File "zeus.py", line 353, in <module>
__run_attacks_main()
File "zeus.py", line 305, in __run_attacks_main
threads=opt.amountOfThreads
File "/home/baal/bin/python/zeus-scanner/lib/core/settings.py", line 1008, in run_attacks
github_gist_search_main(query, agent=agent, proxy=proxy, verbose=verbose)
File "/home/baal/bin/python/zeus-scanner/var/search/pgp_search.py", line 184, in pgp_main
return get_pgp_keys(urls, query, verbose=verbose)
File "/home/baal/bin/python/zeus-scanner/var/search/pgp_search.py", line 132, in get_pgp_keys
timeout=10
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 508, in request
resp = self.send(prep, **send_kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/adapters.py", line 521, in send
raise ReadTimeout(e, request=request)
ReadTimeout: HTTPSConnectionPool(host='pgp.mit.edu', port=443): Read timed out. (read timeout=10)
2017-11-25 18:04:04,378;zeus-log;DEBUG;verifying operating system...
2017-11-25 18:04:04,402;zeus-log;DEBUG;already ran, skipping...
2017-11-25 18:04:04,402;zeus-log;DEBUG;running with options '{'pgpLookup': True, 'useRandomAgent': True, 'runInBatch': True, 'runInVerbose': True, 'noExclude': True, 'parseWebcache': True, 'dorkToUse': '2'}'...
2017-11-25 18:04:04,403;zeus-log;INFO;log file being saved to '/home/baal/bin/python/zeus-scanner/log/zeus-log-3.log'...
2017-11-25 18:04:04,403;zeus-log;DEBUG;grabbing random user-agent from '/home/baal/bin/python/zeus-scanner/etc/text_files/agents.txt'...
2017-11-25 18:04:04,425;zeus-log;DEBUG;using default search engine (Google)...
2017-11-25 18:04:04,425;zeus-log;INFO;using default search engine...
2017-11-25 18:04:04,425;zeus-log;INFO;starting dork scan with query '2'...
2017-11-25 18:04:04,426;zeus-log;DEBUG;parsing blacklist...
2017-11-25 18:04:04,426;zeus-log;DEBUG;checking for user-agent and proxy configuration...
2017-11-25 18:04:04,426;zeus-log;INFO;attempting to gather query URL...
2017-11-25 18:04:04,426;zeus-log;INFO;setting up virtual display to hide the browser...
2017-11-25 18:04:04,624;zeus-log;INFO;setting the browser...
2017-11-25 18:04:12,698;zeus-log;INFO;browser will open shortly...
2017-11-25 18:04:15,270;zeus-log;DEBUG;searching search engine for the 'q' element (search button)...
2017-11-25 18:04:15,296;zeus-log;INFO;searching search engine using query 'http://google.com'...
2017-11-25 18:04:18,374;zeus-log;DEBUG;obtaining URL from selenium...
2017-11-25 18:04:18,381;zeus-log;DEBUG;found current URL from selenium browser...
2017-11-25 18:04:18,381;zeus-log;INFO;closing the browser and continuing process..
2017-11-25 18:04:18,433;zeus-log;INFO;URL successfully gathered, searching for GET parameters...
2017-11-25 18:04:18,434;zeus-log;INFO;no proxy configuration detected...
2017-11-25 18:04:19,407;zeus-log;INFO;adjusting user-agent header to Opera/9.20 (Windows NT 5.1; U; zh-tw)...
2017-11-25 18:04:19,414;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/2'...
2017-11-25 18:04:19,415;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/<b'...
2017-11-25 18:04:19,415;zeus-log;DEBUG;found 'http://webcache.googleusercontent.com/search?q=cache:mtzsQ05b6UsJ:https://en.wikipedia.org/wiki/2%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,415;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/2+2'...
2017-11-25 18:04:19,416;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/2#In_mathematics'...
2017-11-25 18:04:19,416;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/2#Evolution_of_the_glyph'...
2017-11-25 18:04:19,416;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/2#In_religion'...
2017-11-25 18:04:19,416;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/2#Numerological_significance'...
2017-11-25 18:04:19,418;zeus-log;DEBUG;found 'http://smarturl.it/TinasheAquarius?IQid=yt'...
2017-11-25 18:04:19,418;zeus-log;DEBUG;found 'https://store.google.com/ca/product/pixel_2'...
2017-11-25 18:04:19,419;zeus-log;DEBUG;found 'https://store.google.com/ca/product/pixel_<b'...
2017-11-25 18:04:19,419;zeus-log;DEBUG;found 'http://swordburst2.wikia.com/wiki/Cerberus'...
2017-11-25 18:04:19,420;zeus-log;DEBUG;found 'http://webcache.googleusercontent.com/search?q=cache:jzhMNM_CAlYJ:http://swordburst2.wikia.com/wiki/Cerberus%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,421;zeus-log;DEBUG;found 'https://www.microsoft.com/en-us/surface/devices/surface-book-2/overview'...
2017-11-25 18:04:19,421;zeus-log;DEBUG;found 'https://www.microsoft.com/en-us/surface/devices/...<b'...
2017-11-25 18:04:19,421;zeus-log;DEBUG;found 'http://webcache.googleusercontent.com/search?q=cache:_HZnvEVWfHgJ:https://www.microsoft.com/en-us/surface/devices/surface-book-2/overview%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,423;zeus-log;DEBUG;found 'https://www.microsoft.com/en-us/surface/devices/surface-book-2/tech-specs'...
2017-11-25 18:04:19,424;zeus-log;DEBUG;found 'https://www.microsoft.com/en-us/surface/devices/...<b'...
2017-11-25 18:04:19,424;zeus-log;DEBUG;found 'http://webcache.googleusercontent.com/search?q=cache:J-Ux9fa-HOgJ:https://www.microsoft.com/en-us/surface/devices/surface-book-2/tech-specs%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,424;zeus-log;DEBUG;found 'https://blogs.windows.com/devices/2017/10/17/introducing-surface-book-2-the-most-powerful-surface-book-ever/'...
2017-11-25 18:04:19,425;zeus-log;DEBUG;found 'https://blogs.windows.com/.../introducing-surface-book-<b'...
2017-11-25 18:04:19,425;zeus-log;DEBUG;found 'http://webcache.googleusercontent.com/search?q=cache:J7jSE8G-dBsJ:https://blogs.windows.com/devices/2017/10/17/introducing-surface-book-2-the-most-powerful-surface-book-ever/%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,425;zeus-log;DEBUG;found 'https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcTkZxhMfB7GguWLATHiwtMONyop9T0Jd47BdKOBiQRcLLSEtI2E3mT4v4kmp4R4q1zg-7M'...
2017-11-25 18:04:19,426;zeus-log;INFO;found a webcache URL, extracting...
2017-11-25 18:04:19,426;zeus-log;DEBUG;found 'https://www.microsoft.com/en-us/surface/devices/surface-book-2/tech-specs%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,426;zeus-log;INFO;found a webcache URL, extracting...
2017-11-25 18:04:19,426;zeus-log;DEBUG;found 'https://blogs.windows.com/devices/2017/10/17/introducing-surface-book-2-the-most-powerful-surface-book-ever/%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,426;zeus-log;INFO;found a webcache URL, extracting...
2017-11-25 18:04:19,426;zeus-log;DEBUG;found 'https://www.microsoft.com/en-us/surface/devices/surface-book-2/overview%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,426;zeus-log;INFO;found a webcache URL, extracting...
2017-11-25 18:04:19,427;zeus-log;DEBUG;found 'https://en.wikipedia.org/wiki/2%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,427;zeus-log;INFO;found a webcache URL, extracting...
2017-11-25 18:04:19,427;zeus-log;DEBUG;found 'http://swordburst2.wikia.com/wiki/Cerberus%2B2&hl=en&ct=clnk'...
2017-11-25 18:04:19,428;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/url-log/url-log-3.log'...
2017-11-25 18:04:19,428;zeus-log;INFO;found a total of 22 URLs with given query '2'...
2017-11-25 18:04:19,428;zeus-log;INFO;currently running on 'https://en.wikipedia.org/wiki/2#In_mathematics' (target #1)...
2017-11-25 18:04:19,428;zeus-log;INFO;checking URL headers...
2017-11-25 18:04:19,428;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:04:19,429;zeus-log;DEBUG;attempting connection to 'https://en.wikipedia.org/wiki/2#In_mathematics AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:04:20,017;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-25 18:04:20,018;zeus-log;DEBUG;loading XML data...
2017-11-25 18:04:20,020;zeus-log;INFO;attempting to get request headers for 'https://en.wikipedia.org/wiki/2#In_mathematics'...
2017-11-25 18:04:20,468;zeus-log;INFO;found a request cookie, saving to file...
2017-11-25 18:04:20,488;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/en.wikipedia.org(1).log'...
2017-11-25 18:04:20,488;zeus-log;DEBUG;fetched {'X-Cache-Status': 'pass', 'Content-language': 'en', 'X-Powered-By': 'HHVM/3.18.6-dev', 'Transfer-Encoding': 'chunked', 'Last-Modified': 'Thu, 23 Nov 2017 00:42:33 GMT', 'X-Client-IP': '2600:8803:b800:8680:f08c:5d71:964b:c32c', 'Expires': 'Thu, 01 Jan 1970 00:00:00 GMT', 'Link': '</static/images/project-logos/enwiki.png>;rel=preload;as=image;media=not all and (min-resolution: 1.5dppx),</static/images/project-logos/enwiki-1.5x.png>;rel=preload;as=image;media=(min-resolution: 1.5dppx) and (max-resolution: 1.999999dppx),</static/images/project-logos/enwiki-2x.png>;rel=preload;as=image;media=(min-resolution: 2dppx)', 'Date': 'Sun, 26 Nov 2017 00:04:20 GMT', 'Accept-Ranges': 'bytes', 'X-Varnish': '487209906, 268244806', 'X-Cache': 'cp1052 pass, cp1052 pass', 'Set-Cookie': 'WMF-Last-Access=26-Nov-2017;Path=/;HttpOnly;secure;Expires=Thu, 28 Dec 2017 00:00:00 GMT, WMF-Last-Access-Global=26-Nov-2017;Path=/;Domain=.wikipedia.org;HttpOnly;secure;Expires=Thu, 28 Dec 2017 00:00:00 GMT, GeoIP=US:OK:Edmond:35.62:-97.48:v4; Path=/; secure; Domain=.wikipedia.org', 'Age': '0', 'Strict-Transport-Security': 'max-age=106384710; includeSubDomains; preload', 'Server': 'mw1258.eqiad.wmnet', 'Connection': 'keep-alive', 'P3P': 'CP="This is not a P3P policy! See https://en.wikipedia.org/wiki/Special:CentralAutoLogin/P3P for more info."', 'Via': '1.1 varnish-v4, 1.1 varnish-v4', 'X-Analytics': 'ns=0;page_id=64516;https=1;nocookies=1', 'X-Content-Type-Options': 'nosniff', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding,Cookie,Authorization', 'X-UA-Compatible': 'IE=Edge', 'Cache-Control': 'private, s-maxage=0, max-age=0, must-revalidate', 'Content-Type': 'text/html; charset=UTF-8', 'Backend-Timing': 'D=104613 t=1511654660246815'}...
2017-11-25 18:04:20,488;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-25 18:04:20,489;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-25 18:04:20,489;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:04:20,505;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/en.wikipedia.org(1).json'...
2017-11-25 18:04:20,518;zeus-log;INFO;searching public PGP files with given query 'en'...
2017-11-25 18:04:30,998;zeus-log;WARNING;connection timed out, assuming no PGP keys...
2017-11-25 18:04:30,999;zeus-log;WARNING;did not find anything using query 'en'...
2017-11-25 18:04:30,999;zeus-log;INFO;currently running on 'https://www.microsoft.com/en-us/surface/devices/...' (target #2)...
2017-11-25 18:04:30,999;zeus-log;INFO;checking URL headers...
2017-11-25 18:04:31,000;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:04:31,000;zeus-log;DEBUG;attempting connection to 'https://www.microsoft.com/en-us/surface/devices/... AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:04:31,154;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-25 18:04:31,155;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-25 18:04:31,155;zeus-log;DEBUG;loading XML data...
2017-11-25 18:04:31,155;zeus-log;INFO;attempting to get request headers for 'https://www.microsoft.com/en-us/surface/devices/...'...
2017-11-25 18:04:31,402;zeus-log;DEBUG;fetched {'Content-Length': '324', 'Strict-Transport-Security': 'max-age=31536000', 'Connection': 'keep-alive', 'Date': 'Sun, 26 Nov 2017 00:04:31 GMT', 'X-RTag': '1', 'Content-Type': 'text/html; charset=us-ascii', 'X-EdgeConnect-Origin-MEX-Latency': '84'}...
2017-11-25 18:04:31,403;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-25 18:04:31,403;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:04:31,404;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.microsoft.com-headers.json'...
2017-11-25 18:04:31,405;zeus-log;INFO;searching public PGP files with given query 'microsoft'...
2017-11-25 18:04:31,920;zeus-log;WARNING;did not find anything using query 'microsoft'...
2017-11-25 18:04:31,922;zeus-log;INFO;currently running on 'https://en.wikipedia.org/wiki/2+2' (target #3)...
2017-11-25 18:04:31,923;zeus-log;INFO;checking URL headers...
2017-11-25 18:04:31,923;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:04:31,923;zeus-log;DEBUG;attempting connection to 'https://en.wikipedia.org/wiki/2+2 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:04:32,411;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Varnish FireWall (OWASP)'...
2017-11-25 18:04:32,412;zeus-log;DEBUG;loading XML data...
2017-11-25 18:04:32,414;zeus-log;INFO;attempting to get request headers for 'https://en.wikipedia.org/wiki/2+2'...
2017-11-25 18:04:33,039;zeus-log;INFO;found a request cookie, saving to file...
2017-11-25 18:04:33,040;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/en.wikipedia.org(2).log'...
2017-11-25 18:04:33,041;zeus-log;DEBUG;fetched {'X-Cache-Status': 'pass', 'Content-language': 'en', 'X-Powered-By': 'HHVM/3.18.6-dev', 'Transfer-Encoding': 'chunked', 'X-Frame-Options': 'DENY', 'X-Client-IP': '2600:8803:b800:8680:f08c:5d71:964b:c32c', 'Expires': 'Thu, 01 Jan 1970 00:00:00 GMT', 'Link': '</static/images/project-logos/enwiki.png>;rel=preload;as=image;media=not all and (min-resolution: 1.5dppx),</static/images/project-logos/enwiki-1.5x.png>;rel=preload;as=image;media=(min-resolution: 1.5dppx) and (max-resolution: 1.999999dppx),</static/images/project-logos/enwiki-2x.png>;rel=preload;as=image;media=(min-resolution: 2dppx)', 'Pragma': 'no-cache', 'Date': 'Sun, 26 Nov 2017 00:04:32 GMT', 'X-Varnish': '209719493, 268475565', 'X-Cache': 'cp1053 pass, cp1052 pass', 'Set-Cookie': 'WMF-Last-Access=26-Nov-2017;Path=/;HttpOnly;secure;Expires=Thu, 28 Dec 2017 00:00:00 GMT, WMF-Last-Access-Global=26-Nov-2017;Path=/;Domain=.wikipedia.org;HttpOnly;secure;Expires=Thu, 28 Dec 2017 00:00:00 GMT, GeoIP=US:OK:Edmond:35.62:-97.48:v4; Path=/; secure; Domain=.wikipedia.org', 'Age': '0', 'Strict-Transport-Security': 'max-age=106384710; includeSubDomains; preload', 'Server': 'mw1274.eqiad.wmnet', 'Connection': 'keep-alive', 'P3P': 'CP="This is not a P3P policy! See https://en.wikipedia.org/wiki/Special:CentralAutoLogin/P3P for more info."', 'Via': '1.1 varnish-v4, 1.1 varnish-v4', 'X-Analytics': 'ns=-1;special=Badtitle;https=1;nocookies=1', 'X-Content-Type-Options': 'nosniff', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding,Cookie,Authorization', 'X-UA-Compatible': 'IE=Edge', 'Cache-Control': 'private, s-maxage=0, max-age=0, must-revalidate', 'Content-Type': 'text/html; charset=UTF-8', 'Backend-Timing': 'D=59484 t=1511654672921425'}...
2017-11-25 18:04:33,041;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-25 18:04:33,041;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-25 18:04:33,041;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-25 18:04:33,041;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:04:33,042;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/en.wikipedia.org(2).json'...
2017-11-25 18:04:33,042;zeus-log;INFO;searching public PGP files with given query 'en'...
2017-11-25 18:04:43,455;zeus-log;WARNING;connection timed out, assuming no PGP keys...
2017-11-25 18:04:43,456;zeus-log;WARNING;did not find anything using query 'en'...
2017-11-25 18:04:43,456;zeus-log;INFO;currently running on 'https://store.google.com/ca/product/pixel_2' (target #4)...
2017-11-25 18:04:43,456;zeus-log;INFO;checking URL headers...
