Tim Tomes avatar Tim Tomes committed 3cadad2

updated documentation to reflect framework changes.

Comments (0)

Files changed (1)

 
 === Getting Started
 
-* Clone the Recon-ng repository to your local system with {{{git clone https://LaNMaSteR53@bitbucket.org/LaNMaSteR53/recon-ng.git}}}. Change into the Recon-ng directory {{{cd recon-ng}}} and launch with {{{./recon-ng.py}}}.
+* Clone the Recon-ng repository to your local system with {{{git clone https://LaNMaSteR53@bitbucket.org/LaNMaSteR53/recon-ng.git}}}. Change into the Recon-ng directory {{{cd recon-ng}}} and launch with {{{./recon-ng.py}}}. Use {{{./recon-ng.py -h}}} for information on runtime options.
 
-* There is no guaranteed that the included 3rd party libraries will work on all systems and architectures. If load errors are encountered, try downloading, compiling, and replacing the library which is raising exceptions. There is no need to install 3rd party libraries to the system. The required 3rd party libraries are located in the "libs" folder and have been tested on OS X Mountain Lion 64bit, Ubuntu Linux 64bit, and BackTrack5 R3 x86. Below is a list of the included 3rd party libraries.
+* There is no guaranteed that the included 3rd party libraries will work on all systems and architectures. If load errors are encountered, try downloading, compiling, and replacing the library which is raising exceptions.
+
+* There is no need to install 3rd party libraries to the system. The required 3rd party libraries are located in the "libs" folder and have been tested on OS X Mountain Lion 64bit, Ubuntu Linux 64bit, and BackTrack5 R3 x86. Below is a list of the included 3rd party libraries.
 ** dnspython - http://www.dnspython.org/
 ** httplib2 - http://code.google.com/p/httplib2/
 ** python-oauth2 - https://github.com/synedra/python-oauth2
 
 Below are a few helpful nuggets to get you started on using the Recon-ng framework. While not all features are covered, the following notes will help make sense of a few of the frameworks more helpful and complex features.
 
-* After loading a module, the context of the framework changes, and a new set of commands and options are made available to the user. These commands and options are unique to the module. Use the "help" and "options" commands to gain familiarity with the framework and available commands and options at the root and module contexts.
+* After loading a module, the context of the framework changes, and a new set of commands and options are made available to the user. These commands and options are unique to the module. Use the "help" and "show" commands to gain familiarity with the framework and available commands and options at the root and module contexts.
 
 * The "info" command is another helpful way to discover the capabilities of the framework. The "info" command will return detailed information about a specified module. Spend some time exploring modules with the "info" command in order to get a sense for how information flows through the framework.
 
-* The "query" command assists in managing and understanding the data stored in the database. Users are expected to know and understand Structured Query Language (SQL) in order to interact with the database via the "query" command. The "schema" command provides a graphical representation of the database schema to assist in building SQL queries.
+* The "query" command assists in managing and understanding the data stored in the database. Users are expected to know and understand Structured Query Language (SQL) in order to interact with the database via the "query" command. The "show schema" command provides a graphical representation of the database schema to assist in building SQL queries.
 
 * Pay attention to the global options. Global options are the options that are available at the root context of the framework. In many cases, global options are inherited by modules. While module options can still be set individually, it is often easier to leverage global options so that the same information doesn't have to be entered repeatedly. Global options also have a global effect on how the framework operates. Global options such as "verbosity" and "proxy" drastically change how the modules present feedback and make web requests. Explore and understand the global options before diving into the modules.
 
 * The "reload" command gives users the ability to reload all modules without restarting the framework. This is mainly a development feature. During development, users will need to repeatedly reload the framework to test code changes. The "reload" command provides the capability to reload modules while maintaining command history and global options settings.
 
-* As the framework grows, the "search" command will become an important feature. The "search" command provides the capability to search the titles of all loaded modules and return positive matches.
+* As the framework grows, the "search" command will become an important feature. The "search" command provides the capability to search the names of all loaded modules and present the matches to the user.
 
-* The entire framework is equipped with command completion. Whether exploring standard commands, or passing parameters commands, tap the "tab" key and you'll be presented with all of the available options for that command or parameter.
+* The entire framework is equipped with command completion. Whether exploring standard commands, or passing parameters to commands, tap the "tab" key and you'll be presented with all of the available options for that command or parameter.
 
 * While the "shell" command and "!" alias give users the ability to run system commands on the local machine from within the framework, neither of these commands is necessary to achieve this functionality. Any input that the framework does not understand as a framework command is executed as a system command. Therefore, the only time that "shell" or "!" is necessary is when the desired command shares the same name as a framework command.
 
 === Scripting the Framework
 
 * The entire framework is scriptable through the use if a resource file. A resource file is a plain text file containing a list of commands for the framework. By referencing the resource file when executing Recon-ng, {{{./recon-ng -r resource.file}}}, the framework will read in the list of commands from the file and feed them to the command interpreter, in sequence. The resource file does not have to end by exiting the framework. The framework will automatically detect the end of the resource file and hand stdin back over to the terminal session for user input. The script is complete when the framework prompt looks looks like this: {{{recon-ng > EOF}}}.
+
+* To make it easy to create resource files, the framework is equipped with the ability to record commands. The "record" command gives users the ability to start and stop command recording, or check the current recording status. The destination file for the recorded commands is set using the global option, "REC_FILE".
 \\\\
 ----
 = Development Guide
 
 * The "libs" folder is for 3rd party dependancies. It is added to the Python path at runtime. Place packages here and import as normal into the module. There is no need to install 3rd party packages.
 
-* The "modules" folder is crawled at runtime to establish the module tree from which all modules are loaded. Place new modules where it makes logical sense, or create a new folder under the "modules" folder to expand the module tree.
+* The "modules" folder is crawled at runtime to establish the module tree from which all modules are loaded. Place new modules where it makes logical sense, or create a new folder to expand the module tree.
 
 === Module Template
 
         self.register_option('nameserver', '8.8.8.8', 'yes', 'ip address of a valid nameserver')
         # global options can be imported by referencing the self.goptions dictionary when registering options
         self.register_option('verbose', self.goptions['verbose']['value'], 'yes', self.goptions['verbose']['desc'])
-        # set module classification here (active or passive)
+        # set module classification here (active, passive, support)
         self.classify = 'passive'
         # set module information here
         # do not remove or modify the key names
         self.info = {
                      'Name': 'Hostname Resolver',
                      'Author': 'Tim Tomes (@LaNMaSteR53)',
-                     'Classification': '%s Reconnaissance' % (self.classify.title()), # no need to modify
                      'Description': 'Resolves IP addresses to hosts.',
                      'Comments': [
                                   'Note: Nameserver must be in IP form.'
 Most Recon-ng modules will require input of some sort. In most cases, that input will be in the form of data from the database, a file containing a list of items, or a single instance of the expected input (email address, hostname, etc.). Recon-ng provides developers with an easy way to gather the desired input from these three sources.
 
 * Gather module input from the requested source and return a list of items.
-** //source// is the source of the input ('db', './path/to/file', 'string').
-** //query// (optional unless 'db' is the source) is the database query to return the desired input if 'db' is the source.
+** //source// is the source of the input ('db', 'string', './path/to/file', 'query <sql>').
+** //query// (optional unless 'db' is the source) is the default database query if 'db' is the source. Please not that this query is controlled by the developer. The 'query <sql>' source option provides the user with the ability to set a custom query.
 {{{
 #!python
 self.get_source(source[, query=None])
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.