From 5751f482f61b0a55fb8bf2d96a6cbafeea09a63c Mon Sep 17 00:00:00 2001 From: malet <6935429+gitmalet@users.noreply.github.com> Date: Sat, 5 Feb 2022 07:18:06 +0100 Subject: [PATCH] Enumeration of vhost should ignore TLS/SSL certificate errors (#139) * Adding no tls certificate checking to gobuster vhost enumeration * Updated version number. Co-authored-by: malet Co-authored-by: Tib3rius <48113936+Tib3rius@users.noreply.github.com> --- autorecon/default-plugins/http_server.py | 2 +- autorecon/main.py | 2 +- pyproject.toml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/autorecon/default-plugins/http_server.py b/autorecon/default-plugins/http_server.py index 0b1afe7..fefc8d1 100644 --- a/autorecon/default-plugins/http_server.py +++ b/autorecon/default-plugins/http_server.py @@ -223,7 +223,7 @@ class VirtualHost(ServiceScan): for wordlist in self.get_option('wordlist'): name = os.path.splitext(os.path.basename(wordlist))[0] for hostname in hostnames: - await service.execute('gobuster vhost -u {http_scheme}://' + hostname + ':{port}/ -t ' + str(self.get_option('threads')) + ' -w ' + wordlist + ' -r -o "{scandir}/{protocol}_{port}_{http_scheme}_' + hostname + '_vhosts_' + name + '.txt"') + await service.execute('gobuster vhost -k -u {http_scheme}://' + hostname + ':{port}/ -t ' + str(self.get_option('threads')) + ' -w ' + wordlist + ' -r -o "{scandir}/{protocol}_{port}_{http_scheme}_' + hostname + '_vhosts_' + name + '.txt"') else: service.info('The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.') diff --git a/autorecon/main.py b/autorecon/main.py index 2f8d61d..bddd5c9 100644 --- a/autorecon/main.py +++ b/autorecon/main.py @@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error, from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon from autorecon.targets import Target, Service -VERSION = "2.0.14" +VERSION = "2.0.15" if not os.path.exists(config['config_dir']): shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) diff --git a/pyproject.toml b/pyproject.toml index f48bb82..af3ab44 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "autorecon" -version = "2.0.14" +version = "2.0.15" description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." authors = ["Tib3rius"] license = "GNU GPL v3"