def analyze(self, all_ip_objects):
if self.country == '':
print "Which country are you looking for??"
print "Ex: United States"
self.country = raw_input(' \n\n[>] Country: ').strip()
# Creating Dictionaries for top values
ip_country = []
# Looping over IP address objects
for key, value in all_ip_objects.iteritems():
if value[0].ip_country.lower() == self.country.lower():
ip_country.append(value[0].ip_address)
if len(ip_country) == 0:
print helpers.color("No IPs were detected to come from " + self.country + "!", warning=True)
else:
print "#" * 50
print " " * 20 + "IPs from " + self.country
print "#" * 50
for ip_address in ip_country:
print helpers.color(ip_address)
return
def analyze(self, all_ip_objects):
if self.top_number == '':
print "You selected the \"TopNetblocks\" module, how many CIDR blocks do you want returned?"
print "Ex: 10"
self.top_number = int(raw_input(' \n\n[>] Total: ').strip())
top_cidrs = {}
for single_ip in all_ip_objects.values():
if 'asn_cidr' in single_ip[0].ip_whois.keys():
if single_ip[0].ip_whois['asn_cidr'] in top_cidrs:
top_cidrs[single_ip[0].ip_whois['asn_cidr']] += 1
else:
top_cidrs[single_ip[0].ip_whois['asn_cidr']] = 1
# Iterate over all ports
sorted_top_cidrs = self.dict_sorter(top_cidrs)
list_counter = 1
print "*" * 70
print helpers.color(" " * 20 + "Top CIDR NetBlocks : Number of Instances" + " " * 20)
print "*" * 70
while ((list_counter <= self.top_number) and ((list_counter -1) != len(sorted_top_cidrs))):
sorted_ports_tuple = sorted_top_cidrs[-list_counter]
print "Port: " + helpers.color(str(sorted_ports_tuple[0])) + " - " + str(sorted_ports_tuple[1]) + " instances"
list_counter += 1
print
return
def analyze(self, all_ip_objects):
if self.top_number == '':
print "You selected the \"Top_Ports\" module, how many ports do you want returned?"
print "Ex: 10"
self.top_number = int(raw_input(' \n\n[>] Total: ').strip())
top_ports = {}
for path, single_ip in all_ip_objects.iteritems():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for item in single_ip[0].shodan_info['ports']:
if item in top_ports:
top_ports[item] += 1
else:
top_ports[item] = 1
# Iterate over all ports
sorted_top_ports = self.dict_sorter(top_ports)
list_counter = 1
print "*" * 70
print helpers.color(" " * 20 + "Top Ports : Number of Instances" + " " * 20)
print "*" * 70
while ((list_counter <= self.top_number) and ((list_counter -1) != len(sorted_top_ports))):
sorted_ports_tuple = sorted_top_ports[-list_counter]
print "Port: " + helpers.color(str(sorted_ports_tuple[0])) + " - " + str(sorted_ports_tuple[1]) + " instances"
list_counter += 1
print
self.top_number = ''
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if self.check_host(incoming_ip_obj[0].ip_address
) and incoming_ip_obj[0].virustotal is '':
request_url = self.api_url + 'ip-address/report?'
parameters = {
'ip': incoming_ip_obj[0].ip_address,
'apikey': self.api_key
}
encoded_params = urllib.urlencode(parameters)
full_url = request_url + encoded_params
try:
response = urllib.urlopen(full_url).read()
json_response = json.loads(response)
if json_response['response_code'] == 0:
print "No information within VirusTotal for " + incoming_ip_obj[
0].ip_address
incoming_ip_obj[
0].virustotal = "No information within VirusTotal for " + incoming_ip_obj[
0].ip_address
else:
print "Information found on " + helpers.color(
incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].virustotal = json_response
except IOError:
print helpers.color(
"Error while connecting to Virustotal for " +
incoming_ip_obj[0].ip_address,
warning=True)
time.sleep(16)
return
def analyze(self, all_ip_objects):
if self.country == '':
print "Which country are you looking for??"
print "Ex: United States"
self.country = raw_input(' \n\n[>] Country: ').strip()
# Creating Dictionaries for top values
ip_country = []
# Looping over IP address objects
for key, value in all_ip_objects.iteritems():
if value[0].ip_country.lower() == self.country.lower():
ip_country.append(value[0].ip_address)
if len(ip_country) == 0:
print helpers.color("No IPs were detected to come from " +
self.country + "!",
warning=True)
else:
print "#" * 50
print " " * 20 + "IPs from " + self.country
print "#" * 50
for ip_address in ip_country:
print helpers.color(ip_address)
return
def export_info(self, f):
# Date and Time for export File
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
if f == "":
f = 'export_' + current_date + '_' + current_time + '.csv'
# True for printing the header on the first system
# after that, only values
add_header = True
for path, ip_objd in self.system_objects.iteritems():
attrs = vars(ip_objd[0])
try:
with open(f, 'a') as export_file:
csv_file = csv.DictWriter(export_file, attrs.keys())
if add_header:
csv_file.writeheader()
add_header = False
csv_file.writerow(attrs)
except IOError as e:
print helpers.color("\nCannot export file " + f + ": " + e.strerror)
return
print helpers.color("\nExport file saved to disk at " + f)
return
def export_info(self, f):
# Date and Time for export File
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
if f == "":
f = 'export_' + current_date + '_' + current_time + '.csv'
# True for printing the header on the first system
# after that, only values
add_header = True
for path, ip_objd in self.system_objects.iteritems():
attrs = vars(ip_objd[0])
try:
with open(f, 'a') as export_file:
csv_file = csv.DictWriter(export_file, attrs.keys())
if add_header:
csv_file.writeheader()
add_header = False
csv_file.writerow(attrs)
except IOError as e:
print helpers.color("\nCannot export file " + f + ": " + e.strerror)
return
print helpers.color("\nExport file saved to disk at " + f)
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.items():
if incoming_ip_obj[0].shodan_info == "":
if self.api_key is "":
print(
helpers.color(
"[*] Error: You didn't provide a Shodan API Key!",
warning=True))
print(
helpers.color(
"[*] Please edit Shodan module and add in your API Key.",
warning=True))
else:
if incoming_ip_obj[0].shodan_info is '':
print("Querying Shodan for information about " +
incoming_ip_obj[0].ip_address)
try:
json_result = self.api_object.host(
incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].shodan_info = json_result
except shodan.exception.APIError:
incoming_ip_obj[
0].shodan_info = "No available information within Shodan about " + incoming_ip_obj[
0].ip_address
except simplejson.decoder.JSONDecodeError:
pass
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[0].zoomEye_info == "" and incoming_ip_obj[
0].ip_address != "":
if self.api_token is "":
print helpers.color(
"[*] Error: You didn't provide a zoomEye credentials!",
warning=True)
print helpers.color(
"[*] Please edit zoomEye module and add in your credentials.",
warning=True)
else:
if incoming_ip_obj[0].zoomEye_info is '':
print "Querying zoomEye for information about " + incoming_ip_obj[
0].ip_address
try:
json_result = self.zoomeye.dork_search(
'ip:%s' % incoming_ip_obj[0].ip_address, 125,
'host', [
app, device, service, os, port, country,
city
])
incoming_ip_obj[0].zoomEye_info = json_result
except simplejson.decoder.JSONDecodeError:
pass
except:
incoming_ip_obj[
0].zoomEye_info = "No available information within zoomEye about " + incoming_ip_obj[
0].ip_address
return
def analyze(self, all_ip_objects):
if self.port_search == '':
print "You selected the \"Port_search\" module, which port are you looking for?"
