RomanNum3ral
/
AutoRecon
mirror of https://github.com/Tib3rius/AutoRecon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes and New Scan feature (#128) 

* fix issues and add function

* Fix smbclient

* Reverted some minor changes.

ffuf's -noninteractive flag does function. Unsure of why it was removed.
smbclient bug confirmed, but added -I back in and put // before the address since that appears to be the correct syntax.
Renamed CurlKnowSecurity to CurlKnownSecurity.

Co-authored-by: Tib3rius <48113936+Tib3rius@users.noreply.github.com>
This commit is contained in:
Tim Bentley 2021-12-12 04:34:38 +00:00 committed by GitHub
parent 3b553e1933
commit cfac135cc4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
autorecon/default-plugins/http_server.py
View File

@ -79,6 +79,31 @@ class CurlRobots(ServiceScan):
else: else:
info('{bblue}[' + fformat('{tag}') + ']{rst} There did not appear to be a robots.txt file in the webroot (/).') info('{bblue}[' + fformat('{tag}') + ']{rst} There did not appear to be a robots.txt file in the webroot (/).')
class CurlKnownSecurity(ServiceScan):
def __init__(self):
super().__init__()
self.name = "Known Security"
self.tags = ['default', 'safe', 'http']
def configure(self):
self.match_service_name('^http')
self.match_service_name('^nacn_http$', negative_match=True)
async def run(self, service):
if service.protocol == 'tcp':
process, stdout, _ = await service.execute('curl -sSikf {http_scheme}://{addressv6}:{port}/.well-known/security.txt', future_outfile='{protocol}_{port}_{http_scheme}_known-security.txt')
lines = await stdout.readlines()
if process.returncode == 0 and lines:
filename = fformat('{scandir}/{protocol}_{port}_{http_scheme}_known-security.txt')
with open(filename, mode='wt', encoding='utf8') as robots:
robots.write('\n'.join(lines))
else:
info('{bblue}[' + fformat('{tag}') + ']{rst} There did not appear to be a .well-known/security.txt file in the webroot (/).')
class DirBuster(ServiceScan): class DirBuster(ServiceScan):
def __init__(self): def __init__(self):

2
autorecon/default-plugins/smb.py
View File

@ -82,7 +82,7 @@ class SMBClient(ServiceScan):
self.run_once(True) self.run_once(True)
async def run(self, service): async def run(self, service):
await service.execute('smbclient -L\\\\ -N -I {address} 2>&1', outfile='smbclient.txt') await service.execute('smbclient -L //{address} -N -I {address} 2>&1', outfile='smbclient.txt')
class SMBMap(ServiceScan): class SMBMap(ServiceScan):

2
autorecon/main.py
View File

@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error,
from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon
from autorecon.targets import Target, Service from autorecon.targets import Target, Service
VERSION = "2.0.5" VERSION = "2.0.6"
if not os.path.exists(config['config_dir']): if not os.path.exists(config['config_dir']):
shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None)

2
pyproject.toml
View File

@ -1,6 +1,6 @@
[tool.poetry] [tool.poetry]
name = "autorecon" name = "autorecon"
version = "2.0.5" version = "2.0.6"
description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services."
authors = ["Tib3rius"] authors = ["Tib3rius"]
license = "GNU GPL v3" license = "GNU GPL v3"