Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[request] check if a specific ipaddress belongs to a specific cidr. #4

Closed
dogasantos opened this issue Dec 28, 2020 · 9 comments
Closed

[request] check if a specific ipaddress belongs to a specific cidr. #4

dogasantos opened this issue Dec 28, 2020 · 9 comments
Assignees
@Mzack9999
Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed.

Comments

@dogasantos
Copy link

Hi guys,
first of all, thanks for this tool. I found it VERY useful.

I'm trying to lear Go by translating my python scripts to go and also improving dumb steps on my recon process.
With this in mind, I've identified a small step that can be translated to a go tool.

Here is some context:

I'm matching a domain-based recon against a ASN-based recon in order to filter which hosts are "hosted" inside an org.

In order to do that, I'm using mapcidr to expand each ipv4 prefix and save into a (500mb) file. The next step is to loop every single ip address found by dnsx/massdns and save all matches into a separated file. That "match" is done using grep, which is dumb and terrible.

My snippet

My snippet will loop each ipaddr found by dnsx, loop the prefixes, expand a single prefix at a time (might store on a slice or list to be faster in reuse). Then it should look if a specific ipaddress belongs to that prefix, if we have a match, just save that IP on a slice to handle it later.

Why I'm coming to you

This is a very useful feature that poses a critical step on my recon process and I believe it might help a lot of people.
My snippet won't be elegant, won't be the best way to do this, as I'm just taking my firsts steps into golang.
As this might be a simple update, would it be possible to add this feature in the core of mapcidr at some point in the future?

If you guys feel this won't be useful nor interesting enough, I'll understand.
Ty!
@ehsandeep ehsandeep added the Type: Discussion Some ideas need to be planned and disucssed to come to a strategy. label Dec 28, 2020
@ehsandeep
Copy link
Member

Hi @dogasantos,

Thank you for sharing feedback and insights on what you trying to do, just to make sure I get the idea that looks something like this:-

cat ips.txt | mapcidr -l cidr.txt

This will print only IPs from ips.txt that belongs to CIDR range cidr.txt? also, do you prefer to get value printed or boolean flag to print true or false? let me know if this is what are you looking for, if not can you please share some examples.

@dogasantos
Copy link
Author

dogasantos commented Dec 29, 2020
edited
Loading

Hi !
Thanks for your response!

I have a prefix.txt file with 1372 lines, each one is a CIDR. Some large, some small.
I also have a list of single ips (/32) that I would like to check if they belong to any of those CIDR prefixes.
As result, I should have a filtered list of ips that are directly related with the ASN.

cat ips.txt | mapcidr -l cidr.txt

This seems to be very close, although it will require a bash loop for each cidr right?
Also, ips.txt also needs to contain CIDR (I've tested here and I got a [FTL] invalid CIDR address: 192.168.1.1 as example)

I've created a small snippet you can find here:
https://github.com/dogasantos/prefixcheck

Once again, thanks guys!

@ehsandeep
Copy link
Member

ehsandeep commented Dec 29, 2020
edited
Loading

Hi @dogasantos,

Also, ips.txt also needs to contain CIDR (I've tested here and I got a [FTL] invalid CIDR address: 192.168.1.1 as example)

that's not supported yet, I was just sharing an example of how it will look like :D and thank you for sharing the project, I guess I got this right, so now we will discuss this and see if we can add support for this mapCIDR itself, for sure useful for cases like you mentioned.

cat ips.sample
200.200.200.200
192.168.2.2
192.168.2.99
192.168.70.33
192.168.1.240
192.168.240.1
10.0.0.22
10.0.1.33
10.0.90.9
172.16.45.1
172.16.43.1
172.16.47.1

cat cidr.sample 

192.168.1.0/24
10.0.0.0/24
172.16.0.0/17

./prefixcheck cidr.sample ips.sample

# Takes input of CIDR and IPs and prints IPs belongs to known CIDR only.

10.0.0.22
192.168.1.240
172.16.45.1
172.16.49.240
172.16.47.1
172.16.43.1

@dogasantos
Copy link
Author

Thank you @bauthard !
It would be fantastic!

@Mzack9999
Copy link
Member

On hold until #6 is merged (it adds in memory cidr support)

@Mzack9999 Mzack9999 self-assigned this Dec 29, 2020
@Mzack9999 Mzack9999 added the Status: Blocked There is some issue that needs to be resolved first. label Dec 29, 2020
@ehsandeep ehsandeep added Status: Available No one has claimed responsibility for resolving this issue and removed Status: Blocked There is some issue that needs to be resolved first. labels Dec 29, 2020
@Mzack9999 Mzack9999 linked a pull request Jan 7, 2021 that will close this issue
Feature ips list #8
Merged
@Mzack9999 Mzack9999 added Status: Review Needed The issue has a PR attached to it which needs to be reviewed and removed Status: Available No one has claimed responsibility for resolving this issue labels Jan 7, 2021
@ehsandeep ehsandeep removed a link to a pull request Feb 18, 2021
Feature ips list #8
Merged
@ehsandeep
Copy link
Member

ehsandeep commented Feb 18, 2021
edited
Loading

@dogasantos this support is added into mapCIDR dev branch with #8

Here is an example of how you can make use of this:-

# Prints IP belongs to input CIDRs

./mapcidr -ips ip-list.txt -l cidrs.txt

# Prints IP belongs to input CIDRs

cat cidrs.txt | ./mapcidr -ips ip-list.txt

@ehsandeep ehsandeep added Status: Completed Nothing further to be done with this issue. Awaiting to be closed. and removed Status: Review Needed The issue has a PR attached to it which needs to be reviewed Type: Discussion Some ideas need to be planned and disucssed to come to a strategy. labels Feb 18, 2021
@dogasantos
Copy link
Author

@ehsandeep
Fantastic!
Thanks for the update!

@ehsandeep ehsandeep mentioned this issue Jun 5, 2022
Closed
@ehsandeep
Copy link
Member

@dogasantos with the latest release, now we can look for both match and filter IPs from input and slight update in CLI flag as well, see https://github.com/projectdiscovery/mapcidr#match--filter-ips-from-cidr for the details.

@dogasantos
Copy link
Author

fantastic!
thank you @ehsandeep !!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Mzack9999 Mzack9999

Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dogasantos @ehsandeep @Mzack9999