Fixed bug in dirbuster and vhost-enum plugins. Redirections are now followed. This could potentially cause issues down the line but for now it seems to work.
Have re-enabled nikto as an auto-run plugin, however several constraints are in place to ensure it doesn't take too long.
A few manual plugin updates (command formatting etc.)
Fixed bug where processes were left running after AutoRecon is cancelled and/or times out.
Status messages now include PIDs of running processes if verbosity >= 2.
Closes#183Fixes#184
Plugins & wordlists are now stored in ~/.local/share/AutoRecon.
Default config / global config files are still stored in ~/.config/AutoRecon.
Removed feature which used the cwd's config.toml, global.toml, and plugins dir if detected.
Fixed bug which wouldn't generate combined reports in some cases.
Using --disable-sanity-checks will allow AutoRecon to run even if target(s) were unresolvable (one or more targets must be valid however).
Added a new plugin for ajp.
Return value of check() will deregister the plugin if it is False.
Updated several plugins which use check() to return False where appropriate.
Added "Report" class to protected classes.
SMB Vuln plugin now runs all smb-vuln-* scripts in one command instead of only three in separate commands. This duplicates some work from the regular Nmap SMB scan but not too much. Manual command will only scan smb-vuln-* scripts that are marked as "dos".
Since Nmap reports WinRM as HTTP, the port scan plugins now do a few additional checks on ports 5985 and 5986 to avoid running needless HTTP plugins if the services are just WinRM.
Updated the project dependencies to match.
The plugin function get_option() now has an optional default value which is returned in the event that no option was provided (either by the plugin as a default when creating the option, or by the end user).
* Update ldap-search.py
Hi Tib3rius
ldapsearch has updated syntax.
-h and -p have been Deprecated in favor of -H
New syntax is -H ldap://<IP>:<PORT>
* Version update.
Co-authored-by: Tib3rius <48113936+Tib3rius@users.noreply.github.com>
Plugins can now call info(), warn(), and error() functions from their service / target object which will properly prefix the plugin name, etc.
A new subdomain enumeration plugin using gobuster has been developed.
Changed the --create-port-dirs option to --no-port-dirs (making their creation default).
Added -T4 to the default nmap commands.
Adjusted config.toml accordingly.
* fix issues and add function
* Fix smbclient
* Reverted some minor changes.
ffuf's -noninteractive flag does function. Unsure of why it was removed.
smbclient bug confirmed, but added -I back in and put // before the address since that appears to be the correct syntax.
Renamed CurlKnowSecurity to CurlKnownSecurity.
Co-authored-by: Tib3rius <48113936+Tib3rius@users.noreply.github.com>
* Restructured program to enable packaging. Moved main into its own function and resolved global dependency issues. Configured pyproject.toml
* Restructured configuration management such that configuration files are stored in the default user configuration directory for the OS they're using, utilising appdirs
* Added exclusion for byte compiled python files
* Removed build files from version control
* Restructured config file initialisation into a function so that it can be called by the entrypoint main() function
* Resolved issues updating global variables from within function scope. Added global identifiers to global variables to make them more readily identifiable as such
* Formatting revision
* Updated documentation to reflect package installation instructions and usage
* Grammatical revision to improve instructional clarity
* Added default sudo for udp scans to prompt for password to elevate privileges
* Added an installation command for all required packages to the README
* Added manual installation instructions, clarification of oscp vm limitations installing pip3, and instructions on how to elevate privileges when installed with pipx
* Formatting revision to improve clarity of instructions and added requirements.txt
* Removed hardcoded sudo commands from default scan configurations
* Changed suggestion to add alias to .bashrc to .profile as this is what's used by default in kali to set initial temrinal conditions
* Fixed error in manual installation that would have resulted in installing python2 packages
Tib3rius
Asim Aziz
malet
Heino Sass Hallik
Tim Bentley
Samuel Dowling