diff options
-rwxr-xr-x | autoscan/autoscan.py | 135 |
1 files changed, 107 insertions, 28 deletions
diff --git a/autoscan/autoscan.py b/autoscan/autoscan.py index f3a5734..64e8759 100755 --- a/autoscan/autoscan.py +++ b/autoscan/autoscan.py @@ -21,9 +21,6 @@ # * public IP (curl ifconfig.me) # * ping 8.8.8.8 -# TODO -# rename log directory to YYYYMMDD_hhmmss_interface_[pubip/localip] - import sys import os import time @@ -31,15 +28,26 @@ import subprocess import traceback import re import argparse +import shutil +import errno class Autoscan_iface(object): - PUBIP = "8.8.8.8" - - def __init__(self, iface, logpath=".", verbose=False): + def __init__(self, iface, logpath=".", pubip="8.8.8.8", verbose=0): self.iface = iface self.logpath = logpath self.verbose = verbose + self.pubip = pubip self.date = None # set by _do_tests() + if 'SUDO_UID' in os.environ and 'SUDO_GID' in os.environ: + self.perm_uid = int(os.environ['SUDO_UID']) + self.perm_gid = int(os.environ['SUDO_GID']) + else: + self.perm_uid = os.getuid() + self.perm_gid = os.getgid() + self.found_ip4 = None + self.found_ip6 = None + self.found_pubip = None + self.found_dns = list() def monitor(self): self._do_tests() @@ -74,24 +82,36 @@ class Autoscan_iface(object): def _do_tests(self): self.date = time.strftime("%Y%m%d_%H%M%S", time.gmtime()) + self._do_tests_run(self._test_pcap) self._do_tests_run(self._test_ifconfig) self._do_tests_run(self._test_iwconfig) self._do_tests_run(self._test_route) - #self._do_tests_run(self._test_resolv) - #self._do_tests_run(self._test_pubip_get) + self._do_tests_run(self._test_resolv) + self._do_tests_run(self._test_pubip_get) self._do_tests_run(self._test_pubip_ping) - #self._do_tests_run(self._test_pubip_traceroute) - #self._do_tests_run(self._test_pcap) - #self._do_tests_run(self._test_scan) - # XXX rename dir + self._do_tests_run(self._test_pubip_traceroute) + self._do_tests_run(self._test_resolv_traceroute) + self._do_tests_run(self._test_explor_traceroute) + self._do_tests_run(self._test_explor_scan) + # XXX rename dir to YYYYMMDD_hhmmss_interface_[pubip/localip] def _do_tests_run(self, func): try: + if self.verbose >= 1: + print "[-] %s" % func func() except Exception, e: print("test %s failed: %s" % (func, e)) traceback.print_exc() + def _test_pcap(self): + if os.fork() != 0: + return + # child + os.system("$(tcpdump -ni %s -w %s 2>/dev/null & sleep 10; kill %%1) &" % ( + self.iface, self._storepath_get("pcap/tcpdump.pcap"))) + sys.exit(0) + def _test_ifconfig(self): out, err, code = self._exec( ['ifconfig', self.iface]) @@ -99,9 +119,13 @@ class Autoscan_iface(object): up = re.search(r'UP', out) if up: self._store("ifconfig/up", "") ip4 = re.search(r'inet (\S+)', out) - if ip4: self._store("ifconfig/ip4", ip4.group(1)) + if ip4: + self._store("ifconfig/ip4", ip4.group(1)) + self.found_ip4 = ip4.group(1) ip6 = re.search(r'inet6 (\S+)', out) - if ip6: self._store("ifconfig/ip6", ip6.group(1)) + if ip6: + self._store("ifconfig/ip6", ip6.group(1)) + self.found_ip6 = ip6.group(1) def _test_iwconfig(self): out, err, code = self._exec( @@ -121,12 +145,56 @@ class Autoscan_iface(object): gw = re.findall(r'(\S+)', out.split('\n')[2])[1] if gw: self._store("route/gw", gw) + def _test_resolv(self): + shutil.copy("/etc/resolv.conf", self._storepath_get("resolv/resolv.conf")) + n = 0 + with open("/etc/resolv.conf") as f: + for line in f: + r = re.search('nameserver (\S+)', line) + if r: + dns = r.group(1) + self._store("resolv/dns%d" % n, dns) + self.found_dns.append(dns) + n += 1 + + + def _test_pubip_get(self): + out, err, code = self._exec( + ['curl', 'ifconfig.me']) + self._store("pubip_get/ip", out) + self.found_pubip = out + def _test_pubip_ping(self): out, err, code = self._exec( - ['ping', '-W', '3', '-c', '1', self.PUBIP]) + ['ping', '-W', '3', '-c', '1', self.pubip]) self._store("pubip_ping/code", code) self._store("pubip_ping/out", out) + def _test_resolv_traceroute(self): + for dns in self.found_dns: + self._store("resolv_traceroute/out", + self._util_traceroute(dns)) + + def _test_pubip_traceroute(self): + self._store("pubip_traceroute/out", + self._util_traceroute(self.pubip)) + + def _test_explor_traceroute(self): + targets = ["192.168.0.1", "192.168.1.1", "192.168.2.1", "10.0.0.1", "172.16.0.1"] + for t in targets: + self._store("explor_traceroute/out_%s" % t, + self._util_traceroute(t)) + + def _util_traceroute(self, target): + out, err, code = self._exec( + ['traceroute', target]) + return out + + def _test_explor_scan(self): + target = re.sub('\.[0-9]+$', '', self.found_ip4) + "/24" # XXX v6 + out, err, code = self._exec( + ['nmap', '-oA', os.path.dirname(self._storepath_get("explor_scan/localnet")), '-p', '21,22,23,445,80,443,8080,8081,8082,8083', target]) + def _exec(self, cmd): p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) @@ -134,37 +202,47 @@ class Autoscan_iface(object): return out, err, p.returncode def _store(self, suffix, txt): - name = "%s/%s_%s/%s" % (self.logpath, - self.date, self.iface, suffix) - d = os.path.dirname(name) - if not os.path.isdir(d): - os.makedirs(d) - if self.verbose: + name = self._storepath_get(suffix) + if self.verbose >= 2: print("%s = %s" % (name, txt)) f = open(name, "w+") f.write(str(txt)) f.close() + os.chown(name, self.perm_uid, self.perm_gid) + + def _storepath_get(self, suffix=""): + path = "%s/%s_%s/%s" % (self.logpath, self.date, self.iface, + suffix) + d = os.path.dirname(path) + if not os.path.isdir(d): + os.makedirs(d) + subprocess.check_output(['chown', '-R', '%s:%s' % (self.perm_uid, self.perm_gid), self.logpath]) # pythonic way is awefull + return path +if not os.geteuid() == 0: + sys.exit('must be root') # XXX all ifaces by default, use netifaces parser = argparse.ArgumentParser() parser.add_argument("interfaces", nargs='+', - help="Interfaces to use") + help="Interface(s) to use") parser.add_argument("-f", "--foreground", action="store_true", help="Run in foreground, do not daemonize") parser.add_argument("-o", "--outdir", action="store", default=".", - help="increase output verbosity") + help="Use DIR as output directory") +parser.add_argument("-p", "--pubip", action="store", default="8.8.8.8", + help="Use target IP for public IP tests") parser.add_argument("-r", "--runnow", action="store_true", help="Run tests/scans now and exit") parser.add_argument("-v", "--verbose", action="store_true", - help="increase output verbosity") + help="Increase output verbosity, default=0, max=2") args = parser.parse_args() for iface in args.interfaces: - pid = os.fork() - if pid == 0: - autoscan = Autoscan_iface(iface, args.outdir, args.verbose) + if os.fork() == 0: + autoscan = Autoscan_iface(iface, args.outdir, args.pubip, + args.verbose) if args.runnow: autoscan.run_now() else: @@ -172,7 +250,8 @@ for iface in args.interfaces: # UNREACHED if args.foreground: + # wait for all iface forks and subchilds while True: - try: os.wait() # XXX wait all pids ? + try: os.wait() except: break |