RomanNum3ral
/
AutoRecon
mirror of https://github.com/Tib3rius/AutoRecon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added DNS, SNMP and MySQL Enumeration 

Added some default tools from Kali for enumerating DNS, including zone transfer. Tries MySQL with root and no password to dump the databases and added more snmp tools.
This commit is contained in:
Graeme Evans 2019-09-12 16:32:00 +01:00 committed by GitHub
parent d7058848a5
commit 6dd0563ffa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
config/service-scans.toml
View File

@ -52,6 +52,30 @@ service-names = [
name = 'nmap-dns'
command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(dns* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_dns_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_dns_nmap.xml" {address}'
[[dns.scan]]
name = 'dnsenum'
command = 'dnsenum --nocolor $(cat /etc/resolv.conf | grep domain | cut -d " " -f 2) > {scandir}/{protocol}_{port}_dnsenum.txt'
[[dns.scan]]
name = 'dnsmap'
command = 'dnsmap $(cat /etc/resolv.conf | grep domain | cut -d " " -f 2) > {scandir}/{protocol}_{port}_dnsmap.txt'
[[dns.scan]]
name = 'fierce'
command = 'fierce -dns $(cat /etc/resolv.conf | grep domain | cut -d " " -f 2) > {scandir}/{protocol}_{port}_fierce.txt'
[[dns.scan]]
name = 'dig axfr'
command = 'dig axfr $(cat /etc/resolv.conf | grep domain | cut -d " " -f 2) @{address} > {scandir}/{protocol}_{port}_digaxfr.txt'
[[dns.manual]]
description = 'DNS Zone Transfers'
commands = [
'dnsenum <domain>',
'fierce -dns <domain>',
'dig AXFR <domain> @nameserver'
]
[finger]
service-names = [
@ -257,6 +281,16 @@ service-names = [
name = 'nmap-mysql'
command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(mysql* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_mysql_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_mysql_nmap.xml" {address}'
[[mysql.scan]]
name = 'mysql-dump'
command = 'mysqldump -u root -h {address} -A > {scandir}/{protocol}_{port}_mysqldump.txt'
[[mysql.scan]]
name = 'mysql-list-databases'
command = 'mysql -h {address} -u root -e 'show databases;' > {scandir}/{protocol}_{port}_mysql-list-databases.txt'
[nfs]
service-names = [
@ -546,6 +580,18 @@ service-names = [
run_once = true
ports.udp = [161]
[[snmp.scan]]
name = 'snmp-check-v1'
command = 'snmp-check -v 1 {address} 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_check_v1_public.txt"'
run_once = true
ports.udp = [161]
[[snmp.scan]]
name = 'snmp-check-v2c'
command = 'snmp-check -v 2c {address} 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_check_v2c_public.txt"'
run_once = true
ports.udp = [161]
[telnet]
service-names = [