print "Ex: 80"
self.port_search = int(raw_input(' \n\n[>] Port: ').strip())
top_ports = {}
for path, single_ip in all_ip_objects.iteritems():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for port in single_ip[0].shodan_info['ports']:
if port in top_ports:
top_ports[port] = top_ports[port] + [single_ip[0].ip_address]
else:
top_ports[port] = [single_ip[0].ip_address]
# Check if requested port is in dictionary
if self.port_search in top_ports:
print "Port " + str(self.port_search) + " is open on the following IPs:"
print "*" * 50
for ip_address in top_ports[self.port_search]:
print helpers.color(ip_address)
else:
helpers.color("Port not open on any loaded IP address!", warning=True)
self.port_search = ''
return
def run_gather_command(self, gather_module):
gather_module_found = False
try:
for path, ig_obj in self.intelgathering_transforms.iteritems():
if gather_module.lower() == 'all':
ig_obj.gather(self.ip_objects)
gather_module_found = True
elif gather_module.lower() == ig_obj.cli_name.lower():
ig_obj.gather(self.ip_objects)
gather_module_found = True
break
if not gather_module_found:
print helpers.color(
"\n\n[*] Error: You didn't provide a valid gather module!",
warning=True)
print helpers.color(
"[*] Please re-run and use a valid module.", warning=True)
self.check_cli()
except IndexError:
print helpers.color(
"\n\n[*] Error: Module command requires a module to load!",
warning=True)
print helpers.color("[*] Ex: gather geoinfo", warning=True)
self.check_cli()
except KeyboardInterrupt:
print helpers.color("\n\n[*] You rage quit your intel gathering!",
warning=True)
self.check_cli()
return
def analyze(self, all_ip_objects):
if self.port_search == '':
print(
"You selected the \"Port_search\" module, which port are you looking for?"
)
print("Ex: 80")
self.port_search = int(input(' \n\n[>] Port: ').strip())
top_ports = {}
for path, single_ip in all_ip_objects.items():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for port in single_ip[0].shodan_info['ports']:
if port in top_ports:
top_ports[port] = top_ports[port] + [
single_ip[0].ip_address
]
else:
top_ports[port] = [single_ip[0].ip_address]
# Check if requested port is in dictionary
if self.port_search in top_ports:
print("Port " + str(self.port_search) +
" is open on the following IPs:")
print("*" * 50)
for ip_address in top_ports[self.port_search]:
print(helpers.color(ip_address))
else:
helpers.color("Port not open on any loaded IP address!",
warning=True)
return
def analyze(self, all_ip_objects):
if self.top_number == '':
print "You selected the \"TopNetblocks\" module, how many CIDR blocks do you want returned?"
print "Ex: 10"
self.top_number = int(raw_input(' \n\n[>] Total: ').strip())
top_cidrs = {}
for single_ip in all_ip_objects.values():
if 'asn_cidr' in single_ip[0].ip_whois.keys():
if single_ip[0].ip_whois['asn_cidr'] in top_cidrs:
top_cidrs[single_ip[0].ip_whois['asn_cidr']] += 1
else:
top_cidrs[single_ip[0].ip_whois['asn_cidr']] = 1
# Iterate over all ports
sorted_top_cidrs = self.dict_sorter(top_cidrs)
list_counter = 1
print "*" * 70
print helpers.color(" " * 20 +
"Top CIDR NetBlocks : Number of Instances" +
" " * 20)
print "*" * 70
while ((list_counter <= self.top_number)
and ((list_counter - 1) != len(sorted_top_cidrs))):
sorted_ports_tuple = sorted_top_cidrs[-list_counter]
print "Port: " + helpers.color(str(
sorted_ports_tuple[0])) + " - " + str(
sorted_ports_tuple[1]) + " instances"
list_counter += 1
print
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if self.api_key is "":
print helpers.color("[*] Error: You didn't provide a Bing API Key!", warning=True)
print helpers.color("[*] Please edit Bing module and add in your API Key.", warning=True)
else:
if self.check_host(incoming_ip_obj[0].ip_address) and incoming_ip_obj[0].hostnames is '':
domains = []
raw_domains_temp = []
self.count = 0
while 1:
raw_domains = self.get_bing_data(incoming_ip_obj[0].ip_address)
if raw_domains == raw_domains_temp:
break
raw_domains_temp = raw_domains
if raw_domains == -1:
break
self.count += 100
for d in raw_domains:
domains.append(d)
if domains:
incoming_ip_obj[0].hostnames = domains
print "Found %d hostnames for %s" % (len(domains), incoming_ip_obj[0].ip_address)
def delete_ip(self, ipstring):
if ipstring in self.system_objects:
ipstring = str(ipstring)
del self.system_objects[ipstring]
print helpers.color("[*] Removed " + ipstring)
else:
print helpers.color("[*] Error: " + ipstring + " is not loaded in the framework", warning=True)
return
def save_state(self):
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
# Save state to disk
pickle.dump(self.ip_objects, open("metadata" + current_date + "_" + current_time + ".state", "wb"))
print helpers.color("\nState saved to disk at metadata" + current_date + "_" + current_time + ".state")
return
def delete_ip(self, ipstring):
if ipstring in self.system_objects:
ipstring = str(ipstring)
del self.system_objects[ipstring]
print helpers.color("[*] Removed " + ipstring)
else:
print helpers.color("[*] Error: " + ipstring +
" is not loaded in the framework",
warning=True)
return
def save_state(self):
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
# Save state to disk
pickle.dump(self.ip_objects, open(
'metadata' + current_date + "_" + current_time
+ '.state', 'wb'))
print helpers.color("\nState saved to disk at metadata" + current_date + "_" + current_time + ".state")
return
def gather(self, all_ips):
current_key = 0
for path, incoming_ip_obj in all_ips.iteritems():
if current_key < self.num_api_keys:
if self.check_host(incoming_ip_obj[0].ip_address) and incoming_ip_obj[0].virustotal is '':
request_url = self.api_url + 'ip-address/report?'
