Merge branch 'main' into main

autorecon/default-plugins/http_server.py

@@ -79,6 +79,31 @@ class CurlRobots(ServiceScan):
 			else:
 				info('{bblue}[' + fformat('{tag}') + ']{rst} There did not appear to be a robots.txt file in the webroot (/).')
 
+class CurlKnownSecurity(ServiceScan):
+
+	def __init__(self):
+		super().__init__()
+		self.name = "Known Security"
+		self.tags = ['default', 'safe', 'http']
+
+	def configure(self):
+		self.match_service_name('^http')
+		self.match_service_name('^nacn_http$', negative_match=True)
+
+	async def run(self, service):
+		if service.protocol == 'tcp':
+			process, stdout, _ = await service.execute('curl -sSikf {http_scheme}://{addressv6}:{port}/.well-known/security.txt', future_outfile='{protocol}_{port}_{http_scheme}_known-security.txt')
+
+			lines = await stdout.readlines()
+
+			if process.returncode == 0 and lines:
+				filename = fformat('{scandir}/{protocol}_{port}_{http_scheme}_known-security.txt')
+				with open(filename, mode='wt', encoding='utf8') as robots:
+					robots.write('\n'.join(lines))
+			else:
+				info('{bblue}[' + fformat('{tag}') + ']{rst} There did not appear to be a .well-known/security.txt file in the webroot (/).')
+
+
 class DirBuster(ServiceScan):
 
 	def __init__(self):

autorecon/default-plugins/smb.py

@@ -82,7 +82,7 @@ class SMBClient(ServiceScan):
 		self.run_once(True)
 
 	async def run(self, service):
-		await service.execute('smbclient -L\\\\ -N -I {address} 2>&1', outfile='smbclient.txt')
+		await service.execute('smbclient -L //{address} -N -I {address} 2>&1', outfile='smbclient.txt')
 
 class SMBMap(ServiceScan):
 

autorecon/main.py

@@ -517,6 +517,11 @@ async def scan_target(target):
 			protocol = service.protocol
 			port = service.port
 
+			if config['create_port_dirs']:
+				scandir = os.path.join(scandir, protocol + str(port))
+				os.makedirs(scandir, exist_ok=True)
+				os.makedirs(os.path.join(scandir, 'xml'), exist_ok=True)
+
 			# Special cases for HTTP.
 			http_scheme = 'https' if 'https' in service.name or service.secure is True else 'http'
 
@@ -641,7 +646,7 @@ async def scan_target(target):
 											plugin_run = True
 											break
 									if not plugin.run_once_boolean or (plugin.run_once_boolean and not plugin_run):
-										with open(os.path.join(scandir, '_manual_commands.txt'), 'a') as file:
+										with open(os.path.join(target.scandir, '_manual_commands.txt'), 'a') as file:
 											if not heading:
 												file.write(e('[*] {service.name} on {service.protocol}/{service.port}\n\n'))
 												heading = True
@@ -689,7 +694,7 @@ async def scan_target(target):
 
 			if not service_match:
 				warn('{byellow}[' + target.address + ']{srst} Service ' + service.full_tag() + ' did not match any plugins based on the service name.{rst}', verbosity=2)
-				if service.full_tag() not in target.autorecon.missing_services:
+				if service.name != 'tcpwrapped' and service.full_tag() not in target.autorecon.missing_services:
 					target.autorecon.missing_services.append(service.full_tag())
 
 	for plugin in target.autorecon.plugin_types['report']: