示例#1
0
        public static string GetInfo(string target, int port)
        {
            string toReturn = "";

            toReturn += GetOSDetails(target);
            if (SMB_MS17_010.IsVulnerable(target))
            {
                toReturn += "----> VULNERABLE TO ETERNAL BLUE (MS10-017) <-----" + Environment.NewLine;
                toReturn += "-----> Metasploit: use windows/smb/ms17_010_psexec" + Environment.NewLine;
            }
            if (General.GetOS() == General.OS.Linux)
            {
                toReturn += SMB.TestAnonymousAccess_Linux(target);
            }
            else
            {
                toReturn += "- Reecon currently lacks advanced SMB Support on Windows (Ironic, I know)";
            }
            return(toReturn.Trim(Environment.NewLine.ToCharArray()));
        }
示例#2
0
        static void Main(string[] args)
        {
            DateTime startDate = DateTime.Now;

            Console.ForegroundColor = ConsoleColor.Yellow;
            Console.WriteLine("Reecon - Version 0.25c ( https://github.com/Reelix/Reecon )");
            Console.ForegroundColor = ConsoleColor.White;
            if (args.Length == 0)
            {
                Console.WriteLine("Usage");
                Console.WriteLine("-----");
                Console.WriteLine("Basic Scan:\tReecon IPHere (Optional: -noping to skip the online check)");
                Console.WriteLine("Display IP:\tReecon -ip");
                Console.WriteLine("NMap-Load Scan:\tReecon outfile.nmap (Requires -oG on a regular nmap scan)");
                Console.WriteLine("Binary Pwn:\tReecon -pwn FileName (Very buggy)");
                Console.WriteLine("Searchsploit:\tReecon -searchsploit nameHere (Beta)");
                Console.WriteLine("Shell Gen:\tReecon -shell");
                Console.WriteLine("SMB Brute:\tReecon -smb-brute (Linux Only)");
                Console.WriteLine("WinRM Brute:\tReecon -winrm-brute IP UserList PassList");
                Console.WriteLine("LFI Test:\tReecon -lfi (Very buggy)");
                Console.WriteLine("Web Info:\tReecon -web url (Very buggy)");
                Console.ResetColor();
                return;
            }

            // Check if it's anything custom
            if (args.Contains("-ip") || args.Contains("--ip"))
            {
                General.GetIP();
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-lfi") || args.Contains("--lfi"))
            {
                LFI.Scan(args);
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-pwn") || args.Contains("--pwn"))
            {
                Pwn.Scan(args);
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-searchsploit") || args.Contains("--searchsploit"))
            {
                Searchsploit.Search(args);
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-shell") || args.Contains("--shell"))
            {
                Shell.GetInfo(args);
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-smb-brute"))
            {
                SMB.SMBBrute(args);
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-winrm-brute"))
            {
                WinRM.WinRMBrute(args);
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-web") || args.Contains("--web"))
            {
                Web.GetInfo(args);
                Console.ResetColor();
                return;
            }
            else if (args.Contains("-osint") || args.Contains("--osint"))
            {
                OSINT.GetInfo(args);
                Console.ResetColor();
                return;
            }

            // Check if you should check if the target is up
            bool mustPing = true;

            if (args.Contains("-noping") || args.Contains("--noping"))
            {
                mustPing = false;
                args     = args.Where(x => !x.Contains("noping")).ToArray();
            }
            // A common typo
            if (args.Contains("-nopign"))
            {
                Console.WriteLine("You typo'd noping");
                Console.ResetColor();
                return;
            }

            // Everything below here has a maximum of 2 args
            if (args.Length > 2)
            {
                Console.WriteLine("You probably typo'd something");
                Console.ResetColor();
                return;
            }

            // Target
            if (args[0].EndsWith(".nmap"))
            {
                string fileName = args[0];
                var(Target, Ports) = Nmap.ParseFile(fileName, false);
                target             = Target;
                if (!Ports.Any())
                {
                    Console.WriteLine("Error: Empty file - Bug Reelix!");
                }
                else
                {
                    portList.AddRange(Ports);
                }
            }
            else
            {
                target = args[0];
            }

            if (target.StartsWith("http"))
            {
                Console.WriteLine("Cannot do a standard scan on a URL - Try a -web scan");
                Console.ResetColor();
                return;
            }

            // Custom ports
            if (args.Length == 2)
            {
                string portArg = args[1];
                try
                {
                    portList.AddRange(portArg.Split(',').ToList().Select(x => int.Parse(x)));
                }
                catch
                {
                    // Not a list of ports - Probably a name
                }
            }

            // First check if it's actually up
            if (mustPing)
            {
                Console.WriteLine("Checking if target is online...");
                bool?isHostOnline = General.IsUp(target);
                General.ClearPreviousConsoleLine();

                if (isHostOnline == null)
                {
                    Console.WriteLine("Invalid target: " + target);
                    return;
                }
                if (!isHostOnline.Value)
                {
                    Console.WriteLine("Host is not responding to pings :(");
                    Console.WriteLine("If you are sure it's up and are specifying ports, you can use -noping");
                    return;
                }
            }

            if (portList.Count == 0)
            {
                // Scan the target
                string fileName = Nmap.DefaultScan(args, mustPing);
                fileName += ".nmap";

                // Parse the ports
                var(Target, Ports) = Nmap.ParseFile(fileName, false);
                target             = Target;
                portList.AddRange(Ports);
            }

            // Everything parsed - Down to the scanning!
            PortInfo.LoadPortInfo();

            // Ports have been defined (Either nmap or custom)
            if (portList.Count != 0)
            {
                Console.Write("Scanning: " + target);
                Console.Write(" (Port");
                if (portList.Count > 1)
                {
                    Console.Write("s");
                }
                Console.WriteLine(": " + string.Join(",", portList) + ")");
                ScanPorts(portList);
            }
            else
            {
                // All parsing and scans done - But still no ports
                Console.WriteLine("No open ports found to scan :<");
                return;
            }

            // Everything done - Now for some helpful info!
            Console.WriteLine("Finished - Some things you probably want to do: ");
            if (portList.Count == 0)
            {
                // Something broke, or there are only UDP Ports :|
                Console.WriteLine("- nmap -sC -sV -p- " + target + " -oN nmap.txt");
                Console.WriteLine("- nmap -sU " + target + " -oN nmap-UDP.txt");
            }
            else
            {
                postScanList.Add($"- Nmap Script+Version Scan: nmap -sC -sV -p{string.Join(",", portList)} {target} -oN nmap.txt" + Environment.NewLine);
                postScanList.Add($"- Nmap UDP Scan: sudo nmap -sU {target}" + Environment.NewLine);
                foreach (string item in postScanList)
                {
                    // They already have newlines in them
                    Console.Write(item);
                }
            }
            DateTime endDate = DateTime.Now;
            TimeSpan t       = endDate - startDate;

            Console.WriteLine("Done in " + string.Format("{0:0.00}s", t.TotalSeconds) + " - Have fun :)");
            Console.ResetColor();
        }