search

blacklanternsecurity / bbot

A recursive internet scanner for hackers.
https://www.blacklanternsecurity.com/bbot/
GNU General Public License v3.0
5.9k stars 472 forks source link

"Change Verbosity During Scan" is broken #1960

Open DrorDvash opened 4 days ago

DrorDvash commented 4 days ago

Describe the bug latest bbot installed with pipx, running inside screen. when trying to exit the screen with Ctrl + a +d, the verbosity is changing to DEBUG, and i cannot change it back. when i press "enter" 1 time - i can see quickly this: image

after trying clicking multiple times on enter or basically any key - it seems like it's in a loop, i can see the output below again and again even without pressing any key (notice the the blue text "[INFO] Setting log level to XXX")

Logs

[INFO] Setting log level to INFO
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to VERBOSE
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to DEBUG
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[DBUG]         - bucket_firebase.handle_event(DNS_NAME("renanfag-9a8a.api.amc.test.transformation.example.com", module=securitytrails, tags={'subdomain', 'a-record', 'cdn-github', 'in-scope', 'txt-record'})) running for 5 minutes, 4 seconds:
[DBUG]     bucket_google:
[DBUG]         - bucket_google.handle_event(DNS_NAME("asset-cloud-template-manager.private-cloud-aws.transformation.example.com", module=hackertarget, tags={'subdomain', 'a-record', 'cloud-amazon', 'in-scope'})) running for 5 minutes, 4 seconds:
[DBUG]     bufferoverrun:
[DBUG]     builtwith:
[DBUG]     censys:
[DBUG]     certspotter:
[DBUG]     chaos:
[DBUG]     cloudcheck:
[DBUG]         - cloudcheck.handle_event((HTTP_RESPONSE("{'url': 'https://danilako-80f4.internal.acfs.amc.test.transformation.example.com/'...", module=httpx, tags={'in-scope', 'status-404', 'ip-20-232-222-237', 'http-title-404-not-found', 'dir'}), {})) running for 1 minute, 7 seconds:
[DBUG]     code_repository:
[DBUG]     columbus:
[DBUG]     crt:
[DBUG]     dnsresolve:
[DBUG]     docker_pull:
[DBUG]     - bucket_file_enum: 3.17KB
[DBUG]     - git: 3.09KB
[DBUG]     - unstructured: 3.04KB
[INFO] Setting log level to INFO
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to VERBOSE
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to DEBUG
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[DBUG] scan._finished_init: True
[DBUG]     ajaxpro:
[DBUG]         - ajaxpro.handle_event(URL("https://dashboard.example.com/", module=httpx, tags={'ip-35-190-62-238', 'status-301', 'in-scope', 'cloud-google', 'dir'})) running for 15 minutes, 52 seconds:
[DBUG]     anubisdb:
[DBUG]     binaryedge:
[DBUG]     bucket_amazon:
[DBUG]     otx:
[DBUG]     passivetotal:
[DBUG]     pgp:
[DBUG]     portscan:
[DBUG]     robots:
[DBUG]         - robots.handle_event(URL("http://test-378.stg.marketplace.example.com/", module=httpx, tags={'http-title-403', 'ip-34-117-129-250', 'in-scope', 'status-403', 'cloud-google', 'dir'})) running for 15 minutes, 53 seconds:
[DBUG]     secretsdb:
[DBUG]     speculate:
[DBUG]         - speculate.handle_event(FILESYSTEM("{'path': '/root/Outputs/example_scan_4/git_repos/Vaneeza-7/Doodle-It-Game-in-example...", module=git_clone, tags={'distance-1', 'folder', 'git'})) running for 4 minutes, 11 seconds:
[DBUG]     sslcert:
[DBUG]     subdomaincenter:
[DBUG]     subdomains:
[DBUG]     trufflehog:
[DBUG]     virustotal:
[DBUG]     wappalyzer:
[DBUG]     wayback:
[DBUG]     - fingerprintx: 514.92KB
[DBUG]     - neo4j: 514.78KB
[DBUG]     - bucket_firebase: 163.00KB
[DBUG]     - bucket_google: 163.00KB
[DBUG]     - secretsdb: 143.30KB
[DBUG]     - portscan: 140.87KB
[DBUG]     - baddns: 131.83KB
[DBUG]     - baddns_zone: 131.82KB
[DBUG]     - subdomains: 131.14KB
[DBUG]     - azure_realm: 130.85KB
[DBUG]     - crt: 130.85KB
[DBUG]     - dnscaa: 130.81KB
[DBUG]     - bucket_digitalocean: 43.00KB
[DBUG]     - filedownload: 37.29KB
[DBUG]     - excavate: 36.42KB
[DBUG]     - git_clone: 10.91KB
[DBUG]     - internetdb: 10.65KB
[DBUG]     - asn: 6.59KB
[DBUG]     - google_playstore: 5.02KB
[DBUG]     - trufflehog: 4.94KB
[DBUG]     - github_codesearch: 2.95KB
[DBUG]     - cloudcheck: 2.91KB
[DBUG]     - viewdns: 2.91KB
[DBUG]     - github_org: 2.90KB
[DBUG]     - binaryedge: 2.78KB
[DBUG]     - securitytrails: 2.77KB
