Installation

The installation step by step is base on DigitalOcean with Ubuntu 18.04 but you can use different cloud providers with different Linux distribution or your PC if you want.

We'll show you how put ReconNess running on DigitalOcean and Ubuntu 18.04, but you can use different cloud providers and Linux distribution too, the only that you need is Docker and Docker Compose installed in the host.

You can use your PC with Docker and Docker Compose, but because you are going to run a lot of scanning and to avoid problems with your ISP and because you can require more dedicate resources that your PC is better option use a cloud provider.

DigitalOcean

You need to have a DigitalOcean account first, please use this referent link to create your account and you will receive 100 USD in credit over 60 days.

After you have an account you need to create a Droplet selecting Ubuntu 18.04. Check this link to know more about creating a Droplet on DigitalOcean.

Now you need to install Docker and Docker Compose inside the Droplet, please check the documentation to know how to install Docker and Docker Compose in Ubuntu 18.04.

After you have installed Docker and Docker Compose inside the Ubuntu 18.04 Droplet you need to clone ReconNess source code from GitHub inside the Droplet.

$ git clone https://github.com/reconness/reconness.git
$ cd reconness/src

Inside src/ folder you have Dockerfile and docker-compose.yml files, those are the two only files that you need to touch.

Dockerfile

FROM mcr.microsoft.com/dotnet/core/sdk:3.1 AS build
WORKDIR /app
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
RUN apt-get install -y nodejs
RUN npm install -g @vue/cli
# copy csproj and restore as distinct layers
COPY *.sln .
COPY ["DAL/ReconNess.Data.Npgsql/ReconNess.Data.Npgsql.csproj", "DAL/ReconNess.Data.Npgsql/"]
COPY ["ReconNess.Web/ReconNess.Web.csproj", "ReconNess.Web/"]
COPY ["ReconNess.Entities/ReconNess.Entities.csproj", "ReconNess.Entities/"]
COPY ["ReconNess.Core/ReconNess.Core.csproj", "ReconNess.Core/"]
COPY ["ReconNess/ReconNess.csproj", "ReconNess/"]
RUN dotnet restore "ReconNess.Web/ReconNess.Web.csproj"
# copy everything else and build app
COPY . ./
WORKDIR /app/ReconNess.Web
RUN dotnet publish -c Release -o /dist
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1 AS runtime
WORKDIR /app
ENV ASPNETCORE_URLS http://+:5000
EXPOSE 5000
COPY --from=build /dist ./
# -------- Agents dependencies --------
# -------- End Agents dependencies --------
ENTRYPOINT ["dotnet", "ReconNess.Web.dll"]

In the Dockerfile you need to specify the Agents tools and dependencies that you want to install, for example, if we want to run ping to know if the subdomain is alive you need to install ping inside the docker because by default this docker does not have ping installed that same for the other tools that you want to run to do the #recon

Install Agents [Tools]

You can use this Dockerfile that has all the default agents.

line (30 -32)

# -------- Agents dependencies --------
# To allow run ping inside the docker
$ RUN apt-get update && apt-get install -y iputils-ping
# -------- End Agents dependencies --------

The next file is the docker-compose where we need to pay attention to the credentials and keys to avoid security issues.

docker-compose.yml

version: '3'
services:
web:
container_name: 'reconness'
image: 'reconness'
build:
context: .
dockerfile: Dockerfile
ports:
- '80:5000'
depends_on:
- 'postgres'
networks:
- reconness-network
environment:
- ReconnessUserName=reconness # login username
- ReconnessPassword=reconness # login password
- PostgresUser=reconness # postgres userName
- PostgresPassword=reconness # postgres password
- PostgresDb=reconness # postgres database
- SecurityKey=mysecuritykeypleasechangethis # securityKey for the JWT, minimum length is 16 characters
postgres:
ports:
- '5432:5432'
container_name: 'reconness-postgresql'
environment:
POSTGRES_USER: 'reconness' # postgres username, needs to be the same defined above
POSTGRES_PASSWORD: 'reconness' # postgres password, needs to be the same defined above
POSTGRES_DB: 'reconness' # postgres database, needs to be the same defined above
volumes:
- 'reconness-postgresql-volume:/var/lib/postgresql'
image: 'postgres:latest'
networks:
- reconness-network
volumes:
reconness-postgresql-volume:
networks:
reconness-network:
driver: bridge

We are linking PostgreSQL with our application and mapping the ports, the only that you need to modify are the credentials in the docker-compose.yml

- ReconnessUserName=reconness # login username
- ReconnessPassword=reconness # login password
- PostgresUser=reconness # postgres userName
- PostgresPassword=reconness # postgres password
- PostgresDb=reconness # postgres database
- SecurityKey=mysecuritykeypleasechangethis # securityKey for the JWT, minimum length is 16 characters
POSTGRES_USER: 'reconness' # postgres username, needs to be the same defined above
POSTGRES_PASSWORD: 'reconness' # postgres password, needs to be the same defined above
POSTGRES_DB: 'reconness' # postgres database, needs to be the same defined above

Notes that PostgresUser needs to be equals to POSTGRES_USER, the same with Password and Db

Login inside ReconNess

Note that the values that you choose for ReconnessUserName and ReconnessPassword are the same that you need to use for the Login page in the portal.

Be sure to changeSecurityKey too and needs to be more than 16 characters. If you keep the SecurityKey by default another user can use that to build a valid JWT token and get access into your ReconNess app and your Droplet.

Dont keep the SecurityKey by default another user can use that to build a valid JWT token and get access

Build, Run, Stop and Destroy ReconNess

After saving the files with your setup you are ready to deploy ReconNess Web App. Inside the folder src/

$ docker-compose build
$ docker-compose up -d

if you want to shutdown ReconNess Web App. Inside the folder src/

$ docker-compose stop

If you want to recreate the database inside the folder src/(be careful this is going to destroy the entire database and you are going to lose all the data saved previously)

$ docker-compose up --force-recreate

If you want to update ReconNess Web App with the last version. Inside the folder src/

$ docker-compose stop
$ git pull
$ docker-compose build
$ docker-compose up -d

Remember delete the old docker images, after build multiples time the docker. You need to keep running your last Docker build to avoid delete the database and then execute the next command:

$ docker-compose up -d
$ docker image prune