Add nmap options to config.json. Add Dockerfile. Add requirements.txt…

… for later
Ko-kn3t · Oct 2, 2019 · a8bf2f2 · a8bf2f2
1 parent 8f1c4ef
commit a8bf2f2
Show file tree

Hide file tree

Showing 5 changed files with 71 additions and 31 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,15 @@
+FROM python:3.7
+
+
+RUN apt update && \
+	apt install git nmap 
+
+
+RUN https://github.com/CrimsonK1ng/Reconnoitre.git recon
+
+WORKDIR /recon
+
+RUN pip install requirements && python setup.py install
+
+
+
diff --git a/Reconnoitre/lib/config.json b/Reconnoitre/lib/config.json
@@ -1,4 +1,10 @@
 {  
+   "nmap": {
+        "tcpscan": "-vv -Pn --disable-arp-ping -sS -A -sC -p- -T 3 -script-args=unsafe=1",
+        "quickscan":"-sC -sV -Pn --disable-arp-ping",
+        "dnsudpscan" : "-vv -Pn --disable-arp-ping -A -sC -sU -T 4 --top-ports 200 --max-retries 0",
+        "udpscan": "-sC -sV -sU -Pn --disable-arp-ping"
+   },
    "services":{  
       "http/s":{  
          "description":"Found HTTP/S service on $ip:$port",

diff --git a/Reconnoitre/lib/file_helper.py b/Reconnoitre/lib/file_helper.py
@@ -142,3 +142,31 @@ def write_recommendations(results, ip_address, outputdir):
         "\n\n[*] Always remember to manually go over the"
         " portscan report and carefully read between the lines ;)")
     f.close()
+
+def get_config_options(key, option):
+    __location__ = os.path.realpath(
+        os.path.join(
+            os.getcwd(),
+            os.path.dirname(__file__)))
+    with open(os.path.join(__location__, "config.json"), "r") as config:
+        c = config.read()
+        j = json.loads(
+            c.replace(
+                "$ip",
+                "%(ip)s").replace(
+                "$port",
+                "%(port)s").replace(
+                "$outputdir",
+                "%(outputdir)s"))
+
+        res = j.get(key, None)
+
+        if res is None:
+            raise KeyError
+
+        res2 = res.get(option, None)
+
+        if res2 is None:
+            raise KeyError
+
+        return res2
diff --git a/Reconnoitre/lib/service_scan.py b/Reconnoitre/lib/service_scan.py
@@ -3,6 +3,7 @@
 
 from Reconnoitre.lib.file_helper import check_directory
 from Reconnoitre.lib.file_helper import create_dir_structure
+from Reconnoitre.lib.file_helper import get_config_options 
 from Reconnoitre.lib.file_helper import load_targets
 from Reconnoitre.lib.file_helper import write_recommendations
 from Reconnoitre.lib.subprocess_helper import run_scan
@@ -17,8 +18,8 @@ def nmap_scan(
     ip_address = ip_address.strip()
 
     print("[+] Starting quick nmap scan for %s" % (ip_address))
-    QUICKSCAN = "nmap -sC -sV -Pn --disable-arp-ping %s -oA '%s/%s.quick'" % (
-        ip_address, output_directory, ip_address)
+    flags = get_config_options('nmap', 'quickscan')
+    QUICKSCAN = f"nmap {flags} {ip_address} -oA '{output_directory}/{ip_address}.quick'"
     quickresults = run_scan(QUICKSCAN)
 
     write_recommendations(quickresults, ip_address, output_directory)
@@ -35,38 +36,26 @@ def nmap_scan(
              ip_address,
              dns_server))
         print("[+] Using DNS server %s" % (dns_server))
-        TCPSCAN = "nmap -vv -Pn --disable-arp-ping -sS -A -sC -p- -T 3 -script-args=unsafe=1 \
-        --dns-servers %s -oN '%s/%s.nmap' -oX \
-        '%s/%s_nmap_scan_import.xml' %s" % (
-            dns_server,
-            output_directory,
-            ip_address,
-            output_directory,
-            ip_address,
-            ip_address)
-        UDPSCAN = "nmap -vv -Pn --disable-arp-ping -A -sC -sU -T 4 --top-ports 200 \
-        --max-retries 0 --dns-servers %s -oN '%s/%sU.nmap' \
-        -oX '%s/%sU_nmap_scan_import.xml' %s" % (
-            dns_server,
-            output_directory,
-            ip_address,
-            output_directory,
-            ip_address,
-            ip_address)
+        flags = get_config_options("nmap", "tcpscan")
+        TCPSCAN = f"nmap {flags} --dns-servers {dns_server} -oN\
+        '{output_directory}/{ip_address}.nmap' -oX\
+        '{output_directory}/{ip_address}_nmap_scan_import.xml' {ip_address}"
+
+        flags = get_config_options("nmap", "dnsudpscan")
+        UDPSCAN = f"nmap {flags} \
+        --dns-servers {dns_server} -oN '{output_directory}/{ip_address}U.nmap' \
+        -oX '{output_directory}/{ip_address}U_nmap_scan_import.xml' {ip_address}"
+
     else:
         print("[+] Starting detailed TCP%s nmap scans for %s" % (
             ("" if no_udp_service_scan is True else "/UDP"), ip_address))
-        TCPSCAN = "nmap -vv -Pn --disable-arp-ping -sS -A -sC -p- -T 3 \
-        -script-args=unsafe=1 -n %s -oN '%s/%s.nmap' \
-        -oX '%s/%s_nmap_scan_import.xml' %s" % (
-            dns_server,
-            output_directory,
-            ip_address,
-            output_directory,
-            ip_address,
-            ip_address)
-        UDPSCAN = "nmap -sC -sV -sU -Pn --disable-arp-ping %s -oA '%s/%s-udp'" % (
-            ip_address, output_directory, ip_address)
+        flags = get_config_options("nmap", "tcpscan")
+        TCPSCAN = f"nmap {flags} --dns-servers {dns_server} -oN\
+        '{output_directory}/{ip_address}.nmap' -oX\
+        '{output_directory}/{ip_address}_nmap_scan_import.xml' {ip_address}"
+
+        flags = get_config_options("nmap", "udpscan")
+        UDPSCAN = f"nmap {flags} {ip_address} -oA '{output_directory}/{ip_address}-udp'"
 
     udpresult = "" if no_udp_service_scan is True else run_scan(UDPSCAN)
     tcpresults = run_scan(TCPSCAN)

diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,2 @@
+requests=='*'
+