We'll show you how put ReconNess running on DigitalOcean and Ubuntu 18.04, but you can use different cloud providers and Linux distribution too, the only that you need is Docker and Docker Compose installed in the host.
You can use your PC with Docker and Docker Compose, but because you are going to run a lot of scanning and to avoid problems with your ISP and because you can require more dedicate resources that your PC is better option use a cloud provider.
You need to have a DigitalOcean account first, please use this referent link to create your account and you will receive 100 USD in credit over 60 days.
After you have an account you need to create a Droplet selecting Ubuntu 18.04. Check this link to know more about creating a Droplet on DigitalOcean.
Now you need to install Docker and Docker Compose inside the Droplet, please check the documentation to know how to install Docker and Docker Compose in Ubuntu 18.04.
After you have installed Docker and Docker Compose inside the Ubuntu 18.04 Droplet you need to clone ReconNess source code from GitHub inside the Droplet.
$ git clone https://github.com/reconness/reconness.git$ cd reconness/src
Inside src/
folder you have Dockerfile
and docker-compose.yml
files, those are the two only files that you need to touch.
Dockerfile
FROM mcr.microsoft.com/dotnet/core/sdk:3.1 AS buildWORKDIR /app​RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -RUN apt-get install -y nodejsRUN npm install -g @vue/cli​# copy csproj and restore as distinct layersCOPY *.sln .COPY ["DAL/ReconNess.Data.Npgsql/ReconNess.Data.Npgsql.csproj", "DAL/ReconNess.Data.Npgsql/"]COPY ["ReconNess.Web/ReconNess.Web.csproj", "ReconNess.Web/"]COPY ["ReconNess.Entities/ReconNess.Entities.csproj", "ReconNess.Entities/"]COPY ["ReconNess.Core/ReconNess.Core.csproj", "ReconNess.Core/"]COPY ["ReconNess/ReconNess.csproj", "ReconNess/"]RUN dotnet restore "ReconNess.Web/ReconNess.Web.csproj"​# copy everything else and build appCOPY . ./WORKDIR /app/ReconNess.WebRUN dotnet publish -c Release -o /dist​FROM mcr.microsoft.com/dotnet/core/aspnet:3.1 AS runtimeWORKDIR /app​ENV ASPNETCORE_URLS http://+:5000EXPOSE 5000​COPY --from=build /dist ./​# -------- Agents dependencies --------​# -------- End Agents dependencies --------​ENTRYPOINT ["dotnet", "ReconNess.Web.dll"]
In the Dockerfile you need to specify the Agents tools and dependencies that you want to install, for example, if we want to run ping
to know if the subdomain is alive you need to install ping
inside the docker because by default this docker does not have ping
installed that same for the other tools that you want to run to do the #recon
You can use this Dockerfile that has all the default agents.
line (30 -32)
# -------- Agents dependencies --------​# To allow run ping inside the docker$ RUN apt-get update && apt-get install -y iputils-ping​# -------- End Agents dependencies --------
The next file is the docker-compose where we need to pay attention to the credentials and keys to avoid security issues.
docker-compose.yml
version: '3'services:web:container_name: 'reconness'image: 'reconness'build:context: .dockerfile: Dockerfileports:- '80:5000'depends_on:- 'postgres'networks:- reconness-networkenvironment:- ReconnessUserName=reconness # login username- ReconnessPassword=reconness # login password- PostgresUser=reconness # postgres userName- PostgresPassword=reconness # postgres password- PostgresDb=reconness # postgres database- SecurityKey=mysecuritykeypleasechangethis # securityKey for the JWT, minimum length is 16 characters​postgres:ports:- '5432:5432'container_name: 'reconness-postgresql'environment:POSTGRES_USER: 'reconness' # postgres username, needs to be the same defined abovePOSTGRES_PASSWORD: 'reconness' # postgres password, needs to be the same defined abovePOSTGRES_DB: 'reconness' # postgres database, needs to be the same defined abovevolumes:- 'reconness-postgresql-volume:/var/lib/postgresql'image: 'postgres:latest'networks:- reconness-network​volumes:reconness-postgresql-volume:​networks:reconness-network:driver: bridge
We are linking PostgreSQL with our application and mapping the ports, the only that you need to modify are the credentials in the docker-compose.yml
- ReconnessUserName=reconness # login username- ReconnessPassword=reconness # login password- PostgresUser=reconness # postgres userName- PostgresPassword=reconness # postgres password- PostgresDb=reconness # postgres database- SecurityKey=mysecuritykeypleasechangethis # securityKey for the JWT, minimum length is 16 characters​POSTGRES_USER: 'reconness' # postgres username, needs to be the same defined abovePOSTGRES_PASSWORD: 'reconness' # postgres password, needs to be the same defined abovePOSTGRES_DB: 'reconness' # postgres database, needs to be the same defined above​
Notes that PostgresUser
needs to be equals to POSTGRES_USER
, the same with Password
and Db
Note that the values that you choose for ReconnessUserName
and ReconnessPassword
are the same that you need to use for the Login page in the portal.
Be sure to changeSecurityKey
too and needs to be more than 16 characters. If you keep the SecurityKey
by default another user can use that to build a valid JWT token and get access into your ReconNess app and your Droplet.
Dont keep the SecurityKey
by default another user can use that to build a valid JWT token and get access
After saving the files with your setup you are ready to deploy ReconNess Web App. Inside the folder src/
$ docker-compose build$ docker-compose up -d
if you want to shutdown ReconNess Web App. Inside the folder src/
$ docker-compose stop
If you want to recreate the database inside the folder src/
(be careful this is going to destroy the entire database and you are going to lose all the data saved previously)
$ docker-compose up --force-recreate
If you want to update ReconNess Web App with the last version. Inside the folder src/
$ docker-compose stop$ git pull$ docker-compose build$ docker-compose up -d
Remember delete the old docker images, after build multiples time the docker. You need to keep running your last Docker build to avoid delete the database and then execute the next command:
$ docker-compose up -d$ docker image prune