{"id":580,"date":"2014-01-19T18:20:47","date_gmt":"2014-01-20T01:20:47","guid":{"rendered":"http:\/\/somethingk.com\/main\/?p=580"},"modified":"2017-03-24T07:02:27","modified_gmt":"2017-03-24T14:02:27","slug":"my-ultimate-network-monitorenumeration-tool-putting-it-all-together","status":"publish","type":"post","link":"https:\/\/somethingk.com\/main\/my-ultimate-network-monitorenumeration-tool-putting-it-all-together\/","title":{"rendered":"My Ultimate Network Monitor\/Enumeration Tool &#8211; Putting It All Together"},"content":{"rendered":"<section id=\"text-4\" class=\"widget boka-widget widget_text amr_widget\">\t\t\t<div class=\"textwidget\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block; text-align:center;\"\r\n     data-ad-layout=\"in-article\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-client=\"ca-pub-7619916617995509\"\r\n     data-ad-slot=\"9102150708\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>\n\t\t<\/section>\n<p>Finally, all the parts come together. Look at my previous posts for all the pieces to building the LilDevil network monitor and enumeration tool.<\/p>\n<ul>\n<li><a title=\"Permanent Link to Tomato Shibby on ASUS RT-N66W\" href=\"http:\/\/somethingk.com\/main\/?p=300\" rel=\"bookmark\">Tomato Shibby on ASUS RT-N66W<\/a><\/li>\n<li><a title=\"Permanent Link to Tomato Shibby Guest Wireless\" href=\"http:\/\/somethingk.com\/main\/?p=323\" rel=\"bookmark\">Tomato Shibby Guest Wireless<\/a><\/li>\n<li><a title=\"Permanent Link to Tomato by Shibby Splash Page\" href=\"http:\/\/somethingk.com\/main\/?p=346\" rel=\"bookmark\">Tomato by Shibby Splash Page<\/a><\/li>\n<li><a title=\"Permanent Link to Restricting Bandwidth on Tomato\" href=\"http:\/\/somethingk.com\/main\/?p=393\" rel=\"bookmark\">Restricting Bandwidth on Tomato<\/a><\/li>\n<li><a title=\"Permanent Link to Pi Time!\" href=\"http:\/\/somethingk.com\/main\/?p=435\" rel=\"bookmark\">Pi Time!<\/a><\/li>\n<li><a title=\"Permanent Link to IMPROVEMENTS: Detecting New Network Devices with Python and Tkinter\" href=\"http:\/\/somethingk.com\/main\/?p=456\" rel=\"bookmark\">IMPROVEMENTS: Detecting New Network Devices with Python and Tkinter<\/a><\/li>\n<li><a title=\"Permanent Link to Playing with the Pi: Portable Server\" href=\"http:\/\/somethingk.com\/main\/?p=582\" rel=\"bookmark\">Playing with the Pi: Portable Server<\/a><\/li>\n<\/ul>\n<p><strong>The LilDevil<\/strong><\/p>\n<p>So this tool I created sits on a Raspberry Pi. Its purpose is to monitor and enumerate all devices currently connected to a network. In this case, it sits on my Guest network. Tomato Shibby is running on my router and I used its web interface to setup the network, along with limiting access. For all guests jointing this network, they are warned by the router&#8217;s splash page that tools such as this will be running. Its a free network and they really can&#8217;t expect anything different going on. In this case, its <span style=\"text-decoration: underline;\">not malicious<\/span>, but it is good practice to be wary of guest networks.<\/p>\n<p>To be less suspicious, the hostname of the Raspberry Pi is RainbowDash \ud83d\ude09 This amuses me so much, the perfect disguise! If I saw a device named LilDevil running on a guest network I would be totally alarmed. I also themed the Pi accordingly, see the below screenshot. The coloring isn&#8217;t perfect, I blame VNC.<\/p>\n<p><a href=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/RainbowDash.png\"><img fetchpriority=\"high\" decoding=\"async\" class=\"aligncenter size-medium wp-image-608\" src=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/RainbowDash-300x225.png\" alt=\"RainbowDash\" width=\"300\" height=\"225\" srcset=\"https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/RainbowDash-300x225.png 300w, https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/RainbowDash-1024x769.png 1024w, https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/RainbowDash.png 1025w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>The Pi runs a Django Restful server that stores mmap scan information about detected machines on the network. The Python 2.7 scripts for this are <a title=\"IMPROVEMENTS: Detecting New Network Devices with Python and Tkinter\" href=\"http:\/\/somethingk.com\/main\/?p=456\">here<\/a>. I had to make a few versions in order for things to work on Django 1.6.<\/p>\n<p>In views.py, change<\/p>\n<pre>encoded = json.loads(request.raw_post_data)<\/pre>\n<p>to<\/p>\n<pre>encoded = json.loads(request.body)<\/pre>\n<p><span style=\"line-height: 1.5em;\">Also, I had to make some changes in dirtBag.py, in order to get the ping sweep to work appropriate. <\/span><\/p>\n<p>Change MIN and MAX to an integer instead of a string.<\/p>\n<pre>MIN=\"0\"\r\nMAX=\"12\"<\/pre>\n<p>to<\/p>\n<pre>MIN=0\r\nMAX=12<\/pre>\n<p>Here is a copy of the new main function.