You asked. We listened and are offering to include the new “Command Execution Add-on v2.0” for any previous customers who upgrade to Sn1per Professional v9.0 before January 31st, 2021 (a savings of $69!).
Contact us at [email protected] with your previous license key/order number after purchasing Sn1per Professional v9.0 to receive the Command Execution Add-on v2.0 FREE with your order! Offer only applies to verified customers who have purchased Sn1per Professional v8.0.
In case you missed it, Sn1per v8.4 was released today 6/8/2020 and features a slew of new improvements and fixes which will further enhance the speed and functionality of Sn1per.
Introducing Project “Sc0pe”
To start with, Sn1per v8.4 features a completely new active and passive vulnerability scanner called “Sc0pe” which will serve as the backbone of Sn1per’s new vulnerability scan engine. The new framework will make it quick and easy to scan for the latest CVE’s and web vulnerabilities as well as open up a slew of possibilities for users to create and share their own exploits and scanners (Submit your PR’s!). For a full list of scan templates, check here.
For anyone interested in writing or porting existing exploits over to Sc0pe, the process is super simple. First, you will need to create a new template.sh file under /usr/share/sniper/templates/active/ for active scanners and /usr/share/sniper/templates/passive/ for passive scanners. You can now copy an existing template to rename or create a new file with the following format:
One thing to note is that when saving template.sh file you created, be sure to not use spaces in the files (ie. CORS Policy – Allow-Credentials Enabled.sh). Instead, use underscores like “CORS_Policy_-_Allow-Credentials_Enabled.sh”.
Once your new template is created, all you need to do is run a scan. For active checks, you can choose from ‘normal’, ‘web’, ‘vulnscan’, ‘webporthttp’ and ‘webporthttps’ as well as any of the mass scan modes (ie. massweb, etc.). All other modes will only use passive scan modules to detect vulnerabilities.
OWASP ZAP Integration
Another major improvement added in v8.4 is the integration with OWASP ZAP. For this to work properly, you will need to have OWASP ZAP running on the same host as Sn1per and listening on port 8081/tcp.
In addition, you will need to enable the ZAP API service and disable the API key.
The last step is to update your /root/.sniper.conf file and enable the following setting:
After, you can run the ‘webscan’ mode (ie. sniper -t 127.0.0.1 -m webscan -w 127.0.0.1). After the scan completes, all HTML reports will be saved to /usr/share/sniper/loot/workspace/<workspace>/web/zap-report-$TARGET-$DATE.html.
Sn1per Configuration Templates
Another major addition to Sn1per v8.4 is eight new configuration templates which can be referenced and loaded dynamically to fine tune each Sn1per scan. In the following example, we can quickly run all Metasploit web exploits against the target and skip most of the default modules to quickly scan for web vulnerabilities.
Usage: sniper -t 127.0.0.1 -m web -c /usr/share/sniper/conf/webpwn_only -w 127.0.0.1
The possibilities are endless, but you can save and reference your own custom configuration templates or use the default options and templates as a reference. Check here for some examples and feel free to submit your PR’s with your own unique templates.
v8.4 – Improved efficiency of ‘web’ and ‘recon’ mode scans
v8.4 – Disabled legacy Metasploit web exploits (check Sn1per conf to re-enable)
v8.4 – Fixed issue with dirsearch asterisk being used incorrectly
v8.4 – Fixed issue with airstrike mode not updated Sn1per Professional v8.0 host list
v8.4 – Fixed issue with webtech re.error: invalid group reference 1 at position 130
To apply the update, run ‘sniper -u’ if Sn1per is already installed to automatically download the latest release. For new users, run: ‘git clone https://github.com/1N3/Sn1per’ and run the install.sh file.
You asked. We listened and are offering to include the new “Command Execution Add-on” for any previous customers who upgrade to Sn1per Professional v8.0 before January 31st, 2020 (a savings of $49!).
Please contact us at [email protected] with your previous license key/order number after purchasing Sn1per Professional v8.0 to receive the Command Execution Add-on download link! Offer only applies to verified previous customers.