def dotransform(request, response): ip = IPAddress(request.value) w = fromstring(whoisip(ip, accept='application/xml')) network = IPNetwork([ w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text, w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text ]) e = Netblock(network.netblock) e += Label('CIDR Notation', repr(network)) e += Label('Network Mask', network.netmask) e += Label('Number of Hosts', int(~network.netmask) - 1) response += e for nb in w.findall('netBlocks/netBlock'): network = IPNetwork( [nb.find('startAddress').text, nb.find('endAddress').text]) e = Netblock(network.netblock) e += Label('CIDR Notation', repr(network)) e += Label('Network Mask', network.netmask) e += Label('Number of Hosts', int(~network.netmask) - 1) return response
def dotransform(request, response): ip = IPAddress(request.value) w = fromstring(whoisip(ip, accept='application/xml')) network = IPNetwork([ w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text, w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text ]) e = Netblock(network.netblock) e += Label('CIDR Notation', repr(network)) e += Label('Network Mask', network.netmask) e += Label('Number of Hosts', int(~network.netmask) - 1) response += e for nb in w.findall('netBlocks/netBlock'): network = IPNetwork([ nb.find('startAddress').text, nb.find('endAddress').text ]) e = Netblock(network.netblock) e += Label('CIDR Notation', repr(network)) e += Label('Network Mask', network.netmask) e += Label('Number of Hosts', int(~network.netmask) - 1) return response
def findremoteneighbors(ip, response): debug('Doing an ARIN whois lookup...') w = fromstring(whoisip(ip, accept='application/xml')) network = IPNetwork([ w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text, w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text ]) # e = Netblock(network.netblock) # e += Label('CIDR Notation', repr(network)) # e += Label('Network Mask', network.netmask) # e += Label('Number of Hosts', int(~network.netmask) - 1) # response += e if network.cidrlen < 24: debug( 'According to ARIN, the CIDR length is %d, reducing it to 24 for the scan...' % network.cidrlen) network.netblock = '%s/24' % ip debug('Probing the host on TCP ports 0-1024...') r = sr1(IP(dst=str(ip)) / TCP(dport=(0, 1024)), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries']) if r is not None and r.src == ip: dport = r.sport debug('Performing a traceroute to destination %s' % ip) ans = traceroute2(str(ip), TCP(dport=dport), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries']) l_hop = ans[-1] sl_hop = ans[-2] if sl_hop['ttl'] != l_hop['ttl'] - 1: debug( "It takes %d hops to get to %s but we could only find the router at hop %d (%s)." % (l_hop['ttl'], ip, sl_hop['ttl'], sl_hop['ip'])) debug("Can't find second last hop... aborting...") else: debug( 'It takes %d hops to get to %s and it is attached to router %s...' % (l_hop['ttl'], ip, sl_hop['ip'])) debug('Sending probe packets to %s with ttl %d...' % (network, sl_hop['ttl'])) ans = sr(IP(dst=repr(network), ttl=sl_hop['ttl']) / TCP(dport=dport), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries'])[0] for r in ans: if r[1].src == sl_hop['ip']: debug('%s is attached to the same router...' % r[0].dst) e = IPv4Address(r[0].dst) alive = sr1(IP(dst=r[0].dst) / TCP(dport=dport), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries']) if alive is not None: e += Field('alive', 'true') response += e return response
def findremoteneighbors(ip, response): debug('Doing an ARIN whois lookup...') w = fromstring(whoisip(ip, accept='application/xml')) network = IPNetwork([ w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text, w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text ]) # e = Netblock(network.netblock) # e += Label('CIDR Notation', repr(network)) # e += Label('Network Mask', network.netmask) # e += Label('Number of Hosts', int(~network.netmask) - 1) # response += e if network.cidrlen < 24: debug('According to ARIN, the CIDR length is %d, reducing it to 24 for the scan...' % network.cidrlen) network.netblock = '%s/24' % ip debug('Probing the host on TCP ports 0-1024...') r = sr1( IP(dst=str(ip))/TCP(dport=(0,1024)), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries'] ) if r is not None and r.src == ip: dport = r.sport debug('Performing a traceroute to destination %s' % ip) ans = traceroute2( str(ip), TCP(dport=dport), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries'] ) l_hop = ans[-1] sl_hop = ans[-2] if sl_hop['ttl'] != l_hop['ttl'] - 1: debug( "It takes %d hops to get to %s but we could only find the router at hop %d (%s)." % (l_hop['ttl'], ip, sl_hop['ttl'], sl_hop['ip']) ) debug("Can't find second last hop... aborting...") else: debug('It takes %d hops to get to %s and it is attached to router %s...' % (l_hop['ttl'], ip, sl_hop['ip'])) debug('Sending probe packets to %s with ttl %d...' % (network, sl_hop['ttl'])) ans = sr( IP(dst=repr(network), ttl=sl_hop['ttl'])/TCP(dport=dport), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries'] )[0] for r in ans: if r[1].src == sl_hop['ip']: debug('%s is attached to the same router...' % r[0].dst) e = IPv4Address(r[0].dst) alive = sr1( IP(dst=r[0].dst)/TCP(dport=dport), timeout=config['scapy/sr_timeout'], verbose=config['scapy/sr_verbose'], retry=config['scapy/sr_retries'] ) if alive is not None: e += Field('alive', 'true') response += e return response