HackDig : Dig high-quality web security articles for hacker

Get acquainted with a peepingtom? You bet.

2014-10-09 18:00

Many penetration testers are familiar with peepingtom, a python program that’s commonly used to web scrape (gather intel about) web servers, to better assess which to attack (test) and how. Author Tim Tomes wrote peepingtom after struggling with an nmap-based approach to web scraping that is described in pauldotcom podcast #291 in 2012.

Recently, I've been playing with peepingtom to see whether it would be useful to include in a DNS abuse investigations training I deliver to public safety community members. Today, I'll explain how I installed peepingtom on my Macs. My installation is basically the same as the Linux install that's described in the Red Team Field Manual (RTFM, I strongly encourage you to get a copy).

Install  dependencies: cURL and phantomjs 

Peepingtom depends on cURL and phantomjs for correct operation. To install cURL, download http://curl.haxx.se/download/curl-7.38.0.tar.gz and unpack the curl folder to a folder. You can also open a Terminal and use wget and tar, which are included in your OpenBSD.

$wget http://curl.haxx.se/download/curl-7.38.0.tar.gz
$tar –zxvf curl-7.38.0.tar.gz

Change to wherever you’ve unpacked the directory curl-7.38.0 and make the file:

$ cd curl-7.38.0
$ make && sudo make install

Be patient, the install takes a few minutes. You’ll be prompted for super user password to complete. Confirm your install by launching curl --help

Next, download phantomjs from http://phantomjs.org/download.html. For Mac OS, you’ll download and extract/unpack phantomjs-1.9.7-macosx.zip. The binary phantomjs in the folder phantomjs-1.9.7-macosx is ready to use.

Install peepingtom

Make a directory for peepingtom and use git clone to copy the peepingtom repository into your new directory:

$ mkdir peepingtom
$ git clone https://bitbucket.org/LaNMaSteR53/peepingtom.git

The last step is important: copy the phantomjs binary from phantomjs-1.9.7-macosx to the peepingtom directory.

Get acquainted with peepingtom

With curl installed and pythonjs in the peepingtom directory, get acquainted with the options:

Peepingtomhelp 

Example

Here’s an example to get you started.  This command scrapes the IMDB page for Simple Life and directs the output to a folder called simplelife:

Simplelifepeep

From a browser, open the file peepingtom.html in simplelife.

  Simplelifeweb

peepingtom gives you a snapshot of the page, snapshot of the source, and saves a copy of the  web page source. Note that you will not execute any scripts on web pages you visit with peepingtom. This is a great way to safely grab content for offline examination. You can also use list input mode (-l) to scan URLs you've copied to a file, or domains/IP addresses for listening services (e.g., http/80)

Next Post: Use Cases

In my next post, I’ll share some examples of how you might use peepingtom to  look for malicious domain names, URLs, and scripts in the content you’ve grabbed.


Source: lmth.teb-uoy-motgnipeep-a-htiw-detniauqca-teg/01/4102/moc.citpeksytiruces.www

Read:4188 | Comments:0 | Tags:No Tag

“Get acquainted with a peepingtom? You bet.”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud