This repository has been archived by the owner on Aug 12, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
/
scan-endpoints.py
executable file
·101 lines (74 loc) · 2.68 KB
/
scan-endpoints.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
#!/usr/bin/env python3
import click
import logging
import requests
import zign.api
from clickclick import secho
from queue import Queue
from threading import Thread
TIMEOUT = 10 # seconds
class Worker(Thread):
"""Thread executing tasks from a given tasks queue"""
def __init__(self, tasks):
Thread.__init__(self)
self.tasks = tasks
self.daemon = True
self.start()
def run(self):
while True:
func, args, kargs = self.tasks.get()
try:
func(*args, **kargs)
except Exception as e:
logging.exception('Exception in %s(%s, %s): %s', func, args, kargs, e)
self.tasks.task_done()
class ThreadPool:
"""Pool of threads consuming tasks from a queue"""
def __init__(self, num_threads):
self.num_tasks = 0
self.tasks = Queue(num_threads)
for _ in range(num_threads):
Worker(self.tasks)
def add_task(self, func, *args, **kargs):
"""Add a task to the queue"""
self.tasks.put((func, args, kargs))
self.num_tasks += 1
def wait_completion(self):
"""Wait for completion of all the tasks in the queue"""
self.tasks.join()
SSL_PORTS = set([443, 8443])
def check_endpoint(account, endpoint, port, show_public_only):
if port in SSL_PORTS:
scheme = 'https'
else:
scheme = 'http'
url = '{}://{}:{}/'.format(scheme, endpoint.split('/')[-1], port)
try:
r = requests.get(url, timeout=5, verify=False)
do_print = True
if r.status_code == 401:
style = {'fg': 'green', 'bold': True}
if show_public_only:
do_print = False
else:
style = {'fg': 'yellow', 'bold': True}
if do_print:
secho('{} {} {} {}'.format(account, url, r.status_code, r.text.strip().replace('\n', ' ')[:40]), **style)
except Exception as e:
if not show_public_only:
secho('{} {} {}'.format(account, url, str(e)[:40]))
requests.packages.urllib3.disable_warnings()
@click.command()
@click.argument('url')
@click.option('--show-public-only', is_flag=True)
def scan_endpoints(url, show_public_only):
access_token = zign.api.get_token('connection-tracker', ['uid'])
r = requests.get(url + '/endpoints', headers={'Authorization': 'Bearer {}'.format(access_token)})
data = r.json()
pool = ThreadPool(32)
for account, public_endpoints in sorted(data.items()):
for endpoint in public_endpoints:
pool.add_task(check_endpoint, account, endpoint['dest'], endpoint['dest_port'], show_public_only)
pool.wait_completion()
if __name__ == '__main__':
scan_endpoints()