added geoplugin importer

kenuoseclab · Sep 26, 2018 · adf6943 · adf6943
1 parent 047ae1f
commit adf6943
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 2 deletions.
diff --git a/conf/shell.conf b/conf/shell.conf
@@ -37,6 +37,7 @@ nmap_vulners = nmap -sV --script=$scripts/vulners.nse -oX $outfile $rhost
 masscan_full_tcp = sudo masscan -oX $outfile -p0-65535 --rate 100000 --banner $rhost
 
 get-from-shodan = python3 $scripts/smap.py --out $outfile $rhost
+get-geolocation = curl -vvv "http://www.geoplugin.net/json.gp?ip=$rhost" > $outfile
 
 searchsploit = nmap -sV -sC $rhost -oX $outfile ; searchsploit --nmap $outfile 
 metasploit_enum_dns = msfconsole -n -q -x "use auxiliary/gather/enum_dns; set DOMAIN $domain; run; exit;"
@@ -55,7 +56,6 @@ whois_domain = whois $domain
 
 [generic]
 ncat = ncat -v $rhost $rport
-telnet = telnet $rhost $rport
 openssl_client = openssl s_client -connect $rhost:$rport
 grab_banner = echo | nc -v -n -w1 $rhost $rport
 searchsploit = nmap -sV -sC $rhost -p $rport -oX $outfile ; searchsploit --nmap $outfile 

diff --git a/core/database.py b/core/database.py
@@ -110,6 +110,30 @@ def _find_nmap_service(self, port, trasport):
 					return line.split()[0]
 
 
+	def import_geoplugin(self, json_file):
+		""" import host's longitude and latitude from geoplugin json """
+
+		file = open(json_file,'r')
+		sp_out = file.read()
+		file.close()
+
+		geo_out = json.loads(sp_out)
+
+		# check if the host exists
+		if self.host_exist(geo_out["geoplugin_request"]):
+			# update
+			add_host = self.session.query(targets).filter( targets.address == geo_out["geoplugin_request"] ).one()
+
+			# update values only if there's more informations
+
+			add_host.latitude = geo_out["geoplugin_latitude"]
+			add_host.longitude = geo_out["geoplugin_longitude"]
+
+			self.session.add(add_host)
+			self.session.commit()
+
+
+
 
 	def import_shodan(self, json_file):
 		""" import smap.py json output """
@@ -436,7 +460,7 @@ def get_logs(self, id=''):
 		return self.session.query(activity_log).filter( activity_log.id == int(id) ).one()
 
 	def get_history(self, host):
-		return self.session.query(activity_log).filter( activity_log.target.like("%"+host+"%")).all()
+		return self.session.query(activity_log).filter( activity_log.target.like("%"+host+"%") | activity_log.target.like("%"+host+"%") ).all()
 
 	def get_log_id(self):
 		return self.session.query(activity_log).order_by(activity_log.id.desc()).first().id

diff --git a/core/main.py b/core/main.py
@@ -397,6 +397,10 @@ def identify_scan(self, file) :
 			try:
 				with open(file) as f:
 					testfile = json.load(f)
+
+					if "geoplugin_request" in head:
+						return "geoplugin"
+
 					return "smap"
 			except:
 				pass
@@ -803,6 +807,10 @@ def end_task(self, caller, out, id):
 				elif self.identify_scan(outfile) == "smap":
 
 					self.database.import_shodan(outfile)
+
+				elif self.identify_scan(outfile) == "geoplugin":
+
+					self.database.import_geoplugin(outfile)
 
 				self._sync()
 				os.remove(outfile)