def nmap_fin_scan(self, host): """ Perform scan using nmap's fin scan @cmd nmap -sF 192.168.178.1 """ fin_scan = " {host} {default}".format(host=host, default=self.fin_scan) fin_scan_command = self.default_command() + fin_scan fin_scan_shlex = shlex.split(fin_scan_command) # prepare it parser = NmapCommandParser(None) # Use the ping scan parser output = self.run_command(fin_scan_shlex) xml_root = self.get_xml_et(output) fin_results = parser.parse_nmap_idlescan(xml_root) return fin_results
class NmapScanTechniques(Nmap): """ Extends Nmap to include nmap commands with different scan techniques This scan techniques include 1) TCP SYN Scan (-sS) 2) TCP connect() scan (-sT) 3) FIN Scan (-sF) 4) Ping Scan (-sP) 5) Idle Scan (-sI) """ def __init__(self, path=None): super(NmapScanTechniques, self).__init__(path=path) self.sync_scan = "-sS" self.tcp_connt = "-sT" self.fin_scan = "-sF" self.ping_scan = "-sP" self.idle_scan = "-sL" self.udp_scan = "-sU" self.parser = NmapCommandParser(None) # Unique method for repetitive tasks - Use of 'target' variable instead of 'host' or 'subnet' - no need to make difference between 2 strings that are used for the same purpose. Creating a scan template as a switcher def scan_command(self, scan_type, target, args): def tpl(i): scan_template = { 1:self.fin_scan, 2:self.sync_scan, 3:self.tcp_connt, 4:self.ping_scan, 5:self.idle_scan, 6:self.udp_scan } return scan_template.get(i) for i in range (1, 7): if scan_type == tpl(i): scan = " {target} {default}".format(target=target, default=scan_type) scan_type_command = self.default_command() + scan if(args): scan_type_command += " {0}".format(args) scan_shlex = shlex.split(scan_type_command) # Use the ping scan parser output = self.run_command(scan_shlex) xml_root = self.get_xml_et(output) return xml_root def nmap_fin_scan(self, target, args=None): """ Perform scan using nmap's fin scan @cmd nmap -sF 192.168.178.1 """ self.require_root() xml_root = self.scan_command(self.fin_scan, target=target, args=args) fin_results = self.parser.parse_nmap_idlescan(xml_root) return fin_results def nmap_syn_scan(self, target, args=None): """ Perform syn scan on this given target @cmd nmap -sS 192.168.178.1 """ self.require_root() xml_root = self.scan_command(self.sync_scan, target=target, args=args) # Use the top_port_parser self.top_ports = self.parser.filter_top_ports(xml_root) return self.top_ports def nmap_tcp_scan(self, target, args=None): """ Scan target using the nmap tcp connect @cmd nmap -sT 192.168.178.1 """ if(args): assert(isinstance(args, str)), "Expected string got {0} instead".format(type(args)) xml_root = self.scan_command(self.tcp_connt, target=target, args=args) tcp_results = self.parser.filter_top_ports(xml_root) return tcp_results def nmap_udp_scan(self, target, args=None): """ Scan target using the nmap tcp connect @cmd nmap -sU 192.168.178.1 """ self.require_root() if(args): assert(isinstance(args, str)), "Expected string got {0} instead".format(type(args)) xml_root = self.scan_command(self.udp_scan, target=target, args=args) tcp_results = self.parser.filter_top_ports(xml_root) return tcp_results def nmap_ping_scan(self, target, args=None): """ Scan target using nmaps' ping scan @cmd nmap -sP 192.168.178.1 """ xml_root = self.scan_command(self.ping_scan, target=target, args=args) ping_results = self.parser.parse_nmap_pingscan(xml_root) return ping_results def nmap_idle_scan(self, target, args=None): """ Using nmap idle_scan @cmd nmap -sL 192.168.178.1 """ xml_root = self.scan_command(self.idle_scan, target=target, args=args) idle_results = self.parser.parse_nmap_pingscan(xml_root) return idle_results