From 33f9feb1fe3d3b6f34bcb79acfe7eae8f108184c Mon Sep 17 00:00:00 2001 From: "Rayyan (Ray) Hodges" Date: Fri, 28 Mar 2025 15:00:02 +1100 Subject: [PATCH 1/5] Upload initial code --- Gelos80Sniff.py | 86 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 83 insertions(+), 3 deletions(-) diff --git a/Gelos80Sniff.py b/Gelos80Sniff.py index fe1804b..390a8f5 100644 --- a/Gelos80Sniff.py +++ b/Gelos80Sniff.py @@ -2,7 +2,87 @@ # rayyan.hodges@studytafensw.edu.au # This program is coded in Python and designed to scan the local network for any clients connected that have port 80 open. # If a machine is found to have port 80 open, proceed to use programs like GoBuster and dirb to check for hidden directories without proper security in place and exploit. -# Results are exported to a CSV file for convenience. +# Results are exported to a TXT file for convenience. + +# Import required python modules +import nmap +import subprocess +import os # integrate with operating system to make, manipulate and save the file. + +# Function to validate user specified IP range and check IP address connectivity +def validate_ip_range(ip_range): + print(f"Validating IP address range: {ip_range}") + scanner = nmap.PortScanner() + try: + scanner.scan(hosts=ip_range, arguments='-sn') # Ping scan to validate range + if scanner.all_hosts(): + print("IP address range is valid and reachable.") + return True + else: + print("No devices found. Please check the IP range.") + return False + except Exception as e: + print(f"Error validating IP range: {e}") + return False + +# Function to perform the network scan and identify open ports +def perform_scan(ip_range): + print(f"Starting network scan on {ip_range}...") + scanner = nmap.PortScanner() + scanner.scan(hosts=ip_range, arguments='-p 1-1024') + results = {} + for host in scanner.all_hosts(): + open_ports = scanner[host]['tcp'].keys() if 'tcp' in scanner[host] else [] + if open_ports: + results[host] = open_ports + print(f"Open ports on {host}: {open_ports}") + return results + +# Function to run Gobuster if port 80 is open +def run_gobuster(ip): + print(f"Running web enumeration on {ip} (port 80)...") + output_file = f"gobuster_results_{ip.replace('.', '_')}.txt" + command = f"gobuster dir -u http://{ip} -w /path/to/wordlist.txt -o {output_file}" + subprocess.run(command, shell=True) + print(f"Enumeration complete. Results saved to {output_file}.") + return output_file + +# Main function to handle the process +def main(): + while True: + ip_range = input("Enter the target IP address range (e.g., 192.168.1.0/24): ") + if validate_ip_range(ip_range): + break + else: + print("Invalid IP range or connectivity issue. Please try again.") + + # Perform network scan + scan_results = perform_scan(ip_range) + + # Check scan results + if not scan_results: + print("No devices found with open ports. Exiting.") + return + + # Check for open port 80 and run Gobuster + for ip, ports in scan_results.items(): + if 80 in ports: + output_file = run_gobuster(ip) + + # Offer to save results + choice = input("Do you want to save the Gobuster results? (yes/no): ").strip().lower() + if choice == "yes": + save_path = input("Enter the directory to save the results: ") + if os.path.isdir(save_path): + os.rename(output_file, os.path.join(save_path, output_file)) + print(f"Results saved to {os.path.join(save_path, output_file)}") + else: + print("Invalid directory. Results not saved.") + else: + print("Results not saved.") + + print("Process complete. Terminating.") + +if __name__ == "__main__": + main() -# Required modules to import -import csv From 6d24950a85ebb514cf00e52752329d034cbeed80 Mon Sep 17 00:00:00 2001 From: "Rayyan (Ray) Hodges" Date: Fri, 28 Mar 2025 15:11:05 +1100 Subject: [PATCH 2/5] Implement basic comment corrrections and implement a verbal list of each IP scanned within the network for debug --- Gelos80Sniff.py | 59 ++++++++++++++++++++++++++++++++++--------------- 1 file changed, 41 insertions(+), 18 deletions(-) diff --git a/Gelos80Sniff.py b/Gelos80Sniff.py index 390a8f5..b53d425 100644 --- a/Gelos80Sniff.py +++ b/Gelos80Sniff.py @@ -1,20 +1,30 @@ # © Rayyan Hodges, TAFE NSW, Gelos Enterprises, DataTrust 2025 # rayyan.hodges@studytafensw.edu.au # This program is coded in Python and designed to scan the local network for any clients connected that have port 80 open. -# If a machine is found to have port 80 open, proceed to use programs like GoBuster and dirb to check for hidden directories without proper security in place and exploit. +# If a machine is found to have port 80 open, it proceeds to use programs like GoBuster to check for hidden directories. # Results are exported to a TXT file for convenience. # Import required python modules -import nmap +import nmap # pip install python-nmap import subprocess -import os # integrate with operating system to make, manipulate and save the file. +import os # Integrates with the OS for file operations +import signal -# Function to validate user specified IP range and check IP address connectivity +# Timeout Exception Handling +class TimeoutException(Exception): + pass + + +def handler(signum, frame): + raise TimeoutException("Nmap scan timed out!") + + +# Function to validate user-specified IP range and check IP address connectivity def validate_ip_range(ip_range): print(f"Validating IP address range: {ip_range}") scanner = nmap.PortScanner() try: - scanner.scan(hosts=ip_range, arguments='-sn') # Ping scan to validate range + scanner.scan(hosts=ip_range, arguments='-sn') # Ping scan to validate the range if scanner.all_hosts(): print("IP address range is valid and reachable.") return True @@ -25,28 +35,41 @@ def validate_ip_range(ip_range): print(f"Error validating IP range: {e}") return False -# Function to perform the network scan and identify open ports + +# Function to perform the network scan and echo results IP by IP def perform_scan(ip_range): - print(f"Starting network scan on {ip_range}...") + print(f"Starting network scan on {ip_range}...\n") scanner = nmap.PortScanner() - scanner.scan(hosts=ip_range, arguments='-p 1-1024') - results = {} - for host in scanner.all_hosts(): - open_ports = scanner[host]['tcp'].keys() if 'tcp' in scanner[host] else [] - if open_ports: - results[host] = open_ports - print(f"Open ports on {host}: {open_ports}") - return results + try: + scanner.scan(hosts=ip_range, arguments='-p 1-1024') + results = {} + + for host in scanner.all_hosts(): + print(f"Scanning IP address: {host}") + open_ports = scanner[host]['tcp'].keys() if 'tcp' in scanner[host] else [] + if open_ports: + print(f" --> Open ports on {host}: {list(open_ports)}") + results[host] = open_ports + else: + print(f" --> No open ports found on {host}.") + + return results + + except Exception as e: + print(f"Error during network scan: {e}") + return {} + # Function to run Gobuster if port 80 is open def run_gobuster(ip): - print(f"Running web enumeration on {ip} (port 80)...") + print(f"\nRunning web enumeration on {ip} (port 80)...") output_file = f"gobuster_results_{ip.replace('.', '_')}.txt" command = f"gobuster dir -u http://{ip} -w /path/to/wordlist.txt -o {output_file}" subprocess.run(command, shell=True) print(f"Enumeration complete. Results saved to {output_file}.") return output_file + # Main function to handle the process def main(): while True: @@ -70,7 +93,7 @@ def main(): output_file = run_gobuster(ip) # Offer to save results - choice = input("Do you want to save the Gobuster results? (yes/no): ").strip().lower() + choice = input("\nDo you want to save the Gobuster results? (yes/no): ").strip().lower() if choice == "yes": save_path = input("Enter the directory to save the results: ") if os.path.isdir(save_path): @@ -83,6 +106,6 @@ def main(): print("Process complete. Terminating.") + if __name__ == "__main__": main() - From e75ce56da4a32ffdf980c13dfe71b9d4f78480db Mon Sep 17 00:00:00 2001 From: "Rayyan (Ray) Hodges" Date: Fri, 28 Mar 2025 15:26:26 +1100 Subject: [PATCH 3/5] Add code to ask user for wordlist. --- Gelos80Sniff.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/Gelos80Sniff.py b/Gelos80Sniff.py index b53d425..b916ab7 100644 --- a/Gelos80Sniff.py +++ b/Gelos80Sniff.py @@ -4,11 +4,9 @@ # If a machine is found to have port 80 open, it proceeds to use programs like GoBuster to check for hidden directories. # Results are exported to a TXT file for convenience. -# Import required python modules import nmap # pip install python-nmap import subprocess -import os # Integrates with the OS for file operations -import signal +import os # Timeout Exception Handling class TimeoutException(Exception): @@ -61,10 +59,10 @@ def perform_scan(ip_range): # Function to run Gobuster if port 80 is open -def run_gobuster(ip): +def run_gobuster(ip, wordlist): print(f"\nRunning web enumeration on {ip} (port 80)...") output_file = f"gobuster_results_{ip.replace('.', '_')}.txt" - command = f"gobuster dir -u http://{ip} -w /path/to/wordlist.txt -o {output_file}" + command = f"gobuster dir -u http://{ip} -w {wordlist} -o {output_file}" subprocess.run(command, shell=True) print(f"Enumeration complete. Results saved to {output_file}.") return output_file @@ -79,6 +77,12 @@ def main(): else: print("Invalid IP range or connectivity issue. Please try again.") + # Ask the user for the location of the Gobuster wordlist + wordlist_path = input("Enter the full path to your Gobuster wordlist (e.g., /usr/share/wordlists/common.txt): ") + if not os.path.isfile(wordlist_path): + print("Invalid wordlist path. Please check the path and try again.") + return + # Perform network scan scan_results = perform_scan(ip_range) @@ -90,7 +94,7 @@ def main(): # Check for open port 80 and run Gobuster for ip, ports in scan_results.items(): if 80 in ports: - output_file = run_gobuster(ip) + output_file = run_gobuster(ip, wordlist_path) # Offer to save results choice = input("\nDo you want to save the Gobuster results? (yes/no): ").strip().lower() From c26b3d77872a431ce371f368f2331e5cbab7a828 Mon Sep 17 00:00:00 2001 From: "Rayyan (Ray) Hodges" Date: Fri, 28 Mar 2025 15:29:01 +1100 Subject: [PATCH 4/5] Final little bit of comment ediitng --- Gelos80Sniff.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gelos80Sniff.py b/Gelos80Sniff.py index b916ab7..5bb26db 100644 --- a/Gelos80Sniff.py +++ b/Gelos80Sniff.py @@ -2,7 +2,7 @@ # rayyan.hodges@studytafensw.edu.au # This program is coded in Python and designed to scan the local network for any clients connected that have port 80 open. # If a machine is found to have port 80 open, it proceeds to use programs like GoBuster to check for hidden directories. -# Results are exported to a TXT file for convenience. +# Results are exported to a TXT file for convenience if the user so desires it. import nmap # pip install python-nmap import subprocess From d6816c6dcb7ba8905ff14301d0a99a19f5645bd8 Mon Sep 17 00:00:00 2001 From: "Rayyan (Ray) Hodges" Date: Fri, 28 Mar 2025 15:55:54 +1100 Subject: [PATCH 5/5] Refer to dirbuster common list --- Gelos80Sniff.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Gelos80Sniff.py b/Gelos80Sniff.py index 5bb26db..37f3e00 100644 --- a/Gelos80Sniff.py +++ b/Gelos80Sniff.py @@ -3,6 +3,8 @@ # This program is coded in Python and designed to scan the local network for any clients connected that have port 80 open. # If a machine is found to have port 80 open, it proceeds to use programs like GoBuster to check for hidden directories. # Results are exported to a TXT file for convenience if the user so desires it. +# Uses dirbuster common directory list found at: +# https://github.com/v0re/dirb/blob/master/wordlists/common.txt import nmap # pip install python-nmap import subprocess