def fofa_search(self): try: f = fofaSearch(self.domain_info_list, self.base_domain) ips = f.run() for ip in ips: if ip not in self.ip_set: self.fofa_ip_set.add(ip) if self.options.get("port_scan"): ip_port_result = services.port_scan(self.fofa_ip_set, **self.scan_port_option) for ip_info in ip_port_result: ip_info["domain"] = ["*.{}".format(self.base_domain)] port_info_obj_list = [] for port_info in ip_info["port_info"]: port_info_obj_list.append( modules.PortInfo(**port_info)) ip_info["port_info"] = port_info_obj_list fake_info_obj = modules.IPInfo(**ip_info) fake_ip_info = fake_info_obj.dump_json(flag=False) fake_ip_info["task_id"] = self.task_id utils.conn_db('ip').insert_one(fake_ip_info) for ip in self.fofa_ip_set: self.ipv4_map[ip] = ["*.{}".format(self.base_domain)] logger.info("fofa search {} {}".format(self.base_domain, len(self.fofa_ip_set))) except Exception as e: logger.exception(e) logger.warning("fofa search error {}, {}".format( self.base_domain, e))
def run(self): for info in self.domain_info_list: for ip in info.ip_list: old_domain = self.ipv4_map.get(ip, set()) old_domain.add(info.domain) self.ipv4_map[ip] = old_domain all_ipv4_list = self.ipv4_map.keys() start_time = time.time() logger.info("start port_scan {}".format(len(all_ipv4_list))) ip_port_result = services.port_scan(all_ipv4_list, **self.option) elapse = time.time() - start_time logger.info("end port_scan result {}, elapse {}".format( len(ip_port_result), elapse)) ip_info_obj = [] for result in ip_port_result: curr_ip = result["ip"] result["domain"] = list(self.ipv4_map[curr_ip]) port_info_obj_list = [] for port_info in result["port_info"]: port_info_obj_list.append(modules.PortInfo(**port_info)) result["port_info"] = port_info_obj_list ip_info_obj.append(modules.IPInfo(**result)) return ip_info_obj
def port_scan(): out = services.port_scan(['10.0.86.169', '10.0.83.6', '10.0.83.16'], os_detect=True) for o in out: port_info_obj_list = [] for port_info in o["port_info"]: port_info_obj_list.append(modules.PortInfo(**port_info)) o["port_info"] = port_info_obj_list print(modules.IPInfo(**o))
def save_ip_info(self): fake_ip_info_list = [] for ip in self.ipv4_map: data = { "ip": ip, "domain": list(self.ipv4_map[ip]), "port_info": [], "os_info": {} } info_obj = modules.IPInfo(**data) if info_obj not in self.ip_info_list: fake_ip_info_list.append(info_obj) for ip_info_obj in fake_ip_info_list: ip_info = ip_info_obj.dump_json(flag=False) ip_info["task_id"] = self.task_id utils.conn_db('ip').insert_one(ip_info)
def run(self): for info in self.domain_info_list: for ip in info.ip_list: old_domain = self.ipv4_map.get(ip, set()) old_domain.add(info.domain) self.ipv4_map[ip] = old_domain if ip not in self.ip_cdn_map: cdn_name = self.get_cdn_name(ip, info) self.ip_cdn_map[ip] = cdn_name if cdn_name: self.have_cdn_ip_list.append(ip) all_ipv4_list = self.ipv4_map.keys() if self.skip_scan_cdn_ip: all_ipv4_list = list( set(all_ipv4_list) - set(self.have_cdn_ip_list)) start_time = time.time() logger.info("start port_scan {}".format(len(all_ipv4_list))) ip_port_result = [] if all_ipv4_list: ip_port_result = services.port_scan(all_ipv4_list, **self.option) elapse = time.time() - start_time logger.info("end port_scan result {}, elapse {}".format( len(ip_port_result), elapse)) ip_info_obj = [] for result in ip_port_result: curr_ip = result["ip"] result["domain"] = list(self.ipv4_map[curr_ip]) result["cdn_name"] = self.ip_cdn_map.get(curr_ip, "") port_info_obj_list = [] for port_info in result["port_info"]: port_info_obj_list.append(modules.PortInfo(**port_info)) result["port_info"] = port_info_obj_list ip_info_obj.append(modules.IPInfo(**result)) if self.skip_scan_cdn_ip: fake_cdn_ip_info = self.build_fake_cdn_ip_info() ip_info_obj.extend(fake_cdn_ip_info) return ip_info_obj
def build_fake_cdn_ip_info(self): ret = [] map_80_port = { "port_id": 80, "service_name": "http", "version": "", "protocol": "tcp", "product": "" } fake_80_port = modules.PortInfo(**map_80_port) map_443_port = { "port_id": 443, "service_name": "https", "version": "", "protocol": "tcp", "product": "" } fake_443_port = modules.PortInfo(**map_443_port) fake_port_info = [fake_80_port, fake_443_port] for ip in self.ip_cdn_map: cdn_name = self.ip_cdn_map[ip] if not cdn_name: continue item = { "ip": ip, "domain": list(self.ipv4_map[ip]), "port_info": copy.deepcopy(fake_port_info), "cdn_name": cdn_name, "os_info": {} } ret.append(modules.IPInfo(**item)) return ret