Created
April 8, 2023 12:35
-
-
Save 0xInfection/6e02898a009983b2ff1e719a176e3b87 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # -*- coding: utf-8 -*- | |
| import sys | |
| import ipaddress | |
| import socket | |
| import requests | |
| from const import HTTP_PORTS | |
| def determine_http(ip: str, port: str): | |
| ''' | |
| Determines if an open port is running HTTP service or not | |
| ''' | |
| try: | |
| req = requests.get('http://' +ip + ':' + port, timeout=2) | |
| except requests.exceptions.ReadTimeout: | |
| print('[-] Port is open but not HTTP:', port) | |
| except requests.exceptions.ConnectTimeout: | |
| print('[-] Port is not open:', port) | |
| except Exception as e: | |
| print('[-] Exception found:', e.__str__()) | |
| print('[+] Port is serving HTTP:', port) | |
| print('[+] Status code found:', req.status_code) | |
| def port_scan(ip: str, port: int): | |
| ''' | |
| Scans a port on a host | |
| ''' | |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| sock.settimeout(2) | |
| res = sock.connect_ex((ip, port)) | |
| if res == 0: | |
| print('[+] Port open:', port) | |
| return True | |
| return False | |
| def user_input(): | |
| ''' | |
| Takes user input and parses the ip range format | |
| ''' | |
| alltargets = [] | |
| if len(sys.argv) < 2: | |
| print('[-] Please specify a target via the 1st argument.') | |
| quit() | |
| user_target = sys.argv[1] | |
| # cidr range handled | |
| if '/' in user_target: | |
| print('[+] CIDR range detected:', user_target) | |
| for i in ipaddress.IPv4Network(user_target, strict=False): | |
| alltargets.append(str(i)) | |
| elif '-' in user_target: | |
| octets = user_target.split('.') | |
| # 4th octet range handled | |
| if '-' in octets[-1]: | |
| foctet = octets[-1].split('-') | |
| for i in range(int(foctet[0]), int(foctet[1])+1): | |
| ip_addr = octets[0] + '.' + octets[1] + '.' + octets[2] + '.' + str(i) | |
| alltargets.append(ip_addr) | |
| # 3rd octet range handling | |
| if '-' in octets[2]: | |
| foctet = octets[2].split('-') | |
| for i in range(int(foctet[0]), int(foctet[1])+1): | |
| ip_addr = octets[0] + '.' + octets[1] + '.' + str(i) + '.' + octets[3] | |
| alltargets.append(ip_addr) | |
| # handle wildcard notation | |
| elif '*' in user_target: | |
| octets = user_target.split('.') | |
| if '*' in octets[-1]: | |
| for i in range(0, 256): | |
| alltargets.append(octets[0] + '.' + octets[1] + '.' + octets[2] + '.' + str(i)) | |
| if '*' in octets[2] and '*' not in octets[-1]: | |
| for i in range(0, 256): | |
| alltargets.append(octets[0] + '.' + octets[1] + '.' + str(i) + '.' + octets[3]) | |
| if '*' in octets[2] and '*' in octets[3]: | |
| for i in range(0, 256): | |
| for j in range(0, 256): | |
| alltargets.append(octets[0] + '.' + octets[1] + '.' + str(i) + '.' + str(j)) | |
| # single ip case | |
| else: | |
| alltargets.append(user_target) | |
| return alltargets | |
| def main(): | |
| ''' | |
| Main code wrapper around the tool | |
| ''' | |
| print(''' | |
| +---------------------+ | |
| | I N F R A S C A N | | |
| +---------------------+ | |
| ''') | |
| ips_toscan = user_input() | |
| for ip in ips_toscan: | |
| print('[*] Processing IP address:', ip) | |
| for port in HTTP_PORTS: | |
| if port_scan(ip, port): | |
| determine_http(ip, str(port)) | |
| if __name__ == '__main__': | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment