Exemple #1
0
def scanHost(network_prefix):
    nm = nmap.PortScannerYield()
    # for rawRes in nm.scan(hosts=network_prefix, ports = portarguments='-sS'):
    for rawRes in nm.scan(network_prefix, arguments="-sS"):
        if 'error' in rawRes[1]['nmap']['scaninfo']:
            print(rawRes[1]['nmap']['scaninfo']['error'][0])
            return None
        for k,v in rawRes[1]['scan'].items():
            try:
                for port, info in v['tcp'].items():
                    if info['state'] == 'open':
                        # print('port {} is open'.format(port))
                        print('tcp/{}'.format(port))
                        print('state:{}'.format(info['state']))
                        print('name:{}'.format(info['name']))
                        print('\n',end='')
                    
            except:
                pass 

            try:
                for port, info in v['udp'].items():
                    if info['state'] == 'open':
                        print('udp/{}'.format(port))
                        print('state:{}'.format(info['state']))
                        print('name:{}'.format(info['name']))
                        print('\n',end='')
            except:
                pass 
Exemple #2
0
def port_scan(target_host, target_port):
    nm = nmap.PortScannerYield()
    for result in nm.scan(hosts=target_host, ports=target_port, arguments='-T4 -A -v -Pn '):
        host_status=result[1]['scan'][target_host]['status']['state']
        if host_status!="down":
            port_status=result[1]['scan'][target_host]['tcp'][int(target_port)]['state']
            print("++++++ "+target_port+" 端口状态:" + port_status)
        else:
            continue
Exemple #3
0
    def check_admin_ports(self, target_list, ports_to_scan):
        """Scans for a live host and for any open common admin ports defined in the configuration file.
        If an open port is found, it instantiates a class for that host and records all the open ports.

        Ports list as argument needed to have the whitespace stripped between each port, otherwise the NMAP command
        is not constructed properly.

        Args:
            target_list (str): file name of the target list to be used.
            ports_to_scan (list): list of ports to scan.

        Returns:
            bool: True for success, False otherwise.
        """
        try:
            scanner = nmap.PortScannerYield()  # defines port scanner function
            print("[*] checking for open admin ports...")
            targets = '-iL ' + os.path.join(self.default_filepath, "targets",
                                            str(target_list).strip('[]'))
            ports = ' -Pn -p ' + str(ports_to_scan).strip('[]').replace(
                ' ', '')
            total_hosts = self.calculate_total_number_of_hosts(target_list)
            counter = 0
            for host in scanner.scan(hosts=targets,
                                     arguments=ports):  # Nmap scan command
                counter += 1
                percentage = float(counter) / float(total_hosts) * 100.0
                percentage = int(percentage)
                sys.stdout.write('\r')
                sys.stdout.write("[%-100s] %d%% Currently on %s" %
                                 ('=' * percentage, percentage, host[0]))
                sys.stdout.flush()
                # hosts_list = [(x, scanner[x]['status']['state']) for x in scanner.all_hosts()]
                # for host, status in hosts_list:
                try:
                    ports = host[1]['scan'][host[0]]['tcp'].keys(
                    )  # retrieves tcp port results from scan
                    for port in ports:
                        port_state = host[1]['scan'][host[0]]['tcp'][port][
                            'state']  # defines port state variable
                        if port_state == 'open':
                            self.create_new_vulnerable_host(host, ports)
                            break
                except KeyError:
                    return False
            return True
        # except scanner.PortScannerError as error:
        #     print "[!] Error running port scanner, check target list path."
        #     logging.exception("{0}\t{1}".format(service, error))
        #     exit(0)
        except Exception as error:
            logging.exception(
                "Port Scanner threw the following: {0}".format(error))
            return False
        except KeyboardInterrupt:
            exit(0)
Exemple #4
0
def ip_scan(target_hosts):
    nm = nmap.PortScannerYield()
    for result in nm.scan(hosts=target_hosts,arguments='-T4 -A -v -Pn '):
        ip=result[0]
        host_status=result[1]['scan'][ip]['status']['state']
        if host_status!="down":
            try:
                ports= dict(result[1]['scan'][ip]['tcp'])
                for port in ports.keys():
                    print("++++++发现端口"+str(port)+",状态:" +result[1]['scan'][ip]['tcp'][port]['state'])
            except:
                continue
        else:
            continue
    def check_admin_ports(self, target_list, ports_to_scan):
        """Scans for a live host and for any open common admin ports defined in the configuration file.
        If an open port is found, it instantiates a class for that host and records all the open ports.

