-
Notifications
You must be signed in to change notification settings - Fork 72
armory shell
Armory comes with an interactive shell, which you can use for dealing with the database ORM directly.
To launch it, type:
armory-shell
This will load up the current ORM for the current database as well as provide a couple of helper functions.
A Table object is already created for the following tables:
- Domains
- BaseDomains
- IPAddresses
- CIDRs
- Users
- Creds
- Vulns
- Ports
- Urls
- ScopeCIDRs
To get records from the database, use the .all() function. This will return a list of records that match that table.
domains = Domains.all()
len(domains)
print(domains[0].domain)
With this, you can do basic filtering for exact matches.
ips = IPAddresses.all(ipaddress='127.0.0.1')
Since Armory uses SQLAlchemy on the backend, you can also get access to the "query" object directly.
qry, model = IPAddresses.get_query()
qry.filter(model.ipaddress.like('127.%'))
The objects themselves are using SQLAlchemy and inherit all of the object methods (save, update, etc, etc).
A couple of helper functions have been created so far. The best bet is to look in shell.py
to see what is there, or just type dir()
to get a fully up to date list of the functions available.
Takes an IP address string, and will return a list of domain names with that IP.
Takes a domain string, and will return a list of IPs that have that domain name.
Takes a list of BaseDomains. Iterates through and rescopes the base domains, subdomains and ip addresses. Example:
qry, model = BaseDomains.get_query()
bad_domains = qry.filter(model.domain.like('outofscopedomain.%')) # gets .com, .biz, and .org
rescope_base_and_children(bad_domains, active=False, passive=False)
Takes a list of CIDRs. Iterates through and rescopes child ip addresses and domains. Example:
cidrs = CIDRs.all(org_name='GoDaddy LLC')
rescope_cidr_and_children(active=False, passive=True)