Basic masscan support implemented

vor 8 Jahren · a87fc1c860
Commit a87fc1c860
--- a/AnmapThread.py
+++ b/AnmapThread.py
@ -1,4 +1,5 @@
-from nmap import PortScanner
+import nmap
+import masscan
 from threading import Thread
 from datetime import datetime

@ -8,7 +9,7 @@ class AnmapThread(Thread):
        Thread.__init__(self)
        self.host = hostname
        self.ports = ports
-        self.nm = PortScanner()
+        self.scanner = nmap.PortScanner()
        self.verbose = verbose
        self.daemon = True
        self.out = out
@ -17,12 +18,12 @@ class AnmapThread(Thread):
 class ThoroughAnmapThread(AnmapThread):
    def run(self):
        log("Starting thorough scan on " + self.host, self.verbose)
-        self.nm.scan(self.host, "1," + ",".join(self.ports),
-                     arguments='-sSVC -A -Pn{}'.format(output(self.out, self.host, 2)))
+        self.scanner.scan(self.host, "1," + ",".join(self.ports),
+                          arguments='-sSVC -A -Pn{}'.format(output(self.out, self.host, 2)))
        if self.out:
-            with open(output(True, self.host, 5), "w") as out:
-                out.write(self.nm.get_nmap_last_output())
-        host = self.nm[self.host]
+            with open(output(True, self.host, 5), "w") as outfile:
+                outfile.write(self.scanner.get_nmap_last_output())
+        host = self.scanner[self.host]
        for p in host.all_tcp():
            if p == 1:
                continue
@ -33,12 +34,12 @@ class ThoroughAnmapThread(AnmapThread):
 class UDPAnmapThread(AnmapThread):
    def run(self):
        log("Starting UDP scan on " + self.host, self.verbose)
-        self.nm.scan(self.host, arguments='-sVCU -A -Pn --top-ports {}{}'.
-                     format(self.ports, output(self.out, self.host, 3)))
+        self.scanner.scan(self.host, arguments='-sVCU -A -Pn --top-ports {}{}'.
+                          format(self.ports, output(self.out, self.host, 3)))
        if self.out:
-            with open(output(True, self.host, 6), "w") as out:
-                out.write(self.nm.get_nmap_last_output())
-        host = self.nm[self.host]
+            with open(output(True, self.host, 6), "w") as outfile:
+                outfile.write(self.scanner.get_nmap_last_output())
+        host = self.scanner[self.host]
        for p in host.all_udp():
            log("Port {}/udp: {}".format(p, host['udp'][p]), self.verbose)
        log("Finished UDP scan on " + self.host, self.verbose)
@ -47,27 +48,47 @@ class UDPAnmapThread(AnmapThread):
 class BaseAnmapThread(AnmapThread):
    def __init__(self, hostname, ports, verbose, out):
        AnmapThread.__init__(self, hostname, ports, verbose, out)
-        self.host_list = dict()
+        self.host_dict = dict()

    def run(self):
        log("Starting quick scan", self.verbose)
-        self.nm.scan(self.host, arguments='-sS -Pn -p{}{}'.format(self.ports, output(self.out, self.host, 1)))
+        self.scanner.scan(self.host, arguments='-sS -Pn -p{}{}'.format(self.ports, output(self.out, self.host, 1)))
        if self.out:
-            with open(output(True, self.host, 4), "w") as out:
-                out.write(self.nm.get_nmap_last_output())
+            with open(output(True, self.host, 4), "w") as outfile:
+                outfile.write(self.scanner.get_nmap_last_output())
        log("Finished quick scan", self.verbose)
-        for hostname in self.nm.all_hosts():
-            host = self.nm[hostname]
+        for hostname in self.scanner.all_hosts():
+            host = self.scanner[hostname]
            port_list = list()
            for p in host.all_tcp():
-                if self.nm[hostname]['tcp'][p]['state'] == 'open':
+                if self.scanner[hostname]['tcp'][p]['state'] == 'open':
                    port_list.append(str(p))
            if port_list is not list():
-                self.host_list[hostname] = port_list
+                self.host_dict[hostname] = port_list

