introducing modes

README.md

@@ -95,43 +95,47 @@ After setting up your API key, you are ready to use CloudBrute.
 ██║     ██║     ██║   ██║██║   ██║██║  ██║██╔══██╗██╔══██╗██║   ██║   ██║   ██╔══╝  
 ╚██████╗███████╗╚██████╔╝╚██████╔╝██████╔╝██████╔╝██║  ██║╚██████╔╝   ██║   ███████╗
  ╚═════╝╚══════╝ ╚═════╝  ╚═════╝ ╚═════╝ ╚═════╝ ╚═╝  ╚═╝ ╚═════╝    ╚═╝   ╚══════╝
-                                                V 1.0.0
-[-d|--domain] is required
+                                                V 1.0.3
 usage: CloudBrute [-h|--help] -d|--domain "<value>" -k|--keyword "<value>"
                   -w|--wordlist "<value>" [-c|--cloud "<value>"] [-t|--threads
                   <integer>] [-T|--timeout <integer>] [-p|--proxy "<value>"]
-                  [-a|--randomagent "<value>"] [-D|--debug]
+                  [-a|--randomagent "<value>"] [-D|--debug] [-q|--quite]
+                  [-m|--mode "<value>"] [-o|--output "<value>"]
+                  [-C|--configFolder "<value>"]
 
                   Awesome Cloud Enumerator
 
 Arguments:
 
-  -h  --help         Print help information
-  -d  --domain       domain
-  -k  --keyword      keyword used to generator urls
-  -w  --wordlist     path to wordlist
-  -c  --cloud        force a search, check config.yaml providers list
-  -t  --threads      number of threads. Default: 80
-  -T  --timeout      timeout per request in seconds. Default: 10
-  -p  --proxy        use proxy list
-  -a  --randomagent  user agent randomization
-  -D  --debug        show debug logs. Default: false
+  -h  --help          Print help information
+  -d  --domain        domain
+  -k  --keyword       keyword used to generator urls
+  -w  --wordlist      path to wordlist
+  -c  --cloud         force a search, check config.yaml providers list
+  -t  --threads       number of threads. Default: 80
+  -T  --timeout       timeout per request in seconds. Default: 10
+  -p  --proxy         use proxy list
+  -a  --randomagent   user agent randomization
+  -D  --debug         show debug logs. Default: false
+  -q  --quite         suppress all output. Default: false
+  -m  --mode          storage or app. Default: 1
+  -o  --output        Output file. Default: out.txt
+  -C  --configFolder  Config path. Default: config
 
