Merge pull request #63 from ivre/enh-ip-from-cmd

Add option for list of IP addresses to bind in CLI
2025-10-02 14:48:22 +00:00 · 2022-09-19 10:05:01 +02:00 · 2022-09-19 10:05:01 +02:00 · 4df3d17626
commit 4df3d17626
parent 851a418add 26eeb73db7
4 changed files with 75 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -83,6 +83,25 @@ The pcaps can then be analyzed using [zeek](https://zeek.org/) and the output fi

 A documentation on how to deploy an instance of **masscanned** on a VPS is coming (see [Issue #2](https://github.com/ivre/masscanned/issues/2)).

+### Supported options
+
+```
+Network responder - answer them all 0.2.0
+Network answering machine for various network protocols (L2-L3-L4 + applications)
+
+USAGE:
+    masscanned [OPTIONS] --iface <iface>
+
+OPTIONS:
+    -h, --help                     Print help information
+    -i, --iface <iface>            the interface to use for receiving/sending packets
+        --ip-addr <iplist>         Inline list of IP addresses to impersonate, comma-separated
+        --ip-addr-file <ipfile>    File with the list of IP addresses to impersonate
+    -m, --mac-addr <mac>           MAC address to use in the response packets
+    -v                             Increase message verbosity
+    -V, --version                  Print version information
+```
+
 ## Supported protocols - details

 ### Layer 2
--- a/src/masscanned.rs
+++ b/src/masscanned.rs
@ -116,18 +116,23 @@ fn main() {
        )
        .arg(
            Arg::new("mac")
-                .short('a')
+                .short('m')
                .long("mac-addr")
                .help("MAC address to use in the response packets")
                .takes_value(true),
        )
        .arg(
-            Arg::new("ip")
-                .short('f')
+            Arg::new("ipfile")
                .long("ip-addr-file")
                .help("File with the list of IP addresses to impersonate")
                .takes_value(true),
        )
+        .arg(
+            Arg::new("iplist")
+                .long("ip-addr")
+                .help("Inline list of IP addresses to impersonate, comma-separated")
+                .takes_value(true),
+        )
        .arg(
            Arg::new("verbosity")
                .short('v')
@ -173,7 +178,7 @@ fn main() {
    };
    /* Parse ip address file specified */
    /* FIXME: .and_then(|path| File::open(path).map(|file| )).unwrap_or_default() ? */
-    let ip_list = if let Some(ref path) = args.value_of("ip") {
+    let mut ip_list = if let Some(ref path) = args.value_of("ipfile") {
        if let Ok(file) = File::open(path) {
            info!("parsing ip address file: {}", &path);
            file.extract_ip_addresses_only(None)
@ -183,9 +188,17 @@ fn main() {
    } else {
        HashSet::new()
    };
+    if let Some(ip_inline_list) = args.value_of("iplist") {
+        ip_list.extend(ip_inline_list.extract_ip_addresses_only(None));
+    }
    let ip_addresses = if !ip_list.is_empty() {
+        for ip in &ip_list {
+            info!("binding........{}", ip);
+        }
        Some(&ip_list)
    } else {
+        info!("binding........0.0.0.0");
+        info!("binding........::");
        None
    };
    let mut masscanned = Masscanned {
--- a/src/utils/parsers.rs
+++ b/src/utils/parsers.rs
@ -134,6 +134,43 @@ impl IpAddrParser for File {
    }
 }

+/* Parse IP addresses from a comma-separated list in a string */
+impl IpAddrParser for &str {
+    fn extract_ip_addresses_with_count(
+        self,
+        _blacklist: Option<HashSet<IpAddr>>,
+    ) -> HashMap<IpAddr, u32> {
+        panic!("not implemented");
+    }
+
+    fn extract_ip_addresses_only(self, blacklist: Option<HashSet<IpAddr>>) -> HashSet<IpAddr> {
+        let mut ip_addresses = HashSet::new();
+        for line in self.split(",") {
+            /* Should never occur */
+            if line.is_empty() {
+                warn!("cannot parse line: {}", line);
+                continue;
+            }
+            let ip: IpAddr;
+            if let Ok(val) = line.parse::<Ipv4Addr>() {
+                ip = IpAddr::V4(val);
+            } else if let Ok(val) = line.parse::<Ipv6Addr>() {
+                ip = IpAddr::V6(val);
+            } else {
+                warn!("cannot parse IP address from line: {}", line);
+                continue;
+            }
+            if let Some(ref b) = blacklist {
+                if b.contains(&ip) {
+                    info!("[blacklist] ignoring {}", &ip);
+                    continue;
+                }
+            }
+            ip_addresses.insert(ip);
+        }
+        ip_addresses
+    }
+}
 /* Get the IP address of source and dest. from an IP packet.
 * works with both IPv4 and IPv6 packets/addresses */
 fn extract_ip(pkt: Packet) -> Option<(IpAddr, IpAddr)> {
--- a/test/test_masscanned.py
+++ b/test/test_masscanned.py
@ -163,9 +163,9 @@ masscanned = subprocess.Popen(
        "-vvvvv",
        "-i",
        f"{IFACE}b",
-        "-f",
+        "--ip-addr-file",
        ipfile.name,
-        "-a",
+        "-m",
        MAC_ADDR,
    ]
    # if args in CLI, they are passed to masscanned