Difference between revisions of "ScanAutomation"

IPscan IPv6 Port Scan Automation

This section provides an overview of automated IPv6 firewall testing (IPv6 TCP and UDP port scans) using wget and IPscan.

Terms of Use

Please ensure that you accept the terms of use and are authorised to perform IPv6 port scans against the machine that you wish to test BEFORE attempting any of the steps outlined below. Please also ensure that you are not accessing web pages using an HTTP proxy. If in doubt then a web proxy can be disabled by following the command-line examples shown below.

This website publishes a Timswiki:Privacy_policy. Continued use of this website implies your consent to the storage of data outlined in the policy.

Rules for Forming the URL

It is possible to request automatic scans using wget but the URLs must be constructed as shown below. In each case you MUST:

• target the IPscan IPv6 host and IPv6 cgi-bin directory (www66.chappell-family.co.uk/cgi-bin6/)
• use the text-browser compatible cgi target (ipscan-txt.cgi)
• include an includeexisting query term, setting it to either 1 (include default ports IPv6_Ports) or -1 (exclude default ports)
• include all 4 customport terms (numbered 0 to 3), setting them equal to nothing if they are unused
• include the termsaccepted term, setting it to 1 to indicate your acceptance of the terms and conditions
• ensure that there are no spaces in the query string, particularly if using cut'n'paste
• wrap the resulting URL in quotes to ensure that the ampersand characters are not mis-interpreted

Failure to follow all of the above rules will result in a failure to scan your host. I'd also suggest that you specify a desired output document in the wget command-line - otherwise the filename will be based on the called URL and so will be somewhat convoluted!

If you include the default ports (includeexisting=1) then the scan will take up to approximately 15 seconds to complete - please be patient!

Windows Users - please READ

If you're intending to test a windows PC, then you need to be careful which pre-compiled version of wget you have installed. Some of the available versions do not include IPv6 support. The download at the following link is known to work on windows 7:

• http://gnuwin32.sourceforge.net/packages/wget.htm

Another good solution for PC users can be found within the Cygwin tool. Wget on Cygwin is built with the following options:

$ wget -V
GNU Wget 1.13.4 built on cygwin.

+digest +https +ipv6 +iri +large-file +nls -ntlm +opie +ssl/gnutls

Example Scans

Now for some concrete examples:

Testing just the UDP and TCP default port list

wget --no-proxy --output-document=ipv6.html "https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1"

  
  --2012-01-28 14:28:03--  https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1
  Resolving www66.chappell-family.co.uk... 2001:470:971f:99::6
  Connecting to www66.chappell-family.co.uk|2001:470:971f:99::6|:443... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 10147 (9.9K) [text/html]
  Saving to: `ipv6.html' 
  
  100%[======================================>] 10,147      --.-K/s   in 0s
  
  2012-01-28 14:28:03 (165 MB/s) - `ipv6.html' saved [10147/10147]

Testing the UDP ports and a single TCP port, e.g. 8080

wget --no-proxy --output-document=ipv6.html "https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=-1&customport0=8080&customport1=&customport2=&customport3=&termsaccepted=1"

  --2012-01-28 14:37:21--  https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=-1&customport0=8080&customport1=&customport2=&customport3=&termsaccepted=1
  Resolving www66.chappell-family.co.uk... 2001:470:971f:99::6
  Connecting to www66.chappell-family.co.uk|2001:470:971f:99::6|:443... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 7323 (7.2K) [text/html]
  Saving to: `ipv6.html'
  
  100%[======================================>] 7,323       --.-K/s   in 0s
  
  2012-01-28 14:37:21 (112 MB/s) - `ipv6.html' saved [7323/7323]

Testing the UDP ports, the default TCP ports list and 3 custom TCP ports

wget --no-proxy --output-document=ipv6.html "https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=8080&customport1=33452&customport2=65535&customport3=&termsaccepted=1"

  --2012-01-28 14:39:53--  https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=8080&customport1=33452&customport2=65535&customport3=&termsaccepted=1
  Resolving www66.chappell-family.co.uk... 2001:470:971f:99::6
  Connecting to www66.chappell-family.co.uk|2001:470:971f:99::6|:443... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 10263 (10K) [text/html]
  Saving to: `ipv6.html'
  
  100%[======================================>] 10,263      --.-K/s   in 0s
  
  2012-01-28 14:39:54 (222 MB/s) - `ipv6.html' saved [10263/10263]

Default test using curl

$ curl -sS "https://www66.chappell-family.co.uk/cgi-bin6/ipscanfasttxt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1"

or

$ curl -sS "https://www66.chappell-family.co.uk/cgi-bin6/ipscanfasttxt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1" |awk -F'[<> ]' 'BEGIN{printf("\nPORT\tSTATE\n")};{for(i=4;i<=NF;i++){if (index($i,"OPEN")>0 && $(i-1)=="=" && $(i-3)=="Port") {printf("%s\t%s\n",$(i-2),$i)}}};'

PORT    STATE
80      OPEN
443     OPEN
1080    OPEN
3128    OPEN

Testing on Ubiquity ERlite Routers

On the router:

sudo /usr/bin/curl -G 'https://www66.chappell-family.co.uk/cgi-bin6/ipscantxt.cgi' --data-urlencode 'includeexisting=1' --data-urlencode 'customport0=' --data-urlencode 'customport1=' --data-urlencode 'customport2=' --data-urlencode 'customport3=' --data-urlencode 'termsaccepted=1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Connection: keep-alive' 2>&1 >/tmp/ipv6.html

sudo scp /tmp/ipv6.html <user>@<host>:

sudo rm -f /tmp/ipv6.html

Exchange <user> and <host> for an applicable account and machine name to transfer the results file to.

sudo /usr/bin/curl -G 'https://www66.chappell-family.co.uk/cgi-bin6/ipscantxt.cgi' --data-urlencode 'includeexisting=1' --data-urlencode 'customport0=' --data-urlencode 'customport1=' --data-urlencode 'customport2=' --data-urlencode 'customport3=' --data-urlencode 'termsaccepted=1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Connection: keep-alive' 2>&1 >/tmp/ipv6.html
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2844  100  2844    0     0     30      0  0:01:34  0:01:33  0:00:01   627

HTML Results Scraping

It is possible to open the resulting ipv6.html file in a local web-browser, however you may prefer to summarise the results for easier checking. Here is a very quick and inelegant example of ResultScraping the returned html file.

This website publishes a Privacy Policy (link at the bottom of every page). Continued use of this website implies your consent to the use of data outlined in the policy.