├── .htaccess ├── README.md ├── css ├── bootstrap-switch.css ├── bootstrap-theme.css ├── bootstrap-theme.min.css ├── bootstrap.css ├── bootstrap.min.css ├── bootstrap.min.orig.css ├── dataTables.bootstrap.css ├── index.php ├── style.css └── uploadfile.css ├── data └── modules │ ├── discovery │ └── info_disclosure │ │ ├── cache_snoop.php │ │ └── interesting_files.php │ ├── exploitation │ └── injection │ │ ├── command_injector.php │ │ └── xpath_bruter.php │ ├── import │ ├── csv_file.php │ └── list.php │ ├── recon │ ├── companies-contacts │ │ ├── jigsaw │ │ │ ├── point_usage.php │ │ │ ├── purchase_contact.php │ │ │ └── search_contacts.php │ │ ├── jigsaw_auth.php │ │ └── linkedin_auth.php │ ├── companies-multi │ │ ├── github_miner.php │ │ └── whois_miner.php │ ├── companies-profiles │ │ └── bing_linkedin.php │ ├── contacts-contacts │ │ ├── mailtester.php │ │ ├── mangle.php │ │ └── unmangle.php │ ├── contacts-credentials │ │ ├── hibp_breach.php │ │ ├── hibp_paste.php │ │ └── pwnedlist.php │ ├── contacts-domains │ │ └── migrate_contacts.php │ ├── contacts-profiles │ │ └── fullcontact.php │ ├── credentials-credentials │ │ ├── adobe.php │ │ ├── bozocrack.php │ │ ├── hashes_org.php │ │ └── leakdb.php │ ├── domains-contacts │ │ ├── metacrawler.php │ │ ├── pgp_search.php │ │ ├── salesmaple.php │ │ └── whois_pocs.php │ ├── domains-credentials │ │ └── pwnedlist │ │ │ ├── account_creds.php │ │ │ ├── api_usage.php │ │ │ ├── domain_creds.php │ │ │ ├── domain_ispwned.php │ │ │ ├── leak_lookup.php │ │ │ └── leaks_dump.php │ ├── domains-domains │ │ └── brute_suffix.php │ ├── domains-hosts │ │ ├── baidu_site.php │ │ ├── bing_domain_api.php │ │ ├── bing_domain_web.php │ │ ├── brute_hosts.php │ │ ├── builtwith.php │ │ ├── google_site_api.php │ │ ├── google_site_web.php │ │ ├── netcraft.php │ │ ├── shodan_hostname.php │ │ ├── ssl_san.php │ │ ├── vpnhunter.php │ │ └── yahoo_domain.php │ ├── domains-vulnerabilities │ │ ├── ghdb.php │ │ ├── punkspider.php │ │ ├── xssed.php │ │ └── xssposed.php │ ├── hosts-domains │ │ └── migrate_hosts.php │ ├── hosts-hosts │ │ ├── bing_ip.php │ │ ├── freegeoip.php │ │ ├── ip_neighbor.php │ │ ├── ipinfodb.php │ │ ├── resolve.php │ │ ├── reverse_resolve.php │ │ └── ssltools.php │ ├── hosts-locations │ │ └── migrate_hosts.php │ ├── hosts-ports │ │ └── shodan_ip.php │ ├── locations-locations │ │ ├── geocode.php │ │ └── reverse_geocode.php │ ├── locations-pushpins │ │ ├── flickr.php │ │ ├── instagram.php │ │ ├── picasa.php │ │ ├── shodan.php │ │ └── youtube.php │ ├── netblocks-companies │ │ └── whois_orgs.php │ ├── netblocks-hosts │ │ ├── reverse_resolve.php │ │ └── shodan_net.php │ ├── netblocks-ports │ │ ├── census_2012.php │ │ └── censysio.php │ ├── ports-hosts │ │ └── migrate_ports.php │ ├── profiles-contacts │ │ ├── dev_diver.php │ │ ├── linkedin.php │ │ └── namechk.php │ ├── profiles-profiles │ │ ├── linkedin_crawl.php │ │ ├── namechk.php │ │ ├── profiler.php │ │ └── twitter.php │ ├── profiles-repositories │ │ └── github_repos.php │ └── repositories-vulnerabilities │ │ ├── gists_search.php │ │ └── github_dorks.php │ └── reporting │ ├── csv.php │ ├── html.php │ ├── json.php │ ├── list.php │ ├── pushpin.php │ ├── xlsx.php │ └── xml.php ├── file-upload.php ├── fonts ├── glyphicons-halflings-regular.eot ├── glyphicons-halflings-regular.svg ├── glyphicons-halflings-regular.ttf ├── glyphicons-halflings-regular.woff └── index.php ├── global-options.php ├── img ├── apple-touch-icon-114-precomposed.png ├── apple-touch-icon-144-precomposed.png ├── apple-touch-icon-57-precomposed.png ├── apple-touch-icon-72-precomposed.png ├── favicon.png ├── favicon1.png ├── glyphicons-halflings-white.png ├── glyphicons-halflings.png ├── index.php ├── loading32.gif └── loading64.gif ├── includes ├── config.php ├── functions.php ├── head-section.php ├── index.php └── navbar.php ├── index.php ├── js ├── bootstrap-switch.js ├── bootstrap.min.js ├── confirm-bootstrap.js ├── dataTables.bootstrap.js ├── html5shiv.js ├── index.php ├── jquery-1.10.2.js ├── jquery.dataTables.min.js ├── jquery.form.js ├── jquery.min.js ├── jquery.uploadfile.js ├── less-1.3.3.min.js └── scripts.js ├── less ├── alerts.less ├── badges.less ├── bootstrap.less ├── breadcrumbs.less ├── button-groups.less ├── buttons.less ├── carousel.less ├── close.less ├── code.less ├── component-animations.less ├── dropdowns.less ├── forms.less ├── glyphicons.less ├── grid.less ├── index.php ├── input-groups.less ├── jumbotron.less ├── labels.less ├── list-group.less ├── media.less ├── mixins.less ├── modals.less ├── navbar.less ├── navs.less ├── normalize.less ├── pager.less ├── pagination.less ├── panels.less ├── popovers.less ├── print.less ├── progress-bars.less ├── responsive-utilities.less ├── scaffolding.less ├── tables.less ├── theme.less ├── thumbnails.less ├── tooltip.less ├── type.less ├── utilities.less ├── variables.less └── wells.less ├── module.php ├── reset.php ├── rpc-settings.php ├── show-modules.php ├── uploads ├── .htaccess └── index.php └── workspace.php /.htaccess: -------------------------------------------------------------------------------- 1 | Options -Indexes 2 | ErrorDocument 404 /index.php 3 | ErrorDocument 403 /index.php 4 | ErrorDocument 501 /index.php -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Web interface for Recon-ng 2 | 3 | "Recon-ng Web" is a web interface for recon-ng and uses "recon-rpc" to execute commands and fetch data. 4 | 5 | Requirements: 6 | 7 | 1. Recon-ng 8 | 2. PHP 9 | 10 | 11 | Setup: 12 | 13 | ./recon-rpc -t xmlrpc -a IP_ADDRESS -p PORT 14 | 15 | Run Recon-ng-Web in a PHP supporting web server and set RPC URL in "RPC Settings" page. 16 | 17 | 18 | Problems: 19 | 20 | 1. Errors like "API Key not found" is not returned in response of RPC. Hence it is not shown in web interface. 21 | 2. Some verbose data is not returned in response of RPC. Hence it is not shown in web interface. 22 | 3. Raw response is shown in web interface. Future release will show response in tabular format and more organized. 23 | 24 | 25 | Newly added features: 26 | 27 | 1. "Upload File" allows uploading file on server which can be used as input file in different modules. 