1
0
Fork 0
master
Simon Moser vor 7 Jahren
Ursprung a638de3571
Commit 0eb4435f73

@ -2,6 +2,7 @@ import nmap
import masscan import masscan
from threading import Thread from threading import Thread
from datetime import datetime from datetime import datetime
from pprint import pprint
class AnmapThread(Thread): class AnmapThread(Thread):
@ -20,10 +21,12 @@ class ThoroughAnmapThread(AnmapThread):
log("Starting thorough scan on " + self.host, self.verbose) log("Starting thorough scan on " + self.host, self.verbose)
self.scanner.scan(self.host, "1," + ",".join(self.ports), self.scanner.scan(self.host, "1," + ",".join(self.ports),
arguments='-sSVC -A -Pn{}'.format(output(self.out, self.host, 2))) arguments='-sSVC -A -Pn{}'.format(output(self.out, self.host, 2)))
log(self.scanner.command_line(), self.verbose)
if self.out: if self.out:
with open(output(True, self.host, 5), "w") as outfile: with open(output(True, self.host, 5), "w") as outfile:
outfile.write(self.scanner.get_nmap_last_output()) outfile.write(self.scanner.get_nmap_last_output())
host = self.scanner[self.host] host = self.scanner[self.host]
log("{}/{} is {}".format(host.hostname(), host["addresses"]["ipv4"], host["osmatch"][0]["name"]), self.verbose)
for p in host.all_tcp(): for p in host.all_tcp():
if p == 1: if p == 1:
continue continue
@ -36,10 +39,12 @@ class UDPAnmapThread(AnmapThread):
log("Starting UDP scan on " + self.host, self.verbose) log("Starting UDP scan on " + self.host, self.verbose)
self.scanner.scan(self.host, arguments='-sVCU -A -Pn --top-ports {}{}'. self.scanner.scan(self.host, arguments='-sVCU -A -Pn --top-ports {}{}'.
format(self.ports, output(self.out, self.host, 3))) format(self.ports, output(self.out, self.host, 3)))
log(self.scanner.command_line(), self.verbose)
if self.out: if self.out:
with open(output(True, self.host, 6), "w") as outfile: with open(output(True, self.host, 6), "w") as outfile:
outfile.write(self.scanner.get_nmap_last_output()) outfile.write(self.scanner.get_nmap_last_output())
host = self.scanner[self.host] host = self.scanner[self.host]
log("{}/{} is {}".format(host.hostname(), host["addresses"]["ipv4"], host["osmatch"][0]["name"]), self.verbose)
for p in host.all_udp(): for p in host.all_udp():
log("Port {}/udp: {}".format(p, host['udp'][p]), self.verbose) log("Port {}/udp: {}".format(p, host['udp'][p]), self.verbose)
log("Finished UDP scan on " + self.host, self.verbose) log("Finished UDP scan on " + self.host, self.verbose)
@ -53,10 +58,12 @@ class BaseAnmapThread(AnmapThread):
def run(self): def run(self):
log("Starting quick scan", self.verbose) log("Starting quick scan", self.verbose)
self.scanner.scan(self.host, arguments='-sS -Pn -p{}{}'.format(self.ports, output(self.out, self.host, 1))) self.scanner.scan(self.host, arguments='-sS -Pn -p{}{}'.format(self.ports, output(self.out, self.host, 1)))
log(self.scanner.command_line(), self.verbose)
if self.out: if self.out:
with open(output(True, self.host, 4), "w") as outfile: with open(output(True, self.host, 4), "w") as outfile:
outfile.write(self.scanner.get_nmap_last_output()) outfile.write(self.scanner.get_nmap_last_output())
log("Finished quick scan", self.verbose) log("Finished quick scan", self.verbose)
np = 0
for hostname in self.scanner.all_hosts(): for hostname in self.scanner.all_hosts():
host = self.scanner[hostname] host = self.scanner[hostname]
port_list = list() port_list = list()
@ -65,6 +72,8 @@ class BaseAnmapThread(AnmapThread):
port_list.append(str(p)) port_list.append(str(p))
if port_list is not list(): if port_list is not list():
self.host_dict[hostname] = port_list self.host_dict[hostname] = port_list
np += len(port_list)
log("Found {} open ports on {} host(s) with {}".format(np, len(self.host_dict), "nmap"), self.verbose)
def rjoin(self): def rjoin(self):
Thread.join(self) Thread.join(self)
@ -79,8 +88,10 @@ class MasscanAnmapThread(BaseAnmapThread):
def run(self): def run(self):
log("Starting masscan scan", self.verbose) log("Starting masscan scan", self.verbose)
self.scanner.scan(self.host, arguments='-p{}{}'.format(self.ports, output(self.out, self.host, 7))) self.scanner.scan(self.host, ports=self.ports, arguments=output(self.out, self.host, 7), sudo=True)
log(self.scanner.command_line(), self.verbose)
log("Finished quick scan", self.verbose) log("Finished quick scan", self.verbose)
np = 0
for hostname in self.scanner.all_hosts(): for hostname in self.scanner.all_hosts():
host = self.scanner[hostname] host = self.scanner[hostname]
port_list = list() port_list = list()
@ -89,6 +100,8 @@ class MasscanAnmapThread(BaseAnmapThread):
port_list.append(str(p)) port_list.append(str(p))
if port_list is not list(): if port_list is not list():
self.host_dict[hostname] = port_list self.host_dict[hostname] = port_list
np += len(port_list)
log("Found {} open ports on {} host(s) with {}".format(np, len(self.host_dict), "masscan"), self.verbose)
def output(o, host, st): def output(o, host, st):
@ -113,8 +126,7 @@ def output(o, host, st):
def log(message, verbose): def log(message, verbose):
if verbose: if verbose: print("{}: {}".format(date(True), message))
print("{}: {}".format(date(True), message))
def date(long=False): def date(long=False):

@ -1,6 +1,6 @@
#!/usr/bin/python3 #!/usr/bin/python3
from argparse import ArgumentParser from argparse import ArgumentParser
from AnmapThread import UDPAnmapThread, ThoroughAnmapThread, BaseAnmapThread, MasscanAnmapThread, log from AnmapThread import UDPAnmapThread, ThoroughAnmapThread, BaseAnmapThread, MasscanAnmapThread
if __name__ == "__main__": if __name__ == "__main__":
@ -11,7 +11,8 @@ if __name__ == "__main__":
prog="anmap.py") prog="anmap.py")
ap.add_argument("-u", "--udp", default=1000, type=int, help="The number of UDP ports to scan (Default 1000)") ap.add_argument("-u", "--udp", default=1000, type=int, help="The number of UDP ports to scan (Default 1000)")
ap.add_argument("-v", "--verbose", action="store_true", help="This enables verbose output") ap.add_argument("-v", "--verbose", action="store_true", help="This enables verbose output")
ap.add_argument("-m", "--masscan", action="store_true", help="This enables masscan for first scan") # Not functional yet
# ap.add_argument("-m", "--masscan", action="store_true", help="This enables masscan for first scan")
ap.add_argument("-d", "--debug", action="store_true", ap.add_argument("-d", "--debug", action="store_true",
help="Sets flags -v and -u 100 and scans only the first 1000 tcp ports") help="Sets flags -v and -u 100 and scans only the first 1000 tcp ports")
ap.add_argument("-o", "--output", action="store_true", help="Enables saving of output files") ap.add_argument("-o", "--output", action="store_true", help="Enables saving of output files")
@ -22,34 +23,23 @@ if __name__ == "__main__":
args.udp = 100 args.udp = 100
try: try:
c = host_dict = "" c = host_dict = ""
if args.masscan: try:
# Scanning all tcp ports with masscan ms = args.masscan
except AttributeError:
ms = False
if ms:
tm = MasscanAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output) tm = MasscanAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
tm.start() tm.start()
host_dict = tm.rjoin() host_dict = tm.rjoin()
np = 0
for p in host_dict.values():
np += len(p)
log("Found {} open ports on {} host(s) with masscan".format(np, len(host_dict)), args.verbose)
c = input("Do you want to continue without a full nmap scan? (y/N)") c = input("Do you want to continue without a full nmap scan? (y/N)")
if c != "y": if c != "y":
# Scanning all tcp ports with nmap
t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output) t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
t0.start() t0.start()
host_dict = t0.rjoin() host_dict = t0.rjoin()
np = 0
for p in host_dict.values():
np += len(p)
log("Found {} open ports on {} host(s) with nmap".format(np, len(host_dict)), args.verbose)
else: else:
# Scanning all tcp ports with nmap
t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output) t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
t0.start() t0.start()
host_dict = t0.rjoin() host_dict = t0.rjoin()
np = 0
for p in host_dict.values():
np += len(p)
log("Found {} open ports on {} host(s) with nmap".format(np, len(host_dict)), args.verbose)
# Starting thorough and udp scan for each host in separate threads # Starting thorough and udp scan for each host in separate threads
thread_list = list() thread_list = list()
for host, open_port_list in host_dict.items(): for host, open_port_list in host_dict.items():

Laden…
Abbrechen
Speichern