moriarty-project 0.1.6__py3-none-any.whl

moriarty/modules/port_scanner.py

@@ -0,0 +1,129 @@
+"""Port scanning assíncrono com fingerprints básicos."""
+from __future__ import annotations
+
+import asyncio
+import contextlib
+from dataclasses import dataclass
+from typing import Dict, List, Optional
+
+import random
+
+import structlog
+
+logger = structlog.get_logger(__name__)
+
+
+PROFILES = {
+    "quick": [22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 3306, 3389, 8080, 8443],
+    "full": list(range(1, 1025)),
+    "extended": [
+        21,
+        22,
+        23,
+        25,
+        53,
+        80,
+        110,
+        111,
+        135,
+        139,
+        143,
+        161,
+        389,
+        443,
+        445,
+        465,
+        587,
+        631,
+        993,
+        995,
+        1023,
+        1433,
+        1521,
+        2049,
+        3128,
+        3306,
+        3389,
+        5432,
+        5900,
+        6379,
+        8080,
+        8443,
+        9000,
+    ],
+}
+
+
+@dataclass
+class PortScanResult:
+    port: int
+    status: str
+    banner: Optional[str] = None
+
+
+class PortScanner:
+    """Execução assíncrona de port scanning com banners e fingerprint simples."""
+
+    def __init__(
+        self,
+        target: str,
+        profile: str = "quick",
+        concurrency: int = 200,
+        timeout: float = 1.5,
+        stealth_level: int = 0,
+    ):
+        self.target = target
+        self.profile = profile if profile in PROFILES else "quick"
+        self.stealth_level = max(0, stealth_level)
+        adjusted_concurrency = concurrency
+        if self.stealth_level >= 3:
+            adjusted_concurrency = min(concurrency, 80)
+        elif self.stealth_level == 2:
+            adjusted_concurrency = min(concurrency, 120)
+        self.concurrency = max(10, adjusted_concurrency)
+        self.timeout = timeout
+
+    async def scan(self) -> List[PortScanResult]:
+        sem = asyncio.Semaphore(self.concurrency)
+        ports = PROFILES[self.profile]
+        results: List[PortScanResult] = []
+
+        async def worker(port: int):
+            async with sem:
+                res = await self._probe(port)
+                if res:
+                    results.append(res)
+
+        await asyncio.gather(*(worker(p) for p in ports))
+        results.sort(key=lambda r: r.port)
+        return results
+
+    async def _probe(self, port: int) -> Optional[PortScanResult]:
+        try:
+            if self.stealth_level:
+                await asyncio.sleep(random.uniform(0.01, 0.2) * self.stealth_level)
+            reader, writer = await asyncio.wait_for(
+                asyncio.open_connection(self.target, port),
+                timeout=self.timeout,
+            )
+        except Exception:
+            return None
+
+        banner = None
+        try:
+            await writer.drain()
+            reader._transport.set_read_buffer_limits(1024)
+            banner_bytes = await asyncio.wait_for(reader.read(256), timeout=0.5)
+            if banner_bytes:
+                banner = banner_bytes.decode(errors="ignore").strip()
+        except Exception:
+            banner = None
+        finally:
+            writer.close()
+            with contextlib.suppress(Exception):
+                await writer.wait_closed()
+
+        return PortScanResult(port=port, status="open", banner=banner)
+
+
+__all__ = ["PortScanner", "PortScanResult", "PROFILES"]

moriarty/modules/rdap.py

@@ -0,0 +1,61 @@
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Any, Dict
+
+import structlog
+
+from .orchestrator import Orchestrator, TaskContext
+from ..net.rdap_client import RDAPClient, RDAPResponse
+
+logger = structlog.get_logger(__name__)
+
+
+@dataclass(slots=True)
+class RDAPResult:
+    query: str
+    response: Dict[str, Any]
+    url: str
+    status: int
+    latency_ms: float
+
+
+class RDAPService:
+    def __init__(
+        self,
+        client: RDAPClient,
+        orchestrator: Orchestrator[RDAPResponse],
+    ) -> None:
+        self._client = client
+        self._orchestrator = orchestrator
+
+    async def domain(self, domain: str) -> RDAPResult:
+        logger.info("rdap.lookup.start", kind="domain", value=domain)
+        response = await self._orchestrator.run(
+            TaskContext(name="rdap_domain", metadata={"value": domain}),
+            lambda: self._client.fetch(f"domain/{domain}"),
+        )
+        logger.info("rdap.lookup.success", kind="domain", value=domain)
+        return self._to_result(domain, response)
+
+    async def ip(self, ip_value: str) -> RDAPResult:
+        logger.info("rdap.lookup.start", kind="ip", value=ip_value)
+        response = await self._orchestrator.run(
+            TaskContext(name="rdap_ip", metadata={"value": ip_value}),
+            lambda: self._client.fetch(f"ip/{ip_value}"),
+        )
+        logger.info("rdap.lookup.success", kind="ip", value=ip_value)
+        return self._to_result(ip_value, response)
+
+    @staticmethod
+    def _to_result(query: str, rdap_response: RDAPResponse) -> RDAPResult:
+        return RDAPResult(
+            query=query,
+            response=rdap_response.payload,
+            url=rdap_response.url,
+            status=rdap_response.status,
+            latency_ms=rdap_response.latency_ms,
+        )
+
+
+__all__ = ["RDAPResult", "RDAPService"]

moriarty/modules/rdap_extended.py

@@ -0,0 +1,188 @@
+"""Funcionalidades estendidas de RDAP e CT logs."""
+from dataclasses import dataclass
+from typing import List, Optional
+
+import httpx
+import structlog
+
+logger = structlog.get_logger(__name__)
+
+
+@dataclass
+class ASNInfo:
+    """Informações de ASN (Autonomous System Number)."""
+    asn: int
+    name: str
+    description: str
+    country: str
+    registry: str  # ARIN, RIPE, APNIC, etc.
+    prefixes: List[str]
+
+
+@dataclass
+class CTLogEntry:
+    """Entrada do Certificate Transparency log."""
+    issuer_name: str
+    common_name: str
+    name_value: str  # SANs
+    not_before: str
+    not_after: str
+    serial_number: str
+    entry_timestamp: str
+
+
+class RDAPExtended:
+    """Cliente RDAP estendido com ASN e CT logs."""
+    
+    def __init__(self, timeout: float = 10.0):
+        self._timeout = timeout
+    
+    async def lookup_asn(self, asn: int) -> Optional[ASNInfo]:
+        """
+        Busca informações de um ASN.
+        
+        Usa RDAP bootstrap para encontrar o servidor correto.
+        """
+        logger.info("rdap.asn.lookup", asn=asn)
+        
+        try:
+            # RDAP bootstrap para ASN
+            async with httpx.AsyncClient(timeout=self._timeout, http2=True) as client:
+                # Tenta via ARIN primeiro (covering most ASNs)
+                url = f"https://rdap.arin.net/registry/autnum/{asn}"
+                response = await client.get(url)
+                
+                if response.status_code == 404:
+                    # Tenta RIPE
+                    url = f"https://rdap.db.ripe.net/autnum/{asn}"
+                    response = await client.get(url)
+                
+                if response.status_code == 404:
+                    # Tenta APNIC
+                    url = f"https://rdap.apnic.net/autnum/{asn}"
+                    response = await client.get(url)
+                
+                response.raise_for_status()
+                data = response.json()
+                
+                # Parse resposta RDAP
+                name = data.get("name", "")
+                description = ""
+                country = ""
+                
+                # Extrai informações das entities
+                entities = data.get("entities", [])
+                for entity in entities:
+                    if "vcard" in entity:
+                        # Processa vCard
+                        pass
+                
+                # Extrai prefixes (se disponível)
+                prefixes = []
+                remarks = data.get("remarks", [])
+                for remark in remarks:
+                    description += remark.get("description", [""])[0] + " "
+                
+                logger.info("rdap.asn.found", asn=asn, name=name)
+                
+                return ASNInfo(
+                    asn=asn,
+                    name=name,
+                    description=description.strip(),
+                    country=country,
+                    registry="ARIN",  # Simplificado
+                    prefixes=prefixes,
+                )
+                
+        except Exception as e:
+            logger.warning("rdap.asn.error", asn=asn, error=str(e))
+            return None
+    
+    async def lookup_prefix(self, ip: str) -> Optional[ASNInfo]:
+        """
+        Busca o ASN e prefix de um IP.
+        """
+        logger.info("rdap.prefix.lookup", ip=ip)
+        
+        try:
+            async with httpx.AsyncClient(timeout=self._timeout, http2=True) as client:
+                # RDAP IP lookup
+                url = f"https://rdap.arin.net/registry/ip/{ip}"
+                response = await client.get(url)
+                
+                if response.status_code == 404:
+                    url = f"https://rdap.db.ripe.net/ip/{ip}"
+                    response = await client.get(url)
+                
+                response.raise_for_status()
+                data = response.json()
+                
+                # Extrai ASN
+                asn = None
+                entities = data.get("entities", [])
+                for entity in entities:
+                    if "asn" in entity:
+                        asn = entity["asn"]
+                        break
+                
+                start_address = data.get("startAddress", "")
+                end_address = data.get("endAddress", "")
+                cidr = data.get("cidr0_cidrs", [{}])[0].get("v4prefix", "")
+                
+                if asn:
+                    return await self.lookup_asn(asn)
+                
+                logger.info("rdap.prefix.found", ip=ip, cidr=cidr)
+                return None
+                
+        except Exception as e:
+            logger.warning("rdap.prefix.error", ip=ip, error=str(e))
+            return None
+    
+    async def query_ct_logs(self, domain: str, limit: int = 100) -> List[CTLogEntry]:
+        """
+        Consulta Certificate Transparency logs via crt.sh.
+        
+        Retorna certificados emitidos para o domínio.
+        """
+        logger.info("ct.logs.query", domain=domain, limit=limit)
+        
+        try:
+            async with httpx.AsyncClient(timeout=self._timeout) as client:
+                # crt.sh API
+                url = "https://crt.sh/"
+                params = {
+                    "q": domain,
+                    "output": "json",
+                }
+                
+                response = await client.get(url, params=params)
+                response.raise_for_status()
+                data = response.json()
+                
+                entries = []
+                for item in data[:limit]:
+                    entry = CTLogEntry(
+                        issuer_name=item.get("issuer_name", ""),
+                        common_name=item.get("common_name", ""),
+                        name_value=item.get("name_value", ""),
+                        not_before=item.get("not_before", ""),
+                        not_after=item.get("not_after", ""),
+                        serial_number=item.get("serial_number", ""),
+                        entry_timestamp=item.get("entry_timestamp", ""),
+                    )
+                    entries.append(entry)
+                
+                logger.info("ct.logs.found", domain=domain, count=len(entries))
+                return entries
+                
+        except Exception as e:
+            logger.warning("ct.logs.error", domain=domain, error=str(e))
+            return []
+
+
+__all__ = [
+    "RDAPExtended",
+    "ASNInfo",
+    "CTLogEntry",
+]