28 | 29 | Note: Recon-ng and Recon-ng-Web should be running on the same server for this feature to work. 30 | 31 | 32 | We are trying to fix the problems and bring more features and ease of use. 33 | 34 | 35 | IMPORTANT: Please don't use it in production because the source code has not been audited for vulnerabilities especially CSRF and XSS. -------------------------------------------------------------------------------- /css/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/css/index.php -------------------------------------------------------------------------------- /css/style.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/css/style.css -------------------------------------------------------------------------------- /css/uploadfile.css: -------------------------------------------------------------------------------- 1 | .ajax-file-upload-statusbar { 2 | border: 1px solid #0ba1b5; 3 | margin-top: 10px; 4 | margin-right: 10px; 5 | //margin: 5px; 6 | -moz-border-radius: 4px; 7 | -webkit-border-radius: 4px; 8 | border-radius: 4px; 9 | padding: 5px 5px 5px 5px 10 | } 11 | .ajax-file-upload-filename { 12 | width: 100%; 13 | height: auto; 14 | margin: 0 5px 5px 10px; 15 | color: #807579 16 | } 17 | .ajax-file-upload-progress { 18 | margin: 0 10px 5px 10px; 19 | position: relative; 20 | width: 90%; 21 | border: 1px solid #ddd; 22 | padding: 1px; 23 | border-radius: 3px; 24 | display: inline-block 25 | } 26 | .ajax-file-upload-bar { 27 | background-color: #0ba1b5; 28 | width: 0; 29 | height: 20px; 30 | border-radius: 3px; 31 | color:#FFFFFF; 32 | } 33 | .ajax-file-upload-percent { 34 | position: absolute; 35 | display: inline-block; 36 | top: 3px; 37 | left: 48% 38 | } 39 | .ajax-file-upload-red { 40 | -moz-box-shadow: inset 0 39px 0 -24px #e67a73; 41 | -webkit-box-shadow: inset 0 39px 0 -24px #e67a73; 42 | box-shadow: inset 0 39px 0 -24px #e67a73; 43 | background-color: #e4685d; 44 | -moz-border-radius: 4px; 45 | -webkit-border-radius: 4px; 46 | border-radius: 4px; 47 | display: inline-block; 48 | color: #fff; 49 | font-family: arial; 50 | font-size: 13px; 51 | font-weight: normal; 52 | padding: 4px 15px; 53 | text-decoration: none; 54 | text-shadow: 0 1px 0 #b23e35; 55 | cursor: pointer; 56 | vertical-align: top; 57 | margin-right:5px; 58 | } 59 | .ajax-file-upload-green { 60 | background-color: #77b55a; 61 | -moz-border-radius: 4px; 62 | -webkit-border-radius: 4px; 63 | border-radius: 4px; 64 | margin: 0; 65 | padding: 0; 66 | display: inline-block; 67 | color: #fff; 68 | font-family: arial; 69 | font-size: 13px; 70 | font-weight: normal; 71 | padding: 4px 15px; 72 | text-decoration: none; 73 | cursor: pointer; 74 | text-shadow: 0 1px 0 #5b8a3c; 75 | vertical-align: top; 76 | margin-right:5px; 77 | } 78 | .ajax-file-upload { 79 | font-family: Arial, Helvetica, sans-serif; 80 | font-size: 16px; 81 | font-weight: bold; 82 | padding: 15px 20px; 83 | cursor:pointer; 84 | line-height:20px; 85 | height:25px; 86 | margin:0 10px 10px 0; 87 | display: inline-block; 88 | background: #fff; 89 | border: 1px solid #e8e8e8; 90 | color: #888; 91 | text-decoration: none; 92 | border-radius: 3px; 93 | -webkit-border-radius: 3px; 94 | -moz-border-radius: 3px; 95 | -moz-box-shadow: 0 2px 0 0 #e8e8e8; 96 | -webkit-box-shadow: 0 2px 0 0 #e8e8e8; 97 | box-shadow: 0 2px 0 0 #e8e8e8; 98 | padding: 6px 10px 4px 10px; 99 | color: #fff; 100 | background: #2f8ab9; 101 | border: none; 102 | -moz-box-shadow: 0 2px 0 0 #13648d; 103 | -webkit-box-shadow: 0 2px 0 0 #13648d; 104 | box-shadow: 0 2px 0 0 #13648d; 105 | vertical-align:middle; 106 | } 107 | 108 | .ajax-file-upload:hover { 109 | background: #3396c9; 110 | -moz-box-shadow: 0 2px 0 0 #15719f; 111 | -webkit-box-shadow: 0 2px 0 0 #15719f; 112 | box-shadow: 0 2px 0 0 #15719f; 113 | } 114 | 115 | .ajax-upload-dragdrop 116 | { 117 | border:2px dotted #A5A5C7; 118 | color: #DADCE3; 119 | text-align:left; 120 | vertical-align:middle; 121 | padding:10px 10px 0px 10px; 122 | } 123 | 124 | .ajax-upload-dragdrop.state-hover 125 | { 126 | border: 2px solid #A5A5C7; 127 | } 128 | .ajax-file-upload-error { 129 | color: red; 130 | } -------------------------------------------------------------------------------- /data/modules/discovery/info_disclosure/cache_snoop.php: -------------------------------------------------------------------------------- 1 | 0 && isset($_POST['module_option_nameserver']) && strlen($_POST['module_option_nameserver'])>0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_domains = urldecode($_POST['module_option_domains']); 15 | $module_nameserver = urldecode($_POST['module_option_nameserver']); 16 | $sid = manager_recon("init", NULL); 17 | $use_module = manager_recon("use", array($module_path_here, $sid)); 18 | $set_module_domains = manager_recon("set", array('DOMAINS', $module_domains, $sid)); 19 | $set_module_nameserver = manager_recon("set", array('NAMESERVER', $module_nameserver, $sid)); 20 | $run_module = manager_recon("run", $sid); 21 | echo "
";
 22 |     print_r($run_module);
 23 |     echo "
"; 24 | return; 25 | } 26 | 27 | //Show data based on action 28 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 29 | { 30 | if($action=="options") 31 | { 32 | ?> 33 | Module Name:
34 | Module path:
35 |

36 |
37 | DOMAINS:
38 | NAMESERVER:
39 |
40 | 45 | Name:
46 | Path:
47 | Author: thrapt (thrapt@gmail.com)
48 |
49 | Description:
Uses the DNS cache snooping technique to check for visited domains
50 |
51 | Options:
52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 |
NameCurrent ValueRequiredDescription
DOMAINS/usr/share/recon-ng/data/av_domains.lstyesfile containing the list of domains to snoop for
NAMESERVERyesIP address of authoritative nameserver
76 |
77 | Comments:
78 | * Nameserver must be in IP form.
79 | * http://304geeks.blogspot.com/2013/01/dns-scraping-for-corporate-av-detection.html
80 | 93 | 105 | -------------------------------------------------------------------------------- /data/modules/recon/companies-contacts/jigsaw/point_usage.php: -------------------------------------------------------------------------------- 1 | "; 18 | print_r($run_module); 19 | echo ""; 20 | return; 21 | } 22 | 23 | //Show data based on action 24 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 25 | { 26 | if($action=="options") 27 | { 28 | ?> 29 | Module Name:
30 | Module path:
31 |

32 | No options available for this module. 33 |
34 |
35 |
36 | 41 | Name:
42 | Path:
43 | Author: Tim Tomes (@LaNMaSteR53)
44 |
45 | Description:
Queries the Jigsaw API for the point usage statistics of the given account.
