Scan method updated to nmap

This commit is contained in:
xdavidhu 2017-03-11 10:53:38 +01:00
parent c58a2e19ca
commit 0a8c70d5e7
4 changed files with 34 additions and 73 deletions

View File

@ -23,23 +23,27 @@ Authors: `Nikolaos Kamarinakis <mailto:nikolaskam@gmail.com>`_ & `David Schütz
------------- -------------
Installation Linux Installation
------------- ----------------------
You can download KickThemOut by cloning the `Git Repo <https://github.com/k4m4/kickthemout>`_ and simply installing its requirements:: You can download KickThemOut by cloning the `Git Repo <https://github.com/k4m4/kickthemout>`_ and simply installing its requirements::
$ sudo apt-get update && sudo apt-get install nmap
$ git clone https://github.com/k4m4/kickthemout.git $ git clone https://github.com/k4m4/kickthemout.git
$ cd kickthemout/ $ cd kickthemout/
$ sudo pip install -r requirements.txt $ sudo python pip install -r requirements.txt
Mac OS X Installation Mac OS X Installation
---------------------- ----------------------
If you would like to install KickThemOut on a Mac, please run the following:: If you would like to install KickThemOut on a Mac, please run the following::
$ sudo pip install pcapy $ sudo python pip install pcapy
$ brew install nmap
$ brew install libdnet scapy $ brew install libdnet scapy
@ -47,6 +51,10 @@ If you would like to install KickThemOut on a Mac, please run the following::
$ git clone https://github.com/k4m4/kickthemout.git $ git clone https://github.com/k4m4/kickthemout.git
$ cd kickthemout/
$ sudo python pip install -r requirements.txt
**NOTE**: You need to have `Homebrew <http://brew.sh/>`_ installed before running the Mac OS installation. **NOTE**: You need to have `Homebrew <http://brew.sh/>`_ installed before running the Mac OS installation.
Demo Demo

View File

@ -111,7 +111,7 @@ def regenOnlineIPs():
def scanNetwork(): def scanNetwork():
global hostsList global hostsList
try: try:
hostsList = scan.scanNetwork() hostsList = scan.scanNetwork(getDefaultInterface(True))
except KeyboardInterrupt: except KeyboardInterrupt:
print('\n\n{0}Thanks for dropping by.\nCatch ya later!{1}').format(GREEN, END) print('\n\n{0}Thanks for dropping by.\nCatch ya later!{1}').format(GREEN, END)
raise SystemExit raise SystemExit
@ -286,7 +286,7 @@ def kickalloff():
time.sleep(0.5) time.sleep(0.5)
print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END) print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END)
def getDefaultInterface(): def getDefaultInterface(returnNet=False):
def long2net(arg): def long2net(arg):
if (arg <= 0 or arg >= 0xFFFFFFFF): if (arg <= 0 or arg >= 0xFFFFFFFF):
raise ValueError("illegal netmask value", hex(arg)) raise ValueError("illegal netmask value", hex(arg))
@ -307,7 +307,10 @@ def getDefaultInterface():
if interface != scapy.config.conf.iface: if interface != scapy.config.conf.iface:
continue continue
if net: if net:
return interface if returnNet:
return net
else:
return interface
def getGatewayIP(): def getGatewayIP():
try: try:

View File

@ -1 +1,2 @@
scapy scapy
python-nmap

75
scan.py
View File

@ -1,69 +1,18 @@
#!/usr/bin/env python #!/usr/bin/env python
# -.- coding: utf-8 -.- # -.- coding: utf-8 -.-
# scan.py # scan.py
# author: Benedikt Waldvogel (MIT Licensed)
# edited by: k4m4 & xdavidhu
import logging def scanNetwork(network):
logging.getLogger("scapy.runtime").setLevel(logging.ERROR) returnlist = []
import scapy.config, scapy.layers.l2, scapy.route, socket, math, errno import nmap
nm = nmap.PortScanner()
a = nm.scan(hosts=network, arguments='-sP')
def scanNetwork(): for k, v in a['scan'].iteritems():
if str(v['status']['state']) == 'up':
try:
returnlist.append([str(v['addresses']['ipv4']), str(v['addresses']['mac'])])
except:
pass
def long2net(arg): return returnlist
if (arg <= 0 or arg >= 0xFFFFFFFF):
raise ValueError("illegal netmask value", hex(arg))
return 32 - int(round(math.log(0xFFFFFFFF - arg, 2)))
def to_CIDR_notation(bytes_network, bytes_netmask):
network = scapy.utils.ltoa(bytes_network)
netmask = long2net(bytes_netmask)
net = "%s/%s" % (network, netmask)
if netmask < 16:
return None
return net
def scan_and_print_neighbors(net, interface, timeout=1):
hostsList = []
try:
ans, unans = scapy.layers.l2.arping(net, iface=interface, timeout=timeout, verbose=False)
for s, r in ans.res:
mac = r.sprintf("%Ether.src%")
ip = r.sprintf("%ARP.psrc%")
line = r.sprintf("%Ether.src% %ARP.psrc%")
hostsList.append([ip, mac])
try:
hostname = socket.gethostbyaddr(r.psrc)
line += "," + hostname[0]
except socket.herror:
pass
except socket.error as e:
if e.errno == errno.EPERM: # Operation not permitted
exit()
else:
raise
return hostsList
for network, netmask, _, interface, address in scapy.config.conf.route.routes:
# skip loopback network and default gw
if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0':
continue
if netmask <= 0 or netmask == 0xFFFFFFFF:
continue
# Skip APIPA network (corresponds to the 169.254.0.0/16 address range)
# See https://fr.wikipedia.org/wiki/Automatic_Private_Internet_Protocol_Addressing for more details
if network == 2851995648:
continue
net = to_CIDR_notation(network, netmask)
if interface != scapy.config.conf.iface:
# see http://trac.secdev.org/scapy/ticket/537
continue
if net:
return scan_and_print_neighbors(net, interface)