-
Notifications
You must be signed in to change notification settings - Fork 34
/
GetIPinfo.py
90 lines (81 loc) · 2.8 KB
/
GetIPinfo.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#!/usr/bin/env python
# -*- encoding: utf-8 -*-
'''
@File : GetIPinfo.py
@Time : 2020/07/17 03:56:05
@Author : R3start
@Version : 1.0
'''
# 脚本介绍
# 扫描获取单个 IP 或者整个 C 段或指定 IP 列表的网卡信息,寻找多网卡主机方便内网跨网段渗透避免瞎打找不到核心网
#
# 原理:https://airbus-cyber-security.com/the-oxid-resolver-part-1-remote-enumeration-of-network-interfaces-without-any-authentication/
import sys
import time
import eventlet
import argparse
from impacket.dcerpc.v5 import transport
from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_NONE
from impacket.dcerpc.v5.dcomrt import IObjectExporter
def main(target_ip,outfile):
try :
authLevel = RPC_C_AUTHN_LEVEL_NONE
infotitle = "[*] Retrieving network interface of %s " % (target_ip)
print(infotitle)
stringBinding = r'ncacn_ip_tcp:%s' % target_ip
rpctransport = transport.DCERPCTransportFactory(stringBinding)
portmap = rpctransport.get_dce_rpc()
portmap.set_auth_level(authLevel)
portmap.connect()
objExporter = IObjectExporter(portmap)
bindings = objExporter.ServerAlive2()
if bindings :
outfile = open(outfile,'a+',encoding='UTF-8')
outfile.write(infotitle + "\n")
for binding in bindings:
NetworkAddr = binding['aNetworkAddr']
print("Address: " + NetworkAddr)
outfile.write("Address: " + NetworkAddr + "\n")
print("--------------------------------------")
outfile.write("--------------------------------------\n")
outfile.close()
except Exception as e:
print(e)
if __name__ == "__main__":
banner = '''
____ _ ___ ____ _ __
/ ___| ___| |_|_ _| _ \(_)_ __ / _| ___
| | _ / _ \ __|| || |_) | | '_ \| |_ / _ \
| |_| | __/ |_ | || __/| | | | | _| (_) |
\____|\___|\__|___|_| |_|_| |_|_| \___/
By:R3start
'''
print(banner)
parser = argparse.ArgumentParser()
parser.add_argument('-i','--ip',help='IP')
parser.add_argument('-t','--time',help='interval time default 3s',default=3)
parser.add_argument('-f','--file', help='IP List')
parser.add_argument('-o','--out', help='Save File')
args = parser.parse_args()
eventlet.monkey_patch()
ip = args.ip
times = args.time
lists = args.file
outfile = "%s_scan.txt" % (time.strftime("%Y%m%d%H%M%S", time.localtime())) if not args.out else args.out
if not ip and not lists :
parser.print_help()
sys.exit(1)
if ip :
if "1/24" in ip :
i = 1
while(i <= 255):
cip = args.ip[:-4] + str(i)
with eventlet.Timeout(int(times),False):
main(cip,outfile)
i += 1
if lists :
for ip in open(lists):
with eventlet.Timeout(int(times),False):
main(ip.rstrip(),outfile)
else:
main(ip,outfile)