def initialNmapScan(ip, ports='1-1024'):
nmap = Nmap(ip, ports)
serviceScan = nmap.tcpVersionScan()
openPorts = {'tcp': nmap.getOpenTcpPorts()}
os = nmap.getOs()
services = {}
ports = []
for port in openPorts['tcp']:
ports.append(port)
serviceName = serviceScan[port]['name']
serviceProduct = serviceScan[port]['product']
serviceVersion = serviceScan[port]['version']
state = serviceScan[port]['state']
services[port] = {
'name': serviceName,
'product': serviceProduct,
'version': serviceVersion,
'state': state
}
scanResults = {'ports': ports, 'services': services, 'os': os}
return scanResults
serviceProduct = services[port]['product']
if serviceName == 'http':
httpPorts.append(port)
serviceVersion = services[port]['version']
state = services[port]['state']
print(' ' + str(port) + '/tcp: ' + ' ' + state + ' ' +
serviceName.rstrip(',') + ', ' + serviceProduct + ', ' +
serviceVersion)
# ============================== os scan ==============================
printHeader('Operating System Scan')
print(' OS: ' + nmap.getOs())
# ============================== web scan ==============================
printHeader('Web Scan')
for port in httpPorts:
webscan = WebScanner(target, port)
printSubHeader('http title, port ' + str(port))
print(' ' + webscan.getHttpTitle() + '\n')
printSubHeader('nmap http enum, port ' + str(port))
print(webscan.nmapHttpEnum())
printSubHeader('directory brute force, port ' + str(port))
directories = webscan.directoryButeForce()