Thursday, September 17, 2015

Parsing Multiple nmap Scan Output Files into a csv File

Today I was faced with a challenge where I had to parse multiple nmap scans that were saved in a directory.  The format was saved in the regular .nmap output.  The following python script came alive that parses the files and outputs the IP Address, MAC Address and each port that was found into output to the screen that could then be saved as a csv file.

This script depends on the output that is located in the .nmap output and the version of nmap.



#!/usr/bin/python

nmapOutputDirectory="scans"

import os
import re

for file in os.listdir(nmapOutputDirectory):
 portStatusPattern = re.compile("^[0-9]{1,5}\/(tcp|udp)\s*(open|closed)\s*[0-9a-zA-Z- ]{3,}$")
 macAddrPattern = re.compile(".*([0-9A-Fa-f]{1,2}[:-]){5}[0-9A-Fa-f]{2}.*")
 portInfoList = []
 ipAddress = ''
 macAddr = ''
 fileLocation = nmapOutputDirectory + "/" + file
 f = open(fileLocation, 'r')
 for line in f:
  currentLine = line.strip()
  if "Nmap scan report for" in currentLine:
   ipAddress = currentLine[21:]
  elif portStatusPattern.match(currentLine):
   portInfoList.append(currentLine)
  elif macAddrPattern.match(currentLine):
   macAddr = currentLine[13:30]
 if len(portInfoList) > 0:
  for item in portInfoList:
   print '"' + ipAddress + '","' + macAddr + '","' + item + '"'
 else:
  print '"' + ipAddress + '","' + macAddr + '",""'



b


Saturday, September 5, 2015

Python - Vega Conflict Script to Maximize Fleet Sizes based on Fleet Mass

On the side I have been playing a game created by Kixeye called Vega Conflict.  Their description of the game is below:


Stake your claim, command your fleets, and wage epic war in space. Band together with other players in a bloody rebellion to take back the galaxy from the evil VEGA Federation.  CUSTOMIZE YOUR WAR: Different targets call for different strategy, outfit your fleet for victory.  REAL-TIME PvP: Real war doesn’t wait its turn - attack enemies at will in real-time.  BATTLE ANYWHERE: Conflict never ends. Continue your progress on phone, tablet, or in browser.

In the game you progress based on leveling the buildings on your planet.  Currently in the game I have a level 7 Fleet Bay which allows you to have a maximum of 7 Fleets.  Each Fleet can only have a total mass of 10,100.  This presents a difficulty in taking all of the ships that you have built and creating 7 Fleets with as close as you can get the maximum mass for each fleet.  
A note on strategy:  The best strategy is not to maximize the mass of the fleet.  The best strategy depends on knowing your enemy.
Now back to the math of trying to figure this out, here are the ships placed into python lists based on their mass:

broadswordDestroyer = [1339, 1339, 1219]
exodusCruiser = [1966, 1735, 1772, 1772, 1772, 1712, 1620, 1287]
rancorBattleship = [2075, 1815, 1815, 1516, 1479, 1257, 2064, 2059, 2101, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2101, 2101, 2101, 2121, 2111, 1689, 1762, 1762, 1739, 1739, 1731, 1683, 1257, 1257, 1257]
genesisCruiser = [740, 743, 680, 680]


The challenges and what I learned from this problem:

So I have a total of 51 ships accounted for in the above lists.  Then I combined the list.  I found that instead of sorting the list by smallest to largest or largest to smallest I received the best results if I randomized the list using random.shuffle.

In creating 1 fleet, I would send the calculations through 6 for loops, one loop for each ship in the fleet.  However each for loop had to be looking at a unique ship in the list so an if statement was created to work around this issue of the variables counting the loop could not be accessing the same item in the list of ships.

Then if the the fleets mass amounted to over 10,000 then break out of the for loops.  I could not figure out how to break out of the 6 for loops without breaking out of the 7th which is used to generate all 7 fleets.  So I introduced an if statement so if the fleet mass amounted to over 10,000 it would not execute the for loops after that threshold was hit.

After the above challenges I found that sometimes a fleet would try and include a duplicate ship that did not exist because the for loop would complete without reaching maximum mass of 10,000 or above and pass the last value of the for loop into the fleet.

Also one or more of the 7 fleets would not be generated in the for loops so not to output these fleets but only the ones that are complete.

Then finally I added a condition so it would take the maximum combined total of the 7 fleets and then only output future combinations that are larger than the previous one output.  After all was done it somewhat works.  I would be more than happy to learn of a different way to code this or a better way mathematically to do it.

I am in no way using this code to tamper with another player, the game, app or gameplay.  This code is run independent of anything that Kixeye uses for the game, interaction with another player, created apps or gameplay.  I am only using the code as a great mathematical challenge and solving it using python.  I am also using it as part of my strategy to determine the best combinations of fleets to use in the game.  Though output is received from the code I have to manually enter in the output to the browser or the app that I am using.  Below is the code that I am using it is also located here on google docs.