    def rjoin(self):
        Thread.join(self)
-        return self.host_list
+        return self.host_dict
+
+
+class MasscanAnmapThread(BaseAnmapThread):
+    def __init__(self, hostname, ports, verbose, out):
+        AnmapThread.__init__(self, hostname, ports, verbose, out)
+        self.host_dict = dict()
+        self.scanner = masscan.PortScanner()
+
+    def run(self):
+        log("Starting masscan scan", self.verbose)
+        self.scanner.scan(self.host, arguments='-p{}{}'.format(self.ports, output(self.out, self.host, 7)))
+        log("Finished quick scan", self.verbose)
+        for hostname in self.scanner.all_hosts():
+            host = self.scanner[hostname]
+            port_list = list()
+            for p in host.all_tcp():
+                if self.scanner[hostname]['tcp'][p]['state'] == 'open':
+                    port_list.append(str(p))
+            if port_list is not list():
+                self.host_dict[hostname] = port_list


 def output(o, host, st):
@ -87,6 +108,8 @@ def output(o, host, st):
        return "nmap_{}_SVCA_{}.xml".format(host, date())
    if st == 6:
        return "nmap_{}_VCUA_{}.xml".format(host, date())
+    if st == 7:
+        return " -oG masscan_{}_S_{}.gnmap -oX masscan_{}_S_{}.xml".format(host, date(), host, date())


 def log(message, verbose):
--- a/anmap.py
+++ b/anmap.py
@ -1,5 +1,6 @@
+#!/usr/bin/python3
 from argparse import ArgumentParser
-from AnmapThread import UDPAnmapThread, ThoroughAnmapThread, BaseAnmapThread
+from AnmapThread import UDPAnmapThread, ThoroughAnmapThread, BaseAnmapThread, MasscanAnmapThread, log


 if __name__ == "__main__":
@ -10,6 +11,7 @@ if __name__ == "__main__":
                        prog="anmap.py")
    ap.add_argument("-u", "--udp", default=1000, type=int, help="The number of UDP ports to scan (Default 1000)")
    ap.add_argument("-v", "--verbose", action="store_true", help="This enables verbose output")
+    ap.add_argument("-m", "--masscan", action="store_true", help="This enables masscan for first scan")
    ap.add_argument("-d", "--debug", action="store_true",
                    help="Sets flags -v and -u 100 and scans only the first 1000 tcp ports")
    ap.add_argument("-o", "--output", action="store_true", help="Enables saving of output files")
@ -19,13 +21,38 @@ if __name__ == "__main__":
        args.verbose = True
        args.udp = 100
    try:
-        # Scanning all tcp ports
-        t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
-        t0.start()
-        host_list = t0.rjoin()
+        c = host_dict = ""
+        if args.masscan:
+            # Scanning all tcp ports with masscan
+            tm = MasscanAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
+            tm.start()
+            host_dict = tm.rjoin()
+            np = 0
+            for p in host_dict.values():
+                np += len(p)
+            log("Found {} open ports on {} host(s) with masscan".format(np, len(host_dict)), args.verbose)
+            c = input("Do you want to continue without a full nmap scan? (y/N)")
+            if c != "y":
+                # Scanning all tcp ports with nmap
+                t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
+                t0.start()
+                host_dict = t0.rjoin()
+                np = 0
+                for p in host_dict.values():
+                    np += len(p)
+                log("Found {} open ports on {} host(s) with nmap".format(np, len(host_dict)), args.verbose)
+        else:
+            # Scanning all tcp ports with nmap
+            t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
+            t0.start()
+            host_dict = t0.rjoin()
+            np = 0
+            for p in host_dict.values():
+                np += len(p)
+            log("Found {} open ports on {} host(s) with nmap".format(np, len(host_dict)), args.verbose)
        # Starting thorough and udp scan for each host in separate threads
        thread_list = list()
-        for host, open_port_list in host_list.items():
+        for host, open_port_list in host_dict.items():
            thread_list.append(ThoroughAnmapThread(host, open_port_list, args.verbose, args.output))
            thread_list.append(UDPAnmapThread(host, args.udp, args.verbose, args.output))
        for t in thread_list: