lanmaster53 / recon-ng-marketplace Goto Github PK

Hello,

the recon-ng license is clearly indicated in the LICENSE file.
I think it's important to add a similar file here to clarify the license.

Thanks,
Sophie

The shodan_ip module frequently returns the following error:

[!] HTTPSConnectionPool(host='api.shodan.io', port=443)  Read timed out. (read timeout=10).
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

This happened to me multiple times after querying between 1-5 ip_addresses.

framework version: latest github/master tagged 5.0
module version: 1.0

Is the feature request related to a tool? Please describe.
From the site:

Intelligence X allows you to perform a search for these selector types:
- Email address
- Domain, including wildcards like *.example.com
- URL
- IP, CIDR. Both IPv4 and IPv6 are fully supported.
- Phone Number
- Bitcoin address
- MAC address
- IPFS Hash
- Credit Card Number
- Social Security Number
- IBAN (International Bank Account Number)
... and other internal ones like UUID, Storage ID, Simhash

Does the tool have a web API?

No it doesn't look like it, but it does have a decently cheap pro tier

Describe the expected module functionality.

• Domain -> Creds
• Contacts -> Creds
• Domain -> Leaks
• Contact -> Leaks

Even with a valid key from IPInfoDB, getting a timeout error when submitting IPs to the module for IP to geolocation identification. Anyone else having this same issue?

Even set the timeout to 240 seconds to allow extra time, still doesn't work.

cache_snoop

https://github.com/lanmaster53/recon-ng-marketplace/blob/master/modules/discovery/info_disclosure/cache_snoop.py

Bug Description
[AttributeError: module 'dns' has no attribute 'query']

Just putting this here so we can get off the spreadsheet

It has moved to openbugbounty.org. This api actually exists on that domain, but the info has changed.

Would it be possible to please add a "notes" column to the "ports" table as freeform text, so modules can put notes about the port. This could include service information as imported from Nmap, for example.

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/ipstack

Bug Description
Have API key for ipstack and ipstack will not run. Is seems theh the API key is not used when executed. (See REQUEST section)

[recon-ng][cgi][ipstack] > keys add ipstack_api f64a7e2bad5d37e0407xxxxxxxxxxxxxx
[*] DATABASE => /home/jan/.recon-ng/keys.db
[*] QUERY => UPDATE keys SET value=? WHERE name=?
[*] VALUES => ('f64a7e2bad5d37e0407xxxxxxxxxxxxxx', 'ipstack_api')
[*] Key 'ipstack_api' added.
[recon-ng][cgi][ipstack] > run
[*] DATABASE => /home/jan/.recon-ng/workspaces/cgi/data.db
[*] QUERY => SELECT DISTINCT ip_address FROM hosts WHERE ip_address IS NOT NULL
[*] ========================= REQUEST =========================
url:    http://api.ipstack.com/64.254.16.84?access_key=None
method: GET /64.254.16.84?access_key=None
header: User-Agent: Recon-ng/v5
header: Accept-Encoding: gzip, deflate
header: Accept: */*
header: Connection: keep-alive
[*] ========================= RESPONSE =========================
status: 200 OK
header: Server: nginx
header: Date: Sat, 21 Dec 2019 15:22:15 GMT
header: Content-Type: application/json; Charset=UTF-8
header: Transfer-Encoding: chunked
header: X-Apilayer-Transaction-Id: 5933e2e4-6fd7-4fd1-a552-9e48dc4d514e
header: Access-Control-Allow-Methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
header: Access-Control-Allow-Origin: *
header: X-Request-Time: 0.008
body:   b'{"success":false,"error":{"code":101,"type":"invalid_access_key","info":"You have not supplied a valid API Access Key. [Technical Support: [email protected]]"}}'
------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/share/recon-ng/recon/core/module.py", line 291, in do_run
    self.module_run(*params)
  File "/home/jan/.recon-ng/modules/recon/hosts-hosts/ipstack.py", line 25, in module_run
    region = ', '.join([jsonobj[x] for x in ['city', 'region_name'] if jsonobj[x]]) or None
  File "/home/jan/.recon-ng/modules/recon/hosts-hosts/ipstack.py", line 25, in <listcomp>
    region = ', '.join([jsonobj[x] for x in ['city', 'region_name'] if jsonobj[x]]) or None
KeyError: 'city'
------------------------------------------------------------
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.
[*] DATABASE => /home/jan/.recon-ng/workspaces/cgi/data.db
[*] QUERY => INSERT OR REPLACE INTO dashboard (module, runs) VALUES ('recon/hosts-hosts/ipstack', COALESCE((SELECT runs FROM dashboard WHERE module='recon/hosts-hosts/ipstack')+1, 1))

Steps to Reproduce
[Steps to reproduce the behavior:

1. Added API key for ipstack
2. hosts tabel is populated with data. Lots of ip_adresses
3. run ipstack and it crashes

Expected Behavior
Expected module to run and add locations in hosts table

Screenshots
[If applicable, screenshots to help explain the problem.]

Additional Context

[recon-ng][cgi] > options set VERBOSITY 1
VERBOSITY => 1
[recon-ng][cgi] > modules load recon/hosts-hosts/ipstack
[recon-ng][cgi][ipstack] > run
[!] 'city'.
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

你好,在使用recon/contacts-credentials/hibp_paste 出现报错。

我的 options set SOURCE [email protected]如下结果

Hello everyone !

I'm new with recon-ng, and for the first try I tried to use the module cache-snoop, I put a correct and functional IP in NAMESERVER and run it, but i've got this message, "Module 'dns' has no attribute 'message'.". I tried with others IP and I still get this message, don't know what the issue here. If someone could help me :)

Thanks !

issue with running module.

Is the feature request related to a tool? Please describe.
PSBDMP is a site that lets you search pastebin, with a pretty powerful api

Does the tool have a web API?
Yes

Describe the expected module functionality.

• Domains -> Leaks
• Contacts -> Leaks

The resource is offline. I reached out to them. They acknowledged a known issue and recommended we move to http://pool.sks-keyservers.net:11371/. Should be an easy switch.

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/import/list

Bug Description
When importing a list of multiple items (one per line), the module only imports the first item and then throws an error. "[!] Not all arguments converted during string formatting."

Steps to Reproduce
modules load import/list
options set TABLE domains
options set COLUMN domain
options set FILENAME /home/blah/domains.txt
run

At first I assumed my input files were bad or poorly formatted, however I was able to reproduce the issue by opening an editor and manually typing in a few lines.

Expected Behavior
Previously (before 5 -> 5.1 upgrade?) the module would execute without error, processing all list items in the text file. Items already in the database would not be duplicated. Items present in the file, which were not currently in the database, would be inserted into the database table.

Screenshots
[If applicable, screenshots to help explain the problem.]

Additional Context
recon-ng version 5.1.0
python 3.7.3

The whois_pocs module does kick off a URL search correctly of...
http://whois.arin.net/rest/pocs;domain=NameOfDomain.com

Even going to the above URL works and shows the actual POC(s) but the data doesn't get returned into recon-ng.

This was working fine in version 4.9.3 but since upgrading to version 5.0.0, this module doesn't return data any longer.

The above module on running it gives the following error

!] Expecting value line 1 column 1 (char 0).
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

If the API responds with a contact that doesn't have any email addresses, it fails out at line 65. The reason it works sometimes is because of line 49, but even then it isn't working properly because it only stores the last email address received (the last iteration of the for loop). There needs to be better logic that detects if there are several emails, then creates a contact for each one, but will also create a single contact if there are none. Also, any other fields that can return multiple results also need to be considered here.

I don't know how to deal with this issue, can you please tell me ?
[!] Module 'recon/domains-hosts/brute_hosts' disabled. Dependency required: ''dns''.
recon-ng complains about dns dependency.

Module Name

https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/recon/domains-companies/pen.py

Bug Description

The description talks about updating the domains table, but it updates the companies table. I think this is a copy and paste issue from a similar module with similar logic that harvests domain.

Steps to Reproduce

1. Install the module.
2. Load the module.
3. Read the module info.

Expected Behavior

Have an accurate description of its behavior.

Upgrade the modules to include the new API key

https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/

Module Name
Which module is affected?

https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/recon/domains-domains/brute_suffix.py

Bug Description

/home/{user}/.recon-ng/modules/recon/domains-domains/brute_suffix.py:28: SyntaxWarning: "is not" with a literal. Did you mean "!="?
words = [line.strip().lower() for line in fp if len(line)>0 and line[0] is not '#']

Steps to Reproduce

marketplace install recon/domains-domains/brute_suffix

Module Name
Netcraft
Bug Description
When I try to run recon-ng with the module netcraft, the execution fails showing the error 'Response' object has no attribute 'cookiejar'

Steps to Reproduce
[Steps to reproduce the behavior:

1. Go to recon-ng in your Kali Linux
2. Install the module recon/domain-hosts/netcraft
3. Load the netcraft module
4. Set any source
5. Make run
6. See the error I paste above

Expected Behavior
This module should print all the subdomains of the source we have selected, but shows the error.

Screenshots

Need to properly error when the correct options are not set. When I was missing the COLUMN option all that is returned for an error is

[recon-ng][health.mil][list] > options set TABLE domains
TABLE => domains
[recon-ng][health.mil][list] > run
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

Would be easier if we just had a message to tell the user they are missing a required option.

While using the Shodan API from recon-ng the protocols for each port found by shodan_ip always show up as .

Is the feature request related to a tool? Please describe.
A Social Media Mapping Tool that correlates profiles via facial recognition by Jacob Wilkin (Greenwolf).

Does the tool have a web API?
No, code found here

Describe the expected module functionality.
The idea would be to correlate social media profiles using facial recognition instead of relying on reused usernames

• Expected input: Profile
• Expected output: A different profile

Additional context
Adding this to recon-ng would require taking on some dependancies, but it has potential to crack open investigations that might have hit a dead end.

Needs to be reviewed and updated.

I used the metacrawler module about a week ago, and it ran great. I went to update recon-ng this week, and now metacrawler will not run correctly.

I'm using keloland.com as an example only. As you can see the EXTRACT is set to True and the SOURCE is set to keloland.com. When I run it, this shows up first: https://accounts.google.com/ServiceLogin?continue=https://www.google.com/search%3Fq%3Dsite:keloland.com%2Bfiletype:doc%2BOR%2Bfiletype:xls%2BOR%2Bfiletype:ppt%2BOR%2Bfiletype:docx%2BOR%2Bfiletype:xlsx%2BOR%2Bfiletype:pptx%2BOR%2Bfiletype:pdf%26start%3D0%26num%3D100%26complete%3D0&hl=en. This happens for any source I use. I know the sources that I use have many files, because I ran the same thing last week with different results.

Am I missing something?

Module Name
Which module is affected?
Module name: discovery/info_disclosure/interesting_files
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/discovery/info_disclosure/interesting_files

Bug Description
When running the interesting_files modules using the hosts from the database (I used the module recon/domains-hosts/bing_domain_web to find some hosts), the module only runs for a few seconds and then throws an error. "[!] Can't concat str to bytes.
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting."

Steps to Reproduce

1. add some hosts to the database (I used the module recon/domains-hosts/bing_domain_web to find some hosts and add them)
2. marketplace refresh
3. marketplace install discovery/info_disclosure/interesting_files
4. modules load discovery/info_disclosure/interesting_files
5. run
6. it runs for a few seconds and then it trow the error (check screenshot 2 and outputDebugs.txt)

Expected Behavior
it should provide a list of interesting files on the hosts and download them

Screenshots
Screenshot showing the options used in the module:

Screenshot showing the error used in the module:

Output text (setting the VERBOSTY lever to 2):
outputDebugs.txt

Additional Context
Platform: Macbook Air (Early 2015) macOS Catalina Version 10.15.1
Python version: 3.7.0
Recon-ng: recon-ng v5.0.1

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/blob/master/modules/recon/domains-hosts/threatminer.py

Bug Description
[A clear and concise description of the bug.]
Response is 403 Forbidden; response is not JSON so parser throws error.

