The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network centric applications such as: IP Scanners, Port Knockers, Clients, Servers, etc.
In it’s current state, the Forerunner library is able to both synchronously and asynchronously scan and port knock IP addresses in order to obtain information about the device located at that endpoint such as: whether the IP is online, the physical MAC address, and etc.
The library is a completely object oriented and event based library meaning that scan data is contained within specially crafted “scan” objects which are designed to handle all data from results to exceptions.
Requirements
Also Read – Minimalistic Offensive Security Tools
Features
| Method | Description | Usage |
|---|---|---|
| Scan | Scan a single IP for information | Scan("192.168.1.1"); |
| ScanRange | Scan a range of IPs for information | ScanRange("192.168.1.1", "192.168.1.255") |
| ScanList | Scan a list of IPs for information | ScanList("192.168.1.1, 192.168.1.2, 192.168.1.3") |
| PortKnock | Ping every port of a single IP | PortKnock("192.168.1.1"); |
| PortKnockRange | Ping every port in a range of IPs | PortKnockRange("192.168.1.1", "192.168.1.255"); |
| PortKnockList | Ping every port using a list of IPs | PortKnockList("192.198.1.1, 192.168.1.2, 192.168.1.3"); |
| IsHostAlive | Ping a host N times for X milliseconds | IsHostAlive("192.168.1.1", 5, 1000); |
| GetAveragePingResponse | Get average ping response for a host | GetAveragePingResponse("192.168.1.1", 5, 1000); |
| IsPortOpen | Ping individual ports via TCP & UDP | IsPortOpen("192.168.1.1", 45000, new TimeSpan(1000), false); |
Examples
IP Scanning
Scanning a network is a commonplace task in this digital age and so I have taken the liberty to make this as simple as possible for any future programmer whom may wish to do such a thing in an easy way. The Forerunner library is completely object oriented, thus making it ideal for plug and play situations; the object for IP scanning is called an IPScanObject and it actually contains quite a few properties:
With the object in mind, let’s try and create a new object and perform a scan using it. There are multiple ways to go about this, however, the simplest way to get started is to first create a new Scanner object so we can access our scanning methods. Next, create an IPScanObject and then set it to the Scan method with the IP you would like to enumerate; for example:
using System;
using Forerunner; // Remember to import our library.
namespace Example
{
class Program
{
static void Main(string[] args)
{
// Our IP we would like to scan.
string ip = "192.168.1.1";
// Create a new scanner object.
Scanner s = new Scanner();
// Create a new scan object and perform a scan.
IPScanObject result = s.Scan(ip);
// Output that we have finished the scan.
if (result.Errors != null)
Console.WriteLine("[x] An error occurred during the scan.");
else
Console.WriteLine("[+] " + ip + " has been successfully scanned!")
// Allow the user to exit at any time.
Console.Read();
}
}
} Another way, which is my preferred method of operation, is to create a Scanner object and subscribe to the Event Handlers of things like ScanAsyncProgressChanged or ScanAsyncComplete, that way I have full control over my async methods; I can control how they’re progress states affect my application and so on; for example:
using System;
using Forerunner; // Remember to import our library.
namespace Example
{
class Program
{
static void Main(string[] args)
{
// Our IP we would like to scan.
string ip = "192.168.1.1";
// Create a new scanner object.
Scanner s = new Scanner();
// Create a new scan object and perform a scan.
PKScanObject result = s.PortKnock(ip);
// Output that we have finished the scan.
if (result.Errors != null)
Console.WriteLine("[x] An error occurred during the scan.");
else
Console.WriteLine("[+] " + ip + " has been successfully scanned!")
// Display our results.
foreach (PKServiceObject port in result.Services)
{
Console.WriteLine("[+] IP: " + port.IP + " | " +
"Port: " + port.Port.ToString() + " | " +
"Protocol: " + port.Protocol.ToString() + " | " +
"Status: " + port.Status.ToString());
}
// Allow the user to exit at any time.
Console.Read();
}
}
} Port Knocking
I know what you’re thinking. Port knocking? Yes, and no. The term doesn’t mean port knocking in the traditional sense of connecting through a predefined set of ports, but rather just checking if any ports are actually open. It’s literally “knocking” on a port in every sense of the word by trying to connect to each port and sending data. Just like with IP scanning, port knocking uses a custom object which is called a “Port Knock Scan Object” or PKScanObject for short. The PKScanObject actually contains a list of PKServiceObjects which in turn hold our port data; the service object contains the following properties:
Port knocking is in similar fashion with IP scanning. First, create a Scanner object. Next, create a new PKScanObject and set it to the PortKnock method with the IP of your choosing, then display your results; for example:
using System;
using Forerunner; // Remember to import our library.
namespace Example
{
class Program
{
static void Main(string[] args)
{
// Our IP we would like to scan.
string ip = "192.168.1.1";
// Create a new scanner object.
Scanner s = new Scanner();
// Create a new scan object and perform a scan.
PKScanObject result = s.PortKnock(ip);
// Output that we have finished the scan.
if (result.Errors != null)
Console.WriteLine("[x] An error occurred during the scan.");
else
Console.WriteLine("[+] " + ip + " has been successfully scanned!")
// Display our results.
foreach (PKServiceObject port in result.Services)
{
Console.WriteLine("[+] IP: " + port.IP + " | " +
"Port: " + port.Port.ToString() + " | " +
"Protocol: " + port.Protocol.ToString() + " | " +
"Status: " + port.Status.ToString());
}
// Allow the user to exit at any time.
Console.Read();
}
}
} Lastly, I will show you a simple example of port knocking asynchronously. It is essentially the same as port knocking synchronously except for the fact that you can use events to your advantage. You can get progress updates without having to worry about UIs crashing or systems being in a locked state; for example:
using System;
using System.Threading.Tasks;
using Forerunner; // Remember to import our library.
namespace Example
{
class Program
{
static void Main(string[] args)
{
// Our IP we would like to scan.
string ip = "192.168.1.1";
// Setup our scanner object.
Scanner s = new Scanner();
s.PortKnockAsyncProgressChanged += new PortKnockAsyncProgressChangedHandler(PortKnockAsyncProgressChanged);
s.PortKnockAsyncComplete += new PortKnockAsyncCompleteHandler(PortKnockAsyncComplete);
// Start a new scan task with our ip.
TaskFactory task = new TaskFactory();
task.StartNew(() => s.PortKnockAsync(ip));
// Allow the user to exit at any time.
Console.Read();
}
static void PortKnockAsyncProgressChanged(object sender, PortKnockAsyncProgressChangedEventArgs e)
{
// Display our progress so we know the ETA.
if (e.Progress == 99)
{
Console.Write(e.Progress.ToString() + "%...");
Console.WriteLine("100%!");
}
else
Console.Write(e.Progress.ToString() + "%...");
}
static void PortKnockAsyncComplete(object sender, PortKnockAsyncCompleteEventArgs e)
{
// Tell the user that the port knock was complete.
Console.WriteLine("[+] Port Knock Complete!");
// Check if we resolved an error.
if (e.Result == null)
Console.WriteLine("[X] The port knock did not return any data!");
else
{
// Check if we have any ports recorded.
if (e.Result.Services.Count == 0)
Console.WriteLine("[!] No ports were open during the knock.");
else
{
// Display our ports and their details.
foreach (PKServiceObject port in e.Result.Services)
{
Console.WriteLine("[+] IP: " + port.IP + " | " +
"Port: " + port.Port.ToString() + " | " +
"Protocol: " + port.Protocol.ToString() + " | " +
"Status: " + port.Status.ToString());
}
}
}
}
}
} shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…
Embark on the journey of becoming a certified Red Team professional with our definitive guide.…
This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…
This took me like 4 days (+2 days for an update), but I got it…
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…