Last active
March 9, 2016 18:11
-
-
Save dustyfresh/87ef8f805c50e06ef4ef to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env node | |
/* | |
howdyneighbor.js - playing with the libnmap NodeJS module. This identifies | |
neighboring machines on the same network and tells you if they are | |
leaving any interesting ports open. It's really good for finding routers :) | |
@dustyfresh, license for this gist is WTFPL [ http://www.wtfpl.net/ ] | |
OSX INSTALL INSTRUCTIONS: | |
$ npm i requests | |
$ brew install nmap | |
$ npm i node-libnmap | |
$ sudo ln -s /usr/local/bin/nmap /usr/bin/nmap | |
$ chmod +x ./howdyneighbor.js | |
$ ./howdyneighbor.js | |
*/ | |
require('node-libnmap').nmap('discover', function(err, report){ | |
report[1].neighbors.forEach(function(ip){ | |
var opts = { | |
range: [ip], | |
ports: '21,22,80,8080' | |
} | |
var ports = { | |
0: 21, | |
1: 22, | |
2: 80, | |
3: 8080 | |
} | |
require('node-libnmap').nmap('scan', opts, function(err, report){ | |
if (err) throw err; | |
report.forEach(function(item){ | |
var request = require('request'), | |
ftpStatus = item[0].ports[0].state, | |
sshStatus = item[0].ports[1].state, | |
httpStatus = item[0].ports[2].state, | |
httpsStatus = item[0].ports[3].state; | |
if(httpStatus == "open"){ | |
// could do something here like if status == 401 then initiate | |
// a brute force attack, or shove the header data into mongo | |
request("http://" + ip, function(error, response, body) { | |
var reqStatus = response.statusCode; | |
var reqHeaders = response.headers; | |
console.log(ip + " is accepting on port 80, HTTP STATUS: " + reqStatus); | |
}); | |
} | |
if(httpsStatus == "open"){ | |
// could do something here like if status == 401 then initiate | |
// a brute force attack, or shove the header / SSL data into mongo | |
request("https://" + ip, function(error, response, body) { | |
var reqStatus = response.statusCode; | |
var reqHeaders = response.headers; | |
console.log(ip + " is accepting on port 443, HTTPS STATUS: " + reqStatus); | |
}); | |
} | |
if(ftpStatus == "open"){ | |
// a brute force attack, or shove the header data into mongo | |
console.log(ip + " - FTP open!\n"); | |
} | |
if(sshStatus == "open"){ | |
// could add SSH bruteforcing here as well if found open | |
console.log(ip + " - SSH open!\n"); | |
} | |
}); | |
}); | |
}); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment