dustyfresh/howdyneighbor.js

## howdyneighbor.js
#!/usr/bin/env node
/*
    howdyneighbor.js - playing with the libnmap NodeJS module. This identifies
    neighboring machines on the same network and tells you if they are
    leaving any interesting ports open. It's really good for finding routers :)

    @dustyfresh, license for this gist is WTFPL [ http://www.wtfpl.net/ ]

  OSX INSTALL INSTRUCTIONS:
        $ npm i requests
        $ brew install nmap
        $ npm i node-libnmap
        $ sudo ln -s /usr/local/bin/nmap /usr/bin/nmap
        $ chmod +x ./howdyneighbor.js
        $ ./howdyneighbor.js
*/
require('node-libnmap').nmap('discover', function(err, report){
  report[1].neighbors.forEach(function(ip){
    var opts = {
      range: [ip],
      ports: '21,22,80,8080'
    }
    var ports = {
      0: 21,
      1: 22,
      2: 80,
      3: 8080
    }
    require('node-libnmap').nmap('scan', opts, function(err, report){
      if (err) throw err;
      report.forEach(function(item){
        var request = require('request'),
          ftpStatus = item[0].ports[0].state,
          sshStatus = item[0].ports[1].state,
          httpStatus = item[0].ports[2].state,
          httpsStatus = item[0].ports[3].state;
          if(httpStatus == "open"){
            // could do something here like if status == 401 then initiate
            // a brute force attack, or shove the header data into mongo
            request("http://" + ip, function(error, response, body) {
              var reqStatus = response.statusCode;
              var reqHeaders = response.headers;
              console.log(ip + " is accepting on port 80, HTTP STATUS: " + reqStatus);
            });
          }
          if(httpsStatus == "open"){
            // could do something here like if status == 401 then initiate
            // a brute force attack, or shove the header / SSL data into mongo
            request("https://" + ip, function(error, response, body) {
              var reqStatus = response.statusCode;
              var reqHeaders = response.headers;
              console.log(ip + " is accepting on port 443, HTTPS STATUS: " + reqStatus);
            });
          }
          if(ftpStatus == "open"){
            // a brute force attack, or shove the header data into mongo
            console.log(ip + " - FTP open!\n");
          }
          if(sshStatus == "open"){
            // could add SSH bruteforcing here as well if found open
            console.log(ip + " - SSH open!\n");
          }
      });
    });
  });
});
	#!/usr/bin/env node
	/*
	howdyneighbor.js - playing with the libnmap NodeJS module. This identifies
	neighboring machines on the same network and tells you if they are
	leaving any interesting ports open. It's really good for finding routers :)

	@dustyfresh, license for this gist is WTFPL [ http://www.wtfpl.net/ ]

	OSX INSTALL INSTRUCTIONS:
	$ npm i requests
	$ brew install nmap
	$ npm i node-libnmap
	$ sudo ln -s /usr/local/bin/nmap /usr/bin/nmap
	$ chmod +x ./howdyneighbor.js
	$ ./howdyneighbor.js
	*/
	require('node-libnmap').nmap('discover', function(err, report){
	report[1].neighbors.forEach(function(ip){
	var opts = {
	range: [ip],
	ports: '21,22,80,8080'
	}
	var ports = {
	0: 21,
	1: 22,
	2: 80,
	3: 8080
	}
	require('node-libnmap').nmap('scan', opts, function(err, report){
	if (err) throw err;
	report.forEach(function(item){
	var request = require('request'),
	ftpStatus = item[0].ports[0].state,
	sshStatus = item[0].ports[1].state,
	httpStatus = item[0].ports[2].state,
	httpsStatus = item[0].ports[3].state;
	if(httpStatus == "open"){
	// could do something here like if status == 401 then initiate
	// a brute force attack, or shove the header data into mongo
	request("http://" + ip, function(error, response, body) {
	var reqStatus = response.statusCode;
	var reqHeaders = response.headers;
	console.log(ip + " is accepting on port 80, HTTP STATUS: " + reqStatus);
	});
	}
	if(httpsStatus == "open"){
	// could do something here like if status == 401 then initiate
	// a brute force attack, or shove the header / SSL data into mongo
	request("https://" + ip, function(error, response, body) {
	var reqStatus = response.statusCode;
	var reqHeaders = response.headers;
	console.log(ip + " is accepting on port 443, HTTPS STATUS: " + reqStatus);
	});
	}
	if(ftpStatus == "open"){
	// a brute force attack, or shove the header data into mongo
	console.log(ip + " - FTP open!\n");
	}
	if(sshStatus == "open"){
	// could add SSH bruteforcing here as well if found open
	console.log(ip + " - SSH open!\n");
	}
	});
	});
	});
	});