Skip to content

Setup

Jump to bottom
royharoush edited this page Jan 28, 2017 · 12 revisions

Welcome to the DistributedScanning wiki!

This project focuses on the following:

  1. automation of scanners creation

  2. automation of nmap files creation

  3. evasive attributes by randomization of scan patterns

it uses the following key component

  1. Vultr - VPS service with an easy to operate API, to host our infrastructure

  2. Dnmap - distributed nmap framework, to manage our nmap scans across multiple systems

  3. various small bash and python scripts(some or 3rd parties), that are responsible for the following functions.

    3.1. retrieving information and executing commands on all of our scanners automatically. 3.2.

How to setup:

Vultr

  1. setup an account on Vultr and add some funds to it(for testing, even 5 dollars should be enough)

  2. grab your API key from the account page and make sure you allow your IP address access to the API https://my.vultr.com/settings/#settingsapi

  3. create a new startup script in this page

    https://my.vultr.com/startup/ the startup script should contain this script

    https://github.com/royharoush/DistributedScanning/blob/master/vultrScannerStartupScript.sh

    Mind the values of the dnmap_server IP and port, as you might want to change these later.

    Take a note of your startup script ID

  4. add your SSH public key in this page

    https://my.vultr.com/sshkeys/

    take a note of your SSH key ID.

All done !

Modifying the script

in order to have your scanners boot up automatically, setup dnmap and nmap and be accessible remotely using your private key, we need to modify the following values in the script.

  1. git clone the project

  2. go into the bashFunction.sh file

    2.1. modify the API key to match your API key at the beginning of the script

    2.2. modify the startup script ID and SSH key ID on line 173 to match your own values.

    for i in $(seq 1 $number); do curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/create --data 'VPSPLANID=29' --data 'OSID=193' --data 'SCRIPTID=**YOURSTARTUPSCRIPTID**' --data 'SSHKEYID=**YOURSSHKEYID**' --data "DCID="$dcid"" --data "label=scanmachine1"; done;

All done !

##Using the script you can either add this script to your bashrc file or just source it whenever you want to use it. after sourcing the file you'll see that when you type DistributedScanning and double tab, you will have all of the script functions available.

the first command to run to setup your machine is DistributedScan-Setup .

it will install some dependencies(jq, pssh, etc) on your systems.

next you will have to setup your nmnap command files. the time it will take to create your command files varies based on the entropy you want to create in your scan pattern. you have 4 options, which can be shown by typing DistributedScan-commandFileCreateInfo

for options 2 and 4 you will not need to have a file called "ports" containing the ports you want to scan. in options 1 and 3 you will specify the ports by either using -p or --top-ports XXX

Clone this wiki locally