[DBUG]     - fullhunt: 2.70KB
[DBUG]     - bufferoverrun: 2.67KB
[DBUG]     - hunterio: 2.61KB
[DBUG]     - aggregate: 2.59KB
[DBUG]     - ajaxpro: 2.59KB
[DBUG]     - anubisdb: 2.59KB
[DBUG]     - certspotter: 2.59KB
[DBUG]     - columbus: 2.59KB
[DBUG]     - digitorus: 2.59KB
[DBUG]     - dnsdumpster: 2.59KB
[DBUG]     - dockerhub: 2.59KB
[DBUG]     - emailformat: 2.59KB
[DBUG]     - hackertarget: 2.59KB
[DBUG]     - hunt: 2.59KB
[DBUG]     - myssl: 2.59KB
[DBUG]     - otx: 2.59KB
[DBUG]     - pgp: 2.59KB
[DBUG]     - postman: 2.59KB
[DBUG]     - robots: 2.59KB
[DBUG]     - sitedossier: 2.59KB
[DBUG]     - subdomaincenter: 2.59KB
[INFO] Setting log level to INFO
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to VERBOSE
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to DEBUG
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[DBUG] scan._finished_init: True
[DBUG]     aggregate:
[DBUG]     ajaxpro:
[DBUG]         - ajaxpro.handle_event(URL("https://dashboard.example.com/", module=httpx, tags={'ip-35-190-62-238', 'status-301', 'in-scope', 'cloud-google', 'dir'})) running for 15 minutes, 52 seconds:
[DBUG]     anubisdb:
[DBUG]         - apkpure.handle_event(MOBILE_APP("{'id': 'com.example.ar_companion', 'url': 'https://play.google.com/store/apps/deta...", module=google_playstore, tags={'in-scope', 'android'})) running for 17 minutes, 36 seconds:
[DBUG]     asn:
[DBUG]     azure_realm:
[DBUG]     azure_tenant:
[DBUG]         - badsecrets.handle_event(HTTP_RESPONSE("{'url': 'https://studio-staging.hexagon.example.com/', 'timestamp': '2024-11-14T09...", module=httpx, tags={'dir', 'in-scope', 'status-404', 'ip-76-76-21-9'})) running for 1 minute, 7 seconds:
[DBUG]     bevigil:
[DBUG]     binaryedge:
[DBUG]         - bucket_digitalocean.handle_event(DNS_NAME("qos-discovery.services.api.example.com", module=crt, tags={'a-record', 'subdomain', 'in-scope', 'cloud-google'})) running for 5 minutes, 5 seconds:
[DBUG]     bucket_file_enum:
[DBUG]     bucket_firebase:
[DBUG]     bucket_google:
[DBUG]         - bucket_google.handle_event(DNS_NAME("asset-cloud-template-manager.private-cloud-aws.transformation.example.com", module=hackertarget, tags={'subdomain', 'a-record', 'cloud-amazon', 'in-scope'})) running for 5 minutes, 5 seconds:
[DBUG]     bufferoverrun:
[DBUG]     censys:
[DBUG]     certspotter:
[DBUG]     chaos:
[DBUG]     cloudcheck:
[DBUG]     code_repository:
[DBUG]     columbus:
[DBUG]     dnsdumpster:
[DBUG]     dnsresolve:
[DBUG]     docker_pull:
[DBUG]     excavate:
[DBUG]         - excavate.handle_event((HTTP_RESPONSE("{'url': 'https://ciglansk-c580.public.acfs.amc.test.transformation.example.com/', ...", module=httpx, tags={'cdn-github', 'in-scope', 'status-404', 'ip-20-232-222-237', 'http-title-404-not-found', 'dir'}), {})) running for 1 minute, 7 seconds:
[DBUG]     filedownload:
[DBUG]         - fingerprintx.handle_batch() running for 1 minute, 27 seconds:
[DBUG]     fullhunt:
[DBUG]     git:
[DBUG]     git_clone:
[DBUG]     github_codesearch:
[DBUG]     github_org:
[DBUG]     google_playstore:
[DBUG]     gowitness:
[DBUG]     httpx:
[DBUG]     hunt:
[DBUG]         - iis_shortnames.handle_event(URL("http://renan-fagundes.asset-cloud-asset-lifecycle.amc.test.transformation.example....", module=httpx, tags={'cdn-github', 'in-scope', 'ip-20-232-221-126', 'status-404', 'http-title-404-not-found', 'dir'})) running for 15 minutes, 53 seconds:
[DBUG]         - iis_shortnames.handle_event(URL("http://renanfag-9a8a.asset-cloud-asset-catalog-reader.amc.test.transformation.un...", module=httpx, tags={'cdn-github', 'in-scope', 'ip-20-232-221-126', 'status-404', 'http-title-404-not-found', 'dir'})) running for 15 minutes, 53 seconds:
[DBUG]         - iis_shortnames.handle_event(URL("http://tests.stg.marketplace.example.com/", module=httpx, tags={'http-title-403', 'ip-34-117-129-250', 'in-scope', 'status-403', 'cloud-google', 'dir'})) running for 15 minutes, 47 seconds:
[DBUG]         - iis_shortnames.handle_event(URL("http://productportal.example.com/", module=httpx, tags={'http-title-301-moved-permanently', 'status-301', 'in-scope', 'cloud-google', 'dir', 'ip-34-76-163-2'})) running for 15 minutes, 45 seconds:
