goorecon.rb small problems

While doing a research I utilized goorecon.rb in BackTrack 4. Unfortunately I encountered several problems while using it to enumerate email address.

Let’s produce the problem again here. I want to enumerate all of the email addresses of domain yourbank.com using goorecon.rb :

./goorecon.rb -e yourbank.com
call_center@emyourank.com
helpdesk@emyourank.com
info@emyourank.com

Can you see where the problems are ?

The result of the goorecon.rb above are :

  • The result will always include “em” characters after the “@” symbol.
  • The “b” character as in “bank” is removed, so “bank” will become “ank”.

To fix the problems in goorecon.rb, just reverse the two processes above.

Here is the diff between the old goorecon.rb and the new one which already include the fix (goorecon-new.rb) :

# diff -ur goorecon.rb goorecon-new.rb
--- goorecon.rb 2010-08-04 21:46:11.000000000 +0700
+++ goorecon-new.rb     2010-08-25 20:40:49.000000000 +0700
@@ -52,7 +52,12 @@
puts "Make sure that the target provided is a URL"
exit()
end
-  puts emails.uniq!
+  emails.uniq!
+  emails.each do |e|
+    first, *rest=e.split(/\@/)
+    newemail = first+"@"+target
+    puts newemail
+  end
end

def usage

And now the result should be fine.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s