RomanNum3ral
/
AutoRecon
mirror of https://github.com/Tib3rius/AutoRecon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Plugin Updates 

Added global option "domain" for use with DNS / Active Directory.
Updated DNS and Kerberos plugins.
This commit is contained in:
Tib3rius 2021-08-20 13:22:55 -04:00
parent 2921dc283d
commit ca18ac9403
3 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
global.toml
View File

@ -5,3 +5,7 @@ help = 'A wordlist of usernames, useful for bruteforcing. Default: %(default)s'
[global.password-wordlist]
default = '/usr/share/seclists/Passwords/darkweb2017-top100.txt'
help = 'A wordlist of passwords, useful for bruteforcing. Default: %(default)s'
[global.domain]
default = false
help = 'The domain to use (if known). Used for DNS and/or Active Directory.'

7
plugins/dns.py
View File

@ -22,13 +22,12 @@ class DNSZoneTransfer(ServiceScan):
def configure(self):
self.match_service_name('^domain')
self.add_option('domain', help='The domain name to perform a zone transfer on.')
async def run(self, service):
if self.get_option('domain') is None:
await service.execute('dig AXFR -p {port} @{address}', outfile='{protocol}_{port}_dns_zone-transfer.txt')
if self.get_global('domain'):
await service.execute('dig AXFR -p {port} @{address} ' + self.get_global('domain'), outfile='{protocol}_{port}_dns_zone-transfer.txt')
else:
await service.execute('dig AXFR -p {port} @{address} ' + self.get_option('domain'), outfile='{protocol}_{port}_dns_zone-transfer.txt')
await service.execute('dig AXFR -p {port} @{address}', outfile='{protocol}_{port}_dns_zone-transfer.txt')
class DNSReverseLookup(ServiceScan):

5
plugins/kerberos.py
View File

@ -11,4 +11,7 @@ class NmapKerberos(ServiceScan):
self.match_service_name(['^kerberos', '^kpasswd'])
async def run(self, service):
await service.execute('nmap {nmap_extra} -sV -p {port} --script="banner,krb5-enum-users" -oN "{scandir}/{protocol}_{port}_kerberos_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_kerberos_nmap.xml" {address}')
if self.get_global('domain') and self.get_global('username-wordlist'):
await service.execute('nmap {nmap_extra} -sV -p {port} --script="banner,krb5-enum-users" --script-args krb5-enum-users.realm="' + self.get_global('domain') + '",userdb="' + self.get_global('username-wordlist') + '" -oN "{scandir}/{protocol}_{port}_kerberos_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_kerberos_nmap.xml" {address}')
else:
await service.execute('nmap {nmap_extra} -sV -p {port} --script="banner,krb5-enum-users" -oN "{scandir}/{protocol}_{port}_kerberos_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_kerberos_nmap.xml" {address}')