2017-11-25 18:04:43,456;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:04:43,456;zeus-log;DEBUG;attempting connection to 'https://store.google.com/ca/product/pixel_2 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:04:44,621;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-25 18:04:44,621;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-25 18:04:44,621;zeus-log;DEBUG;loading XML data...
2017-11-25 18:04:44,622;zeus-log;INFO;attempting to get request headers for 'https://store.google.com/ca/product/pixel_2'...
2017-11-25 18:04:44,956;zeus-log;INFO;found a request cookie, saving to file...
2017-11-25 18:04:44,957;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/store.google.com-cookie.log'...
2017-11-25 18:04:44,957;zeus-log;DEBUG;fetched {'Strict-Transport-Security': 'max-age=31536000; includeSubDomains', 'X-Content-Type-Options': 'nosniff', 'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'NID=118=f94tA7Upd3kcejmeh3YN3cwSe0Pjhw5ZlA8C9n73rwJ49nzh1z2UH-jt8uapVJVnH3hndi9JjEaABcO-IwRIVM0558pJVQj2mUZsxo9cjLKuQS3Zg3DO1dKsydwMdk3R;Domain=.google.com;Path=/;Expires=Mon, 28-May-2018 00:04:44 GMT;HttpOnly', 'Expires': 'Mon, 01 Jan 1990 00:00:00 GMT', 'Server': 'GSE', 'Content-Security-Policy-Report-Only': "script-src 'report-sample' 'nonce-Xx8JKzfYHRUdlflj3xqEc51SPu4' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/smith/", 'X-XSS-Protection': '1; mode=block', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', 'Date': 'Sun, 26 Nov 2017 00:04:44 GMT', 'P3P': 'CP="This is not a P3P policy! See g.co/p3phelp for more info."', 'Alt-Svc': 'hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-25 18:04:44,957;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-25 18:04:44,958;zeus-log;WARNING;provided target has protection against XSS attacks...
2017-11-25 18:04:44,958;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-25 18:04:44,958;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:04:44,958;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/store.google.com-headers.json'...
2017-11-25 18:04:44,959;zeus-log;INFO;searching public PGP files with given query 'store'...
2017-11-25 18:04:55,439;zeus-log;WARNING;connection timed out, assuming no PGP keys...
2017-11-25 18:04:55,442;zeus-log;WARNING;did not find anything using query 'store'...
2017-11-25 18:04:55,444;zeus-log;INFO;currently running on 'https://en.wikipedia.org/wiki/2#Numerological_significance' (target #5)...
2017-11-25 18:04:55,444;zeus-log;INFO;checking URL headers...
2017-11-25 18:04:55,455;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:04:55,470;zeus-log;DEBUG;attempting connection to 'https://en.wikipedia.org/wiki/2#Numerological_significance AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:04:56,043;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-25 18:04:56,049;zeus-log;DEBUG;loading XML data...
2017-11-25 18:04:56,050;zeus-log;INFO;attempting to get request headers for 'https://en.wikipedia.org/wiki/2#Numerological_significance'...
2017-11-25 18:04:56,562;zeus-log;INFO;found a request cookie, saving to file...
2017-11-25 18:04:56,564;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/en.wikipedia.org(3).log'...
2017-11-25 18:04:56,564;zeus-log;DEBUG;fetched {'X-Cache-Status': 'pass', 'Content-language': 'en', 'X-Powered-By': 'HHVM/3.18.6-dev', 'Transfer-Encoding': 'chunked', 'Last-Modified': 'Thu, 23 Nov 2017 00:42:33 GMT', 'X-Client-IP': '2600:8803:b800:8680:f08c:5d71:964b:c32c', 'Expires': 'Thu, 01 Jan 1970 00:00:00 GMT', 'Link': '</static/images/project-logos/enwiki.png>;rel=preload;as=image;media=not all and (min-resolution: 1.5dppx),</static/images/project-logos/enwiki-1.5x.png>;rel=preload;as=image;media=(min-resolution: 1.5dppx) and (max-resolution: 1.999999dppx),</static/images/project-logos/enwiki-2x.png>;rel=preload;as=image;media=(min-resolution: 2dppx)', 'Date': 'Sun, 26 Nov 2017 00:04:56 GMT', 'Accept-Ranges': 'bytes', 'X-Varnish': '208051401, 264659766', 'X-Cache': 'cp1053 pass, cp1052 pass', 'Set-Cookie': 'WMF-Last-Access=26-Nov-2017;Path=/;HttpOnly;secure;Expires=Thu, 28 Dec 2017 00:00:00 GMT, WMF-Last-Access-Global=26-Nov-2017;Path=/;Domain=.wikipedia.org;HttpOnly;secure;Expires=Thu, 28 Dec 2017 00:00:00 GMT, GeoIP=US:OK:Edmond:35.62:-97.48:v4; Path=/; secure; Domain=.wikipedia.org', 'Age': '0', 'Strict-Transport-Security': 'max-age=106384710; includeSubDomains; preload', 'Server': 'mw1263.eqiad.wmnet', 'Connection': 'keep-alive', 'P3P': 'CP="This is not a P3P policy! See https://en.wikipedia.org/wiki/Special:CentralAutoLogin/P3P for more info."', 'Via': '1.1 varnish-v4, 1.1 varnish-v4', 'X-Analytics': 'ns=0;page_id=64516;https=1;nocookies=1', 'X-Content-Type-Options': 'nosniff', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding,Cookie,Authorization', 'X-UA-Compatible': 'IE=Edge', 'Cache-Control': 'private, s-maxage=0, max-age=0, must-revalidate', 'Content-Type': 'text/html; charset=UTF-8', 'Backend-Timing': 'D=126110 t=1511654696305342'}...
