search

atenreiro / opensquat

The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
https://opensquat.com
GNU General Public License v3.0
685 stars 130 forks source link

Some Python "ResourceWarning" and "DepreciationWarning" #83

Closed maaaaz closed 1 year ago

maaaaz commented 1 year ago

Hello there,

There are currently some depreciation and resource warnings, tested with Python 3.11.2 on Kali Rolling (Linux 5.10.0-21-amd64 x86_64):

└─# python3 -Wall opensquat.py -d /tmp/test  --dns --portcheck --phishing results.txt
/sec/root/opensquat/opensquat.py:92: DeprecationWarning: invalid escape sequence '\_'
  " \_", subdomain +

                                             █████████                                  █████
                                            ███░░░░░███                                ░░███
      ██████  ████████   ██████  ████████  ░███    ░░░   ████████ █████ ████  ██████   ███████
     ███░░███░░███░░███ ███░░███░░███░░███ ░░█████████  ███░░███ ░░███ ░███  ░░░░░███ ░░░███░
    ░███ ░███ ░███ ░███░███████  ░███ ░███  ░░░░░░░░███░███ ░███  ░███ ░███   ███████   ░███
    ░███ ░███ ░███ ░███░███░░░   ░███ ░███  ███    ░███░███ ░███  ░███ ░███  ███░░███   ░███ ███
    ░░██████  ░███████ ░░██████  ████ █████░░█████████ ░░███████  ░░████████░░████████  ░░█████
     ░░░░░░   ░███░░░   ░░░░░░  ░░░░ ░░░░░  ░░░░░░░░░   ░░░░░███   ░░░░░░░░  ░░░░░░░░    ░░░░░
              ░███                                          ░███
              █████                                         █████
             ░░░░░                                         ░░░░░
                    (c) Andre Tenreiro - https://github.com/atenreiro/opensquat

                        version 2.0.0

+---------- Checking Domain Squatting ----------+
/sec/root/opensquat/opensquat/file_input.py:72: ResourceWarning: unclosed file <_io.TextIOWrapper name='keywords.txt' mode='r' encoding='UTF-8'>
  for line in open(self.keywords_filename):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/file_input.py:48: ResourceWarning: unclosed file <_io.TextIOWrapper name='/tmp/test' mode='r' encoding='UTF-8'>
  for line in open(self.domain_filename):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/app.py:634: ResourceWarning: unclosed file <_io.TextIOWrapper name='/tmp/test' mode='r' encoding='UTF-8'>
  self.read_files()
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/app.py:634: ResourceWarning: unclosed file <_io.TextIOWrapper name='keywords.txt' mode='r' encoding='UTF-8'>
  self.read_files()
ResourceWarning: Enable tracemalloc to get the object allocation traceback
[*] keywords: keywords.txt
[*] keywords total: 1
[*] Total domains: 3
[*] Threshold: high confidence

[*] Verifying keyword: test [ 1 / 1 ]
[+] Similarity detected between test and test.com (very high confidence)
  \_ Domain Reputation: Non-malicious

[+] Similarity detected between test and test2.net (high confidence)
  \_ Domain Reputation: Non-malicious

[+] Similarity detected between test and test3.org (high confidence)
  \_ DNS Server error: No Answer

[*] Total found: 3

+---------- Checking Phishing sites ----------+
[*] Downloading fresh Phishing DB from https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-domains-ACTIVE.txt
[*] Download volume: 0.53 MB
/sec/root/opensquat/opensquat/phishing.py:160: ResourceWarning: unclosed <ssl.SSLSocket fd=3, family=2, type=1, proto=6, laddr=('10.11.0.55', 38916), raddr=('185.199.111.133', 443)>
  self.update_db()
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/file_input.py:72: ResourceWarning: unclosed file <_io.TextIOWrapper name='keywords.txt' mode='r' encoding='UTF-8'>
  for line in open(self.keywords_filename):
ResourceWarning: Enable tracemalloc to get the object allocation traceback

[*] Verifying keyword: test [ 1 / 1 ]
  \_ Similarity [..]
[..]
/sec/root/opensquat/opensquat/phishing.py:162: ResourceWarning: unclosed file <_io.TextIOWrapper name='phishing.db' mode='r' encoding='UTF-8'>
  return self.check_phishing()
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/phishing.py:162: ResourceWarning: unclosed file <_io.TextIOWrapper name='keywords.txt' mode='r' encoding='UTF-8'>
  return self.check_phishing()
ResourceWarning: Enable tracemalloc to get the object allocation traceback

+---------- Domains with open webserver ports ----------+
/sec/root/opensquat/opensquat/port_check.py:55: ResourceWarning: unclosed <socket.socket fd=3, family=2, type=1, proto=0, laddr=('10.11.0.55', 43322)>
  if self.check_socket(self.URL, port):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/port_check.py:55: ResourceWarning: unclosed <socket.socket fd=3, family=2, type=1, proto=0, laddr=('10.11.0.55', 38480)>
  if self.check_socket(self.URL, port):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/port_check.py:55: ResourceWarning: unclosed <socket.socket fd=3, family=2, type=1, proto=0, laddr=('10.11.0.55', 36618), raddr=('66.96.149.1', 80)>
  if self.check_socket(self.URL, port):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/port_check.py:55: ResourceWarning: unclosed <socket.socket fd=3, family=2, type=1, proto=0, laddr=('10.11.0.55', 47192), raddr=('66.96.149.1', 443)>
  if self.check_socket(self.URL, port):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
[*] test2.net [80, 443]
/sec/root/opensquat/opensquat/port_check.py:55: ResourceWarning: unclosed <socket.socket fd=3, family=2, type=1, proto=0, laddr=('0.0.0.0', 0)>
  if self.check_socket(self.URL, port):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/sec/root/opensquat/opensquat/port_check.py:55: ResourceWarning: unclosed <socket.socket fd=3, family=2, type=1, proto=0, laddr=('0.0.0.0', 0)>
  if self.check_socket(self.URL, port):
ResourceWarning: Enable tracemalloc to get the object allocation traceback
[*] Total found: 1

+---------- Summary Squatting ----------+
[*] Domains flagged: 1
[*] Domains result: results.txt
[*] Phishing results: results.txt
[*] Active Phishing sites: 195

I will see if I can try to propose a PR to fix them.

I suggest you add "-Wall" to the Python options in your test case, to identify further ones. Cheers!

maaaaz commented 1 year ago

https://github.com/atenreiro/opensquat/pull/85

atenreiro commented 1 year ago

fixed in the #85