tib3rius / autorecon Goto Github PK
View Code? Open in Web Editor NEWAutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
License: GNU General Public License v3.0
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
License: GNU General Public License v3.0
dirb needsdirb URL wordlist -o "output"
Current just uses the default wordlist, which is not the intention.
[-] (dirb) Recursive directory/file enumeration for web servers using various wordlists (same as dirsearch above):
dirb http://10.11.1.116:80/ -o "/root/work/reconnoitre/10.11.1.116/scans/tcp_80_http_dirb_big.txt" /usr/share/seclists/Discovery/Web-Content/big.txt
dirb http://10.11.1.116:80/ -o "/root/work/reconnoitre/10.11.1.116/scans/tcp_80_http_dirb_dirbuster.txt" /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
Demo
root@kali:/tmp# echo foo > /tmp/wordlist
root@kali:/tmp# dirb http://127.0.0.1 -o "output" /tmp/wordlist
-----------------
DIRB v2.22
By The Dark Raver
-----------------
OUTPUT_FILE: output
START_TIME: Fri Apr 19 07:18:44 2019
URL_BASE: http://127.0.0.1/
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt
-----------------
GENERATED WORDS: 4612
---- Scanning URL: http://127.0.0.1/ ----
+ http://127.0.0.1/index.html (CODE:200|SIZE:6)
^C> Testing: http://127.0.0.1/livesupport
root@kali:/tmp# dirb http://127.0.0.1 /tmp/wordlist -o "output"
-----------------
DIRB v2.22
By The Dark Raver
-----------------
OUTPUT_FILE: output
START_TIME: Fri Apr 19 07:19:05 2019
URL_BASE: http://127.0.0.1/
WORDLIST_FILES: /tmp/wordlist
-----------------
GENERATED WORDS: 1
---- Scanning URL: http://127.0.0.1/ ----
-----------------
END_TIME: Fri Apr 19 07:19:05 2019
DOWNLOADED: 1 - FOUND: 0
root@kali:/tmp#
root@kalix64:~/OSCP/# nmap -vv --reason -Pn -sV -p 139 --script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" --script-args="unsafe=1" -oN "/root/OSCP//results/10.11.1.420/scans/tcp_139_smb[99/99]
xt" -oX "/root/OSCP//results/10.11.1.420/scans/xml/tcp_139_smb_nmap.xml" 10.11.1.420
Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-19 07:43 EDT
Segmentation fault
root@kalix64:~/OSCP/# nmap -d -vv --reason -Pn -sV -p 139 --script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" --script-args="unsafe=1" -oN "/root/OSCP//results/10.11.1.420/scans/tcp_139_smb_nma
p.txt" -oX "/root/OSCP//results/10.11.1.420/scans/xml/tcp_139_smb_nmap.xml" 10.11.1.420
Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-19 07:43 EDT
--------------- Timing report ---------------
hostgroups: min 1, max 100000
rtt-timeouts: init 1000, min 100, max 10000
max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
parallelism: min 0, max 0
max-retries: 10, host-timeout: 0
min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI: unsafe=1
NSE: Arguments parsed: unsafe=1
Segmentation fault
root@kalix64:~/OSCP/# nmap -d -vv --reason -Pn -sV -p 139 --script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "/root/OSCP//results/10.11.1.420/scans/tcp_139_smb_nmap.txt" -oX "/root/OSCP/ma
il/results/10.11.1.420/scans/xml/tcp_139_smb_nmap.xml" 10.11.1.420
Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-19 07:43 EDT
--------------- Timing report ---------------
hostgroups: min 1, max 100000
rtt-timeouts: init 1000, min 100, max 10000
max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
parallelism: min 0, max 0
max-retries: 10, host-timeout: 0
min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI:
NSE: Loaded 84 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 3) scan.
