class SSLScan::Socket::RangeWalker

This class provides an interface to enumerating an IP range

This class uses start,stop pairs to represent ranges of addresses. This is very efficient for large numbers of consecutive addresses, and not show-stoppingly inefficient when storing a bunch of non-consecutive addresses, which should be a somewhat unusual case.

@example

r = RangeWalker.new("10.1,3.1-7.1-255")
r.include?("10.3.7.255") #=> true
r.length #=> 3570
r.each do |addr|
  # do something with the address
end

Attributes

length[R]

The total number of IPs within the range

@return [Fixnum]

num_ips[R]

The total number of IPs within the range

@return [Fixnum]

ranges[R]

A list of the {Range ranges} held in this RangeWalker @return [Array]

Public Class Methods

new(parseme) click to toggle source

Initializes a walker instance using the supplied range

@param parseme [RangeWalker,String]

# File lib/ssl_scan/socket/range_walker.rb, line 39
def initialize(parseme)
  if parseme.is_a? RangeWalker
    @ranges = parseme.ranges.dup
  else
    @ranges = parse(parseme)
  end
  reset
end
parse(parseme) click to toggle source

Calls the instance method

This is basically only useful for determining if a range can be parsed

@return (see parse)

# File lib/ssl_scan/socket/range_walker.rb, line 54
def self.parse(parseme)
  self.new.parse(parseme)
end

Public Instance Methods

each(&block) click to toggle source

Calls the given block with each address. This is basically a wrapper for {#next_ip}

@return [self]

# File lib/ssl_scan/socket/range_walker.rb, line 261
def each(&block)
  while (ip = next_ip)
    block.call(ip)
  end
  reset

  self
end
expand_cidr(arg) click to toggle source

Returns an Array with one element, a {Range} defined by the given CIDR block.

@see SSLScan::Socket.cidr_crack @param arg [String] A CIDR range @return [Range] @return [false] if arg is not valid CIDR notation

# File lib/ssl_scan/socket/range_walker.rb, line 278
def expand_cidr(arg)
  start,stop = SSLScan::Socket.cidr_crack(arg)
  if !start or !stop
    return false
  end
  range = Range.new
  range.start = SSLScan::Socket.addr_atoi(start)
  range.stop = SSLScan::Socket.addr_atoi(stop)
  range.options = { :ipv6 => (arg.include?(":")) }

  return range
end
expand_nmap(arg) click to toggle source

Expands an nmap-style host range x.x.x.x where x can be simply “*” which means 0-255 or any combination and repitition of:

i,n
n-m
i,n-m
n-m,i

ensuring that n is never greater than m.

non-unique elements will be removed

e.g.:
  10.1.1.1-3,2-2,2 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3"]
  10.1.1.1-3,7 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3", "10.1.1.7"]

Returns an array of Ranges

# File lib/ssl_scan/socket/range_walker.rb, line 307
def expand_nmap(arg)
  # Can't really do anything with IPv6
  return false if arg.include?(":")

  # nmap calls these errors, but it's hard to catch them with our
  # splitting below, so short-cut them here
  return false if arg.include?(",-") or arg.include?("-,")

  bytes = []
  sections = arg.split('.')
  if sections.length != 4
    # Too many or not enough dots
    return false
  end
  sections.each { |section|
    if section.empty?
      # pretty sure this is an unintentional artifact of the C
      # functions that turn strings into ints, but it sort of makes
      # sense, so why not
      #   "10...1" => "10.0.0.1"
      section = "0"
    end

    if section == "*"
      # I think this ought to be 1-254, but this is how nmap does it.
      section = "0-255"
    elsif section.include?("*")
      return false
    end

    # Break down the sections into ranges like so
    # "1-3,5-7" => ["1-3", "5-7"]
    ranges = section.split(',', -1)
    sets = []
    ranges.each { |r|
      bounds = []
      if r.include?('-')
        # Then it's an actual range, break it down into start,stop
        # pairs:
        #   "1-3" => [ 1, 3 ]
        # if the lower bound is empty, start at 0
        # if the upper bound is empty, stop at 255
        #
        bounds = r.split('-', -1)
        return false if (bounds.length > 2)

        bounds[0] = 0   if bounds[0].nil? or bounds[0].empty?
        bounds[1] = 255 if bounds[1].nil? or bounds[1].empty?
        bounds.map!{|b| b.to_i}
        return false if bounds[0] > bounds[1]
      else
        # Then it's a single value
        bounds[0] = r.to_i
      end
      return false if bounds[0] > 255 or (bounds[1] and bounds[1] > 255)
      return false if bounds[1] and bounds[0] > bounds[1]
      if bounds[1]
        bounds[0].upto(bounds[1]) do |i|
          sets.push(i)
        end
      elsif bounds[0]
        sets.push(bounds[0])
      end
    }
    bytes.push(sets.sort.uniq)
  }