46 |
47 | Options:
48 | No options available for this module. 49 | 62 | 74 | -------------------------------------------------------------------------------- /data/modules/recon/companies-contacts/jigsaw/purchase_contact.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../../includes/config.php"); 13 | require_once("../../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_contact']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('CONTACT', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
20 |     print_r($run_module);
21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | Contact:
36 |
37 | 42 | Name:
43 | Path:
44 | Author: Tim Tomes (@LaNMaSteR53)
45 |
46 | Description:
Retrieves a single complete contact from the Jigsaw.com API using points from the given account.
47 |
48 | Options:
49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 |
NameCurrent ValueRequiredDescription
CONTACTyesjigsaw contact id
67 |
68 | Comments:
69 | * Account Point Cost: 5 points per request.
70 | * This module is typically used to validate email address naming conventions and gather alternative social engineering information.
71 | 84 | 96 | -------------------------------------------------------------------------------- /data/modules/recon/companies-contacts/linkedin_auth.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | Source:
36 |
37 | 42 | Name:
43 | Path:
44 | Author: Tim Tomes (@LaNMaSteR53)
45 |
46 | Description:
Harvests contacts from the LinkedIn.com API using an authenticated connections network. Updates the 'contacts' table with the results.
47 |
48 | Options:
49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
67 |
68 | Source Options:
69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 |
defaultSELECT DISTINCT company FROM companies WHERE company IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
87 | 100 | 112 | -------------------------------------------------------------------------------- /data/modules/recon/companies-multi/github_miner.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('SOURCE', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | Source: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Uses the Github API to enumerate repositories and member profiles associated with a company search string. Updates the respective tables with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT company FROM companies WHERE company IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/contacts-credentials/pwnedlist.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Leverages PwnedList.com to determine if email addresses are associated with leaked credentials. Adds compromised email addresses to the 'credentials' table.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT email FROM contacts WHERE email IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/domains-contacts/salesmaple.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Harvests contacts from the SalesMaple API using domains as input. Updates the 'contacts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/domains-contacts/whois_pocs.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Uses the ARIN Whois RWS to harvest POC data from whois queries for the given domain. Updates the 'contacts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/domains-credentials/pwnedlist/api_usage.php: -------------------------------------------------------------------------------- 1 | "; 18 | print_r($run_module); 19 | echo ""; 20 | return; 21 | } 22 | 23 | //Show data based on action 24 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 25 | { 26 | if($action=="options") 27 | { 28 | ?> 29 | Module Name:
30 | Module path:
31 |

32 | No options available for this module. 33 |
34 |
35 |
36 | 41 | Name:
42 | Path:
43 | Author: Tim Tomes (@LaNMaSteR53)
44 |
45 | Description:
Queries the PwnedList API for account usage statistics.
46 |
47 | Options:
48 | No options available for this module. 49 | 62 | 74 | -------------------------------------------------------------------------------- /data/modules/recon/domains-credentials/pwnedlist/leaks_dump.php: -------------------------------------------------------------------------------- 1 | "; 18 | print_r($run_module); 19 | echo ""; 20 | return; 21 | } 22 | 23 | //Show data based on action 24 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 25 | { 26 | if($action=="options") 27 | { 28 | ?> 29 | Module Name:
30 | Module path:
31 |

32 | No options available for this module. 33 |
34 |
35 |
36 | 41 | Name:
42 | Path:
43 | Author: Tim Tomes (@LaNMaSteR53)
44 |
45 | Description:
Queries the PwnedList API for information associated with all known leaks. Updates the 'leaks' table with the results.
46 |
47 | Options:
48 | No options available for this module.
49 |
50 | Comments:
51 | * API Query Cost: 1 query per request.
52 | 65 | 77 | -------------------------------------------------------------------------------- /data/modules/recon/domains-hosts/baidu_site.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | Source: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Harvests hosts from Baidu.com by using the 'site' search operator. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/domains-hosts/bing_domain_web.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | Source: 36 |
37 |
38 | 43 | Name: Bing Hostname Enumerator
44 | Path: modules/recon/domains-hosts/bing_domain_web.py
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Harvests hosts from Bing.com by using the 'site' search operator. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/domains-hosts/google_site_api.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Leverages the Google Custom Search Engine API to harvest hosts using the 'site' search operator. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | -------------------------------------------------------------------------------- /data/modules/recon/domains-hosts/google_site_web.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Harvests hosts from Google.com by using the 'site' search operator. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL ORDER BY domain
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | -------------------------------------------------------------------------------- /data/modules/recon/domains-hosts/netcraft.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: thrapt (thrapt@gmail.com)
46 |
47 | Description:
Harvests hosts from Netcraft.com. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | -------------------------------------------------------------------------------- /data/modules/recon/domains-hosts/vpnhunter.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Quentin Kaiser (contact[at]quentinkaiser.be)
46 |
47 | Description:
Checks vpnhunter.com for SSL VPNs, remote accesses, email portals and generic login sites. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | -------------------------------------------------------------------------------- /data/modules/recon/domains-hosts/yahoo_domain.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Harvests hosts from Yahoo.com by using the 'domain' search operator. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | -------------------------------------------------------------------------------- /data/modules/recon/domains-vulnerabilities/punkspider.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53) and thrapt (thrapt@gmail.com)
46 |
47 | Description:
Leverages the PunkSPIDER API to search for previosuly discovered vulnerabltiies on hosts within a domain.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/domains-vulnerabilities/xssed.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Micah Hoffman (@WebBreacher)
46 |
47 | Description:
Checks XSSed.com for XSS records associated with a domain and displays the first 20 results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/domains-vulnerabilities/xssposed.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Checks XSSposed.com for XSS records associated with a domain.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/hosts-hosts/ipinfodb.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Leverages the ipinfodb.com API to geolocate a host by IP address. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT ip_address FROM hosts WHERE ip_address IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/hosts-hosts/resolve.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Resolves the IP address for a host. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT host FROM hosts WHERE host IS NOT NULL AND ip_address IS NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/hosts-hosts/reverse_resolve.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: John Babio (@3vi1john), @vulp1n3, and Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Conducts a reverse lookup for each IP address to resolve the hostname. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT ip_address FROM hosts WHERE ip_address IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/hosts-locations/migrate_hosts.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('SOURCE', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Adds a new location for all the locations stored in the 'hosts' table.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT latitude, longitude FROM hosts WHERE latitude IS NOT NULL AND longitude IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/locations-locations/geocode.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Quentin Kaiser (contact@quentinkaiser.be)
46 |
47 | Description:
Queries the Google Maps API to obtain coordinates for an address. Updates the 'locations' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT street_address FROM locations WHERE street_address IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/locations-locations/reverse_geocode.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Quentin Kaiser (contact@quentinkaiser.be)
46 |
47 | Description:
Queries the Google Maps API to obtain an address from coordinates.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT latitude || ',' || longitude FROM locations WHERE latitude IS NOT NULL AND longitude IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/netblocks-companies/whois_orgs.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Uses the ARIN Whois RWS to harvest Companies data from whois queries for the given netblock. Updates the 'companies' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT netblock FROM netblocks WHERE netblock IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/netblocks-hosts/reverse_resolve.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: John Babio (@3vi1john)
46 |
47 | Description:
Conducts a reverse lookup for each of a netblock's IP addresses to resolve the hostname. Updates the 'hosts' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT netblock FROM netblocks WHERE netblock IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/ports-hosts/migrate_ports.php: -------------------------------------------------------------------------------- 1 | "; 18 | print_r($run_module); 19 | echo ""; 20 | return; 21 | } 22 | 23 | //Show data based on action 24 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 25 | { 26 | if($action=="options") 27 | { 28 | ?> 29 | Module Name:
30 | Module path:
31 |

32 | No options available for this module. 33 |
34 |
35 |
36 | 41 | Name:
42 | Path:
43 | Author: Tim Tomes (@LaNMaSteR53)
44 |
45 | Description:
Adds a new host for all the hostnames stored in the 'ports' table.