Initiating NSE at 07:43
Not sure why removing --script-args="unsafe=1" makes it so that it does not seg fault though. Also not sure if this issue is just my kali box or not but figured I would share. Thanks for making this by the way. Literally the best enumeration tool. Saves so much time
Anyone else having issues when trying to install via pipx. I installed all the requirements and when I attempt to install the required pre-reqs and get this:
kali@kali:~$ sudo pipx install git+https://github.com/Tib3rius/AutoRecon.git
Package cannot be a url
Sometimes there are reasons to have modified or added custom scans. Currently the only way to have those run is to modify port-scan-profiles.toml or service-scans.toml files. Unfortunately these changes are lost, unless backed up, each update and then the files must be manually compared to fixes.
A "customs" file in the config directory which is referenced would allow these custom scans to be ran in addition to or to replace the default scans included with a default install. The config file would not be updated with each revision allowing the custom scans to remain.
Possible solution:
Referencing the customs file, but not including it in the git so a fresh pull won't overwrite the customs file. A user would just have to create and properly name the file to match what the default install is looking for.
OS: kali 2019.3 x64
uname -a:
Linux kali 5.3.0-kali1-amd64 #1 SMP Debian 5.3.7-1kali2 (2019-11-04) x86_64 GNU/Linux
root@kali:/# apt install curl enum4linux gobuster nbtscan nikto nmap onesixtyone oscanner smbclient smbmap smtp-user-enum snmpwalk sslscan svwar tnscmd10g whatweb wkhtmltoimage
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package snmpwalk
E: Unable to locate package svwar
E: Unable to locate package wkhtmltoimage
/etc/apt/sources.list:
deb http://http.kali.org/kali kali-rolling main non-free contrib
So I have attempted to do this 5 times now. every time I install pip3 I get a corrupted file which causes any HTTP method to crash, which then causes my system to not even allow me to recover.
This is an enhancement request to add https://github.com/RicterZ/My-NSE-Scripts/blob/master/scripts/winrm.nse script to the full scan so it can find WinRM service running on a standard & non standard port.
AutoRecon is so very useful. Using it in my oscp labs now. Great stuff! Saves a lot of time, and the output is clear!
Add support for reading targets from a file.
autorecon 192.168.1.100 192.168.1.1/30 localhost
may I know what is the localhost from the above for?
Your tool/software has been inventoried on Rawsec's CyberSecurity Inventory.
https://inventory.rawsec.ml/tools.html#AutoRecon
An inventory of tools and resources about CyberSecurity. This inventory aims to help people to find everything related to CyberSecurity.
More details about features here.
Note: the inventory is a FLOSS (Free, Libre and Open-Source Software) project.
Mainly because this is giving visibility to your tool, more and more people are using the Rawsec's CyberSecurity Inventory, this helps them find what they need.
The badge shows to your community that your are inventoried. This also shows you care about your project and want it growing, that your tool is not an abandonware.
Feel free to claim your badge here: http://inventory.rawsec.ml/features.html#badges, it looks like that , but there are several styles available.
If you want to thank us, you can help make the project better known by tweeting about it! For example:
That's all, this message is just to notify you if you care.
onesixtyone scans are failing with the error message below.
[udp_161_snmp_onesixtyone.txt]:
Debug level 2
Target ip read from command line: 10.11.1.13
Using community file /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings_onesixtyone.txt
Error opening community file /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings_onesixtyone.txt
There is a typo in the name of this file in config/service-scans.toml. The problem was fixed when I changed it to:
/usr/share/seclists/Discovery/SNMP/common-snmp-community-strings-onesixtyone.txt
Hi,
I am using the current version from git, Python 3.9.1rc1 on a Kali 2020.4, and get between the output of AutoRecon several times the following error:
Task exception was never retrieved
future: <Task finished name='Task-347' coro=<read_stream() done, defined at /home/kali/git/AutoRecon/src/autorecon/autorecon.py:221> exception=ValueError('Separator is not found, and chunk exceed the limit')>
Traceback (most recent call last):
File "/usr/lib/python3.9/asyncio/streams.py", line 540, in readline
line = await self.readuntil(sep)
File "/usr/lib/python3.9/asyncio/streams.py", line 618, in readuntil
raise exceptions.LimitOverrunError(
asyncio.exceptions.LimitOverrunError: Separator is not found, and chunk exceed the limit
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/kali/git/AutoRecon/src/autorecon/autorecon.py", line 224, in read_stream
line = await stream.readline()
File "/usr/lib/python3.9/asyncio/streams.py", line 549, in readline
raise ValueError(e.args[0])
ValueError: Separator is not found, and chunk exceed the limit
I'm not sure what this is or what impact it has. Maybe this is a problem with Python 3.9?
Many thanks and greetings
Simply running AutoRecon does create a _manual_commands.txt file with commands like dirb http://127.0.0.1:443/ /usr/share/seclists/Discovery/Web-Content/big.txt -l -r -S -X ",.txt,.html,.php,.asp,.aspx,.jsp" -o "/home/kali/HTB/BEEP/results/10.10.10.7/scans/results/127.0.0.1/scans/tcp_443_http_dirb_big.txt"
in.
However, no output file is actually created.
Running this command itself does run, but AutoRecon doesn't seem to run it.
Any Ideas?
Kali 2020.1
When I check try and run the command from _error it tells me the command needs elevated privileges.
You requested a scan type which requires root privileges.
QUITTING!
All the other commands that run are fine. No issues. Great tool.
I have installed requirements, running on debian. When I run: sudo python autorecon.py I get the following error:
File "autorecon.py", line 52 def e(*args, frame_index=1, **kvargs): ^ SyntaxError: invalid syntax
uname -a: Linux parrot 5.3.0-1parrot1-amd64 #1 SMP Parrot 5.3.7-1parrot1 (2019-11-04) x86_64 GNU/Linux
Hello,
The results of using gobuster are only empty lines (in some cases a couple of hundreds). Sample:
:::::::::::::
tcp_80_http_gobuster.txt
::::::::::::::
/////
Gobuster v2.0.1 OJ Reeves (@TheColonial)
/////
/////
[+] Mode : dir
[+] Url/Domain : http://onetwoseven.htb:80/
[+] Threads : 10
[+] Wordlist : /usr/share/seclists/Discovery/Web-Content/common.txt
[+] Status codes : 200,204,301,302,307,403
[+] Show length : true
[+] Extensions : html,php,asp,aspx,txt
[+] Expanded : true
[+] Timeout : 10s
///////////////
/////
/////
2019/05/12 19:16:14 Starting gobuster
/////
Output:
empty lines.
I did try with many other targets and I obtained the same result.
For port-scan-profiles.toml, unicornscan is depreciated. Recommend "nmap -vv -T5 -sU –top-ports 100 X.X.X.X"
I followed the guide and attempted the following command which failed:
sudo pipx install git+https://github.com/Tib3rius/AutoRecon.git
It looked like most of it worked, but a select few lines were errors:
I'd appreciate any help with this, thanks.
Got the following error when running autorecon.
[!] Service detection nmap-top-20-udp on 10.10.186.59 returned non-zero exit code: 1
Tried to run the nmap command manually and saw that it requires root access.
tried sudo autorecon but got the following instead.
Traceback (most recent call last): File "/home/kali/.local/bin/autorecon", line 5, in <module> from autorecon.autorecon import main ModuleNotFoundError: No module named 'autorecon'
This is my path after sudo
└─$ sudo echo $PATH
/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/home/kali/.local/bin
Throw in a FUNDING.yml and let us pay thank you.
This is a known issue which appears to be infrequent. Sometimes when AutoRecon finishes running, or the user cancels execution, anything typed into the terminal doesn't get displayed. Commands still appear to get executed.
