RomanNum3ral
/
AutoRecon
mirror of https://github.com/Tib3rius/AutoRecon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into readab535ty

This commit is contained in:
WhacktheJacker 2025-04-29 14:15:43 +10:00 committed by GitHub
parent 01c06f3153 457b2048f6
commit 46a7fea594
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 34 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -7,7 +7,7 @@ RUN wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add -
RUN echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list RUN echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list
RUN apt-get update RUN apt-get update
RUN apt-get install -y python3 python3-pip git seclists curl dnsrecon enum4linux feroxbuster gobuster impacket-scripts nbtscan nikto nmap onesixtyone oscanner redis-tools smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf RUN apt-get install -y python3 python3-pip git seclists curl dnsrecon enum4linux feroxbuster gobuster impacket-scripts nbtscan nikto nmap onesixtyone oscanner redis-tools smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb
RUN python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git RUN python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git

3
README.md
View File

@ -82,13 +82,12 @@ sslscan
svwar svwar
tnscmd10g tnscmd10g
whatweb whatweb
wkhtmltopdf
``` ```
On Kali Linux, you can ensure these are all installed using the following commands: On Kali Linux, you can ensure these are all installed using the following commands:
```bash ```bash
sudo apt install seclists curl dnsrecon enum4linux feroxbuster gobuster impacket-scripts nbtscan nikto nmap onesixtyone oscanner redis-tools smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf sudo apt install seclists curl dnsrecon enum4linux feroxbuster gobuster impacket-scripts nbtscan nikto nmap onesixtyone oscanner redis-tools smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb
``` ```
### Installation Method #1: pipx (Recommended) ### Installation Method #1: pipx (Recommended)

9
autorecon/config.py
View File

@ -1,7 +1,7 @@
import appdirs, os import platformdirs, os
config_dir = appdirs.user_config_dir('AutoRecon') config_dir = platformdirs.user_config_dir('AutoRecon')
data_dir = appdirs.user_data_dir('AutoRecon') data_dir = platformdirs.user_data_dir('AutoRecon')
configurable_keys = [ configurable_keys = [
'ports', 'ports',
@ -26,6 +26,7 @@ configurable_keys = [
'proxychains', 'proxychains',
'disable_sanity_checks', 'disable_sanity_checks',
'disable_keyboard_control', 'disable_keyboard_control',
'ignore_plugin_checks',
'force_services', 'force_services',
'max_plugin_target_instances', 'max_plugin_target_instances',
'max_plugin_global_instances', 'max_plugin_global_instances',
@ -39,6 +40,7 @@ configurable_boolean_keys = [
'no_port_dirs', 'no_port_dirs',
'proxychains', 'proxychains',
'disable_sanity_checks', 'disable_sanity_checks',
'ignore_plugin_checks',
'accessible' 'accessible'
] ]
@ -70,6 +72,7 @@ config = {
'proxychains': False, 'proxychains': False,
'disable_sanity_checks': False, 'disable_sanity_checks': False,
'disable_keyboard_control': False, 'disable_keyboard_control': False,
'ignore_plugin_checks': False,
'force_services': None, 'force_services': None,
'max_plugin_target_instances': None, 'max_plugin_target_instances': None,
'max_plugin_global_instances': None, 'max_plugin_global_instances': None,

23
autorecon/default-plugins/wkhtmltoimage.py
View File

@ -1,23 +0,0 @@
from autorecon.plugins import ServiceScan
from shutil import which
class WkHTMLToImage(ServiceScan):
def __init__(self):
super().__init__()
self.name = "wkhtmltoimage"
self.tags = ['default', 'safe', 'http']
def configure(self):
self.match_service_name('^http')
self.match_service_name('^nacn_http$', negative_match=True)
def check(self):
if which('wkhtmltoimage') is None:
self.error('The wkhtmltoimage program could not be found. Make sure it is installed. (On Kali, run: sudo apt install wkhtmltopdf)')
return False
async def run(self, service):
if which('wkhtmltoimage') is not None:
if service.protocol == 'tcp':
await service.execute('wkhtmltoimage --format png {http_scheme}://{addressv6}:{port}/ {scandir}/{protocol}_{port}_{http_scheme}_screenshot.png')

25
autorecon/main.py
View File

@ -4,7 +4,7 @@ import argparse, asyncio, importlib.util, inspect, ipaddress, math, os, re, sele
from datetime import datetime from datetime import datetime
try: try:
import appdirs, colorama, impacket, psutil, requests, toml, unidecode import colorama, impacket, platformdirs, psutil, requests, toml, unidecode