 
 ```
 
 for example 
 ```
-CloudBrute -d target.com -k target -t 80 -T 10 -w "./data/storage_small.txt"
+CloudBrute -d target.com -k target -m storage -t 80 -T 10 -w "./data/storage_small.txt"
 ```
-please note -k keyword is used to generate URLs, so if you want the full domain to be part of mutation, you have used it for both domain (-d) and keyword (-k) arguments 
+please note -k keyword used to generate URLs, so if you want the full domain to be part of mutation, you have used it for both domain (-d) and keyword (-k) arguments 
 
-If a cloud provider is not detected or want force searching on a specific provider, you can use -c option.
+If a cloud provider not detected or want force searching on a specific provider, you can use -c option.
 ```
-CloudBrute -d target.com -k keyword -t 80 -T 10 -w -c amazon
+CloudBrute -d target.com -k keyword -m storage -t 80 -T 10 -w -c amazon -o target_output.txt
 ```
-After execution CloudBrute will write to the same directory with following format.
-```target-2020-09-09T17-20-18.txt```
+
 
 ## in action
 

config/config.yaml

@@ -1,4 +1,4 @@
 providers: [ "amazon","alibaba","amazon","microsoft","digitalocean","linode","vultr","google" ] # supported providers
-environments: [ "test", "dev", "prod", "stage" ] # used for mutations
+environments: [ "test", "dev", "prod", "stage" , "staging" , "bak" ] # used for mutations
 proxytype: "http"  # socks5 / http
 ipinfo: ""      # IPINFO.io API KEY

config/modules/alibaba.yaml

@@ -25,4 +25,5 @@ regions:
     "oss-me-east-1" ]
 storage_urls: [ ]
 app_urls: [ ]
-region_urls: [ "aliyuncs.com" ]
+storage_region_urls: [ "aliyuncs.com" ]
+app_region_urls: [ ]

config/modules/amazon.yaml

@@ -26,4 +26,5 @@ regions: [
 ]
 app_urls: [ "awsapps.com" ]
 storage_urls: [ "s3.amazonaws.com" ]
-region_urls: [ "amazonaws.com" ]
+app_region_urls: [ "amazonaws.com" ]
+storage_region_urls: []

config/modules/digitalocean.yaml

@@ -12,4 +12,5 @@ regions: [
 
 storage_urls: [ ]
 app_urls: [ ]
-region_urls: [ "digitaloceanspaces.com" ]
+storage_region_urls: [ "digitaloceanspaces.com" ]
+app_region_urls: []

config/modules/google.yaml

@@ -2,6 +2,8 @@ app_urls: [ "appspot.com" ]
 storage_urls: [ "storage.googleapis.com" ]
 regions: [ ]
 region_urls: [ ]
+storage_region_urls: []
+app_region_urls: []
 
 #  we don't need to brute these as we can always use main urls .
 #  asia-east2

config/modules/linode.yaml

@@ -1,4 +1,5 @@
 regions: [ "us-east-1" , "eu-central-1", "ap-south-1" ]
 storage_urls: [ ]
 app_urls: [ ]
-region_urls: [ "linodeobjects.com" ]
+storage_region_urls: [ "linodeobjects.com" ]
+app_region_urls: []

config/modules/microsoft.yaml

@@ -46,4 +46,5 @@ app_urls:
       "cloudapp.net",
       "p.azurewebsites.net" ]
 
-region_urls: [ "cloudapp.azure.com" ]
+app_region_urls: [ "cloudapp.azure.com" ]
+storage_region_urls: [ ]

config/modules/vultr.yaml

@@ -1,4 +1,5 @@
 regions: [ "ewr1" ]
 storage_urls: [ ]
 app_urls: [ ]
-region_urls: [ "vultrobjects.com" ]
+storage_region_urls: [ "vultrobjects.com" ]
+app_region_url: [ ]

internal/brute.go

@@ -2,13 +2,13 @@ package internal
 
 import (
 	"crypto/tls"
+	"errors"
 	"fmt"
 	"github.com/cheggaaa/pb"
 	"github.com/rs/zerolog/log"
 	"golang.org/x/net/proxy"
 	"net/http"
 	"net/url"
-	"os"
 	"strconv"
 	"strings"
 	"time"
@@ -178,33 +178,33 @@ func AsyncHTTPHead(urls []string, threads int, timeout int, details RequestDetai
 				}
 
 				if strings.Contains(res, "200") {
-					out = fmt.Sprintf("%s:%s - %s", "Open", status, domain)
-					log.Info().Msg("Open : " + "[response code :" + res + "]")
+					out = fmt.Sprintf("%s:%s - %s", status,"Open", domain)
+					log.Info().Msg(out)
 				}
 				if strings.Contains(res, "301") || strings.Contains(res, "402") {
-					out = fmt.Sprintf("%s:%s - %s", "Open", status, domain)
-					log.Warn().Msg("Redirect : " + "[response code :" + res + "]")
+					out = fmt.Sprintf("%s:%s - %s", status,"Redirect", domain)
+					log.Warn().Msg(out)
 
 				}
 				if strings.Contains(res, "400") || strings.Contains(res, "401") ||
