-
Notifications
You must be signed in to change notification settings - Fork 2
/
mongo-radar.py
executable file
·152 lines (121 loc) · 4.54 KB
/
mongo-radar.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
from typing import List
from mongo import ConnectionWorker, ConnectionWorkerOptions
from queue import Queue
import os
import argparse
from datetime import datetime
from writer import write_log
DEFAULT_WORKERS = 4
DEFAULT_OUT_DIR = "out"
DEFAULT_OUT_FILE = "loot.log"
DEFAULT_IPS = ["127.0.0.1"]
# Create argument parser
parser = argparse.ArgumentParser(
prog="mongo-radar",
description="Script to scan and do some operations over default unauthorized public \
mongo databases.",
)
parser.add_argument(
"--out",
dest="input_out",
type=str,
default=DEFAULT_OUT_DIR,
help="Define the ouput folder location.",
)
parser.add_argument(
"--ips",
dest="input_ips",
type=str,
help="Define list of ips or range of ips to scan. Ex: 127.0.0.1,127.0.0.2-255",
)
parser.add_argument(
"--workers",
dest="input_workers",
type=int,
help="Define the number of worker threads (> 4) that will be doing the jobs simultaneously.",
)
parser.add_argument(
"--dump",
dest="input_dump",
action="store_true",
help="Dumps all the databases found and saves it into out directory.",
)
def print_banner():
print(
"""
,-.
/ \\ `. __..-,O 88888b.d88b. .d88b. 88888b. .d88b. .d88b.
: \\ --''_..-'.' 888 "888 "88bd88""88b888 "88bd88P"88bd88""88b
| . .-' `. '. 888 888 888888 888888 888888 888888 888
: . .`.' 888 888 888Y88..88P888 888Y88b 888Y88..88P
\\ `. / .. 888 888 888 "Y88P" 888 888 "Y88888 "Y88P"
\\ `. ' . 888
`, `. \\ 888 Y8b d88P
,|,`. `-.\\ 888 "Y88P"
'.|| ``-...__..-` 888
| | 888d888 8888b. .d88888 8888b. 888d888
|__| 888P" "88bd88" 888 "88 b888P"
/||\\ 888 .d888888888 888.d88888 8888
//||\\\\ 888 888 888Y88b 888888 88 8888
// || \\\\ 888 "Y888888 "Y88888"Y88888 8888
__//__||__\\\\__
'--------------'
"""
)
def parse_min_max_range(range: str) -> (int, int):
c = range.split("-")
if len(c) > 1:
return int(c[0]), int(c[1]) + 1
else:
return int(c[0]), int(c[0]) + 1
# Very naive ip range parsing
def parse_str_ips(ips_str: str) -> List[str]:
ips = []
raw_ips = ips_str.split(",")
for raw_ip in raw_ips:
oct = raw_ip.split(".")
if len(oct) != 4:
raise Exception("Malformed ip")
# Watch dis magnificent O(5)
f_min, f_max = parse_min_max_range(oct[0])
for f in range(f_min, f_max):
s_min, s_max = parse_min_max_range(oct[1])
for s in range(s_min, s_max):
t_min, t_max = parse_min_max_range(oct[2])
for t in range(t_min, t_max):
fo_min, fo_max = parse_min_max_range(oct[3])
for fo in range(fo_min, fo_max):
ips.append(f"{f}.{s}.{t}.{fo}")
return ips
if __name__ == "__main__":
args = parser.parse_args()
# Define workers
workers = DEFAULT_WORKERS
if args.input_workers is not None:
workers = max(args.input_workers, DEFAULT_WORKERS)
# Define ips
ips = DEFAULT_IPS
if args.input_ips is not None:
ips = parse_str_ips(args.input_ips)
options = ConnectionWorkerOptions(
out=args.input_out, file=DEFAULT_OUT_FILE, dump=args.input_dump
)
print(options)
# Create out dir if not exists
if not os.path.exists(options.out):
os.makedirs(options.out)
write_log(
f"{options.out}/{options.file}",
f"=========== | {datetime.now():%Y-%m-%d %H:%M:%S} | ===========\n",
)
print_banner()
q = Queue()
for j in range(workers):
worker = ConnectionWorker(q, j, options)
worker.setDaemon(True)
worker.start()
for ip in ips:
print(f"Enqueued ip: {ip}")
q.put(ip)
q.join()
print('(•̀ᴗ•́)و ̑̑" => Done, now loot.')