diff --git a/autorecon.py b/autorecon.py index 2f269e4..485c831 100644 --- a/autorecon.py +++ b/autorecon.py @@ -305,6 +305,7 @@ class ServiceScan(Plugin): self.ignore_ports = {'tcp':[], 'udp':[]} self.service_names = [] self.ignore_service_names = [] + self.match_all_service_names_boolean = False self.run_once_boolean = False self.require_ssl_boolean = False @@ -354,6 +355,10 @@ class ServiceScan(Plugin): def run_once(self, boolean): self.run_once_boolean = boolean + @final + def match_all_service_names(self, boolean): + self.match_all_service_names_boolean = boolean + class AutoRecon(object): def __init__(self): @@ -908,10 +913,14 @@ async def scan_target(target): heading = False for plugin in target.autorecon.plugin_types['service']: + plugin_service_match = False plugin_tag = service.tag() + '/' + plugin.slug for s in plugin.service_names: if re.search(s, service.name): + plugin_service_match = True + + if plugin.match_all_service_names_boolean or plugin_service_match: plugin_tag_set = set(plugin.tags) matching_tags = False @@ -941,15 +950,18 @@ async def scan_target(target): # Skip plugin if require_ssl_boolean and port is not secure if plugin.require_ssl_boolean and not service.secure: + plugin_service_match = False continue # Skip plugin if service port is in ignore_ports: if port in plugin.ignore_ports[protocol]: + plugin_service_match = False warn('{byellow}[' + plugin_tag + ' against ' + target.address + ']{srst} Plugin cannot be run against ' + protocol + ' port ' + str(port) + '. Skipping.{rst}') continue # Skip plugin if plugin has required ports and service port is not in them: if plugin.ports[protocol] and port not in plugin.ports[protocol]: + plugin_service_match = False warn('{byellow}[' + plugin_tag + ' against ' + target.address + ']{srst} Plugin can only run on specific ports. Skipping.{rst}') continue @@ -974,6 +986,9 @@ async def scan_target(target): break + if plugin_service_match: + service_match = True + for plugin in matching_plugins: plugin_tag = service.tag() + '/' + plugin.slug @@ -989,10 +1004,10 @@ async def scan_target(target): pending.add(asyncio.create_task(service_scan(plugin, service))) - #if not service_match: - # warn('{byellow}[' + target.address + ']{srst} Service ' + service.full_tag() + ' did not match any plugins.{rst}') - # if service.full_tag() not in target.autorecon.missing_services: - # target.autorecon.missing_services.append(service.full_tag()) + if not service_match: + warn('{byellow}[' + target.address + ']{srst} Service ' + service.full_tag() + ' did not match any plugins based on the service name.{rst}') + if service.full_tag() not in target.autorecon.missing_services: + target.autorecon.missing_services.append(service.full_tag()) heartbeat.cancel() elapsed_time = calculate_elapsed_time(start_time) @@ -1411,8 +1426,8 @@ async def main(): elapsed_time = calculate_elapsed_time(start_time) info('{bright}Finished scanning all targets in ' + elapsed_time + '!{rst}') - #if autorecon.missing_services: - # warn('{byellow}AutoRecon identified the following services, but could not match them to any plugins. Please report these to Tib3rius: ' + ', '.join(autorecon.missing_services) + '{rst}') + if autorecon.missing_services: + warn('{byellow}AutoRecon identified the following services, but could not match them to any plugins based on the service name. Please report these to Tib3rius: ' + ', '.join(autorecon.missing_services) + '{rst}') if __name__ == '__main__': signal.signal(signal.SIGINT, cancel_all_tasks) diff --git a/plugins/sslscan.py b/plugins/sslscan.py index 1ece982..4730238 100644 --- a/plugins/sslscan.py +++ b/plugins/sslscan.py @@ -8,7 +8,7 @@ class SSLScan(ServiceScan): self.tags = ['default', 'ssl', 'tls'] def configure(self): - self.match_service_name('.+') + self.match_all_service_names(True) self.require_ssl(True) async def run(self, service):