Esempio n. 1
0
        /// <summary>
        ///
        /// </summary>
        public void GetServersFromIPs()
        {
            var lstDomains = new List <string>();

            if (!string.IsNullOrEmpty(Project.Domain))
            {
                lstDomains.Add(Project.Domain);
            }
            lstDomains.AddRange(Project.AlternativeDomains);

            var lstIPs = new ThreadSafeList <IPsItem>(Ips.Items.Where(IP => Project.Domain == "*" || relations.Items.Any(R => R.Ip.Ip == IP.Ip && lstDomains.Any(D => R.Domain.Domain.ToLower().EndsWith(D.ToLower())))));

            var po = new ParallelOptions();

            if (Program.cfgCurrent.ParallelDnsQueries != 0)
            {
                po.MaxDegreeOfParallelism = Program.cfgCurrent.ParallelDnsQueries;
            }
            Parallel.ForEach(lstIPs, ip =>
            {
                try
                {
                    ComputersItem ci;

                    if (computerIPs.Items.Any(C => C.Ip.Ip == ip.Ip))
                    {
                        ci = computerIPs.Items.First(C => C.Ip.Ip == ip.Ip).Computer;
                    }

                    else
                    {
                        if (computers.Items.Any(C => relations.Items.Where(R => R.Ip.Ip == ip.Ip).Select(D => D.Domain).Any(D => string.Equals(D.Domain, C.name, StringComparison.OrdinalIgnoreCase))))
                        {
                            ci      = computers.Items.First(C => relations.Items.Where(R => R.Ip.Ip == ip.Ip).Select(D => D.Domain).Any(D => string.Equals(D.Domain, C.name, StringComparison.OrdinalIgnoreCase)));
                            ci.name = string.Format("{0} [{1}]", ci.name, ip.Ip);
                            computerIPs.Items.Add(new ComputerIPsItem(ci, ip, ip.Source));
                        }

                        else
                        {
                            ci = new ComputersItem();
                            computers.Items.Add(ci);
                            ci.type = ComputersItem.Tipo.Server;
                            ci.os   = OperatingSystem.OS.Unknown;

                            var strFirstDomain = string.Empty;

                            try
                            {
                                strFirstDomain = relations.Items.First(R => R.Ip.Ip == ip.Ip && lstDomains.Any(D => R.Domain.Domain.ToLower().EndsWith(D.ToLower()))).Domain.Domain;
                            }
                            catch
                            {
                                strFirstDomain = "*";
                            }

                            ci.name = string.Format("{0} [{1}]", strFirstDomain, ip.Ip);

                            computerIPs.Items.Add(new ComputerIPsItem(ci, ip, ip.Source));
                        }
                    }

                    foreach (DomainsItem di in relations.Items.Where(R => R.Ip.Ip == ip.Ip).Select(D => D.Domain))
                    {
                        if (!computerDomains.Items.Any(C => C.Computer.name == ci.name && C.Domain.Domain == di.Domain))
                        {
                            computerDomains.Items.Add(new ComputerDomainsItem(ci, di, di.Source));
                        }

                        for (var fpI = 0; fpI < di.fingerPrinting.Count(); fpI++)
                        {
                            var fp = di.fingerPrinting[fpI];

                            if ((fp.os != OperatingSystem.OS.Unknown))
                            {
                                ci.os = fp.os;
                            }

                            foreach (var software in BannerAnalysis.GetSoftwareFromBanner(fp.Version).Where(software => !ci.Software.Items.Any(A => A.Name.ToLower() == software.ToLower())))
                            {
                                ci.Software.Items.Add(new ApplicationsItem(software, string.Format("{0} FingerPrinting Banner: {1}", di.Domain, fp.Version)));
                            }
                        }
                    }
                    if (ip.Information != null)
                    {
                        if (!string.IsNullOrEmpty(ip.Information.OS))
                        {
                            var os = OperatingSystemUtils.StringToOS(ip.Information.OS);

                            if (ci.os == OperatingSystem.OS.Unknown && os != OperatingSystem.OS.Unknown)
                            {
                                ci.os = os;
                            }
                        }

                        if (!string.IsNullOrEmpty(ip.Information.ServerBanner))
                        {
                            var os = OperatingSystemUtils.StringToOS(ip.Information.ServerBanner);
                            if (ci.os == OperatingSystem.OS.Unknown && os != OperatingSystem.OS.Unknown)
                            {
                                ci.os = os;
                            }