46 |
47 | Options:
48 | No options available for this module.
49 | 62 | 74 | -------------------------------------------------------------------------------- /data/modules/recon/profiles-contacts/dev_diver.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Micah Hoffman (@WebBreacher)
46 |
47 | Description:
Searches public code repositories for information about a given username.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT username FROM profiles WHERE username IS NOT NULL
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/profiles-contacts/linkedin.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('source', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Mike Larch and Brian Fehrman
46 |
47 | Description:
Harvests contact information from linkedin.com by parsing the link(s) given and adding the info to the 'contacts' table.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT url FROM profiles WHERE url IS NOT NULL ORDER BY url
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/recon/profiles-repositories/github_repos.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../../includes/config.php"); 13 | require_once("../../../../includes/functions.php"); 14 | $module_source = urldecode($_POST['module_option_source']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_source = manager_recon("set", array('SOURCE', $module_source, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
 20 |     print_r($run_module);
 21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | SOURCE: 36 |
37 |
38 | 43 | Name:
44 | Path:
45 | Author: Tim Tomes (@LaNMaSteR53)
46 |
47 | Description:
Uses the Github API to enumerate repositories and gists owned by a Github user. Updates the 'repositories' table with the results.
48 |
49 | Options:
50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 |
NameCurrent ValueRequiredDescription
SOURCEdefaultyessource of input (see 'show info' for details)
68 |
69 | Source Options:
70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 |
defaultSELECT DISTINCT username FROM profiles WHERE username IS NOT NULL AND resource LIKE 'Github'
<string>string representing a single input
<path>path to a file containing a list of inputs
query <sql>database query returning one column of inputs
88 | 101 | 113 | -------------------------------------------------------------------------------- /data/modules/reporting/csv.php: -------------------------------------------------------------------------------- 1 | 0 && isset($_POST['module_option_table']) && strlen($_POST['module_option_table'])>0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../includes/config.php"); 13 | require_once("../../../includes/functions.php"); 14 | $module_filename = urldecode($_POST['module_option_filename']); 15 | $module_table = urldecode($_POST['module_option_table']); 16 | $sid = manager_recon("init", NULL); 17 | $use_module = manager_recon("use", array($module_path_here, $sid)); 18 | $set_module_filename = manager_recon("set", array('FILENAME', $module_filename, $sid)); 19 | $set_module_table = manager_recon("set", array('TABLE', $module_table, $sid)); 20 | $run_module = manager_recon("run", $sid); 21 | echo "
";
 22 |     print_r($run_module);
 23 |     echo "
"; 24 | return; 25 | } 26 | 27 | //Show data based on action 28 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 29 | { 30 | if($action=="options") 31 | { 32 | ?> 33 | Module Name:
34 | Module path:
35 |

36 |
37 | FILENAME:
38 | TABLE:
39 |
40 | 45 | Name:
46 | Path:
47 | Author: Tim Tomes (@LaNMaSteR53)
48 |
49 | Description:
Creates a CSV file containing the specified harvested data.
50 |
51 | Options:
52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 |
NameCurrent ValueRequiredDescription
FILENAME/root/.recon-ng/workspaces/default/results.csvyespath and filename for csv input
TABLEhostsyessource table of data to export
76 | 89 | -------------------------------------------------------------------------------- /data/modules/reporting/json.php: -------------------------------------------------------------------------------- 1 | 0 && isset($_POST['module_option_table']) && strlen($_POST['module_option_table'])>0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../includes/config.php"); 13 | require_once("../../../includes/functions.php"); 14 | $module_filename = urldecode($_POST['module_option_filename']); 15 | $module_table = urldecode($_POST['module_option_table']); 16 | $sid = manager_recon("init", NULL); 17 | $use_module = manager_recon("use", array($module_path_here, $sid)); 18 | $set_module_filename = manager_recon("set", array('FILENAME', $module_filename, $sid)); 19 | $set_module_table = manager_recon("set", array('TABLE', $module_table, $sid)); 20 | $run_module = manager_recon("run", $sid); 21 | echo "
";
 22 |     print_r($run_module);
 23 |     echo "
"; 24 | return; 25 | } 26 | 27 | //Show data based on action 28 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 29 | { 30 | if($action=="options") 31 | { 32 | ?> 33 | Module Name:
34 | Module path:
35 |

36 |
37 | FILENAME:
38 | TABLE:
39 |
40 | 45 | Name:
46 | Path:
47 | Author: Paul (@PaulWebSec)
48 | Version: v0.0.1
49 |
50 | Description:
Creates a JSON report.
51 |
52 | Options:
53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 |
NameCurrent ValueRequiredDescription
FILENAME/root/.recon-ng/workspaces/default/results.jsonyespath and filename for report output
TABLEhosts, contacts, credentialsyescomma delineated list of tables
77 | 90 | -------------------------------------------------------------------------------- /data/modules/reporting/xlsx.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../includes/config.php"); 13 | require_once("../../../includes/functions.php"); 14 | $module_filename = urldecode($_POST['module_option_filename']); 15 | $sid = manager_recon("init", NULL); 16 | $use_module = manager_recon("use", array($module_path_here, $sid)); 17 | $set_module_filename = manager_recon("set", array('FILENAME', $module_filename, $sid)); 18 | $run_module = manager_recon("run", $sid); 19 | echo "
";
20 |     print_r($run_module);
21 |     echo "
"; 22 | return; 23 | } 24 | 25 | //Show data based on action 26 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 27 | { 28 | if($action=="options") 29 | { 30 | ?> 31 | Module Name:
32 | Module path:
33 |

34 |
35 | FILENAME:
36 |
37 | 42 | Name:
43 | Path:
44 | Author: Tim Tomes (@LaNMaSteR53)
45 |
46 | Description:
Creates an Excel compatible XLSX file containing the entire data set.
47 |
48 | Options:
49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 |
NameCurrent ValueRequiredDescription
FILENAME/root/.recon-ng/workspaces/default/results.slsxyespath and filename for output
67 | 80 | -------------------------------------------------------------------------------- /data/modules/reporting/xml.php: -------------------------------------------------------------------------------- 1 | 0 && isset($_POST['module_option_table']) && strlen($_POST['module_option_table'])>0) 10 | { 11 | //Configuration & Functions 12 | require_once("../../../includes/config.php"); 13 | require_once("../../../includes/functions.php"); 14 | $module_filename = urldecode($_POST['module_option_filename']); 15 | $module_table = urldecode($_POST['module_option_table']); 16 | $sid = manager_recon("init", NULL); 17 | $use_module = manager_recon("use", array($module_path_here, $sid)); 18 | $set_module_filename = manager_recon("set", array('FILENAME', $module_filename, $sid)); 19 | $set_module_table = manager_recon("set", array('TABLE', $module_table, $sid)); 20 | $run_module = manager_recon("run", $sid); 21 | echo "
";
 22 |     print_r($run_module);
 23 |     echo "
"; 24 | return; 25 | } 26 | 27 | //Show data based on action 28 | if(strlen($action)>0 && in_array($action, $allowed_actions)) 29 | { 30 | if($action=="options") 31 | { 32 | ?> 33 | Module Name:
34 | Module path:
35 |

36 |
37 | FILENAME:
38 | TABLE:
39 |
40 | 45 | Name:
46 | Path:
47 | Author: Eric Humphries (@e2fsck) and Tim Tomes (@LaNMaSteR53)
48 | Version: v0.0.2
49 |
50 | Description:
Creates a XML report.
