Update config.json

br-sn · web-flow · commit 0c5490251dad · 2018-10-27T10:34:08.000+11:00
Added kerberos username enumeration

Fixed /seclists/Discover/Web_Content folder name
diff --git a/Reconnoitre/lib/config.json b/Reconnoitre/lib/config.json
@@ -31,8 +31,8 @@
           "commands": [
             "dirb http://$ip:$port/ -o $outputdir/$ip_$port_dirb.txt",
             "dirbuster -H -u http://$ip:$port/ -l /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-medium.txt -t 20 -s / -v -r $outputdir/$ip_$port_dirbuster_medium.txt",
-            "gobuster -w /usr/share/seclists/Discovery/Web-Content/common.txt -u http://$ip:$port/ -s '200,204,301,302,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_common.txt'",
-            "gobuster -w /usr/share/seclists/Discovery/Web-Content/CGIs.txt -u http://$ip:$port/ -s '200,204,301,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_cgis.txt'"
+            "gobuster -w /usr/share/seclists/Discovery/Web_Content/common.txt -u http://$ip:$port/ -s '200,204,301,302,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_common.txt'",
+            "gobuster -w /usr/share/seclists/Discovery/Web_Content/CGIs.txt -u http://$ip:$port/ -s '200,204,301,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_cgis.txt'"
           ]
         }
       ]
@@ -50,8 +50,8 @@
           "commands": [
             "dirb https://$ip:$port/ -o $outputdir/$ip_$port_dirb.txt",
             "dirbuster -H -u https://$ip:$port/ -l /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-medium.txt -t 20 -s / -v -r $outputdir/$ip_$port_dirbuster_medium.txt",
-            "gobuster -w /usr/share/seclists/Discovery/Web-Content/common.txt -u https://$ip:$port/ -s '200,204,301,302,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_common.txt'",
-            "gobuster -w /usr/share/seclists/Discovery/Web-Content/CGIs.txt -u https://$ip:$port/ -s '200,204,301,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_cgis.txt'"
+            "gobuster -w /usr/share/seclists/Discovery/Web_Content/common.txt -u https://$ip:$port/ -s '200,204,301,302,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_common.txt'",
+            "gobuster -w /usr/share/seclists/Discovery/Web_Content/CGIs.txt -u https://$ip:$port/ -s '200,204,301,307,403,500' -e | tee '$outputdir/$ip_$port_gobuster_cgis.txt'"
           ]
         }
       ]
@@ -329,9 +329,9 @@
       ],
       "output": [
         {
-          "description": "Find public exploits",
+          "description": "Enumeration",
           "commands": [
-            "searchsploit kerberos"
+            "nmap -p$port --script=krb5-enum-users --script-args krb5-enum-users.realm='CHANGEME.local',userdb=/usr/share/seclists/Usernames/Names/names.txt -oA '$outputdir/$ip_$port_kerberos' $ip"
           ]
         }
       ]
@@ -351,4 +351,4 @@
       ]
     }
   }
-}
+}

Original file line number	Diff line number	Diff line change
`@@ -31,8 +31,8 @@`
`31`	`31`	`"commands": [`
`32`	`32`	`"dirb http://$ip:$port/ -o $outputdir/$ip_$port_dirb.txt",`
`33`	`33`	`"dirbuster -H -u http://$ip:$port/ -l /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-medium.txt -t 20 -s / -v -r $outputdir/$ip_$port_dirbuster_medium.txt",`
`34`		`- "gobuster -w /usr/share/seclists/Discovery/Web-Content/common.txt -u http://$ip:$port/ -s '200,204,301,302,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_common.txt'",`
`35`		`- "gobuster -w /usr/share/seclists/Discovery/Web-Content/CGIs.txt -u http://$ip:$port/ -s '200,204,301,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_cgis.txt'"`
	`34`	`+ "gobuster -w /usr/share/seclists/Discovery/Web_Content/common.txt -u http://$ip:$port/ -s '200,204,301,302,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_common.txt'",`
	`35`	`+ "gobuster -w /usr/share/seclists/Discovery/Web_Content/CGIs.txt -u http://$ip:$port/ -s '200,204,301,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_cgis.txt'"`
`36`	`36`	`]`
`37`	`37`	`}`
`38`	`38`	`]`
`@@ -50,8 +50,8 @@`
`50`	`50`	`"commands": [`
`51`	`51`	`"dirb https://$ip:$port/ -o $outputdir/$ip_$port_dirb.txt",`
`52`	`52`	`"dirbuster -H -u https://$ip:$port/ -l /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-medium.txt -t 20 -s / -v -r $outputdir/$ip_$port_dirbuster_medium.txt",`
`53`		`- "gobuster -w /usr/share/seclists/Discovery/Web-Content/common.txt -u https://$ip:$port/ -s '200,204,301,302,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_common.txt'",`
`54`		`- "gobuster -w /usr/share/seclists/Discovery/Web-Content/CGIs.txt -u https://$ip:$port/ -s '200,204,301,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_cgis.txt'"`
	`53`	`+ "gobuster -w /usr/share/seclists/Discovery/Web_Content/common.txt -u https://$ip:$port/ -s '200,204,301,302,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_common.txt'",`
	`54`	`+ "gobuster -w /usr/share/seclists/Discovery/Web_Content/CGIs.txt -u https://$ip:$port/ -s '200,204,301,307,403,500' -e \| tee '$outputdir/$ip_$port_gobuster_cgis.txt'"`
`55`	`55`	`]`
`56`	`56`	`}`
`57`	`57`	`]`
`@@ -329,9 +329,9 @@`
`329`	`329`	`],`
`330`	`330`	`"output": [`
`331`	`331`	`{`
`332`		`- "description": "Find public exploits",`
	`332`	`+ "description": "Enumeration",`
`333`	`333`	`"commands": [`
`334`		`- "searchsploit kerberos"`
	`334`	`+ "nmap -p$port --script=krb5-enum-users --script-args krb5-enum-users.realm='CHANGEME.local',userdb=/usr/share/seclists/Usernames/Names/names.txt -oA '$outputdir/$ip_$port_kerberos' $ip"`
`335`	`335`	`]`
`336`	`336`	`}`
`337`	`337`	`]`
`@@ -351,4 +351,4 @@`
`351`	`351`	`]`
`352`	`352`	`}`
`353`	`353`	`}`
`354`		`-}`
	`354`	`+}`