Home Information Gathering EyeWitness – Tool to Take Screenshots of Websites With Server Header Info

EyeWitness – Tool to Take Screenshots of Websites With Server Header Info

August 11, 2022 Leave a Comment
EyeWitness - Tool to Take Screenshots of Websites xploitlab

EyeWitness

EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known.

EyeWitness is designed to run on Kali Linux. It will auto detect the file you give it with the -f flag as either being a text file with URLs on each new line, nmap xml output, or nessus xml output. The –timeout flag is completely optional, and lets you provide the max time to wait when trying to render and screenshot a web page.

You also can use Aquatone to take screenshot from list of websites.

Windows

FortyNorth Security has created a Windows client (thanks to the massive help of Matt Grandy (@Matt_Grandy_) with the stability fixes). All you need to do is build it locally (or check the releases), and then provide a path to a file containing the URLs you want scanned! EyeWitness will generate the report within your “AppData\Roaming” directory. The latest version of the C# EyeWitness supports parsing and taking screenshots of Internet Explorer and Chrome bookmarks without having to supply a list of URLs. This version is also small enough to be delivered through Cobalt Strike’s execute-assembly.

Windows Setup

  1. Navigate into the CS directory
  2. Load EyeWitness.sln into Visual Studio
  3. Go to Build at the top and then Build Solution if no modifications are wanted

Usage on Windows

EyeWitness.exe –help EyeWitness.exe –bookmarks EyeWitness.exe -f C:\Path\to\urls.txt EyeWitness.exe –file C:\Path\to\urls.txt –delay [timeout in seconds] –compress

Linux

Supported Linux Distros:

  • Kali Linux
  • Debian 7+ (at least stable, looking into testing) (Thanks to @themightyshiv)
  • CentOS 7
  • Rocky Linux 8

Linux Setup

  1. Navigate into the Python/setup directory
  2. Run the setup.sh script

Usage on Linux

./EyeWitness.py -f filename –timeout optionaltimeout

Examples

./EyeWitness -f urls.txt –web

./EyeWitness -x urls.xml –timeout 8

./EyeWitness.py -f urls.txt –web –proxy-ip 127.0.0.1 –proxy-port 8080 –proxy-type socks5 –timeout 120

Proxy Usage

The best guide for proxying EyeWitness through a socks proxy was made by @raikia and is available here – #458

To install EyeWitness from a system while needing to go through a proxy, the following commands (thanks to @digininja) can be used.

APT
-------
/etc/apt/apt.conf.d/70proxy

$ cat /etc/apt/apt.conf.d/70proxy
Acquire::http::proxy "http://localhost:3128";
Acquire::https::proxy "https://localhost:3128";

Git
-----------------
$ cat ~/.gitconfig
[http]
proxy = http://localhost:3128

Wget
---------------------
$ cat ~/.wgetrc or /etc/wgetrc

use_proxy=yes
http_proxy=127.0.0.1:3128
https_proxy=127.0.0.1:3128

General system proxy
--------------------------------

export HTTP_PROXY=http://localhost:3128
export HTTPS_PROXY=http://localhost:3128

Download EyeWitness

You May Also Like

Mantra - Tool to Find API key and Sensitive Information Leaks in JS Files and Pages

Mantra – Tool to Find API key Leaks in JS Files & Pages

Oralyzer - Automated Open Redirect Vulnerability Detection Tool

Oralyzer – Open Redirect Vulnerability Detection Tool

Assetfinder-Tool-to-Discover-Facing-Assets-like-subdomains-and-related-domain-for-Target-Domain

Assetfinder – Tool to Discover Facing Assets for Target Domain

CRLFuzz – Tool to Automatically Scan CRLF Vulnerability

httpx - Tool To Screenshot and Extract Metadata From List of domains or hosts

HTTPX – Multi-purpose HTTP Toolkit

Nuclei Hacking Tool is an open-source project that automates scanning for known vulnerabilities in web applications

Nuclei – Automated Vulnerability Scanner Tool

Leave a Reply

Your email address will not be published. Required fields are marked *

thirteen − two =