A workaround is to run the command: reset
I think most/all of the gobuster commands need to be revised because it seems the gobuster command line options have been reorganized:
obuster -h
Usage:
gobuster [command]
Available Commands:
dir Uses directory/file enumeration mode
dns Uses DNS subdomain enumeration mode
fuzz Uses fuzzing mode
help Help about any command
s3 Uses aws bucket enumeration mode
version shows the current version
vhost Uses VHOST enumeration mode
Flags:
--delay duration Time each thread waits between requests (e.g. 1500ms)
-h, --help help for gobuster
--no-error Don't display errors
-z, --no-progress Don't display progress
-o, --output string Output file to write results to (defaults to stdout)
-p, --pattern string File containing replacement patterns
-q, --quiet Don't print the banner and other noise
-t, --threads int Number of concurrent threads (default 10)
-v, --verbose Verbose output (errors)
-w, --wordlist string Path to the wordlist
Use "gobuster [command] --help" for more information about a command.
As you can see you now have to supply a command to gobuster to get to the directory enumeration functions. The individual options to the subcommands may have changed as well.
New version of gobuster uses Modes (https://github.com/OJ/gobuster#available-modes).
From _manual_commands.txt:
gobuster dir -u http://172.16.1.23:80/ -w /usr/share/seclists/Discovery/Web-Content/big.txt -e -k -l -s "200,204,301,302,307,403,500" -x "txt,html,php,asp,aspx" -o "/root/labs/172.16.1.23/scans/tcp_80_http_gobuster_big.txt"
Produces the following error:
Error: unknown command "200,204,301,302,307,403,500" for "gobuster"
Run 'gobuster --help' for usage.
Modifying the command with 'dir' after gobuster works fine:
gobuster dir -u http://172.16.1.23:80/ -w /usr/share/seclists/Discovery/Web-Content/big.txt -e -k -l -s "200,204,301,302,307,403,500" -x "txt,html,php,asp,aspx" -o "/root/labs/172.16.1.23/scans/tcp_80_http_gobuster_big.txt"
Hi Tib3rius,
It would be great if AutoRecon outputted the total time the tool ran for.
Example - at the end of the scan it would say:
Finished scanning all targets in 2000 seconds.
Cheers
Ive scanned a host with the next command:
nmap -sV -Pn -p 445 --script='smb-vul*' --script-args=unsafe=1 $ip
and it shows that is vulnerable to ms08_067 (and it is, ive exploited it)
using your python whit the next command:
python3 autorecon.pi ip
it doesnt show this vulnerability. I´ve got the same problem using this command, which is similar to the one used in the python:
nmap -sV -Pn -p 445 --script='(smb*) and not (brute or broadcast or dos or external or fuzzer)' --script-args=unsafe=1 $ip
I know this is uber noob, but I followed the directions, autorecon installed, however I am not able to execute the command. Is there something else I need to do?
Hi Tib3rius,
Was hoping I could get your help on this. I think there is an update on the stuff that Autorecon is built on as my autorecon has stopped working all of a sudden after my most recent update on my Kali Linux Machine. I ran my usual command sudo env "PATH=$PATH" autorecon and it returned and error
Traceback (most recent call last):
File "/home/kali/.local/bin/autorecon", line 5, in <module>
from autorecon.autorecon import main
ModuleNotFoundError: No module named 'autorecon'
I also tried to reinstall autorecon in which I ran pipx install git+https://github.com/Tib3rius/AutoRecon.git
which resulted in the following error:
Traceback (most recent call last):
File "/home/kali/.local/bin/pipx", line 8, in <module>
sys.exit(cli())
File "/home/kali/.local/lib/python3.9/site-packages/pipx/main.py", line 609, in cli
