Setup

How to setup:

Vultr

1. setup an account on Vultr and add some funds to it(for testing, even 5 dollars should be enough)

2. grab your API key from the account page and make sure you allow your IP address access to the API https://my.vultr.com/settings/#settingsapi

3. create a new startup script in this page

   https://my.vultr.com/startup/ the startup script should contain this script

   https://github.com/royharoush/DistributedScanning/blob/master/vultrScannerStartupScript.sh

   Mind the values of the dnmap_server IP and port, as you might want to change these later.

   Take a note of your startup script ID

   

4. add your SSH public key in this page

   https://my.vultr.com/sshkeys/

   take a note of your SSH key ID.

   

All done !

Modifying the script

in order to have your scanners boot up automatically, setup dnmap and nmap and be accessible remotely using your private key, we need to modify the following values in the script.

1. git clone the project

2. go into the bashFunction.sh file

   2.1. modify the API key to match your API key at the beginning of the script

   2.2. modify the startup script ID and SSH key ID on line 173 to match your own values.

   for i in $(seq 1 $number); do curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/create --data 'VPSPLANID=29' --data 'OSID=193' --data 'SCRIPTID=**YOURSTARTUPSCRIPTID**' --data 'SSHKEYID=**YOURSSHKEYID**' --data "DCID="$dcid"" --data "label=scanmachine1"; done;

All done !

##Using the script you can either add this script to your bashrc file or just source it whenever you want to use it. after sourcing the file you'll see that when you type DistributedScanning and double tab, you will have all of the script functions available.

the first command to run to setup your machine is DistributedScan-Setup .

it will install some dependencies(jq, pssh, etc) on your systems.

next you will have to setup your nmnap command files. the time it will take to create your command files varies based on the entropy you want to create in your scan pattern. you have 4 options, which can be shown by typing DistributedScan-commandFileCreateInfo

for options 2 and 4 you will not need to have a file called "ports" containing the ports you want to scan. in options 1 and 3 you will specify the ports by either using -p or --top-ports XXX

Distributed Scan Functions explained

• function DistributedScan-commandFileCreate_1 - Creates a non evasive command file for dnmap
• function DistributedScan-commandFileCreate_2 - Creates a mildly evasive command file for dnmap
• function DistributedScan-commandFileCreate_3 - Creates a fairly evasive command file for dnmap
• function DistributedScan-commandFileCreate_4 - Creates a a very evasive command file for dnmap
• function DistributedScan-commandFileCreateInfo - Lists information about the different command filese and their creation
• function DistributedScan-parseResults - Parse nmap output files, specifically Gnmap and XML Files output. after all is done the proccessed files will be compressed.
• function DistributedScan-Setup - Installs several small utils to enable working with this project
• function DistributedScan-vpsExecuteCommand - Executes a command on all of the scanners using PSSH
• function DistributedScan-vpsGetResults - Autoamtically connects to all the scanners and grabs the content of the /nmap_output/ folder
• function DistributedScan-vultrCreateScanners - Creates a specific amount of scanners in a specified location
• function DistributedScan-vultrDeleteScanners - Provided you with the command line to delete all your scanner, DOES NOT autoamtically deletes scanners.
• function DistributedScan-vultrDnmapServerInfo - Show information on how best to setup a Dnmap server
• function DistributedScan-vultrGetAllserversCSV - Gets the entire infromation for all your Vultr instances ( not just scanners), in a very detaild CSV file. This will will also contain SSH passwords. This command also attempts to open the file using libreoffice.
• function DistributedScan-vultrGetAllserversLight - Prints the IP, SUBID and name of all your Vultr instances ( not just scanner), in CSV format on the terminal screen.
• function DistributedScan-vultrGetAllserversPrint - Printers all of the associted infromation with all your Vultr instances ( not just scanner), in a CSV format on the scree
• function DistributedScan-vultrGetLocations - Lists Vulter DC locations
• function DistributedScan-vultrGetScannersInfo - Gets the IP and the SUBID of all of your scanners. These are saved in 2 seperate files.

###Dnmap Server

Dnmap was developed by Seb Garcia, and all credit for this tool goes to him.

in order to use a dnmap server build one and make sure the server works, as there seems to be an issue with the twisted library in later debian releaes. if you want to import this scripts functions into your dnmap server, run the below command wget https://raw.githubusercontent.com/royharoush/DistributedScanning/master/bashFunction.sh && source bashFunction.sh

other credits

This project uses various parsing scripts from multiple locations. all of the original authoers names have been kept in these scripts.

below is the list of scripts used for parsing:

• GNX tools - https://bitbucket.org/memoryresident/gnxtools
• Gnmap parser (slightly modified) - https://github.com/jasonjfrank/gnmap-parser
• Nmap2Csv - tdebize at mail.com
• json2csv- not sure where i pulled this off and the files didn't have any contact information. if you are the author and would like a mention please leave me a note.