1
0
Fork 0

Basic masscan support implemented

master
MrMcX vor 7 Jahren
Ursprung 5213448211
Commit a87fc1c860

@ -1,4 +1,5 @@
from nmap import PortScanner import nmap
import masscan
from threading import Thread from threading import Thread
from datetime import datetime from datetime import datetime
@ -8,7 +9,7 @@ class AnmapThread(Thread):
Thread.__init__(self) Thread.__init__(self)
self.host = hostname self.host = hostname
self.ports = ports self.ports = ports
self.nm = PortScanner() self.scanner = nmap.PortScanner()
self.verbose = verbose self.verbose = verbose
self.daemon = True self.daemon = True
self.out = out self.out = out
@ -17,12 +18,12 @@ class AnmapThread(Thread):
class ThoroughAnmapThread(AnmapThread): class ThoroughAnmapThread(AnmapThread):
def run(self): def run(self):
log("Starting thorough scan on " + self.host, self.verbose) log("Starting thorough scan on " + self.host, self.verbose)
self.nm.scan(self.host, "1," + ",".join(self.ports), self.scanner.scan(self.host, "1," + ",".join(self.ports),
arguments='-sSVC -A -Pn{}'.format(output(self.out, self.host, 2))) arguments='-sSVC -A -Pn{}'.format(output(self.out, self.host, 2)))
if self.out: if self.out:
with open(output(True, self.host, 5), "w") as out: with open(output(True, self.host, 5), "w") as outfile:
out.write(self.nm.get_nmap_last_output()) outfile.write(self.scanner.get_nmap_last_output())
host = self.nm[self.host] host = self.scanner[self.host]
for p in host.all_tcp(): for p in host.all_tcp():
if p == 1: if p == 1:
continue continue
@ -33,12 +34,12 @@ class ThoroughAnmapThread(AnmapThread):
class UDPAnmapThread(AnmapThread): class UDPAnmapThread(AnmapThread):
def run(self): def run(self):
log("Starting UDP scan on " + self.host, self.verbose) log("Starting UDP scan on " + self.host, self.verbose)
self.nm.scan(self.host, arguments='-sVCU -A -Pn --top-ports {}{}'. self.scanner.scan(self.host, arguments='-sVCU -A -Pn --top-ports {}{}'.
format(self.ports, output(self.out, self.host, 3))) format(self.ports, output(self.out, self.host, 3)))
if self.out: if self.out:
with open(output(True, self.host, 6), "w") as out: with open(output(True, self.host, 6), "w") as outfile:
out.write(self.nm.get_nmap_last_output()) outfile.write(self.scanner.get_nmap_last_output())
host = self.nm[self.host] host = self.scanner[self.host]
for p in host.all_udp(): for p in host.all_udp():
log("Port {}/udp: {}".format(p, host['udp'][p]), self.verbose) log("Port {}/udp: {}".format(p, host['udp'][p]), self.verbose)
log("Finished UDP scan on " + self.host, self.verbose) log("Finished UDP scan on " + self.host, self.verbose)
@ -47,27 +48,47 @@ class UDPAnmapThread(AnmapThread):
class BaseAnmapThread(AnmapThread): class BaseAnmapThread(AnmapThread):
def __init__(self, hostname, ports, verbose, out): def __init__(self, hostname, ports, verbose, out):
AnmapThread.__init__(self, hostname, ports, verbose, out) AnmapThread.__init__(self, hostname, ports, verbose, out)
self.host_list = dict() self.host_dict = dict()
def run(self): def run(self):
log("Starting quick scan", self.verbose) log("Starting quick scan", self.verbose)
self.nm.scan(self.host, arguments='-sS -Pn -p{}{}'.format(self.ports, output(self.out, self.host, 1))) self.scanner.scan(self.host, arguments='-sS -Pn -p{}{}'.format(self.ports, output(self.out, self.host, 1)))
if self.out: if self.out:
with open(output(True, self.host, 4), "w") as out: with open(output(True, self.host, 4), "w") as outfile:
out.write(self.nm.get_nmap_last_output()) outfile.write(self.scanner.get_nmap_last_output())
log("Finished quick scan", self.verbose) log("Finished quick scan", self.verbose)
for hostname in self.nm.all_hosts(): for hostname in self.scanner.all_hosts():
host = self.nm[hostname] host = self.scanner[hostname]
port_list = list() port_list = list()
for p in host.all_tcp(): for p in host.all_tcp():
if self.nm[hostname]['tcp'][p]['state'] == 'open': if self.scanner[hostname]['tcp'][p]['state'] == 'open':
port_list.append(str(p)) port_list.append(str(p))
if port_list is not list(): if port_list is not list():
self.host_list[hostname] = port_list self.host_dict[hostname] = port_list
def rjoin(self): def rjoin(self):
Thread.join(self) Thread.join(self)
return self.host_list return self.host_dict
class MasscanAnmapThread(BaseAnmapThread):
def __init__(self, hostname, ports, verbose, out):
AnmapThread.__init__(self, hostname, ports, verbose, out)
self.host_dict = dict()
self.scanner = masscan.PortScanner()
def run(self):
log("Starting masscan scan", self.verbose)
self.scanner.scan(self.host, arguments='-p{}{}'.format(self.ports, output(self.out, self.host, 7)))
log("Finished quick scan", self.verbose)
for hostname in self.scanner.all_hosts():
host = self.scanner[hostname]
port_list = list()
for p in host.all_tcp():
if self.scanner[hostname]['tcp'][p]['state'] == 'open':
port_list.append(str(p))
if port_list is not list():
self.host_dict[hostname] = port_list
def output(o, host, st): def output(o, host, st):
@ -87,6 +108,8 @@ def output(o, host, st):
return "nmap_{}_SVCA_{}.xml".format(host, date()) return "nmap_{}_SVCA_{}.xml".format(host, date())
if st == 6: if st == 6:
return "nmap_{}_VCUA_{}.xml".format(host, date()) return "nmap_{}_VCUA_{}.xml".format(host, date())
if st == 7:
return " -oG masscan_{}_S_{}.gnmap -oX masscan_{}_S_{}.xml".format(host, date(), host, date())
def log(message, verbose): def log(message, verbose):

