83 lines
2.4 KiB
Plaintext
83 lines
2.4 KiB
Plaintext
import_code("/root/myprogram")
|
|
|
|
if params.len == 0 then exit("<b>Usage: </b>scanner [IP]")
|
|
|
|
metaxploit = include_lib("/lib/metaxploit.so")
|
|
if not metaxploit then
|
|
metaxploit = include_lib(current_path + "/metaxploit.so")
|
|
end if
|
|
if not metaxploit then exit("Error: Can't find metaxploit library in the /lib path or the current folder")
|
|
|
|
target_ip = params[0]
|
|
|
|
if not is_valid_ip(target_ip) then exit(target_ip + " is not a valid ip")
|
|
|
|
if nslookup(target_ip) == "Not found" then
|
|
exit("<color=red><b>That domain is not valid.</b></color>")
|
|
end if
|
|
|
|
target_router = get_router(target_ip)
|
|
target_ports = target_router.used_ports
|
|
|
|
column = "<b>Number Type Version IP</b>"
|
|
column = column + "\n" + "0" + " " + "kernel_router" + " " + target_router.kernel_version + " " + target_router.local_ip
|
|
for port in target_ports
|
|
column = column + "\n" + port.port_number + " " + target_router.port_info(port) + " " + port.get_lan_ip
|
|
end for
|
|
|
|
print("\nIP Address : " + target_ip)
|
|
print(format_columns(column))
|
|
|
|
|
|
|
|
checkPrivilege = function(result)
|
|
if(typeof(result) == "shell") then result = result.host_computer
|
|
if(typeof(result) == "computer") then
|
|
//checking root
|
|
file = result.File("/lib/init.so")
|
|
if( file.has_permission("w") != 0) then return "Root"
|
|
//check user
|
|
file = result.File("/etc/passwd")
|
|
if( file.has_permission("w")) then return "User"
|
|
|
|
return "Guest"
|
|
end if
|
|
return "null"
|
|
end function
|
|
|
|
scanPort = function(ip, port, optional)
|
|
net_session = metaxploit.net_use(ip,port)
|
|
|
|
lib = net_session.dump_lib
|
|
memList = metaxploit.scan(lib)
|
|
for address in memList
|
|
keys = metaxploit.scan_address(lib,address)
|
|
vulns = keys.split("Unsafe check: ")
|
|
keyList =[]
|
|
for string in vulns
|
|
keyList.push(string[string.indexOf("<b>")+3:string.indexOf("</b>")])
|
|
end for
|
|
|
|
for key in keyList
|
|
result = lib.overflow(address,key,optional)
|
|
if (typeof(result) != "null") then
|
|
print(typeof(result))
|
|
insertVuln(lib.lib_name,lib.version,address,key,"",typeof(result),checkPrivilege(result))
|
|
end if
|
|
print("\n")
|
|
end for
|
|
end for
|
|
end function
|
|
|
|
|
|
|
|
|
|
scanPort(target_ip, 0, target_router.local_ip)
|
|
for port in target_ports
|
|
|
|
if(port.is_closed != 1) then
|
|
scanPort(target_ip, port.port_number, "dave")
|
|
else
|
|
print(port.port_number + " is Closed.")
|
|
end if
|
|
end for |