Steps to Reproduce
Steps to reproduce the behavior:

1. Go to threatminer module, set SOURCE to vwrm.com and run
2. See error below

[*] ========================= REQUEST =========================
url:    https://api.threatminer.org/v2/domain.php?rt=5&q=vwrm.com
method: GET /v2/domain.php?rt=5&q=vwrm.com
header: User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
header: Accept-Encoding: gzip, deflate
header: Accept: */*
header: Connection: keep-alive
[*] ========================= RESPONSE =========================
status: 403 Forbidden
header: Date: Fri, 08 Nov 2019 02:45:30 GMT
header: Content-Type: text/html; charset=UTF-8
header: Transfer-Encoding: chunked
header: Connection: keep-alive
header: Set-Cookie: __cfduid=d0953c1908dd65f36517060f8bfb3471a1573181130; expires=Sat, 07-Nov-20 02:45:30 GMT; path=/; domain=.threatminer.org; HttpOnly
header: Cache-Control: max-age=10
header: Expires: Fri, 08 Nov 2019 02:45:40 GMT
header: X-Frame-Options: SAMEORIGIN
header: Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
header: Vary: Accept-Encoding
header: Server: cloudflare
header: CF-RAY: 532436144f3ea5a0-NRT
header: Content-Encoding: gzip
body:   b'<!DOCTYPE html>\n<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->\n<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->\n<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->\n<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->\n<head>\n<title>Access denied | api.threatminer.org used Cloudflare to restrict access</title>\n<meta charset="UTF-8" />\n<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />\n<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />\n<meta name="robots" content="noindex, nofollow" />\n<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1" />\n<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" type="text/css" media="screen,projection" />\n<!--[if lt IE 9]><link rel="stylesheet" id=\'cf_styles-ie-css\' href="/cdn-cgi/styles/cf.errors.ie.css" type="text/css" media="screen,projection" /><![endif]-->\n<style type="text/css">body{margin:0;padding:0}</style>\n\n\n<!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/zepto.min.js"></script><!--<![endif]-->\n<!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/cf.common.js"></script><!--<![endif]-->\n\n\n\n</head>\n<body>\n  <div id="cf-wrapper">\n    <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>\n    <div id="cf-error-details" class="cf-error-details-wrapper">\n      <div class="cf-wrapper cf-header cf-error-overview">\n        <h1>\n          <span class="cf-error-type" data-translate="error">Error</span>\n          <span class="cf-error-code">1010</span>\n          <small class="heading-ray-id">Ray ID: 532436144f3ea5a0 &bull; 2019-11-08 02:45:30 UTC</small>\n        </h1>\n        <h2 class="cf-subheadline">Access denied</h2>\n      </div><!-- /.header -->\n\n      <section></section><!-- spacer -->\n\n      <div class="cf-section cf-wrapper">\n        <div class="cf-columns two">\n          <div class="cf-column">\n            <h2 data-translate="what_happened">What happened?</h2>\n            <p>The owner of this website (api.threatminer.org) has banned your access based on your browser\'s signature (532436144f3ea5a0-ua60).</p>\n          </div>\n\n          \n        </div>\n      </div><!-- /.section -->\n\n      <div class="cf-error-footer cf-wrapper">\n  <p>\n    <span class="cf-footer-item">Cloudflare Ray ID: <strong>532436144f3ea5a0</strong></span>\n    <span class="cf-footer-separator">&bull;</span>\n    <span class="cf-footer-item"><span>Your IP</span>: 2400:8902::f03c:91ff:feae:227c</span>\n    <span class="cf-footer-separator">&bull;</span>\n    <span class="cf-footer-item"><span>Performance &amp; security by</span> <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=error_footer" id="brand_link" target="_blank">Cloudflare</a></span>\n    \n  </p>\n</div><!-- /.error-footer -->\n\n\n    </div><!-- /#cf-error-details -->\n  </div><!-- /#cf-wrapper -->\n\n  <script type="text/javascript">\n  window._cf_translation = {};\n  \n  \n</script>\n\n</body>\n</html>\n'
------------------------------------------------------------
Traceback (most recent call last):
  File "/home/david/Tools/recon-ng/recon/core/module.py", line 299, in do_run
    self.run()
  File "/home/david/Tools/recon-ng/recon/core/module.py", line 293, in run
    self.module_run(*params)
  File "/home/david/.recon-ng/modules/recon/domains-hosts/threatminer.py", line 17, in module_run
    if resp.json().get('status_code') == '200':
  File "/home/david/Envs/recon-ng/lib/python3.6/site-packages/requests/models.py", line 897, in json
    return complexjson.loads(self.text, **kwargs)
  File "/usr/lib/python3.6/json/__init__.py", line 354, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python3.6/json/decoder.py", line 339, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib/python3.6/json/decoder.py", line 357, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
------------------------------------------------------------
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

Expected Behavior
[A clear and concise description of the expected behavior.]

Use curl to see that response should be 200 OK and small JSON:

$ curl --include 'https://api.threatminer.org/v2/domain.php?rt=5&q=vwrm.com'
HTTP/2 200
date: Fri, 08 Nov 2019 02:53:48 GMT
content-type: application/json; charset=utf-8
content-length: 98
set-cookie: __cfduid=d371e6a01512450a84c45d066ba0b54f71573181628; expires=Sat, 07-Nov-20 02:53:48 GMT; path=/; domain=.threatminer.org; HttpOnly
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5324423aaf9be6fc-EWR

{"status_code":"200","status_message":"Results found.","results":["www.vwrm.com","mail.vwrm.com"]}

Screenshots
[If applicable, screenshots to help explain the problem.]

Additional Context
[Any other context about the problem.]

there is no facebook options for adding keys? i did install all the marketplace but still same

Appears to be an error with the version of openssl on the machine in question. Still digging into this but wanted to make an issue for myself and I will fix it later.

OpenSSL 1.1.1c 28 May 2019

[recon-ng][default][whois_miner] > run
[*] URL: http://whois.arin.net/rest/orgs;name=Paypal

PAYPAL

[!] ("bad handshake Error([('SSL routines', 'tls_process_ske_dhe', 'dh key too small')])",).
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/recon/domains-hosts/findsubdomains.py

Bug Description
The website clearly finds subdomains but the module returns nothing. I debugged and apparently the site has changed and the parser is failing to extract subdomains. There is some work to be done here because it paginates too, which this module didn't do.

Steps to Reproduce
See above.

Expected Behavior
Return the same results as the web interface.

For some reason, my entire modules package/directory... is gone. Where can I go and get these? Yes, newbie shit here... don't troll. Or do, its kind of a dumb question.

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/recon/hosts-hosts/ipinfodb
Bug Description
After add a API KEY and run the module, the module reports an error or too much queries per second. Run the module using verbosity 2 and looks like the module doesn't catch the api key properly. See below: URL Didn't contains the KEY. KEy is NONE.
========================= REQUEST =========================
url: http://api.ipinfodb.com/v3/ip-city/?key=None&ip=52.97.133.184&format=json
method: GET /v3/ip-city/?key=None&ip=52.97.133.184&format=json
header: User-Agent: Recon-ng/v5
header: Accept-Encoding: gzip, deflate
header: Accept: /
header: Connection: keep-alive
[*] ========================= RESPONSE =========================
status: 200 OK
header: Server: nginx
header: Date: Thu, 10 Oct 2019 08:14:52 GMT
header: Content-Type: application/json; charset=UTF-8
header: Content-Length: 252
header: Connection: keep-alive
header: Access-Control-Allow-Origin: *
body: b'{\n\t"statusCode" : "ERROR",\n\t"statusMessage" : "Invalid API key.",\n\t"ipAddress" : "52.97.133.184",\n\t"countryCode" : "",\n\t"countryName" : "",\n\t"regionName" : "",\n\t"cityName" : "",\n\t"zipCode" : "",\n\t"latitude" : "0",\n\t"longitude" : "0",\n\t"timeZone" : ""\n}'

Steps to Reproduce
[Steps to reproduce the behavior:

1. Key add ipinfodb_api
2. modules load ipinfodb
3. workspaces select <=== it contains a previous host recon.
4. run

Expected Behavior
Just fill the host table with geo info.

Screenshots
[If applicable, screenshots to help explain the problem.]

