Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/post/multi/gather/ping_sweep.rb
19591 views
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
class MetasploitModule < Msf::Post

7


8
  def initialize(info = {})

9
    super(

10
      update_info(

11
        info,

12
        'Name' => 'Multi Gather Ping Sweep',

13
        'Description' => %q{ Performs IPv4 ping sweep using the OS included ping command.},

14
        'License' => MSF_LICENSE,

15
        'Author' => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],

16
        'Platform' => %w[bsd linux osx solaris win],

17
        'SessionTypes' => [ 'meterpreter', 'shell' ],

18
        'Notes' => {

19
          'Stability' => [CRASH_SAFE],

20
          'SideEffects' => [],

21
          'Reliability' => []

22
        }

23
      )

24
    )

25
    register_options(

26
      [

27
        OptAddressRange.new('RHOSTS', [true, 'IP Range to perform ping sweep against.']),

28
      ]

29
    )

30
  end

31


32
  # Run Method for when run command is issued

33
  def run

34
    iprange = datastore['RHOSTS']

35
    print_status("Performing ping sweep for IP range #{iprange}")

36
    iplst = []

37
    begin

38
      ipadd = Rex::Socket::RangeWalker.new(iprange)

39
      numip = ipadd.num_ips

40
      while (iplst.length < numip)

41
        ipa = ipadd.next_ip

42
        if !ipa

43
          break

44
        end

45


46
        iplst << ipa

47
      end

48


49
      case session.platform

50
      when 'windows'

51
        count = ' -n 1 '

52
        cmd = 'ping'

53
      when 'solaris'

54
        cmd = '/usr/sbin/ping'

55
      else

56
        count = ' -n -c 1 -W 2 '

57
        cmd = 'ping'

58
      end

59


60
      ip_found = []

61


62
      while !iplst.nil? && !iplst.empty?

63
        a = []

64
        1.upto session.max_threads do

65
          a << framework.threads.spawn("Module(#{refname})", false, iplst.shift) do |ip_add|

66
            next if ip_add.nil?

67


68
            if session.platform =~ /solaris/i

69
              r = cmd_exec(cmd, "-n #{ip_add} 1")

70
            else

71
              r = cmd_exec(cmd, count + ip_add)

72
            end

73
            if r =~ /(TTL|Alive)/i

74
              print_good "\t#{ip_add} host found"

75
              ip_found << ip_add

76
            else

77
              vprint_status("\t#{ip_add} host not found")

78
            end

79
          end

80
        end

81
        a.map(&:join)

82
      end

83
    rescue Rex::TimeoutError, Rex::Post::Meterpreter::RequestError

84
      vprint_error(e.message)

85
    rescue StandardError => e

86
      print_status("The following error was encountered: #{e.class} #{e}")

87
    end

88


89
    ip_found.each do |ip|

90
      report_host(host: ip)

91
    end

92
  end

93
end

94


95