Just some stuff
This commit is contained in:
83
Scanner.src
Normal file
83
Scanner.src
Normal file
@@ -0,0 +1,83 @@
|
||||
import_code("/root/myprogram")
|
||||
|
||||
if params.len == 0 then exit("<b>Usage: </b>scanner [IP]")
|
||||
|
||||
metaxploit = include_lib("/lib/metaxploit.so")
|
||||
if not metaxploit then
|
||||
metaxploit = include_lib(current_path + "/metaxploit.so")
|
||||
end if
|
||||
if not metaxploit then exit("Error: Can't find metaxploit library in the /lib path or the current folder")
|
||||
|
||||
target_ip = params[0]
|
||||
|
||||
if not is_valid_ip(target_ip) then exit(target_ip + " is not a valid ip")
|
||||
|
||||
if nslookup(target_ip) == "Not found" then
|
||||
exit("<color=red><b>That domain is not valid.</b></color>")
|
||||
end if
|
||||
|
||||
target_router = get_router(target_ip)
|
||||
target_ports = target_router.used_ports
|
||||
|
||||
column = "<b>Number Type Version IP</b>"
|
||||
column = column + "\n" + "0" + " " + "kernel_router" + " " + target_router.kernel_version + " " + target_router.local_ip
|
||||
for port in target_ports
|
||||
column = column + "\n" + port.port_number + " " + target_router.port_info(port) + " " + port.get_lan_ip
|
||||
end for
|
||||
|
||||
print("\nIP Address : " + target_ip)
|
||||
print(format_columns(column))
|
||||
|
||||
|
||||
|
||||
checkPrivilege = function(result)
|
||||
if(typeof(result) == "shell") then result = result.host_computer
|
||||
if(typeof(result) == "computer") then
|
||||
//checking root
|
||||
file = result.File("/lib/init.so")
|
||||
if( file.has_permission("w") != 0) then return "Root"
|
||||
//check user
|
||||
file = result.File("/etc/passwd")
|
||||
if( file.has_permission("w")) then return "User"
|
||||
|
||||
return "Guest"
|
||||
end if
|
||||
return "null"
|
||||
end function
|
||||
|
||||
scanPort = function(ip, port, optional)
|
||||
net_session = metaxploit.net_use(ip,port)
|
||||
|
||||
lib = net_session.dump_lib
|
||||
memList = metaxploit.scan(lib)
|
||||
for address in memList
|
||||
keys = metaxploit.scan_address(lib,address)
|
||||
vulns = keys.split("Unsafe check: ")
|
||||
keyList =[]
|
||||
for string in vulns
|
||||
keyList.push(string[string.indexOf("<b>")+3:string.indexOf("</b>")])
|
||||
end for
|
||||
|
||||
for key in keyList
|
||||
result = lib.overflow(address,key,optional)
|
||||
if (typeof(result) != "null") then
|
||||
print(typeof(result))
|
||||
insertVuln(lib.lib_name,lib.version,address,key,"",typeof(result),checkPrivilege(result))
|
||||
end if
|
||||
print("\n")
|
||||
end for
|
||||
end for
|
||||
end function
|
||||
|
||||
|
||||
|
||||
|
||||
scanPort(target_ip, 0, target_router.local_ip)
|
||||
for port in target_ports
|
||||
|
||||
if(port.is_closed != 1) then
|
||||
scanPort(target_ip, port.port_number, "dave")
|
||||
else
|
||||
print(port.port_number + " is Closed.")
|
||||
end if
|
||||
end for
|
||||
Reference in New Issue
Block a user