class NmapScan():
def __init__(self, host, disablePing=False):
# print("[+] Starting nmap scan...")
self.host = host
self.disablePing = disablePing
self.nmap = Nmap()
def fullScan(self):
print(colored("[+] Starting nmap full scan...", 'green'))
disablePing = '-Pn' if self.disablePing else ''
return self.nmap.scan_top_ports(
target=self.host,
args="-T4 -A -sV --version-intensity 9 --script vuln -p- {}".
format(disablePing))
def quickScan(self):
print(colored("[+] Starting nmap quick scan...", 'green'))
disablePing = '-Pn' if self.disablePing else ''
return self.nmap.scan_top_ports(target=self.host,
args='{}'.format(disablePing))
def enumPort(self, port, scripts):
print(colored("\t[+] Starting nmap scripts...", 'green'))
disablePing = '-Pn' if self.disablePing else ''
return self.nmap.scan_top_ports(target=self.host,
args='-p {} --script={} {}'.format(
port,
','.join(scripts).replace(' ', ''),
disablePing))
def scan(self):
return self.quickScan()
def dns(target):
from socket import gethostbyname
from nmap3 import Nmap , NmapScanTechniques
nmap = Nmap()
ip_addr = gethostbyname(target)
subdomains = nmap.nmap_dns_brute_script(target)
return(ip_addr, subdomains)
def __init__(self, ip):
self.ip = ip
self.is_iot = None
self.__nmap = Nmap()
self.__device_vendor = set()
self.__device_type = set()
self.__device_os_family = set()
self.__device_os_name = set()
self.__device_mac = None
self.__device_mac_vendor = None
self.__ports_to_scan = ports_to_scan
def analyze(self):
self.exposed_services = []
nmap = Nmap()
results = nmap.nmap_version_detection(self.ip, args="-Pn")
for r in results:
if 'service' in r:
service_info = r['service']
if 'product' in service_info:
service = service_info['product']
if 'version' in service_info:
service += " " + service_info['version']
self.exposed_services.append(service)
def scan_top_ports(domains):
nmap = Nmap()
print(Fore.WHITE +
"\n====================================================")
print(Fore.WHITE + " Scna top ports |")
print(Fore.WHITE +
"====================================================\n")
print(Fore.WHITE + 'It is working, wait ....\n')
print('-' * 47)
try:
for domain in domains:
results = nmap.scan_top_ports(domain)
for res in results[list(results)[0]]['ports']:
print(Fore.WHITE + "[*] [ {} ] {}-{} --- > {} ".format(
domain, res['portid'], res['protocol'], res['state']))
print('-' * 47)
except:
print('eroor')
def run(self):
from nmap3 import Nmap
from nmap3.exceptions import NmapNotInstalledError
try:
result = Nmap().nmap_os_detection(self.__dict__["host"])
print(dumps(result, indent=2))
if self.__dict__["to_file"].strip().lower() == "true":
with open(f"{self.__dict__['host']}_os_detection.json",
"w") as fd:
fd.write(dumps(result, indent=4))
print("[**]::nmap results written to file")
except NmapNotInstalledError:
print("[!!]::Nmap must be intstalled in order to use Nmap modules")
return
def web_service(target):
from nmap3 import Nmap
nmap = Nmap()
version_result = nmap.nmap_version_detection(target)
return(version_result)
def __init__(self, host, disablePing=False):
# print("[+] Starting nmap scan...")
self.host = host
self.disablePing = disablePing
self.nmap = Nmap()
class Classifier:
def __init__(self, ip):
self.ip = ip
self.is_iot = None
self.__nmap = Nmap()
self.__device_vendor = set()
self.__device_type = set()
self.__device_os_family = set()
self.__device_os_name = set()
self.__device_mac = None
self.__device_mac_vendor = None
self.__ports_to_scan = ports_to_scan
def start(self):
logging.debug("Determining if [" + self.ip + "] is an IoT device")
self.__get_device_info()
self.__check_vendor()
if not self.is_iot:
self.__check_os()
if not self.is_iot:
self.__check_port_fingerprinting()
def __get_device_info(self):
results = []
try:
results = self.__nmap.nmap_os_detection(self.ip)
except Exception as e:
logging.warning(e)
self.__device_mac, self.__device_mac_vendor = get_mac_info(self.ip)
if self.__device_mac:
self.__device_mac_vendor = get_mac_vendor(self.__device_mac)
for result in results:
if int(result['accuracy']) > 95:
if 'osclass' in result:
os_info = result['osclass']
self.__device_os_family.add(os_info.get('osfamily'))
os_name = os_info.get('name')
if os_name:
self.__device_os_name.add(os_name)
self.__device_type.add(os_info.get('type'))
self.__device_vendor.add(os_info.get('vendor'))
def __check_vendor(self):
if self.__device_mac_vendor:
for iot_vendor in iot_vendors:
if iot_vendor in self.__device_mac_vendor.lower():
self.is_iot = True
def __check_os(self):
for device_os in self.__device_os_name:
for os in iot_os:
if os in device_os.lower():
self.is_iot = True
def __check_port_fingerprinting(self):
opened_ports = self.__get_opened_ports()
for fingerprint in device_port_fingerprints.values():
if fingerprint == opened_ports:
self.is_iot = True
def __get_opened_ports(self):
open_ports = set()
port_scanner = NmapScanTechniques()
ports = list(self.__ports_to_scan)
for port_chunk in [ports[x:x + 10] for x in range(0, len(ports), 10)]:
ports_param = ','.join([str(x) for x in port_chunk])
result = port_scanner.nmap_tcp_scan(self.ip,
args=f"-p {ports_param}")
if self.ip in result:
for port_result in result[self.ip]:
state = port_result['state']
if state == 'open':
try:
open_ports.add(int(port_result['portid']))
except Exception:
logging.error(port_result)
return open_ports
def __str__(self):
return "{" + self.ip + ", " + str(self.__device_vendor) + ", " + str(
self.__device_type) + ", " + str(
self.__device_os_name) + ", " + str(
self.__device_os_family) + ", " + str(
self.__device_mac) + ", " + str(
self.__device_mac_vendor) + "}"