parameters = {'ip': incoming_ip_obj[0].ip_address, 'apikey': self.api_key[current_key]}
encoded_params = urllib.urlencode(parameters)
full_url = request_url + encoded_params
try:
response = urllib.urlopen(full_url).read()
json_response = json.loads(response)
if json_response['response_code'] == 0:
print "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
incoming_ip_obj[0].virustotal = "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
else:
print "Information found on " + helpers.color(incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].virustotal = json_response
except IOError:
print helpers.color("Error while connecting to Virustotal for " + incoming_ip_obj[0].ip_address, warning=True)
except ValueError:
print helpers.color("Error loading JSON response for " + incoming_ip_obj[0].domain_name, warning=True)
current_key += 1
if incoming_ip_obj[0].domain_name != "" and incoming_ip_obj[0].virustotal_domain is '':
request_url = self.api_url + 'domain/report?'
parameters = {'domain': incoming_ip_obj[0].domain_name, 'apikey': self.api_key[current_key]}
encoded_params = urllib.urlencode(parameters)
full_url = request_url + encoded_params
try:
response = urllib.urlopen(full_url).read()
json_response = json.loads(response)
if json_response['response_code'] == 0:
print "No information within VirusTotal for " + incoming_ip_obj[0].domain_name
incoming_ip_obj[0].virustotal_domain = "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
else:
print "Information found on " + helpers.color(incoming_ip_obj[0].domain_name)
incoming_ip_obj[0].virustotal_domain = json_response
except IOError:
print helpers.color("Error while connecting to Virustotal for " + incoming_ip_obj[0].domain_name, warning=True)
except ValueError:
print helpers.color("Error loading JSON response for " + incoming_ip_obj[0].domain_name, warning=True)
current_key += 1
else:
time.sleep(16)
current_key = 0
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[0].ip_address != "" and incoming_ip_obj[0].ip_country == "":
# Make request for information about IPs
print "Getting info on... " + incoming_ip_obj[0].ip_address
try:
response = urllib2.urlopen('http://ip-api.com/json/' + incoming_ip_obj[0].ip_address)
json_response = response.read()
decoded_json = json.loads(json_response)
# Check for failed response (such as a reserved range)
if decoded_json['status'].encode('utf-8') == "fail":
print helpers.color("[*] Could not retrieve information for " + incoming_ip_obj[0].ip_address, warning=True)
else:
# Load info into IP object
if decoded_json['as'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_as_number = decoded_json['as'].encode('utf-8')
if decoded_json['country'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_country = decoded_json['country'].encode('utf-8')
if decoded_json['countryCode'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_country_code = decoded_json['countryCode'].encode('utf-8')
if decoded_json['city'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_city = decoded_json['city'].encode('utf-8')
if decoded_json['zip'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_zipcode = decoded_json['zip'].encode('utf-8')
if decoded_json['isp'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_isp = decoded_json['isp'].encode('utf-8')
if decoded_json['lat'] is not '':
incoming_ip_obj[0].ip_latitude = str(decoded_json['lat'])
if decoded_json['lon'] is not '':
incoming_ip_obj[0].ip_longitude = str(decoded_json['lon'])
if decoded_json['region'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_region_code = decoded_json['region'].encode('utf-8')
if decoded_json['regionName'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_region_name = decoded_json['regionName'].encode('utf-8')
if decoded_json['timezone'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_timezone = decoded_json['timezone'].encode('utf-8')
if decoded_json['org'].encode('utf-8') is not '':
incoming_ip_obj[0].ip_organization = decoded_json['org'].encode('utf-8')
except urllib2.URLError:
print helpers.color("[!] Cannot receive IP Geo Information from source!", warning=True)
print helpers.color("[!] Moving to the next IP address...", warning=True)
except (IOError, httplib.HTTPException):
print helpers.color("[!] Cannot receive IP Geo Information from source!", warning=True)
print helpers.color("[!] Moving to the next IP address...", warning=True)
# Sleep is here to make sure we don't go over API limits
time.sleep(.5)
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[0].ip_whois == "":
try:
print "Gathering whois information about " + incoming_ip_obj[0].ip_address
ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].ip_whois = ip_whois.lookup()
except IPDefinedError:
print helpers.color("[*] Error: Private IP address, skipping IP!", warning=True)
return
def generate(self, cli_object):
if cli_object.salt is not False:
if cli_object.rounds is not False:
try:
generatedhash = sha512_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds), salt=cli_object.salt)
return generatedhash
except ValueError:
print helpers.color("sha512_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
print helpers.color("[*] Running with default of 60000 rounds.", warning=True)
generatedhash = sha512_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
return generatedhash
else:
generatedhash = sha512_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
return generatedhash
else:
if cli_object.rounds is not False:
