Added GetArch plugin.

Resolves #138
2022-01-13 22:21:44 -05:00 · 2022-01-13 22:21:44 -05:00 · 84adcb4836
parent 21ebcd1bbb
commit 84adcb4836
4 changed files with 36 additions and 7 deletions
--- a/autorecon/default-plugins/rpc.py
+++ b/autorecon/default-plugins/rpc.py
@ -40,3 +40,18 @@ class RPCDump(ServiceScan):
 	async def run(self, service):
 		if service.protocol == 'tcp':
 			await service.execute('impacket-rpcdump -port {port} {address}', outfile='{protocol}_{port}_rpc_rpcdump.txt')
+
+class GetArch(ServiceScan):
+
+	def __init__(self):
+		super().__init__()
+		self.name = 'get-arch'
+		self.tags = ['default', 'safe', 'rpc']
+
+	def configure(self):
+		self.match_service_name(['^msrpc'])
+		self.match_port('tcp', 135)
+		self.add_pattern(' is ((32|64)-bit)', description='Identified Architecture: {match}')
+
+	async def run(self, service):
+		await service.execute('getArch.py -target {address}', outfile='{protocol}_{port}_rpc_architecture.txt')
--- a/autorecon/io.py
+++ b/autorecon/io.py
@ -127,15 +127,29 @@ class CommandStreamReader(object):
 			# Check lines for pattern matches.
 			for p in self.patterns:
 				matches = p.pattern.findall(line)
+				if len(matches) > 0 and isinstance(matches[0], tuple):
+					matches = list(matches[0])
+				match_count = 1
+				description = ''
 				for match in matches:
+					if p.description:
+						if match_count == 1:
+							description = p.description.replace('{match}', match)
+						description = description.replace('{match' + str(match_count) + '}', match)
+					else:
+						info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}Matched Pattern: ' + match + '{rst}', verbosity=2)
+						async with self.target.lock:
+							with open(os.path.join(self.target.scandir, '_patterns.log'), 'a') as file:
+								file.writelines('Matched Pattern: ' + match + '\n\n')
+
+					match_count += 1
+
+				if matches:
 					async with self.target.lock:
 						with open(os.path.join(self.target.scandir, '_patterns.log'), 'a') as file:
 							if p.description:
-								info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}' + p.description.replace('{match}', match) + '{rst}', verbosity=2)
-								file.writelines(p.description.replace('{match}', match) + '\n\n')
-							else:
-								info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}Matched Pattern: ' + match + '{rst}', verbosity=2)
-								file.writelines('Matched Pattern: ' + match + '\n\n')
+								info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}' + description + '{rst}', verbosity=2)
+								file.writelines(description + '\n\n')

 			if self.outfile is not None:
 				with open(self.outfile, 'a') as writer:
--- a/autorecon/main.py
+++ b/autorecon/main.py
@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error,
 from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon
 from autorecon.targets import Target, Service

-VERSION = "2.0.12"
+VERSION = "2.0.13"

 if not os.path.exists(config['config_dir']):
 	shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None)
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,6 +1,6 @@
 [tool.poetry]
 name = "autorecon"
-version = "2.0.12"
+version = "2.0.13"
 description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services."
 authors = ["Tib3rius"]
 license = "GNU GPL v3"