def portscannerWorkerProcess(self, mainSubQ, subMainQ, lock): nm = PortScanner() return_data = {'header': 'initialize', 'info': '', 'payload': ''} while True: elapsed_start = time.time() lock.acquire() try: print() subMainQ.put(return_data) instructions = None while instructions is None: instructions = mainSubQ.get() finally: lock.release() if instructions['header'] == 'terminate': return ip = instructions['payload'] nm.scan(ip) try: return_data['header'] = 'result' return_data['info'] = ip return_data['payload'] = { **nm[ip], **{ 'elapsed': time.time() - elapsed_start } } except Exception as error: return_data['header'] = 'error' return_data['info'] = ip return_data['payload'] = str(error)
def __portscannerWorkerThreads(self, fetch_id, lock): nm = PortScanner() while len(type(self).__data[fetch_id]['hosts_to_scan'])>0: elapsed_start = time.time() lock.acquire() if len(type(self).__data[fetch_id]['hosts_to_scan']) == 0: break try: ip = type(self).__data[fetch_id]['hosts_to_scan'][0] type(self).__data[fetch_id]['hosts_to_scan'].remove(ip) finally: lock.release() nm.scan(ip) if fetch_id != type(self).__data['current']: return try: type(self).__data[fetch_id]['host_details'][ip] = nm[ip] type(self).__data[fetch_id]['host_details'][ip]['elapsed'] = time.time() - elapsed_start except: continue lock.acquire() try: type(self).__data[fetch_id]['host_details'] = \ self.reorderDictByNumericKey(type(self).__data[fetch_id]['host_details'], 'key') type(self).__data[fetch_id]['details'] = 'Progress: {} / {}'.format( len(type(self).__data[fetch_id]['host_details']), len(type(self).__data[fetch_id]['valid_hosts']) ) finally: type(self).__lg.log('Finished scanning ports @ {}'.format(ip)) lock.release()
def run(self): try: from nmap import __version__ except ImportError: from nmap import __version__ self.__communicate.finishScan.emit([]) return from nmap import PortScanner self.__targets = [] nm = PortScanner() host = self.__host arguments = self.__arguments nm.scan(host, arguments=arguments) for host in nm.all_hosts(): for proto in nm[host].all_protocols(): ports = list(nm[host][proto].keys()) ports.sort() for port in ports: target = Target(protocol=proto, port=port, name=nm[host][proto][port]['name'], state=nm[host][proto][port]['state'], product=nm[host][proto][port]['product'], info=nm[host][proto][port]['extrainfo'], version=nm[host][proto][port]['version']) self.__targets.append(target) self.__communicate.finishScan.emit(self.__targets)
def get_ports_from_report(nmap_report): """ This function is responsible to make a generator object from Nmap report :param nmap_report: Nmap report location :return: """ scanner = PortScanner() try: scan_result = scanner.analyse_nmap_xml_scan( open(nmap_report.strip('"')).read()) for host in scan_result['scan']: try: LOGGER.info("%s - Total ports to browse: %d" % (host, len(scan_result['scan'][host]['tcp']))) for port, port_details in scan_result['scan'][host][ 'tcp'].items(): try: yield host, port, port_details except IndexError: pass except KeyError: pass except Exception as e: LOGGER.error("Error: %s" % e) raise StopIteration
def run(self, params={}): hosts_to_scan = params.get("hosts") ports_to_scan = params.get("ports") nmap_args = params.get("arguments") sudo = params.get("sudo") # defaulted to False if not len(ports_to_scan): ports_to_scan = None if not len(nmap_args): nmap_args = None scanner = PortScanner() try: scanner.scan(hosts=hosts_to_scan, ports=ports_to_scan, arguments=nmap_args, sudo=sudo) except PortScannerError as e: self.logger.error("An error occurred: %s" % e) else: scanned_hosts = scanner.all_hosts() # grab hosts that were scanned results = list(map(lambda host: scanner[host], scanned_hosts)) # create list of scan results results = komand.helper.clean(results) return {"result": results}