 					strings.Contains(res, "403") {
-					out = fmt.Sprintf("%s:%s - %s", "Open", status, domain)
-					log.Warn().Msg("Protected : " + "[response code :" + res + "]")
+					out = fmt.Sprintf("%s:%s - %s",  status , "Protected" , domain)
+					log.Warn().Msg(out)
 
 				}
 				if strings.Contains(res, "500") || strings.Contains(res, "502") {
-					out = fmt.Sprintf("%s:%s - %s", "Open", status, res)
-					log.Warn().Msg("Server error :" + "[response code :" + res + "]")
+					out = fmt.Sprintf("%s:%s - %s", status,"Server Error", res)
+					log.Warn().Msg(out)
 				}
 
 				if out != "" {
-					AppendTo(output, out)
+					_, _ = AppendTo(output, out)
 				}
 
 			}
 
 		case <-time.After(time.Duration(timeout) * time.Second):
-			fmt.Fprintf(os.Stderr, "timeout")
+			log.Warn().Msg("TimeOut")
 			bar.Increment()
 		case <-quit:
 			bar.Set(len(urls))
@@ -219,7 +219,7 @@ func AsyncHTTPHead(urls []string, threads int, timeout int, details RequestDetai
 
 }
 
-func GenerateMutatedUrls(wordListPath string, level int, provider string, providerPath string, target string, environments []string) ([]string, error) {
+func GenerateMutatedUrls(wordListPath string, mode string, provider string, providerPath string, target string, environments []string) ([]string, error) {
 
 	//envs := []string{"test", "dev", "prod", "stage"}
 	words, err := ReadTextFile(wordListPath)
@@ -231,6 +231,7 @@ func GenerateMutatedUrls(wordListPath string, level int, provider string, provid
 
 	var compiled []string
 
+
 	for _, env := range environments {
 
 		for _, word := range words {
@@ -263,45 +264,75 @@ func GenerateMutatedUrls(wordListPath string, level int, provider string, provid
 
 	var finalUrls []string
 
-	// @NOTE start to decide level here 0,1,2
-	if level >= 1 {
-		if len(providerConfig.Regions) > 0 {
-			for _, region := range providerConfig.Regions {
 
-				for _, regionUrl := range providerConfig.RegionUrls {
+	if mode == "storage"{
 
-					for _, word := range compiled {
-
-						finalUrls = append(finalUrls, word+"."+region+"."+regionUrl)
-					}
-				}
-			}
+		if len(providerConfig.StorageUrls) < 1 && len(providerConfig.StorageRegionUrls) < 1  {
+			return nil,errors.New("storage are not supported on :" + provider )
 		}
-	}
 
-	if level >= 2 {
 		if len(providerConfig.StorageUrls) > 0 {
-			for _, storage := range providerConfig.StorageUrls {
+
+			for _, app := range providerConfig.StorageUrls {
 
 				for _, word := range compiled {
-					finalUrls = append(finalUrls, word+"."+storage)
+					finalUrls = append(finalUrls, word+"."+app)
 				}
 			}
 		}
+
+
+		if len(providerConfig.StorageRegionUrls) > 0 {
+
+				for _, region := range providerConfig.Regions {
+
+					for _, regionUrl := range providerConfig.StorageRegionUrls {
+
+						for _, word := range compiled {
+
+							finalUrls = append(finalUrls, word+"."+region+"."+regionUrl)
+						}
+					}
+				}
+
+		}
+
 	}
 
-	if level >= 3 {
+	if mode == "app"{
+
+		if len(providerConfig.APPUrls) < 1 && len(providerConfig.AppRegionUrls) < 1  {
+			return nil,errors.New("storage are not supported on :" + provider )
+		}
+
+
 		if len(providerConfig.APPUrls) > 0 {
 			for _, app := range providerConfig.APPUrls {
 
 				for _, word := range compiled {
 					finalUrls = append(finalUrls, word+"."+app)
 				}
+			}
+		}
+
+		if len(providerConfig.AppRegionUrls) > 0 {
+
+			for _, region := range providerConfig.Regions {
+
+				for _, regionUrl := range providerConfig.AppRegionUrls {
 
+					for _, word := range compiled {
+
+						finalUrls = append(finalUrls, word+"."+region+"."+regionUrl)
+					}
+				}
 			}
+
 		}
+
 	}
 
+
 	return finalUrls, nil
 
 }

internal/config.go

@@ -29,6 +29,8 @@ type CloudConfig struct {
 	APPUrls     []string `yaml:"app_urls"`
 	StorageUrls []string `yaml:"storage_urls"`
 	RegionUrls  []string `yaml:"region_urls"`
+	AppRegionUrls  []string `yaml:"app_region_urls"`
+	StorageRegionUrls  []string `yaml:"storage_region_urls"`
 }
 
 func InitConfig(path string) *Config {