From f82a9a7005f7208b495fe896fc7ad5af87c9e829 Mon Sep 17 00:00:00 2001 From: Tib3rius <48113936+Tib3rius@users.noreply.github.com> Date: Mon, 9 May 2022 11:59:30 -0400 Subject: [PATCH 1/3] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 8bb08b3..e23319e 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,8 @@ The tool works by firstly performing port scans / service detection scans. From Everything in the tool is highly configurable. The default configuration performs **no automated exploitation** to keep the tool in line with OSCP exam rules. If you wish to add automatic exploit tools to the configuration, you do so at your own risk. The author will not be held responsible for negative actions that result from the mis-use of this tool. +**Disclaimer: While AutoRecon endeavors to perform as much identification and enumeration of services as possible, there is no guarantee that every service will be identified, or that every service will be fully enumerated. Users of AutoRecon (especially students) should perform their own manual enumeration alongside AutoRecon. Do not rely on this tool alone for exams, CTFs, or other engagements.** + ## Origin AutoRecon was inspired by three tools which the author used during the OSCP labs: [Reconnoitre](https://github.com/codingo/Reconnoitre), [ReconScan](https://github.com/RoliSoft/ReconScan), and [bscan](https://github.com/welchbj/bscan). While all three tools were useful, none of the three alone had the functionality desired. AutoRecon combines the best features of the aforementioned tools while also implementing many new features to help testers with enumeration of multiple targets. From 48bea9d0d20d52a7e9db0885ffa0d2632d9f15a1 Mon Sep 17 00:00:00 2001 From: Tib3rius <48113936+Tib3rius@users.noreply.github.com> Date: Tue, 10 May 2022 16:40:14 -0400 Subject: [PATCH 2/3] Update portscan-top-100-udp-ports.py Allows for UDP scan to be run even if user is not root (edge case). Fixes #145 --- autorecon/default-plugins/portscan-top-100-udp-ports.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/autorecon/default-plugins/portscan-top-100-udp-ports.py b/autorecon/default-plugins/portscan-top-100-udp-ports.py index 5003e8d..7f28de3 100644 --- a/autorecon/default-plugins/portscan-top-100-udp-ports.py +++ b/autorecon/default-plugins/portscan-top-100-udp-ports.py @@ -14,7 +14,7 @@ class Top100UDPPortScan(PortScan): async def run(self, target): # Only run UDP scan if user is root. - if os.getuid() == 0: + if os.getuid() == 0 or config['disable_sanity_checks']: if target.ports: if target.ports['udp']: process, stdout, stderr = await target.execute('nmap {nmap_extra} -sU -A --osscan-guess -p ' + target.ports['udp'] + ' -oN "{scandir}/_custom_ports_udp_nmap.txt" -oX "{scandir}/xml/_custom_ports_udp_nmap.xml" {address}', blocking=False) From fec09fb59113b8c6acaaabde5f9049e8604ccee6 Mon Sep 17 00:00:00 2001 From: Tib3rius <48113936+Tib3rius@users.noreply.github.com> Date: Tue, 10 May 2022 16:41:53 -0400 Subject: [PATCH 3/3] Version update. --- autorecon/main.py | 2 +- pyproject.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/autorecon/main.py b/autorecon/main.py index ce5b29e..c7526cb 100644 --- a/autorecon/main.py +++ b/autorecon/main.py @@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error, from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon from autorecon.targets import Target, Service -VERSION = "2.0.21" +VERSION = "2.0.22" if not os.path.exists(config['config_dir']): shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) diff --git a/pyproject.toml b/pyproject.toml index 2080742..45f41e1 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "autorecon" -version = "2.0.21" +version = "2.0.22" description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." authors = ["Tib3rius"] license = "GNU GPL v3"