2017-11-25 18:04:56,564;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-25 18:04:56,565;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-25 18:04:56,565;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:04:56,566;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/en.wikipedia.org(3).json'...
2017-11-25 18:04:56,568;zeus-log;INFO;searching public PGP files with given query 'en'...
2017-11-25 18:05:07,003;zeus-log;WARNING;connection timed out, assuming no PGP keys...
2017-11-25 18:05:07,005;zeus-log;WARNING;did not find anything using query 'en'...
2017-11-25 18:05:07,006;zeus-log;INFO;currently running on 'https://www.microsoft.com/en-us/surface/devices/surface-book-2/overview' (target #6)...
2017-11-25 18:05:07,006;zeus-log;INFO;checking URL headers...
2017-11-25 18:05:07,006;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:05:07,007;zeus-log;DEBUG;attempting connection to 'https://www.microsoft.com/en-us/surface/devices/surface-book-2/overview AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:05:07,144;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-25 18:05:07,144;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-25 18:05:07,145;zeus-log;DEBUG;loading XML data...
2017-11-25 18:05:07,145;zeus-log;INFO;attempting to get request headers for 'https://www.microsoft.com/en-us/surface/devices/surface-book-2/overview'...
2017-11-25 18:05:07,536;zeus-log;DEBUG;fetched {'Content-Length': '324', 'Strict-Transport-Security': 'max-age=31536000', 'Connection': 'keep-alive', 'Date': 'Sun, 26 Nov 2017 00:05:07 GMT', 'X-RTag': '1', 'Content-Type': 'text/html; charset=us-ascii', 'X-EdgeConnect-Origin-MEX-Latency': '192'}...
2017-11-25 18:05:07,538;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-25 18:05:07,539;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:05:07,539;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.microsoft.com(1).json'...
2017-11-25 18:05:07,540;zeus-log;INFO;searching public PGP files with given query 'microsoft'...
2017-11-25 18:05:18,052;zeus-log;WARNING;connection timed out, assuming no PGP keys...
2017-11-25 18:05:18,059;zeus-log;WARNING;did not find anything using query 'microsoft'...
2017-11-25 18:05:18,059;zeus-log;INFO;currently running on 'http://swordburst2.wikia.com/wiki/Cerberus%2B2&hl=en&ct=clnk' (target #7)...
2017-11-25 18:05:18,059;zeus-log;INFO;checking URL headers...
2017-11-25 18:05:18,060;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:05:18,060;zeus-log;DEBUG;attempting connection to 'http://swordburst2.wikia.com/wiki/Cerberus%2B2&hl=en&ct=clnk AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:05:18,698;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-25 18:05:18,699;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-25 18:05:18,699;zeus-log;DEBUG;loading XML data...
2017-11-25 18:05:18,699;zeus-log;INFO;attempting to get request headers for 'http://swordburst2.wikia.com/wiki/Cerberus%2B2&hl=en&ct=clnk'...
2017-11-25 18:05:18,964;zeus-log;INFO;found a request cookie, saving to file...
2017-11-25 18:05:18,965;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/swordburst2.wikia.com-cookie.log'...
