroute
@@ -30,6 +35,14 @@ echo && echo "Install witch_spells data"
 sudo mkdir -p /var/witch_craft
 sudo cp -r witch_spells/ /var/witch_craft
 sudo chown -R $(whoami):$(whoami) /var/witch_craft
+7z x /var/witch_craft/witch_spells/osint/archive.7z.001
+echo 'export WITCH_SPELLS_ROOT_DIR=/var/witch_craft/witch_spells/' >> ~/.bash_profile
+export WITCH_SPELLS_ROOT_DIR=/var/witch_craft/witch_spells/
+
+# Wordlist
+echo && echo "Wordlists are big (16GB) so, if you want or need then, just run:"
+echo "7z x /var/witch_craft/witch_spells/wordlists/ladybug.pwned"
+echo "7z x /var/witch_craft/witch_spells/wordlists/moth.pwned.7z.001"
 
 # Build binary
 echo && echo "Cargo build"