aztarna.industrialrouters package

Submodules

aztarna.industrialrouters.scanner module

Industrial routers scanner module.

:author Alias Robotics SL (https://aliasrobotics.com)

class aztarna.industrialrouters.scanner.BaseIndustrialRouter[source]

Bases: object

Base class for holding industrial routers.

class aztarna.industrialrouters.scanner.BaseIndustrialRouterScanner[source]

Bases: object

Base class fo the different manufacturer router scanners. Includes default methods for Basic Authentication password checking and scanning.

classmethod check_default_password(router, semaphore=<asyncio.locks.Semaphore object at 0x7f0fa71ebe48 [unlocked, value:1]>)[source]

Base method to check fo default credentials by using basic HTTP authentication schemes.

This method can be overwritten in order to support different authentication schemes. Valid credentials are appended in the valid credentials attribute of each router object.

Parameters

  • router – The router for which to check the credentials.

  • semaphore – Asyncio semaphore for limiting the concurrency level.

classmethod check_is_router(address: str, port: int, semaphore=<asyncio.locks.Semaphore object at 0x7f0fa71eba58 [unlocked, value:1]>) → aztarna.industrialrouters.scanner.BaseIndustrialRouter[source]

Check if a certain router is an industrial router, given the headers defined at class level.

Parameters

  • address – IP address of the router to check.

  • port – Port of the web interface of the device to check.

  • semaphore – Asyncio semaphore to be used for concurrency limitation.

Returns

A aztarna.industrialrouters.scanner.BaseIndustrialRouter object if the checked device is a router. None otherwise.

check_router_credentials(routers: List[aztarna.industrialrouters.scanner.BaseIndustrialRouter])[source]

Check default credentials for a list of routers.

Parameters

routers – List of routers to be checked.

check_routers(addresses: List[str], ports: List[int]) → List[aztarna.industrialrouters.scanner.BaseIndustrialRouter][source]

Check for routers in a range of addressess and ports.

Parameters

  • addresses – List of addressess to be checked.

  • ports – List of ports to be checked for each address.

Returns

A list of found routers.

classmethod check_routers_shodan(shodan: shodan.client.Shodan) → List[aztarna.industrialrouters.scanner.BaseIndustrialRouter][source]

Method to search for industrial routers in Shodan, given the headers defined at class level.

Parameters

shodan – Shodan API object to be used.

Returns

List of found routers.

default_credentials = []
get_address_info(routers)[source]

Get country code and ASN description based on the routers IP address. :param routers: :return:

possible_headers = {}
router_cls = None
url_path = ''
class aztarna.industrialrouters.scanner.EWonRouter[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouter

Class for holding EWON Manufacturer routers.

class aztarna.industrialrouters.scanner.EWonScanner[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouterScanner

Scanner class for EWon routers.

default_credentials = [('adm', 'adm')]
possible_headers = {'Server': ['eWON']}
router_cls

alias of EWonRouter

url_path = 'Ast/MainAst.shtm'
class aztarna.industrialrouters.scanner.IndustrialRouterAdapter[source]

Bases: aztarna.commons.RobotAdapter

Adapter for searching, analyzing and footprinting Industrial Routers.

initialize_shodan()[source]

Intialize API connection to Shodan.

print_results()[source]

Method for printing the scan results in stdout.

router_scanner_types = [<class 'aztarna.industrialrouters.scanner.SierraWirelessScanner'>, <class 'aztarna.industrialrouters.scanner.WestermoScanner'>, <class 'aztarna.industrialrouters.scanner.MoxaScanner'>, <class 'aztarna.industrialrouters.scanner.EWonScanner'>]
scan()[source]

Method to be called in order to start the full scan procedure, based on Shodan, or locally via network scan.

scan_network()[source]

Scan a network in search for industrial routers.

scan_pipe_main()[source]
write_to_file(out_file)[source]

Method for writing the scan results to a CSV file. :param out_file: Filename for the output

class aztarna.industrialrouters.scanner.MoxaRouter[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouter

Class for holding Moxa Manufacturer routers.

class aztarna.industrialrouters.scanner.MoxaScanner[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouterScanner

Scanner class for Moxa routers.

