From 50311baa254a3be7b57229cc0a00cdcfada3881c Mon Sep 17 00:00:00 2001 From: Dustin Davis Date: Fri, 13 Apr 2018 12:20:17 -0500 Subject: [PATCH] First commit --- README.md | 98 +++++++++++ installer/install.py | 23 +++ installer/nventory | 17 ++ licenses/nmapdb - LICENSE | 29 ++++ licenses/nventory - LICENSE | 17 ++ nventory/bin/nmapdb.py | 313 ++++++++++++++++++++++++++++++++++ nventory/bin/nmapdb.sql | 61 +++++++ nventory/bin/nventory.py | 147 ++++++++++++++++ nventory/database/database.db | Bin 0 -> 20480 bytes nventory/xml/google.xml | 51 ++++++ nventory/xml/nmap.xml | 50 ++++++ 11 files changed, 806 insertions(+) create mode 100644 README.md create mode 100644 installer/install.py create mode 100644 installer/nventory create mode 100644 licenses/nmapdb - LICENSE create mode 100644 licenses/nventory - LICENSE create mode 100755 nventory/bin/nmapdb.py create mode 100755 nventory/bin/nmapdb.sql create mode 100755 nventory/bin/nventory.py create mode 100644 nventory/database/database.db create mode 100644 nventory/xml/google.xml create mode 100644 nventory/xml/nmap.xml diff --git a/README.md b/README.md new file mode 100644 index 0000000..a6fcbf3 --- /dev/null +++ b/README.md @@ -0,0 +1,98 @@ +# nventory + +``` + _ + | | + _ ____ _____ _ __ | |_ ___ _ __ _ _ +| '_ \ \ / / _ \ '_ \| __/ _ \| '__| | | | +| | | \ V / __/ | | | || (_) | | | |_| | +|_| |_|\_/ \___|_| |_|\__\___/|_| \__, | + __/ | + |___/ +``` + +A light-weight NMAP wrapper based on https://github.com/argp/nmapdb. + +### Setup: + +1. cd to `$ nventory-master/installer` +2. `$ sudo python2 install.py` +3. You're done! + +### Usage: + +`$ nventory` + +### What's next? + +Everything else from this point is straight-forward. You can use list files (-iL) for inventorying multiple hosts. +Feel free to fork it / break it / bop it. + +# nmapdb + +nmapdb parses nmap's XML output files and inserts them into an SQLite database. + +I coded this a while back (mid 2009) and have been using it since. Some +people I have shared nmapdb with have found it useful, so I am releasing it +publicly. + +Example usage: + +```$ sudo nmap -A -oX scanme.xml scanme.nmap.org + +Starting Nmap ... + +$ ls scanme.xml +scanme.xml +$ ./nmapdb.py -h +usage: ./nmapdb.py [options] +options: + (-h) --help this message + (-v) --verbose verbose output + (-c) --create specify input SQL file to create SQLite DB + (-d) --database specify output SQLite DB file + (-f) --frequency list most frequent open ports from specified DB + (-n) --nodb do not perform any DB operations (i.e. dry run) + (-V) --version output version number and exit +``` + +Use -c to create a database from the schema on the first run: +```$ ./nmapdb.py -c nmapdb.sql -d myscan.db scanme.xml +$ file myscan.db +myscan.db: SQLite 3.x database +$ sqlite3 myscan.db +SQLite version 3.7.7 ... +sqlite> select * from hosts; +74.207.244.221||scanme.nmap.org|ipv4|Linux 2.6.18|Linux|85|2.6.X|1316681984|up| +sqlite> select * from ports; +74.207.244.221|22|tcp|ssh|open| +74.207.244.221|80|tcp|http|open| +``` + +Subsequent scans can be entered into the same database: + +```$ ./nmapdb.py -d myscan.db bar.xml foo.xml host1.xml host2.xml \ + host3.xml host4.xml meh.xml (or simply *.xml) +$ sqlite3 myscan.db +SQLite version 3.7.7 ... +sqlite> select * from ports where ports.port='22'; +aa.bb.244.221|22|tcp|ssh|open| +204.cc.ddd.250|22|tcp|ssh|open| +bbb.242.aa.180|22|tcp|ssh|open| +aa.bb.121.21|22|tcp|ssh|open| +sqlite> select * from ports where ports.port='23'; +192.168.1.254|23|tcp|telnet|open| +sqlite> select * from hosts inner join ports on hosts.ip=ports.ip where hosts.ip='192.168.1.254' and ports.state='open'; +192.168.1.254|00:00:C5:CF:86:30|modem|ipv4||||||up|Farallon Computing/netopia|192.168.1.254|23|tcp|telnet|open| +192.168.1.254|00:00:C5:CF:86:30|modem|ipv4||||||up|Farallon Computing/netopia|192.168.1.254|80|tcp|http|open| +sqlite> select * from hosts inner join ports on hosts.ip=ports.ip where hosts.os_name like '%bsd%' and ports.port=22; +aa.bb.91.25||foo.bar.org|ipv4|FreeBSD 7.0-STABLE|FreeBSD|95|7.X|1231841556|up||aa.bb.91.25|22|tcp|ssh|open| +``` + +Feel free to fork, submit patches, whatever. + +Thanks to antonat and thomas for providing feedback. + +argp, Mon Apr 30 14:49:21 EEST 2012 + + diff --git a/installer/install.py b/installer/install.py new file mode 100644 index 0000000..1e7ca36 --- /dev/null +++ b/installer/install.py @@ -0,0 +1,23 @@ +#Copyright (C) 2018 Dustin Davis (b3b0) + +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. + +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. + +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +import os +import sys + +os.system("cp -R ../nventory /opt/") +os.system("cp -R nventory /usr/bin/") +os.system("chmod +x /usr/bin/nventory") + +print("Installation: successful!") diff --git a/installer/nventory b/installer/nventory new file mode 100644 index 0000000..b34970d --- /dev/null +++ b/installer/nventory @@ -0,0 +1,17 @@ +#!/bin/bash +#Copyright (C) 2018 Dustin Davis (b3b0) + +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. + +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. + +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +sudo python2 /opt/nventory/bin/nventory.py \ No newline at end of file diff --git a/licenses/nmapdb - LICENSE b/licenses/nmapdb - LICENSE new file mode 100644 index 0000000..a2b97e1 --- /dev/null +++ b/licenses/nmapdb - LICENSE @@ -0,0 +1,29 @@ + nmapdb - Parse nmap's XML output files and insert them into an SQLite database + + Copyright (c) 2012 Patroklos Argyroudis + Copyright (c) 2012 Census, Inc. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The names of the authors and copyright holders may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/licenses/nventory - LICENSE b/licenses/nventory - LICENSE new file mode 100644 index 0000000..ce66459 --- /dev/null +++ b/licenses/nventory - LICENSE @@ -0,0 +1,17 @@ + ---nventory--- + (https://github.com/b3b0/nventory) + +Copyright (C) 2018 Dustin Davis (b3b0) + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . diff --git a/nventory/bin/nmapdb.py b/nventory/bin/nmapdb.py new file mode 100755 index 0000000..13b8be5 --- /dev/null +++ b/nventory/bin/nmapdb.py @@ -0,0 +1,313 @@ +#!/usr/bin/env python +# +# nmapdb - Parse nmap's XML output files and insert them into an SQLite database +# Copyright (c) 2012 Patroklos Argyroudis +# +# Slightly modified (c) 2018 by Dustin Davis (b3b0) for https://github.com/b3b0/nventory + +import sys +import os +import getopt +import xml.dom.minidom +from pysqlite2 import dbapi2 as sqlite +import datetime + +VERSION = "1.2" +DEFAULT_DATABASE = "./nmapdb.db" + +true = 1 +false = 0 +vflag = false + +def myprint(msg): + global vflag + if vflag == true: + print msg + + return + +def usage(name): + print "usage: %s [options] " % name + print "options:" + print " (-h) --help this message" + print " (-v) --verbose verbose output" + print " (-c) --create specify input SQL file to create SQLite DB" + print " (-d) --database specify output SQLite DB file" + print " (-f) --frequency list most frequent open ports from specified DB" + print " (-n) --nodb do not perform any DB operations (i.e. dry run)" + print " (-V) --version output version number and exit" + + return + +def main(argv, environ): + global vflag + nodb_flag = false + freq_flag = false + db_path = DEFAULT_DATABASE + sql_file = "" + argc = len(argv) + + if argc == 1: + usage(argv[0]) + sys.exit(0) + + try: + alist, args = getopt.getopt(argv[1:], "hvd:c:f:nV", + ["help", "verbose", "database=", "create=", "frequency=", + "nodb", "version"]) + except getopt.GetoptError, msg: + print "%s: %s\n" % (argv[0], msg) + usage(argv[0]) + sys.exit(1) + + for(field, val) in alist: + if field in ("-h", "--help"): + usage(argv[0]) + sys.exit(0) + if field in ("-v", "--verbose"): + vflag = true + if field in ("-d", "--database"): + db_path = val + if field in ("-c", "--create"): + sql_file = val + if field in ("-f", "--frequency"): + freq_flag = true + db_path = val + if field in ("-n", "--nodb"): + nodb_flag = true + if field in ("-V", "--version"): + print "nmapdb v%s by Patroklos Argyroudis " % (VERSION) + print "parse nmap's XML output files and insert them into an SQLite database" + sys.exit(0) + + if freq_flag == false: + if len(args[0]) == 0: + usage(argv[0]) + sys.exit(1) + + if nodb_flag == false: + if db_path == DEFAULT_DATABASE: + print "%s: no output SQLite DB file specified, using \"%s\"\n" % (argv[0], db_path) + + conn = sqlite.connect(db_path) + cursor = conn.cursor() + + myprint("%s: successfully connected to SQLite DB \"%s\"\n" % (argv[0], db_path)) + + # helpful queries on the database + if freq_flag == true: + freq_sql = "select count(port) as frequency,port as fport from ports where ports.state='open' group by port having count(fport) > 1000" + + cursor.execute(freq_sql) + print "Frequency|Port" + + for row in cursor: + print(row) + + sys.exit(0) + + if nodb_flag == false: + if sql_file != "": + sql_string = open(sql_file, "r").read() + try: + cursor.executescript(sql_string) + except sqlite.ProgrammingError, msg: + print "%s: error: %s\n" % (argv[0], msg) + sys.exit(1) + + myprint("%s: SQLite DB created using SQL file \"%s\"\n" % (argv[0], sql_file)) + + for fname in args: + try: + doc = xml.dom.minidom.parse(fname) + except IOError: + print "%s: error: file \"%s\" doesn't exist\n" % (argv[0], fname) + continue + except xml.parsers.expat.ExpatError: + print "%s: error: file \"%s\" doesn't seem to be XML\n" % (argv[0], fname) + continue + + for host in doc.getElementsByTagName("host"): + try: + address = host.getElementsByTagName("address")[0] + ip = address.getAttribute("addr") + protocol = address.getAttribute("addrtype") + except: + # move to the next host since the IP is our primary key + continue + + try: + mac_address = host.getElementsByTagName("address")[1] + mac = mac_address.getAttribute("addr") + mac_vendor = mac_address.getAttribute("vendor") + except: + mac = "" + mac_vendor = "" + + try: + hname = host.getElementsByTagName("hostname")[0] + hostname = hname.getAttribute("name") + except: + hostname = "" + + try: + status = host.getElementsByTagName("status")[0] + state = status.getAttribute("state") + except: + state = "" + + try: + os_el = host.getElementsByTagName("os")[0] + os_match = os_el.getElementsByTagName("osmatch")[0] + os_name = os_match.getAttribute("name") + os_accuracy = os_match.getAttribute("accuracy") + os_class = os_el.getElementsByTagName("osclass")[0] + os_family = os_class.getAttribute("osfamily") + os_gen = os_class.getAttribute("osgen") + except: + os_name = "" + os_accuracy = "" + os_family = "" + os_gen = "" + + try: + timestamp = str(datetime.datetime.now().strftime("%y-%m-%d-%H-%M")) + except: + timestamp = "" + + try: + Hardware_Admin = "" + Kernel_Admin = "" + Application_Admin = "" + Common_Name = "" + Audit_Date = "" + + except: + timestamp = "" + + try: + hostscript = host.getElementsByTagName("hostscript")[0] + script = hostscript.getElementsByTagName("script")[0] + id = script.getAttribute("id") + + if id == "whois": + whois_str = script.getAttribute("output") + else: + whois_str = "" + + except: + whois_str = "" + + myprint("================================================================") + + myprint("[hosts] ip:\t\t%s" % (ip)) + myprint("[hosts] mac:\t\t%s" % (mac)) + myprint("[hosts] hostname:\t%s" % (hostname)) + myprint("[hosts] protocol:\t%s" % (protocol)) + myprint("[hosts] os_name:\t%s" % (os_name)) + myprint("[hosts] os_family:\t%s" % (os_family)) + myprint("[hosts] os_accuracy:\t%s" % (os_accuracy)) + myprint("[hosts] os_gen:\t\t%s" % (os_gen)) + myprint("[hosts] last_update:\t%s" % (timestamp)) + myprint("[hosts] state:\t\t%s" % (state)) + myprint("[hosts] mac_vendor:\t%s" % (mac_vendor)) + myprint("[hosts] whois:\n") + myprint("%s\n" % (whois_str)) + myprint("[hosts] Kernel_Admin:\t\t%s" % (Kernel_Admin)) + myprint("[hosts] Hardware_Admin:\t\t%s" % (Hardware_Admin)) + myprint("[hosts] Application_Admin:\t\t%s" % (Application_Admin)) + myprint("[hosts] Common_Name:\t\t%s" % (Common_Name)) + myprint("[hosts] Audit_Date:\t\t%s" % (Audit_Date)) + + if nodb_flag == false: + try: + cursor.execute("UPDATE hosts SET mac=?, hostname=?, protocol=?, os_name=?, os_family=?, os_accuracy=?, os_gen=?, last_update=?, state=?, mac_vendor=?, whois=? WHERE ip=?", + (mac, hostname, protocol, os_name, os_family, os_accuracy, + os_gen, timestamp, state, mac_vendor, whois_str, ip)) + cursor.execute("INSERT or IGNORE INTO hosts (ip, mac, hostname, protocol, os_name, os_family, os_accuracy, os_gen, last_update, state, mac_vendor, whois) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", + (ip, mac, hostname, protocol, os_name, os_family, os_accuracy, + os_gen, timestamp, state, mac_vendor, whois_str)) + except sqlite.IntegrityError, msg: + print "%s: warning: %s: table hosts: ip: %s\n" % (argv[0], msg, ip) + continue + except: + print "%s: unknown exception during insert into table hosts\n" % (argv[0]) + continue + + try: + ports = host.getElementsByTagName("ports")[0] + ports = ports.getElementsByTagName("port") + except: + print "%s: host %s has no open ports\n" % (argv[0], ip) + continue + + for port in ports: + pn = port.getAttribute("portid") + protocol = port.getAttribute("protocol") + state_el = port.getElementsByTagName("state")[0] + state = state_el.getAttribute("state") + + try: + service = port.getElementsByTagName("service")[0] + port_name = service.getAttribute("name") + product_descr = service.getAttribute("product") + product_ver = service.getAttribute("version") + product_extra = service.getAttribute("extrainfo") + except: + service = "" + port_name = "" + product_descr = "" + product_ver = "" + product_extra = "" + try: + timestamp = str(datetime.datetime.now().strftime("%y-%m-%d-%H-%M")) + except: + timestamp = "" + + service_str = "%s %s %s" % (product_descr, product_ver, product_extra) + + info_str = "" + + for i in (0, 1): + try: + script = port.getElementsByTagName("script")[i] + script_id = script.getAttribute("id") + script_output = script.getAttribute("output") + except: + script_id = "" + script_output = "" + + if script_id != "" and script_output != "": + info_str += "%s: %s\n" % (script_id, script_output) + + myprint("\t------------------------------------------------") + + myprint("\t[ports] ip:\t\t%s" % (ip)) + myprint("\t[ports] port:\t\t%s" % (pn)) + myprint("\t[ports] protocol:\t%s" % (protocol)) + myprint("\t[ports] name:\t\t%s" % (port_name)) + myprint("\t[ports] state:\t\t%s" % (state)) + myprint("\t[ports] service:\t%s" % (service_str)) + myprint("[hosts] last_update:\t%s" % (timestamp)) + if nodb_flag == false: + try: + cursor.execute("INSERT or REPLACE INTO ports VALUES (?, ?, ?, ?, ?, ?, ?)", (ip, pn, protocol, port_name, state, service_str, timestamp)) + except sqlite.IntegrityError, msg: + print "%s: warning: %s: table ports: ip: %s\n" % (argv[0], msg, ip) + continue + except: + print "%s: unknown exception during insert into table ports\n" % (argv[0]) + continue + + myprint("\t------------------------------------------------") + + myprint("================================================================") + + if nodb_flag == false: + conn.commit() + +if __name__ == "__main__": + main(sys.argv, os.environ) + sys.exit(0) + +# EOF diff --git a/nventory/bin/nmapdb.sql b/nventory/bin/nmapdb.sql new file mode 100755 index 0000000..08ffbe4 --- /dev/null +++ b/nventory/bin/nmapdb.sql @@ -0,0 +1,61 @@ +/* + * nmapdb - Parse nmap's XML output files and insert them into an SQLite database + * Copyright (c) 2012 Patroklos Argyroudis + * Slightly modified (c) 2018 by Dustin Davis (b3b0) for https://github.com/b3b0/nventory + */ +CREATE TABLE IF NOT EXISTS hosts ( + ip VARCHAR(16) PRIMARY KEY NOT NULL, + mac VARCHAR(18), + hostname VARCHAR(129), + protocol VARCHAR(5) DEFAULT 'ipv4', + os_name TEXT, + os_family TEXT, + os_accuracy INTEGER, + os_gen TEXT, + last_update TIMESTAMP, + state VARCHAR(8) DEFAULT 'down', + mac_vendor TEXT, + whois TEXT, + Hardware_Admin TEXT, + Kernel_Admin TEXT, + Application_Admin TEXT, + Common_Name TEXT, + Audit_Date TEXT +); + +CREATE TABLE IF NOT EXISTS ports ( + ip VARCHAR(16) NOT NULL, + port INTEGER NOT NULL, + protocol VARCHAR(4) NOT NULL, + name VARCHAR(33), + state VARCHAR(33) DEFAULT 'closed', + service TEXT, + PRIMARY KEY (ip, port, protocol), + CONSTRAINT fk_ports_hosts FOREIGN KEY (ip) REFERENCES hosts(ip) ON DELETE CASCADE +); + +CREATE TRIGGER IF NOT EXISTS fki_ports_hosts_ip +BEFORE INSERT ON ports +FOR EACH ROW BEGIN + SELECT CASE + WHEN ((SELECT ip FROM hosts WHERE ip = NEW.ip) IS NULL) + THEN RAISE(ABORT, 'insert on table "ports" violates foreign key constraint "fk_ports_hosts"') + END; +END; + +CREATE TRIGGER IF NOT EXISTS fku_ports_hosts_ip +BEFORE UPDATE ON ports +FOR EACH ROW BEGIN + SELECT CASE + WHEN ((SELECT ip FROM hosts WHERE ip = NEW.ip) IS NULL) + THEN RAISE(ABORT, 'update on table "ports" violates foreign key constraint "fk_ports_hosts"') + END; +END; + +CREATE TRIGGER IF NOT EXISTS fkd_ports_hosts_ip +BEFORE DELETE ON hosts +FOR EACH ROW BEGIN + DELETE from ports WHERE ip = OLD.ip; +END; + +/* EOF */ \ No newline at end of file diff --git a/nventory/bin/nventory.py b/nventory/bin/nventory.py new file mode 100755 index 0000000..49cad48 --- /dev/null +++ b/nventory/bin/nventory.py @@ -0,0 +1,147 @@ +#Copyright (C) 2018 Dustin Davis (b3b0) + +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. +# +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. +# +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +import sys +import os +import Tkinter, tkFileDialog + +root = Tkinter.Tk() +root.withdraw() +oss = os.system + +oss("clear") + +if os.path.isfile("/opt/nventory/database/database.db-journal"): + locked = True + while locked == True: + if os.path.isfile("/opt/nventory/database/database.db-journal"): + oss("clear") + print("ERROR:") + raw_input("The audit database is LOCKED! Press ENTER to continue after changes are applied and database is unlocked.") + else: + print("The audit database is now unlocked. Proceeding with AB5K.") + locked = False + +checking = True + +while checking == True: + print(""" + _ + | | + _ ____ _____ _ __ | |_ ___ _ __ _ _ +| '_ \ \ / / _ \ '_ \| __/ _ \| '__| | | | +| | | \ V / __/ | | | || (_) | | | |_| | +|_| |_|\_/ \___|_| |_|\__\___/|_| \__, | + __/ | + |___/ + + v 0.2 +""") + print("") + iplist = raw_input("Are you using an IP list file today? [y/n]: ") + if iplist == "n": + target = raw_input("Specify host or host range (no CIDR): ") + action = ("sudo nmap -v --osscan-guess -O " + target + " -oX /opt/nventory/xml/" + target + ".xml --open") + checking == False + break + if iplist == "y": + print("Select your IP list file!:") + target = tkFileDialog.askopenfilename() + if os.path.isfile(target): + scanname = raw_input("Give this scan a unique name. (example: usersubnet, servers, etc...): ") + if os.path.isfile("/opt/nventory/xml/" + scanname + ".xml"): + print("Please provide a unique filename. /opt/nventory/xml/" + scanname + ".xml exists.") + if not os.path.isfile("/opt/nventory/xml/" + scanname + ".xml"): + action = ("sudo nmap -v --osscan-guess -O -iL " + target + " -oX /opt/nventory//xml/" + scanname + ".xml --open") + checking == False + break + if not os.path.isfile(target): + print("Cannot find " + target + ".") + else: + oss("clear") + print("You have two choices. This isn't hard bro.") + +interface = raw_input("Will you use a specific interface? [y/n]: ") + +if interface == "y": + oss("ifconfig") + whichint = raw_input("Which interface will you use?: ") + action = action + " -e " + whichint + +print("") + +actiontype = raw_input(""" +Choose which type of scan: +-------------------------- +pn = host discovery (Disable host discovery. Port scan only.) +sv = service versioning (Attempts to determine the version of the service running on port) +a = aggressive (not recommended for ranges larger than 10 hosts) +ss = TCP/SYN connect (TCP SYN port scan (Default)) + +If none selected, a plain nmap scan will commence. + +Choose [pn/sv/sn/a/ss/ps/stu]: """) + +if actiontype == "pn": + action = action + " -Pn" +if actiontype == "sv": + action = action + " -sV" +if actiontype == "sn": + action = action + " -sN" +if actiontype == "a": + action = action + " -A" +if actiontype == "ss": + action = action + " -sS" + +print("") + +portchoose = raw_input("Will you use a standard port scan or custom? [s/c] (default = s): ") + +if portchoose == "c": + customizer = raw_input("Enter individual ports separated by commas, or a range. (Ex:22,23,24,135-139): ") + action = action + " -p " + customizer +else: + print("Standard ports will be used. According to which nmap scan you have invoked.") + +print("") +print("..................................") +print(" PRESS ENTER TO EXECUTE: ") +print(action) +print("..................................") +raw_input("") + +oss(action) + +print ("") +print("..................................") +print(" ADD RESULTS TO DATABASE? ") +print("..................................") +databaser = raw_input("[y/n]: ") + +if iplist != "y": + xml = "/opt/nventory/xml/" + target + ".xml" +if iplist == "y": + xml = "/opt/nventory/xml/" + scanname + ".xml" + +if databaser == "y": + oss("python2 /opt/nventory/bin/nmapdb.py -d /opt/nventory/database/database.db " + xml) + print("IT IS DONE!") + print("~-~-~-~-~-~-") +if databaser != "y": + print("YOU HAVE CHOSEN NOT TO ADD TO DATABASE") + +print("") + +print("That was a nice round of auditing! Great job!") \ No newline at end of file diff --git a/nventory/database/database.db b/nventory/database/database.db new file mode 100644 index 0000000000000000000000000000000000000000..96c6d70ac30ab6199d4097f705fd61b2e82bbe22 GIT binary patch literal 20480 zcmeI3F>l*O6o5%tj%^hJle(^kpuoX^VG)Rg(3D*pg@Mu%Z3~epm11gVQdyFc2}?Yd zq^x-8kTwM}bnYL>Pv{tQ>E5M(py*n3=$Ns0N7AC?I#Uaz!8?FQ^6tHR@4okr5>Iyb zvz8kn@86law%kez-DMB2_t&n4p9BHA~`SgaI`ONigmn&TLgWrq7Yi?=zPp>c>cLpP~cxsHqhY zDT!D=z$3)Wq0?iPsJlMeN9|Ul>iVA)RITxie24k>T)g&gJm()%zv17!RO;X3PJ>Q_ z_{a2a^RG*$Q8!Rs>8i|M>ND|BL*;VPMLa#!+b8ifv)*g!De+!J%`Va&w_4)0zCrbM zrP)=>%0XK<9-z&!Z=2++CiYNdemQi|I&*3rUAlNkIzsv-)NuzMx^S+Lg}pEeOxKIh zdjBFzVSO{ULVzXI7U!wCS$PuGf2KAsl~QYJT~#;U7HX~+IzjZWQ~S2Kuv99Q`0uV* zFc=|L<gGe=H3Oe!SHVr(OfXd=ZW(@7TEq4Kz8piOItL&x4sq@Cc>wPJZgJu~7~ z*X!fdz_hiaH%}D(33{YHL1ou}zyOdsaXGPHZ);tHB)4XeheI~k5Pd8(kF-=@M7nxN zmbz9~yYb>7gNih@l4k;0b9JSm7DO?Br?g+13_#}Q`ti3y1XXz_W8 zXQ6vhWT9h^9#-XMLdTlWn?skK?re}orj^pU4wAH+%%2XO1}Nn(ZS5t!DJ-g=_HK*Q z;JE%}EeQ<{d+9i68U)hXH%IR9iVQH*YFgGfFs&<;Bvu?rB0g}u*xRZ2&3B8{vaU?du^Yw)GY%e`fjuz;r>EE>H}+@h&Lb!A zoMEObqp0})(6!9S#okn4s#?dR5$Vy`ikLPlW7~~-jd&%{W|Bm?Hzg5Eh@Qkw3*^Ig znSS6F$&nLkobUswpa20N00e*l5C8%|00;m9AOHk_01yBI*95-Ey}wc1SlhqP-xKc@ z=^Hf1)wZj$T&?X@C24OmnN+=z=~pd0qMIEjt`*=A_ak&lwsY_#L}wk;?a0ZUeb$k7 zD-UZGNv=o_D>ZrSpYz0mxOPcpZn@t0DcY*ms`AGoyRqrb*^H&y*e?*@bHZ<&@E56|00AHX1b_e#00KY&2mk>f z00e*l5C8)IM*?>jHu&t;L{3=PSjp}r(A|r?aEB9q5&~hLTtEQ=KmZ5;0U!VbfB+Bx z0zd!=00AKI&Jx(pFK^^lOKT-D`)X4SscPPOXz@ z-J;aYQCq8Pbus&5&TNI@kSZy@X`MTWTDB4Dc3Tzfk$;95VcVIpFDra(U!EB%Yky`a z`Ue0zvr~}i@Bew>B`3TRUJ8E*zrM2}hKT_IAOHk_01yBIKmZ5;0U!VbfB+D9y9tyQ k$$kNUV`C!!;Ud|5m}#eP{tL1AjlG538Wms3wo~!H0qZQJ0ssI2 literal 0 HcmV?d00001 diff --git a/nventory/xml/google.xml b/nventory/xml/google.xml new file mode 100644 index 0000000..e034149 --- /dev/null +++ b/nventory/xml/google.xml @@ -0,0 +1,51 @@ + + + + + + + + + + + + + + + + + + + + + + +
+ + + + + + + + + +cpe:/o:linux:linux_kernel:2.4.37 + + +cpe:/o:linux:linux_kernel:3.2 + + +cpe:/o:microsoft:windows_xp::sp3 +cpe:/o:microsoft:windows_7 +cpe:/o:microsoft:windows_server_2012 + + + + + + + + + + diff --git a/nventory/xml/nmap.xml b/nventory/xml/nmap.xml new file mode 100644 index 0000000..a3a198c --- /dev/null +++ b/nventory/xml/nmap.xml @@ -0,0 +1,50 @@ + + + + + + + + + + + + + + + + + + + + + +
+ + + + +cpe:/a:apache:http_server:2.4.6 +cpe:/a:apache:http_server + + + +cpe:/o:microsoft:windows_xp::sp3 + + +cpe:/o:microsoft:windows_xp::sp3 +cpe:/o:microsoft:windows_7 +cpe:/o:microsoft:windows_server_2012 + + +cpe:/a:vmware:player + + + + + + + + + +