try:
generatedhash = sha512_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds))
return generatedhash
except ValueError:
print helpers.color("[*] Warning: sha512_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
print helpers.color("[*] Running with default of 60000 rounds.", warning=True)
generatedhash = sha512_crypt.encrypt(cli_object.plaintext)
return generatedhash
else:
generatedhash = sha512_crypt.encrypt(cli_object.plaintext)
return generatedhash
return
def run_ipinfo_command(self, ip_addr):
ip_found = False
try:
for path, ip_objd in self.system_objects.iteritems():
if ip_objd[0].ip_address == ip_addr or ip_addr.lower(
) == 'all':
attrs = vars(ip_objd[0])
print ip_objd[0].ip_address
print "*" * 25
for key, value in attrs.iteritems():
print helpers.color(key) + ": " + self.collapse(value)
ip_found = True
if not ip_found:
print helpers.color(
"[*] Error: The provided IP address is not loaded in the framework!",
warning=True)
print helpers.color("[*] Error: Please provide a new IP.",
warning=True)
self.check_cli()
except IndexError:
print helpers.color(
"[*] Error: The \"ip_info\" command requires an IP address!",
warning=True)
self.check_cli()
return
def run_analyze_command(self, analyze_command):
try:
hit_module = False
for path, analytics_obj in self.analytical_transforms.iteritems():
if analyze_command.lower() == 'all':
analytics_obj.analyze(self.ip_objects)
hit_module = True
elif analyze_command.lower() == analytics_obj.cli_name.lower():
analytics_obj.analyze(self.ip_objects)
hit_module = True
break
except IndexError:
print helpers.color(
"\n\n[*] Error: Analyze command requires a module to load!",
warning=True)
print helpers.color("[*] Ex: analyze GeoInfo", warning=True)
self.check_cli()
if not hit_module:
print helpers.color(
"\n\n[*] Error: You didn't provide a valid module!",
warning=True)
print helpers.color("[*] Please re-run and use a valid module.",
warning=True)
self.check_cli()
return
def add_ip(self, ipstring):
total_systems = 0
ipstring = ipstring.strip()
if "/" in ipstring:
try:
for ip in netaddr.IPSet([ipstring]):
ip = str(ip)
activated_system_object = ip_object.IP_Information(ip)
if ip in self.system_objects:
print helpers.color("[*] Warning: Skipped duplicate IP ! (" + str(ipstring).strip() + ")", warning=True)
return total_systems
else:
self.system_objects[ip] = [activated_system_object, 1]
total_systems += 1
except netaddr.core.AddrFormatError:
print helpers.color("[*] Error: Bad IP CIDR range detected! (" + str(ipstring).strip() + ")", warning=True)
return 0
else:
activated_system_object = ip_object.IP_Information(ipstring.strip())
if ipstring in self.system_objects:
print helpers.color("[*] Warning: Skipped duplicate IP ! (" + str(ipstring).strip() + ")", warning=True)
return total_systems
else:
self.system_objects[ipstring] = [activated_system_object, 1]
total_systems += 1
print helpers.color("[*] Added " + ipstring)
return total_systems
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[0].domain_name != "":
if self.api_key is "":
print helpers.color(
"[*] Error: You didn't provide a MyWOT API Key!",
warning=True)
print helpers.color(
"[*] Please edit the MyWOT module and add in your API Key.",
warning=True)
print helpers.color(
"[*] Create an account at www.mywot.com and get a free API key.",
warning=True)
else:
if incoming_ip_obj[0].shodan_info is '':
print "Querying MyWOT for information about " + incoming_ip_obj[
0].domain_name
try:
url = "http://api.mywot.com/0.4/public_link_json2?hosts=" + incoming_ip_obj[
0].domain_name + "/&key=" + self.api_key
req = urllib2.Request(url)
response = urllib2.urlopen(req)
incoming_ip_obj[0].mywot = json.loads(
response.read())
except urllib2.HTTPError:
pass
except ValueError:
print helpers.color(
"Error loading JSON response for " +
incoming_ip_obj[0].domain_name,
warning=True)
return
def generate(self, cli_object):
if cli_object.salt is not False:
if cli_object.rounds is not False:
try:
generatedhash = sha256_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds), salt=cli_object.salt)
return generatedhash
except ValueError:
print helpers.color("Sha256_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
print helpers.color("[*] Running with default of 80000 rounds.", warning=True)
generatedhash = sha256_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
return generatedhash
else:
generatedhash = sha256_crypt.encrypt(cli_object.plaintext, salt=cli_object.salt)
return generatedhash
else:
if cli_object.rounds is not False:
try:
generatedhash = sha256_crypt.encrypt(cli_object.plaintext, rounds=int(cli_object.rounds))
return generatedhash
except ValueError:
print helpers.color("[*] Warning: Sha256_crypt and sha512_crypt require at least 1000 rounds.", warning=True)
print helpers.color("[*] Running with default of 80000 rounds.", warning=True)
generatedhash = sha256_crypt.encrypt(cli_object.plaintext)
return generatedhash
else:
generatedhash = sha256_crypt.encrypt(cli_object.plaintext)
return generatedhash
return
def save_state(self, f):
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
if f == "":
f = 'metadata' + current_date + "_" + current_time + '.state'
# Save state to disk
try:
pickle.dump(self.system_objects, open(f, 'wb'))
print helpers.color("\nState saved to disk at " + f)
except IOError as e:
print helpers.color("\nCannot save state file " + f + ": " + e.strerror)
pass
return
def save_state(self, f):
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