return run_pipx_command(parsed_pipx_args)
File "/home/kali/.local/lib/python3.9/site-packages/pipx/main.py", line 156, in run_pipx_command
return commands.install(
File "/home/kali/.local/lib/python3.9/site-packages/pipx/commands/install.py", line 27, in install
package_name = package_name_from_spec(
File "/home/kali/.local/lib/python3.9/site-packages/pipx/commands/common.py", line 257, in package_name_from_spec
package_name = venv.install_package_no_deps(
File "/home/kali/.local/lib/python3.9/site-packages/pipx/venv.py", line 233, in install_package_no_deps
old_package_set = self.list_installed_packages()
File "/home/kali/.local/lib/python3.9/site-packages/pipx/venv.py", line 333, in list_installed_packages
pip_list = json.loads(cmd_run.stdout.strip())
File "/usr/lib/python3.9/json/__init__.py", line 346, in loads
return _default_decoder.decode(s)
File "/usr/lib/python3.9/json/decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "/usr/lib/python3.9/json/decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
Let me know if you need more details
After discovering finger service, the nmap is not starting automatically
To solve it, replace 'nmap' by 'name' as following in config/service-scans.toml
[[finger.scan]]
name = 'nmap-finger'
command = 'nmap {nmap_extra} -sV -p {port} --script="banner,finger" -oN "{scandir}/{protocol}_{port}finger_nmap.txt" -oX "{scandir}/xml/{protocol}{port}_finger_nmap.xml" {address}'
Hello Sir, AutoRecon doesn't play the David Hasselhoff song as shown in this demo video:
Is my AutoRecon broken?
(This issue was opened as a joke and not serious)
[*] Scanning target 127.0.0.1
concurrent.futures.process._RemoteTraceback:
"""
Traceback (most recent call last):
File "/usr/local/opt/[email protected]/Frameworks/Python.framework/Versions/3.8/lib/python3.8/concurrent/futures/process.py", line 239, in _process_worker
r = call_item.fn(*call_item.args, **call_item.kwargs)
File "/Users/sysko/PycharmProjects/osint/AutoRecon/src/autorecon/autorecon.py", line 679, in scan_host
loop.run_until_complete(scan_services(loop, semaphore, target))
File "/usr/local/opt/[email protected]/Frameworks/Python.framework/Versions/3.8/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete
return future.result()
File "/Users/sysko/PycharmProjects/osint/AutoRecon/src/autorecon/autorecon.py", line 485, in scan_services
for profile in port_scan_profiles_config:
TypeError: 'NoneType' object is not iterable
"""
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "src/autorecon/autorecon.py", line 880, in <module>
main()
File "src/autorecon/autorecon.py", line 868, in main
future.result()
File "/usr/local/opt/[email protected]/Frameworks/Python.framework/Versions/3.8/lib/python3.8/concurrent/futures/_base.py", line 432, in result
return self.__get_result()
File "/usr/local/opt/[email protected]/Frameworks/Python.framework/Versions/3.8/lib/python3.8/concurrent/futures/_base.py", line 388, in __get_result
raise self._exception
TypeError: 'NoneType' object is not iterable
It would be a quick visual to see that a box is completed if the color was different for that line.
Press S or some other key to obtain a status update for the tasks that are still running and how long they have been running.
[*] [15:19:57] - There are 3 tasks still running on XXXX
So a user presses S
udp scan still running for X minutes
nitko still running for X minutes.
This isn't an "issue" so much as an annoyance. The notes.txt file (/results//report/notes.txt) is quadruple-spaced. For example:
1 [*] netbios-ns found on udp/137.
2
3
4
5 [*] upnp found on udp/1900.
6
7
8
9 [*] msrpc found on tcp/135.
10
11
12
13 [*] netbios-ssn found on tcp/139.