2017-11-25 18:05:18,965;zeus-log;DEBUG;fetched {'Content-Length': '71594', 'Content-language': 'en', 'X-Cacheable': 'NO:Not-Cacheable', 'X-Cache-Hits': 'ORIGIN, 0, 0', 'X-Frame-Options': 'DENY', 'X-Trace-Id': 'd6147972-44a9-4b68-aff4-9b6f16d4624d', 'X-Served-By': 'ap-s276, cache-wk-sjc3161-WIKIA, cache-dfw18648-DFW', 'Date': 'Sun, 26 Nov 2017 00:05:18 GMT', 'X-Cache': 'ORIGIN, MISS, MISS', 'Set-Cookie': 'wikia_beacon_id=FlISr3ByyV; domain=.wikia.com; path=/; expires=Fri, 25 May 2018 00:05:18 GMT;, wikia_session_id=ZIW8j9Jr-M; domain=.wikia.com; path=/; expires=Sun, 26 Nov 2017 00:35:18 GMT;', 'Accept-Ranges': 'bytes', 'X-Span-Id': '3e5b9d6b-f301-4b6d-b769-d28732620b45', 'Server': 'Apache', 'Connection': 'keep-alive', 'X-Backend-Response-Time': '0.115', 'X-Content-Type-Options': 'nosniff', 'Content-Encoding': 'gzip', 'Fastly-Debug-Digest': '58915a96d69f582de01e8abed368a80bdb6b5bc0ed91e406a18144e186f7b682', 'X-Timer': 'S1511654719.720603,VS0,VE170', 'Vary': 'Accept-Encoding,Cookie', 'Cache-Control': 'private, s-maxage=0, max-age=0, must-revalidate', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-25 18:05:18,966;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-25 18:05:18,966;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-25 18:05:18,967;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:05:18,967;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/swordburst2.wikia.com-headers.json'...
2017-11-25 18:05:18,968;zeus-log;INFO;searching public PGP files with given query 'swordburst2'...
2017-11-25 18:05:29,509;zeus-log;WARNING;connection timed out, assuming no PGP keys...
2017-11-25 18:05:29,510;zeus-log;WARNING;did not find anything using query 'swordburst2'...
2017-11-25 18:05:29,510;zeus-log;INFO;currently running on 'https://blogs.windows.com/.../introducing-surface-book-' (target #8)...
2017-11-25 18:05:29,511;zeus-log;INFO;checking URL headers...
2017-11-25 18:05:29,511;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-25 18:05:29,511;zeus-log;DEBUG;attempting connection to 'https://blogs.windows.com/.../introducing-surface-book- AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-25 18:05:29,843;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-25 18:05:29,843;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-25 18:05:29,844;zeus-log;DEBUG;loading XML data...
2017-11-25 18:05:29,844;zeus-log;INFO;attempting to get request headers for 'https://blogs.windows.com/.../introducing-surface-book-'...
2017-11-25 18:05:30,118;zeus-log;INFO;found a request cookie, saving to file...
2017-11-25 18:05:30,119;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/blogs.windows.com-cookie.log'...
2017-11-25 18:05:30,120;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'visid_incap_842129=Q93v3vLRR0OYffwqNUfKLkkFGloAAAAAQUIPAAAAAAB5MBhZjRARYcP41vWl2HfC; expires=Sun, 25 Nov 2018 12:24:24 GMT; path=/; Domain=.windows.com, incap_ses_117_842129=W8RfZWxOOWuaQ4YB5qqfAUkFGloAAAAAohAxH/3TziFuLkc1kxqJwg==; path=/; Domain=.windows.com, ___utmvmycumvyX=clxyShgVLdz; path=/; Max-Age=900, ___utmvaycumvyX=YGx\x01nOXY; path=/; Max-Age=900, ___utmvbycumvyX=fZd\r\n XXZOCalO: ytR; path=/; Max-Age=900', 'X-CDN': 'Incapsula', 'Vary': 'Accept-Encoding', 'Server': 'nginx', 'Connection': 'keep-alive', 'Date': 'Sun, 26 Nov 2017 00:05:30 GMT', 'X-Iinfo': '11-87783325-87783332 NNNN CT(14 35 0) RT(1511654729441 74) q(0 0 0 -1) r(0 0) U11', 'Content-Type': 'text/html'}...
2017-11-25 18:05:30,120;zeus-log;INFO;writing found headers to log file...
2017-11-25 18:05:30,121;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/blogs.windows.com-headers.json'...