[DBUG]         - iis_shortnames.handle_event(URL("http://renanfag-ab7e.asset-cloud-bulk-operation-manager.amc.test.transformation....", module=httpx, tags={'cdn-github', 'in-scope', 'ip-20-232-221-126', 'status-404', 'http-title-404-not-found', 'dir'})) running for 15 minutes, 45 seconds:
[DBUG]     neo4j:
[DBUG]     newsletters:
[DBUG]     ntlm:
[DBUG]     oauth:
[DBUG]     pgp:
[DBUG]     portscan:
[DBUG]     postman:
[DBUG]     rapiddns:
[DBUG]     robots:
[DBUG]         - robots.handle_event(URL("http://test-378.stg.marketplace.example.com/", module=httpx, tags={'http-title-403', 'ip-34-117-129-250', 'in-scope', 'status-403', 'cloud-google', 'dir'})) running for 15 minutes, 53 seconds:
[DBUG]     secretsdb:
[DBUG]     shodan_dns:
[DBUG]     sitedossier:
[DBUG]     subdomaincenter:
[DBUG]     subdomains:
[DBUG]         - trufflehog.handle_event(FILESYSTEM("{'path': '/root/Outputs/example_scan_4/git_repos/Vaneeza-7/Doodle-It-Game-in-example...", module=git_clone, tags={'distance-1', 'folder', 'git'})) running for 1 minute, 26 seconds:
[DBUG]     unstructured:
[DBUG]     viewdns:
[DBUG]     virustotal:
[DBUG] MODULE MEMORY USAGE:
[DBUG]     - sslcert: 1.00MB
[DBUG]     - speculate: 515.89KB
[DBUG]     - stdout: 515.04KB
[DBUG]     - fingerprintx: 514.92KB
[DBUG]     - gowitness: 297.22KB
[DBUG]     - web_report: 182.59KB
[DBUG]     - dnsresolve: 132.30KB
[DBUG]     - baddns: 131.83KB
[DBUG]     - baddns_zone: 131.82KB
[DBUG]     - subdomains: 131.14KB
[DBUG]     - oauth: 131.03KB
[DBUG]     - azure_realm: 130.85KB
[DBUG]     - wappalyzer: 130.72KB
[DBUG]     - badsecrets: 130.64KB
[DBUG]     - filedownload: 37.29KB
[DBUG]     - excavate: 36.42KB
[DBUG]     - asn: 6.59KB
[DBUG]     - google_playstore: 5.02KB
[DBUG]     - skymem: 4.63KB
[DBUG]     - azure_tenant: 4.41KB
[DBUG]     - github_workflows: 3.49KB
[DBUG]     - code_repository: 3.33KB
[DBUG]     - docker_pull: 3.02KB
[DBUG]     - github_codesearch: 2.95KB
[DBUG]     - ntlm: 2.89KB
[DBUG]     - passivetotal: 2.81KB
[DBUG]     - zoomeye: 2.75KB
[DBUG]     - apkpure: 2.74KB
[DBUG]     - bevigil: 2.67KB
[DBUG]     - urlscan: 2.63KB
[DBUG]     - ajaxpro: 2.59KB
[DBUG]     - anubisdb: 2.59KB
[DBUG]     - certspotter: 2.59KB
[DBUG]     - emailformat: 2.59KB
[DBUG]     - hackertarget: 2.59KB
[DBUG]     - otx: 2.59KB
[DBUG]     - pgp: 2.59KB
[DBUG]     - rapiddns: 2.59KB
[DBUG]     - robots: 2.59KB
[INFO] Setting log level to INFO
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to VERBOSE
[INFO] example_scan_4: Modules running (incoming:processing:outgoing) cloudcheck(102,403:1:0), dnsresolve(0:0:102,403), bucket_digitalocean(9,137:1:0), bucket_azure(9,051:1:0), bucket_firebase(9,006:1:0), bucket_google(8,988:1:0), bucket_amazon(8,964:1:0), internetdb(6,990:1:0), ajaxpro(3,244:1:0), fingerprintx(1,931:22:0), robots(1,623:1:0), git(1,620:1:0), iis_shortnames(1,608:8:0), asn(1,596:1:0), filedownload(1,469:1:0), ipstack(1,389:1:0), speculate(116:1:1,000), gowitness(38:101:0), github_workflows(96:1:0), badsecrets(74:1:0), affiliates(5:0:0), trufflehog(4:1:0), asset_inventory(4:0:0), csv(4:0:0), json(4:0:0), neo4j(4:0:0), stdout(4:0:0), httpx(3:0:0), apkpure(2:1:0), baddns_direct(3:0:0), ntlm(3:0:0), web_report(3:0:0), baddns(2:0:0), anubisdb(1:0:0), azure_realm(1:0:0), azure_tenant(1:0:0), baddns_zone(1:0:0), bevigil(1:0:0), binaryedge(1:0:0), bufferoverrun(1:0:0), builtwith(1:0:0), censys(1:0:0), certspotter(1:0:0), chaos(1:0:0), columbus(1:0:0), crt(1:0:0), digitorus(1:0:0), dnscaa(1:0:0), dnscommonsrv(1:0:0), dnsdumpster(1:0:0), emailformat(1:0:0), fullhunt(1:0:0), github_codesearch(1:0:0), hackertarget(1:0:0), hunterio(1:0:0), myssl(1:0:0), oauth(1:0:0), otx(1:0:0), passivetotal(1:0:0), pgp(1:0:0), portscan(1:0:0), rapiddns(1:0:0), securitytrails(1:0:0), securitytxt(1:0:0), shodan_dns(1:0:0), sitedossier(1:0:0), skymem(1:0:0), subdomaincenter(1:0:0), urlscan(1:0:0), viewdns(1:0:0), virustotal(1:0:0), wayback(1:0:0), zoomeye(1:0:0), excavate(0:1:0), subdomains(1:0:0)
[INFO] example_scan_4: Events produced so far: DNS_NAME: 8930, OPEN_TCP_PORT: 3429, URL: 1563, HTTP_RESPONSE: 1563, CODE_REPOSITORY: 112, TECHNOLOGY: 66, FINDING: 24, ASN: 19, IP_ADDRESS: 18, EMAIL_ADDRESS: 16, PROTOCOL: 15, STORAGE_BUCKET: 7, MOBILE_APP: 4, SCAN: 1, ORG_STUB: 1, SOCIAL: 1
[INFO] example_scan_4: 1,000 events in queue (0 processed in the past 15 seconds)
[INFO] Setting log level to DEBUG

Expected behavior What was supposed to happen? - change verbosity back to INFO

BBOT Command bbot -n example_scan_4 -o "$HOME/Outputs" -t example_scan_1/subdomains.txt -om csv,asset_inventory,subdomains,stdout,json,web_report,neo4j -c dns.brute_threads=2000 -f safe | tee -a ~/Outputs/example_scan_4/terminal.log

OS, BBOT Installation Method + Version OS: Ubuntu, Installation method: pipx, BBOT version: v2.1.2

TheTechromancer commented 3 days ago

I'm having trouble reproducing this one. Based on your screenshot, it looks like the behavior is expected. Are you seeing debug/verbose messages printed even when the level is set to INFO?

DrorDvash commented 3 days ago

The verbose level is never going back to INFO, that's the issue. In the screenshot you see all three, but it will always print the same three at once and will stay at DEBUG mode.

TheTechromancer commented 3 days ago

Those three messages are INFO though?

DrorDvash commented 3 days ago

Maybe I'm not explaining myself properly, but once I entered debug mode, it's impossible to get out of it. The "setting level to X" message is written automatically and in a loop and stays on debug no matter what I tried. Finally I had to kill the whole scan (twice already).

TheTechromancer commented 3 days ago

Can you paste a screenshot/code block of DEBUG messages printing even after you entered INFO mode?

DrorDvash commented 2 days ago

The log i pasted in the first message isn't what you asked for? If not, can you please explain again what part you want me to copy?

This above code repeat it self without me touching the keyboard, it is "freaked out" and switching modes by it self so fast.. the stdout is running crazy. I"ll try to take a video

TheTechromancer commented 2 days ago

Ah I see, I didn't realize it was changing all by itself. that's really strange.

TheTechromancer commented 2 days ago

Does it happen only when you're inside screen?