Skip to content

Getting Started

Jump to bottom
lanmaster53 edited this page Jun 21, 2020 · 11 revisions

Contents

Upgrading

v4 to v5

If you're reading this, then you've likely been sent here by Recon-ng v4 in search of guidance for upgrading to the latest version. Upgrading can only be done for source installs of Recon-ng. Recon-ng installs through Linux distributions with their own repositories (i.e Kali) must be handled by the distribution.

Since Recon-ng v5 is hosted in a new repository on a different provider, the normal source upgrade procedure of git pull won't work. The repository must be migrated to the new source. There are several ways to do this:

  1. Remove the old version completely and replace it with the new version. From the Recon-ng install directory: 
    cd ..
rm -rf recon-ng
git clone https://github.com/lanmaster53/recon-ng.git
cd recon-ng
  2. Update the remote URL of the current repository. From the Recon-ng install directory: 
    git remote set-url origin https://github.com/lanmaster53/recon-ng.git
git reset --hard HEAD~1
git pull

IMPORTANT! Recon-ng has changed dramatically! Once Recon-ng has been migrated, new dependencies must be installed. See the Installation section below for more information.

From this point, upgrading a source installation is as simple as navigating to the Recon-ng install directory and issuing the git pull command.

Migrating Keys

Keys used by the framework are stored in an independent SQLite3 database at "~/.recon-ng/keys.db". When installing a new instance of Recon-ng on the same machine, no migration is necessary. The new Recon-ng instance will recognize and use the existing key database. However, in order to access the key database on another system, the key database must me manually moved to the same location on the new machine, where it can be recognized and used by any instance of Recon-ng running there.

Installation

Prerequisites

Recon-ng requires Python 3.6+. The below installation instructions for source installation also uses the Python package manager, PiPI (pip). I encourage those installing from source to use Virtualenv (virtualenv) to create separate instances of the Python environment to prevent making a mess of the system installation.

Dependencies

All 3rd party dependencies must be installed prior to use. The following instructions only install dependencies for the framework core. Modules may have additional dependencies that must be met. Due to the open nature of the marketplace, module dependencies are not installed by the framework. While modules are reviewed prior to acceptance into the marketplace, users are responsible for anything that happens as a result of installing and using the modules and their dependencies. See the Module Marketplace section of the Features page for more information.

Installing from Source

  1. Clone the Recon-ng repository.
    • git clone https://github.com/lanmaster53/recon-ng.git
  2. Change into the Recon-ng directory.
    • cd recon-ng
  3. Install dependencies.
    • pip install -r REQUIREMENTS
  4. Launch Recon-ng.
    • ./recon-ng
  5. Use the "-h" switch for information on runtime options.
    • ./recon-ng -h
  6. Read the Features page to familiarize yourself with the interface.

NOTE: The Recon-web API (Recon-API) is not fully functional when installing from source. See the Using Docker section below for the full Recon-API experience.

Module Dependencies and Source

To install module dependencies when installing from source:

  1. Note dependency names from the Recon-ng marketplace.
  2. Exit Recon-ng.
  3. Install the dependencies using pip.
    • e.g. pip install lxml
  4. Launch Recon-ng.

Updating from Source

To update Recon-ng when installing from source:

  1. Change into the Recon-ng directory.
  2. Pull the latest changes to the Recon-ng repository.
    • git pull
  3. Update dependencies.
    • pip install --upgrade -r REQUIREMENTS
  4. Launch Recon-ng.

Using Docker

  1. Install Docker Desktop.
  2. Ensure the ~/.recon-ng directory exists on the host.
  3. Clone the Recon-ng repository.
    • git clone https://github.com/lanmaster53/recon-ng.git
  4. Change into the Recon-ng directory.
    • cd recon-ng
  5. Build the Docker image.
    • docker build --rm -t recon-ng .
  6. Run Recon-ng.
    • docker run --rm -it -p 5000:5000 -v $(pwd):/recon-ng -v ~/.recon-ng:/root/.recon-ng --entrypoint "./recon-ng" recon-ng
      • -rm removes the container when it exits.
      • -it makes the container interactive.
      • -p binds a local and container port.
      • -v mounts a couple necessary volumes (the source code and the recon-ng home folder).
      • --entrypoint indicates the command to run. Change this to run other things like recon-web, recon-cli, /bin/sh, etc.
      • recon-ng the image to use.

When using the above command to launch Recon-web (--entrypoint "./recon-web"), --host 0.0.0.0 must be appended to the end of the command or the application will not be accessible from the host machine.

The above command supports everything in Recon-ng except running tasks via the Recon-web API (Recon-API). All other API calls will work, but attempting to run a task requires Redis, which is not included in the Recon-ng Docker image. Use Docker Compose to launch all of the required containers (Recon-ng, Redis, and worker) for the full Recon-API experience.

  • docker-compose up -d --build

When done using Recon-API, clean up the Docker environment with the following command:

  • docker-compose down

Module Dependencies and Docker

To install dependencies when using Docker:

  1. Note dependency names from the Recon-ng marketplace.
  2. Exit Recon-ng.
  3. Edit the REQUIREMENTS file in the root of the Recon-ng repository.
  4. Add the dependency names to the bottom of the list of current dependencies.
  5. Rebuild the Docker image.
    • docker build --rm -t recon-ng .
  6. Run Recon-ng.

Updating the Docker Image

To update Recon-ng when using Docker:

  1. Change into the Recon-ng directory.
  2. Stash any changes to the REQUIREMENTS file for module dependencies.
    • git stash
  3. Pull the latest changes to the Recon-ng repository.
    • git pull
  4. Merge the stashed changes with the updated REQUIREMENTS file.
    • git stash pop
  5. Rebuild the Docker image.
    • docker build --rm -t recon-ng .
  6. Run Recon-ng.

Troubleshooting with Docker Compose

To debug within one of the Docker Compose services (Recon-web example):

  • docker-compose run -p 5000:5000 <service_name> python3 -m pdb recon-web

To troubleshoot within one of the Docker Compose services:

  • docker-compose run <service_name> /bin/sh

Help

Recon-ng has an official Slack workspace. For additional help, information, or general discussion about the framework, join by completing the self-registration form at https://goo.gl/forms/IJrxxWpglWu0Eyzl2.

Clone this wiki locally