Additional Context
[Any other context about the problem.]

This module is a duplicate of ssl_san which is querying the SSLTools API to collect this same information.

plz help i already update my recon-ng and when i run any modules error raise (source contain no output)and can't run any modulo??

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/import/nmap.py

Bug Description
When attempting to import an NMAP scan into Recon-NG through import/nmap the following traceback error is thrown:

Traceback (most recent call last):
File "/usr/share/recon-ng/recon/core/module.py", line 347, in do_run
self.run()
File "/usr/share/recon-ng/recon/core/module.py", line 341, in run
self.module_run(*params)
File "/root/.recon-ng/modules/import/nmap.py", line 18, in module_run
tree = ElementTree.parse(f)
File "/usr/lib/python3.7/xml/etree/ElementTree.py", line 1197, in parse
tree.parse(source, parser)
File "/usr/lib/python3.7/xml/etree/ElementTree.py", line 598, in parse
self._root = parser._parse_whole(source)
File "", line None
xml.etree.ElementTree.ParseError: no element found: line 383, column 0

Steps to Reproduce
[Steps to reproduce the behavior:

1. Load module import/nmap
2. Set source to path and name of file to be imported
3. double check module parameters by inputting the info command
4. Input 'run' command to run the module

Expected Behavior
NMAP XML results are imported into Recon-NG, parsed, and added to the appropriate table.

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/ipinfodb

Bug Description
On a fresh new kali linux 2020, I run ipinfodb it returns back 1 result for the domain in the SOURCE option not for all domains in the hosts table also it works correcly when I hand a file with several domains but it never updates the hosts table with the locations

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/
recon/companies-domains/viewdns_reverse_whois.py

Bug Description
Cannot connect to URL used in the code: 'http://viewdns.info/reversewhois/'
When run, returns 403 error (From Wikipedia: access to the requested (valid) URL by the client is Forbidden for some reason)

Steps to Reproduce
[Steps to reproduce the behavior:

1. [recon-ng][default] > modules load new/viewdns_reverse_whois
2. [recon-ng][default][viewdns_reverse_whois] > run
3. Results in error:
   [*] An error occured: 403
   ]

Expected Behavior
[Search should be performed by web-site, and domains found should be listed]

Screenshots
[If applicable, screenshots to help explain the problem.]

Additional Context
[Provider is now using HTTPS.
The URL just needs to be changed from http to https
This fix was tested and it works:

diff --git a/modules/recon/companies-domains/viewdns_reverse_whois.py b/modules/recon/companies-domains/viewdns_reverse_whois.py
index 13825ef..c10e7c1 100644
--- a/modules/recon/companies-domains/viewdns_reverse_whois.py
+++ b/modules/recon/companies-domains/viewdns_reverse_whois.py
@@ -17,7 +17,7 @@ class Module(BaseModule):
}

 def module_run(self, companies):

•    url = 'http://viewdns.info/reversewhois/'
  

•    url = 'https://viewdns.info/reversewhois/'
     for company in companies:
         self.heading(company, level=0)
         payload = {'q': company}
  

.]

No matter what values are given, xpath_bruter returns

[!]Name 'headers' is not defined.

This seems to be the most updated one, Version 1.0 Updated: 2019-06-24

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/certificate_transparency

Bug Description
I really like this module, but I noticed that the output is being stored in the hosts table in a format that isn't compatible with other modules. It is throwing multiple hostnames into a single host field in the hosts table. This breaks things like reverse_resolve because the host filed will then have data that isn't formatted like it is expected.

So if the module runs through one cert that has multiple dns names/hosts in it, the module will save the data out to a single host field. Below is an example if this was run on one cert and 3 domains were found in it and then the data was saved to row1. This is what the host field would look like for the single row:
Domain1.com
Domain2.com
Domain3.com

Opposed to making a new row for each domain name/host discovered.

So after you run this module, (at least against the domains I just did) it breaks anything that uses the host field in the hosts database because a lot of the other modules can't handle the host field full of multiple domains and returns. If I have time I will see if I can adjust that.