if f == "":
f = 'metadata' + current_date + "_" + current_time + '.state'
# Save state to disk
try:
pickle.dump(self.system_objects, open(f, 'wb'))
print helpers.color("\nState saved to disk at " + f)
except IOError as e:
print helpers.color("\nCannot save state file " + f + ": " + e.strerror)
pass
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[0].ip_whois == "" and incoming_ip_obj[0].ip_address != "":
try:
print "Gathering whois information about " + incoming_ip_obj[0].ip_address
ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].ip_whois = ip_whois.lookup_whois()
except IPDefinedError:
print helpers.color("[*] Error: Private IP address, skipping IP!", warning=True)
except HTTPLookupError:
print helpers.color("Could not connect online to lookup whois for " + incoming_ip_obj[0].domain_name, warning=True)
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[0].ip_whois == "":
try:
print "Gathering whois information about " + incoming_ip_obj[
0].ip_address
ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].ip_whois = ip_whois.lookup()
except IPDefinedError:
print helpers.color(
"[*] Error: Private IP address, skipping IP!",
warning=True)
return
def run_list_command(self, list_cmd):
try:
if len(list_cmd.split()) == 1:
list_command = list_cmd
else:
list_command = list_cmd.split()[1]
if list_command.lower() == 'analysis':
for path, object_name in self.analytical_transforms.iteritems():
print object_name.cli_name + " => " + object_name.description
print "All => Invokes all of the above Analysis modules"
elif list_command.lower() == 'gather':
for path, object_name in self.intelgathering_transforms.iteritems():
print object_name.cli_name + " => " + object_name.description
print "All => Invokes all of the above IntelGathering modules"
except IndexError:
print helpers.color("\n\n[*] Error: You did not provide module type to display!", warning=True)
print helpers.color("[*] Ex: list analysis", warning=True)
self.check_cli()
return
def export_info(self):
# Date and Time for export File
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
# True for printing the header on the first system
# after that, only values
add_header = True
for path, ip_objd in self.ip_objects.iteritems():
attrs = vars(ip_objd[0])
with open('export_' + current_date + '_' + current_time + '.csv', 'a') as export_file:
csv_file = csv.DictWriter(export_file, attrs.keys())
if add_header:
csv_file.writeheader()
add_header = False
csv_file.writerow(attrs)
print helpers.color("\nExport file saved to disk at export_" + current_date + "_" + current_time + ".csv")
return
def export_info(self):
# Date and Time for export File
current_date = time.strftime("%m/%d/%Y").replace("/", "")
current_time = time.strftime("%H:%M:%S").replace(":", "")
# True for printing the header on the first system
# after that, only values
add_header = True
for path, ip_objd in self.ip_objects.iteritems():
attrs = vars(ip_objd[0])
with open('export_' + current_date + '_' + current_time + '.csv', 'a') as export_file:
csv_file = csv.DictWriter(export_file, attrs.keys())
if add_header:
csv_file.writeheader()
add_header = False
csv_file.writerow(attrs)
print helpers.color("\nExport file saved to disk at export_" + current_date + "_" + current_time + ".csv")
return
def run_list_command(self, list_cmd):
try:
if len(list_cmd.split()) == 1:
list_command = list_cmd
else:
list_command = list_cmd.split()[1]
if list_command.lower() == 'analysis':
for path, object_name in self.analytical_transforms.iteritems():
print object_name.cli_name + " => " + object_name.description
print "All => Invokes all of the above Analysis modules"
elif list_command.lower() == 'gather':
for path, object_name in self.intelgathering_transforms.iteritems():
print object_name.cli_name + " => " + object_name.description
print "All => Invokes all of the above IntelGathering modules"
except IndexError:
print helpers.color("\n\n[*] Error: You did not provide module type to display!", warning=True)
print helpers.color("[*] Ex: list analysis", warning=True)
self.check_cli()
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.items():
if incoming_ip_obj[0].shodan_info == "":
if self.api_key is "":
print(helpers.color("[*] Error: You didn't provide a Shodan API Key!", warning=True))
print(helpers.color("[*] Please edit Shodan module and add in your API Key.", warning=True))
else:
if incoming_ip_obj[0].shodan_info is '':
print("Querying Shodan for information about " + incoming_ip_obj[0].ip_address)
try:
json_result = self.api_object.host(incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].shodan_info = json_result
except shodan.exception.APIError:
incoming_ip_obj[0].shodan_info = "No available information within Shodan about " + incoming_ip_obj[0].ip_address
except simplejson.decoder.JSONDecodeError:
pass
return
def analyze(self, all_ip_objects):
if self.https_cert == '':
print "Please provide the HTTPS certificate you want to search for."
self.https_cert = raw_input(' \n\n[>] HTTPS Cert (including start and end tags): ').strip()
for path, single_ip in all_ip_objects.iteritems():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for item in single_ip[0].shodan_info['data']:
if 'opts' in item:
if 'pem' in item['opts']:
if self.https_cert.strip() in item['opts']['pem'].encode('utf-8').replace('\n', '').replace('\r', ''):
self.found_ips.append(single_ip[0].ip_address)
if len(self.found_ips) > 0:
print helpers.color("\nCertificate Found!")
print "===================================="
for ip in self.found_ips:
print helpers.color(ip)
print
else:
print helpers.color("\nCertificate is not found within the currently loaded data!\n", warning=True)
self.https_cert = ''
self.found_ips = []
return
def load_ips(self, file_of_systems):
# Check to make sure file given is a valid file
if os.path.isfile(file_of_systems):
# read in IPs from a file
with open(file_of_systems, "r") as system_file:
justmetadata_system_list = system_file.readlines()
total_systems = len(justmetadata_system_list)
# Cast each IP its own object
for system in justmetadata_system_list:
activated_system_object = ip_object.IP_Information(
system.strip())
if system in self.system_objects:
self.system_objects[system][
1] = self.system_objects[system][1] + 1
else:
self.system_objects[system] = [activated_system_object, 1]
print helpers.color("[*] Loaded " + str(total_systems) +
" systems")
else:
print helpers.color("\n\n[*] Error: Invalid file path provided!",
warning=True)
print helpers.color(
"[*] Error: Please provide the valid path to a file.",
warning=True)
return
def generate(self, cli_object):
if cli_object.salt is not False:
if cli_object.rounds is not False:
try:
generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext, rounds=cli_object.rounds, salt=cli_object.salt)
except ValueError:
print helpers.color("Error: BCrypt requres a salt of 22 alphanumeric characters", warning=True)
sys.exit()
return generatedhash
else:
try:
generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext, salt=cli_object.salt)
except ValueError:
print helpers.color("Error: BCrypt requres a salt of 22 alphanumeric characters", warning=True)
sys.exit()
return generatedhash
else:
if cli_object.rounds is not False:
try:
generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext, rounds=cli_object.rounds)
except ValueError:
print helpers.color("[*] Warning: BCrypt requires > 4 rounds! Running with 12 (default) rounds now.", warning=True)
generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext)
return generatedhash
else:
generatedhash = getattr(hashes, "bcrypt").encrypt(cli_object.plaintext)
return generatedhash
def load_ips(self, file_of_ips):
# Check to make sure file given is a valid file
if os.path.isfile(file_of_ips):
# read in IPs from a file
with open(file_of_ips, "r") as ip_file:
ip_addr_dictionary = ip_file.readlines()
total_ips = len(ip_addr_dictionary)
# Cast each IP its own object
for ip in ip_addr_dictionary:
activated_ip_object = ip_object.IP_Information(ip.strip())
if ip in self.ip_objects:
self.ip_objects[ip][1] = self.ip_objects[ip][1] + 1
else:
self.ip_objects[ip] = [activated_ip_object, 1]
print helpers.color("[*] Loaded " + str(total_ips) + " IPs")
else:
print helpers.color("\n\n[*] Error: Invalid file path provided!",
warning=True)
print helpers.color(
"[*] Error: Please provide the valid path to a file.",
warning=True)
return
def analyze(self, all_ip_objects):
if self.ssh_key == '':
print "Please provide the SSH Key you want to search for."
self.ssh_key = raw_input(' \n\n[>] SSH Key: ').strip()
for path, single_ip in all_ip_objects.iteritems():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for item in single_ip[0].shodan_info['data']:
if 'opts' in item:
if 'ssh' in item['opts']:
if 'key' in item['opts']['ssh']:
if self.ssh_key == item['opts']['ssh']['key'].encode('utf-8').replace('\n', '').replace('\r', ''):
self.found_ips.append(single_ip[0].ip_address)
if len(self.found_ips) > 0:
print helpers.color("\nKey Found!")
print "===================================="
for ip in self.found_ips:
print helpers.color(ip)
print
else:
print helpers.color("\nKey is not found within the currently loaded data!\n", warning=True)
self.ssh_key = ''
self.found_ips = []
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[
0].ip_whois == "" and incoming_ip_obj[0].ip_address != "":
try:
print "Gathering whois information about " + incoming_ip_obj[
0].ip_address
ip_whois = IPWhois(incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].ip_whois = ip_whois.lookup()
except IPDefinedError:
print helpers.color(
"[*] Error: Private IP address, skipping IP!",
warning=True)
except HTTPLookupError:
print helpers.color(
"Could not connect online to lookup whois for " +
incoming_ip_obj[0].domain_name,
warning=True)
return
def analyze(self, all_ip_objects):
if self.top_number == '':
print "You selected the \"Top_Ports\" module, how many ports do you want returned?"
print "Ex: 10"
self.top_number = int(raw_input(' \n\n[>] Total: ').strip())
top_ports = {}
for path, single_ip in all_ip_objects.iteritems():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for item in single_ip[0].shodan_info['ports']:
if item in top_ports:
top_ports[item] += 1
else:
top_ports[item] = 1
# Iterate over all ports
sorted_top_ports = self.dict_sorter(top_ports)
list_counter = 1
print "*" * 70
print helpers.color(" " * 20 + "Top Ports : Number of Instances" +
" " * 20)
print "*" * 70
while ((list_counter <= self.top_number)
and ((list_counter - 1) != len(sorted_top_ports))):
sorted_ports_tuple = sorted_top_ports[-list_counter]
print "Port: " + helpers.color(str(
sorted_ports_tuple[0])) + " - " + str(
sorted_ports_tuple[1]) + " instances"
list_counter += 1
print
self.top_number = ''
return
def run_gather_command(self, gather_module):
gather_module_found = False
try:
for path, ig_obj in self.intelgathering_transforms.iteritems():
if gather_module.lower() == 'all':
ig_obj.gather(self.ip_objects)
gather_module_found = True
elif gather_module.lower() == ig_obj.cli_name.lower():
ig_obj.gather(self.ip_objects)
gather_module_found = True
break
if not gather_module_found:
print helpers.color("\n\n[*] Error: You didn't provide a valid gather module!", warning=True)
print helpers.color("[*] Please re-run and use a valid module.", warning=True)
self.check_cli()
except IndexError:
print helpers.color("\n\n[*] Error: Module command requires a module to load!", warning=True)
print helpers.color("[*] Ex: gather geoinfo", warning=True)
self.check_cli()
except KeyboardInterrupt:
print helpers.color("\n\n[*] You rage quit your intel gathering!", warning=True)
self.check_cli()
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if (
incoming_ip_obj[0].ip_country == ""
and incoming_ip_obj[0].ip_city == ""
and incoming_ip_obj[0].ip_isp == ""
and incoming_ip_obj[0].ip_latitude == ""
):
# Make request for information about IPs
print "Getting info on... " + incoming_ip_obj[0].ip_address
try:
response = urllib2.urlopen("http://ip-api.com/json/" + incoming_ip_obj[0].ip_address)
json_response = response.read()
decoded_json = json.loads(json_response)
# Check for failed response (such as a reserved range)
if decoded_json["status"].encode("utf-8") == "fail":
print helpers.color(
"[*] Could not retrieve information for " + incoming_ip_obj[0].ip_address, warning=True
)
else:
# Load info into IP object
if decoded_json["as"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_as_number = decoded_json["as"].encode("utf-8")
if decoded_json["country"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_country = decoded_json["country"].encode("utf-8")
if decoded_json["countryCode"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_country_code = decoded_json["countryCode"].encode("utf-8")
if decoded_json["city"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_city = decoded_json["city"].encode("utf-8")
if decoded_json["zip"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_zipcode = decoded_json["zip"].encode("utf-8")
if decoded_json["isp"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_isp = decoded_json["isp"].encode("utf-8")
if decoded_json["lat"] is not "":
incoming_ip_obj[0].ip_latitude = str(decoded_json["lat"])
if decoded_json["lon"] is not "":
incoming_ip_obj[0].ip_longitude = str(decoded_json["lon"])
if decoded_json["region"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_region_code = decoded_json["region"].encode("utf-8")
if decoded_json["regionName"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_region_name = decoded_json["regionName"].encode("utf-8")
if decoded_json["timezone"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_timezone = decoded_json["timezone"].encode("utf-8")
if decoded_json["org"].encode("utf-8") is not "":
incoming_ip_obj[0].ip_organization = decoded_json["org"].encode("utf-8")
# Sleep is here to make sure we don't go over API limits
time.sleep(0.25)
except urllib2.URLError:
print helpers.color("[!] Cannot receive IP Geo Information from source!", warning=True)
print helpers.color("[!] Moving to the next IP address...", warning=True)
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if self.check_host(incoming_ip_obj[0].ip_address) and incoming_ip_obj[0].virustotal is '':
request_url = self.api_url + 'ip-address/report?'
parameters = {'ip': incoming_ip_obj[0].ip_address, 'apikey': self.api_key}
encoded_params = urllib.urlencode(parameters)
full_url = request_url + encoded_params
try:
response = urllib.urlopen(full_url).read()
json_response = json.loads(response)
if json_response['response_code'] == 0:
print "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
incoming_ip_obj[0].virustotal = "No information within VirusTotal for " + incoming_ip_obj[0].ip_address
else:
print "Information found on " + helpers.color(incoming_ip_obj[0].ip_address)
incoming_ip_obj[0].virustotal = json_response
except IOError:
print helpers.color("Error while connecting to Virustotal for " + incoming_ip_obj[0].ip_address, warning=True)
time.sleep(16)
return
def load_ips(self, file_of_ips):
# Check to make sure file given is a valid file
if os.path.isfile(file_of_ips):
# read in IPs from a file
with open(file_of_ips, "r") as ip_file:
ip_addr_dictionary = ip_file.readlines()
total_ips = len(ip_addr_dictionary)
# Cast each IP its own object
for ip in ip_addr_dictionary:
activated_ip_object = ip_object.IP_Information(ip.strip())
if ip in self.ip_objects:
self.ip_objects[ip][1] = self.ip_objects[ip][1] + 1
else:
self.ip_objects[ip] = [activated_ip_object, 1]
print helpers.color("[*] Loaded " + str(total_ips) + " IPs")
return
else:
print "[*] Error: Invalid file path provided!"
print "[*] Error: Please provide the valid path to a file."
return
def run_ipinfo_command(self, ip_addr):
ip_found = False
try:
for path, ip_objd in self.ip_objects.iteritems():
if ip_objd[0].ip_address == ip_addr:
attrs = vars(ip_objd[0])
print ip_objd[0].ip_address
print "*" * 25
for key, value in attrs.iteritems():
print helpers.color(key) + ": " + self.collapse(value)
ip_found = True
if not ip_found:
print helpers.color("[*] Error: The provided IP address is not loaded in the framework!", warning=True)
print helpers.color("[*] Error: Please provide a new IP.", warning=True)
self.check_cli()
except IndexError:
print helpers.color("[*] Error: The \"ip_info\" command requires an IP address!", warning=True)
self.check_cli()
return
def run_analyze_command(self, analyze_command):
try:
hit_module = False
for path, analytics_obj in self.analytical_transforms.iteritems():
if analyze_command.lower() == 'all':
analytics_obj.analyze(self.ip_objects)
hit_module = True
elif analyze_command.lower() == analytics_obj.cli_name.lower():
analytics_obj.analyze(self.ip_objects)
hit_module = True
break
except IndexError:
print helpers.color("\n\n[*] Error: Analyze command requires a module to load!", warning=True)
print helpers.color("[*] Ex: analyze GeoInfo", warning=True)
self.check_cli()
if not hit_module:
print helpers.color("\n\n[*] Error: You didn't provide a valid module!", warning=True)
print helpers.color("[*] Please re-run and use a valid module.", warning=True)
self.check_cli()
return
def load_ips(self, file_of_systems):
# Check to make sure file given is a valid file
if os.path.isfile(file_of_systems):
# read in IPs from a file
with open(file_of_systems, "r") as system_file:
justmetadata_system_list = system_file.readlines()
total_systems = 0
# Cast each IP its own object
for system in justmetadata_system_list:
if "/" in system:
try:
for ip in netaddr.IPSet([system]):
ip = str(ip)
activated_system_object = ip_object.IP_Information(ip)
if ip in self.system_objects:
self.system_objects[ip][1] = self.system_objects[ip][1] + 1
total_systems += 1
else:
self.system_objects[ip] = [activated_system_object, 1]
total_systems += 1
except netaddr.core.AddrFormatError:
print helpers.color("[*] Error: Bad IP CIDR range detected! (" + str(system).strip() + ")", warning=True)
continue
else:
activated_system_object = ip_object.IP_Information(system.strip())
if system in self.system_objects:
self.system_objects[system][1] = self.system_objects[system][1] + 1
total_systems += 1
else:
self.system_objects[system] = [activated_system_object, 1]
total_systems += 1
print helpers.color("[*] Loaded " + str(total_systems) + " systems")
else:
print helpers.color("\n\n[*] Error: Invalid file path provided!", warning=True)
print helpers.color("[*] Error: Please provide the valid path to a file.", warning=True)
return
def load_ips(self, file_of_systems):
# Check to make sure file given is a valid file
if os.path.isfile(file_of_systems):
# read in IPs from a file
with open(file_of_systems, "r") as system_file:
justmetadata_system_list = system_file.readlines()
total_systems = 0
# Cast each IP its own object
for system in justmetadata_system_list:
if "/" in system:
try:
for ip in netaddr.IPSet([system]):
ip = str(ip)
activated_system_object = ip_object.IP_Information(ip)
if ip in self.system_objects:
self.system_objects[ip][1] = self.system_objects[ip][1] + 1
total_systems += 1
else:
self.system_objects[ip] = [activated_system_object, 1]
total_systems += 1
except netaddr.core.AddrFormatError:
print helpers.color("[*] Error: Bad IP CIDR range detected! (" + str(system).strip() + ")", warning=True)
continue
else:
activated_system_object = ip_object.IP_Information(system.strip())
if system in self.system_objects:
self.system_objects[system][1] = self.system_objects[system][1] + 1
total_systems += 1
else:
self.system_objects[system] = [activated_system_object, 1]
total_systems += 1