  #
  # Combinitorically squish all of the quads together into a big list of
  # ip addresses, stored as ints
  #
  # e.g.:
  #  [[1],[1],[1,2],[1,2]]
  #  =>
  #  [atoi("1.1.1.1"),atoi("1.1.1.2"),atoi("1.1.2.1"),atoi("1.1.2.2")]
  addrs = []
  for a in bytes[0]
    for b in bytes[1]
      for c in bytes[2]
        for d in bytes[3]
          ip = (a << 24) + (b << 16) + (c << 8) + d
          addrs.push ip
        end
      end
    end
  end

  addrs.sort!
  addrs.uniq!

  rng = Range.new
  rng.options = { :ipv6 => false }
  rng.start = addrs[0]

  ranges = []
  1.upto(addrs.length - 1) do |idx|
    if addrs[idx - 1] + 1 == addrs[idx]
      # Then this address is contained in the current range
      next
    else
      # Then this address is the upper bound for the current range
      rng.stop = addrs[idx - 1]
      ranges.push(rng.dup)
      rng.start = addrs[idx]
    end
  end
  rng.stop = addrs[addrs.length - 1]
  ranges.push(rng.dup)
  return ranges
end
include?(addr) click to toggle source

Returns true if the argument is an ip address that falls within any of the stored ranges.

@return [true] if this RangeWalker contains addr @return [false] if not

# File lib/ssl_scan/socket/range_walker.rb, line 225
def include?(addr)
  return false if not @ranges
  if (addr.is_a? String)
    addr = SSLScan::Socket.addr_atoi(addr)
  end
  @ranges.map { |r|
    if addr.between?(r.start, r.stop)
      return true
    end
  }
  return false
end
include_range?(other) click to toggle source

Returns true if this RangeWalker includes all of the addresses in the given RangeWalker

@param other [RangeWalker]

# File lib/ssl_scan/socket/range_walker.rb, line 243
def include_range?(other)
  return false if (!@ranges || @ranges.empty?)
  return false if !other.ranges || other.ranges.empty?

  # Check that all the ranges in +other+ fall within at least one of
  # our ranges.
  other.ranges.all? do |other_range|
    ranges.any? do |range|
      other_range.start.between?(range.start, range.stop) && other_range.stop.between?(range.start, range.stop)
    end
  end
end
next()
Alias for: next_ip
next_ip() click to toggle source

Returns the next IP address.

@return [String] The next address in the range

# File lib/ssl_scan/socket/range_walker.rb, line 191
def next_ip
  return false if not valid?
  if (@curr_addr > @ranges[@curr_range_index].stop)
    # Then we are at the end of this range. Grab the next one.

    # Bail if there are no more ranges
    return nil if (@ranges[@curr_range_index+1].nil?)

    @curr_range_index += 1

    @curr_addr = @ranges[@curr_range_index].start
  end
  addr = SSLScan::Socket.addr_itoa(@curr_addr, @ranges[@curr_range_index].ipv6?)

  if @ranges[@curr_range_index].options[:scope_id]
    addr = addr + '%' + @ranges[@curr_range_index].options[:scope_id]
  end

  @curr_addr += 1
  return addr
end
Also aliased as: next
parse(parseme) click to toggle source

Turn a human-readable range string into ranges we can step through one address at a time.

Allow the following formats:

"a.b.c.d e.f.g.h"
"a.b.c.d, e.f.g.h"

where each chunk is CIDR notation, (e.g. '10.1.1.0/24') or a range in nmap format (see {#expand_nmap})

OR this format

"a.b.c.d-e.f.g.h"

where a.b.c.d and e.f.g.h are single IPs and the second must be bigger than the first.

