-
Notifications
You must be signed in to change notification settings - Fork 281
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #30 from Srinivas11789/bigRevamp
The Revamp - Phase 1
- Loading branch information
Showing
28 changed files
with
1,803 additions
and
85 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
import memory | ||
|
||
# Library Import | ||
import ipwhois | ||
from dns import reversename, resolver | ||
import socket | ||
# Module Import | ||
import pcap_reader | ||
import netaddr | ||
|
||
# Class Communication or Traffic Details Fetch | ||
|
||
class trafficDetailsFetch(): | ||
|
||
def __init__(self, option): | ||
for host in memory.destination_hosts: | ||
if not memory.destination_hosts[host]: | ||
if option == "whois": | ||
memory.destination_hosts[host] = self.whois_info_fetch(host) | ||
else: | ||
memory.destination_hosts[host] = self.dns(host) | ||
|
||
def whois_info_fetch(self, ip): | ||
try: | ||
whois_info = ipwhois.IPWhois(ip).lookup_rdap() | ||
except: | ||
whois_info = "NoWhoIsInfo" | ||
return whois_info | ||
|
||
def dns(self, ip): | ||
try: | ||
dns_info = socket.gethostbyaddr(ip)[0] | ||
except: | ||
dns_info = "NotResolvable" | ||
return dns_info | ||
|
||
def main(): | ||
capture = pcap_reader.PcapEngine('examples/test.pcap', "scapy") | ||
details = trafficDetailsFetch("sock") | ||
print(memory.destination_hosts) | ||
print("\n") | ||
|
||
#main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
""" | ||
Module device_details | ||
""" | ||
# Library Import | ||
import urllib#.request | ||
import json | ||
import logging | ||
# Module Import | ||
import pcap_reader | ||
import memory | ||
import threading | ||
from netaddr import * | ||
|
||
class fetchDeviceDetails: | ||
|
||
def __init__(self, option="ieee"): | ||
""" | ||
Init | ||
""" | ||
self.target_oui_database = option | ||
|
||
def fetch_info(self): | ||
for ip in memory.lan_hosts: | ||
if self.target_oui_database == "api": | ||
memory.lan_hosts[ip]["device_vendor"] = self.oui_identification_via_api(memory.lan_hosts[ip]["mac"]) | ||
else: | ||
memory.lan_hosts[ip]["device_vendor"], memory.lan_hosts[ip]["vendor_address"] = self.oui_identification_via_ieee(memory.lan_hosts[ip]["mac"]) | ||
mac = memory.lan_hosts[ip]["mac"].replace(":",".") | ||
if ":" in ip: | ||
ip_san = ip.replace(":",".") | ||
else: | ||
ip_san = ip | ||
memory.lan_hosts[ip]["node"] = ip_san+"\n"+mac+"\n"+memory.lan_hosts[ip]['device_vendor'] | ||
|
||
def oui_identification_via_api(self, mac): | ||
url = "http://macvendors.co/api/" + mac | ||
api_request = urllib.request.Request(url, headers={'User-Agent':'PcapXray'}) | ||
try: | ||
apiResponse = urllib.request.urlopen(api_request) | ||
details = json.loads(apiResponse.read()) | ||
#reportThread = threading.Thread(target=reportGen.reportGen().deviceDetailsReport,args=(details,)) | ||
#reportThread.start() | ||
return details["result"]["company"], details["result"]["address"] | ||
except Exception as e: | ||
logging.info("device_details module: oui identification failure via api" + str(e)) | ||
return "Unknown", "Unknown" | ||
|
||
def oui_identification_via_ieee(self, mac): | ||
try: | ||
mac_obj = EUI(mac) | ||
mac_oui = mac_obj.oui | ||
return mac_oui.registration().org, mac_oui.registration().address | ||
except Exception as e: | ||
logging.info("device_details module: oui identification failure via ieee " + str(e)) | ||
return "Unknown", "Unknown" | ||
|
||
def main(): | ||
filename = "test.pcap" | ||
pcap_reader.PcapEngine('examples/test.pcap', "scapy") | ||
fetchDeviceDetails("ieee").fetch_info() | ||
print(memory.lan_hosts) | ||
|
||
#main() | ||
|
||
# MAC Oui Identification Module | ||
# LAN IP and Getway Identification |
Binary file not shown.
Binary file not shown.
Binary file added
BIN
+28.5 MB
Source/Module/examples/tamu_readingrainbow_0_network_enumeration.pcap
Binary file not shown.
Oops, something went wrong.