/// <summary>
///
/// </summary>
public void GetServersFromIPs()
{
var lstDomains = new List <string>();
if (!string.IsNullOrEmpty(Project.Domain))
{
lstDomains.Add(Project.Domain);
}
lstDomains.AddRange(Project.AlternativeDomains);
var lstIPs = new ThreadSafeList <IPsItem>(Ips.Items.Where(IP => Project.Domain == "*" || relations.Items.Any(R => R.Ip.Ip == IP.Ip && lstDomains.Any(D => R.Domain.Domain.ToLower().EndsWith(D.ToLower())))));
var po = new ParallelOptions();
if (Program.cfgCurrent.ParallelDnsQueries != 0)
{
po.MaxDegreeOfParallelism = Program.cfgCurrent.ParallelDnsQueries;
}
Parallel.ForEach(lstIPs, ip =>
{
try
{
ComputersItem ci;
if (computerIPs.Items.Any(C => C.Ip.Ip == ip.Ip))
{
ci = computerIPs.Items.First(C => C.Ip.Ip == ip.Ip).Computer;
}
else
{
if (computers.Items.Any(C => relations.Items.Where(R => R.Ip.Ip == ip.Ip).Select(D => D.Domain).Any(D => string.Equals(D.Domain, C.name, StringComparison.OrdinalIgnoreCase))))
{
ci = computers.Items.First(C => relations.Items.Where(R => R.Ip.Ip == ip.Ip).Select(D => D.Domain).Any(D => string.Equals(D.Domain, C.name, StringComparison.OrdinalIgnoreCase)));
ci.name = string.Format("{0} [{1}]", ci.name, ip.Ip);
computerIPs.Items.Add(new ComputerIPsItem(ci, ip, ip.Source));
}
else
{
ci = new ComputersItem();
computers.Items.Add(ci);
ci.type = ComputersItem.Tipo.Server;
ci.os = OperatingSystem.OS.Unknown;
var strFirstDomain = string.Empty;
try
{
strFirstDomain = relations.Items.First(R => R.Ip.Ip == ip.Ip && lstDomains.Any(D => R.Domain.Domain.ToLower().EndsWith(D.ToLower()))).Domain.Domain;
}
catch
{
strFirstDomain = "*";
}
ci.name = string.Format("{0} [{1}]", strFirstDomain, ip.Ip);
computerIPs.Items.Add(new ComputerIPsItem(ci, ip, ip.Source));
}
}
foreach (DomainsItem di in relations.Items.Where(R => R.Ip.Ip == ip.Ip).Select(D => D.Domain))
{
if (!computerDomains.Items.Any(C => C.Computer.name == ci.name && C.Domain.Domain == di.Domain))
{
computerDomains.Items.Add(new ComputerDomainsItem(ci, di, di.Source));
}
for (var fpI = 0; fpI < di.fingerPrinting.Count(); fpI++)
{
var fp = di.fingerPrinting[fpI];
if ((fp.os != OperatingSystem.OS.Unknown))
{
ci.os = fp.os;
}
foreach (var software in BannerAnalysis.GetSoftwareFromBanner(fp.Version).Where(software => !ci.Software.Items.Any(A => A.Name.ToLower() == software.ToLower())))
{
ci.Software.Items.Add(new ApplicationsItem(software, string.Format("{0} FingerPrinting Banner: {1}", di.Domain, fp.Version)));
}
}
}
if (ip.Information != null)
{
if (!string.IsNullOrEmpty(ip.Information.OS))
{
var os = OperatingSystemUtils.StringToOS(ip.Information.OS);
if (ci.os == OperatingSystem.OS.Unknown && os != OperatingSystem.OS.Unknown)
{
ci.os = os;
}
}
if (!string.IsNullOrEmpty(ip.Information.ServerBanner))
{
var os = OperatingSystemUtils.StringToOS(ip.Information.ServerBanner);
if (ci.os == OperatingSystem.OS.Unknown && os != OperatingSystem.OS.Unknown)
{
ci.os = os;
}
foreach (var software in BannerAnalysis.GetSoftwareFromBanner(ip.Information.ServerBanner).Where(software => !ci.Software.Items.Any(A => A.Name.ToLower() == software.ToLower())))
{
ci.Software.Items.Add(new ApplicationsItem(software, string.Format("{0} Shodan Banner: {1}", ip, ip.Information.ServerBanner)));
}
}
}
}
catch
{
}
});
OnChangeEvent(null);
}
/// <summary>
/// Add domain if this not exist in the list.
/// </summary>
/// <param name="domain"></param>
/// <param name="source"></param>
/// <param name="maxRecursion"></param>
/// <param name="cfgCurrent"></param>
public void AddDomain(string domain, string source, int maxRecursion, Configuration cfgCurrent)
{
domain = domain.Trim();
if (domains.Items.Any(S => S.Domain.ToLower() == domain.ToLower()))
{
return;
}
var dItem = new DomainsItem(domain, source);
domains.Items.Add(dItem);
#if PLUGINS
Thread tPluginOnDomain = new Thread(new ParameterizedThreadStart(Program.data.plugins.OnNewDomain));
tPluginOnDomain.IsBackground = true;
object[] oDomain = new object[] { new object[] { domain } };
tPluginOnDomain.Start(oDomain);
#endif
var domainParts = domain.Split('.');
var currentdomain = domainParts[domainParts.Length - 1];
for (var i = 2; i < domainParts.Length; i++)
{
currentdomain = domainParts[domainParts.Length - i] + "." + currentdomain;
AddDomain(currentdomain, string.Format("{0} > Infered by {2} [{1}]", GetDomainSource(domain), currentdomain, domain), maxRecursion - 1, cfgCurrent);
}
if (maxRecursion <= 0)
{
OnChangeEvent(null);
return;
}
//OnLog(null, new EventsThreads.ThreadStringEventArgs(string.Format("Resolving domain: {0}", domain)));
var listIpsOfDomain = DNSUtil.GetHostAddresses(domain);
if (listIpsOfDomain.Count == 0)
{
var computer = new ComputersItem();
computer.type = ComputersItem.Tipo.Server;
computer.name = domain;
computer.NotOS = true;
computer.os = OperatingSystem.OS.Unknown;
if (!computers.Items.Any(S => S.name == domain))
{
computers.Items.Add(computer);
}
}
foreach (var IP in listIpsOfDomain)
{
if (Program.data.IsMainDomainOrAlternative(domain))
{
var limit = Program.data.GetLimitFromIp(IP.ToString());
if (limit == null)
{
Program.data.AddLimit(new Limits(IP.ToString()));
}
else
{
var lastOct = int.Parse(IP.ToString().Split(new char[] { '.' })[3]);
if (lastOct < limit.Lower)
{
limit.Lower = lastOct;
}
else if (lastOct > limit.Higher)
{
limit.Higher = lastOct;
}
}
}
AddResolution(domain, IP.ToString(), string.Format("{0} > DNS resolution [{1}]", GetDomainSource(domain), IP.ToString()), maxRecursion - 1, Program.cfgCurrent, false);
}
// Fingerprinting HTTP
if (cfgCurrent.PassiveFingerPrintingHttp && cfgCurrent.FingerPrintingAllHttp)
{
if (NewDomainByHTTPServer != null)
{
NewDomainByHTTPServer(dItem, null);
}
}
else if ((cfgCurrent.PassiveFingerPrintingHttp) && (source.ToLower() == "documents search" || source.ToLower().Contains("websearch") || source.ToLower().Contains("bing ip search") || source.ToLower().Contains("technologyrecognition") || source.ToLower().Contains("fingerprinting") || source.ToLower().Contains("certificate fingerprinting")))
{
if (NewDomainByHTTPServer != null)
{
NewDomainByHTTPServer(dItem, null);
}
}
// Fingerprinting SMTP
if (cfgCurrent.PasiveFingerPrintingSmtp && cfgCurrent.FingerPrintingAllSmtp)
{
if (NewDomainByMXServer != null)
{
NewDomainByMXServer(dItem, null);
}
}
else if ((cfgCurrent.PasiveFingerPrintingSmtp) && (source.ToLower().Contains("mx server")))
{
if (NewDomainByMXServer != null)
{
NewDomainByMXServer(dItem, null);
}
}
// Fingerprinting FTP
if (cfgCurrent.FingerPrintingAllFtp)
{
if (NewDomainByFTPServer != null)
{
NewDomainByFTPServer(dItem, null);
}
}
OnChangeEvent(null);
}
private static void AddNew(ComputersItem item)
{
item.IdProject = Program.data.Project.Id;
CurrentContextDb.Computers.Add(item);
}
public ComputerIPsItem(ComputersItem computer, IPsItem ip, string source)
{
this.Computer = computer;
this.Ip = ip;
this.Source = source;
}
public ComputerDomainsItem(ComputersItem computer, DomainsItem domain, string source)
{
this.Computer = computer;
this.Domain = domain;
this.Source = source;
}