def sort_alive_hosts(self) -> None: """ Make fast pingscan for all hosts to check if it needed to be scanned with TLS-Scanner (reject all offline hosts) :return: None """ nm = PortScanner() online_hosts = self._remove_already_scanned_hosts(self.hosts) online_hosts = self.sort_hosts_by_product(online_hosts) hosts_ip = list(online_hosts.keys()) groups = self._grouper(self.n, hosts_ip) groups = [list(group) for group in groups] groups_len = len(groups) for index, group in enumerate(groups): print(f"│ Do pingscan for {self.n} hosts ({index}/{groups_len})") group_ips = [ip for ip in group if ip] hosts_in_nmap_format = " ".join(group_ips) nm.scan( hosts=hosts_in_nmap_format, arguments=DefaultTlsScannerValues.NMAP_PING_SCAN_ARGS, ) results = nm.all_hosts() alive_hosts_group = [ ip for ip in results if nm[ip]["status"]["state"] == "up" ] groups[index] = alive_hosts_group print(f"└ Done pingscan for {len(hosts_ip)} hosts") groups_flat = [host for group in groups for host in group] self.alive_hosts = groups_flat self._set_ping_status()
def _run_nmap_scan(self): """Run nmap and return the result.""" options = self._build_options() if not self._scanner: self._scanner = PortScanner() _LOGGER.debug("Scanning %s with args: %s", self._hosts, options) for attempt in range(MAX_SCAN_ATTEMPTS): try: result = self._scanner.scan( hosts=" ".join(self._hosts), arguments=options, timeout=TRACKER_SCAN_INTERVAL * 10, ) break except PortScannerError as ex: if attempt < (MAX_SCAN_ATTEMPTS - 1) and NMAP_TRANSIENT_FAILURE in str( ex ): _LOGGER.debug("Nmap saw transient error %s", NMAP_TRANSIENT_FAILURE) continue raise _LOGGER.debug( "Finished scanning %s with args: %s", self._hosts, options, ) return result
def do_discovery(self, host: str, ports='1-65535', opts='-Pn', sudo=False) -> Tuple: """ Run discovery functions on the specified host. :param host: host to scan :param ports: ports to scan; default is 1-65535 :param opts: NMAP flags :param sudo: whether or not to scan OS using sudo :return: tuple in format (ports details, OS details) """ nm = PortScanner() self.logger.info( 'Checking to make sure host {} is reachable.'.format(host)) results = nm.scan(hosts=host, arguments='-PE -n -sn') if len(list(results['scan'].keys())) < 1: self.logger.error( 'Error, I was unable to reach host {}.'.format(host)) return None, None self.logger.info('Scanning ports {} on host {}.'.format(ports, host)) ports_details = self.get_ports(host, ports=ports, opts=opts) self.logger.info('Determining OS of host {}.'.format(host)) os_details = self.get_os(host, opts=opts, sudo=sudo) return ports_details, os_details
def run_test(self): scan = PortScanner().scan(hosts=self.host, arguments='-sn --host-timeout ' + str(self.timeout) + 's') try: if scan['scan'][str(self.host)]['status']['state'] == 'up': return True except KeyError: # If we cannot find the info in the key for the status, this means the host is down return False
def get_ports(self, host: str, services_scan=True, ports='1-65535', opts='-Pn', speed=4): """ Scan for open ports (and services if specified) on given host. :param host: host to scan :param services_scan: if True, scan for service details, otherwise scan for open ports only; default is True :param ports: ports to scan; default is 1-65535 :param opts: NMAP flags :param speed: NMAP scan speed from 1-5; default is 4 :param sudo: whether or not to scan using sudo; default is False :return: """ nm = PortScanner() opts = '{} -T{}'.format(opts, speed) if services_scan: opts = '{} -sV'.format(opts) else: opts = '{} -sS'.format(opts) results = nm.scan(hosts=host, ports=ports, arguments=opts) ports_details = results['scan'] self.logger.debug(json.dumps(ports_details, indent=2)) return ports_details
def get_os(self, host, opts='-Pn', speed=4, sudo=True): nm = PortScanner() results = nm.scan(hosts=host, arguments='-O {} -T{}'.format(opts, speed), sudo=sudo) host_details = results['scan'] self.logger.debug(json.dumps(host_details, indent=2)) return host_details