#!/usr/bin/python

import random

# Original Values
#broadswordDestroyer = [1339, 1339, 1219]
#exodusCruiser = [1966, 1735, 1772, 1772, 1772, 1712, 1620, 1287]
#rancorBattleship = [2075, 1815, 1815, 1516, 1479, 1257, 2064, 2059, 2101, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2101, 2101, 2101, 2121, 2111, 1689, 1762, 1762, 1739, 1739, 1731, 1683, 1257, 1257, 1257]
#genesisCruiser = [740, 743, 680, 680, 680]

broadswordDestroyer = [1339, 1339, 1219]
exodusCruiser = [1966, 1735, 1772, 1772, 1772, 1712, 1620, 1287]
rancorBattleship = [2075, 1815, 1815, 1516, 1479, 1257, 2064, 2059, 2101, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2121, 2101, 2101, 2101, 2121, 2111, 1689, 1762, 1762, 1739, 1739, 1731, 1683, 1257, 1257, 1257]
genesisCruiser = [740, 743, 680, 680]

overallTotal = 0
while True:
 listNumb = broadswordDestroyer + exodusCruiser + rancorBattleship + genesisCruiser
 #listNumb.sort(reverse=True)   # Sorts the list by largest integer first
 #listNumb.sort()  # Sorts the list by smallest integer first
 random.shuffle(listNumb) # Makes the order of the list random
 outputFleets = ''
 printCounter = 0
 grandTotal = 0
 for i in range(1, 8):
  doneLooping = 'False'
  total = 0
  currentTotal = 0
  currentFleet = []
  for a in range(0, len(listNumb)):
   if doneLooping == 'False':
    for b in range(0, len(listNumb)):
     if doneLooping == 'False':
      for c in range(0, len(listNumb)):
       if doneLooping == 'False':
        for d in range(0, len(listNumb)):
         if doneLooping == 'False':
          for e in range(0, len(listNumb)):
           if doneLooping == 'False':
            for f in range(0, len(listNumb)):
             if a <> b and a <> c and a <> d and a <> e and a <> f and b <> c and b <> d and b <> e and b <> f and c <> d and c <> e and c <> f and d <> e and d <> f:
              currentTotal = listNumb[a] + listNumb[b] + listNumb[c] + listNumb[d] + listNumb[e] + listNumb[f]
              if ((currentTotal <= 10100) and (total <= 10100) and (total < currentTotal)):
               currentFleet = []
               currentFleet.append(listNumb[a]) 
               currentFleet.append(listNumb[b]) 
               currentFleet.append(listNumb[c]) 
               currentFleet.append(listNumb[d]) 
               currentFleet.append(listNumb[e]) 
               currentFleet.append(listNumb[f]) 
               #print currentFleet
               #print currentTotal, listNumb[a], listNumb[b], listNumb[c], listNumb[d], listNumb[e], listNumb[f]
               total = currentTotal
              elif total > 10000:
               doneLooping = 'True'
  if (len(currentFleet) == 6): 
   listNumb.remove(currentFleet[0])
   if currentFleet[1] in listNumb:
    listNumb.remove(currentFleet[1])
    if currentFleet[2] in listNumb:
     listNumb.remove(currentFleet[2])
     if currentFleet[3] in listNumb:
      listNumb.remove(currentFleet[3])
      if currentFleet[4] in listNumb:
       listNumb.remove(currentFleet[4])
       if currentFleet[5] in listNumb:
        listNumb.remove(currentFleet[5])
        outputFleets = outputFleets + "Fleet " + str(i) + ": " + str(currentFleet[0]) + " " + str(currentFleet[1]) + " " + str(currentFleet[2]) + " " + str(currentFleet[3]) + " " + str(currentFleet[4]) + " " + str(currentFleet[5]) + " Total: " + str(total) + "\n"
        printCounter = printCounter + 1
        grandTotal = grandTotal + total
 if grandTotal > overallTotal:
  if printCounter == 7: 
   print "Total: " + str(grandTotal)
   print outputFleets
   print
   overallTotal = grandTotal




I thought I would provide the results of the script below so you could see the output that you will receive if you run it:

Total Combined Fleet Size: 70604  (Really close to the max combined of 70,700)
Fleet 1: 2121 1966 1257 1762 1731 1257 Total: 10094
Fleet 2: 1620 2121 1339 1219 2075 1712 Total: 10086
Fleet 3: 1479 1772 1772 1772 1739 1516 Total: 10050
Fleet 4: 2121 1815 1689 2111 1683 680 Total: 10099
Fleet 5: 740 1339 2059 1739 2101 2121 Total: 10099
Fleet 6: 2101 1815 2121 1257 2121 680 Total: 10095
Fleet 7: 743 2064 1297 2121 2121 1735 Total: 10081


Prepare, Bait, Hook, Execute and Control - Buffer Overflows

This post is the third of four that I am planning to write about social engineering specifically about phishing.  The form of phishing that...