module making in recon-ng
DESCRIPTION
This is a talk I gave at a NOVA Hackers (http://novahackers.blogspot.com/) meeting in June 2013 on how to make a recon-ng module. The idea was to show people interested in getting involved with an open source project that it isn't hard to do. I selected Tim Tomes' recon-ng (https://bitbucket.org/LaNMaSteR53/recon-ng) to contribute to but the underlying theme of going out and trying to get involved applies to most projects. Sure, you need some knowledge of programming but you'll find that within the Open Source community there are many people ready to help you learn and grow your skills.TRANSCRIPT
Micah Hoffman @WebBreacher
A beginner’s guide to contributing to an Open Source Project
Module Making in recon-ng
NovaHackers June 2013
Micah Hoffman @WebBreacher
Who am I?
Micah Hoffman - @WebBreacher Internal penetration tester Recon-ng module-maker SANS Mentor Appalachian Trail hiker
NovaHackers June 2013
Micah Hoffman @WebBreacher
The Setup
Wanted to learn a new language Needed a reason/direction Thought about contributing to some tool No coding experience Found recon-ng
Fit with my work tasks Fit with the programming language I use
(python) How do you contribute?
NovaHackers June 2013
Micah Hoffman @WebBreacher
Recon-ng (Highlights)
Language Python (2.7)
Code Management
Git (bitbucket.org)
Owner Tim Tomes - @LaNMaSteR53
Purpose Web Reconnaissance framework
NovaHackers June 2013
Micah Hoffman @WebBreacher
Code Management - git
Make account on bitbucket.org Fork recon-ng repository (copy into your
account) Set up your computer to work on the code
Python, IDE/Text Editor (syntax highlighting helps)
git Learn about git
Lotsa docs on Interwebs Fork, Clone, Pull, Add, Commit, Push, Branch
NovaHackers June 2013
Micah Hoffman @WebBreacher
What will the module do?
Generally the hardest part for me Get ideas:
Twitter, coworkers/friends, web sites you use Keep a log of ideas
Overall function of my module User enters information recon-ng retrieves data from site Parse response data for something Display
NovaHackers June 2013
Micah Hoffman @WebBreacher
Google IDs
Thought: Google Analytics and Google AdSense codes
are used on multiple sites Means that sites are related somehow
Same developers? Same maintainers? Same owners?
Simple Regexes to locate codes ["\'](UA-\d+)
["\'](pub-\d+)NovaHackers June 2013
Micah Hoffman @WebBreacher
Find a web app for lookups
NovaHackers June 2013
Micah Hoffman @WebBreacher
Look at response/results
NovaHackers June 2013
Micah Hoffman @WebBreacher
Results parse-able?
• Yes!• Regex: <div class="row"><a[^>]*>(.+?)</a>
NovaHackers June 2013
Micah Hoffman @WebBreacher
Make the module
RTFM – recon-ng https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Home
Examine other modules NovaHackers June 2013
Micah Hoffman @WebBreacher
The code
NovaHackers June 2013
Micah Hoffman @WebBreacher
The results
NovaHackers June 2013
Micah Hoffman @WebBreacher
Submission and Review
Git add/commit/push to your account Create a “pull” request to pull into tool’s main
trunk Module will be reviewed and commented on
Address issues/comments Resubmit Lather, rinse, repeat
Pull request accepted and merged Git clone the main branch Move to the next module
NovaHackers June 2013
Micah Hoffman @WebBreacher
Bonus: dev_diver
How about a module that takes a hacker/coder nym and checks coding sites for it?
Introducing dev_diver (not in recon-ng yet!)
Got the module…just need a hacker name
Volunteers?
NovaHackers June 2013
Micah Hoffman @WebBreacher
Thanks for volunteering Rob!
“mubix” it is!
NovaHackers June 2013
Micah Hoffman @WebBreacher
Bonus: dev_diver
7,946 photos
NovaHackers June 2013
Micah Hoffman @WebBreacher
http://webbreacher.blogspot.com/
Questions?