def dotransform(request, response):
ip = IPAddress(request.value)
w = fromstring(whoisip(ip, accept='application/xml'))
network = IPNetwork([
w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text,
w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text
])
e = Netblock(network.netblock)
e += Label('CIDR Notation', repr(network))
e += Label('Network Mask', network.netmask)
e += Label('Number of Hosts', int(~network.netmask) - 1)
response += e
for nb in w.findall('netBlocks/netBlock'):
network = IPNetwork(
[nb.find('startAddress').text,
nb.find('endAddress').text])
e = Netblock(network.netblock)
e += Label('CIDR Notation', repr(network))
e += Label('Network Mask', network.netmask)
e += Label('Number of Hosts', int(~network.netmask) - 1)
return response
def dotransform(request, response):
ip = IPAddress(request.value)
w = fromstring(whoisip(ip, accept='application/xml'))
network = IPNetwork([
w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text,
w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text
])
e = Netblock(network.netblock)
e += Label('CIDR Notation', repr(network))
e += Label('Network Mask', network.netmask)
e += Label('Number of Hosts', int(~network.netmask) - 1)
response += e
for nb in w.findall('netBlocks/netBlock'):
network = IPNetwork([
nb.find('startAddress').text,
nb.find('endAddress').text
])
e = Netblock(network.netblock)
e += Label('CIDR Notation', repr(network))
e += Label('Network Mask', network.netmask)
e += Label('Number of Hosts', int(~network.netmask) - 1)
return response
def findremoteneighbors(ip, response):
debug('Doing an ARIN whois lookup...')
w = fromstring(whoisip(ip, accept='application/xml'))
network = IPNetwork([
w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text,
w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text
])
# e = Netblock(network.netblock)
# e += Label('CIDR Notation', repr(network))
# e += Label('Network Mask', network.netmask)
# e += Label('Number of Hosts', int(~network.netmask) - 1)
# response += e
if network.cidrlen < 24:
debug(
'According to ARIN, the CIDR length is %d, reducing it to 24 for the scan...'
% network.cidrlen)
network.netblock = '%s/24' % ip
debug('Probing the host on TCP ports 0-1024...')
r = sr1(IP(dst=str(ip)) / TCP(dport=(0, 1024)),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries'])
if r is not None and r.src == ip:
dport = r.sport
debug('Performing a traceroute to destination %s' % ip)
ans = traceroute2(str(ip),
TCP(dport=dport),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries'])
l_hop = ans[-1]
sl_hop = ans[-2]
if sl_hop['ttl'] != l_hop['ttl'] - 1:
debug(
"It takes %d hops to get to %s but we could only find the router at hop %d (%s)."
% (l_hop['ttl'], ip, sl_hop['ttl'], sl_hop['ip']))
debug("Can't find second last hop... aborting...")
else:
debug(
'It takes %d hops to get to %s and it is attached to router %s...'
% (l_hop['ttl'], ip, sl_hop['ip']))
debug('Sending probe packets to %s with ttl %d...' %
(network, sl_hop['ttl']))
ans = sr(IP(dst=repr(network), ttl=sl_hop['ttl']) /
TCP(dport=dport),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries'])[0]
for r in ans:
if r[1].src == sl_hop['ip']:
debug('%s is attached to the same router...' % r[0].dst)
e = IPv4Address(r[0].dst)
alive = sr1(IP(dst=r[0].dst) / TCP(dport=dport),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries'])
if alive is not None:
e += Field('alive', 'true')
response += e
return response
def findremoteneighbors(ip, response):
debug('Doing an ARIN whois lookup...')
w = fromstring(whoisip(ip, accept='application/xml'))
network = IPNetwork([
w.find('{http://www.arin.net/whoisrws/core/v1}startAddress').text,
w.find('{http://www.arin.net/whoisrws/core/v1}endAddress').text
])
# e = Netblock(network.netblock)
# e += Label('CIDR Notation', repr(network))
# e += Label('Network Mask', network.netmask)
# e += Label('Number of Hosts', int(~network.netmask) - 1)
# response += e
if network.cidrlen < 24:
debug('According to ARIN, the CIDR length is %d, reducing it to 24 for the scan...' % network.cidrlen)
network.netblock = '%s/24' % ip
debug('Probing the host on TCP ports 0-1024...')
r = sr1(
IP(dst=str(ip))/TCP(dport=(0,1024)),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries']
)
if r is not None and r.src == ip:
dport = r.sport
debug('Performing a traceroute to destination %s' % ip)
ans = traceroute2(
str(ip),
TCP(dport=dport),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries']
)
l_hop = ans[-1]
sl_hop = ans[-2]
if sl_hop['ttl'] != l_hop['ttl'] - 1:
debug(
"It takes %d hops to get to %s but we could only find the router at hop %d (%s)." %
(l_hop['ttl'], ip, sl_hop['ttl'], sl_hop['ip'])
)
debug("Can't find second last hop... aborting...")
else:
debug('It takes %d hops to get to %s and it is attached to router %s...' % (l_hop['ttl'], ip, sl_hop['ip']))
debug('Sending probe packets to %s with ttl %d...' % (network, sl_hop['ttl']))
ans = sr(
IP(dst=repr(network), ttl=sl_hop['ttl'])/TCP(dport=dport),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries']
)[0]
for r in ans:
if r[1].src == sl_hop['ip']:
debug('%s is attached to the same router...' % r[0].dst)
e = IPv4Address(r[0].dst)
alive = sr1(
IP(dst=r[0].dst)/TCP(dport=dport),
timeout=config['scapy/sr_timeout'],
verbose=config['scapy/sr_verbose'],
retry=config['scapy/sr_retries']
)
if alive is not None:
e += Field('alive', 'true')
response += e
return response
