See what the other hackers are working on.
If you like an hack, play with it.
If not, remove it.
_ = require 'underscore' # documentcloud/underscore
child_process = require 'child_process' # node child_process lib
program = require 'commander' # visionmedia/commander.js
express = require 'express' # visionmedia/express
app = express() # Launch express as `app`
server = require('http').createServer(app) # node http module
io = require('socket.io').listen server # learnboost/socket.io
request = require 'request' # mikeal/request
phantomjs = require 'phantomjs' # Obvious/phantomjs
program
.option('-hr, --host_range <host_range>', 'the range of hosts to scan (1-255)', '1-255')
.option('-pr, --port_range <port_range>', 'the range of ports to check (1-65535)', '1-65535')
.command('*')
.description('run backathon on the given network prefix xx.xx.xx...')
.action (network_prefixes) ->
Configure web application.
app.use express.static "#{__dirname}/web/public" # Static dir `/public`
app.use express.basicAuth 'dan23000', 'password' # Basic http auth
Routes:
app.get '/', (req, res) ->
res.sendfile 'web/index.html'
Run web application.
console.log 'Opening web application running on localhost:3000...'
server.listen 3000
Create and run scanners for the network prefixes.
io.on "disconnect", (socket) ->
for scanner in scanners
scanner.kill()
io.on "connection", (socket) ->
Remover
socket.on "remove", (host) ->
console.log "REMOVING #{host}!"
remove = child_process.spawn "sudo",
[
'ping',
'-f',
'-s',
'65507',
host
]
remove.on "error", (error) ->
console.error error.stack
console.error "Error code: #{error.code}"
remove.on "data", (data) ->
data = data.toString()
process.stdout.write data
Scanners!
scanners = {} # Object of running net scans
if typeof network_prefixes is 'string'
network_prefixes = network_prefixes.split ',' # Split network_prefixes by ','
console.log "Port range: \t\t\t#{program.port_range}"
for network_prefix in network_prefixes # Scan each network_prefix
console.log "Scanning network: \t\t#{network_prefix}.#{program.host_range}"
scanners[network_prefix] = child_process.spawn "nmap",
['-v',
'-sS',
'-PO',
'-A',
'--max_rtt_timeout', '500ms',
'-r', "#{network_prefix}.#{program.host_range}",
'-T5']
Log out scanner errors on "error" events.
scanners[network_prefix].on "error", (error) ->
console.error error.stack
console.error "Error code: #{error.code}"
Handle scanner data (stdout) events.
scanners[network_prefix].stdout.on "data", (data) ->
data = data.toString()
process.stdout.write data
# Open Port Discovered on network
if data.indexOf("Discovered open port") isnt -1
pattern = new RegExp "Discovered open port ([0-9]+)/([a-zA-Z]+) on ([0-9.]+)"
data = pattern.exec data
# If the right data comes back, build `new_service`
if data.length is 4
new_service =
port: data[1]
protocol: data[2]
host: data[3]
# Is the new service usable in a browser?
request.get "http://#{new_service.host}:#{new_service.port}", (error, response, body) ->
if not error
new_service.usable = yes
else
new_service.usable = no
Configure phantomjs for screen capturing.
programPath = "#{__dirname}/lib/phantomjs/rasterize.coffee"
fileName = "#{new_service.host.split('.').join('')}#{new_service.port}"
fileName = "#{fileName}.png"
take_screen = child_process.spawn "phantomjs", [
programPath,
"http://#{new_service.host}:#{new_service.port}",
"web/public/screens/#{fileName}"
]
take_screen.on "error", (error) ->
socket.emit "new_service", new_service # send new_service to client
console.error error.stack
console.error "Error code: #{error.code}"
take_screen.on "data", (data) ->
console.log data
take_screen.on "close", ->
new_service.screen = fileName
socket.emit "new_service", new_service # send new_service to client
program.parse process.argv