                            foreach (var software in BannerAnalysis.GetSoftwareFromBanner(ip.Information.ServerBanner).Where(software => !ci.Software.Items.Any(A => A.Name.ToLower() == software.ToLower())))
                            {
                                ci.Software.Items.Add(new ApplicationsItem(software, string.Format("{0} Shodan Banner: {1}", ip, ip.Information.ServerBanner)));
                            }
                        }
                    }
                }
                catch
                {
                }
            });
            OnChangeEvent(null);
        }
Esempio n. 2
0
        /// <summary>
        /// Add domain if this not exist in the list.
        /// </summary>
        /// <param name="domain"></param>
        /// <param name="source"></param>
        /// <param name="maxRecursion"></param>
        /// <param name="cfgCurrent"></param>
        public void AddDomain(string domain, string source, int maxRecursion, Configuration cfgCurrent)
        {
            domain = domain.Trim();

            if (domains.Items.Any(S => S.Domain.ToLower() == domain.ToLower()))
            {
                return;
            }

            var dItem = new DomainsItem(domain, source);

            domains.Items.Add(dItem);
#if PLUGINS
            Thread tPluginOnDomain = new Thread(new ParameterizedThreadStart(Program.data.plugins.OnNewDomain));
            tPluginOnDomain.IsBackground = true;
            object[] oDomain = new object[] { new object[] { domain } };
            tPluginOnDomain.Start(oDomain);
#endif
            var domainParts   = domain.Split('.');
            var currentdomain = domainParts[domainParts.Length - 1];

            for (var i = 2; i < domainParts.Length; i++)
            {
                currentdomain = domainParts[domainParts.Length - i] + "." + currentdomain;

                AddDomain(currentdomain, string.Format("{0} > Infered by {2} [{1}]", GetDomainSource(domain), currentdomain, domain), maxRecursion - 1, cfgCurrent);
            }

            if (maxRecursion <= 0)
            {
                OnChangeEvent(null);
                return;
            }

            //OnLog(null, new EventsThreads.ThreadStringEventArgs(string.Format("Resolving domain: {0}", domain)));

            var listIpsOfDomain = DNSUtil.GetHostAddresses(domain);

            if (listIpsOfDomain.Count == 0)
            {
                var computer = new ComputersItem();
                computer.type  = ComputersItem.Tipo.Server;
                computer.name  = domain;
                computer.NotOS = true;
                computer.os    = OperatingSystem.OS.Unknown;
                if (!computers.Items.Any(S => S.name == domain))
                {
                    computers.Items.Add(computer);
                }
            }

            foreach (var IP in listIpsOfDomain)
            {
                if (Program.data.IsMainDomainOrAlternative(domain))
                {
                    var limit = Program.data.GetLimitFromIp(IP.ToString());

                    if (limit == null)
                    {
                        Program.data.AddLimit(new Limits(IP.ToString()));
                    }
                    else
                    {
                        var lastOct = int.Parse(IP.ToString().Split(new char[] { '.' })[3]);

                        if (lastOct < limit.Lower)
                        {
                            limit.Lower = lastOct;
                        }
                        else if (lastOct > limit.Higher)
                        {
                            limit.Higher = lastOct;
                        }
                    }
                }

                AddResolution(domain, IP.ToString(), string.Format("{0} > DNS resolution [{1}]", GetDomainSource(domain), IP.ToString()), maxRecursion - 1, Program.cfgCurrent, false);
            }

            // Fingerprinting HTTP
            if (cfgCurrent.PassiveFingerPrintingHttp && cfgCurrent.FingerPrintingAllHttp)
            {
                if (NewDomainByHTTPServer != null)
                {
                    NewDomainByHTTPServer(dItem, null);
                }
            }
            else if ((cfgCurrent.PassiveFingerPrintingHttp) && (source.ToLower() == "documents search" || source.ToLower().Contains("websearch") || source.ToLower().Contains("bing ip search") || source.ToLower().Contains("technologyrecognition") || source.ToLower().Contains("fingerprinting") || source.ToLower().Contains("certificate fingerprinting")))
            {
                if (NewDomainByHTTPServer != null)
                {
                    NewDomainByHTTPServer(dItem, null);
                }
            }
            // Fingerprinting SMTP
            if (cfgCurrent.PasiveFingerPrintingSmtp && cfgCurrent.FingerPrintingAllSmtp)
            {
                if (NewDomainByMXServer != null)
                {
                    NewDomainByMXServer(dItem, null);
                }
            }

            else if ((cfgCurrent.PasiveFingerPrintingSmtp) && (source.ToLower().Contains("mx server")))
            {
                if (NewDomainByMXServer != null)
                {
                    NewDomainByMXServer(dItem, null);
                }
            }

            // Fingerprinting FTP
            if (cfgCurrent.FingerPrintingAllFtp)
            {
                if (NewDomainByFTPServer != null)
                {
                    NewDomainByFTPServer(dItem, null);
                }
            }

            OnChangeEvent(null);
        }
 private static void AddNew(ComputersItem item)
 {
     item.IdProject = Program.data.Project.Id;
     CurrentContextDb.Computers.Add(item);
 }
Esempio n. 4
0
 public ComputerIPsItem(ComputersItem computer, IPsItem ip, string source)
 {
     this.Computer = computer;
     this.Ip       = ip;
     this.Source   = source;
 }
Esempio n. 5
0
 public ComputerDomainsItem(ComputersItem computer, DomainsItem domain, string source)
 {
     this.Computer = computer;
     this.Domain   = domain;
     this.Source   = source;
 }