Due to the different authentication schema used by Moxa routers, methods for checking passwords have been extended.

classmethod check_default_password(router: aztarna.industrialrouters.scanner.BaseIndustrialRouter, semaphore=<asyncio.locks.Semaphore object at 0x7f0fa71ebeb8 [unlocked, value:1]>)[source]

Method for checking for default passwords on Moxa Routers.

Parameters

  • router – Input router object to check the credentials for.

  • semaphore – Asyncio semaphore for limiting the concurrency leve.

classmethod check_password_moxahttp_1_0(client: aiohttp.client.ClientSession, context: ssl.SSLContext, content: str, router: aztarna.industrialrouters.scanner.BaseIndustrialRouter)[source]

Method for checking the passwords in MoxaHttp/1.0 router authentication schemas.

Parameters
classmethod check_password_moxahttp_2_2(client, context, content, router)[source]

Method for checking the passwords in MoxaHttp/2.2 router authentication schemas.

Parameters
default_credentials_http1 = [('root', 'efa59ad49b7bc93a9a7bb1004f24b1cc'), ('', 'd41d8cd98f00b204e9800998ecf8427e'), ('admin', 'd8a1dd02029af4e10b495bc3ab03859e')]
default_credentials_http2 = [('admin', 'root', '63a9f0ea7bb98050796b649e85481845'), ('', 'root', '63a9f0ea7bb98050796b649e85481845'), ('admin', 'admin', '21232f297a57a5a743894a0e4a801fc3'), ('admin', '', 'd41d8cd98f00b204e9800998ecf8427e')]
classmethod get_challenge_moxahttp_1_0(text: str) → Optional[str][source]

Get authentication challenge from MoxaHTTP/1.0 routers.

Parameters

text – HTML response provided by the router.

Returns

Authentication challenge if found

classmethod get_challenge_moxahttp_2_2(text: str) → Optional[str][source]

Get authentication challenge from MoxaHTTP/2.2 routers.

Parameters

text – HTML response provided by the router.

Returns

Authentication challenge if found

possible_headers = {'Server': ['MoxaHttp', 'MoxaHttp/1.0', 'MoxaHttp/2.2']}
router_cls

alias of MoxaRouter

valid_login_text_moxahttp_1_0 = 'FRAME name=main src=main.htm'
valid_login_text_moxahttp_2_2 = 'FRAME name="main" src="main.htm"'
class aztarna.industrialrouters.scanner.SierraRouter[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouter

Class for holding Sierra Wireless manufactuer routers.

class aztarna.industrialrouters.scanner.SierraWirelessScanner[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouterScanner

Scanner class for Sierra Wireless routers.

classmethod check_default_password(router: aztarna.industrialrouters.scanner.BaseIndustrialRouter, semaphore=<asyncio.locks.Semaphore object at 0x7f0fa7124048 [unlocked, value:1]>)[source]

Method for checking credentials on Sierra Wireless Routers.

Parameters
default_credentials = [('sconsole', '12345'), ('', 'admin'), ('', 'swiadmin'), ('sconsole', '12345'), ('user', '12345'), ('viewer', '12345'), ('admin', '')]
failed_message = 'Invalid UserName / Password'
possible_headers = {'Server': ['Sierra Wireless Inc, Embedded Server']}
router_cls

alias of SierraRouter

class aztarna.industrialrouters.scanner.WestermoRouter[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouter

Class for holding Westermo Manufacturer routers.

class aztarna.industrialrouters.scanner.WestermoScanner[source]

Bases: aztarna.industrialrouters.scanner.BaseIndustrialRouterScanner

Scanner class for Westermo routers.

default_credentials = [('admin', 'westermo')]
possible_headers = {'Server': ['Westermo', 'EDW']}
router_cls

alias of WestermoRouter

Module contents