Updates db

master.py

@@ -0,0 +1,52 @@
+from scapy.all import *
+import logging
+from scans import *
+import subprocess
+import re
+import psycopg2
+
+#All other computers should be in an array of type computer, having (so far) an ip and a MAC address.
+class Computer(object):
+    def __init__(self, ip, mac):
+        self.ip = ip
+        self.mac = mac
+
+
+#The overall object, called master, creates its own ip, subnet, and list of other computers on the network.
+#Fields:
+#   ip -> the ip of this computer
+#   subnet -> the subnet (takes the ip, sticks a 0 and /24 at the end
+#   otherComps -> a result of running arping against the network (gives back unparsed packets)
+#   comps -> A list of the computers on the network
+class Master(object):
+    def findIP(self):
+        proc = subprocess.Popen(["ifconfig | grep inet | head -n1 | cut -d\  -f12 | cut -d: -f2"], stdout=subprocess.PIPE, shell=True)
+        self.ip = proc.stdout.read()[:-1]
+    def findSubnet(self):
+        self.subnet = re.search("(\d*\.\d*\.\d*\.)", self.ip).group(0) + "0/24"
+    def arpAll(self):
+        self.otherComps = arping(self.subnet, verbose=0)
+    def profile(self):
+        self.comps = []
+        x,y = self.otherComps
+        for item in x:
+            a,b = item
+            self.comps.append(Computer(a.pdst, b.src))
+    def connect(self):
+        self.conn = psycopg2.connect("dbname='network' user='aces' host='localhost' password='aces'")
+        self.cur = self.conn.cursor()
+
+    def __init__(self):
+        self.findIP()
+        self.findSubnet()
+        self.arpAll()
+        self.profile()
+        self.connect()
+
+
+thisComp = Master()
+for comp in thisComp.comps:
+    thisComp.cur.execute("INSERT INTO computers(ip,mac,ports) VALUES (%s, %s, %s)", (comp.ip, comp.mac, syn_scan(comp.ip, (0,1000))))
+
+thisComp.conn.commit()
+thisComp.cur.close()

plan

@@ -0,0 +1,8 @@
+To Do List:
+1. Replace wireshark (need a database)
+2. Replace nmap
+3. tcpkiller
+4. ARP spoofing
+
+Other stuff
+

scans.py

@@ -0,0 +1,39 @@
+from scapy.all import *
+
+#This scans the host on all ports in the array named ports
+#This function uses a syn scan. This function is also much slower :(
+
+def slow_syn_scan(host, ports):
+    logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
+    packetlist = []
+    for dstPort in ports:
+        srcPort = random.randint(1025,65534)
+        resp = sr1(IP(dst=host)/TCP(sport=srcPort,dport=dstPort,flags="S"),timeout=1,verbose=0)
+        if (str(type(resp)) == "<type 'NoneType'>"):
+            print host + ":" + str(dstPort) + " is filtered (silently dropped)."
+        elif(resp.haslayer(TCP)):
+                if(resp.getlayer(TCP).flags == 0x12):
+                    send_rst = sr(IP(dst=host)/TCP(sport=srcPort,dport=dstPort,flags="R"),timeout=1,verbose=0)
+                    print host + ":" + str(dstPort) + " is open."
+                #elif (resp.getlayer(TCP).flags == 0x14):
+                    #print host + ":" + str(dstPort) + " is closed."
+        elif(resp.haslayer(ICMP)):
+            if(int(resp.getlayer(ICMP).type)==3 and int(resp.getlayer(ICMP).code) in [1,2,3,9,10,13]):
+                print host + ":" + str(dstPort) + " is filtered (silently dropped) but host is up."
+
+
+#This is a fast syn scan.
+def syn_scan(target, ports):
+    print "Beginning Scan...\n"
+    ans,unans = sr(IP(dst=target)/TCP(dport=ports),timeout=.1,verbose=0)
+    rep = []
+    for s,r in ans:
+        if not r.haslayer(ICMP):
+            if r.payload.flags == 0x12:
+                rep.append(r.sprintf("%sport%"))
+    return rep
+
+#TESTING - syn scans first 500 ports (slow)
+#syn_scan("10.0.0.35", range(1,500))
+
+#print fast_scan("10.0.0.35", (0,10000))