2017-11-25 18:05:30,121;zeus-log;INFO;searching public PGP files with given query 'blogs'...
2017-11-25 18:05:36,535;zeus-log;INFO;found a total of 42 URLs...
2017-11-25 18:05:36,535;zeus-log;DEBUG;found a '['https://pgp.mit.edu/pks/lookup?op=vindex&search=0x37A1E62E7104217F', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0xC9484759A53A162C', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x22213566BE21470E', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x1ABA7E3232C5C068', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x9CC4EB0FF6C9AEAA', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x63D85A0ED12E87BA', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x0AE1259FB78BF63B', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x47B0B7CA4EE109D4', 'https://pgp.mit.edu/pks/lookup?op=get&search=0xC9484759A53A162C', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x4897DB080E037026', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x381F9E91A26DBE1E', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x2227D60C47506000', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x4897DB080E037026', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x63D85A0ED12E87BA', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x278EE29EA5543854', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x03899996F5024D71', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x73D6B529B0A48021', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x03899996F5024D71', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x7810ECF18714022A', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x24BE813A5E805A31', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x22213566BE21470E', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x7C6A4B7E3C727CDB', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x47B0B7CA4EE109D4', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x24BE813A5E805A31', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x7C6A4B7E3C727CDB', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x37A1E62E7104217F', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x278EE29EA5543854', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x38927FF43CEE1A2F', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x7810ECF18714022A', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x38927FF43CEE1A2F', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x2D6EA8275C4EE6BC', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x0AE1259FB78BF63B', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2D6EA8275C4EE6BC', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x381F9E91A26DBE1E', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9CC4EB0FF6C9AEAA', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x73D6B529B0A48021', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x5E95B3DC369B382A', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x2C1B2C7D633F4085', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2227D60C47506000', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2C1B2C7D633F4085', 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x5E95B3DC369B382A', 'https://pgp.mit.edu/pks/lookup?op=get&search=0x1ABA7E3232C5C068']'...
2017-11-25 18:05:36,535;zeus-log;INFO;gathering PGP key(s) and writing to a file...
2017-11-25 18:05:36,536;zeus-log;INFO;checking a maximum of 75 PGP keys...
2017-11-25 18:05:36,536;zeus-log;DEBUG;checking 'https://pgp.mit.edu/pks/lookup?op=vindex&search=0x37A1E62E7104217F'...
2017-11-25 18:05:47,020;zeus-log;ERROR;[7;31;31mZeus has hit an unexpected error and cannot continue, error code 'HTTPSConnectionPool(host='pgp.mit.edu', port=443): Read timed out. (read timeout=10)'...
Traceback (most recent call last):
File "zeus.py", line 353, in <module>
__run_attacks_main()
File "zeus.py", line 305, in __run_attacks_main
threads=opt.amountOfThreads
File "/home/baal/bin/python/zeus-scanner/lib/core/settings.py", line 1008, in run_attacks
github_gist_search_main(query, agent=agent, proxy=proxy, verbose=verbose)
File "/home/baal/bin/python/zeus-scanner/var/search/pgp_search.py", line 184, in pgp_main
return get_pgp_keys(urls, query, verbose=verbose)
File "/home/baal/bin/python/zeus-scanner/var/search/pgp_search.py", line 132, in get_pgp_keys
timeout=10
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 508, in request
resp = self.send(prep, **send_kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/adapters.py", line 521, in send
raise ReadTimeout(e, request=request)
ReadTimeout: HTTPSConnectionPool(host='pgp.mit.edu', port=443): Read timed out. (read timeout=10)
2017-11-25 18:05:52,102;zeus-log;INFO;[32mZeus got an unexpected error and will automatically create an issue for this error, please wait...[0m
2017-11-25 18:05:52,103;zeus-log;INFO;[32mgetting authorization...[0m
2017-11-25 18:05:52,103;zeus-log;INFO;[32mextracting traceback from log file...[0m
2017-11-25 18:05:52,104;zeus-log;INFO;[32mattempting to get firefox browser version...[0m
Zeus version:
1.2.35
Firefox version:
(57, 0)
Geckodriver version:
geckodriver-v0.19.0-linux64.tar.gz
Error info:
Running details:
Linux-4.10.0-38-generic-x86_64-with-Ubuntu-17.04-zesty
Commands used:
zeus.py -d 2 -W -E --verbose -P --random-agent --batch
Log file info: