def analyze(self, all_ip_objects):

        if self.country == '':
            print "Which country are you looking for??"
            print "Ex: United States"
            self.country = raw_input(' \n\n[>] Country: ').strip()

        # Creating Dictionaries for top values
        ip_country = []

        # Looping over IP address objects
        for key, value in all_ip_objects.iteritems():
            if value[0].ip_country.lower() == self.country.lower():
                ip_country.append(value[0].ip_address)

        if len(ip_country) == 0:
            print helpers.color("No IPs were detected to come from " + self.country + "!", warning=True)
        else:
            print "#" * 50
            print " " * 20 + "IPs from " + self.country
            print "#" * 50
            for ip_address in ip_country:
                print helpers.color(ip_address)

        return
    def analyze(self, all_ip_objects):

        if self.top_number == '':
            print "You selected the \"TopNetblocks\" module, how many CIDR blocks do you want returned?"
            print "Ex: 10"
            self.top_number = int(raw_input(' \n\n[>] Total: ').strip())

        top_cidrs = {}

        for single_ip in all_ip_objects.values():
            if 'asn_cidr' in single_ip[0].ip_whois.keys():
                if single_ip[0].ip_whois['asn_cidr'] in top_cidrs:
                    top_cidrs[single_ip[0].ip_whois['asn_cidr']] += 1
                else:
                    top_cidrs[single_ip[0].ip_whois['asn_cidr']] = 1

        # Iterate over all ports
        sorted_top_cidrs = self.dict_sorter(top_cidrs)
        list_counter = 1
        print "*" * 70
        print helpers.color(" " * 20 + "Top CIDR NetBlocks : Number of Instances" + " " * 20)
        print "*" * 70
        while ((list_counter <= self.top_number) and ((list_counter -1) != len(sorted_top_cidrs))):
            sorted_ports_tuple = sorted_top_cidrs[-list_counter]
            print "Port: " + helpers.color(str(sorted_ports_tuple[0])) + " - " + str(sorted_ports_tuple[1]) + " instances"
            list_counter += 1
        print

        return
    def analyze(self, all_ip_objects):

        if self.top_number == '':
            print "You selected the \"Top_Ports\" module, how many ports do you want returned?"
            print "Ex: 10"
            self.top_number = int(raw_input(' \n\n[>] Total: ').strip())

        top_ports = {}

        for path, single_ip in all_ip_objects.iteritems():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for item in single_ip[0].shodan_info['ports']:
                    if item in top_ports:
                        top_ports[item] += 1
                    else:
                        top_ports[item] = 1

        # Iterate over all ports
        sorted_top_ports = self.dict_sorter(top_ports)
        list_counter = 1
        print "*" * 70
        print helpers.color(" " * 20 + "Top Ports : Number of Instances" + " " * 20)
        print "*" * 70
        while ((list_counter <= self.top_number) and ((list_counter -1) != len(sorted_top_ports))):
            sorted_ports_tuple = sorted_top_ports[-list_counter]
            print "Port: " + helpers.color(str(sorted_ports_tuple[0])) + " - " + str(sorted_ports_tuple[1]) + " instances"
            list_counter += 1
        print

        self.top_number = ''

        return
Beispiel #4
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if self.check_host(incoming_ip_obj[0].ip_address
                               ) and incoming_ip_obj[0].virustotal is '':
                request_url = self.api_url + 'ip-address/report?'
                parameters = {
                    'ip': incoming_ip_obj[0].ip_address,
                    'apikey': self.api_key
                }
                encoded_params = urllib.urlencode(parameters)
                full_url = request_url + encoded_params
                try:
                    response = urllib.urlopen(full_url).read()
                    json_response = json.loads(response)

                    if json_response['response_code'] == 0:
                        print "No information within VirusTotal for " + incoming_ip_obj[
                            0].ip_address
                        incoming_ip_obj[
                            0].virustotal = "No information within VirusTotal for " + incoming_ip_obj[
                                0].ip_address
                    else:
                        print "Information found on " + helpers.color(
                            incoming_ip_obj[0].ip_address)
                        incoming_ip_obj[0].virustotal = json_response
                except IOError:
                    print helpers.color(
                        "Error while connecting to Virustotal for " +
                        incoming_ip_obj[0].ip_address,
                        warning=True)

                time.sleep(16)
        return
Beispiel #5
0
    def analyze(self, all_ip_objects):

        if self.country == '':
            print "Which country are you looking for??"
            print "Ex: United States"
            self.country = raw_input(' \n\n[>] Country: ').strip()

        # Creating Dictionaries for top values
        ip_country = []

        # Looping over IP address objects
        for key, value in all_ip_objects.iteritems():
            if value[0].ip_country.lower() == self.country.lower():
                ip_country.append(value[0].ip_address)

        if len(ip_country) == 0:
            print helpers.color("No IPs were detected to come from " +
                                self.country + "!",
                                warning=True)
        else:
            print "#" * 50
            print " " * 20 + "IPs from " + self.country
            print "#" * 50
            for ip_address in ip_country:
                print helpers.color(ip_address)

        return
Beispiel #6
0
    def export_info(self, f):
        # Date and Time for export File
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")

        if f == "":
            f = 'export_' + current_date + '_' + current_time + '.csv'      

        # True for printing the header on the first system
        # after that, only values
        add_header = True

        for path, ip_objd in self.system_objects.iteritems():
            attrs = vars(ip_objd[0])
            try:
                with open(f, 'a') as export_file:
                    csv_file = csv.DictWriter(export_file, attrs.keys())
                    if add_header:
                        csv_file.writeheader()
                        add_header = False
                    csv_file.writerow(attrs)
            except IOError as e:
                print helpers.color("\nCannot export file " + f + ": " + e.strerror)
                return
        print helpers.color("\nExport file saved to disk at " + f)

        return
Beispiel #7
0
    def export_info(self, f):
        # Date and Time for export File
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")

        if f == "":
            f = 'export_' + current_date + '_' + current_time + '.csv'      

        # True for printing the header on the first system
        # after that, only values
        add_header = True

        for path, ip_objd in self.system_objects.iteritems():
            attrs = vars(ip_objd[0])
            try:
                with open(f, 'a') as export_file:
                    csv_file = csv.DictWriter(export_file, attrs.keys())
                    if add_header:
                        csv_file.writeheader()
                        add_header = False
                    csv_file.writerow(attrs)
            except IOError as e:
                print helpers.color("\nCannot export file " + f + ": " + e.strerror)
                return
        print helpers.color("\nExport file saved to disk at " + f)

        return
Beispiel #8
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.items():

            if incoming_ip_obj[0].shodan_info == "":

                if self.api_key is "":
                    print(
                        helpers.color(
                            "[*] Error: You didn't provide a Shodan API Key!",
                            warning=True))
                    print(
                        helpers.color(
                            "[*] Please edit Shodan module and add in your API Key.",
                            warning=True))
                else:
                    if incoming_ip_obj[0].shodan_info is '':
                        print("Querying Shodan for information about " +
                              incoming_ip_obj[0].ip_address)
                        try:
                            json_result = self.api_object.host(
                                incoming_ip_obj[0].ip_address)
                            incoming_ip_obj[0].shodan_info = json_result
                        except shodan.exception.APIError:
                            incoming_ip_obj[
                                0].shodan_info = "No available information within Shodan about " + incoming_ip_obj[
                                    0].ip_address
                        except simplejson.decoder.JSONDecodeError:
                            pass
        return
Beispiel #9
0
    def gather(self, all_ips):
        for path, incoming_ip_obj in all_ips.iteritems():
            if incoming_ip_obj[0].zoomEye_info == "" and incoming_ip_obj[
                    0].ip_address != "":
                if self.api_token is "":
                    print helpers.color(
                        "[*] Error: You didn't provide a zoomEye credentials!",
                        warning=True)
                    print helpers.color(
                        "[*] Please edit zoomEye module and add in your credentials.",
                        warning=True)

                else:
                    if incoming_ip_obj[0].zoomEye_info is '':
                        print "Querying zoomEye for information about " + incoming_ip_obj[
                            0].ip_address
                        try:
                            json_result = self.zoomeye.dork_search(
                                'ip:%s' % incoming_ip_obj[0].ip_address, 125,
                                'host', [
                                    app, device, service, os, port, country,
                                    city
                                ])
                            incoming_ip_obj[0].zoomEye_info = json_result
                        except simplejson.decoder.JSONDecodeError:
                            pass
                        except:
                            incoming_ip_obj[
                                0].zoomEye_info = "No available information within zoomEye about " + incoming_ip_obj[
                                    0].ip_address
        return
    def analyze(self, all_ip_objects):

        if self.port_search == '':
            print "You selected the \"Port_search\" module, which port are you looking for?"
            print "Ex: 80"
            self.port_search = int(raw_input(' \n\n[>] Port: ').strip())

        top_ports = {}

        for path, single_ip in all_ip_objects.iteritems():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for port in single_ip[0].shodan_info['ports']:
                    if port in top_ports:
                        top_ports[port] = top_ports[port] + [single_ip[0].ip_address]
                    else:
                        top_ports[port] = [single_ip[0].ip_address]

        # Check if requested port is in dictionary
        if self.port_search in top_ports:
            print "Port " + str(self.port_search) + " is open on the following IPs:"
            print "*" * 50
            for ip_address in top_ports[self.port_search]:
                print helpers.color(ip_address)
        else:
            helpers.color("Port not open on any loaded IP address!", warning=True)

        self.port_search = ''

        return
Beispiel #11
0
 def run_gather_command(self, gather_module):
     gather_module_found = False
     try:
         for path, ig_obj in self.intelgathering_transforms.iteritems():
             if gather_module.lower() == 'all':
                 ig_obj.gather(self.ip_objects)
                 gather_module_found = True
             elif gather_module.lower() == ig_obj.cli_name.lower():
                 ig_obj.gather(self.ip_objects)
                 gather_module_found = True
                 break
         if not gather_module_found:
             print helpers.color(
                 "\n\n[*] Error: You didn't provide a valid gather module!",
                 warning=True)
             print helpers.color(
                 "[*] Please re-run and use a valid module.", warning=True)
             self.check_cli()
     except IndexError:
         print helpers.color(
             "\n\n[*] Error: Module command requires a module to load!",
             warning=True)
         print helpers.color("[*] Ex: gather geoinfo", warning=True)
         self.check_cli()
     except KeyboardInterrupt:
         print helpers.color("\n\n[*] You rage quit your intel gathering!",
                             warning=True)
         self.check_cli()
     return
Beispiel #12
0
    def analyze(self, all_ip_objects):

        if self.port_search == '':
            print(
                "You selected the \"Port_search\" module, which port are you looking for?"
            )
            print("Ex: 80")
            self.port_search = int(input(' \n\n[>] Port: ').strip())

        top_ports = {}

        for path, single_ip in all_ip_objects.items():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for port in single_ip[0].shodan_info['ports']:
                    if port in top_ports:
                        top_ports[port] = top_ports[port] + [
                            single_ip[0].ip_address
                        ]
                    else:
                        top_ports[port] = [single_ip[0].ip_address]

        # Check if requested port is in dictionary
        if self.port_search in top_ports:
            print("Port " + str(self.port_search) +
                  " is open on the following IPs:")
            print("*" * 50)
            for ip_address in top_ports[self.port_search]:
                print(helpers.color(ip_address))
        else:
            helpers.color("Port not open on any loaded IP address!",
                          warning=True)

        return
Beispiel #13
0
    def analyze(self, all_ip_objects):

        if self.top_number == '':
            print "You selected the \"TopNetblocks\" module, how many CIDR blocks do you want returned?"
            print "Ex: 10"
            self.top_number = int(raw_input(' \n\n[>] Total: ').strip())

        top_cidrs = {}

        for single_ip in all_ip_objects.values():
            if 'asn_cidr' in single_ip[0].ip_whois.keys():
                if single_ip[0].ip_whois['asn_cidr'] in top_cidrs:
                    top_cidrs[single_ip[0].ip_whois['asn_cidr']] += 1
                else:
                    top_cidrs[single_ip[0].ip_whois['asn_cidr']] = 1

        # Iterate over all ports
        sorted_top_cidrs = self.dict_sorter(top_cidrs)
        list_counter = 1
        print "*" * 70
        print helpers.color(" " * 20 +
                            "Top CIDR NetBlocks : Number of Instances" +
                            " " * 20)
        print "*" * 70
        while ((list_counter <= self.top_number)
               and ((list_counter - 1) != len(sorted_top_cidrs))):
            sorted_ports_tuple = sorted_top_cidrs[-list_counter]
            print "Port: " + helpers.color(str(
                sorted_ports_tuple[0])) + " - " + str(
                    sorted_ports_tuple[1]) + " instances"
            list_counter += 1
        print

        return
Beispiel #14
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if self.api_key is "":
                print helpers.color("[*] Error: You didn't provide a Bing API Key!", warning=True)
                print helpers.color("[*] Please edit Bing module and add in your API Key.", warning=True)
            else:
                if self.check_host(incoming_ip_obj[0].ip_address) and incoming_ip_obj[0].hostnames is '':
                    domains = []
                    raw_domains_temp = []
                    self.count = 0
                    while 1:
                        raw_domains = self.get_bing_data(incoming_ip_obj[0].ip_address)
                        if raw_domains == raw_domains_temp:
                            break
                        raw_domains_temp = raw_domains
                        if raw_domains == -1:
                            break
                        self.count += 100
                        for d in raw_domains:
                            domains.append(d)
                if domains:
                    incoming_ip_obj[0].hostnames = domains
                    print "Found %d hostnames for %s" % (len(domains), incoming_ip_obj[0].ip_address)
Beispiel #15
0
 def delete_ip(self, ipstring):
     if ipstring in self.system_objects:
         ipstring = str(ipstring)
         del self.system_objects[ipstring]
         print helpers.color("[*] Removed " + ipstring)
     else:
         print helpers.color("[*] Error: " + ipstring + " is not loaded in the framework", warning=True)
     return
Beispiel #16
0
    def save_state(self):
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")

        # Save state to disk
        pickle.dump(self.ip_objects, open("metadata" + current_date + "_" + current_time + ".state", "wb"))
        print helpers.color("\nState saved to disk at metadata" + current_date + "_" + current_time + ".state")
        return
Beispiel #17
0
 def delete_ip(self, ipstring):
     if ipstring in self.system_objects:
         ipstring = str(ipstring)
         del self.system_objects[ipstring]
         print helpers.color("[*] Removed " + ipstring)
     else:
         print helpers.color("[*] Error: " + ipstring +
                             " is not loaded in the framework",
                             warning=True)
     return
Beispiel #18
0
    def save_state(self):
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")

        # Save state to disk
        pickle.dump(self.ip_objects, open(
            'metadata' + current_date + "_" + current_time
            + '.state', 'wb'))
        print helpers.color("\nState saved to disk at metadata" + current_date + "_" + current_time + ".state")
        return
    def gather(self, all_ips):
        current_key = 0
        for path, incoming_ip_obj in all_ips.iteritems():

            if current_key < self.num_api_keys:

                if self.check_host(incoming_ip_obj[0].ip_address) and incoming_ip_obj[0].virustotal is '':
                    request_url = self.api_url + 'ip-address/report?'
                    parameters = {'ip': incoming_ip_obj[0].ip_address, 'apikey': self.api_key[current_key]}
                    encoded_params = urllib.urlencode(parameters)
                    full_url = request_url + encoded_params
                    try:
                        response = urllib.urlopen(full_url).read()
                        json_response = json.loads(response)

                        if json_response['response_code'] == 0:
                            print "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
                            incoming_ip_obj[0].virustotal = "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
                        else:
                            print "Information found on " + helpers.color(incoming_ip_obj[0].ip_address)
                            incoming_ip_obj[0].virustotal = json_response

                    except IOError:
                        print helpers.color("Error while connecting to Virustotal for " + incoming_ip_obj[0].ip_address, warning=True)
                    except ValueError:
                        print helpers.color("Error loading JSON response for " + incoming_ip_obj[0].domain_name, warning=True)
                    current_key += 1

                if incoming_ip_obj[0].domain_name != "" and incoming_ip_obj[0].virustotal_domain is '':
                    request_url = self.api_url + 'domain/report?'
                    parameters = {'domain': incoming_ip_obj[0].domain_name, 'apikey': self.api_key[current_key]}
                    encoded_params = urllib.urlencode(parameters)
                    full_url = request_url + encoded_params
                    try:
                        response = urllib.urlopen(full_url).read()
                        json_response = json.loads(response)

                        if json_response['response_code'] == 0:
                            print "No information within VirusTotal for " + incoming_ip_obj[0].domain_name
                            incoming_ip_obj[0].virustotal_domain = "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
                        else:
                            print "Information found on " + helpers.color(incoming_ip_obj[0].domain_name)
                            incoming_ip_obj[0].virustotal_domain = json_response

                    except IOError:
                        print helpers.color("Error while connecting to Virustotal for " + incoming_ip_obj[0].domain_name, warning=True)
                    except ValueError:
                        print helpers.color("Error loading JSON response for " + incoming_ip_obj[0].domain_name, warning=True)
                    current_key += 1

            else:
                time.sleep(16)
                current_key = 0

        return
Beispiel #20
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if incoming_ip_obj[0].ip_address != "" and incoming_ip_obj[0].ip_country == "":

                # Make request for information about IPs
                print "Getting info on... " + incoming_ip_obj[0].ip_address
                try:
                    response = urllib2.urlopen('http://ip-api.com/json/' + incoming_ip_obj[0].ip_address)
                    json_response = response.read()
                    decoded_json = json.loads(json_response)

                    # Check for failed response (such as a reserved range)
                    if decoded_json['status'].encode('utf-8') == "fail":
                        print helpers.color("[*] Could not retrieve information for " + incoming_ip_obj[0].ip_address, warning=True)
                    else:

                        # Load info into IP object
                        if decoded_json['as'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_as_number = decoded_json['as'].encode('utf-8')
                        if decoded_json['country'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_country = decoded_json['country'].encode('utf-8')
                        if decoded_json['countryCode'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_country_code = decoded_json['countryCode'].encode('utf-8')
                        if decoded_json['city'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_city = decoded_json['city'].encode('utf-8')
                        if decoded_json['zip'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_zipcode = decoded_json['zip'].encode('utf-8')
                        if decoded_json['isp'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_isp = decoded_json['isp'].encode('utf-8')
                        if decoded_json['lat'] is not '':
                            incoming_ip_obj[0].ip_latitude = str(decoded_json['lat'])
                        if decoded_json['lon'] is not '':
                            incoming_ip_obj[0].ip_longitude = str(decoded_json['lon'])
                        if decoded_json['region'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_region_code = decoded_json['region'].encode('utf-8')
                        if decoded_json['regionName'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_region_name = decoded_json['regionName'].encode('utf-8')
                        if decoded_json['timezone'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_timezone = decoded_json['timezone'].encode('utf-8')
                        if decoded_json['org'].encode('utf-8') is not '':
                            incoming_ip_obj[0].ip_organization = decoded_json['org'].encode('utf-8')

                except urllib2.URLError:
                    print helpers.color("[!] Cannot receive IP Geo Information from source!", warning=True)
                    print helpers.color("[!] Moving to the next IP address...", warning=True)

                except (IOError, httplib.HTTPException):
                    print helpers.color("[!] Cannot receive IP Geo Information from source!", warning=True)
                    print helpers.color("[!] Moving to the next IP address...", warning=True)

                # Sleep is here to make sure we don't go over API limits
                time.sleep(.5)
        return
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if incoming_ip_obj[0].ip_whois == "":

                try:
                    print "Gathering whois information about " + incoming_ip_obj[0].ip_address
                    ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
                    incoming_ip_obj[0].ip_whois = ip_whois.lookup()
                except IPDefinedError:
                    print helpers.color("[*] Error: Private IP address, skipping IP!", warning=True)
        return
Beispiel #22
0
 def generate(self, cli_object):
     if cli_object.salt is not False:
         if cli_object.rounds is not False:
             try:
                 generatedhash = sha512_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds), salt=cli_object.salt)
                 return generatedhash
             except ValueError:
                 print helpers.color("sha512_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
                 print helpers.color("[*] Running with default of 60000 rounds.", warning=True)
                 generatedhash = sha512_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
                 return generatedhash
         else:
             generatedhash = sha512_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
             return generatedhash
     else:
         if cli_object.rounds is not False:
             try:
                 generatedhash = sha512_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds))
                 return generatedhash
             except ValueError:
                 print helpers.color("[*] Warning: sha512_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
                 print helpers.color("[*] Running with default of 60000 rounds.", warning=True)
                 generatedhash = sha512_crypt.encrypt(cli_object.plaintext)
                 return generatedhash
         else:
             generatedhash = sha512_crypt.encrypt(cli_object.plaintext)
             return generatedhash
     return
Beispiel #23
0
 def run_ipinfo_command(self, ip_addr):
     ip_found = False
     try:
         for path, ip_objd in self.system_objects.iteritems():
             if ip_objd[0].ip_address == ip_addr or ip_addr.lower(
             ) == 'all':
                 attrs = vars(ip_objd[0])
                 print ip_objd[0].ip_address
                 print "*" * 25
                 for key, value in attrs.iteritems():
                     print helpers.color(key) + ": " + self.collapse(value)
                 ip_found = True
         if not ip_found:
             print helpers.color(
                 "[*] Error: The provided IP address is not loaded in the framework!",
                 warning=True)
             print helpers.color("[*] Error: Please provide a new IP.",
                                 warning=True)
             self.check_cli()
     except IndexError:
         print helpers.color(
             "[*] Error: The \"ip_info\" command requires an IP address!",
             warning=True)
         self.check_cli()
     return
Beispiel #24
0
 def run_analyze_command(self, analyze_command):
     try:
         hit_module = False
         for path, analytics_obj in self.analytical_transforms.iteritems():
             if analyze_command.lower() == 'all':
                 analytics_obj.analyze(self.ip_objects)
                 hit_module = True
             elif analyze_command.lower() == analytics_obj.cli_name.lower():
                 analytics_obj.analyze(self.ip_objects)
                 hit_module = True
                 break
     except IndexError:
         print helpers.color(
             "\n\n[*] Error: Analyze command requires a module to load!",
             warning=True)
         print helpers.color("[*] Ex: analyze GeoInfo", warning=True)
         self.check_cli()
     if not hit_module:
         print helpers.color(
             "\n\n[*] Error: You didn't provide a valid module!",
             warning=True)
         print helpers.color("[*] Please re-run and use a valid module.",
                             warning=True)
         self.check_cli()
     return
Beispiel #25
0
    def add_ip(self, ipstring):
        total_systems = 0
        ipstring = ipstring.strip()
        if "/" in ipstring:
            try:
                for ip in netaddr.IPSet([ipstring]):
                    ip = str(ip)
                    activated_system_object = ip_object.IP_Information(ip)
                    if ip in self.system_objects:
                        print helpers.color("[*] Warning: Skipped duplicate IP ! (" + str(ipstring).strip() + ")", warning=True)
                        return total_systems
                    else:
                        self.system_objects[ip] = [activated_system_object, 1]
                        total_systems += 1
            except netaddr.core.AddrFormatError:
                print helpers.color("[*] Error: Bad IP CIDR range detected! (" + str(ipstring).strip() + ")", warning=True)
                return 0
        else:
            activated_system_object = ip_object.IP_Information(ipstring.strip())
            if ipstring in self.system_objects:
                print helpers.color("[*] Warning: Skipped duplicate IP ! (" + str(ipstring).strip() + ")", warning=True)
                return total_systems
            else:
                self.system_objects[ipstring] = [activated_system_object, 1]
                total_systems += 1
	print helpers.color("[*] Added " + ipstring)
	return total_systems
Beispiel #26
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if incoming_ip_obj[0].domain_name != "":

                if self.api_key is "":
                    print helpers.color(
                        "[*] Error: You didn't provide a MyWOT API Key!",
                        warning=True)
                    print helpers.color(
                        "[*] Please edit the MyWOT module and add in your API Key.",
                        warning=True)
                    print helpers.color(
                        "[*] Create an account at www.mywot.com and get a free API key.",
                        warning=True)
                else:
                    if incoming_ip_obj[0].shodan_info is '':
                        print "Querying MyWOT for information about " + incoming_ip_obj[
                            0].domain_name
                        try:
                            url = "http://api.mywot.com/0.4/public_link_json2?hosts=" + incoming_ip_obj[
                                0].domain_name + "/&key=" + self.api_key
                            req = urllib2.Request(url)
                            response = urllib2.urlopen(req)
                            incoming_ip_obj[0].mywot = json.loads(
                                response.read())
                        except urllib2.HTTPError:
                            pass
                        except ValueError:
                            print helpers.color(
                                "Error loading JSON response for " +
                                incoming_ip_obj[0].domain_name,
                                warning=True)
        return
Beispiel #27
0
 def generate(self, cli_object):
     if cli_object.salt is not False:
         if cli_object.rounds is not False:
             try:
                 generatedhash = sha256_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds), salt=cli_object.salt)
                 return generatedhash
             except ValueError:
                 print helpers.color("Sha256_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
                 print helpers.color("[*] Running with default of 80000 rounds.", warning=True)
                 generatedhash = sha256_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
                 return generatedhash
         else:
             generatedhash = sha256_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
             return generatedhash
     else:
         if cli_object.rounds is not False:
             try:
                 generatedhash = sha256_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds))
                 return generatedhash
             except ValueError:
                 print helpers.color("[*] Warning: Sha256_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
                 print helpers.color("[*] Running with default of 80000 rounds.", warning=True)
                 generatedhash = sha256_crypt.encrypt(cli_object.plaintext)
                 return generatedhash
         else:
             generatedhash = sha256_crypt.encrypt(cli_object.plaintext)
             return generatedhash
     return
Beispiel #28
0
    def save_state(self, f):
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")

        if f == "":
            f = 'metadata' + current_date + "_" + current_time + '.state'

        # Save state to disk
        try:
            pickle.dump(self.system_objects, open(f, 'wb'))
            print helpers.color("\nState saved to disk at " + f)
        except IOError as e:
            print helpers.color("\nCannot save state file " + f + ": " + e.strerror)
            pass
        return
Beispiel #29
0
    def save_state(self, f):
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")

        if f == "":
            f = 'metadata' + current_date + "_" + current_time + '.state'

        # Save state to disk
        try:
            pickle.dump(self.system_objects, open(f, 'wb'))
            print helpers.color("\nState saved to disk at " + f)
        except IOError as e:
            print helpers.color("\nCannot save state file " + f + ": " + e.strerror)
            pass
        return
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if incoming_ip_obj[0].ip_whois == "" and incoming_ip_obj[0].ip_address != "":

                try:
                    print "Gathering whois information about " + incoming_ip_obj[0].ip_address
                    ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
                    incoming_ip_obj[0].ip_whois = ip_whois.lookup_whois()
                except IPDefinedError:
                    print helpers.color("[*] Error: Private IP address, skipping IP!", warning=True)
                except HTTPLookupError:
                    print helpers.color("Could not connect online to lookup whois for " + incoming_ip_obj[0].domain_name, warning=True)
        return
Beispiel #31
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if incoming_ip_obj[0].ip_whois == "":

                try:
                    print "Gathering whois information about " + incoming_ip_obj[
                        0].ip_address
                    ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
                    incoming_ip_obj[0].ip_whois = ip_whois.lookup()
                except IPDefinedError:
                    print helpers.color(
                        "[*] Error: Private IP address, skipping IP!",
                        warning=True)
        return
Beispiel #32
0
 def run_list_command(self, list_cmd):
     try:
         if len(list_cmd.split()) == 1:
             list_command = list_cmd
         else:
             list_command = list_cmd.split()[1]
         if list_command.lower() == 'analysis':
             for path, object_name in self.analytical_transforms.iteritems():
                 print object_name.cli_name + " => " + object_name.description
             print "All => Invokes all of the above Analysis modules"
         elif list_command.lower() == 'gather':
             for path, object_name in self.intelgathering_transforms.iteritems():
                 print object_name.cli_name + " => " + object_name.description
             print "All => Invokes all of the above IntelGathering modules"
     except IndexError:
         print helpers.color("\n\n[*] Error: You did not provide module type to display!", warning=True)
         print helpers.color("[*] Ex: list analysis", warning=True)
         self.check_cli()
     return
Beispiel #33
0
    def export_info(self):
        # Date and Time for export File
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")
        # True for printing the header on the first system
        # after that, only values
        add_header = True

        for path, ip_objd in self.ip_objects.iteritems():
            attrs = vars(ip_objd[0])
            with open('export_' + current_date + '_' + current_time + '.csv', 'a') as export_file:
                csv_file = csv.DictWriter(export_file, attrs.keys())
                if add_header:
                    csv_file.writeheader()
                    add_header = False
                csv_file.writerow(attrs)

        print helpers.color("\nExport file saved to disk at export_" + current_date + "_" + current_time + ".csv")
        return
Beispiel #34
0
    def export_info(self):
        # Date and Time for export File
        current_date = time.strftime("%m/%d/%Y").replace("/", "")
        current_time = time.strftime("%H:%M:%S").replace(":", "")
        # True for printing the header on the first system
        # after that, only values
        add_header = True

        for path, ip_objd in self.ip_objects.iteritems():
            attrs = vars(ip_objd[0])
            with open('export_' + current_date + '_' + current_time + '.csv', 'a') as export_file:
                csv_file = csv.DictWriter(export_file, attrs.keys())
                if add_header:
                    csv_file.writeheader()
                    add_header = False
                csv_file.writerow(attrs)

        print helpers.color("\nExport file saved to disk at export_" + current_date + "_" + current_time + ".csv")
        return
Beispiel #35
0
 def run_list_command(self, list_cmd):
     try:
         if len(list_cmd.split()) == 1:
             list_command = list_cmd
         else:
             list_command = list_cmd.split()[1]
         if list_command.lower() == 'analysis':
             for path, object_name in self.analytical_transforms.iteritems():
                 print object_name.cli_name + " => " + object_name.description
             print "All => Invokes all of the above Analysis modules"
         elif list_command.lower() == 'gather':
             for path, object_name in self.intelgathering_transforms.iteritems():
                 print object_name.cli_name + " => " + object_name.description
             print "All => Invokes all of the above IntelGathering modules"
     except IndexError:
         print helpers.color("\n\n[*] Error: You did not provide module type to display!", warning=True)
         print helpers.color("[*] Ex: list analysis", warning=True)
         self.check_cli()
     return
Beispiel #36
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.items():

            if incoming_ip_obj[0].shodan_info == "":

                if self.api_key is "":
                    print(helpers.color("[*] Error: You didn't provide a Shodan API Key!", warning=True))
                    print(helpers.color("[*] Please edit Shodan module and add in your API Key.", warning=True))
                else:
                    if incoming_ip_obj[0].shodan_info is '':
                        print("Querying Shodan for information about " + incoming_ip_obj[0].ip_address)
                        try:
                            json_result = self.api_object.host(incoming_ip_obj[0].ip_address)
                            incoming_ip_obj[0].shodan_info = json_result
                        except shodan.exception.APIError:
                            incoming_ip_obj[0].shodan_info = "No available information within Shodan about " + incoming_ip_obj[0].ip_address
                        except simplejson.decoder.JSONDecodeError:
                            pass
        return
    def analyze(self, all_ip_objects):

        if self.https_cert == '':
            print "Please provide the HTTPS certificate you want to search for."
            self.https_cert = raw_input(' \n\n[>] HTTPS Cert (including start and end tags): ').strip()

        for path, single_ip in all_ip_objects.iteritems():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for item in single_ip[0].shodan_info['data']:
                    if 'opts' in item:
                        if 'pem' in item['opts']:
                            if self.https_cert.strip() in item['opts']['pem'].encode('utf-8').replace('\n', '').replace('\r', ''):
                                self.found_ips.append(single_ip[0].ip_address)

        if len(self.found_ips) > 0:
            print helpers.color("\nCertificate Found!")
            print "===================================="
            for ip in self.found_ips:
                print helpers.color(ip)
            print

        else:
            print helpers.color("\nCertificate is not found within the currently loaded data!\n", warning=True)

        self.https_cert = ''
        self.found_ips = []

        return
Beispiel #38
0
    def load_ips(self, file_of_systems):

        # Check to make sure file given is a valid file
        if os.path.isfile(file_of_systems):
            # read in IPs from a file
            with open(file_of_systems, "r") as system_file:
                justmetadata_system_list = system_file.readlines()
            total_systems = len(justmetadata_system_list)