def isHTTPSopen (): try: scanner = PortScanner() scanner.scan(HOST, str(PORT), sudo=True, arguments=arg) return scanner[HOST]['tcp'][PORT]['state'] == "open" except KeyError: logging.warning("{} - nmap Key error. Probably the router is off".format(time.asctime())) except: logging.error("{} - nmap Scan error".format(time.asctime()))
def __init__(self, ip=get_ip()): self.ip = ip self.nmap = PortScanner() self.scanned = False self.unknown = 0 self.known = 0 self.total = 0 self.previous_total = 0 self.previous_mac_vendors = [] self.mac_vendors = None
def _update_info(self): """Scan the network for devices. Returns boolean if scanning successful. """ _LOGGER.debug("Scanning...") from nmap import PortScanner, PortScannerError scanner = PortScanner() options = self._options if self.home_interval: boundary = dt_util.now() - self.home_interval last_results = [ device for device in self.last_results if device.last_update > boundary ] if last_results: exclude_hosts = self.exclude + [ device.ip for device in last_results ] else: exclude_hosts = self.exclude else: last_results = [] exclude_hosts = self.exclude if exclude_hosts: options += " --exclude {}".format(",".join(exclude_hosts)) try: result = scanner.scan(hosts=" ".join(self.hosts), arguments=options) except PortScannerError: return False now = dt_util.now() for ipv4, info in result["scan"].items(): if info["status"]["state"] != "up": continue name = info["hostnames"][0]["name"] if info["hostnames"] else ipv4 # Mac address only returned if nmap ran as root mac = info["addresses"].get("mac") or get_mac_address(ip=ipv4) if mac is None: _LOGGER.info("No MAC address found for %s", ipv4) continue last_results.append(Device(mac.upper(), name, ipv4, now)) self.last_results = last_results _LOGGER.debug("nmap scan successful") return True
def findPrinters(IP='192.168.0.0', r='/24'): printers = [] nmap = PortScanner() scan = nmap.scan(f'{IP}{r}', '9100')['scan'] for ip in scan.values(): if ip['tcp'][9100]['state'] == 'open': print(f'9100 OPEN AT {ip["addresses"]["ipv4"]}') printers.append(ip["addresses"]["ipv4"]) else: print(f'9100 closed at {ip["addresses"]["ipv4"]}') return printers
def _update_info(self): """Scan the network for devices. Returns boolean if scanning successful. """ _LOGGER.info("Scanning...") from nmap import PortScanner, PortScannerError scanner = PortScanner() options = self._options if self.home_interval: boundary = dt_util.now() - self.home_interval last_results = [ device for device in self.last_results if device.last_update > boundary ] if last_results: exclude_hosts = self.exclude + [ device.ip for device in last_results ] else: exclude_hosts = self.exclude else: last_results = [] exclude_hosts = self.exclude if exclude_hosts: options += ' --exclude {}'.format(','.join(exclude_hosts)) try: result = scanner.scan(hosts=' '.join(self.hosts), arguments=options) except PortScannerError: return False now = dt_util.now() for ipv4, info in result['scan'].items(): if info['status']['state'] != 'up': continue name = info['hostnames'][0]['name'] if info['hostnames'] else ipv4 # Mac address only returned if nmap ran as root mac = info['addresses'].get('mac') or _arp(ipv4) if mac is None: continue last_results.append(Device(mac.upper(), name, ipv4, now)) self.last_results = last_results _LOGGER.info("nmap scan successful") return True
def __portscannerWorkerThreads(self, fetch_id, ip, no, q): nm = PortScanner() # type(self).__data[fetch_id]['details'] = 'Analyzing: ' + str(ip) elapsed_start = time.time() nm.scan(ip) if fetch_id != type(self).__data['current']: return try: data = nm[ip] elapsed = time.time() - elapsed_start q.put({ip: {**data, **{'elapsed': elapsed}}}) except: pass
