刚看了苑老师kali linux教程的RECON-NG教程,很多命令改变了,网络上却很少有recon-ng 的新版本介绍,写下来做记录。
输入recon-ng,打开recon-ng
root@kali:~# recon-ng
[*] Version check disabled.
_/_/_/ _/_/_/_/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/_/_/
_/ _/ _/ _/ _/ _/ _/_/ _/ _/_/ _/ _/
_/_/_/ _/_/_/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/ _/ _/ _/ _/_/_/
_/ _/ _/ _/ _/ _/ _/ _/_/ _/ _/_/ _/ _/
_/ _/ _/_/_/_/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/_/_/
/\
/ \\ /\
Sponsored by... /\ /\/ \\V \/\
/ \\/ // \\\\\ \\ \/\
// // BLACK HILLS \/ \\
www.blackhillsinfosec.com
____ ____ ____ ____ _____ _ ____ ____ ____
|____] | ___/ |____| | | | |____ |____ |
| | \_ | | |____ | | ____| |____ |____
www.practisec.com
[recon-ng v5.0.0, Tim Tomes (@lanmaster53)]
[1] Recon modules
[recon-ng][default] >
Recon-ng 5 最大的改变是没有模块,需要下载。
下面介绍如何下载模块。
1.输入 marketplace refresh 更新模块列表
[recon-ng][default] > marketplace refresh
[*] Marketplace index refreshed.
[recon-ng][default] >
2.输入 marketplace search hackertarget 搜索模块索引
[recon-ng][sina] > marketplace search hackertarget
[*] Searching module index for 'hackertarget'...
+-----------------------------------------------------------------------------+
| Path | Version | Status | Updated | D | K |
+-----------------------------------------------------------------------------+
| recon/domains-hosts/hackertarget | 1.0 | installed | 2019-06-24 | | |
+-----------------------------------------------------------------------------+
D = Has dependencies. See info for details.
K = Requires keys. See info for details.
[recon-ng][sina] >
3.输入 marketplace install recon/domains-hosts/hackertarget ,安装hackertarget模块
[recon-ng][default] > marketplace install recon/domains-hosts/hackertarget
[*] Module installed: recon/domains-hosts/hackertarget
[*] Reloading modules...
[recon-ng][default] >
4.输入 modules load recon/domains-hosts/hackertarget 加载模块
[recon-ng][default] > modules load recon/domains-hosts/hackertarget
[recon-ng][default][hackertarget] >
输入 info 查看信息
[recon-ng][default][hackertarget] > info
Name: HackerTarget Lookup
Author: Michael Henriksen (@michenriksen)
Version: 1.0
Description:
Uses the HackerTarget.com API to find host names. Updates the 'hosts' table with the results.
Options:
Name Current Value Required Description
------ ------------- -------- -----------
SOURCE default yes source of input (see 'show info' for details)
Source Options:
default SELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL
string representing a single input
path to a file containing a list of inputs
query database query returning one column of inputs
[recon-ng][sina][hackertarget] >
4.输入 options set SOURCE rapid7.com , 改变选项SOURCE显示rapid.com主机
[recon-ng][default][hackertarget] > options set SOURCE rapid7.com
SOURCE => rapid7.com
[recon-ng][default][hackertarget] > run
----------
RAPID7.COM
----------
[*] [host] rapid7.com (13.249.47.238)
[*] [host] scanner1.labs.rapid7.com (71.6.233.2)
[*] [host] scanner2.labs.rapid7.com (71.6.233.129)
[*] [host] scanner3.labs.rapid7.com (31.24.231.211)
[*] [host] scanner4.labs.rapid7.com (31.24.231.223)
[*] [host] sonar.labs.rapid7.com (34.236.82.205)
...
模块添加完成,输入show hosts查看
[recon-ng][default] > show hosts
+---------------------------------------------------------------------------------------------------------------------------------+
| rowid | host | ip_address | region | country | latitude | longitude | module |
+---------------------------------------------------------------------------------------------------------------------------------+
| 1 | rapid7.com | 99.84.219.205 | | | | | hackertarget |
| 2 | hostedconsole-pso-01.rapid7.com | 208.118.237.241 | | | | | hackertarget |
| 3 | securitysolutions-01.rapid7.com | 208.118.237.81 | | | | | hackertarget |
| 4 | smtp001.rapid7.com | 64.125.235.5 | | | | | hackertarget |
| 5 | va1.rapid7.com | 208.118.237.38 | | | | | hackertarget |
| 6 | smtp002.rapid7.com | 208.118.227.12 | | | | | hackertarget |
| 7 | va2.rapid7.com | 208.118.237.39 | | | | | hackertarget |
| 8 | owa2.rapid7.com | 208.118.227.14 | | | |
..............................................................................................................................................
| 134 | www.rapid7.com | 13.32.204.13 | | | | | hackertarget |
| 135 | cf-gagvufh363u546y.rapid7.com | 35.169.78.237 | | | | | hackertarget |
| 136 | legacy.rapid7.com | 208.118.227.15 | | | | | hackertarget |
| 137 | community.rapid7.com | 34.210.186.136 | | | | | hackertarget |
+---------------------------------------------------------------------------------------------------------------------------------+
[*] 137 rows returned
[recon-ng][default] >