            # Cast each IP its own object
            for system in justmetadata_system_list:
                activated_system_object = ip_object.IP_Information(
                    system.strip())
                if system in self.system_objects:
                    self.system_objects[system][
                        1] = self.system_objects[system][1] + 1
                else:
                    self.system_objects[system] = [activated_system_object, 1]

            print helpers.color("[*] Loaded " + str(total_systems) +
                                " systems")

        else:
            print helpers.color("\n\n[*] Error: Invalid file path provided!",
                                warning=True)
            print helpers.color(
                "[*] Error: Please provide the valid path to a file.",
                warning=True)
        return
Beispiel #39
0
 def generate(self, cli_object):
     if cli_object.salt is not False:
         if cli_object.rounds is not False:
             try:
                 generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext, rounds=cli_object.rounds, salt=cli_object.salt)
             except ValueError:
                 print helpers.color("Error: BCrypt requres a salt of 22 alphanumeric characters", warning=True)
                 sys.exit()
             return generatedhash
         else:
             try:
                 generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext, salt=cli_object.salt)
             except ValueError:
                 print helpers.color("Error: BCrypt requres a salt of 22 alphanumeric characters", warning=True)
                 sys.exit()
             return generatedhash
     else:
         if cli_object.rounds is not False:
             try:
                 generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext, rounds=cli_object.rounds)
             except ValueError:
                 print helpers.color("[*] Warning: BCrypt requires > 4 rounds! Running with 12 (default) rounds now.", warning=True)
                 generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext)
             return generatedhash
         else:
             generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext)
         return generatedhash
Beispiel #40
0
    def load_ips(self, file_of_ips):

        # Check to make sure file given is a valid file
        if os.path.isfile(file_of_ips):
            # read in IPs from a file
            with open(file_of_ips, "r") as ip_file:
                ip_addr_dictionary = ip_file.readlines()
            total_ips = len(ip_addr_dictionary)

            # Cast each IP its own object
            for ip in ip_addr_dictionary:
                activated_ip_object = ip_object.IP_Information(ip.strip())
                if ip in self.ip_objects:
                    self.ip_objects[ip][1] = self.ip_objects[ip][1] + 1
                else:
                    self.ip_objects[ip] = [activated_ip_object, 1]

            print helpers.color("[*] Loaded " + str(total_ips) + " IPs")

        else:
            print helpers.color("\n\n[*] Error: Invalid file path provided!",
                                warning=True)
            print helpers.color(
                "[*] Error: Please provide the valid path to a file.",
                warning=True)
        return
    def analyze(self, all_ip_objects):

        if self.ssh_key == '':
            print "Please provide the SSH Key you want to search for."
            self.ssh_key = raw_input(' \n\n[>] SSH Key: ').strip()

        for path, single_ip in all_ip_objects.iteritems():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for item in single_ip[0].shodan_info['data']:
                    if 'opts' in item:
                        if 'ssh' in item['opts']:
                            if 'key' in item['opts']['ssh']:
                                if self.ssh_key == item['opts']['ssh']['key'].encode('utf-8').replace('\n', '').replace('\r', ''):
                                    self.found_ips.append(single_ip[0].ip_address)

        if len(self.found_ips) > 0:
            print helpers.color("\nKey Found!")
            print "===================================="
            for ip in self.found_ips:
                print helpers.color(ip)
            print

        else:
            print helpers.color("\nKey is not found within the currently loaded data!\n", warning=True)

        self.ssh_key = ''
        self.found_ips = []

        return
Beispiel #42
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if incoming_ip_obj[
                    0].ip_whois == "" and incoming_ip_obj[0].ip_address != "":

                try:
                    print "Gathering whois information about " + incoming_ip_obj[
                        0].ip_address
                    ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
                    incoming_ip_obj[0].ip_whois = ip_whois.lookup()
                except IPDefinedError:
                    print helpers.color(
                        "[*] Error: Private IP address, skipping IP!",
                        warning=True)
                except HTTPLookupError:
                    print helpers.color(
                        "Could not connect online to lookup whois for " +
                        incoming_ip_obj[0].domain_name,
                        warning=True)
        return
Beispiel #43
0
    def analyze(self, all_ip_objects):

        if self.top_number == '':
            print "You selected the \"Top_Ports\" module, how many ports do you want returned?"
            print "Ex: 10"
            self.top_number = int(raw_input(' \n\n[>] Total: ').strip())

        top_ports = {}

        for path, single_ip in all_ip_objects.iteritems():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for item in single_ip[0].shodan_info['ports']:
                    if item in top_ports:
                        top_ports[item] += 1
                    else:
                        top_ports[item] = 1

        # Iterate over all ports
        sorted_top_ports = self.dict_sorter(top_ports)
        list_counter = 1
        print "*" * 70
        print helpers.color(" " * 20 + "Top Ports : Number of Instances" +
                            " " * 20)
        print "*" * 70
        while ((list_counter <= self.top_number)
               and ((list_counter - 1) != len(sorted_top_ports))):
            sorted_ports_tuple = sorted_top_ports[-list_counter]
            print "Port: " + helpers.color(str(
                sorted_ports_tuple[0])) + " - " + str(
                    sorted_ports_tuple[1]) + " instances"
            list_counter += 1
        print

        self.top_number = ''

        return
Beispiel #44
0
 def run_gather_command(self, gather_module):
     gather_module_found = False
     try:
         for path, ig_obj in self.intelgathering_transforms.iteritems():
             if gather_module.lower() == 'all':
                 ig_obj.gather(self.ip_objects)
                 gather_module_found = True
             elif gather_module.lower() == ig_obj.cli_name.lower():
                 ig_obj.gather(self.ip_objects)
                 gather_module_found = True
                 break
         if not gather_module_found:
             print helpers.color("\n\n[*] Error: You didn't provide a valid gather module!", warning=True)
             print helpers.color("[*] Please re-run and use a valid module.", warning=True)
             self.check_cli()
     except IndexError:
         print helpers.color("\n\n[*] Error: Module command requires a module to load!", warning=True)
         print helpers.color("[*] Ex: gather geoinfo", warning=True)
         self.check_cli()
     except KeyboardInterrupt:
         print helpers.color("\n\n[*] You rage quit your intel gathering!", warning=True)
         self.check_cli()
     return
Beispiel #45
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if (
                incoming_ip_obj[0].ip_country == ""
                and incoming_ip_obj[0].ip_city == ""
                and incoming_ip_obj[0].ip_isp == ""
                and incoming_ip_obj[0].ip_latitude == ""
            ):

                # Make request for information about IPs
                print "Getting info on... " + incoming_ip_obj[0].ip_address
                try:
                    response = urllib2.urlopen("http://ip-api.com/json/" + incoming_ip_obj[0].ip_address)
                    json_response = response.read()
                    decoded_json = json.loads(json_response)

                    # Check for failed response (such as a reserved range)
                    if decoded_json["status"].encode("utf-8") == "fail":
                        print helpers.color(
                            "[*] Could not retrieve information for " + incoming_ip_obj[0].ip_address, warning=True
                        )
                    else:

