Skip to content

Commit c5cdf60

Browse files
nmmappernmmapper
authored
Merge pull request #58 from DavidRomanovizc/patch-1
Refactor code
2 parents 407d639 + 2129653 commit c5cdf60

File tree

1 file changed

+118
-109
lines changed

1 file changed

+118
-109
lines changed

example.py

Lines changed: 118 additions & 109 deletions
Original file line numberDiff line numberDiff line change
@@ -56,134 +56,134 @@
5656

5757
def scan_techniques(nmt, scan_type, target):
5858
if scan_type == '-sF':
59-
fin_scan = nmt.nmap_fin_scan(target)
59+
fin_scan = nmt.nmap_fin_scan(target)
6060
return fin_scan
6161

6262
elif scan_type == '-sI':
63-
idle_scan = nmt.nmap_idle_scan(target)
63+
idle_scan = nmt.nmap_idle_scan(target)
6464
return
6565

6666
elif scan_type == '-sP':
67-
ping_scan = nmt.nmap_ping_scan(target)
67+
ping_scan = nmt.nmap_ping_scan(target)
6868
return ping_scan
6969

7070
elif scan_type == '-sS':
71-
syn_scan = nmt.nmap_syn_scan(target)
71+
syn_scan = nmt.nmap_syn_scan(target)
7272
return syn_scan
73-
73+
7474
elif scan_type == '-F':
75-
syn_fast_scan = nmt.nmap_syn_scan(target)
75+
syn_fast_scan = nmt.nmap_syn_scan(target)
7676
return syn_fast_scan
7777

7878
elif scan_type == '-sT':
79-
tcp_scan = nmt.nmap_tcp_scan(target)
79+
tcp_scan = nmt.nmap_tcp_scan(target)
8080
return tcp_scan
8181

8282
elif scan_type == '-sU':
83-
udp_scan = nmt.nmap_udp_scan(target)
83+
udp_scan = nmt.nmap_udp_scan(target)
8484
return udp_scan
8585

8686
else:
8787
raise ValueError("Not a scan technique")
8888

89+
8990
def scan_discovery(nmd, scan_type, target, ports_num):
9091
if scan_type == '-Pn':
91-
no_ping = nmd.nmap_portscan_only(target)
92+
no_ping = nmd.nmap_portscan_only(target)
9293
return no_ping
9394

9495
elif scan_type == '-sn':
95-
ping_scan = nmd.nmap_no_portscan(target)
96+
ping_scan = nmd.nmap_no_portscan(target)
9697
return ping_scan
9798

9899
elif scan_type == '-PR':
99-
arp_scan = nmd.nmap_no_portscan(target)
100+
arp_scan = nmd.nmap_no_portscan(target)
100101
return arp_scan
101102

102103
elif scan_type == '-n':
103-
disable_dns = nmd.nmap_disable_dns(target)
104+
disable_dns = nmd.nmap_disable_dns(target)
104105
return disable_dns
105106

106107
elif scan_type == '-O --osscan-guess':
107-
no_ping_os_detection = nmd.nmap_portscan_only(target, args=scan_type)
108+
no_ping_os_detection = nmd.nmap_portscan_only(target, args=scan_type)
108109
return no_ping_os_detection
109110

110111
elif scan_type == '-A -T2':
111-
no_ping_stealth = nmd.nmap_portscan_only(target, args=scan_type)
112+
no_ping_stealth = nmd.nmap_portscan_only(target, args=scan_type)
112113
return no_ping_stealth
113-
114+
114115
elif scan_type == '-A':
115-
no_ping_advanced = nmd.nmap_portscan_only(target, args=scan_type)
116+
no_ping_advanced = nmd.nmap_portscan_only(target, args=scan_type)
116117
return no_ping_advanced
117-
118+
118119
elif scan_type == '-A -v':
119-
no_ping_advanced_verbose = nmd.nmap_portscan_only(target, args=scan_type)
120+
no_ping_advanced_verbose = nmd.nmap_portscan_only(target, args=scan_type)
120121
return no_ping_advanced_verbose
121-
122+
122123
elif scan_type == '-T4 -sV':
123-
no_ping_aggressive_service = nmd.nmap_portscan_only(target, args=scan_type)
124+
no_ping_aggressive_service = nmd.nmap_portscan_only(target, args=scan_type)
124125
return no_ping_aggressive_service
125126

126127
elif scan_type == '-n -A':
127-
no_ping_no_dns = nmd.nmap_portscan_only(target, args=scan_type)
128+
no_ping_no_dns = nmd.nmap_portscan_only(target, args=scan_type)
128129
return no_ping_no_dns
129130

130131
elif scan_type == '-n -V':
131-
no_ping_advanced_service = nmd.nmap_portscan_only(target, args=scan_type)
132+
no_ping_advanced_service = nmd.nmap_portscan_only(target, args=scan_type)
132133
return no_ping_advanced_service
133134

134135
elif scan_type == '-f -A':
135-
no_ping_fragment = nmd.nmap_portscan_only(target, args=scan_type)
136+
no_ping_fragment = nmd.nmap_portscan_only(target, args=scan_type)
136137
return no_ping_fragment
137138

138139
elif scan_type == '-n -sV --version-intensity 3':
139-
no_ping_version_intensity = nmd.nmap_portscan_only(target, args=scan_type)
140+
no_ping_version_intensity = nmd.nmap_portscan_only(target, args=scan_type)
140141
return no_ping_version_intensity
141142

142143
elif scan_type == '-O --osscan-guess -p ':
143-
scan_type = scan_type + str(ports_num)
144-
no_ping_detect_ports = nmd.nmap_portscan_only(target, args=scan_type)
144+
scan_type = scan_type + str(ports_num)
145+
no_ping_detect_ports = nmd.nmap_portscan_only(target, args=scan_type)
145146
return no_ping_detect_ports
146147

147148
else:
148149
raise ValueError("Not a scan technique")
149150

150-
151151

152152
def scan_command(nm, scan_type, target, domain):
153153
if scan_type == '-sA':
154154
firewall_detect = nm.nmap_detect_firewall(target)
155155
return firewall_detect
156156

157157
elif scan_type == '-O':
158-
os_detect = nm.nmap_os_detection(target)
158+
os_detect = nm.nmap_os_detection(target)
159159
return os_detect
160160

161161
elif scan_type == '--top-ports':
162-
top_ports = nm.scan_top_ports(target)
162+
top_ports = nm.scan_top_ports(target)
163163
return top_ports
164-
164+
165165
elif scan_type == '20 -sZ':
166-
top_ports_sctp = nm.scan_top_ports(target)
166+
top_ports_sctp = nm.scan_top_ports(target)
167167
return top_ports_sctp
168168

169169
elif scan_type == '-script dns-brute':
170-
dns_brute = nm.nmap_dns_brute_script(domain)
170+
dns_brute = nm.nmap_dns_brute_script(domain)
171171
return dns_brute
172172

173173
elif scan_type == '-sL':
174-
hostslist = nm.nmap_list_scan(target)
174+
hostslist = nm.nmap_list_scan(target)
175175
return hostslist
176-
176+
177177
elif scan_type == '-p-':
178-
subnet_scan = nm.nmap_subnet_scan(target)
178+
subnet_scan = nm.nmap_subnet_scan(target)
179179
return subnet_scan
180180

181181
elif scan_type == '-sV':
182-
service_basic = nm.nmap_version_detection(target)
182+
service_basic = nm.nmap_version_detection(target)
183183
return service_basic
184-
184+
185185
elif scan_type == '-sX':
186-
service_xmas = nm.nmap_version_detection(target, args=scan_type)
186+
service_xmas = nm.nmap_version_detection(target, args=scan_type)
187187
return service_xmas
188188

189189
else:
@@ -192,46 +192,49 @@ def scan_command(nm, scan_type, target, domain):
192192

193193
def launch(target, domain, ports, templates):
194194
def tpl(i):
195-
template = {
196-
# OPTIONS FOR THE SCAN TECHNIQUE FUNCTION
197-
1:'-sF', # 'FIN scan'
198-
2:'-sI', # 'Idle scan'
199-
3:'-sS', # 'Default: TCP SYN scan'
200-
4:'-sP', # 'ping-only'
201-
5:'-sT', # 'TCP connect() scan'
202-
6:'-sU', # 'UDP scan'
203-
7:'-F', # 'Fast scan'
204-
205-
# OPTIONS FOR THE SCAN DISCOVERY FUNCTION
206-
8:'-Pn', # 'No ping scan'
207-
9:'-sn', # 'Liveness detection: no port scan'
208-
10:'-PR', # 'ARP scan: local network only'
209-
11:'-n', # 'Disable DNS resolution: reduces noise'
210-
12:'-O --osscan-guess', # 'Used with no ping: aggressive OS detection'
211-
13:'-A', # 'Used with no ping: Advanced detection: OS detection and Version detection, Script scanning and Traceroute'
212-
14:'-A -T2', # 'Used with no ping: Advanced detection: with stealth scan mode'
213-
15:'-A -v', # 'Used with no ping: Advanced detection: verbose'
214-
16:'-n -A', # 'Used with no ping: Advanced detection: scan with no DNS resolution'
215-
17:'-f -A', # 'Used with no ping: Advanced detection: combined with packet fragmentation'
216-
18:'-T4 -sV', # 'Used with no ping: Aggressive service detection'
217-
19:'-n -sV --version-intensity 3', # 'Used with no ping: Aggressive service detection: with version-intensity 3'
218-
20:'-n -V', # 'Used with no ping: Number version detection'
219-
21:'-O --osscan-guess -p ', # 'Used with no ping: OS detection with port selection'
220-
221-
# OPTIONS FOR THE SCAN COMMAND FUNCTION
222-
22:'-sX', # 'Basic service detection combined with Xmas scan'
223-
23:'-sA', # 'Firewall rule detection: ACK scan'
224-
24:'-O', # 'OS detection'
225-
25:'20 -sZ', # 'SCTP: Advanced silent scan for top20 ports'
226-
26:'--top-ports', # 'Top ports scan (1000 ports)'
227-
27:'-script dns-brute', # 'Dns-brute-script( to get subdomains )'
228-
28:'-sL', # 'List scan: lists each host on the network(s) specified, without sending any packets to the target hosts'
229-
29:'-p-', # 'Subnet scan'
230-
30:'-sV' # 'Basic service detection'
231-
}
232-
233-
return template.get(i)
234-
195+
template = {
196+
# OPTIONS FOR THE SCAN TECHNIQUE FUNCTION
197+
1: '-sF', # 'FIN scan'
198+
2: '-sI', # 'Idle scan'
199+
3: '-sS', # 'Default: TCP SYN scan'
200+
4: '-sP', # 'ping-only'
201+
5: '-sT', # 'TCP connect() scan'
202+
6: '-sU', # 'UDP scan'
203+
7: '-F', # 'Fast scan'
204+
205+
# OPTIONS FOR THE SCAN DISCOVERY FUNCTION
206+
8: '-Pn', # 'No ping scan'
207+
9: '-sn', # 'Liveness detection: no port scan'
208+
10: '-PR', # 'ARP scan: local network only'
209+
11: '-n', # 'Disable DNS resolution: reduces noise'
210+
12: '-O --osscan-guess', # 'Used with no ping: aggressive OS detection'
211+
13: '-A',
212+
# 'Used with no ping: Advanced detection: OS detection and Version detection, Script scanning and Traceroute'
213+
14: '-A -T2', # 'Used with no ping: Advanced detection: with stealth scan mode'
214+
15: '-A -v', # 'Used with no ping: Advanced detection: verbose'
215+
16: '-n -A', # 'Used with no ping: Advanced detection: scan with no DNS resolution'
216+
17: '-f -A', # 'Used with no ping: Advanced detection: combined with packet fragmentation'
217+
18: '-T4 -sV', # 'Used with no ping: Aggressive service detection'
218+
19: '-n -sV --version-intensity 3',
219+
# 'Used with no ping: Aggressive service detection: with version-intensity 3'
220+
20: '-n -V', # 'Used with no ping: Number version detection'
221+
21: '-O --osscan-guess -p ', # 'Used with no ping: OS detection with port selection'
222+
223+
# OPTIONS FOR THE SCAN COMMAND FUNCTION
224+
22: '-sX', # 'Basic service detection combined with Xmas scan'
225+
23: '-sA', # 'Firewall rule detection: ACK scan'
226+
24: '-O', # 'OS detection'
227+
25: '20 -sZ', # 'SCTP: Advanced silent scan for top20 ports'
228+
26: '--top-ports', # 'Top ports scan (1000 ports)'
229+
27: '-script dns-brute', # 'Dns-brute-script( to get subdomains )'
230+
28: '-sL',
231+
# 'List scan: lists each host on the network(s) specified, without sending any packets to the target hosts'
232+
29: '-p-', # 'Subnet scan'
233+
30: '-sV' # 'Basic service detection'
234+
}
235+
236+
return template.get(i)
237+
235238
# try:
236239
# nm = nmap3.Nmap()
237240

@@ -241,65 +244,71 @@ def tpl(i):
241244
# except:
242245
# print("Unexpected error:", sys.exc_info()[0])
243246
# sys.exit(1)
244-
245-
nm = nmap3.Nmap()
247+
248+
nm = nmap3.Nmap()
246249
nmt = nmap3.NmapScanTechniques()
247250
nmd = nmap3.NmapHostDiscovery()
248-
251+
249252
if templates or domain:
250253
if ports:
251-
# Not in the final code - just for debug
252-
choice = tpl(21) + str(ports)
253-
print("\n\nTrying option: ", choice)
254+
# Not in the final code - just for debug
255+
choice = tpl(21) + str(ports)
256+
print("\n\nTrying option: ", choice)
254257

255-
tpl = tpl(21)
256-
res = scan_discovery(nmd, tpl, target, ports)
258+
tpl = tpl(21)
259+
res = scan_discovery(nmd, tpl, target, ports)
257260

258-
# Print for debug
259-
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(), formatters.TerminalFormatter())
260-
print("\n\n", colored_json)
261+
# Print for debug
262+
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(),
263+
formatters.TerminalFormatter())
264+
print("\n\n", colored_json)
261265

262266
elif domain:
263-
tpl = tpl(27)
264-
res = scan_command(nm, tpl, None, domain)
265-
267+
tpl = tpl(27)
268+
res = scan_command(nm, tpl, None, domain)
269+
266270
# Print for debug
267-
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(), formatters.TerminalFormatter())
271+
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(),
272+
formatters.TerminalFormatter())
268273
print("\n\n", colored_json)
269-
274+
270275
else:
271-
tpl = tpl(templates)
276+
tpl = tpl(templates)
272277
print("\n\nTrying option: ", tpl)
273-
278+
274279
if templates <= 7:
275-
res = scan_techniques(nmt, tpl, target)
276-
280+
res = scan_techniques(nmt, tpl, target)
281+
277282
# Print for debug
278-
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(), formatters.TerminalFormatter())
283+
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(),
284+
formatters.TerminalFormatter())
279285
print("\n\n", colored_json)
280286

281287
elif templates in range(8, 22):
282-
res = scan_discovery(nmd, tpl, target, None)
288+
res = scan_discovery(nmd, tpl, target, None)
283289

284290
# Print for debug
285-
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(), formatters.TerminalFormatter())
291+
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(),
292+
formatters.TerminalFormatter())
286293
print("\n\n", colored_json)
287-
294+
288295
else:
289-
res = scan_command(nm, tpl, target, None)
296+
res = scan_command(nm, tpl, target, None)
290297

291298
# Print for debug
292-
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(), formatters.TerminalFormatter())
299+
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(),
300+
formatters.TerminalFormatter())
293301
print("\n\n", colored_json)
294-
302+
295303
else:
296-
tpl = tpl(3)
297-
res = scan_techniques(nmt, tpl, target)
304+
tpl = tpl(3)
305+
res = scan_techniques(nmt, tpl, target)
298306

299307
# Print for debug
300-
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(), formatters.TerminalFormatter())
308+
colored_json = highlight(json.dumps(res, indent=4, sort_keys=True), lexers.JsonLexer(),
309+
formatters.TerminalFormatter())
301310
print("No option was set\n\n", colored_json)
302311

303-
if __name__ == '__main__':
304312

313+
if __name__ == '__main__':
305314
launch("localhost", None, None, 24)

0 commit comments

Comments
 (0)