51 |
52 | Options:
53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 |
NameCurrent ValueRequiredDescription
FILENAME/root/.recon-ng/workspaces/default/results.xmlyespath and filename for report output
TABLEhosts, contacts, credentialsyescomma delineated list of tables
77 | 90 | -------------------------------------------------------------------------------- /fonts/glyphicons-halflings-regular.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/fonts/glyphicons-halflings-regular.eot -------------------------------------------------------------------------------- /fonts/glyphicons-halflings-regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/fonts/glyphicons-halflings-regular.ttf -------------------------------------------------------------------------------- /fonts/glyphicons-halflings-regular.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/fonts/glyphicons-halflings-regular.woff -------------------------------------------------------------------------------- /fonts/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/fonts/index.php -------------------------------------------------------------------------------- /img/apple-touch-icon-114-precomposed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/apple-touch-icon-114-precomposed.png -------------------------------------------------------------------------------- /img/apple-touch-icon-144-precomposed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/apple-touch-icon-144-precomposed.png -------------------------------------------------------------------------------- /img/apple-touch-icon-57-precomposed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/apple-touch-icon-57-precomposed.png -------------------------------------------------------------------------------- /img/apple-touch-icon-72-precomposed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/apple-touch-icon-72-precomposed.png -------------------------------------------------------------------------------- /img/favicon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/favicon.png -------------------------------------------------------------------------------- /img/favicon1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/favicon1.png -------------------------------------------------------------------------------- /img/glyphicons-halflings-white.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/glyphicons-halflings-white.png -------------------------------------------------------------------------------- /img/glyphicons-halflings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/glyphicons-halflings.png -------------------------------------------------------------------------------- /img/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/index.php -------------------------------------------------------------------------------- /img/loading32.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/loading32.gif -------------------------------------------------------------------------------- /img/loading64.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/img/loading64.gif -------------------------------------------------------------------------------- /includes/config.php: -------------------------------------------------------------------------------- 1 | 0) 6 | { 7 | $recon_rpc_url = $_SESSION['recon_rpc_url']; 8 | } 9 | else 10 | { 11 | die('
Recon-ng RPC URL has not been set. Please set the RPC URL from "RPC Settings" page
'); 12 | } 13 | ?> -------------------------------------------------------------------------------- /includes/functions.php: -------------------------------------------------------------------------------- 1 | 0) 10 | { 11 | return $_SESSION['recon_sid']; 12 | } 13 | } 14 | $request = xmlrpc_encode_request($methodName, $data); 15 | $context = stream_context_create(array('http' => array('method' => "POST", 'header' => "Content-Type: text/xml", 'content' => $request))); 16 | $file = file_get_contents($recon_rpc_url, false, $context); 17 | $response = xmlrpc_decode($file); 18 | if($methodName=="init") 19 | { 20 | @session_start(); 21 | $_SESSION['recon_sid'] = $response; 22 | } 23 | return $response; 24 | } 25 | ?> -------------------------------------------------------------------------------- /includes/head-section.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /includes/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/includes/index.php -------------------------------------------------------------------------------- /includes/navbar.php: -------------------------------------------------------------------------------- 1 |
2 |
3 | 35 |
36 |



-------------------------------------------------------------------------------- /index.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /js/html5shiv.js: -------------------------------------------------------------------------------- 1 | /* 2 | HTML5 Shiv v3.6.2 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed 3 | */ 4 | (function(l,f){function m(){var a=e.elements;return"string"==typeof a?a.split(" "):a}function i(a){var b=n[a[o]];b||(b={},h++,a[o]=h,n[h]=b);return b}function p(a,b,c){b||(b=f);if(g)return b.createElement(a);c||(c=i(b));b=c.cache[a]?c.cache[a].cloneNode():r.test(a)?(c.cache[a]=c.createElem(a)).cloneNode():c.createElem(a);return b.canHaveChildren&&!s.test(a)?c.frag.appendChild(b):b}function t(a,b){if(!b.cache)b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag(); 5 | a.createElement=function(c){return!e.shivMethods?b.createElem(c):p(c,a,b)};a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+m().join().replace(/\w+/g,function(a){b.createElem(a);b.frag.createElement(a);return'c("'+a+'")'})+");return n}")(e,b.frag)}function q(a){a||(a=f);var b=i(a);if(e.shivCSS&&!j&&!b.hasCSS){var c,d=a;c=d.createElement("p");d=d.getElementsByTagName("head")[0]||d.documentElement;c.innerHTML="x"; 6 | c=d.insertBefore(c.lastChild,d.firstChild);b.hasCSS=!!c}g||t(a,b);return a}var k=l.html5||{},s=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,r=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,j,o="_html5shiv",h=0,n={},g;(function(){try{var a=f.createElement("a");a.innerHTML="";j="hidden"in a;var b;if(!(b=1==a.childNodes.length)){f.createElement("a");var c=f.createDocumentFragment();b="undefined"==typeof c.cloneNode|| 7 | "undefined"==typeof c.createDocumentFragment||"undefined"==typeof c.createElement}g=b}catch(d){g=j=!0}})();var e={elements:k.elements||"abbr article aside audio bdi canvas data datalist details figcaption figure footer header hgroup main mark meter nav output progress section summary time video",version:"3.6.2",shivCSS:!1!==k.shivCSS,supportsUnknownElements:g,shivMethods:!1!==k.shivMethods,type:"default",shivDocument:q,createElement:p,createDocumentFragment:function(a,b){a||(a=f);if(g)return a.createDocumentFragment(); 8 | for(var b=b||i(a),c=b.frag.cloneNode(),d=0,e=m(),h=e.length;d p, 28 | > ul { 29 | margin-bottom: 0; 30 | } 31 | > p + p { 32 | margin-top: 5px; 33 | } 34 | } 35 | 36 | // Dismissable alerts 37 | // 38 | // Expand the right padding and account for the close button's positioning. 39 | 40 | .alert-dismissable { 41 | padding-right: (@alert-padding + 20); 42 | 43 | // Adjust close link position 44 | .close { 45 | position: relative; 46 | top: -2px; 47 | right: -21px; 48 | color: inherit; 49 | } 50 | } 51 | 52 | // Alternate styles 53 | // 54 | // Generate contextual modifier classes for colorizing the alert. 55 | 56 | .alert-success { 57 | .alert-variant(@alert-success-bg; @alert-success-border; @alert-success-text); 58 | } 59 | .alert-info { 60 | .alert-variant(@alert-info-bg; @alert-info-border; @alert-info-text); 61 | } 62 | .alert-warning { 63 | .alert-variant(@alert-warning-bg; @alert-warning-border; @alert-warning-text); 64 | } 65 | .alert-danger { 66 | .alert-variant(@alert-danger-bg; @alert-danger-border; @alert-danger-text); 67 | } 68 | -------------------------------------------------------------------------------- /less/badges.less: -------------------------------------------------------------------------------- 1 | // 2 | // Badges 3 | // -------------------------------------------------- 4 | 5 | 6 | // Base classes 7 | .badge { 8 | display: inline-block; 9 | min-width: 10px; 10 | padding: 3px 7px; 11 | font-size: @font-size-small; 12 | font-weight: @badge-font-weight; 13 | color: @badge-color; 14 | line-height: @badge-line-height; 15 | vertical-align: baseline; 16 | white-space: nowrap; 17 | text-align: center; 18 | background-color: @badge-bg; 19 | border-radius: @badge-border-radius; 20 | 21 | // Empty badges collapse automatically (not available in IE8) 22 | &:empty { 23 | display: none; 24 | } 25 | } 26 | 27 | // Hover state, but only for links 28 | a.badge { 29 | &:hover, 30 | &:focus { 31 | color: @badge-link-hover-color; 32 | text-decoration: none; 33 | cursor: pointer; 34 | } 35 | } 36 | 37 | // Quick fix for labels/badges in buttons 38 | .btn .badge { 39 | position: relative; 40 | top: -1px; 41 | } 42 | 43 | // Account for counters in navs 44 | a.list-group-item.active > .badge, 45 | .nav-pills > .active > a > .badge { 46 | color: @badge-active-color; 47 | background-color: @badge-active-bg; 48 | } 49 | .nav-pills > li > a > .badge { 50 | margin-left: 3px; 51 | } 52 | -------------------------------------------------------------------------------- /less/bootstrap.less: -------------------------------------------------------------------------------- 1 | // Core variables and mixins 2 | @import "variables.less"; 3 | @import "mixins.less"; 4 | 5 | // Reset 6 | @import "normalize.less"; 7 | @import "print.less"; 8 | 9 | // Core CSS 10 | @import "scaffolding.less"; 11 | @import "type.less"; 12 | @import "code.less"; 13 | @import "grid.less"; 14 | @import "tables.less"; 15 | @import "forms.less"; 16 | @import "buttons.less"; 17 | 18 | // Components 19 | @import "component-animations.less"; 20 | @import "glyphicons.less"; 21 | @import "dropdowns.less"; 22 | @import "button-groups.less"; 23 | @import "input-groups.less"; 24 | @import "navs.less"; 25 | @import "navbar.less"; 26 | @import "breadcrumbs.less"; 27 | @import "pagination.less"; 28 | @import "pager.less"; 29 | @import "labels.less"; 30 | @import "badges.less"; 31 | @import "jumbotron.less"; 32 | @import "thumbnails.less"; 33 | @import "alerts.less"; 34 | @import "progress-bars.less"; 35 | @import "media.less"; 36 | @import "list-group.less"; 37 | @import "panels.less"; 38 | @import "wells.less"; 39 | @import "close.less"; 40 | 41 | // Components w/ JavaScript 42 | @import "modals.less"; 43 | @import "tooltip.less"; 44 | @import "popovers.less"; 45 | @import "carousel.less"; 46 | 47 | // Utility classes 48 | @import "utilities.less"; 49 | @import "responsive-utilities.less"; 50 | -------------------------------------------------------------------------------- /less/breadcrumbs.less: -------------------------------------------------------------------------------- 1 | // 2 | // Breadcrumbs 3 | // -------------------------------------------------- 4 | 5 | 6 | .breadcrumb { 7 | padding: 8px 15px; 8 | margin-bottom: @line-height-computed; 9 | list-style: none; 10 | background-color: @breadcrumb-bg; 11 | border-radius: @border-radius-base; 12 | > li { 13 | display: inline-block; 14 | + li:before { 15 | content: "@{breadcrumb-separator}\00a0"; // Unicode space added since inline-block means non-collapsing white-space 16 | padding: 0 5px; 17 | color: @breadcrumb-color; 18 | } 19 | } 20 | > .active { 21 | color: @breadcrumb-active-color; 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /less/buttons.less: -------------------------------------------------------------------------------- 1 | // 2 | // Buttons 3 | // -------------------------------------------------- 4 | 5 | 6 | // Base styles 7 | // -------------------------------------------------- 8 | 9 | // Core styles 10 | .btn { 11 | display: inline-block; 12 | margin-bottom: 0; // For input.btn 13 | font-weight: @btn-font-weight; 14 | text-align: center; 15 | vertical-align: middle; 16 | cursor: pointer; 17 | background-image: none; // Reset unusual Firefox-on-Android default style; see https://github.com/necolas/normalize.css/issues/214 18 | border: 1px solid transparent; 19 | white-space: nowrap; 20 | .button-size(@padding-base-vertical; @padding-base-horizontal; @font-size-base; @line-height-base; @border-radius-base); 21 | .user-select(none); 22 | 23 | &:focus { 24 | .tab-focus(); 25 | } 26 | 27 | &:hover, 28 | &:focus { 29 | color: @btn-default-color; 30 | text-decoration: none; 31 | } 32 | 33 | &:active, 34 | &.active { 35 | outline: 0; 36 | background-image: none; 37 | .box-shadow(inset 0 3px 5px rgba(0,0,0,.125)); 38 | } 39 | 40 | &.disabled, 41 | &[disabled], 42 | fieldset[disabled] & { 43 | cursor: not-allowed; 44 | pointer-events: none; // Future-proof disabling of clicks 45 | .opacity(.65); 46 | .box-shadow(none); 47 | } 48 | 49 | } 50 | 51 | 52 | // Alternate buttons 53 | // -------------------------------------------------- 54 | 55 | .btn-default { 56 | .button-variant(@btn-default-color; @btn-default-bg; @btn-default-border); 57 | } 58 | .btn-primary { 59 | .button-variant(@btn-primary-color; @btn-primary-bg; @btn-primary-border); 60 | } 61 | // Warning appears as orange 62 | .btn-warning { 63 | .button-variant(@btn-warning-color; @btn-warning-bg; @btn-warning-border); 64 | } 65 | // Danger and error appear as red 66 | .btn-danger { 67 | .button-variant(@btn-danger-color; @btn-danger-bg; @btn-danger-border); 68 | } 69 | // Success appears as green 70 | .btn-success { 71 | .button-variant(@btn-success-color; @btn-success-bg; @btn-success-border); 72 | } 73 | // Info appears as blue-green 74 | .btn-info { 75 | .button-variant(@btn-info-color; @btn-info-bg; @btn-info-border); 76 | } 77 | 78 | 79 | // Link buttons 80 | // ------------------------- 81 | 82 | // Make a button look and behave like a link 83 | .btn-link { 84 | color: @link-color; 85 | font-weight: normal; 86 | cursor: pointer; 87 | border-radius: 0; 88 | 89 | &, 90 | &:active, 91 | &[disabled], 92 | fieldset[disabled] & { 93 | background-color: transparent; 94 | .box-shadow(none); 95 | } 96 | &, 97 | &:hover, 98 | &:focus, 99 | &:active { 100 | border-color: transparent; 101 | } 102 | &:hover, 103 | &:focus { 104 | color: @link-hover-color; 105 | text-decoration: underline; 106 | background-color: transparent; 107 | } 108 | &[disabled], 109 | fieldset[disabled] & { 110 | &:hover, 111 | &:focus { 112 | color: @btn-link-disabled-color; 113 | text-decoration: none; 114 | } 115 | } 116 | } 117 | 118 | 119 | // Button Sizes 120 | // -------------------------------------------------- 121 | 122 | .btn-lg { 123 | // line-height: ensure even-numbered height of button next to large input 124 | .button-size(@padding-large-vertical; @padding-large-horizontal; @font-size-large; @line-height-large; @border-radius-large); 125 | } 126 | .btn-sm, 127 | .btn-xs { 128 | // line-height: ensure proper height of button next to small input 129 | .button-size(@padding-small-vertical; @padding-small-horizontal; @font-size-small; @line-height-small; @border-radius-small); 130 | } 131 | .btn-xs { 132 | padding: 1px 5px; 133 | } 134 | 135 | 136 | // Block button 137 | // -------------------------------------------------- 138 | 139 | .btn-block { 140 | display: block; 141 | width: 100%; 142 | padding-left: 0; 143 | padding-right: 0; 144 | } 145 | 146 | // Vertically space out multiple block buttons 147 | .btn-block + .btn-block { 148 | margin-top: 5px; 149 | } 150 | 151 | // Specificity overrides 152 | input[type="submit"], 153 | input[type="reset"], 154 | input[type="button"] { 155 | &.btn-block { 156 | width: 100%; 157 | } 158 | } 159 | -------------------------------------------------------------------------------- /less/close.less: -------------------------------------------------------------------------------- 1 | // 2 | // Close icons 3 | // -------------------------------------------------- 4 | 5 | 6 | .close { 7 | float: right; 8 | font-size: (@font-size-base * 1.5); 9 | font-weight: @close-font-weight; 10 | line-height: 1; 11 | color: @close-color; 12 | text-shadow: @close-text-shadow; 13 | .opacity(.2); 14 | 15 | &:hover, 16 | &:focus { 17 | color: @close-color; 18 | text-decoration: none; 19 | cursor: pointer; 20 | .opacity(.5); 21 | } 22 | 23 | // Additional properties for button version 24 | // iOS requires the button element instead of an anchor tag. 25 | // If you want the anchor version, it requires `href="#"`. 26 | button& { 27 | padding: 0; 28 | cursor: pointer; 29 | background: transparent; 30 | border: 0; 31 | -webkit-appearance: none; 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /less/code.less: -------------------------------------------------------------------------------- 1 | // 2 | // Code (inline and block) 3 | // -------------------------------------------------- 4 | 5 | 6 | // Inline and block code styles 7 | code, 8 | kbd, 9 | pre, 10 | samp { 11 | font-family: @font-family-monospace; 12 | } 13 | 14 | // Inline code 15 | code { 16 | padding: 2px 4px; 17 | font-size: 90%; 18 | color: @code-color; 19 | background-color: @code-bg; 20 | white-space: nowrap; 21 | border-radius: @border-radius-base; 22 | } 23 | 24 | // Blocks of code 25 | pre { 26 | display: block; 27 | padding: ((@line-height-computed - 1) / 2); 28 | margin: 0 0 (@line-height-computed / 2); 29 | font-size: (@font-size-base - 1); // 14px to 13px 30 | line-height: @line-height-base; 31 | word-break: break-all; 32 | word-wrap: break-word; 33 | color: @pre-color; 34 | background-color: @pre-bg; 35 | border: 1px solid @pre-border-color; 36 | border-radius: @border-radius-base; 37 | 38 | // Account for some code outputs that place code tags in pre tags 39 | code { 40 | padding: 0; 41 | font-size: inherit; 42 | color: inherit; 43 | white-space: pre-wrap; 44 | background-color: transparent; 45 | border-radius: 0; 46 | } 47 | } 48 | 49 | // Enable scrollable blocks of code 50 | .pre-scrollable { 51 | max-height: @pre-scrollable-max-height; 52 | overflow-y: scroll; 53 | } 54 | -------------------------------------------------------------------------------- /less/component-animations.less: -------------------------------------------------------------------------------- 1 | // 2 | // Component animations 3 | // -------------------------------------------------- 4 | 5 | // Heads up! 6 | // 7 | // We don't use the `.opacity()` mixin here since it causes a bug with text 8 | // fields in IE7-8. Source: https://github.com/twitter/bootstrap/pull/3552. 9 | 10 | .fade { 11 | opacity: 0; 12 | .transition(opacity .15s linear); 13 | &.in { 14 | opacity: 1; 15 | } 16 | } 17 | 18 | .collapse { 19 | display: none; 20 | &.in { 21 | display: block; 22 | } 23 | } 24 | .collapsing { 25 | position: relative; 26 | height: 0; 27 | overflow: hidden; 28 | .transition(height .35s ease); 29 | } 30 | -------------------------------------------------------------------------------- /less/grid.less: -------------------------------------------------------------------------------- 1 | // 2 | // Grid system 3 | // -------------------------------------------------- 4 | 5 | // Set the container width, and override it for fixed navbars in media queries 6 | .container { 7 | .container-fixed(); 8 | } 9 | 10 | // mobile first defaults 11 | .row { 12 | .make-row(); 13 | } 14 | 15 | // Common styles for small and large grid columns 16 | .make-grid-columns(); 17 | 18 | 19 | // Extra small grid 20 | // 21 | // Grid classes for extra small devices like smartphones. No offset, push, or 22 | // pull classes are present here due to the size of the target. 23 | // 24 | // Note that `.col-xs-12` doesn't get floated on purpose--there's no need since 25 | // it's full-width. 26 | 27 | .make-grid-columns-float(xs); 28 | .make-grid(@grid-columns, xs, width); 29 | .make-grid(@grid-columns, xs, pull); 30 | .make-grid(@grid-columns, xs, push); 31 | .make-grid(@grid-columns, xs, offset); 32 | 33 | 34 | // Small grid 35 | // 36 | // Columns, offsets, pushes, and pulls for the small device range, from phones 37 | // to tablets. 38 | // 39 | // Note that `.col-sm-12` doesn't get floated on purpose--there's no need since 40 | // it's full-width. 41 | 42 | @media (min-width: @screen-sm-min) { 43 | .container { 44 | width: @container-sm; 45 | } 46 | 47 | .make-grid-columns-float(sm); 48 | .make-grid(@grid-columns, sm, width); 49 | .make-grid(@grid-columns, sm, pull); 50 | .make-grid(@grid-columns, sm, push); 51 | .make-grid(@grid-columns, sm, offset); 52 | } 53 | 54 | 55 | // Medium grid 56 | // 57 | // Columns, offsets, pushes, and pulls for the desktop device range. 58 | // 59 | // Note that `.col-md-12` doesn't get floated on purpose--there's no need since 60 | // it's full-width. 61 | 62 | @media (min-width: @screen-md-min) { 63 | .container { 64 | width: @container-md; 65 | } 66 | 67 | .make-grid-columns-float(md); 68 | .make-grid(@grid-columns, md, width); 69 | .make-grid(@grid-columns, md, pull); 70 | .make-grid(@grid-columns, md, push); 71 | .make-grid(@grid-columns, md, offset); 72 | } 73 | 74 | 75 | // Large grid 76 | // 77 | // Columns, offsets, pushes, and pulls for the large desktop device range. 78 | // 79 | // Note that `.col-lg-12` doesn't get floated on purpose--there's no need since 80 | // it's full-width. 