Skip to content

beasteers/hellolan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
hellolan
hellolan
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

hellolan

Intuitive port scanning! This module is just a couple functions that wrap nmap and are exposed as command line tools.

Basically, I made this because I often need to scan for raspberry pi's on my local network and was always frustrated about remembering the correct commands. Then I needed to do some automated scanning in Python, so I just wrapped it all up in a few python functions with a cli.

Install

# mac
brew install nmap
# linux
apt-get install nmap

pip install hellolan

Usage

# by default, we scan ports 21-443
hellolan scan

# there are some presets too
hellolan ssh # --port=22
hellolan web # --port=80,443

Example output:

$ hellolan ssh
hostname           ip             ports
-----------------  -------------  -------
                   192.168.1.127  [22]
node-b827e9j315hf  192.168.1.236  [22]
-
Took 3.3 seconds

If you run with sudo, you can also see the mac address and vendor.

$ sudo hellolan ssh --watch
hostname                ip             ports    mac                vendor
----------------------  -------------  -------  -----------------  ---------------------------

raspberrypi  192.168.1.242  [22]     DC:A6:32:C4:F4:A3  Raspberry Pi Trading
raspberrypi  192.168.1.65   [22]     DC:A6:32:A9:F0:82  Raspberry Pi Trading
             192.168.1.66   [22]     52:D4:F7:18:5F:74
             192.168.1.67   [22]     00:1A:62:03:F3:FF  Data Robotics, Incorporated
Scan 1 finished at Tue Jan 19 23:08:55 2021. took 10.2s. Found 4 hosts.

There's more:

# you can filter the results too
hellolan ssh node- # match a partial hostname
hellolan ssh 'host*' --ignore='badhost-*' # matching glob
hellolan ssh 192.168.1.84 # match an exact ip
# NOTE: lmk if you'd prefer regex over fnmatch

# you can change the net hosts to scan.
# by default it's the local router subnet --net=192.168.1.0/24
# so it's not exclusively for lan ...!! helloevbody!
hellolan scan --net=scanme.nmap.org
hellolan scan --net=198.116.0-255.1-127
hellolan scan --net=216.163.128.20/20

# you can also poll localhost:
# here I'm checking what I have for jupyter lab instances running.
# they autoincrement ports as 8888 + i. I'm assuming I don't have
# more than 7.
hellolan scan --net=localhost --port=8888-8893
# Outputs:
#     hostname    ip         ports
#     ----------  ---------  ------------
#     localhost   127.0.0.1  [8888, 8889]
#     -
#     Took 11.4 seconds

You can print it out in more parseable formats

$ hellolan ssh -ip
# 192.168.1.127
# 192.168.1.236
$ hellolan ssh -ip -json
# ["192.168.1.127", "192.168.1.236"]
$ hellolan ssh -json
# [{"hostname": "", "ip": "192.168.1.127", "ports": [22]}, {"hostname": "raspberrypi", "ip": "192.168.1.236", "ports": [22]}]

Now you can use the command to directly ssh into a device !!!

How it works - it will split by the '@' symbol, poll for a device who's host matches 'abc' and replaces 'abc' with the found ip address.

hellolan ssh- user@abc

So for example:

mbp $ hellolan ssh- user@abc
#
# Multiple hosts found:
#     hostname  ip             ports
# --  --------  -------------  -------
#  0  abcdejkl  192.168.1.127  [22]
#  1  abcdefgh  192.168.1.236  [22]
#
# Which host to use? [0]: >> 1
# Using host: abcdefgh
#
# ---------------------
# Starting SSH Session: $ ssh [email protected]
# ---------------------
#
# Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
# permitted by applicable law.
# Last login: Wed Apr 15 18:40:32 2020 from 192.168.1.214
user@abcdefgh:~ $ hostname
abcdefgh
user@abcdefgh:~ $ exit
logout
Connection to 192.168.1.236 closed.
#
# -------------------
# Ended SSH Session. (ssh [email protected])
# -------------------
#
mbp $

It's also importable!

import hellolan

for d in hellolan.scan(port='21-22'):
    print('{hostname} ({ip}) - {ports}'.format(**d))

Notes

  • this uses the default nmap.PortScanner().scan(host, ports=ports) setup. I'm not sure I'm knowledgeable enough to pick better defaults, but there may be ways to speed it up.

  • Update: after playing around with settings, there are indeed ways of speeding it up.

    • I made version checking optional. nmap.PortScanner.scan does version checking by default (-sV). I removed that and now you can re-enable it using --services. I haven't seen any lost information and the queries are now waaaay faster.
    • if you are trying to speed up --services, you can specify version intensity (--intensity 0-9) with 0 using fewer checks (faster) and 9 using the most (comprehensive). I noticed significant decrease in runtime when using --services with --intensity 0
    • You can specify how many of the top ports to use (default is --top 200), fewer is faster, (nmap default is 1000).

About

intuitive port scanning!

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages