Create Your Ultimate Bug Bounty Automation Without Nerdy Bash Skills (Part 3)

1 month ago 14

In the previous article details regarding syntax, variables, and their usage was conveyed. This Final Part Will be about the Installation and running of the program.

Prerequisites —

Install MongoDB on your distro. You can find more instructions about the installation here.

2. Make Sure You have GO Installed.

3. Run Following Command to Install from the source

go install github.com/tarunKoyalwar/talosplus/cmd/talosplus@latest

Connecting to Database —

If you have installed MongoDB on Local Machine then the program will use the default URL and connect to the database. If MongoDB is installed on a remote machine Obtain MongoDB Connection String (you can find more details here) and set it as the default URL using the below command. These changes are persistent and are saved at `$HOME/.config/talos/talos.json`

talosplus use -u YOUR_MONGO_URL

Configure Discord —

Create Discord Hook ( you can find some details here ). It will in the format specified below note down values in place of id and token parameters in Webhook URL

https://discord.com/api/webhooks/id/token

These can also be passed at runtime using parameters --id and --token but the easiest possible way is to add them to your $HOME/.bashrc file or .zshrc file depending on the shell you are using. You can append something similar to this

# Discord Webhook
export DISCORD_WID="95xxxxxxxxxxxxxx20"
export DISCORD_WTOKEN="18sixxxxx_xxxxxxxxxxxxxxxxxxxxxWtf"

Database and Program Settings —

You have to specify the program name and database name you want to use before you run your script file. You can use just one database or many depending on your needs. I usually create different DB for each platform. I run the following command If I am working on Grammarly Program on Hackerone

talosplus use --db hackerone -p grammarly

You can view these settings by running the following command

Running any Script —

There are two ways to run a script file you can use talosplus run -s path/to/script/ or as shown in the below command

talosplus use -s examples/subenum.sh

I use this script as generic one for all programs and I just change the main variables in this case @rootsubs and @outscope .If you directly run any this you will something similar to below image at end of output

Static Analysis Failed

so If I am working on Grammarly on HackerOne I would set rootsubs and outscore values to program endpoints

Ex:
talosplus set --var @rootsubs grammarly.io
or
// Can Also Pipe in data from any file
cat somesubs | talosplus set --var @rootsubs
or
// It is also possible to use data present in Clipboard
talosplus set --var @rootsubs -i
or
// My Favourite among all others using cat and EOF
cat <<EOF | talosplus set --var @rootsubs
// After running this command it will ask for input just enter all
// details and on new line enter EOF something similar to this
grammarly.io
grammarly.ai
EOF`

View Variables set in DB —

To View all variables that are explicitly set and their values run below command

talosplus get --show

To Get List of All Variables names that are Explicitly set and Were Created at runtime until now .

talosplus get --list

Running the script —

When we run a script actual steps taken in the background are Compile -> Static Analyis -> Summarize -> Print ALL CMDs -> Schedule -> Execute allIf you don’t want to run just complete all steps before running. run below command

talosplus run --dryrun// You can furthur explore options
talosplus run -h

Sample Output of a command

Resume a prerun Script —

talosplus does not save any state data like .cfg or commands, hashes in DB only variables and their values are exported this gives us flexibility entirely change any script without thinking of any compatibility issues. So If the script was stopped due to some error or user forced exit . You can fix the error and just rerun using the same command. By default, It will analyze and start from the last successful run of the program based on their exports.

Blacklist any command(Experimental)

If you have already run the script and you want to rerun any specific command and its derivatives identify the variable which you want to change and run the below command this will reschedule and run commands which are affected due to a change in that variable

talosplus run -b @filtered

Caching

This is one of the extra features after a command is executed successfully by default it will cache output to cachedir in format cmdname-xxxxhashxxx . If we run the same command intentionally / Unintentionally It will just use the cached value. If you don’t like this feature you can disable it by setting the env variable purge

talosplus set --var @purge true

Other Features

Talosplus also has other important edge case features like Scheduling commands based on need, Identifying if Command Failed to run because of bash script or incorrect syntax, or the command itself panicked. If you are interested in how these were done Just read the code I have tried to keep the code simple and has a lot of comments.

Read Entire Article