While doing a research I utilized goorecon.rb in BackTrack 4. Unfortunately I encountered several problems while using it to enumerate email address.
Let’s produce the problem again here. I want to enumerate all of the email addresses of domain yourbank.com using goorecon.rb :
./goorecon.rb -e yourbank.com email@example.com firstname.lastname@example.org email@example.com
Can you see where the problems are ?
The result of the goorecon.rb above are :
- The result will always include “em” characters after the “@” symbol.
- The “b” character as in “bank” is removed, so “bank” will become “ank”.
To fix the problems in goorecon.rb, just reverse the two processes above.
Here is the diff between the old goorecon.rb and the new one which already include the fix (goorecon-new.rb) :
# diff -ur goorecon.rb goorecon-new.rb --- goorecon.rb 2010-08-04 21:46:11.000000000 +0700 +++ goorecon-new.rb 2010-08-25 20:40:49.000000000 +0700 @@ -52,7 +52,12 @@ puts "Make sure that the target provided is a URL" exit() end - puts emails.uniq! + emails.uniq! + emails.each do |e| + first, *rest=e.split(/\@/) + newemail = first+"@"+target + puts newemail + end end def usage
And now the result should be fine.