In the _error file, it shows the scan should look like this:
nmap -vv --reason -Pn -sV -p 445 --script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" --script-args="unsafe=1" -oN "/media/sf_Writable/VHL/lucky_10.12.1.2/results/scans/tcp_445_smb_nmap.txt" -oX "/media/sf_Writable/VHL/lucky_10.12.1.2/results/scans/xml/tcp_445_smb_nmap.xml" 10.12.1.2
But in actuality, the scan is requested like this:
nmap -vv --reason -Pn -sV -p 445 "--script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" --script-args=unsafe=1 -oN /media/sf_Writable/VHL/lucky_10.12.1.2/results/scans/tcp_445_smb_nmap.txt -oX /media/sf_Writable/VHL/lucky_10.12.1.2/results/scans/xml/tcp_445_smb_nmap.xml 10.12.1.2
Moving the quote (") for the script parameter fixes this issue. Instead of
"--script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)"
It should be:
--script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)"
Hi,
It would be really good to be able to output the report into CherryTree note taking application.
A few people have tried to do similar work:
There are a couple of templates for CherryTree floating around, such as https://guide.offsecnewbie.com/cherrytree-oscp-template
Thanks
Running a scan results in smbmap scans throwing an exception
Example:
$ autorecon --single-target 10.11.1.5
$ cat smbmap-execute-command.txt
File "./smbmap.py", line 80
except Exception, e:
^
Can you add an auto updater in this?
Possible Enhancement:
When running autorecon against 44 hosts concurrently today (for fun)....5 hours later I was thinking that it might be nice if there was some kind of flag that would indicate which hosts are finished. Perhaps the folders can be named IPAddress_InProgress then at completion renamed to IPAddress_Completed
AutoRecon version: a2a4667
$ autorecon -t $(pwd)/domains.txt
[!] _sip._tcp.conf.redacted.com does not appear to be a valid IP address, IP range, or resolvable hostname.
[!] _sips._tcp.conf.redacted.com does not appear to be a valid IP address, IP range, or resolvable hostname.
[!] _autodiscover._tcp.redacted.com does not appear to be a valid IP address, IP range, or resolvable hostname.
[!] A total of 734 targets would be scanned. If this is correct, re-run with the --disable-sanity-checks option to suppress this check.
Domains containing an underscore _
are detected as invalid.
Running onesixtyone with the provided community string file will not work:
onesixtyone -c /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt -dd <TARGET_IP>
Debug level 2
Target ip read from command line: <TARGET_IP>
Using community file /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt
Community string too long
After some testing, I seem to have found that 33 strings is too many, but 32 is fine...
cat /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt | head -n 32 > file.txt
onesixtyone -c file.txt -dd <TARGET_IP>
Debug level 2
Target ip read from command line: <TARGET_IP>
Using community file file.txt
32 communities: public private 0 0392a0 1234 2read 4changes ANYCOM Admin C0de CISCO CR52401 IBM ILMI Intermec NoGaH$@! OrigEquipMfr PRIVATE PUBLIC Private Public SECRET SECURITY SNMP SNMP_trap SUN SWITCH SYSTEM Secr
et Security Switch System
Waiting for 10 milliseconds between packets
Scanning 1 hosts, 32 communities
cat /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt | head -n 33 > file.txt
onesixtyone -c file.txt -dd <TARGET_IP>
Debug level 2
Target ip read from command line: <TARGET_IP>
Using community file file.txt
Community string too long
Issues adding a custom service. I see in the newer release dirb is now a service that is ran during enumeration. However while trying to add gobuster as a service I get errors on load. I am using the following syntax
[[http.scan]]
name = 'gobuster'
command = ['gobuster dir -u {scheme}://{address}:{port}/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e -k -l -s "200,204,301,302,307,403,500"-z -o "{scandir}/{protocol}_{port}_{scheme}_gobuster_dirbuster.txt"'
I'm getting this error when trying to execute the command:
Traceback (most recent call last):
File "/usr/lib/python3.8/concurrent/futures/process.py", line 239, in _process_worker
r = call_item.fn(*call_item.args, **call_item.kwargs)
File "autorecon.py", line 644, in scan_host
os.makedirs(basedir, exist_ok=True)
File "/usr/lib/python3.8/os.py", line 213, in makedirs
makedirs(head, exist_ok=exist_ok)
File "/usr/lib/python3.8/os.py", line 223, in makedirs
mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/opt/AutoRecon/src/autorecon/results'
"""
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "autorecon.py", line 880, in
main()
File "autorecon.py", line 868, in main
future.result()
File "/usr/lib/python3.8/concurrent/futures/_base.py", line 432, in result
return self.__get_result()
File "/usr/lib/python3.8/concurrent/futures/_base.py", line 388, in __get_result
raise self._exception
PermissionError: [Errno 13] Permission denied: '/opt/AutoRecon/src/autorecon/results'
nmap supports ipv6 with a -6 flag. I know other tools may or may not support those addresses.
in the following example, i've assigned the ipv6 address to a hostname in /etc/hosts...
$ sudo autorecon -o ipv6 --single-target ipv6target.local --nmap-append "-6"
[sudo] password for user:
[!] ipv6target.local does not appear to be a valid IP address, IP range, or resolvable hostname.
[!] You must specify at least one target to scan!
[!] You cannot provide more than one target when scanning in single-target mode.
--disable-sanity-checks doesn't make a difference
There's no easy way to do feature voting on GitHub (to my knowledge), so this will be a comment poll. One vote per person.
Since gobuster v3 is not backwards compatible with gobuster v2, and the OffSec Kali VM by default comes with gobuster v2, AutoRecon's default directory buster was changed to dirb to avoid instances where AutoRecon was trying to use the wrong gobuster syntax.
dirb is good, but it's not as good as gobuster. Hence, this poll which will ultimately decide whether AutoRecon should require people to install / upgrade gobuster v3.
Vote by stating either dirb or gobuster. If you want to leave a comment / argument, please make your vote clear (e.g. by using bold text).
Hi, how can I set timeout for this tool, my last scan was 7 hours 45 minutes
Hello, first of all thanks for the great tool !!
I have an issue (that I didn't have before an update) that restrain me from using a new profile. For instance, I add the following lines to the port-scan-profiles-default.toml file:
[quick_tcp_https]
[quick_tcp_https.nmap-quick]
[quick_tcp_https.nmap-quick.service-detection]
command = 'nmap {nmap_extra} -p 443 -sCTV --version-all -oN "{scandir}/_quick_tcp_https_nmap.txt" -oX "{scandir}/xml/_quick_tcp_https_nmap.xml" {address}'
pattern = '^(?P<port>\d+)\/(?P<protocol>(tcp|udp))(.*)open(\s*)(?P<service>[\w\-\/]+)(\s*)(.*)$'
Then when I launch it I have the following error:
(AutoRecon-bH7IoBVb) - ~/AutoRecon/src/autorecon # python autorecon.py --profile quick_tcp_https
[!] Argument --profile: must reference a port scan profile defined in {port_scan_profiles_config_file}. No such profile found: quick_tcp_https
Any idea on this? I was doing this before and it worked fine, now I can't figure out why it doesn't work when the name differs from the original profiles (quick, default, udp)
Cheers !
Hi Tib3rius,
First of all thank you so much for such an awesome tool. The problem here is in "service-scans-default.toml" in the configs, you have used "gobuster -h 2>&1 | grep -F "mode (dir)"
" , this will grep for string "mode (dir)" however in the later version of gobuster, their is no such text hence it does not get executed as expected.
update this to: `gobuster -h 2>&1 | grep -F "dir"
Hi,
I was attempting a machine in OSCP labs and I found a difference in the results given by Autorecon compared to when I ran the commands manually from the log. On the results given by Autorecon, an error:
"Something weird happened: ("Unpacked data doesn't match constant value 'b''' should be ''ÿSMB''", 'When unpacking field 'Signature | "ÿSMB | b''[:4]'') on line 881"
Which then autorecon begins dumping the shares recursively and show all the files in the share. However, when I attempt to replicate this action by executing the command manually based on the command given in the _commands.log, I cannot replicate the same results. I am not sure if this is an a error or some hidden command that Autorecon is running as well which I presume that is not the case?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.