Skip to content

Commit 45697f3

Browse files
codingocodingo
authored
Merge pull request #50 from evcsec/dnssweep-review
Dnssweep review
2 parents 313844f + 9a44c51 commit 45697f3

File tree

2 files changed

+20
-21
lines changed

2 files changed

+20
-21
lines changed

README.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,9 +19,8 @@ This tool can be used and copied for personal use freely however attribution and
1919
| -t TARGET_HOSTS | Set either a target range of addresses or a single host to target. May also be a file containing hosts. |
2020
| -o OUTPUT_DIRECTORY | Set the target directory where results should be written. |
2121
| -w WORDLIST | Optionally specify your own wordlist to use for pre-compiled commands, or executed attacks. |
22-
| --dns DNS_SERVER | Optionally specify a DNS server to use with a service scan. |
2322
| --pingsweep | Write a new target.txt file in the OUTPUT_DIRECTORY by performing a ping sweep and discovering live hosts. |
24-
| --dnssweep | Find DNS servers from the list of target(s). |
23+
| --dns, --dnssweep | Find DNS servers from the list of target(s). |
2524
| --snmp | Find hosts responding to SNMP requests from the list of target(s). |
2625
| --services | Perform a service scan over the target(s) and write recommendations for further commands to execute. |
2726
| --hostnames | Attempt to discover target hostnames and write to hostnames.txt. |

reconnoitre/reconnoitre.py

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -48,25 +48,25 @@ def util_checks(util = None):
4848

4949
def main():
5050
parser = ArgumentParser()
51-
parser.add_argument("-t", dest="target_hosts", required=True, help="Set a target range of addresses to target. Ex 10.11.1.1-255" )
52-
parser.add_argument("-o", dest="output_directory", required=True, help="Set the output directory. Ex /root/Documents/labs/")
53-
parser.add_argument("-w", dest="wordlist", required=False, help="Set the wordlist to use for generated commands. Ex /usr/share/wordlist.txt", default=False)
54-
parser.add_argument("-p", dest="port", required=False, help="Set the port to use. Leave blank to use discovered ports. Useful to force virtual host scanning on non-standard webserver ports.", default=80)
55-
parser.add_argument("--pingsweep", dest="ping_sweep", action="store_true", help="Write a new target.txt by performing a ping sweep and discovering live hosts.", default=False)
56-
parser.add_argument("--dns", dest="find_dns_servers", action="store_true", help="Find DNS servers from a list of targets.", default=False)
57-
parser.add_argument("--services", dest="perform_service_scan", action="store_true", help="Perform service scan over targets.", default=False)
58-
parser.add_argument("--hostnames", dest="hostname_scan", action="store_true", help="Attempt to discover target hostnames and write to 0-name.txt and hostnames.txt.", default=False)
59-
parser.add_argument("--snmp", dest="perform_snmp_walk", action="store_true", help="Perform service scan over targets.", default=False)
60-
parser.add_argument("--quick", dest="quick", action="store_true", required=False, help="Move to the next target after performing a quick scan and writing first-round recommendations.", default=False)
61-
62-
parser.add_argument("--virtualhosts", dest="virtualhosts", action="store_true", required=False, help="Attempt to discover virtual hosts using the specified wordlist.", default=False)
63-
parser.add_argument('--ignore-http-codes', dest='ignore_http_codes', type=str, help='Comma separated list of http codes to ignore with virtual host scans.', default='404')
64-
parser.add_argument('--ignore-content-length', dest='ignore_content_length', type=int, help='Ignore content lengths of specificed amount. This may become useful when a server returns a static page on every virtual host guess.', default=0)
65-
66-
parser.add_argument("--quiet", dest="quiet", action="store_true", help="Supress banner and headers to limit to comma dilimeted results only.", default=False)
67-
parser.add_argument("--exec", dest="follow", action="store_true", help="Execute shell comamnds from recommendations as they are discovered. Likely to lead to very long execute times depending on the wordlist being used.", default=False)
68-
parser.add_argument("--simple_exec", dest="quickfollow", action="store_true", help="Execute non-brute forcing shell comamnds only as they are discovered.", default=False)
69-
parser.add_argument("--no-udp", dest="no_udp_service_scan", action="store_true", help="Disable UDP services scan over targets.", default=False)
51+
parser.add_argument("-t", dest="target_hosts", required=True, help="Set a target range of addresses to target. Ex 10.11.1.1-255" )
52+
parser.add_argument("-o", dest="output_directory", required=True, help="Set the output directory. Ex /root/Documents/labs/")
53+
parser.add_argument("-w", dest="wordlist", required=False, help="Set the wordlist to use for generated commands. Ex /usr/share/wordlist.txt", default=False)
54+
parser.add_argument("-p", dest="port", required=False, help="Set the port to use. Leave blank to use discovered ports. Useful to force virtual host scanning on non-standard webserver ports.", default=80)
55+
parser.add_argument("--pingsweep", dest="ping_sweep", action="store_true", help="Write a new target.txt by performing a ping sweep and discovering live hosts.", default=False)
56+
parser.add_argument("--dns","--dnssweep", dest="find_dns_servers", action="store_true", help="Find DNS servers from a list of targets.", default=False)
57+
parser.add_argument("--services", dest="perform_service_scan", action="store_true", help="Perform service scan over targets.", default=False)
58+
parser.add_argument("--hostnames", dest="hostname_scan", action="store_true", help="Attempt to discover target hostnames and write to 0-name.txt and hostnames.txt.", default=False)
59+
parser.add_argument("--snmp", dest="perform_snmp_walk", action="store_true", help="Perform service scan over targets.", default=False)
60+
parser.add_argument("--quick", dest="quick", action="store_true", required=False, help="Move to the next target after performing a quick scan and writing first-round recommendations.", default=False)
61+
62+
parser.add_argument("--virtualhosts", dest="virtualhosts", action="store_true", required=False, help="Attempt to discover virtual hosts using the specified wordlist.", default=False)
63+
parser.add_argument('--ignore-http-codes', dest='ignore_http_codes', type=str, help='Comma separated list of http codes to ignore with virtual host scans.', default='404')
64+
parser.add_argument('--ignore-content-length', dest='ignore_content_length', type=int, help='Ignore content lengths of specificed amount. This may become useful when a server returns a static page on every virtual host guess.', default=0)
65+
66+
parser.add_argument("--quiet", dest="quiet", action="store_true", help="Supress banner and headers to limit to comma dilimeted results only.", default=False)
67+
parser.add_argument("--exec", dest="follow", action="store_true", help="Execute shell comamnds from recommendations as they are discovered. Likely to lead to very long execute times depending on the wordlist being used.", default=False)
68+
parser.add_argument("--simple_exec", dest="quickfollow", action="store_true", help="Execute non-brute forcing shell comamnds only as they are discovered.", default=False)
69+
parser.add_argument("--no-udp", dest="no_udp_service_scan", action="store_true", help="Disable UDP services scan over targets.", default=False)
7070
arguments = parser.parse_args()
7171

7272
if len(sys.argv) == 1:

0 commit comments

Comments
 (0)