81 | 82 | @media (min-width: @screen-lg-min) { 83 | .container { 84 | width: @container-lg; 85 | } 86 | 87 | .make-grid-columns-float(lg); 88 | .make-grid(@grid-columns, lg, width); 89 | .make-grid(@grid-columns, lg, pull); 90 | .make-grid(@grid-columns, lg, push); 91 | .make-grid(@grid-columns, lg, offset); 92 | } 93 | 94 | -------------------------------------------------------------------------------- /less/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/interference-security/recon-ng-web/2ff49e080fa4bc898244718ae1eb7e890ec38470/less/index.php -------------------------------------------------------------------------------- /less/input-groups.less: -------------------------------------------------------------------------------- 1 | // 2 | // Input groups 3 | // -------------------------------------------------- 4 | 5 | // Base styles 6 | // ------------------------- 7 | .input-group { 8 | position: relative; // For dropdowns 9 | display: table; 10 | border-collapse: separate; // prevent input groups from inheriting border styles from table cells when placed within a table 11 | 12 | // Undo padding and float of grid classes 13 | &.col { 14 | float: none; 15 | padding-left: 0; 16 | padding-right: 0; 17 | } 18 | 19 | .form-control { 20 | width: 100%; 21 | margin-bottom: 0; 22 | } 23 | } 24 | 25 | // Sizing options 26 | // 27 | // Remix the default form control sizing classes into new ones for easier 28 | // manipulation. 29 | 30 | .input-group-lg > .form-control, 31 | .input-group-lg > .input-group-addon, 32 | .input-group-lg > .input-group-btn > .btn { .input-lg(); } 33 | .input-group-sm > .form-control, 34 | .input-group-sm > .input-group-addon, 35 | .input-group-sm > .input-group-btn > .btn { .input-sm(); } 36 | 37 | 38 | // Display as table-cell 39 | // ------------------------- 40 | .input-group-addon, 41 | .input-group-btn, 42 | .input-group .form-control { 43 | display: table-cell; 44 | 45 | &:not(:first-child):not(:last-child) { 46 | border-radius: 0; 47 | } 48 | } 49 | // Addon and addon wrapper for buttons 50 | .input-group-addon, 51 | .input-group-btn { 52 | width: 1%; 53 | white-space: nowrap; 54 | vertical-align: middle; // Match the inputs 55 | } 56 | 57 | // Text input groups 58 | // ------------------------- 59 | .input-group-addon { 60 | padding: @padding-base-vertical @padding-base-horizontal; 61 | font-size: @font-size-base; 62 | font-weight: normal; 63 | line-height: 1; 64 | color: @input-color; 65 | text-align: center; 66 | background-color: @input-group-addon-bg; 67 | border: 1px solid @input-group-addon-border-color; 68 | border-radius: @border-radius-base; 69 | 70 | // Sizing 71 | &.input-sm { 72 | padding: @padding-small-vertical @padding-small-horizontal; 73 | font-size: @font-size-small; 74 | border-radius: @border-radius-small; 75 | } 76 | &.input-lg { 77 | padding: @padding-large-vertical @padding-large-horizontal; 78 | font-size: @font-size-large; 79 | border-radius: @border-radius-large; 80 | } 81 | 82 | // Nuke default margins from checkboxes and radios to vertically center within. 83 | input[type="radio"], 84 | input[type="checkbox"] { 85 | margin-top: 0; 86 | } 87 | } 88 | 89 | // Reset rounded corners 90 | .input-group .form-control:first-child, 91 | .input-group-addon:first-child, 92 | .input-group-btn:first-child > .btn, 93 | .input-group-btn:first-child > .dropdown-toggle, 94 | .input-group-btn:last-child > .btn:not(:last-child):not(.dropdown-toggle) { 95 | .border-right-radius(0); 96 | } 97 | .input-group-addon:first-child { 98 | border-right: 0; 99 | } 100 | .input-group .form-control:last-child, 101 | .input-group-addon:last-child, 102 | .input-group-btn:last-child > .btn, 103 | .input-group-btn:last-child > .dropdown-toggle, 104 | .input-group-btn:first-child > .btn:not(:first-child) { 105 | .border-left-radius(0); 106 | } 107 | .input-group-addon:last-child { 108 | border-left: 0; 109 | } 110 | 111 | // Button input groups 112 | // ------------------------- 113 | .input-group-btn { 114 | position: relative; 115 | white-space: nowrap; 116 | 117 | // Negative margin to only have a 1px border between the two 118 | &:first-child > .btn { 119 | margin-right: -1px; 120 | } 121 | &:last-child > .btn { 122 | margin-left: -1px; 123 | } 124 | } 125 | .input-group-btn > .btn { 126 | position: relative; 127 | // Jankily prevent input button groups from wrapping 128 | + .btn { 129 | margin-left: -4px; 130 | } 131 | // Bring the "active" button to the front 132 | &:hover, 133 | &:active { 134 | z-index: 2; 135 | } 136 | } 137 | -------------------------------------------------------------------------------- /less/jumbotron.less: -------------------------------------------------------------------------------- 1 | // 2 | // Jumbotron 3 | // -------------------------------------------------- 4 | 5 | 6 | .jumbotron { 7 | padding: @jumbotron-padding; 8 | margin-bottom: @jumbotron-padding; 9 | font-size: @jumbotron-font-size; 10 | font-weight: 200; 11 | line-height: (@line-height-base * 1.5); 12 | color: @jumbotron-color; 13 | background-color: @jumbotron-bg; 14 | 15 | h1 { 16 | line-height: 1; 17 | color: @jumbotron-heading-color; 18 | } 19 | p { 20 | line-height: 1.4; 21 | } 22 | 23 | .container & { 24 | border-radius: @border-radius-large; // Only round corners at higher resolutions if contained in a container 25 | } 26 | 27 | @media screen and (min-width: @screen-sm-min) { 28 | padding-top: (@jumbotron-padding * 1.6); 29 | padding-bottom: (@jumbotron-padding * 1.6); 30 | 31 | .container & { 32 | padding-left: (@jumbotron-padding * 2); 33 | padding-right: (@jumbotron-padding * 2); 34 | } 35 | 36 | h1 { 37 | font-size: (@font-size-base * 4.5); 38 | } 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /less/labels.less: -------------------------------------------------------------------------------- 1 | // 2 | // Labels 3 | // -------------------------------------------------- 4 | 5 | .label { 6 | display: inline; 7 | padding: .2em .6em .3em; 8 | font-size: 75%; 9 | font-weight: bold; 10 | line-height: 1; 11 | color: @label-color; 12 | text-align: center; 13 | white-space: nowrap; 14 | vertical-align: baseline; 15 | border-radius: .25em; 16 | 17 | // Add hover effects, but only for links 18 | &[href] { 19 | &:hover, 20 | &:focus { 21 | color: @label-link-hover-color; 22 | text-decoration: none; 23 | cursor: pointer; 24 | } 25 | } 26 | 27 | // Empty labels collapse automatically (not available in IE8) 28 | &:empty { 29 | display: none; 30 | } 31 | } 32 | 33 | // Colors 34 | // Contextual variations (linked labels get darker on :hover) 35 | 36 | .label-default { 37 | .label-variant(@label-default-bg); 38 | } 39 | 40 | .label-primary { 41 | .label-variant(@label-primary-bg); 42 | } 43 | 44 | .label-success { 45 | .label-variant(@label-success-bg); 46 | } 47 | 48 | .label-info { 49 | .label-variant(@label-info-bg); 50 | } 51 | 52 | .label-warning { 53 | .label-variant(@label-warning-bg); 54 | } 55 | 56 | .label-danger { 57 | .label-variant(@label-danger-bg); 58 | } 59 | -------------------------------------------------------------------------------- /less/list-group.less: -------------------------------------------------------------------------------- 1 | // 2 | // List groups 3 | // -------------------------------------------------- 4 | 5 | // Base class 6 | // 7 | // Easily usable on