-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtotal_Scan.py
141 lines (98 loc) · 3.29 KB
/
total_Scan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
from Genaral_Port import *
from OS import *
OS_DB_CREATE()
list_port=[]
dict_port={}
general_port(dict_port,list_port)
import re
import socket
import argparse
import logging
import subprocess
logging.getLogger("scapy.runtime").setLevel(logging.ERROR) #This is supress scapy warnings
from scapy.all import *
conf.verb=0 # enable verbose mode - Is this actually working?
conf.nofilter=0
class MAC_ADDRESS_CLASS:
def __init__(self):
global MAC_LIST
f2=open('MAC_ADDRESS_DB.txt','r')
MAC_LIST=f2.read().split('\n')
def MAC_ADDRESS(self,mac_Address):
self.MAC=mac_Address.strip().split(':')
MAC=str(self.MAC[0])+str(self.MAC[1])+str(self.MAC[2])
for M in MAC_LIST:
if re.search(MAC,M, re.IGNORECASE):
return M.split(' ')[1].strip()
def MAC_DISCOVER(host,timeout):
p = sr1(ARP(op=ARP.who_has,pdst=host),timeout=timeout)
if p is not None: return p.hwsrc
def SYN_scan(dst_ip,dst_port,dst_timeout):
stealth_scan_resp = sr1(IP(dst=dst_ip)/TCP(dport=dst_port,flags="S"),timeout=dst_timeout)
if(str(type(stealth_scan_resp))=="<type 'NoneType'>"):
return "Filtered"
elif(stealth_scan_resp.haslayer(TCP)):
if(stealth_scan_resp.getlayer(TCP).flags == 0x12):
send_rst = sr(IP(dst=dst_ip)/TCP(dport=dst_port,flags="R"),timeout=dst_timeout)
return "Open"
elif (stealth_scan_resp.getlayer(TCP).flags == 0x14):
return "Closed"
elif(stealth_scan_resp.haslayer(ICMP)):
if(int(stealth_scan_resp.getlayer(ICMP).type)==3 and int(stealth_scan_resp.getlayer(ICMP).code) in [1,2,3,9,10,13]):
return "Filtered"
else:
return "CHECK"
live_host=[]
M=MAC_ADDRESS_CLASS()
showport="""
----------------------------
Port\tState\tService'
----------------------------
"""
no=0;
timeout=0.1
d_ip='192.168.1.'
intro="""
SCAN & Exploit Vulnerability NETWORK DEMO V1.69
"""
mac_show="""
--------------------------------------------------------------------
|HOST\t\tName\t\tMAC-ADDRESS\t\tCompany\t |
--------------------------------------------------------------------
"""
print intro
lst=[9000,21,22,23,25,53,67,80,135,136,137,138,139,443,445,554,912,3389,5357,5337]
for i in range(1,52):
print mac_show
open_port=[]
host=d_ip+str(i)
print host
get_mac=MAC_DISCOVER(host,timeout)
if get_mac:
MAC=M.MAC_ADDRESS(get_mac)
try:
NAME=socket.gethostbyaddr(host)[0]
except:
NAME='\t'
print host,'\t',NAME,'\t',get_mac,'\t',MAC,'\n'
if no==0: print showport
for p in lst:
if p<9500:
port=str(p)
state=SYN_scan(host,p,timeout)
if state== "Open":
if port in dict_port:
print p,'\t',state,'\t',dict_port[port]
else: print p,'\t',state
open_port.append(i)
live_host.append([host,open_port])
no=no+1
#scan OS
dst_timeout=0.01
print '\n--------------------------------------------------------------------'
print 'OS\tVERSION\tPLATFORM\tTOS\tTTL\tDF\tWINDOW'
print '--------------------------------------------------------------------\n'
if len(open_port)>0:
for dst_port in open_port:
#print dst_port
OS_scan(host,dst_port,dst_timeout)