Marconi
At this time Marconi is just a simple perl module that I use with many of my
security and network programs. It only has a few functions built in, but is
growing. The POD info is not up to date, but it is a work in progress.
To use the module with any of the apps that need it, just download it into the same directory they are running from. There will be a full install process in the future... Real Soon Now(tm)
For more info, please contact me @ MadHat (at) Unspecific.com
I just rewrote how Marconi does NBTScanning using the NBTSTAT packets. It is more accurate and suplies more information.
Need to start a change log for Marconi.pm.
So I noticed that some hosts were not working properly. Looks like the type of Node they are made scanning different as far as the NBTSTAT packet sent. I changed the NBTSTAT packet and noticed different info returned that was not matching my old tests. It was a different node type.
http://support.microsoft.com/default....support/kb/articles/Q119/4/93.asp&NoWebContent=1
I added support to show 2 node types that I ahve encountered.
nbtscan.pl has also been updated to use this new info.
To use the module with any of the apps that need it, just download it into the same directory they are running from. There will be a full install process in the future... Real Soon Now(tm)
For more info, please contact me @ MadHat (at) Unspecific.com
I just rewrote how Marconi does NBTScanning using the NBTSTAT packets. It is more accurate and suplies more information.
Need to start a change log for Marconi.pm.
So I noticed that some hosts were not working properly. Looks like the type of Node they are made scanning different as far as the NBTSTAT packet sent. I changed the NBTSTAT packet and noticed different info returned that was not matching my old tests. It was a different node type.
http://support.microsoft.com/default....support/kb/articles/Q119/4/93.asp&NoWebContent=1
I added support to show 2 node types that I ahve encountered.
nbtscan.pl has also been updated to use this new info.
Apps That Use Marconi
Current Functions
- CalculateIPRange
CalculateIPRange takes 4 possible parameters and returns an array that contains the IPs expanded from the list given, or an error message, if ERRNO is defined.
@list = CalculateIPRange($iplist, [$errno, [$maxip, [$DEBUG]]])
- $iplist
Scalar that represents the IPs. Currently supported formats include
- a.b.c.d/n - 10.0.0.1/25
- a.b.c.* - 10.0.0.*
- a.b.c.d/w.x.y.z - 10.0.0.0/255.255.224.0 (standard format)
- a.b.c.d/w.x.y.z - 10.0.0.0/0.0.16.255 (cisco format)
- a.b.c.d-z - 10.1.2.0-12
- a.b.c-x.* - 10.0.0-3.*
- a.b.c-x.d - 10.0.0-3.0
- hostname - unspecific.com
- hostname[1-4].domains.com
- a.b.c.d/n - 10.0.0.1/25
- $errno
whether or not to return an error
-
If set a 'helpful' message will be returned as the first item of the array
If not set, or set to 0, nothing will be returned if the function is not able to expand the list into IPs.
- $maxip
-
This is used to set the maximum number of IPs to return in the array.
Default value is a /16, or 65536 IPs. This can ot be raised.
If the MAXIP is reached an error is returned.
- $DEBUG
-
DEBUG vaue is an integer from 1 to 3, where 3 is the most verbose.
- $iplist
- NBTScan
($name, $mac, $user, $domain, @data) = NBTScan( $ipaddr, [$timeout, [$DEBUG]])
NBTScan takes 3 porrible paramiters and returns 5 vaules.
NetBIOS Name is the firect Item returned.
Second item is the MAC address
Third is the Username of the person logged in (this is a guess and mae be the amchine name).
Forth item returned is the domain or workgroup the box is a member of.
Last item is a comma sperated list of everything returned by the NBTSTAT packet from the machine being queried. The 3 fields returned per line are the Name returned, the description of what thet name reqpresnts and the "Group or Unique" field that denotes wether it is a domain/workgroup related item of local to the box.
UDP port 137 must be open for this function to be successful. The 3 values sent are IP address, timeout and a debug flag.
- $ipaddr
-
The IP address you wish to scan. At this point only IPv4 is supported and hostname will not be accepted.
- $timeout
-
The number of seconds to wait for a reply before giving up and moving on.
- $DEBUG
-
DEBUG vaue is an integer from 1 to 3, where 3 is the most verbose.
- $ipaddr
- CheckPort
$rc = CheckPort( $ipaddr, $port, $proto, [$timeout, [$DEBUG]])
CheckPort takes 5 possible paramaters and returns a binary vaule. It will return true if the port is open and false if it is not. The 5 vaules sent are IP address, port, protocol by name, timeout in seconds and a debug vaule.
- $ipaddr
-
The IP address you wish to scan. At this point only IPv4 is supported and hostname will not be accepted.
- $port
-
The port you wish to scan. Valid port are 1-65535, 0 is not supported at this time.
- $proto
-
'TCP' or 'UDP'
- $timeout
-
The number of seconds to wait for a reply before giving up and moving on.
- $DEBUG
-
DEBUG vaue is an integer from 1 to 3, where 3 is the most verbose.
- $ipaddr
- RawRequest
$content = RawRequest( $ipaddr, $port, $request, [$timeout, [$ssl, [$DEBUG]]])
RawRequest takes 6 possible paramaters and returns a string for success and nothing for failure. The 6 values sent are IP address, port, request, timeout, ssl and a debug value.
- $ipaddr
-
The IP address you wish to scan. At this point only IPv4 is supported and hostname will not be accepted.
- $port
-
The port you wish to send the request to. Valid port are 1-65535, 0 is not supported at this time.
- $request
-
The request can be a simple newline, or a full HTTP request or something more complicated like HEX values for binary.
- $timeout
-
The number of seconds to wait for a reply before giving up and moving on.
- $ssl
-
If set to true, SSL will be used. Specifically Net::SSLeay:sslcat is the function used.
- $DEBUG
-
DEBUG vaue is an integer from 1 to 3, where 3 is the most verbose.
- $ipaddr
- swrite
Stolen directly from the perlform perldoc page, which is to write() what sprintf() is to printf().
$content = swrite($format, @strings);
$string = swrite(<<'END', 1, 2, 3);
Check me out
@<<< @||| @>>>
END
print $string;