@ -1,5 +1,6 @@
#!/usr/bin/python3
from argparse import ArgumentParser from argparse import ArgumentParser
from AnmapThread import UDPAnmapThread, ThoroughAnmapThread, BaseAnmapThread from AnmapThread import UDPAnmapThread, ThoroughAnmapThread, BaseAnmapThread, MasscanAnmapThread, log
if __name__ == "__main__": if __name__ == "__main__":
@ -10,6 +11,7 @@ if __name__ == "__main__":
prog="anmap.py") prog="anmap.py")
ap.add_argument("-u", "--udp", default=1000, type=int, help="The number of UDP ports to scan (Default 1000)") ap.add_argument("-u", "--udp", default=1000, type=int, help="The number of UDP ports to scan (Default 1000)")
ap.add_argument("-v", "--verbose", action="store_true", help="This enables verbose output") ap.add_argument("-v", "--verbose", action="store_true", help="This enables verbose output")
ap.add_argument("-m", "--masscan", action="store_true", help="This enables masscan for first scan")
ap.add_argument("-d", "--debug", action="store_true", ap.add_argument("-d", "--debug", action="store_true",
help="Sets flags -v and -u 100 and scans only the first 1000 tcp ports") help="Sets flags -v and -u 100 and scans only the first 1000 tcp ports")
ap.add_argument("-o", "--output", action="store_true", help="Enables saving of output files") ap.add_argument("-o", "--output", action="store_true", help="Enables saving of output files")
@ -19,13 +21,38 @@ if __name__ == "__main__":
args.verbose = True args.verbose = True
args.udp = 100 args.udp = 100
try: try:
# Scanning all tcp ports c = host_dict = ""
if args.masscan:
# Scanning all tcp ports with masscan
tm = MasscanAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
tm.start()
host_dict = tm.rjoin()
np = 0
for p in host_dict.values():
np += len(p)
log("Found {} open ports on {} host(s) with masscan".format(np, len(host_dict)), args.verbose)
c = input("Do you want to continue without a full nmap scan? (y/N)")
if c != "y":
# Scanning all tcp ports with nmap
t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output) t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
t0.start() t0.start()
host_list = t0.rjoin() host_dict = t0.rjoin()
np = 0
for p in host_dict.values():
np += len(p)
log("Found {} open ports on {} host(s) with nmap".format(np, len(host_dict)), args.verbose)
else:
# Scanning all tcp ports with nmap
t0 = BaseAnmapThread(args.HOST, "1-1000" if args.debug else "-", args.verbose, args.output)
t0.start()
host_dict = t0.rjoin()
np = 0
for p in host_dict.values():
np += len(p)
log("Found {} open ports on {} host(s) with nmap".format(np, len(host_dict)), args.verbose)
# Starting thorough and udp scan for each host in separate threads # Starting thorough and udp scan for each host in separate threads
thread_list = list() thread_list = list()
for host, open_port_list in host_list.items(): for host, open_port_list in host_dict.items():
thread_list.append(ThoroughAnmapThread(host, open_port_list, args.verbose, args.output)) thread_list.append(ThoroughAnmapThread(host, open_port_list, args.verbose, args.output))
thread_list.append(UDPAnmapThread(host, args.udp, args.verbose, args.output)) thread_list.append(UDPAnmapThread(host, args.udp, args.verbose, args.output))
for t in thread_list: for t in thread_list:

Laden…
Abbrechen
Speichern