1
mirror of https://github.com/acidvegas/avoidr.git synced 2024-12-28 01:16:38 +00:00

Initial commit

This commit is contained in:
Dionysus 2023-07-14 19:35:37 -04:00
commit 2eb9fbcb95
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
7 changed files with 65056 additions and 0 deletions

BIN
.screens/preview.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 105 KiB

15
LICENSE Normal file
View File

@ -0,0 +1,15 @@
ISC License
Copyright (c) 2023, acidvegas <acid.vegas@acid.vegas>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

40
README.md Normal file
View File

@ -0,0 +1,40 @@
# avoidr
> masscan with exclusive exclusions
![](.screens/preview.png)
## Information
This is still a work in progress.
This is just a little side project I am working on that will search keywords in a database of **Autonomous System Numbers** *(ASN)*. The ASN is then turned into a list of its respective IP ranges that fall under it using the [BGP View API](https://bgpview.docs.apiary.io/).
Below is a list of queries we look for:
```python
['754th Electronic Systems Group', 'Air Force Systems Command', 'Army & Navy Building', 'Central Intelligence Agency', 'Defense Advanced Research Projects Agency',
'Department of Homeland Security', 'Department of Justice', 'Department of Transportation', 'DoD Network Information Center', 'Dod Joint Spectrum Center',
'FBI Criminal Justice Information Systems', 'Institute of Nuclear Power Operations, Inc', 'Merit Network Inc', 'NASA Ames Research Center', 'NASA Deep Space Network (DSN)',
'NASA Goddard Space Flight Center', 'Navy Federal Credit Union', 'Navy Network Information Center', 'Nuclear Science and Technology Organisation',
'Organization for Nuclear Research', 'Root Server Technical Operations', 'Securities & Exchange Commission', 'Securities And Exchange Commission', 'U. S. Air Force',
'U. S. Bureau of the Census', 'U. S. Department of Transportation', 'U.S. Department of Energy', 'USAISC', 'USDOE, NV Operations Office', 'United States Antarctic Program',
'United States Coast Guard', 'United States Geological Survey', 'United States Naval Institute', 'United States Nuclear Regulatory Commission',
'United States Patent and Trademark Office', 'United States Postal Service', 'Internet Exchange', 'Stock Exchange','Federal Emergency Management Agency','Federal Aviation Agency',
'Federal Energy Regulatory Commission','Federal Aviation Administration','Federal Deposit Insurance Corporation','Federal Reserve Board', 'National Aeronautics and Space Administration',
'US National Institute of Standards & Technology','Government Telecommunications and Informatics Services','U.S. Dept. of Commerce','U.S. Center For Disease Control and Prevention',
'U.S. Fish and Wildlife Service','Department of National Defence','U.S. Department of State','Bank of America','JPMorgan Chase & Co','Facebook Inc','Twitter Inc']
```
The ranges are all stored in a JSON file for easy parsing. Depending on what you are scanning for, this list can be altered to better suit your needs.
As it stands, there are *4,294,967,296* IPv4 addresses. After excluding reserved, private, & governement ranges, you can drop that number almost in half, thus speeding up your scan times.
## Todo
- distributed masscan using the masscan python library
- masscan exclude.conf output format *(with comments describing the ranges)*
- possibly find a database that contains all the prefixes behind an ASN *(bgpview heavily throttles and can only handle 1 ASN at a time)* *(for now a bad.json is generated to list empty ASN's)*
- Seperate queries by sectors *(Government, social media, financial institutons, schools, etc)*
___
###### Mirrors
[acid.vegas](https://git.acid.vegas/avoidr) • [GitHub](https://github.com/acidvegas/avoidr) • [GitLab](https://gitlab.com/acidvegas/avoidr) • [SuperNETs](https://git.supernets.org/acidvegas/avoidr)

