def test_iter_nmap_range():
assert list(iter_nmap_range('192.0.2.1')) == [IPAddress('192.0.2.1')]
ip_list = list(iter_nmap_range('192.0.2.0-31'))
assert len(ip_list) == 32
assert ip_list == [
IPAddress('192.0.2.0'), IPAddress('192.0.2.1'), IPAddress('192.0.2.2'),
IPAddress('192.0.2.3'), IPAddress('192.0.2.4'), IPAddress('192.0.2.5'),
IPAddress('192.0.2.6'), IPAddress('192.0.2.7'), IPAddress('192.0.2.8'), IPAddress('192.0.2.9'),
IPAddress('192.0.2.10'), IPAddress('192.0.2.11'), IPAddress('192.0.2.12'), IPAddress('192.0.2.13'),
IPAddress('192.0.2.14'), IPAddress('192.0.2.15'), IPAddress('192.0.2.16'), IPAddress('192.0.2.17'),
IPAddress('192.0.2.18'), IPAddress('192.0.2.19'), IPAddress('192.0.2.20'), IPAddress('192.0.2.21'),
IPAddress('192.0.2.22'), IPAddress('192.0.2.23'), IPAddress('192.0.2.24'), IPAddress('192.0.2.25'),
IPAddress('192.0.2.26'), IPAddress('192.0.2.27'), IPAddress('192.0.2.28'), IPAddress('192.0.2.29'),
IPAddress('192.0.2.30'), IPAddress('192.0.2.31')]
assert len(list(iter_nmap_range('192.0.2-3.1-7'))) == 14
assert list(iter_nmap_range('192.0.2.1-3,5,7-9')) == [
IPAddress('192.0.2.1'),
IPAddress('192.0.2.2'),
IPAddress('192.0.2.3'),
IPAddress('192.0.2.5'),
IPAddress('192.0.2.7'),
IPAddress('192.0.2.8'),
IPAddress('192.0.2.9'),
]
def parse_targets(self, targets_file):
self.raw_targets = open(targets_file, 'r').readlines()
re_range = re.compile('^(?P<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}-\d{1,3})$')
re_net = re.compile('^(?P<net>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/\d{1,2})$')
re_single = re.compile('^(?P<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$')
ip_list = []
''' detect if IP is a range, network or single host '''
for line in self.raw_targets:
line = line.strip()
if re_net.match(line):
# Network
network = netaddr.IPNetwork(line)
v4list = [str(x) for x in network if x.version == 4]
for ip in v4list:
ip_list.append(ip)
elif re_single.match(line):
# Single IP
ip_list.append(line)
elif re_range.match(line):
# IP range
iprange = netaddr.iter_nmap_range(line)
for ip in iprange:
ip = str(ip)
ip_list.append(ip)
# Break into specified groups size
self.targets = [ chunk for chunk in self.chunks(ip_list, self.group_size) ]
if len(self.targets) > 0:
if self.verbose:
self.print_blue("[+] Targets loaded successfully.")
else:
print "[+] Error loading targets."
sys.exit(1)
def parse_target_hosts(self, hosts, port):
"""Parses a list of hosts"""
if netaddr:
if netaddr.valid_nmap_range(hosts):
for ip in netaddr.iter_nmap_range(hosts):
yield (str(ip), port)
else:
for ip in netaddr.iter_unique_ips(hosts):
yield (str(ip), port)
else:
yield (hosts, port)
def parse_target_hosts(target_hosts, target_ports):
for port in target_ports.split(','):
for host in target_hosts.split(','):
if netaddr:
if netaddr.valid_nmap_range(host):
for ip in netaddr.iter_nmap_range(host):
yield (ip, port)
else:
for ip in netaddr.iter_unique_ips(host):
yield (ip, port)
else:
yield(host, port)
def parse_target_hosts(target_hosts, target_ports):
for port in parse_target_ports(target_ports):
for host in target_hosts.split(','):
if netaddr:
if netaddr.valid_nmap_range(host):
for ip in netaddr.iter_nmap_range(host):
yield (ip, port)
else:
for ip in netaddr.iter_unique_ips(host):
yield (ip, port)
else:
yield (host, port)
def get_ip_range(self, ip_block):
ip_range = None
if netaddr.valid_nmap_range(ip_block):
ip_range = list(netaddr.iter_nmap_range(ip_block))
else:
try:
ip_range = netaddr.IPGlob(ip_block)
except netaddr.AddrFormatError:
try:
ip_range = netaddr.IPNetwork(ip_block)
except netaddr.AddrFormatError:
pass
return ip_range
def test_iter_nmap_range_with_multiple_targets_including_cidr():
assert list(iter_nmap_range('192.168.0.0/29', '192.168.3-5,7.1', 'fe80::1')) == [
IPAddress('192.168.0.0'),
IPAddress('192.168.0.1'),
IPAddress('192.168.0.2'),
IPAddress('192.168.0.3'),
IPAddress('192.168.0.4'),
IPAddress('192.168.0.5'),
IPAddress('192.168.0.6'),
IPAddress('192.168.0.7'),
IPAddress('192.168.3.1'),
IPAddress('192.168.4.1'),
IPAddress('192.168.5.1'),
IPAddress('192.168.7.1'),
IPAddress('fe80::1'),
]
def process_targets(api_key, targets):
""" Take api_key and targets from main and perform the majority of the functions """
try:
api = shodan.Shodan(api_key)
results = []
for ip in netaddr.iter_nmap_range(targets):
result = shodan_host(api, ip)
# To get around request rate limit (1 request/second)
time.sleep(SLEEP_TIME)
if result:
results.append(result)
return results
except netaddr.AddrFormatError as e:
print(colored(f"\n[-] Error: {e}", "red"))
create_parser().print_help()
def main():
args = parse_args()
rpc = rpc_connect(host=args.rpc_host,
port=args.rpc_port,
ssl=args.rpc_ssl,
user=args.rpc_user,
passwd=args.rpc_passwd)
print("[+] Running {} against {}".format(args.exploit, args.targets))
if args.opts is None:
opts = {}
else:
opts = dict(opt.split('=') for opt in args.opts.split(','))
opts.update({'PAYLOAD': args.payload, 'DisablePayloadHandler': True})
for target_range in args.targets.split(','):
for target in iter_nmap_range(target_range):
opts['RHOST'] = str(target)
rpc.call('module.execute', ['exploit', args.exploit, opts])
print("[-] Launched exploit against {}".format(target))
print("[+] Done. It should be raining shells now!")
def test_iter_nmap_range_remove_duplicates():
assert list(iter_nmap_range('10.0.0.42,42-42')) == [IPAddress('10.0.0.42')]
def test_iter_nmap_range_invalid():
with pytest.raises(AddrFormatError):
list(iter_nmap_range('fe80::/64'))
def explode_ip_ranges(ranges):
result = []
for r in ranges.split(','):
for ip in iter_nmap_range(r):
result.append(str(ip))
return result