nmap scanning

[Ekultek]

• implements nmap scanning operations in autosploit, so you can scan form within the local framework
• fixes issue Unhandled Exception (bbb415614) #1163

Real life scanning example:

sudo python autosploit.py 

--+ Graffiti the world with exploits +--
--+             __   ____            +-- 
--+            / _\ / ___)           +--
--+           /    \\___ \           +--
--+           \_/\_/(____/           +--
--+            AutoSploit            +--
--+           NullArray/Eku          +--
--+              v(4.0)              +--
    
[+] welcome to autosploit, give us a little bit while we configure
[i] checking your running platform
[i] checking for disabled services
[i] checking if there are multiple exploit files
[+] total of 2 exploit files discovered for use, select one:
1. 'default_modules'
2. 'default_fuzzers'
root@autosploit# 1
[+] attempting to load API keys
[+] Shodan API token loaded from /Users/admin/bin/python/autosploit/etc/tokens/shodan.key
[+] Censys API token loaded from /Users/admin/bin/python/autosploit/etc/tokens/censys.key
[-] no arguments have been parsed at run time, dropping into terminal session. to get help type `help` to quit type `exit/quit` to get help on a specific command type `command help`
root@autosploit# nmap 10.0.1.23 -sV,--reason,-A,-vv,-T3,--dns-servers=1.1.1.1
[-] arguments that have a space in them most likely will not be processed correctly, (IE --dns-servers 1.1.1.1 will most likely cause issues)
[?] argument: '-vv' is not in the list of 'known' nmap arguments, do you want to use it anyways[y/N]: y
[?] argument: '-T3' is not in the list of 'known' nmap arguments, do you want to use it anyways[y/N]: y
[?] argument: '--dns-servers=1.1.1.1' is not in the list of 'known' nmap arguments, do you want to use it anyways[y/N]: y
[+] performing nmap scan on 10.0.1.23
[+] launching nmap scan against 10.0.1.23 (nmap -oX - 10.0.1.23 -sV --reason -A -vv -T3 --dns-servers=1.1.1.1)
[i] JSON data dumped to file: '/Users/admin/.autosploit_home/nmap_scans/json/10.0.1.23_FIKJNQtT.json'
------------------------------
{
    "status": {
        "state": "up", 
        "reason": "arp-response"
    }, 
    "uptime": {
        "seconds": "593322", 
        "lastboot": "Wed Aug 28 17:05:30 2019"
    }, 
    "addresses": {
        "mac": "6C:2B:59:84:35:A1", 
        "ipv4": "10.0.1.23"
    }, 
    "tcp": [
        {
            "product": "OpenSSH", 
            "state": "open", 
            "version": "7.4", 
            "name": "ssh", 
            "conf": "10", 
            "reason": "syn-ack", 
            "extrainfo": "protocol 2.0", 
            "port": "22", 
            "cpe": "cpe:/a:openbsd:openssh:7.4"
        }, 
       ...
    ], 
    "vendors": {}, 
    "hostnames": [
        {
            "hostname": null, 
            "host_type": null
        }
    ]
}
------------------------------
root@autosploit# nmap help

        Explanation:
        -----------
        Perform a nmap scan on a provided target, given that nmap is on your system.
        If nmap is not on your system, this will not work, you may also provide
        arguments known to nmap.

        Parameters:
        ----------
        :param target: the target to attack
        :param arguments: a string of arguments separated by a comma

        Command Format:
        --------------
        nmap[/mapper/mappy] TARGET [ARGUMENTS]

        Examples:
        --------
        nmap/mapper/mappy 10.0.1.1 -sV,--dns-servers 1.1.1.1,--reason,-A
        nmap 10.0.1.1/24
        
root@autosploit#