ip4scout

package module

v1.0.0-beta.2 Latest Latest Go to latest Published: Jun 1, 2021 License: MIT Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

IP4scout

IP4scout was born from the need of having a real-time feed of open ports. Instead of scanning Internet in one shot, it takes a ports list and probe random hosts at a predefined rate.

Scanning at 5kps for 10 ports, statistically has an average of 2 weeks between 2 hosts.

Leaks are random, so is this!

ip4scout Output

Features

SYN/ACK scanning
Blacklist support
Low memory/CPU footprint
Rate limiting

Usage

ip4scout random -h

Displays help for the random command (only implementation atm)

Flag	Description	Example
--blacklist-file	Loads a list of network (CIDR format) from a file	ip4scout random --blacklist-file=blacklist.txt
--source-port	Use this port a source for the SYN packets	ip4scout random --source-port=12345
--ports	List of ports to randomly send SYN packets to	ip4scout random --port=21,23,443
--rate-limit	Maximum number of packet per seconds	ip4scout random --rate-limit=1000
--disable-recommended	Disable ip4scout's built-in list of non-recommended networks	ipscout random --disable-recommended

Installation Instructions

From Binary

libpcap is required to run this software, check your distribution's package manager.

The installation is easy. You can download the pre-built binaries for your platform from the Releases page.

▶ apt-get install -y libpcap0.8
▶ chmod +x ip4scout-linux-64
▶ mv ip4scout-linux-64 /usr/local/bin/ip4scout

From Source

You're going to need libpcap's headers and go1.14+ to built ip4scout.

▶ apt-get install -y libpcap-dev
▶ GO111MODULE=on go get -u -v github.com/LeakIX/ip4scout/cmd/ip4scout
▶ ${GOPATH}/bin/ip4scout random -h

Running ip4scout

▶ ip4scout random -p 3304-3308,9200-9210 -r 10000 -b blacklist.txt

Handling output

ip4scout speaks l9format which is a JSON schema targeted at network recon.

l9filter allows translation between this format and plenty others.

Human output

▶ ip4scout random --ports=3306,9200,6379|tee results.json|l9filter transform -i l9 -o human

Will display human-readable results on stdout while saving the scan results to results.json

Hostport output

▶ ip4scout random -p 3304-3308,9200-9210|tee results.json|l9filter transform -i l9 -o hostport

Will display host:port results on stdout while saving the scan results to results.json

Documentation ¶

Index ¶

Variables
func ParsePortsList(data string) (portList []layers.TCPPort, err error)
type RandomCommand

Constants ¶

This section is empty.

Variables ¶

View Source

var IPBlacklist = []*net.IPNet{
	{
		IP:   net.IP{127, 0, 0, 0},
		Mask: net.IPMask{255, 0, 0, 0},
	},
	{
		IP:   net.IP{0, 0, 0, 0},
		Mask: net.IPMask{255, 0, 0, 0},
	},
	{
		IP:   net.IP{192, 168, 0, 0},
		Mask: net.IPMask{255, 255, 0, 0},
	},
	{
		IP:   net.IP{10, 0, 0, 0},
		Mask: net.IPMask{255, 0, 0, 0},
	},
	{
		IP:   net.IP{172, 16, 0, 0},
		Mask: net.IPMask{255, 240, 0, 0},
	},
	{
		IP:   net.IP{100, 64, 0, 0},
		Mask: net.IPMask{255, 192, 0, 0},
	},
	{
		IP:   net.IP{224, 0, 0, 0},
		Mask: net.IPMask{224, 0, 0, 0},
	},
}

Functions ¶

func ParsePortsList ¶

func ParsePortsList(data string) (portList []layers.TCPPort, err error)

CREDIT MENTION : to https://github.com/projectdiscovery/naabu/blob/master/v2/pkg/runner/ports.go#L173

Types ¶

type RandomCommand ¶

type RandomCommand struct {
	BlacklistFile      *os.File       `help:"Blacklist file, in CIDR form" short:"b" type:"existingFile"`
	SourcePort         layers.TCPPort `help:"Source port, default is random" default:"0" short:"s"`
	Ports              string         `help:"list of target ports" short:"p"`
	RateLimit          int            `help:"Max pps" short:"r" default:"1000"`
	DisableRecommended bool           `help:"Disable the recommended blacklist" short:"d"`
	// contains filtered or unexported fields
}

func (*RandomCommand) AddBLockToBlacklist ¶

func (cmd *RandomCommand) AddBLockToBlacklist(network string)

func (*RandomCommand) IsIpPublic ¶

func (cmd *RandomCommand) IsIpPublic(ip net.IP) bool

func (*RandomCommand) ListenForAck ¶

func (cmd *RandomCommand) ListenForAck(handle *pcap.Handle)

I just listen for SYN/ACK on port 16655 and print things

func (*RandomCommand) RandomPublicIp ¶

func (cmd *RandomCommand) RandomPublicIp() net.IP

func (*RandomCommand) Run ¶

func (cmd *RandomCommand) Run() (err error)

func (*RandomCommand) SendPacket ¶

func (cmd *RandomCommand) SendPacket(handle *pcap.Handle, iface *net.Interface, src net.IP, gwMac net.HardwareAddr, ip net.IP, dport layers.TCPPort)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
ip4scout

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL