Initial commit

This commit is contained in:
Dionysus 2023-09-22 14:57:31 -04:00
commit 0edfcd5048
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
5 changed files with 143965 additions and 0 deletions

15
LICENSE Normal file
View File

@ -0,0 +1,15 @@
ISC License
Copyright (c) 2023, acidvegas <acid.vegas@acid.vegas>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

18
README.md Normal file
View File

@ -0,0 +1,18 @@
# massclude
## Information
This is a simple script that will generate an exclude.conf file for masscan that contains a set of IP ranges that are pointless to scan.
These include a private & reserved IP ranges, bogon IP ranges, and IP ranges that belong to root DNS servers, internet exchange points, & government agencies.
This removes over 1.5 billion ip addresses from the scan, thus making it much faster and raising less suspicion.
This repository is hosted on a VPS that updates every 6 hours with the latest IP ranges to exclude. (soon)
___
<h6 align="center">Mirrors</h1>
<p align="center">
<a href="https://git.acid.vegas/massclude">acid.vegas</a><a href="https://github.com/acidvegas/massclude">Github</a><a href="https://gitlab.com/acidvegas/massclude">Gitlab</a><a href="https://git.supernets.org/acidvegas/massclude">SuperNETs</a>
<br><br><a href="https://www.buymeacoffee.com/acidvegas"><img src="https://img.buymeacoffee.com/button-api/?text=Buy me a BEER&emoji=🍺&slug=acidvegas&button_colour=FFDD00&font_colour=000000&font_family=Bree&outline_colour=000000&coffee_colour=ffffff" /></a>
</p>

2275
exclude4.conf Normal file

File diff suppressed because it is too large Load Diff

141539
exclude6.conf Normal file

File diff suppressed because it is too large Load Diff

118
massclude.py Normal file
View File

@ -0,0 +1,118 @@
#!/usr/bin/env python3
# Massclude - developed by acidvegas in python (https://git.acid.vegas/massclude)
import argparse
import ipaddress
import json
import time
import urllib.request
def get_bogons(version):
'''Returns a list of bogon IP addresses from Team Cymru.'''
url = f'https://team-cymru.org/Services/Bogons/fullbogons-ipv{version}.txt'
return urllib.request.urlopen(url).read().decode().split('\n')[2:]
def get_ixps(version):
'''Returns a list of IXP IP addresses from CAIDA.'''
latest = time.strftime('%Y%m')
try:
data = urllib.request.urlopen(f'https://publicdata.caida.org/datasets/ixps/ixs_{latest}.jsonl').read().decode()
except:
latest = str(int(time.strftime('%Y%m'))-1)
data = urllib.request.urlopen(f'https://publicdata.caida.org/datasets/ixps/ixs_{latest}.jsonl').read().decode()
decoder = json.JSONDecoder()
objects = []
for line in data.split('\n'):
if len(line) > 0 and line[0][0] != "#":
objects.append(decoder.decode(line))
json_data = json.loads(json.dumps(objects))
return [ip for item in json_data if item['prefixes']['ipv'+version] for ip in item['prefixes']['ipv'+version]]
def generate_list():
return {
'bogons' : {
'4': sorted(get_bogons('4')),
'6': sorted(get_bogons('6'))
},
'dns_root_servers' : {
'4': [
'198.41.0.4', # a.root-servers.net Verisign, Inc.
'199.9.14.201', # b.root-servers.net University of Southern California, Information Sciences Institute
'192.33.4.12', # c.root-servers.net Cogent Communications
'199.7.91.13', # d.root-servers.net University of Maryland
'192.203.230.10', # e.root-servers.net NASA (Ames Research Center)
'192.5.5.241', # f.root-servers.net Internet Systems Consortium, Inc.
'192.112.36.4', # g.root-servers.net US Department of Defense (NIC)
'198.97.190.53', # h.root-servers.net US Army (Research Lab)
'192.36.148.17', # i.root-servers.net Netnod
'192.58.128.30', # j.root-servers.net Verisign, Inc.
'193.0.14.129', # k.root-servers.net RIPE NCC
'199.7.83.42', # l.root-servers.net ICANN
'202.12.27.33' # m.root-servers.net WIDE Project
],
'6': [
'2001:503:ba3e::2:30', # a.root-servers.net Verisign, Inc.
'2001:500:200::b', # b.root-servers.net University of Southern California, Information Sciences Institute
'2001:500:2::c', # c.root-servers.net Cogent Communications
'2001:500:2d::d', # d.root-servers.net University of Maryland
'2001:500:a8::e', # e.root-servers.net NASA (Ames Research Center)
'2001:500:2f::f', # f.root-servers.net Internet Systems Consortium, Inc.
'2001:500:12::d0d', # g.root-servers.net US Department of Defense (NIC)
'2001:500:1::53', # h.root-servers.net US Army (Research Lab)
'2001:7fe::53', # i.root-servers.net Netnod
'2001:503:c27::2:30', # j.root-servers.net Verisign, Inc.
'2001:7fd::1', # k.root-servers.net RIPE NCC
'2001:500:9f::42', # l.root-servers.net ICANN
'2001:dc3::35' # m.root-servers.net WIDE Project
]
},
'government': {
'4': [
'6.0.0.0/8', # Army Information Systems Center
'7.0.0.0/8', # DoD Network Information Center
'11.0.0.0/8', # DoD Intel Information Systems
'21.0.0.0/8', # DDN-RVN
'22.0.0.0/8', # Defense Information Systems Agency
'26.0.0.0/8', # Defense Information Systems Agency
'28.0.0.0/8', # DSI-North
'29.0.0.0/8', # Defense Information Systems Agency
'30.0.0.0/8', # Defense Information Systems Agency
'33.0.0.0/8', # DLA Systems Automation Center
'55.0.0.0/8', # DoD Network Information Center
'205.0.0.0/8', # US-DOD
'214.0.0.0/8', # US-DOD
'215.0.0.0/8' # US-DOD
]
},
'ixps' : {
'4': sorted(get_ixps('4')),
'6': sorted(get_ixps('6'))
}
}
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='Generate an exclude.conf file based on IP version.')
parser.add_argument('ip_version', choices=['4', '6'], help='IP version (either 4 or 6)')
args = parser.parse_args()
o_total = ipaddress.ip_network('0.0.0.0/0' if args.ip_version == '4' else '::/0').num_addresses
total = o_total
donotscan = generate_list()
with open(f'exclude{args.ip_version}.conf', 'w') as file:
for option in donotscan:
if args.ip_version in donotscan[option]:
file.write(f'\n# Excludes from {option}\n')
for ip in donotscan[option][args.ip_version]:
try:
r_total = ipaddress.ip_network(ip).num_addresses
file.write(ip+'\n')
total -= r_total
except:
file.write(f"# Invalid IP/range from {option}\n{ip}\n")
print(f'Total IP Addresses : {o_total:,}')
print(f'Total After Clean : {total:,}')