64836
avoidr/asn.txt Normal file

File diff suppressed because it is too large Load Diff

154
avoidr/avoidr.py Normal file
View File

@ -0,0 +1,154 @@
#/usr/bin/env python
# avoidr (masscan with exclusive exclusions) - developed by acidvegas in python (https://git.acid.vegas/avoidr)
import ipaddress
import json
import os
import random
import urllib.request
#try:
# import masscan
#except ImportError:
# raise SystemExit('error: missing required \'python-masscan\' library (https://pypi.org/project/python-masscan/)')
reserved = {
'4' : {
'0.0.0.0/8' : '"This" network',
'10.0.0.0/8' : 'Private networks',
'100.64.0.0/10' : 'Carrier-grade NAT - RFC 6598',
'127.0.0.0/8' : 'Host loopback',
'169.254.0.0/16' : 'Link local',
'172.16.0.0/12' : 'Private networks',
'192.0.0.0/24' : 'IETF Protocol Assignments',
'192.0.0.0/29' : 'DS-Lite',
'192.0.0.170/32' : 'NAT64',
'192.0.0.171/32' : 'DNS64',
'192.0.2.0/24' : 'Documentation (TEST-NET-1)',
'192.31.196.0/24' : 'AS112-v4',
'192.52.193.0/24' : 'AMT',
'192.88.99.0/24' : '6to4 Relay Anycast',
'192.168.0.0/16' : 'Private networks',
'192.175.48.0/24' : 'AS112 Service',
'198.18.0.0/15' : 'Benchmarking',
'198.51.100.0/24' : 'Documentation (TEST-NET-2)',
'203.0.113.0/24' : 'Documentation (TEST-NET-3)',
'224.0.0.0/4' : 'IP Multicast',
'233.252.0.0/24' : 'MCAST-TEST-NET',
'240.0.0.0/4' : 'Reserved',
'255.255.255.255/32' : 'Limited Broadcast'
},
'6': {
'::/128' : 'Unspecified address',
'::1/128' : 'Loopback address',
'::ffff:0:0/96' : 'IPv4-mapped addresses',
'::ffff:0:0:0/96' : 'IPv4 translated addresses',
'64:ff9b::/96' : 'IPv4/IPv6 translation',
'64:ff9b:1::/48' : 'IPv4/IPv6 translation',
'100::/64' : 'Discard prefix',
'2001:0000::/32' : 'Teredo tunneling',
'2001:20::/28' : 'ORCHIDv2',
'2001:db8::/32' : 'Addresses used in documentation and example source code',
'2002::/16' : 'The 6to4 addressing scheme (deprecated)',
'fc00::/7' : 'Unique local address',
'fe80::/64' : 'Link-local address',
'ff00::/8' : 'Multicast address'
}
}
asn_queries = ['754th Electronic Systems Group', 'Air Force Systems Command', 'Army & Navy Building', 'Central Intelligence Agency', 'Defense Advanced Research Projects Agency',
'Department of Homeland Security', 'Department of Justice', 'Department of Transportation', 'DoD Network Information Center', 'Dod Joint Spectrum Center',
'FBI Criminal Justice Information Systems', 'Institute of Nuclear Power Operations, Inc', 'Merit Network Inc', 'NASA Ames Research Center', 'NASA Deep Space Network (DSN)',
'NASA Goddard Space Flight Center', 'Navy Federal Credit Union', 'Navy Network Information Center', 'Nuclear Science and Technology Organisation',
'Organization for Nuclear Research', 'Root Server Technical Operations', 'Securities & Exchange Commission', 'Securities And Exchange Commission', 'U. S. Air Force',
'U. S. Bureau of the Census', 'U. S. Department of Transportation', 'U.S. Department of Energy', 'USAISC', 'USDOE, NV Operations Office', 'United States Antarctic Program',
'United States Coast Guard', 'United States Geological Survey', 'United States Naval Institute', 'United States Nuclear Regulatory Commission',
'United States Patent and Trademark Office', 'United States Postal Service', 'Internet Exchange', 'Stock Exchange','Federal Emergency Management Agency','Federal Aviation Agency',
'Federal Energy Regulatory Commission','Federal Aviation Administration','Federal Deposit Insurance Corporation','Federal Reserve Board', 'National Aeronautics and Space Administration',
'US National Institute of Standards & Technology','Government Telecommunications and Informatics Services','U.S. Dept. of Commerce','U.S. Center For Disease Control and Prevention',
'U.S. Fish and Wildlife Service','Department of National Defence','U.S. Department of State','Bank of America','JPMorgan Chase & Co','Facebook Inc','Twitter Inc']
def ASNquery(asn):
head = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36'}
req = urllib.request.Request(f'https://api.bgpview.io/asn/{asn[2:]}', headers=head)
data = json.loads(urllib.request.urlopen(req).read())
return (data['data']['name'], data['data']['description_short'])
def ASNranges(asn, desc):
head = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36'}
req = urllib.request.Request(f'https://api.bgpview.io/asn/{asn[2:]}/prefixes', headers=head)
data = json.loads(urllib.request.urlopen(req).read())
ranges = dict()
for version in ('4','6'):
if pdata := [x['prefix'] for x in data['data'][f'ipv{version}_prefixes']]:
ranges[version] = pdata
return ranges
class Parser:
def microsoft_office():
urls = (
'https://endpoints.office.com/endpoints/USGOVDoD?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7',
'https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7',
'https://endpoints.office.com/endpoints/worldwide?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7',
'https://endpoints.office.com/endpoints/China?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7'
)
ranges = {'IPv4': list(), 'IPv6': list()}
for url in urls:
data = json.loads(urllib.request.urlopen(url).read())
all_ranges = [item for sublist in [item['ips'] for item in data if 'ips' in item] for item in sublist]
ranges['IPv4'] += [item for item in all_ranges if ':' not in item]
ranges['IPv6'] += [item for item in all_ranges if ':' in item]
return ranges
def google(): # NOTE: These are non-cloud ranges
data = json.loads(urllib.request.urlopen('https://www.gstatic.com/ipranges/goog.json').read().decode())
ranges = {'4': list(), '6': list()}
ranges['4'] += [item['ipv4Prefix'] for item in data['prefixes'] if 'ipv4Prefix' in item]
ranges['6'] += [item['ipv6Prefix'] for item in data['prefixes'] if 'ipv6Prefix' in item]
return ranges
# Main
bad_asn = json.loads(open('bad.json').read()) if os.path.isfile('bad.json') else dict()
asn_list = open('asn.txt').readlines()
bad_list = dict()
database = dict()
grand_total = {'4': 0, '6': 0}
for item in asn_list:
item = item.rstrip()
for query in asn_queries:
if query.lower() in item.lower():
asn = item.split()[0]
desc = item.split(' - ')[1] if ' - ' in item else ' '.join(item.split()[2:])
if asn in bad_asn:
print('Skippiing bad ASN... ('+asn+')')
else:
found = ASNranges(asn, desc)
if found:
for version in found:
total = 0
for ranges in found[version]:
total += ipaddress.ip_network(ranges).num_addresses
grand_total[version] += ipaddress.ip_network(ranges).num_addresses
print(f'Found \033[32m{len(found[version]):,}\033[0m IPv{version} ranges \033[1;30m({total:,})\033[0m on \033[93m{asn}\033[0m \033[1;30m({desc})\033[0m')
database[asn] = {'desc': desc, 'ranges': found}
else:
print(f'Found \033[1;31m0\033[0m IP ranges on \033[93m{asn}\033[0m \033[1;30m({desc})\033[0m')
bad_list[asn] = desc
database['reserved'] = {'4': reserved['4'],'6': reserved['6']}
for version in database['reserved']:
total = 0
for ranges in database['reserved'][version]:
total += ipaddress.ip_network(ranges).num_addresses
grand_total[version] += ipaddress.ip_network(ranges).num_addresses
print('Found \033[32m{0:,}\033[0m IPv{1} ranges \033[1;30m({2:,})\033[0m on \033[93mRESERVED\033[0m \033[1;30m({3})\033[0m'.format(len(database['reserved'][version]), version, total, database['reserved'][version][ranges]))
with open('db.json', 'w') as fp:
json.dump(database, fp)
with open('bad.json', 'w') as fp:
json.dump(bad_list, fp)
total_v4 = ipaddress.ip_network('0.0.0.0/0').num_addresses
total_v6 = ipaddress.ip_network('::/0').num_addresses
print('Total IPv4 Addresses : {0:,}'.format(total_v4))
print('Total IPv4 After Clean : {0:,}'.format(total_v4-grand_total['4']))
print('Total IPv6 Addresses : {0:,}'.format(total_v6))
print('Total IPv6 After Clean : {0:,}'.format(total_v6-grand_total['6']))
#mas = masscan.PortScanner() mas.scan('172.0.8.78/24', ports='22,80,8080', arguments='--max-rate 1000') print(mas.scan_result)

1
avoidr/db.json Normal file

File diff suppressed because one or more lines are too long

10
avoidr/search.py Normal file
View File

@ -0,0 +1,10 @@
#/usr/bin/env python
# avoidr (masscan with exclusive exclusions) - developed by acidvegas in python (https://git.acid.vegas/avoidr)
asn = open('asn.txt').readlines()
while True:
query = input('Search: ')
for i in asn:
if query.lower() in i.lower():
print(i.rstrip())