def get_devices(self): '''Return a list Creates a list of items that contain device information ''' if len(self.ip) >= 1: network_to_scan = self.ip + '/24' else: network_to_scan = self.ip_default + '/24' p_scanner = PortScanner() print('Scanning {}...'.format(network_to_scan)) p_scanner.scan(hosts=network_to_scan, arguments='-sn') device_list = [(device, p_scanner[device]) for device in p_scanner.all_hosts()] return device_list
def get_device_ips(self, default_gateway): ips = [] if not default_gateway: default_gateway = self.get_default_gateway() for result in PortScanner().scan(hosts=default_gateway + '/24', arguments='-sP')['scan'].values(): if 'addresses' in result: if 'ipv4' in result['addresses'] and \ result['addresses']['ipv4'] != default_gateway and \ result['addresses']['ipv4'] not in socket.gethostbyname_ex(socket.gethostname())[-1]: ips.append(result['addresses']['ipv4']) return ips
def scan_host(host): """ Utilizza nmap per ricercare i servizi sull'host... la scansione e' di tipo probing, nel senso che effettua delle prove sulle varie porte per determinare il tipo di servizio, ritorna un oggetto contenente i risultati sulla scansione (che tra l'altro e' l'oggetto stesso che contiene il metodo per la scansione) """ scanner = PortScanner() print("Checking services on %s" % host) scanner.scan(hosts=host, arguments='--host_timeout 60s -sV --version_light') return (scanner)
def do_discovery(self, host, ports='1-65535', opts='-Pn', sudo=False): nm = PortScanner() self.logger.info( '[!] Checking to make sure host {} is reachable.'.format(host)) results = nm.scan(hosts=host, arguments='-PE -n -sn') if len(list(results['scan'].keys())) < 1: self.logger.error( '[-] Error, I was unable to reach host {}.'.format(host)) return None, None self.logger.info('[!] Scanning ports {} on host {}.'.format( ports, host)) ports_details = self.get_ports(host, ports=ports, opts=opts) self.logger.info('[+] Determining OS of host {}.'.format(host)) os_details = self.get_os(host, opts=opts, sudo=sudo) return ports_details, os_details
def TacacsTest(ip_tacacs, tacacsport_inputuser): """ Funcion para definir el puerto tacacs. Esta funcion permite determinar si se desea cambiar el numero de puerto al servidor tacacs. """ version = IPTypeVersion(ip_tacacs) try: nmap = PortScanner() nmap.scan(hosts=ip_tacacs, arguments=f"-{version} -p 22-443, {tacacsport_inputuser}") port_up = nmap[ip_tacacs].has_tcp(tacacsport_inputuser) if port_up is True: print( f"El servidor Tacacs IPv{version} {ip_tacacs} tiene el puerto" + f"{tacacsport_inputuser} activo.") return tacacsport_inputuser else: print( f" El puerto {tacacsport_inputuser} que has elegido para el" + f" servidor Tacacs con IPv{version} {ip_tacacs}" + f" no se encuentra activo.") print(f" {blue}{'='*66}") print(f" {green_blink} {('Precaucion '*6):^40}") print(f" {blue}{'='*66}\n") print(f" {red}Se ha producido el siguiente {green}Error {red}>>\n") print( f" {red}*** El puerto {tacacsport_inputuser} que has elegido " + f"para el Servidor Tacacs con IPv{version}{green}{ip_tacacs} {blue}no se ha determinado" + f" el {green}puerto {red}***\n") confirmation_err = input( f" {blue}Deseas continuar {green}y/n {red}>> {green}") except KeyboardInterrupt: print( f"\n\n\t{red}Has detenido el {green}programa {red}con el teclado.") except KeyError: CleanScreen() print(f" No se ha podido establer conexion con el servidor")
def check_url(url): ''' Check connection :param url: suspicious url :return: status of connection ''' nmScan = PortScanner() result = nmScan.scan(url, arguments='-sn') if int(result['nmap']['scanstats']['uphosts']) > 0: msg = '{0}[{1}*{0}]{1} Connection test: UP'.format(GREEN, END) else: msg = '{0}[{1}!{0}]{1} Connection test: DOWN'.format(YELLOW, END) return msg
def get_os(self, host: str, opts='-Pn', speed=4, sudo=True) -> Dict: """ Scan for OS details of provided hosts. :param host: host to scan :param opts: NMAP flags :param speed: NMAP scan speed from 1-5; default is 4 :param sudo: whether or not to scan using sudo; default is True :return: dictionary of host details """ nm = PortScanner() results = nm.scan(hosts=host, arguments='-O {} -T{}'.format(opts, speed), sudo=sudo) host_details = results['scan'] self.logger.debug(json.dumps(host_details, indent=2)) return host_details