<\/p>\n<div class=\"snippetcpt-wrap\" id=\"snippet-1095\" data-id=\"1095\" data-edit=\"\" data-copy=\"\/main\/wp-json\/wp\/v2\/posts\/580?snippet=17b1fac833&#038;id=1095\" data-fullscreen=\"https:\/\/somethingk.com\/main\/code-snippets\/final-python-enumeration-script\/?full-screen=1\">\n\t\t\t\t<pre class=\"prettyprint linenums lang-python\" title=\"Final Python Enumeration Script\">def main():\r\n&nbsp;&nbsp;&nbsp;&nbsp;global results\r\n&nbsp;&nbsp;&nbsp;&nbsp;while 1:\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;new = &quot;&quot;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for x in range(MIN,MAX):\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;new = new + commands.getoutput(&quot;ping -c 1 -t 1 &quot;+PREFIX+&quot;.&quot;+str(x) + &quot; | grep 'from'&quot;) #Ping sweep the network to find connected devices\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;tmp = re.findall(PREFIX+&quot;.(d+)&quot;, str(new)) #Pull out IP addresses from the ping results\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if tmp != results:\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for ip in tmp:\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if ip not in results:\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;gotcha = commands.getoutput('nmap -v -A -Pn '+PREFIX+'.'+ip)\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sendDevice(gotcha)\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for r in results:\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if r not in tmp:\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;removeDevice(PREFIX+'.'+r)\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;results = tmp<\/pre>\n\t\t\t<\/div>\n<p>The information is up to date on all devices currently connected. It may be nice in the future to include a log of all scans but for now, I&#8217;m really only interested in connected machines.<\/p>\n<p>Data is then displayed in a visible GUI. The below screenshot shows the tool windows along with the GUI. Currently, no devices were connected to the network.<\/p>\n<p><a href=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-17-at-9.27.49-PM.png\"><img decoding=\"async\" class=\"aligncenter size-medium wp-image-609\" src=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-17-at-9.27.49-PM-300x228.png\" alt=\"Screen Shot 2014-01-17 at 9.27.49 PM\" width=\"300\" height=\"228\" srcset=\"https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-17-at-9.27.49-PM-300x228.png 300w, https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-17-at-9.27.49-PM.png 1019w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>Ahhh it detected a device&#8230; in this case, itself.<\/p>\n<p><a href=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-19-at-7.58.55-PM.png\"><img decoding=\"async\" class=\"aligncenter size-medium wp-image-612\" src=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-19-at-7.58.55-PM-300x228.png\" alt=\"Screen Shot 2014-01-19 at 7.58.55 PM\" width=\"300\" height=\"228\" srcset=\"https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-19-at-7.58.55-PM-300x228.png 300w, https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/01\/Screen-Shot-2014-01-19-at-7.58.55-PM.png 1008w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>There you have it! A portable network enumeration tool. There are so many versions of this everywhere, but this is just something I coded up for fun. I plan to add to the Pi later for kicks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Finally, all the parts come together. Look at my previous posts for all the pieces to building the LilDevil network monitor and enumeration tool. Tomato Shibby on ASUS RT-N66W Tomato Shibby Guest Wireless Tomato by Shibby Splash Page Restricting Bandwidth on Tomato Pi Time! IMPROVEMENTS: Detecting New Network Devices with Python and Tkinter Playing with the Pi: Portable Server The [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,43,39,37,6,93,24,72,38],"tags":[118,98,153,61,105,94,144,143],"class_list":["post-580","post","type-post","status-publish","format-standard","hentry","category-enumeration","category-exploit","category-fingerprinting","category-kali","category-linux","category-networking","category-penetration-testing","category-python","category-vulnerability-scanner","tag-django","tag-guest-network","tag-python-2-7","tag-raspberry-pi","tag-tkinter","tag-tomato-shibby","tag-vnc","tag-wifi"],"_links":{"self":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/580","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/comments?post=580"}],"version-history":[{"count":17,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/580\/revisions"}],"predecessor-version":[{"id":1096,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/580\/revisions\/1096"}],"wp:attachment":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/media?parent=580"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/categories?post=580"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/tags?post=580"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}