From eb003b7f2c4287bf8ae4c8b34cb7bf824699abb2 Mon Sep 17 00:00:00 2001 From: Tib3rius <48113936+Tib3rius@users.noreply.github.com> Date: Thu, 13 Jan 2022 22:21:44 -0500 Subject: [PATCH] Added GetArch plugin. Resolves #138 --- autorecon/default-plugins/rpc.py | 15 +++++++++++++++ autorecon/io.py | 24 +++++++++++++++++++----- autorecon/main.py | 2 +- pyproject.toml | 2 +- 4 files changed, 36 insertions(+), 7 deletions(-) diff --git a/autorecon/default-plugins/rpc.py b/autorecon/default-plugins/rpc.py index e160c11..cbb128c 100644 --- a/autorecon/default-plugins/rpc.py +++ b/autorecon/default-plugins/rpc.py @@ -40,3 +40,18 @@ class RPCDump(ServiceScan): async def run(self, service): if service.protocol == 'tcp': await service.execute('impacket-rpcdump -port {port} {address}', outfile='{protocol}_{port}_rpc_rpcdump.txt') + +class GetArch(ServiceScan): + + def __init__(self): + super().__init__() + self.name = 'get-arch' + self.tags = ['default', 'safe', 'rpc'] + + def configure(self): + self.match_service_name(['^msrpc']) + self.match_port('tcp', 135) + self.add_pattern(' is ((32|64)-bit)', description='Identified Architecture: {match}') + + async def run(self, service): + await service.execute('getArch.py -target {address}', outfile='{protocol}_{port}_rpc_architecture.txt') diff --git a/autorecon/io.py b/autorecon/io.py index fbb2e49..f7a4ccb 100644 --- a/autorecon/io.py +++ b/autorecon/io.py @@ -127,15 +127,29 @@ class CommandStreamReader(object): # Check lines for pattern matches. for p in self.patterns: matches = p.pattern.findall(line) + if len(matches) > 0 and isinstance(matches[0], tuple): + matches = list(matches[0]) + match_count = 1 + description = '' for match in matches: + if p.description: + if match_count == 1: + description = p.description.replace('{match}', match) + description = description.replace('{match' + str(match_count) + '}', match) + else: + info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}Matched Pattern: ' + match + '{rst}', verbosity=2) + async with self.target.lock: + with open(os.path.join(self.target.scandir, '_patterns.log'), 'a') as file: + file.writelines('Matched Pattern: ' + match + '\n\n') + + match_count += 1 + + if matches: async with self.target.lock: with open(os.path.join(self.target.scandir, '_patterns.log'), 'a') as file: if p.description: - info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}' + p.description.replace('{match}', match) + '{rst}', verbosity=2) - file.writelines(p.description.replace('{match}', match) + '\n\n') - else: - info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}Matched Pattern: ' + match + '{rst}', verbosity=2) - file.writelines('Matched Pattern: ' + match + '\n\n') + info('{bright}[{yellow}' + self.target.address + '{crst}/{bgreen}' + self.tag + '{crst}]{rst} {bmagenta}' + description + '{rst}', verbosity=2) + file.writelines(description + '\n\n') if self.outfile is not None: with open(self.outfile, 'a') as writer: diff --git a/autorecon/main.py b/autorecon/main.py index 16c8ebe..94c9653 100644 --- a/autorecon/main.py +++ b/autorecon/main.py @@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error, from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon from autorecon.targets import Target, Service -VERSION = "2.0.12" +VERSION = "2.0.13" if not os.path.exists(config['config_dir']): shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None) diff --git a/pyproject.toml b/pyproject.toml index 7653880..60d11dc 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "autorecon" -version = "2.0.12" +version = "2.0.13" description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services." authors = ["Tib3rius"] license = "GNU GPL v3"