added multiple recon/*-*/vk modules

[s0i37]

Before submitting a pull request, make sure to complete the following:

• Ensure there are no similar pull requests.
• Read the Development Guide.

What kind of PR is this?
Please add an 'x' in the appropriate box, and apply a label to the PR matching the type here.

• Bug Fix
• [x ] New Module
• Documentation Update

Checklist For Approval

• Updated the meta dictionary for the module.
  • If bug fix, updated the version.
• Indexed the module
• Added the index to the modules.yml file
• Made the most out of the available mixins.
• Ensured the code is PEP8 compliant with pycodestyle or black.

[s0i37]

This is implementation of reconnaissance for vkontakte.com social network. This network very popular in soviet countries with 90 millions live users (~460 millions registered). In same time vk has rich api which provides to grab a lot of information.

[lanmaster53]

Very interesting. Do you have some sample data that we could test with? @MrJester you mind giving it a test drive?

[s0i37]

You need to create account in vk.com and try to find something.
Actually it is very important to use right group name of company.

db insert company softline
module load recon/companies-contacts/vk
module load recon/profiles-locations/vk
db insert location 55,37
module load recon/locations-pushpins/vk

[MrJester]

You need to create account in vk.com and try to find something.
Actually it is very important to use right group name of company.

db insert company softline
module load recon/companies-contacts/vk
module load recon/profiles-locations/vk
db insert location 55,37
module load recon/locations-pushpins/vk

So should I not just make an APP API Key or is there a secondary key I should be creating? I didn't see anywhere to make another key. Link?

[s0i37]

You need to create an application in https://vk.com/apps?act=manage
And then you will get API key.

[MrJester]

You need to create an application in https://vk.com/apps?act=manage
And then you will get API key.

So I created an app and I used the Secure Key=vkontakte_api and Service Token=vkontakte_secret within Recon-NG. Still getting the error telling me:

"{"error":"invalid_client","error_description":"client_id is incorrect"}"

[s0i37]

Have you chosen "standalone-application" platform?

[MrJester]

I did. I setup standalone application and I enabled it. I have also tried swapping what I set each key to and I do get different error messages. If I swap them I get the error message

{"error":"invalid_request","error_description":"OAuth authorization cannot be used from native VK applications"}

So I think I have them set to the right values. May want to change the naming on the keys to match what VK is asking so we don't confuse users. Still not able to get data out at the moment though. I might be able to spend some time reading over the API documentation later today see if I can figure out the error code.

[s0i37]

Yes. I will change name of keys.
App ID = vkontakte_api
Secure key = vkontakte_secret

[s0i37]

Wait a moment, how can I change name of keys if recon.mixins.oauth.ExplicitOauthMixin.get_explicit_oauth_token() has hardcoded concatenating:

client_id = self.get_key(resource+'_api')
client_secret = self.get_key(resource+'_secret')

[lanmaster53]

resource

Why do you need to? It's done this way so that the framework can reliably create and use these tokens without explicit involvement by the developer.

[MrJester]

resource

Why do you need to? It's done this way so that the framework can reliably create and use these tokens without explicit involvement by the developer.

That was a suggestion by me since the App doesn't call them api and secret it can be confusing to users which key goes where. Did notice they were hardcoded into the framework like that.