RomanNum3ral
/
AutoRecon
mirror of https://github.com/Tib3rius/AutoRecon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use hydra for smtp-user-enum and try multiple methods. 

smtp-user-enum is slow as it opens a new connection for each attempted username.
Hydra tries usernames until the server terminates the connection.

Additionally this removes one dependency for AutoRecon.
This commit is contained in:
Stefan Loewen 2021-08-01 14:16:22 +02:00
parent fb9ca7e3a2
commit b0868077ff
3 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -10,7 +10,7 @@ RUN sudo apt install python3-pip -y
RUN python3 -m pip install --user pipx RUN python3 -m pip install --user pipx
RUN python3 -m pipx ensurepath RUN python3 -m pipx ensurepath
RUN python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git RUN python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git
RUN sudo apt install seclists curl enum4linux gobuster nbtscan nikto nmap onesixtyone oscanner smbclient smbmap smtp-user-enum snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf -y RUN sudo apt install seclists curl enum4linux gobuster nbtscan nikto nmap onesixtyone oscanner smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf -y
RUN echo "Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/kali/.local/bin"" >> /etc/sudoers RUN echo "Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/kali/.local/bin"" >> /etc/sudoers
RUN apt-get -y autoremove && apt-get -y autoclean RUN apt-get -y autoremove && apt-get -y autoclean
ENTRYPOINT ["autorecon"] ENTRYPOINT ["autorecon"]

3
README.md
View File

@ -119,7 +119,6 @@ onesixtyone
oscanner oscanner
smbclient smbclient
smbmap smbmap
smtp-user-enum
snmpwalk snmpwalk
sslscan sslscan
svwar svwar
@ -131,7 +130,7 @@ wkhtmltoimage
On Kali Linux, you can ensure these are all installed using the following command: On Kali Linux, you can ensure these are all installed using the following command:
```bash ```bash
$ sudo apt install seclists curl enum4linux feroxbuster nbtscan nikto nmap onesixtyone oscanner smbclient smbmap smtp-user-enum snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf $ sudo apt install seclists curl enum4linux feroxbuster nbtscan nikto nmap onesixtyone oscanner smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf
``` ```
## Installation ## Installation

14
src/autorecon/config/service-scans-default.toml
View File

@ -488,8 +488,18 @@ service-names = [
command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(smtp* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_smtp_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_smtp_nmap.xml" {address}' command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(smtp* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_smtp_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_smtp_nmap.xml" {address}'
[[smtp.scan]] [[smtp.scan]]
name = 'smtp-user-enum' name = 'hydra-smtp-enum-vrfy'
command = 'smtp-user-enum -M VRFY -U "{username_wordlist}" -t {address} -p {port} 2>&1 | tee "{scandir}/{protocol}_{port}_smtp_user-enum.txt"' command = 'hydra smtp-enum://{address}:{port}/vrfy -L "{username_wordlist}" -o "{scandir}/{protocol}_{port}_smtp_user-enum_hydra_vrfy.txt"'
[[smtp.scan]]
name = 'hydra-smtp-enum-expn'
command = 'hydra smtp-enum://{address}:{port}/expn -L "{username_wordlist}" -o "{scandir}/{protocol}_{port}_smtp_user-enum_hydra_expn.txt"'
[[smtp.manual]]
description = 'Try User Enumeration using "RCPT TO". Replace <TARGET-DOMAIN> with the targets domain name.'
commands = [
'hydra smtp-enum://{address}:{port}/rcpt -L "{username_wordlist}" -o "{scandir}/{protocol}_{port}_smtp_user-enum_hydra_rcpt.txt" -p <TARGET-DOMAIN>'
]
[snmp] [snmp]