Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-04-27 19:16:08 -04:00
Code Issues Packages Projects Releases Wiki Activity

more scapy scripts: nmap and super scanner

Browse Source
This commit is contained in:
Mari Wahl 2014-12-28 21:31:21 -05:00
parent 34d0cc0ae7
commit ba1c777dd9
3 changed files with 115 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
Network_and_802.11/scapy/icmp_ping_sweep.py Normal file
View File

@ -0,0 +1,33 @@
#!/usr/bin/env python
__author__ = "bt3"
from scapy.all import *
import netaddr
RANGE = "192.168.1.0/24"
def sweep():
addresses = netaddr.IPNetwork(RANGE)
liveCounter = 0
for host in addresses:
if (host == addresses.network or host == addresses.broadcast):
continue
resp = sr1(IP(dst=str(host))/ICMP(),timeout=2,verbose=0)
if (str(type(resp)) == "<type 'NoneType'>"):
print str(host) + " is down or not responding."
elif (int(resp.getlayer(ICMP).type)==3 and int(resp.getlayer(ICMP).code) in [1,2,3,9,10,13]):
print str(host) + " is blocking ICMP."
else:
print str(host) + " is responding."
liveCounter += 1
print "Out of " + str(addresses.size) + " hosts, " + str(liveCounter) + " are online."
if __name__ == '__main__':
sweep()

32
Network_and_802.11/scapy/nmap.py Normal file
View File

@ -0,0 +1,32 @@
#!/usr/bin/env python
__author__ = "bt3"
from scapy.all import *
import random
HOST = "192.168.1.25"
PORTS = [22, 23, 25, 80, 443, 8000]
def nmap():
for dport in PORTS:
sport = random.randint(1025, 65534)
resp = sr1(IP(dst=HOST)/TCP(sport=sport,dport=dport,flags="S"), timeout=1,verbose=0)
if (str(type(resp)) == "<type 'NoneType'>"):
print HOST + ":" + str(dport) + " is filtered (dropped)."
elif(resp.haslayer(TCP)):
if(resp.getlayer(TCP).flags == 0x12):
send_rst = sr(IP(dst=HOST)/TCP(sport=sport,dport=dport,flags="R"),timeout=1,verbose=0)
print HOST + ":" + str(dport) + " is open."
elif (resp.getlayer(TCP).flags == 0x14):
print HOST + ":" + str(dport) + " is closed."
elif(resp.haslayer(ICMP)):
if(int(resp.getlayer(ICMP).type)==3 and int(resp.getlayer(ICMP).code) in [1,2,3,9,10,13]):
print HOST + ":" + str(dport) + " is filtered (dropped)."
if __name__ == '__main__':
nmap()

50
Network_and_802.11/scapy/super_scanner.py Normal file
View File

@ -0,0 +1,50 @@
#!/usr/bin/env python
__author__ = "bt3"
from scapy.all import *
import netaddr
import random
RANGE = "192.168.1.0/24"
PORTS = [22,23,80,443,449]
addresses = netaddr.IPNetwork(RANGE)
def portScan(host, ports):
for dstPort in ports:
srcPort = random.randint(1025,65534)
resp = sr1(IP(dst=host)/TCP(sport=srcPort,dport=dstPort,flags="S"),timeout=1,verbose=0)
if (str(type(resp)) == "<type 'NoneType'>"):
print host + ":" + str(dstPort) + " is filtered (silently dropped)."
elif(resp.haslayer(TCP)):
if(resp.getlayer(TCP).flags == 0x12):
send_rst = sr(IP(dst=host)/TCP(sport=srcPort,dport=dstPort,flags="R"),timeout=1,verbose=0)
print host + ":" + str(dstPort) + " is open."
elif (resp.getlayer(TCP).flags == 0x14):
print host + ":" + str(dstPort) + " is closed."
elif(resp.haslayer(ICMP)):
if(int(resp.getlayer(ICMP).type)==3 and int(resp.getlayer(ICMP).code) in [1,2,3,9,10,13]):
print host + ":" + str(dstPort) + " is filtered (silently dropped)."
def super_scanner():
liveCounter = 0
for addr in addresses:
if (addr == addresses.network or addr == addresses.broadcast):
continue
resp = sr1(IP(dst=str(addr))/ICMP(),timeout=2,verbose=0)
if (str(type(resp)) == "<type 'NoneType'>"):
print str(addr) + " is down or not responding."
elif (int(resp.getlayer(ICMP).type)==3 and int(resp.getlayer(ICMP).code) in [1,2,3,9,10,13]):
print str(addr) + " is blocking ICMP."
else:
portScan(str(addr),PORTS)
liveCounter += 1
print "Out of " + str(addresses.size) + " hosts, " + str(liveCounter) + " are online."
if __name__ == '__main__':
super_scanner()