-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathscanmonkey.py
More file actions
86 lines (62 loc) · 3.35 KB
/
scanmonkey.py
File metadata and controls
86 lines (62 loc) · 3.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/usr/bin/python
#Skiddemonkeys Copyright 2014 Russell Butturini and Joshua Tower
#This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <http://www.gnu.org/licenses/>.
from pymongo import MongoClient
import nmap
import time
from random import randint
from helperFunctions import openMDB
def scanHosts(runTime,dbIp,dbName,monkeyIq,monkeyLoc,monkeyId):
timeout = time.time() + 60 * runTime
while True:
time.sleep(1)
hostList = {} #reinit each time through loop to get new hosts from other clients possibly.
openPorts = [] #reinit each time through loop
if time.time() > timeout:
break
db = openMDB(dbIp,dbName)
if db is None:
print 'could not connect to db'
for host in db.targets.find({'location':monkeyLoc}):
#Start priority calculation
decisionCalc = ( int(monkeyIq) * int(host['value']) )/(db.actions.find({'ip' : host['ip'] }).count() + 1 ) + randint(1,10)
hostList.update( {host['ip'] : decisionCalc } )
#Find highest decision calculation
target = max(hostList,key=hostList.get)
start = time.ctime()
print 'Starting port scan of ' + target
nm = nmap.PortScanner()
if int(monkeyIq) == 0: #Almost as smart as Gregory Evans
nm.scan(target)
elif int(monkeyIq) == 1: #Level 1 monkeys aren't foiled by ICMP being blocked to the host
nm.scan(target,arguments='-P0 -A')
elif int(monkeyIq) == 2: #Level 2 monkeys run full connect scans to be a bit more stealthy
nm.scan(target,arguments='-P0 -sT -A')
elif int(monkeyIq) == 3: #Level 3 monkeys include decoy IPs in their scans
nm.scan(target,arguments='-P0,-sT,-A,-D4.2.2.2,8.8.8.8,172.1.2.4,3.4.2.1')
end = time.ctime()
print 'Scan monkey finished scan of ' + target + ' at ' + end
if len( nm.all_hosts() ) != 0:
for port in nm[nm.all_hosts()[0]]['tcp'].keys():
if nm[nm.all_hosts()[0]]['tcp'][port]['state'] == 'open':
openPorts.append(port)
if len(openPorts) != 0:
saveResults(nm.all_hosts()[0],openPorts,dbName,start,end,db,monkeyId,monkeyLoc)
print 'Monkey shift is over.'
return
def saveResults(target,openPorts,dbName,startTime,endTime,db,monkeyId,location):
data = {'ip':target,'ports':openPorts, 'location':location}
hosts = db.hosts
action = db.actions
if hosts.find({'ip' : target}).count() == 0: #If the IP already exists in the database skip recording duplicate data
hosts.insert(data)
action.insert({'action':'portscan','ip':target,'start':startTime,'end':endTime,'id':monkeyId}) #Record all monkey activity, even if it's already occurred (i.e.Same target gets hit more than once)