                        # Load info into IP object
                        if decoded_json["as"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_as_number = decoded_json["as"].encode("utf-8")
                        if decoded_json["country"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_country = decoded_json["country"].encode("utf-8")
                        if decoded_json["countryCode"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_country_code = decoded_json["countryCode"].encode("utf-8")
                        if decoded_json["city"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_city = decoded_json["city"].encode("utf-8")
                        if decoded_json["zip"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_zipcode = decoded_json["zip"].encode("utf-8")
                        if decoded_json["isp"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_isp = decoded_json["isp"].encode("utf-8")
                        if decoded_json["lat"] is not "":
                            incoming_ip_obj[0].ip_latitude = str(decoded_json["lat"])
                        if decoded_json["lon"] is not "":
                            incoming_ip_obj[0].ip_longitude = str(decoded_json["lon"])
                        if decoded_json["region"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_region_code = decoded_json["region"].encode("utf-8")
                        if decoded_json["regionName"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_region_name = decoded_json["regionName"].encode("utf-8")
                        if decoded_json["timezone"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_timezone = decoded_json["timezone"].encode("utf-8")
                        if decoded_json["org"].encode("utf-8") is not "":
                            incoming_ip_obj[0].ip_organization = decoded_json["org"].encode("utf-8")

                    # Sleep is here to make sure we don't go over API limits
                    time.sleep(0.25)
                except urllib2.URLError:
                    print helpers.color("[!] Cannot receive IP Geo Information from source!", warning=True)
                    print helpers.color("[!] Moving to the next IP address...", warning=True)
        return
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if self.check_host(incoming_ip_obj[0].ip_address) and incoming_ip_obj[0].virustotal is '':
                request_url = self.api_url + 'ip-address/report?'
                parameters = {'ip': incoming_ip_obj[0].ip_address, 'apikey': self.api_key}
                encoded_params = urllib.urlencode(parameters)
                full_url = request_url + encoded_params
                try:
                    response = urllib.urlopen(full_url).read()
                    json_response = json.loads(response)

                    if json_response['response_code'] == 0:
                        print "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
                        incoming_ip_obj[0].virustotal = "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
                    else:
                        print "Information found on " + helpers.color(incoming_ip_obj[0].ip_address)
                        incoming_ip_obj[0].virustotal = json_response
                except IOError:
                    print helpers.color("Error while connecting to Virustotal for " + incoming_ip_obj[0].ip_address, warning=True)

                time.sleep(16)
        return
    def load_ips(self, file_of_ips):

        # Check to make sure file given is a valid file
        if os.path.isfile(file_of_ips):
            # read in IPs from a file
            with open(file_of_ips, "r") as ip_file:
                ip_addr_dictionary = ip_file.readlines()
            total_ips = len(ip_addr_dictionary)

            # Cast each IP its own object
            for ip in ip_addr_dictionary:
                activated_ip_object = ip_object.IP_Information(ip.strip())
                if ip in self.ip_objects:
                    self.ip_objects[ip][1] = self.ip_objects[ip][1] + 1
                else:
                    self.ip_objects[ip] = [activated_ip_object, 1]

            print helpers.color("[*] Loaded " + str(total_ips) + " IPs")
            return

        else:
            print "[*] Error: Invalid file path provided!"
            print "[*] Error: Please provide the valid path to a file."
            return
Beispiel #48
0
 def run_ipinfo_command(self, ip_addr):
     ip_found = False
     try:
         for path, ip_objd in self.ip_objects.iteritems():
             if ip_objd[0].ip_address == ip_addr:
                 attrs = vars(ip_objd[0])
                 print ip_objd[0].ip_address
                 print "*" * 25
                 for key, value in attrs.iteritems():
                     print helpers.color(key) + ": " + self.collapse(value)
                 ip_found = True
         if not ip_found:
             print helpers.color("[*] Error: The provided IP address is not loaded in the framework!", warning=True)
             print helpers.color("[*] Error: Please provide a new IP.", warning=True)
             self.check_cli()
     except IndexError:
         print helpers.color("[*] Error: The \"ip_info\" command requires an IP address!", warning=True)
         self.check_cli()
     return
Beispiel #49
0
 def run_analyze_command(self, analyze_command):
     try:
         hit_module = False
         for path, analytics_obj in self.analytical_transforms.iteritems():
             if analyze_command.lower() == 'all':
                 analytics_obj.analyze(self.ip_objects)
                 hit_module = True
             elif analyze_command.lower() == analytics_obj.cli_name.lower():
                 analytics_obj.analyze(self.ip_objects)
                 hit_module = True
                 break
     except IndexError:
         print helpers.color("\n\n[*] Error: Analyze command requires a module to load!", warning=True)
         print helpers.color("[*] Ex: analyze GeoInfo", warning=True)
         self.check_cli()
     if not hit_module:
         print helpers.color("\n\n[*] Error: You didn't provide a valid module!", warning=True)
         print helpers.color("[*] Please re-run and use a valid module.", warning=True)
         self.check_cli()
     return
Beispiel #50
0
    def load_ips(self, file_of_systems):

        # Check to make sure file given is a valid file
        if os.path.isfile(file_of_systems):
            # read in IPs from a file
            with open(file_of_systems, "r") as system_file:
                justmetadata_system_list = system_file.readlines()
            total_systems = 0

            # Cast each IP its own object
            for system in justmetadata_system_list:
                if "/" in system:
                    try:
                        for ip in netaddr.IPSet([system]):
                            ip = str(ip)
                            activated_system_object = ip_object.IP_Information(ip)
                            if ip in self.system_objects:
                                self.system_objects[ip][1] = self.system_objects[ip][1] + 1
                                total_systems += 1
                            else:
                                self.system_objects[ip] = [activated_system_object, 1]
                                total_systems += 1
                    except netaddr.core.AddrFormatError:
                        print helpers.color("[*] Error: Bad IP CIDR range detected! (" + str(system).strip() + ")", warning=True)
                        continue
                else:
                    activated_system_object = ip_object.IP_Information(system.strip())
                    if system in self.system_objects:
                        self.system_objects[system][1] = self.system_objects[system][1] + 1
                        total_systems += 1
                    else:
                        self.system_objects[system] = [activated_system_object, 1]
                        total_systems += 1

            print helpers.color("[*] Loaded " + str(total_systems) + " systems")

        else:
            print helpers.color("\n\n[*] Error: Invalid file path provided!", warning=True)
            print helpers.color("[*] Error: Please provide the valid path to a file.", warning=True)
        return
Beispiel #51
0
    def load_ips(self, file_of_systems):

        # Check to make sure file given is a valid file
        if os.path.isfile(file_of_systems):
            # read in IPs from a file
            with open(file_of_systems, "r") as system_file:
                justmetadata_system_list = system_file.readlines()
            total_systems = 0

