Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add scan subnet functionality #4

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add scan subnet functionality #4

wants to merge 3 commits into from

Conversation

AlexJuca
Copy link
Contributor

@AlexJuca AlexJuca commented Mar 2, 2020

This feature contains the following changes:

  1. Adds the capability to scan a given subnet
  2. Updates README.md and added a section describing how to perform a subnet scan.
iex> Hades.new_command()
...> |> Hades.add_argument(Hades.Arguments.ScanTechniques.arg_sP())
...> |> Hades.add_target("192.168.120.42/24")
...> |> Hades.scan()
02:28:50.664 [info]  NMAP Output: "Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-02 02:28 W. Central Africa Standard Time\r\n"

02:29:09.001 [info]  NMAP Output: "Nmap scan report for 192.168.100.1\r\n"

02:29:09.001 [info]  NMAP Output: "Host is up (0.00s latency).\r\nMAC Address: F8:75:88:9D:F9:B5 (Huawei Technologies)\r\n"

02:29:09.001 [info]  NMAP Output: "Nmap scan report for 192.168.100.2\r\n"

02:29:09.001 [info]  NMAP Output: "Host is up (0.047s latency).\r\nMAC Address: 78:31:C1:D0:87:8E (Apple)\r\n"

02:29:24.300 [info]  NMAP Output: "Nmap scan report for 192.168.100.3\r\n"

02:29:24.300 [info]  NMAP Output: "Host is up.\r\n"

02:29:26.568 [info]  NMAP Output: "Nmap done: 256 IP addresses (3 hosts up) scanned in 36.03 seconds\r\n"

02:29:26.584 [info]  Port exit: :exit_status: 0


02:29:26.584 [info]  DOWN message from port: #Port<0.83>
%{
  hosts: [
    %{hostname: "", ip: "192.168.100.1F8:75:88:9D:F9:B5", ports: []},
    %{hostname: "", ip: "192.168.100.278:31:C1:D0:87:8E", ports: []},
    %{hostname: "", ip: "192.168.100.3", ports: []}
  ],
  time: %{
    elapsed: 36.03,
    endstr: "Mon Mar 02 02:29:26 2020",
    unix: 1583112566
}

@AlexJuca
Copy link
Contributor Author

AlexJuca commented Mar 2, 2020
edited
Loading

@fklement I chose to use the same add_target/1 function to do the subnet scan. It would be intuitive for most nmap users to just add the "/24", "16" subnet at the end eg (add_target("192.168.100.1/24") instead of having add_target(ip, "/24").

@AlexJuca AlexJuca mentioned this pull request Mar 2, 2020
Open
fklement
fklement requested changes Mar 4, 2020
View reviewed changes
Copy link
Owner

@fklement fklement left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall a good implementation. Would be nice if you address my comments.
Since I also want to increase the test coverage of this library, it would be nice if you could write some tests for different use cases.

lib/hades.ex
case Helpers.check_ip_address(target_ip) do
{:ok, ip} -> ip
case Helpers.check_ip_address(ip_address) do
{:ok, ip} -> if subnet == nil do ip else "#{ip}#{"/"}#{subnet}" end
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not quite sure why you first split the target and then stitch it back together without any checking.
It would be nice if you could include some test here to see if the subnet mask one specified is valid.

lib/nmap.ex

port =
Port.open({:spawn, "nmap #{option} -oX #{path} #{target}"}, [
Port.open({:spawn, command}, [
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the code would look cleaner if you continue to use the old "structure" nmap #{option} -oX #{path}....
Just use the target variable to compose the given #{target} / #{subnet} or #{target}.

Another option that just came in my mind would be to build the target string in the hades.ex module so you don't have to handle this here. I think this would reduce the overall loc a bit.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree on making the code cleaner. Will work on this.

@fklement fklement added the awaiting changes 🖊 Pull request has been reviewed, but contributor needs to make changes. label Mar 4, 2020
@fklement fklement linked an issue Mar 18, 2020 that may be closed by this pull request
Add functionality to scan a subnet #3
Open
@matteing
Copy link

matteing commented Jul 2, 2021

Hey, any merge timeline on this?

@AlexJuca
Copy link
Contributor Author

AlexJuca commented Jul 3, 2021

Hey, any merge timeline on this?

I have not had the time to work on the suggestions requested by @fklement but my fork does have a working implementation.

@AlexJuca AlexJuca changed the title Add feature to scan subnet Add scan subnet functionality Feb 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fklement fklement fklement requested changes

Assignees

@AlexJuca AlexJuca

Labels
awaiting changes 🖊 Pull request has been reviewed, but contributor needs to make changes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add functionality to scan a subnet
3 participants
@AlexJuca @matteing @fklement