async def run(self, service):
if service.protocol == 'tcp':
_, stdout, _ = await service.execute(
'curl -sSikf {http_scheme}://{addressv6}:{port}/robots.txt',
future_outfile='{protocol}_{port}_{http_scheme}_curl-robots.txt'
)
lines = await stdout.readlines()
if lines:
filename = fformat(
'{scandir}/{protocol}_{port}_{http_scheme}_curl-robots.txt'
)
with open(filename, mode='wt', encoding='utf8') as robots:
robots.write('\n'.join(lines))
else:
info(
'{bblue}[' + fformat('{tag}') +
']{rst} There did not appear to be a robots.txt file in the webroot (/).'
)
async def run(self, target):
if config['proxychains']:
traceroute_os = ''
else:
traceroute_os = ' -A --osscan-guess'
if target.ports:
if target.ports['tcp']:
process, stdout, stderr = await target.execute(
'nmap {nmap_extra} -sV -sC --version-all' + traceroute_os +
' -p ' + target.ports['tcp'] +
' -oN "{scandir}/_full_tcp_nmap.txt" -oX "{scandir}/xml/_full_tcp_nmap.xml" {address}',
blocking=False)
else:
return []
else:
process, stdout, stderr = await target.execute(
'nmap {nmap_extra} -sV -sC --version-all' + traceroute_os +
' -p- -oN "{scandir}/_full_tcp_nmap.txt" -oX "{scandir}/xml/_full_tcp_nmap.xml" {address}',
blocking=False)
services = []
while True:
line = await stdout.readline()
if line is not None:
match = re.search('^Discovered open port ([0-9]+)/tcp', line)
if match:
info('Discovered open port {bmagenta}tcp/' +
match.group(1) + '{rst} on {byellow}' +
target.address + '{rst}',
verbosity=1)
service = target.extract_service(line)
if service:
services.append(service)
else:
break
await process.wait()
return services
async def run(self, target):
# Only run UDP scan if user is root.
if os.getuid() == 0:
if target.ports:
if target.ports['udp']:
process, stdout, stderr = await target.execute(
'nmap {nmap_extra} -sU -A --osscan-guess -p ' +
target.ports['udp'] +
' -oN "{scandir}/_custom_ports_udp_nmap.txt" -oX "{scandir}/xml/_custom_ports_udp_nmap.xml" {address}',
blocking=False)
else:
return []
else:
process, stdout, stderr = await target.execute(
'nmap {nmap_extra} -sU -A --top-ports 100 -oN "{scandir}/_top_100_udp_nmap.txt" -oX "{scandir}/xml/_top_100_udp_nmap.xml" {address}',
blocking=False)
services = []
while True:
line = await stdout.readline()
if line is not None:
match = re.search('^Discovered open port ([0-9]+)/udp',
line)
if match:
info('Discovered open port {bmagenta}udp/' +
match.group(1) + '{rst} on {byellow}' +
target.address + '{rst}',
verbosity=1)
service = target.extract_service(line)
if service:
services.append(service)
else:
break
await process.wait()
return services
else:
error('UDP scan requires AutoRecon be run with root privileges.')
async def execute(self,
cmd,
blocking=True,
outfile=None,
errfile=None,
future_outfile=None):
target = self
# Create variables for command references.
address = target.address
addressv6 = target.address
ipaddress = target.ip
ipaddressv6 = target.ip
scandir = target.scandir
nmap_extra = target.autorecon.args.nmap
if target.autorecon.args.nmap_append:
nmap_extra += ' ' + target.autorecon.args.nmap_append
if target.ipversion == 'IPv6':
nmap_extra += ' -6'
if addressv6 == target.ip:
addressv6 = '[' + addressv6 + ']'
ipaddressv6 = '[' + ipaddressv6 + ']'
plugin = inspect.currentframe().f_back.f_locals['self']
if config['proxychains']:
nmap_extra += ' -sT'
cmd = e(cmd)
tag = plugin.slug
info('Port scan {bblue}' + plugin.name + ' {green}(' + tag +
'){rst} is running the following command against {byellow}' +
address + '{rst}: ' + cmd,
verbosity=2)
if outfile is not None:
outfile = os.path.join(target.scandir, e(outfile))
if errfile is not None:
errfile = os.path.join(target.scandir, e(errfile))
if future_outfile is not None:
future_outfile = os.path.join(target.scandir, e(future_outfile))
target.scans['ports'][tag]['commands'].append(
[cmd, outfile if outfile is not None else future_outfile, errfile])
async with target.lock:
with open(os.path.join(target.scandir, '_commands.log'),
'a') as file:
file.writelines(cmd + '\n\n')
process, stdout, stderr = await target.autorecon.execute(
cmd,
target,
tag,
patterns=plugin.patterns,
outfile=outfile,
errfile=errfile)
target.running_tasks[tag]['processes'].append({
'process': process,
'stderr': stderr,
'cmd': cmd
})
# If process should block, sleep until stdout and stderr have finished.
if blocking:
while (not (stdout.ended and stderr.ended)):
await asyncio.sleep(0.1)
await process.wait()
return process, stdout, stderr
def info(self, msg, verbosity=0):
plugin = inspect.currentframe().f_back.f_locals['self']
info('{bright}[{yellow}' + self.address + '{crst}/{bgreen}' +
plugin.slug + '{crst}]{rst} ' + msg)
async def execute(self,
cmd,
blocking=True,
outfile=None,
errfile=None,
future_outfile=None):
target = self.target
# Create variables for command references.
address = target.address
addressv6 = target.address
ipaddress = target.ip
ipaddressv6 = target.ip
scandir = target.scandir
protocol = self.protocol
port = self.port
name = self.name
if not config['no_port_dirs']:
scandir = os.path.join(scandir, protocol + str(port))
os.makedirs(scandir, exist_ok=True)
os.makedirs(os.path.join(scandir, 'xml'), exist_ok=True)
# Special cases for HTTP.
http_scheme = 'https' if 'https' in self.name or self.secure is True else 'http'
nmap_extra = target.autorecon.args.nmap
if target.autorecon.args.nmap_append:
nmap_extra += ' ' + target.autorecon.args.nmap_append
if protocol == 'udp':
nmap_extra += ' -sU'
if target.ipversion == 'IPv6':
nmap_extra += ' -6'
if addressv6 == target.ip:
addressv6 = '[' + addressv6 + ']'
ipaddressv6 = '[' + ipaddressv6 + ']'
if config['proxychains'] and protocol == 'tcp':
nmap_extra += ' -sT'
plugin = inspect.currentframe().f_back.f_locals['self']
cmd = e(cmd)
tag = self.tag() + '/' + plugin.slug
plugin_tag = tag
if plugin.run_once_boolean:
plugin_tag = plugin.slug
info('Service scan {bblue}' + plugin.name + ' {green}(' + tag +
'){rst} is running the following command against {byellow}' +
address + '{rst}: ' + cmd,
verbosity=2)
if outfile is not None:
outfile = os.path.join(scandir, e(outfile))
if errfile is not None:
errfile = os.path.join(scandir, e(errfile))
if future_outfile is not None:
future_outfile = os.path.join(scandir, e(future_outfile))
target.scans['services'][self][plugin_tag]['commands'].append(
[cmd, outfile if outfile is not None else future_outfile, errfile])
async with target.lock:
with open(os.path.join(target.scandir, '_commands.log'),
'a') as file:
file.writelines(cmd + '\n\n')
process, stdout, stderr = await target.autorecon.execute(
cmd,
target,
tag,
patterns=plugin.patterns,
outfile=outfile,
errfile=errfile)
target.running_tasks[tag]['processes'].append({
'process': process,
'stderr': stderr,
'cmd': cmd
})
# If process should block, sleep until stdout and stderr have finished.
if blocking:
while (not (stdout.ended and stderr.ended)):
await asyncio.sleep(0.1)
await process.wait()
return process, stdout, stderr
def info(self, msg, verbosity=0):
info('{bright}[{bgreen}' + self.slug + '{crst}]{rst} ' + msg)