@param parseme [String] @return [self] @return [false] if parseme cannot be parsed

# File lib/ssl_scan/socket/range_walker.rb, line 74
def parse(parseme)
  return nil if not parseme
  ranges = []
  parseme.split(', ').map{ |a| a.split(' ') }.flatten.each do |arg|
    opts = {}

    # Handle IPv6 first (support ranges, but not CIDR)
    if arg.include?(":")
      addrs = arg.split('-', 2)

      # Handle a single address
      if addrs.length == 1
        addr, scope_id = addrs[0].split('%')
        opts[:scope_id] = scope_id if scope_id
        opts[:ipv6] = true

        return false unless SSLScan::Socket.is_ipv6?(addr)
        addr = SSLScan::Socket.addr_atoi(addr)
        ranges.push(Range.new(addr, addr, opts))
        next
      end

      addr1, scope_id = addrs[0].split('%')
      opts[:scope_id] = scope_id if scope_id

      addr2, scope_id = addrs[0].split('%')
      ( opts[:scope_id] ||= scope_id ) if scope_id

      # Both have to be IPv6 for this to work
      return false unless (SSLScan::Socket.is_ipv6?(addr1) && SSLScan::Socket.is_ipv6?(addr2))

      # Handle IPv6 ranges in the form of 2001::1-2001::10
      addr1 = SSLScan::Socket.addr_atoi(addr1)
      addr2 = SSLScan::Socket.addr_atoi(addr2)

      ranges.push(Range.new(addr1, addr2, opts))
      next

    # Handle IPv4 CIDR
    elsif arg.include?("/")
      # Then it's CIDR notation and needs special case
      return false if arg =~ /[,-]/ # Improper CIDR notation (can't mix with 1,3 or 1-3 style IP ranges)
      return false if arg.scan("/").size > 1 # ..but there are too many slashes
      ip_part,mask_part = arg.split("/")
      return false if ip_part.nil? or ip_part.empty? or mask_part.nil? or mask_part.empty?
      return false if mask_part !~ /^[0-9]{1,2}$/ # Illegal mask -- numerals only
      return false if mask_part.to_i > 32 # This too -- between 0 and 32.
      if ip_part =~ /^\d{1,3}(\.\d{1,3}){1,3}$/
        return false unless ip_part =~ SSLScan::Socket::MATCH_IPV4
      end
      begin
        SSLScan::Socket.getaddress(ip_part) # This allows for "www.metasploit.com/24" which is fun.
      rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
        return false # Can't resolve the ip_part, so bail.
      end

      expanded = expand_cidr(arg)
      if expanded
        ranges.push(expanded)
      else
        return false
      end

    # Handle hostnames
    elsif arg =~ /[^-0-9,.*]/
      # Then it's a domain name and we should send it on to addr_atoi
      # unmolested to force a DNS lookup.
      begin
        ranges += SSLScan::Socket.addr_atoi_list(arg).map { |a| Range.new(a, a, opts) }
      rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
        return false
      end

    # Handle IPv4 ranges
    elsif arg =~ /^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})-([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/

      # Then it's in the format of 1.2.3.4-5.6.7.8
      # Note, this will /not/ deal with DNS names, or the fancy/obscure 10...1-10...2
      begin
        start, stop = SSLScan::Socket.addr_atoi($1), SSLScan::Socket.addr_atoi($2)
        return false if start > stop # The end is greater than the beginning.
        ranges.push(Range.new(start, stop, opts))
      rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
        return false
      end
    else
      # Returns an array of ranges
      expanded = expand_nmap(arg)
      if expanded
        expanded.each { |r| ranges.push(r) }
      end
    end
  end

  # Remove any duplicate ranges
  ranges = ranges.uniq

  return ranges
end
reset() click to toggle source

Resets the subnet walker back to its original state.

@return [self]

# File lib/ssl_scan/socket/range_walker.rb, line 178
def reset
  return false if not valid?
  @curr_range_index = 0
  @curr_addr = @ranges.first.start
  @length = 0
  @ranges.each { |r| @length += r.length }

  self
end
valid?() click to toggle source

Whether this RangeWalker's ranges are valid

# File lib/ssl_scan/socket/range_walker.rb, line 216
def valid?
  (@ranges && !@ranges.empty?)
end