We'll show you how put ReconNess running on DigitalOcean and Ubuntu 18.04, but you can use different cloud providers and Linux distribution too, the only that you need is Docker and Docker Compose installed in the host.
You can use your PC with Docker and Docker Compose, but because you are going to run a lot of scanning and to avoid problems with your ISP and because you can require more dedicate resources that your PC is better option use a cloud provider.
You need to have a DigitalOcean account first, please use this referent link to create your account and you will receive 100 USD in credit over 60 days.
After you have an account you need to create a Droplet selecting Ubuntu 18.04. Check this link to know more about creating a Droplet on DigitalOcean.
After you have installed Docker and Docker Compose inside the Ubuntu 18.04 Droplet you need to clone ReconNess source code from GitHub inside the Droplet.
$ git clone https://github.com/reconness/reconness.git$ cd reconness/src
src/ folder you have
docker-compose.yml files, those are the two only files that you need to touch.
FROM mcr.microsoft.com/dotnet/core/sdk:3.1 AS buildWORKDIR /appRUN curl -sL https://deb.nodesource.com/setup_10.x | bash -RUN apt-get install -y nodejsRUN npm install -g @vue/cli# copy csproj and restore as distinct layersCOPY *.sln .COPY ["DAL/ReconNess.Data.Npgsql/ReconNess.Data.Npgsql.csproj", "DAL/ReconNess.Data.Npgsql/"]COPY ["ReconNess.Web/ReconNess.Web.csproj", "ReconNess.Web/"]COPY ["ReconNess.Entities/ReconNess.Entities.csproj", "ReconNess.Entities/"]COPY ["ReconNess.Core/ReconNess.Core.csproj", "ReconNess.Core/"]COPY ["ReconNess/ReconNess.csproj", "ReconNess/"]RUN dotnet restore "ReconNess.Web/ReconNess.Web.csproj"# copy everything else and build appCOPY . ./WORKDIR /app/ReconNess.WebRUN dotnet publish -c Release -o /distFROM mcr.microsoft.com/dotnet/core/aspnet:3.1 AS runtimeWORKDIR /appENV ASPNETCORE_URLS http://+:5000EXPOSE 5000COPY --from=build /dist ./# -------- Agents dependencies --------# -------- End Agents dependencies --------ENTRYPOINT ["dotnet", "ReconNess.Web.dll"]
In the Dockerfile you need to specify the Agents tools and dependencies that you want to install, for example, if we want to run
ping to know if the subdomain is alive you need to install
ping inside the docker because by default this docker does not have
ping installed that same for the other tools that you want to run to do the #recon
You can use this Dockerfile that has all the default agents.
line (30 -32)
# -------- Agents dependencies --------# To allow run ping inside the docker$ RUN apt-get update && apt-get install -y iputils-ping# -------- End Agents dependencies --------
The next file is the docker-compose where we need to pay attention to the credentials and keys to avoid security issues.
version: '3'services:web:container_name: 'reconness'image: 'reconness'build:context: .dockerfile: Dockerfileports:- '80:5000'depends_on:- 'postgres'networks:- reconness-networkenvironment:- ReconnessUserName=reconness # login username- ReconnessPassword=reconness # login password- PostgresUser=reconness # postgres userName- PostgresPassword=reconness # postgres password- PostgresDb=reconness # postgres database- SecurityKey=mysecuritykeypleasechangethis # securityKey for the JWT, minimum length is 16 characterspostgres:ports:- '5432:5432'container_name: 'reconness-postgresql'environment:POSTGRES_USER: 'reconness' # postgres username, needs to be the same defined abovePOSTGRES_PASSWORD: 'reconness' # postgres password, needs to be the same defined abovePOSTGRES_DB: 'reconness' # postgres database, needs to be the same defined abovevolumes:- 'reconness-postgresql-volume:/var/lib/postgresql'image: 'postgres:latest'networks:- reconness-networkvolumes:reconness-postgresql-volume:networks:reconness-network:driver: bridge
We are linking PostgreSQL with our application and mapping the ports, the only that you need to modify are the credentials in the
- ReconnessUserName=reconness # login username- ReconnessPassword=reconness # login password- PostgresUser=reconness # postgres userName- PostgresPassword=reconness # postgres password- PostgresDb=reconness # postgres database- SecurityKey=mysecuritykeypleasechangethis # securityKey for the JWT, minimum length is 16 charactersPOSTGRES_USER: 'reconness' # postgres username, needs to be the same defined abovePOSTGRES_PASSWORD: 'reconness' # postgres password, needs to be the same defined abovePOSTGRES_DB: 'reconness' # postgres database, needs to be the same defined above
PostgresUser needs to be equals to
POSTGRES_USER, the same with
Note that the values that you choose for
ReconnessPassword are the same that you need to use for the Login page in the portal.
Be sure to change
SecurityKey too and needs to be more than 16 characters. If you keep the
SecurityKey by default another user can use that to build a valid JWT token and get access into your ReconNess app and your Droplet.
After saving the files with your setup you are ready to deploy ReconNess Web App. Inside the folder
$ docker-compose build$ docker-compose up -d
if you want to shutdown ReconNess Web App. Inside the folder
$ docker-compose stop
If you want to recreate the database inside the folder
src/(be careful this is going to destroy the entire database and you are going to lose all the data saved previously)
$ docker-compose up --force-recreate
If you want to update ReconNess Web App with the last version. Inside the folder
$ docker-compose stop$ git pull$ docker-compose build$ docker-compose up -d
Remember delete the old docker images, after build multiples time the docker. You need to keep running your last Docker build to avoid delete the database and then execute the next command:
$ docker-compose up -d$ docker image prune