from colorama import Fore, Style from colorama import Fore, Style
except ModuleNotFoundError: except ModuleNotFoundError:
print('One or more required modules was not installed. Please run or re-run: ' + ('sudo ' if os.getuid() == 0 else '') + 'python3 -m pip install -r requirements.txt') print('One or more required modules was not installed. Please run or re-run: ' + ('sudo ' if os.getuid() == 0 else '') + 'python3 -m pip install -r requirements.txt')
@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error,
from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon
from autorecon.targets import Target, Service from autorecon.targets import Target, Service
VERSION = "2.0.34" VERSION = "2.0.36"
if not os.path.exists(config['config_dir']): if not os.path.exists(config['config_dir']):
shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None)
@ -128,8 +128,8 @@ async def start_heartbeat(target, period=60):
async with target.lock: async with target.lock:
count = len(target.running_tasks) count = len(target.running_tasks)
tasks_list = []
if config['verbose'] >= 1: if config['verbose'] >= 1:
tasks_list = []
for tag, task in target.running_tasks.items(): for tag, task in target.running_tasks.items():
task_str = tag task_str = tag
@ -154,6 +154,8 @@ async def start_heartbeat(target, period=60):
tasks_list.append(task_str) tasks_list.append(task_str)
tasks_list = ': {bblue}' + ', '.join(tasks_list) + '{rst}' tasks_list = ': {bblue}' + ', '.join(tasks_list) + '{rst}'
else:
tasks_list = ''
current_time = datetime.now().strftime('%H:%M:%S') current_time = datetime.now().strftime('%H:%M:%S')
@ -900,6 +902,7 @@ async def run():
parser.add_argument('--proxychains', action='store_true', help='Use if you are running AutoRecon via proxychains. Default: %(default)s') parser.add_argument('--proxychains', action='store_true', help='Use if you are running AutoRecon via proxychains. Default: %(default)s')
parser.add_argument('--disable-sanity-checks', action='store_true', help='Disable sanity checks that would otherwise prevent the scans from running. Default: %(default)s') parser.add_argument('--disable-sanity-checks', action='store_true', help='Disable sanity checks that would otherwise prevent the scans from running. Default: %(default)s')
parser.add_argument('--disable-keyboard-control', action='store_true', help='Disables keyboard control ([s]tatus, Up, Down) if you are in SSH or Docker.') parser.add_argument('--disable-keyboard-control', action='store_true', help='Disables keyboard control ([s]tatus, Up, Down) if you are in SSH or Docker.')
parser.add_argument('--ignore-plugin-checks', action='store_true', help='Ignores errors from plugin check functions that would otherwise prevent AutoRecon from running. Default: %(default)s')
parser.add_argument('--force-services', action='store', nargs='+', metavar='SERVICE', help='A space separated list of services in the following style: tcp/80/http tcp/443/https/secure') parser.add_argument('--force-services', action='store', nargs='+', metavar='SERVICE', help='A space separated list of services in the following style: tcp/80/http tcp/443/https/secure')
parser.add_argument('-mpti', '--max-plugin-target-instances', action='store', nargs='+', metavar='PLUGIN:NUMBER', help='A space separated list of plugin slugs with the max number of instances (per target) in the following style: nmap-http:2 dirbuster:1. Default: %(default)s') parser.add_argument('-mpti', '--max-plugin-target-instances', action='store', nargs='+', metavar='PLUGIN:NUMBER', help='A space separated list of plugin slugs with the max number of instances (per target) in the following style: nmap-http:2 dirbuster:1. Default: %(default)s')
parser.add_argument('-mpgi', '--max-plugin-global-instances', action='store', nargs='+', metavar='PLUGIN:NUMBER', help='A space separated list of plugin slugs with the max number of global instances in the following style: nmap-http:2 dirbuster:1. Default: %(default)s') parser.add_argument('-mpgi', '--max-plugin-global-instances', action='store', nargs='+', metavar='PLUGIN:NUMBER', help='A space separated list of plugin slugs with the max number of global instances in the following style: nmap-http:2 dirbuster:1. Default: %(default)s')
@ -1201,6 +1204,7 @@ async def run():
else: else:
error('Invalid value provided to --max-plugin-global-instances. Values must be in the format PLUGIN:NUMBER.') error('Invalid value provided to --max-plugin-global-instances. Values must be in the format PLUGIN:NUMBER.')
failed_check_plugin_slugs = []
for slug, plugin in autorecon.plugins.items(): for slug, plugin in autorecon.plugins.items():
if hasattr(plugin, 'max_target_instances') and plugin.slug in max_plugin_target_instances: if hasattr(plugin, 'max_target_instances') and plugin.slug in max_plugin_target_instances:
plugin.max_target_instances = max_plugin_target_instances[plugin.slug] plugin.max_target_instances = max_plugin_target_instances[plugin.slug]
@ -1211,9 +1215,22 @@ async def run():
for member_name, _ in inspect.getmembers(plugin, predicate=inspect.ismethod): for member_name, _ in inspect.getmembers(plugin, predicate=inspect.ismethod):
if member_name == 'check': if member_name == 'check':
if plugin.check() == False: if plugin.check() == False:
autorecon.plugins.pop(slug) failed_check_plugin_slugs.append(slug)
continue continue
continue continue
# Check for any failed plugin checks.
for slug in failed_check_plugin_slugs:
# If plugin checks should be ignored, remove the affected plugins at runtime.
if config['ignore_plugin_checks']:
autorecon.plugins.pop(slug)
else:
print()
error('The following plugins failed checks that prevent AutoRecon from running: ' + ','.join(failed_check_plugin_slugs))
error('Check above output to fix these issues, disable relevant plugins, or run AutoRecon with --ignore-plugin-checks to disable failed plugins at runtime.')
print()
errors = True
break
if config['ports']: if config['ports']:
ports_to_scan = {'tcp':[], 'udp':[]} ports_to_scan = {'tcp':[], 'udp':[]}

1
autorecon/wordlists/dirbuster.txt
View File

@ -50314,6 +50314,7 @@ activism
activos activos
actrade actrade
actualizacion actualizacion
actuator
actuators actuators
acustica acustica
ad-category ad-category

4
pyproject.toml
View File

@ -1,6 +1,6 @@
[tool.poetry] [tool.poetry]
name = "autorecon" name = "autorecon"
version = "2.0.34" version = "2.0.36"
description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services."
authors = ["Tib3rius"] authors = ["Tib3rius"]
license = "GNU GPL v3" license = "GNU GPL v3"
@ -11,7 +11,7 @@ packages = [
[tool.poetry.dependencies] [tool.poetry.dependencies]
python = "^3.8" python = "^3.8"
appdirs = "^1.4.4" platformdirs = "^4.3.6"
colorama = "^0.4.5" colorama = "^0.4.5"
impacket = "^0.10.0" impacket = "^0.10.0"
psutil = "^5.9.4" psutil = "^5.9.4"

5
requirements.txt
View File

@ -1,9 +1,8 @@
appdirs>=1.4.4
colorama>=0.4.5 colorama>=0.4.5
impacket>=0.10.0 impacket>=0.10.0
platformdirs>=4.3.6
psutil>=5.9.4 psutil>=5.9.4
requests>=2.28.1 requests>=2.28.1
toml>=0.10.2 toml>=0.10.2
Unidecode>=1.3.1 Unidecode>=1.3.1
werkzeug>=3.0.6 # not directly required, pinned by Snyk to avoid a vulnerability
cryptography>=44.0.1 # not directly required, pinned by Snyk to avoid a vulnerability