        Tests all live host for open 'admin' ports

        Changed to let NMAP handling the threading. Had implemented threading, but threading NMAP,
        which is threaded seems to add complications. New implementation is very fast and almost no issues.

        Ports list as argument needed to have the whitespace stripped between each port, otherwise the NMAP command
        is not constructed properly.
        """

        service = "admin_port_scanner"
        try:
            scanner = nmap.PortScannerYield()  # defines port scanner function
            print("[*] checking for open admin ports...")
            targets = '-iL ' + os.path.join(self.default_filepath, "targets",
                                            str(target_list).strip('[]'))
            ports = ' -Pn -p ' + str(ports_to_scan).strip('[]').replace(
                ' ', '')
            total_hosts = self.calculate_total_number_of_hosts(target_list)
            counter = 0
            for host in scanner.scan(hosts=targets,
                                     arguments=ports):  # Nmap scan command
                counter += 1
                percentage = float(counter) / float(total_hosts) * 100.0
                percentage = int(percentage)
                sys.stdout.write('\r')
                sys.stdout.write("[%-100s] %d%% Currently on %s" %
                                 ('=' * percentage, percentage, host[0]))
                sys.stdout.flush()
                # hosts_list = [(x, scanner[x]['status']['state']) for x in scanner.all_hosts()]
                # for host, status in hosts_list:
                try:
                    ports = host[1]['scan'][host[0]]['tcp'].viewitems(
                    )  # retrieves tcp port results from scan
                    self.create_new_vulnerable_host(host, ports)
                except KeyError:
                    continue
        # except scanner.PortScannerError as error:
        #     print "[!] Error running port scanner, check target list path."
        #     logging.exception("{0}\t{1}".format(service, error))
        #     exit(0)
        except Exception as error:
            logging.exception("{0}\t{1}".format(service, error))
        except KeyboardInterrupt:
            exit(0)
Exemple #6
0
def scan(network_host):
	print("debug:scan")
	nm = nmap.PortScannerYield()
	port_str = "1-1023"
	port_get = port_Entered.get()
	if port_get != '' and int(port_get) >= 0 and int(port_get) <= 65535:
		port_str = port_get
	try:
		print("debug:start scan")
		for scan_result in nm.scan(hosts=network_host, arguments='-sT -p ' + port_str):
			global tab3_port_number
			global tab3_port_list_tree
			results = scan_result[1]
			for port in results['scan'][network_host]['tcp']:
				tab3_port_list_tree.insert("", 'end', tab3_port_number, text=tab3_port_number,
				                           values=(tab3_port_number, network_host, port,
				                                   results['scan'][network_host]['tcp'][port]['state']))
				tab3_port_list_tree.update_idletasks()  # 更新列表,不需要修改
				tab3_port_number += 1
		print("debug:finish scan")
	except:
		print("debug:可能被防火墙过滤")
Exemple #7
0
    if 'fingerprint' in nm['127.0.0.1']:
        print('Fingerprint : {0}'.format(nm['127.0.0.1']['fingerprint']))


    # Vendor list for MAC address
    print('scanning localnet')
    nm.scan('192.168.0.0/24', arguments='-O')
    for h in nm.all_hosts():
        print(h)
        if 'mac' in nm[h]['addresses']:
            print(nm[h]['addresses'], nm[h]['vendor'])



print('----------------------------------------------------')
# Read output captured to a file
# Example : nmap -oX - -p 22-443 -sV 71.59.0.201 > nmap_output.xml

with open("./nmap_output.xml", "r") as fd:
    content = fd.read()
    nm.analyse_nmap_xml_scan(content)
    print(nm.csv())



print('----------------------------------------------------')
# Progressive scan with generator
nm = nmap.PortScannerYield()
for progressive_result in nm.scan('127.0.0.1', '22-25'):
    print(progressive_result)