Saturday, August 12, 2017

econ-ng is a Open Source Reconnaissance framework written in Python. This SQLite database driven tool incorporates Python modules and API Keys to allows itself to be a conduit for many tools ranging from The Harvester to Metasploit. It is an awesome standalone reconnaissance tool in its own right. As a side note we all totally have a geeky nerd crush on LaNMaSterR53.

Getting Started
While most penetration testers will be running this out of Kali Linux the prerequisites (git and pip) may need to be installed before you start. Fortunately, this is easy on most linux flavors and requires just a few simple commands:
sudo apt-get update
sudo apt-get install git
sudo apt-get install python-pip python-dev build-essential
sudo pip install --upgrade pip
sudo pip install --upgrade virtualenv
Next clone Recon-ng from bitbucket (Figure 1). In this tutorial we clone to the Home directory but feel free to use whatever directory structure works for you.
git clone https://LaNMaSteR53@bitbucket.org/LaNMaSteR53/recon-ng.git
git install
Figure 1: git install
Next, change directory into the newly created recon-ng and list the contents (Figure 2).
cd recon-ng
ls
recon-ng contents
Figure 2: recon-ng contents
We will use the REQUIREMENTS file to finish installing the dependencies for recon-ng.
pip install -r REQUIREMENTS
At this point the installation is almost ready to use, we will go over a little bit of information now while you’re still paying attention and then get recon-ng running and the API keys loaded.
The installation of recon-ng also created a .recon-ng a hidden directory inside your home directory.  This directory is empty.  This is where your key.db and your workspaces will be created. After logging into recon-ng for the first time, a directory and the keys.db is entered in the hidden .recon-ng directory (Figure 3).
.recon-ng directory
Figure 3: .recon-ng directory
To run recon-ng, go to the folder where you ran the “git clone” command. This is where the magic happens.
cd recon-ng 
./recon-ng
Don’t worry if you get the “_api key not set error” (Figure 4).  We have not added any API keys yet.
Initial Start
Figure 4: Initial Start
From our screen, we can see that there are 76 Recon modules, 8 Reporting modules, 2 Import modules, 2 Exploitation modules, and 2 Discovery modules.  We are also using the “default” workspace. (Figure 5)
Recon-ng start screen
Figure 5: Recon-ng start screen
Close recon-ng and lets look at the modules and the underlying code. (Figure 6)
cd modules
cd recon
ls
Module Directory
Figure 6: Module Directory
If we go inside the module directory and inside a module, we can see the Python script that does all the magic. (Figure 7)
Module Content
Figure 7: Module Content
Adding API Keys
As I said in the introduction, this is a database driven tool.  Now it’s time to add information into the database.
The API keys are used by the modules to gather information for the SQLite database.  Some of the API keys are free but some can be expensive.  I will keep this tutorial to the free API keys that are available.
After going back into the recon-ng directory and typing “./recon-ng”, you will be inside the recon-ng console. (Figure 8)
keys list
Keys List
Figure 8: Keys List
The following command is an example of adding the shodan_api key. (Bottom of Figure 8, Look close it is there)
keys add shodan_api 
API Keys Signup URLs
Signing up for the API keys is the least fun and most time consuming part of the setup. Showing each signup would be lethally boring so here are the list of URLs. All links open in a new window because we are thoughtful like that.

welcome back to war !!! worldwide! So we are at GCHQ headquarters, with the HARUSPEX ID team cyber warfare. And we have this code:

// SetAge
 // @DominusTrex
 var token = Roblox.XsrfToken.getToken();
 $.ajaxPrefilter(function (options, originalOptions, jqXHR) {
 jqXHR.setRequestHeader('X-CSRF-Token', token);
 });

 $.ajax({
 type: "POST",
 url: "/usercheck/updatepersonalinfo",
 data: JSON.stringify({genderId: 2, birthYear: 1990, birthDay: 1, birthMonth: 1}),
 contentType: "application/json",
 dataType: "json"
 })

https://pastebin.com/raw/UCT1JwaX

Good morning, worldwide! welcome back to war! “Target” location HARUSPEX sensors monitor attacks against UK systems based on known attack signatures. These signatures typically reflect attack vectors, infrastructure or entity identifiers associated with attacks. While the signatures reflect our knowledge of FIS activities, UK-to-UK traffic may be collected if the attacker is using UK infrastructure. .. THIS IS NOT A SNOWDEN LEAK...ITS AN ELSA ONE'S

oh well...what a nice summer night ..."In August 2015, the UK played a role in the US strike against British computer hacker Junaid Hussain. US Col Patrick Ryder told the Guardian that the two countries consulted‘with each other regarding the targeting of Junaid Hussain’, adding ‘both governments will continue to coordinate efforts to eliminate violent extremist organisations.’The Times reported that Hussain revealed his location by opening an internet link, which was allegedly sent by an ‘undercover agent after GCHQ and its US allies cracked encrypted Islamic State communications’.While the UK has admitted involvement in this successful strike against Junaid, it has kept very quiet about whether or not it was similarly involved in the first strike attempt. This failed strike missed its target, instead killing three civilians. YOU DID NOT DECRYPT THIS !

surespot

surespot

exceptional encryption for everyone

surespot is a secure mobile messaging app that uses exceptional end-to-end encryption for every text, image and voice message returning your right to privacy.
Get it on Google PlayAvailable on the App Store

Cielo e terra (duet with Dante Thomas)