Steps to Reproduce
[Steps to reproduce the behavior:

1. load the module
2. Run against a certificate that will return multiple dns/host names
3. Try to run recon/hosts-hosts/resolve

Expected Behavior
When discovering hosts, save each of them to a separate row in the table.

I have a fresh new kalilinux 2020 setup and working correctly. I tried using ipstack module, when I run it I get

[recon-ng][sierac][ipstack] > run
[!] 'city'.
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

Thanks for your help

when i run netcraft i get this error:

Module Name
Which module is affected?
https://github.com/lanmaster53/recon-ng-marketplace/tree/master/modules/recon/contacts-credentials/hibp_breach.py

Bug Description
When running recon/contacts-credentials/hibp_breach the following error pops up:

[!] String indices must be integers.
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

Edit: More info. I set VERBOSITY to 2.

[recon-ng][default][hibp_breach] > run
[*] ========================= REQUEST =========================
url:    https://haveibeenpwned.com/api/v3/breachedaccount/gsebas94%40gmail.com?truncateResponse=false
method: GET /api/v3/breachedaccount/gsebas94%40gmail.com?truncateResponse=false
header: User-Agent: Recon-ng/v5
header: Accept-Encoding: gzip, deflate
header: Accept: */*
header: Connection: keep-alive
[*] ========================= RESPONSE =========================
status: 401 Unauthorized
header: Date: Wed, 13 Nov 2019 05:32:25 GMT
header: Content-Type: application/json
header: Content-Length: 78
header: Connection: keep-alive
header: Set-Cookie: __cfduid=d02043f02a5e86b6ddcd480dc79dfa5cd1573623145; expires=Thu, 12-Nov-20 05:32:25 GMT; path=/; domain=.haveibeenpwned.com; HttpOnly
header: Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
header: X-Content-Type-Options: nosniff
header: Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
header: Vary: Accept-Encoding
header: Server: cloudflare
header: CF-RAY: 534e5d735c3def0a-MIA
body:   b'{ "statusCode": 401, "message": "Access denied due to missing hibp-api-key." }'
------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/share/recon-ng/recon/core/module.py", line 291, in do_run
    self.module_run(*params)
  File "/root/.recon-ng/modules/recon/contacts-credentials/hibp_breach.py", line 35, in module_run
    self.alert(f"{account} => Breach found! Seen in the {breach['Name']} breach that occurred on "
TypeError: string indices must be integers
------------------------------------------------------------
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.
[*] DATABASE => /root/.recon-ng/workspaces/default/data.db
[*] QUERY => INSERT OR REPLACE INTO dashboard (module, runs) VALUES ('recon/contacts-credentials/hibp_breach', COALESCE((SELECT runs FROM dashboard WHERE module='recon/contacts-credentials/hibp_breach')+1, 1))

Steps to Reproduce
[Steps to reproduce the behavior:

1. Set SOURCE option with whatever email address
2. Issue 'run' command

Expected Behavior
Displays results

Screenshots

Additional Context
Running on recon-ng v5.0.1
Running on recon/contacts-credentials/hibp_breach.py v1.2

Module Name

whois_miner

Bug Description

--------------------
COMPANY
--------------------
[!] HTTPSConnectionPool(host='whois.arin.net', port=443): Max retries exceeded with url: /rest/org/COMPANY (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_ske_dhe', 'dh key too small')])"))).
[!] Something broken? See https://github.com/lanmaster53/recon-ng/wiki/Troubleshooting#issue-reporting.

Steps to Reproduce

1. Run the module w/ data in the "companies" table

Expected Behavior

Module functionality

When I'm running recon and I go to load the freegeoip into resolve it says invalid module. I'm trying to do this for a class but not getting alot of feed back from the professor.

I am able to get the ip address but whe I go to get the latitude and longitudes via freegeoip nothing happens. Is there another geo module I can load or is there a way to add the freegeoip module that I'm missing. Thank you in advance

This is something that I've thought about, but have avoided because of the workload I know it will generate. It would require that we set standards for what a test looks like and does, then make sure tests are written prior to merging a module into the repo. My initial thought is to add a test command/method to each module, then programmatically load every module and execute test. Problem is, web resources are very unpredictable, and it won't be feasible to test for all possibilities.