def get_ports(self, host, services_scan=True, ports='1-65535', opts='-Pn', speed=4): nm = PortScanner() opts = '{} -T{}'.format(opts, speed) if services_scan: opts = '{} -sV'.format(opts) else: opts = '{} -sS'.format(opts) results = nm.scan(hosts=host, ports=ports, arguments=opts) ports_details = results['scan'] self.logger.debug(json.dumps(ports_details, indent=2)) return ports_details
def __init__(self): self.ports = [] self.network_speed = '4' self.nmap_args = '-sV' self.ports_name = [] self.port_of_intrest = [] self.protocols = [] self.products = [] self.flags = [] self.results = [] self.service_detected = [] self.service_identified = [] self.unknown_ports = list() self.time_frame = '25' self.Web_Port = False self.nm = PortScanner()
def get_ports_from_report(nmap_report): """ This function is responsible to take XML file and generate the report details. """ scanner = PortScanner() try: scan_result = scanner.analyse_nmap_xml_scan(open(nmap_report).read()) for host in scan_result['scan']: try: for port, port_details in scan_result['scan'][host][ 'tcp'].items(): yield host, port, port_details except exceptions.KeyError: pass except Exception, error: LOGGER.error("Error: %s" % error) exit(1)
def nmap_scan(ip, port): global lock try: nmap_scanner = PortScanner() result = nmap_scanner.scan(ip, str(port)) state = result['scan'][ip]['tcp'][int(port)]['state'] lock.acquire() print '[+][', port, '], IP:', ip, 'Port:', port, 'State:', state print '[+]', result['scan'][ip]['tcp'][int(port)] if state == 'open': open_ports.append(port) else: closed_ports.append(port) except Exception, e: lock.acquire() print '[-] IP:', ip, 'Port:', port, 'Errors occur when scanning', e.message closed_ports.append(port)
def nmapScan(target): nm = PortScanner() sc = nm.scan(hosts=target, arguments="-n -T4 -sV -p 21,22,23,25,53,80,110,143,443,465,995,993,1248,1433,3306,3389") global siteIP siteIP = sc["scan"].keys()[0] key, value, total = sc["scan"][siteIP]["tcp"].keys(), sc["scan"][siteIP]["tcp"].values(), len(sc["scan"][siteIP]["tcp"].keys()) print bold+"Port\t\tName\t\tVersion\t\tStatus"+endcolor print "----\t\t------\t\t----\t\t-------" for port in range(total): if value[port]["state"] == "open": portlist.append(key[port]) else: pass print "{}\t\t{}\t\t{}\t\t{}".format(key[port], value[port]["name"], value[port]["version"], value[port]["state"]) print "" print "Scan Time : {}".format(sc["nmap"]['scanstats']['timestr']) print "Scan Interval : {}".format(sc["nmap"]['scanstats']['elapsed'])
def _update_info(self): """ Scans the network for devices. Returns boolean if scanning successful. """ _LOGGER.info("Scanning") from nmap import PortScanner, PortScannerError scanner = PortScanner() options = "-F --host-timeout 5" if self.home_interval: boundary = dt_util.now() - self.home_interval last_results = [ device for device in self.last_results if device.last_update > boundary ] if last_results: # Pylint is confused here. # pylint: disable=no-member options += " --exclude {}".format(",".join( device.ip for device in last_results)) else: last_results = [] try: result = scanner.scan(hosts=self.hosts, arguments=options) except PortScannerError: return False now = dt_util.now() for ipv4, info in result['scan'].items(): if info['status']['state'] != 'up': continue name = info['hostnames'][0]['name'] if info['hostnames'] else ipv4 # Mac address only returned if nmap ran as root mac = info['addresses'].get('mac') or _arp(ipv4) if mac is None: continue last_results.append(Device(mac.upper(), name, ipv4, now)) self.last_results = last_results _LOGGER.info("nmap scan successful") return True