From c67909f21bd3a1b2f3c7e8a717f5627151db6e5c Mon Sep 17 00:00:00 2001 From: Tib3rius <48113936+Tib3rius@users.noreply.github.com> Date: Tue, 29 Nov 2022 12:04:15 -0500 Subject: [PATCH] Added ability to override unresolvable hosts failure. Using --disable-sanity-checks will allow AutoRecon to run even if target(s) were unresolvable (one or more targets must be valid however). Added a new plugin for ajp. --- autorecon/config.py | 2 +- autorecon/default-plugins/nmap-ajp.py | 14 ++++++++++++++ autorecon/main.py | 11 ++++++++--- pyproject.toml | 2 +- 4 files changed, 24 insertions(+), 5 deletions(-) create mode 100644 autorecon/default-plugins/nmap-ajp.py diff --git a/autorecon/config.py b/autorecon/config.py index c8162ce..997a20e 100644 --- a/autorecon/config.py +++ b/autorecon/config.py @@ -43,7 +43,7 @@ configurable_boolean_keys = [ config = { 'protected_classes': ['autorecon', 'target', 'service', 'commandstreamreader', 'plugin', 'portscan', 'report', 'servicescan', 'global', 'pattern'], - 'service_exceptions': ['mc-nmf', 'ncacn_http', 'smux', 'status', 'tcpwrapped', 'unknown'], + 'service_exceptions': ['infocrypt', 'mc-nmf', 'ncacn_http', 'smux', 'status', 'tcpwrapped', 'unknown'], 'config_dir': config_dir, 'global_file': None, 'ports': None, diff --git a/autorecon/default-plugins/nmap-ajp.py b/autorecon/default-plugins/nmap-ajp.py new file mode 100644 index 0000000..fcba5a0 --- /dev/null +++ b/autorecon/default-plugins/nmap-ajp.py @@ -0,0 +1,14 @@ +from autorecon.plugins import ServiceScan + +class NmapAJP(ServiceScan): + + def __init__(self): + super().__init__() + self.name = 'Nmap AJP' + self.tags = ['default', 'safe', 'ajp'] + + def configure(self): + self.match_service_name(['^ajp13']) + + async def run(self, service): + await service.execute('nmap {nmap_extra} -sV -p {port} --script="banner,(ajp-* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_ajp_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_ajp_nmap.xml" {address}') diff --git a/autorecon/main.py b/autorecon/main.py index b2de01a..2569bf5 100644 --- a/autorecon/main.py +++ b/autorecon/main.py @@ -4,7 +4,7 @@ import argparse, asyncio, importlib.util, inspect, ipaddress, math, os, re, sele from datetime import datetime try: - import appdirs, colorama, toml, unidecode + import appdirs, colorama, impacket, requests, toml, unidecode from colorama import Fore, Style except ModuleNotFoundError: print('One or more required modules was not installed. Please run or re-run: ' + ('sudo ' if os.getuid() == 0 else '') + 'python3 -m pip install -r requirements.txt') @@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error, from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon from autorecon.targets import Target, Service -VERSION = "2.0.28" +VERSION = "2.0.29" if not os.path.exists(config['config_dir']): shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) @@ -1318,6 +1318,7 @@ async def run(): error('The target file ' + args.target_file + ' could not be read.') sys.exit(1) + unresolvable_targets = False for target in raw_targets: try: ip = ipaddress.ip_address(target) @@ -1397,8 +1398,12 @@ async def run(): autorecon.pending_targets.append(Target(target, ip, 'IPv6', 'hostname', autorecon)) except socket.gaierror: + unresolvable_targets = True error(target + ' does not appear to be a valid IP address, IP range, or resolvable hostname.') - errors = True + + if not args.disable_sanity_checks and unresolvable_targets == True: + error('AutoRecon will not run if any targets are invalid / unresolvable. To override this, re-run with the --disable-sanity-checks option.') + errors = True if len(autorecon.pending_targets) == 0: error('You must specify at least one target to scan!') diff --git a/pyproject.toml b/pyproject.toml index dab9e19..46845ba 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "autorecon" -version = "2.0.28" +version = "2.0.29" description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." authors = ["Tib3rius"] license = "GNU GPL v3"