Thursday, June 22, 2017

Script to dump contents of "Robots.txt"

Recently picked up "Python" and decided to try my hand at a "n00b" script to dump the contents of "Robots.txt" file residing on a webserver.

# Ask for Protocol and store it in protocol
protocol = input('Enter HTTP or HTTPS: ')

# Ask for URL or IP and store it in domain
domain = input('Enter URL or IP: ')

robots = "/robots.txt"

from urllib.request import Request, urlopen
print('Checking "Robots.txt" for:')
print(domain)
print()
from urllib.error import URLError, HTTPError
req = Request(protocol+"://"+domain+robots)
try:
    response = urlopen(req)
except HTTPError as e:
    print('The server couldn\'t fulfill the request.')
    print('Error code: ', e.code)
except URLError as e:
    print('We failed to reach the server.')
    print('Reason: ', e.reason)
else:
    print('Contents of "Robots.txt" is as follows.')
    print()
with urlopen((protocol+"://"+domain+robots)) as stream:
    print(stream.read().decode("utf-8"))

#Written by commandrine.
#Last updated on 22 Jun 2017.

Thursday, February 16, 2017

Windows Nessus batch job

Wrote a simple Nessus batch job to get the updates.

cd \
cd "Program Files"/Tenable/Nessus/
net stop "Tenable Nessus"
nessuscli update --all
net start "Tenable Nessus"


#Written by commandrine.
#Last updated on 15 Feb 2017.

sslyze batch

I have always been about efficiency and decided to script my "sslyze" scans. Simple batch file below.

@echo off
setlocal ENABLEDELAYEDEXPANSION

set today=!date:/=-!
set now=!time::=-!

@echo SSLYZE scanning in progress... please be patient...
@echo off
cd \sslyze1-0-0
sslyze.exe --regular --targets_in=targets.txt > sslyze-!today!_!now!.txt

start "" "sslyze-!today!_!now!.txt"

#Please edit "targets.txt" in SSLYZE folder.
#Results will be stored in SSLYZE folder.
#Written by commandrine.
#Last updated on 15 Feb 2017.


Remember to create a file "targets.txt" in your sslyze folder and populate it with the hostnames/IPs you want to test.

Friday, August 7, 2015

sslyze

There are automated ways of checking webservers that support HTTPS if they are configured securely.
sslyze is a personal favourite of mine. They initially only supported Unix/Linux systems but have now ported it over to Windows as well.

Below is a sample of the command to run to start testing.

./sslyze.py --regular www.xyz.com:443

Thursday, August 6, 2015

Bluetooth

For some strange reason, Bluetooth is always persistently enabled on Ubuntu when you boot up even if you had turned it off in a previous session.
Easy solution is to add the highlighted line to the /etc/rc.local file.