print helpers.color("[*] Loaded " + str(total_systems) + " systems")
else:
print helpers.color("\n\n[*] Error: Invalid file path provided!", warning=True)
print helpers.color("[*] Error: Please provide the valid path to a file.", warning=True)
return
def gather(self, all_ips):
for path, incoming_ip_obj in all_ips.iteritems():
if incoming_ip_obj[0].domain_name != "":
if self.api_key is "":
print helpers.color("[*] Error: You didn't provide a MyWOT API Key!", warning=True)
print helpers.color("[*] Please edit the MyWOT module and add in your API Key.", warning=True)
print helpers.color("[*] Create an account at www.mywot.com and get a free API key.", warning=True)
else:
if incoming_ip_obj[0].shodan_info is '':
print "Querying MyWOT for information about " + incoming_ip_obj[0].domain_name
try:
url = "http://api.mywot.com/0.4/public_link_json2?hosts=" + incoming_ip_obj[0].domain_name + "/&key=" + self.api_key
req = urllib2.Request(url)
response = urllib2.urlopen(req)
incoming_ip_obj[0].mywot = json.loads(response.read())
except urllib2.HTTPError:
pass
except ValueError:
print helpers.color("Error loading JSON response for " + incoming_ip_obj[0].domain_name, warning=True)
return
def add_ip(self, ipstring):
total_systems = 0
ipstring = ipstring.strip()
if "/" in ipstring:
try:
for ip in netaddr.IPSet([ipstring]):
ip = str(ip)
activated_system_object = ip_object.IP_Information(ip)
if ip in self.system_objects:
print helpers.color(
"[*] Warning: Skipped duplicate IP ! (" +
str(ipstring).strip() + ")",
warning=True)
return total_systems
else:
self.system_objects[ip] = [activated_system_object, 1]
total_systems += 1
except netaddr.core.AddrFormatError:
print helpers.color(
"[*] Error: Bad IP CIDR range detected! (" +
str(ipstring).strip() + ")",
warning=True)
return 0
else:
activated_system_object = ip_object.IP_Information(
ipstring.strip())
if ipstring in self.system_objects:
print helpers.color("[*] Warning: Skipped duplicate IP ! (" +
str(ipstring).strip() + ")",
warning=True)
return total_systems
else:
self.system_objects[ipstring] = [activated_system_object, 1]
total_systems += 1
print helpers.color("[*] Added " + ipstring)
return total_systems
def load_ips(self, file_of_systems):
# Check to make sure file given is a valid file
if os.path.isfile(file_of_systems):
# read in IPs from a file
with open(file_of_systems, "r") as system_file:
justmetadata_system_list = system_file.readlines()
total_systems = 0
# Cast each IP its own object
for system in justmetadata_system_list:
total_systems += self.add_ip(system)
print helpers.color("[*] Loaded " + str(total_systems) + " systems")
else:
print helpers.color("\n\n[*] Error: Invalid file path provided!", warning=True)
print helpers.color("[*] Error: Please provide the valid path to a file.", warning=True)
return
def load_ips(self, file_of_systems):
# Check to make sure file given is a valid file
if os.path.isfile(file_of_systems):
# read in IPs from a file
with open(file_of_systems, "r") as system_file:
justmetadata_system_list = system_file.readlines()
total_systems = 0
# Cast each IP its own object
for system in justmetadata_system_list:
total_systems += self.add_ip(system)
print helpers.color("[*] Loaded " + str(total_systems) +
" systems")
else:
print helpers.color("\n\n[*] Error: Invalid file path provided!",
warning=True)
print helpers.color(
"[*] Error: Please provide the valid path to a file.",
warning=True)
return
def analyze(self, all_ip_objects):
if self.ssh_key == '':
print "Please provide the SSH Key you want to search for."
self.ssh_key = raw_input(' \n\n[>] SSH Key: ').strip()
for path, single_ip in all_ip_objects.iteritems():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for item in single_ip[0].shodan_info['data']:
if 'opts' in item:
if 'ssh' in item['opts']:
if 'key' in item['opts']['ssh']:
if self.ssh_key == item['opts']['ssh'][
'key'].encode('utf-8').replace(
'\n', '').replace('\r', ''):
self.found_ips.append(
single_ip[0].ip_address)
if len(self.found_ips) > 0:
print helpers.color("\nKey Found!")
print "===================================="
for ip in self.found_ips:
print helpers.color(ip)
print
else:
print helpers.color(
"\nKey is not found within the currently loaded data!\n",
warning=True)
self.ssh_key = ''
self.found_ips = []
return
def analyze(self, all_ip_objects):
if self.https_cert == '':
print "Please provide the HTTPS certificate you want to search for."
self.https_cert = raw_input(
' \n\n[>] HTTPS Cert (including start and end tags): ').strip(
)
for path, single_ip in all_ip_objects.iteritems():
if single_ip[0].shodan_info is not '' and\
'No available information within Shodan about' not in\
single_ip[0].shodan_info:
for item in single_ip[0].shodan_info['data']:
if 'opts' in item:
if 'pem' in item['opts']:
if self.https_cert.strip(
) in item['opts']['pem'].encode('utf-8').replace(
'\n', '').replace('\r', ''):
self.found_ips.append(single_ip[0].ip_address)
if len(self.found_ips) > 0:
print helpers.color("\nCertificate Found!")
print "===================================="
for ip in self.found_ips:
print helpers.color(ip)
print
else:
print helpers.color(
"\nCertificate is not found within the currently loaded data!\n",
warning=True)
self.https_cert = ''
self.found_ips = []
return