            # Cast each IP its own object
            for system in justmetadata_system_list:
                if "/" in system:
                    try:
                        for ip in netaddr.IPSet([system]):
                            ip = str(ip)
                            activated_system_object = ip_object.IP_Information(ip)
                            if ip in self.system_objects:
                                self.system_objects[ip][1] = self.system_objects[ip][1] + 1
                                total_systems += 1
                            else:
                                self.system_objects[ip] = [activated_system_object, 1]
                                total_systems += 1
                    except netaddr.core.AddrFormatError:
                        print helpers.color("[*] Error: Bad IP CIDR range detected! (" + str(system).strip() + ")", warning=True)
                        continue
                else:
                    activated_system_object = ip_object.IP_Information(system.strip())
                    if system in self.system_objects:
                        self.system_objects[system][1] = self.system_objects[system][1] + 1
                        total_systems += 1
                    else:
                        self.system_objects[system] = [activated_system_object, 1]
                        total_systems += 1

            print helpers.color("[*] Loaded " + str(total_systems) + " systems")

        else:
            print helpers.color("\n\n[*] Error: Invalid file path provided!", warning=True)
            print helpers.color("[*] Error: Please provide the valid path to a file.", warning=True)
        return
Beispiel #52
0
    def gather(self, all_ips):

        for path, incoming_ip_obj in all_ips.iteritems():

            if incoming_ip_obj[0].domain_name != "":

                if self.api_key is "":
                    print helpers.color("[*] Error: You didn't provide a MyWOT API Key!", warning=True)
                    print helpers.color("[*] Please edit the MyWOT module and add in your API Key.", warning=True)
                    print helpers.color("[*] Create an account at www.mywot.com and get a free API key.", warning=True)
                else:
                    if incoming_ip_obj[0].shodan_info is '':
                        print "Querying MyWOT for information about " + incoming_ip_obj[0].domain_name
                        try:
                            url = "http://api.mywot.com/0.4/public_link_json2?hosts=" + incoming_ip_obj[0].domain_name + "/&key=" + self.api_key
                            req = urllib2.Request(url)
                            response = urllib2.urlopen(req)
                            incoming_ip_obj[0].mywot = json.loads(response.read())
                        except urllib2.HTTPError:
                            pass
                        except ValueError:
                            print helpers.color("Error loading JSON response for " + incoming_ip_obj[0].domain_name, warning=True)
        return
Beispiel #53
0
 def add_ip(self, ipstring):
     total_systems = 0
     ipstring = ipstring.strip()
     if "/" in ipstring:
         try:
             for ip in netaddr.IPSet([ipstring]):
                 ip = str(ip)
                 activated_system_object = ip_object.IP_Information(ip)
                 if ip in self.system_objects:
                     print helpers.color(
                         "[*] Warning: Skipped duplicate IP ! (" +
                         str(ipstring).strip() + ")",
                         warning=True)
                     return total_systems
                 else:
                     self.system_objects[ip] = [activated_system_object, 1]
                     total_systems += 1
         except netaddr.core.AddrFormatError:
             print helpers.color(
                 "[*] Error: Bad IP CIDR range detected! (" +
                 str(ipstring).strip() + ")",
                 warning=True)
             return 0
     else:
         activated_system_object = ip_object.IP_Information(
             ipstring.strip())
         if ipstring in self.system_objects:
             print helpers.color("[*] Warning: Skipped duplicate IP ! (" +
                                 str(ipstring).strip() + ")",
                                 warning=True)
             return total_systems
         else:
             self.system_objects[ipstring] = [activated_system_object, 1]
             total_systems += 1
     print helpers.color("[*] Added " + ipstring)
     return total_systems
Beispiel #54
0
    def load_ips(self, file_of_systems):

        # Check to make sure file given is a valid file
        if os.path.isfile(file_of_systems):
            # read in IPs from a file
            with open(file_of_systems, "r") as system_file:
                justmetadata_system_list = system_file.readlines()
            total_systems = 0

            # Cast each IP its own object
            for system in justmetadata_system_list:
                total_systems += self.add_ip(system)

            print helpers.color("[*] Loaded " + str(total_systems) + " systems")

        else:
            print helpers.color("\n\n[*] Error: Invalid file path provided!", warning=True)
            print helpers.color("[*] Error: Please provide the valid path to a file.", warning=True)
        return
Beispiel #55
0
    def load_ips(self, file_of_systems):

        # Check to make sure file given is a valid file
        if os.path.isfile(file_of_systems):
            # read in IPs from a file
            with open(file_of_systems, "r") as system_file:
                justmetadata_system_list = system_file.readlines()
            total_systems = 0

            # Cast each IP its own object
            for system in justmetadata_system_list:
                total_systems += self.add_ip(system)

            print helpers.color("[*] Loaded " + str(total_systems) +
                                " systems")

        else:
            print helpers.color("\n\n[*] Error: Invalid file path provided!",
                                warning=True)
            print helpers.color(
                "[*] Error: Please provide the valid path to a file.",
                warning=True)
        return
Beispiel #56
0
    def analyze(self, all_ip_objects):

        if self.ssh_key == '':
            print "Please provide the SSH Key you want to search for."
            self.ssh_key = raw_input(' \n\n[>] SSH Key: ').strip()

        for path, single_ip in all_ip_objects.iteritems():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for item in single_ip[0].shodan_info['data']:
                    if 'opts' in item:
                        if 'ssh' in item['opts']:
                            if 'key' in item['opts']['ssh']:
                                if self.ssh_key == item['opts']['ssh'][
                                        'key'].encode('utf-8').replace(
                                            '\n', '').replace('\r', ''):
                                    self.found_ips.append(
                                        single_ip[0].ip_address)

        if len(self.found_ips) > 0:
            print helpers.color("\nKey Found!")
            print "===================================="
            for ip in self.found_ips:
                print helpers.color(ip)
            print

        else:
            print helpers.color(
                "\nKey is not found within the currently loaded data!\n",
                warning=True)

        self.ssh_key = ''
        self.found_ips = []

        return
Beispiel #57
0
    def analyze(self, all_ip_objects):

        if self.https_cert == '':
            print "Please provide the HTTPS certificate you want to search for."
            self.https_cert = raw_input(
                ' \n\n[>] HTTPS Cert (including start and end tags): ').strip(
                )

        for path, single_ip in all_ip_objects.iteritems():
            if single_ip[0].shodan_info is not '' and\
                'No available information within Shodan about' not in\
                    single_ip[0].shodan_info:
                for item in single_ip[0].shodan_info['data']:
                    if 'opts' in item:
                        if 'pem' in item['opts']:
                            if self.https_cert.strip(
                            ) in item['opts']['pem'].encode('utf-8').replace(
                                    '\n', '').replace('\r', ''):
                                self.found_ips.append(single_ip[0].ip_address)

        if len(self.found_ips) > 0:
            print helpers.color("\nCertificate Found!")
            print "===================================="
            for ip in self.found_ips:
                print helpers.color(ip)
            print

        else:
            print helpers.color(
                "\nCertificate is not found within the currently loaded data!\n",
                warning=True)

        self.https_cert = ''
        self.found_ips = []

        return