└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # recon_db_scripts 2 | 3 | 4 | ### Install MariaDB 5 | 6 | ```bash 7 | apt -y install mariadb-client 8 | ``` 9 | 10 | ```bash 11 | apt -y install mariadb-server 12 | ``` 13 | 14 | ### Installing The Database 15 | 16 | ```bash 17 | mysql_secure_installation 18 | ``` 19 | 20 | ### Creating The Database 21 | 22 | ```sql 23 | mysql -u root -p 24 | ``` 25 | 26 | ```sql 27 | create database recon_test; 28 | ``` 29 | 30 | ```sql 31 | use recon_test; 32 | ``` 33 | 34 | ```sql 35 | create table if not exists subdomains(id INT AUTO_INCREMENT KEY, data VARCHAR(255) NOT NULL); 36 | ``` 37 | 38 | ```sql 39 | create table if not exists resolved(id INT AUTO_INCREMENT KEY, data VARCHAR(255) NOT NULL); 40 | ``` 41 | 42 | ### Setting Up the Scripts 43 | 44 | ```bash 45 | mkdir recontest 46 | ``` 47 | 48 | 49 | ***nano insert_subs.sh*** 50 | ```bash 51 | 52 | 53 | #!/bin/bash 54 | 55 | if [[ -z $1 ]]; then 56 | echo "Usage: ./insert_subs.sh newfile" 57 | exit 58 | fi 59 | cat $1 | grep -vE "access.telenet|github|myshopify|shopify|facebook|google|microsoft|aliyun|amazoncloud|stanford.edu|huaweicloud" >> o1 60 | mysql recondb -e "select * from subdomains" | awk '{print $2}' | grep -v "data" >> o 61 | 62 | paste -d@ o o1 | while IFS="@" read -r f1 f2 63 | do 64 | if [[ "$f2" != "$f1" ]]; then 65 | mysql recondb -e "insert ignore into subdomains (data) values('$f2')" 66 | fi 67 | done 68 | rm o 69 | rm o1 70 | ``` 71 | 72 | 73 | ***nano insert_resolved.sh*** 74 | ```bash 75 | 76 | #!/bin/bash 77 | 78 | if [[ -z $1 ]]; then 79 | echo "Usage: ./insert_resolved.sh newfile" 80 | exit 81 | fi 82 | cat $1 | grep -vE "access.telenet|github|myshopify|shopify|facebook|google|microsoft|aliyun|amazoncloud|stanford.edu|huaweicloud" >> o3 83 | mysql recondb -e "select * from resolved" | awk '{print $2}' | grep -v "data" >> o2 84 | 85 | paste -d@ o2 o3 | while IFS="@" read -r f1 f2 86 | do 87 | if [[ "$f2" != "$f1" ]]; then 88 | mysql recondb -e "insert ignore into resolved (data) values('$f2')" 89 | fi 90 | done 91 | rm o2 92 | rm o3 93 | ``` 94 | 95 | ### Download All Subdomains From Chaos 96 | https://chaos.projectdiscovery.io/ 97 | 98 | 99 | ```bash 100 | find . -name="*.txt" | xargs -I@ bash -c '{ cat "@" >> chaos.txt ; }' 101 | ``` 102 | 103 | ```bash 104 | cat /root/recon/chaos/chaos.txt | rev | cut -d '.' -f1,2 | rev | sort -u >> /root/recon/chaos/root.txt 105 | ``` 106 | 107 | ***nano run_scans.sh*** 108 | 109 | ```bash 110 | subfinder -dL /root/recon/chaos/roots.txt -silent >> new.txt 111 | ./insert_subs.sh new.txt 112 | cat new.txt | httpx -silent >> resolved.txt 113 | ./insert_resolved.sh resolved.txt 114 | ``` 115 | 116 | ***nano run_attacks.sh*** 117 | 118 | ```bash 119 | 120 | #Insert new data into the database 121 | 122 | if [[ -z $1 ]]; then 123 | echo "Usage: " 124 | echo " ./run_attack.sh resolved" 125 | echo " ./run_attack.sh subdomains" 126 | exit 127 | fi 128 | 129 | if [[ "$1" != "subdomains" ]] && [[ "$1" != "resolved" ]]; then 130 | exit 131 | fi 132 | 133 | # Run attacks all the time 134 | while true; do 135 | # Kill all jobs first 136 | jobs -p | grep "nuclei" | xargs -n1 pkill -SIGINT -g 137 | mysql recondb -e "select * from $1" | awk '{print $2}' | nuclei -t /root/nuclei-templates/ -severity critical,high -exclude takeovers -c 200 | notify -silent 138 | done 139 | ``` 140 | 141 | #### Run the attacks in the background 142 | 143 | ```bash 144 | chmod +x run_attacks.sh; ./run_attacks.sh & 145 | ```` 146 | 147 | ### Creating Cron Rules 148 | 149 | ```bash 150 | crontab -e 151 | ``` 152 | 153 | ### Visualising Cron Rules 154 | 155 | https://crontab.guru/#0_1_*_*_1 156 | 157 | 158 | ### Starting the Cron Job 159 | ```bash 160 | 0 1 * * 1 bash /root/recontest/run_scans.sh 161 | ``` 162 | 163 | ```bash 164 | service cron restart 165 | ``` 166 | 167 | #### Done 168 | --------------------------------------------------------------------------------