Update nmap dependency to v2.0.0 (#250 )

Add libcurl requirement to build from binary (#249 )
Fix scan interval option (#246 )
2019-11-30 16:57:27 +01:00 · 2019-11-30 16:23:14 +01:00 · 2019-11-16 09:46:09 +01:00 · 2019-11-11 21:42:38 +01:00 · 2019-11-11 20:17:39 +01:00 · 2019-10-18 07:55:17 +02:00
22 changed files with 192 additions and 99 deletions
@@ -0,0 +1,12 @@
+# These are supported funding model platforms
+
+github: [ullaakut] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
@@ -1,7 +1,7 @@
 # https://github.com/golangci/golangci/wiki/Configuration

 service:
-  project-path: github.com/ullaakut/cameradar
+  project-path: github.com/Ullaakut/cameradar
  prepare:
    - apt-get update && apt-get install -y libcurl4-gnutls-dev
    - dep ensure
@@ -1,8 +1,8 @@
 # Build stage
 FROM golang:alpine AS build-env

-COPY . /go/src/github.com/ullaakut/cameradar
-WORKDIR /go/src/github.com/ullaakut/cameradar/cmd/cameradar
+COPY . /go/src/github.com/Ullaakut/cameradar
+WORKDIR /go/src/github.com/Ullaakut/cameradar/cmd/cameradar

 RUN apk update && \
    apk upgrade && \
@@ -25,8 +25,8 @@ RUN apk --update add --no-cache nmap \
    curl-dev

 WORKDIR /app/cameradar
-COPY --from=build-env /go/src/github.com/ullaakut/cameradar/dictionaries/ /app/dictionaries/
-COPY --from=build-env /go/src/github.com/ullaakut/cameradar/cmd/cameradar/ /app/cameradar/
+COPY --from=build-env /go/src/github.com/Ullaakut/cameradar/dictionaries/ /app/dictionaries/
+COPY --from=build-env /go/src/github.com/Ullaakut/cameradar/cmd/cameradar/ /app/cameradar/

 ENV CAMERADAR_CUSTOM_ROUTES="/app/dictionaries/routes"
 ENV CAMERADAR_CUSTOM_CREDENTIALS="/app/dictionaries/credentials.json"
@@ -79,14 +79,16 @@ Only use this solution if for some reason using docker is not an option for you
 ### Dependencies

 * `go` (> `1.10`)
+* `libcurl` development library
+    * For apt users: `apt install libcurl4-openssl-dev`

 ### Steps to install

 Make sure you installed the [dependencies](#dependencies), **and that you have Go modules enabled (`GO111MODULE=on`)**.

 1. `export GO111MODULE=on` (unless it's already on)
-2. `go get github.com/ullaakut/cameradar`
-3. `cd $GOPATH/src/github.com/ullaakut/cameradar`
+2. `go get github.com/Ullaakut/cameradar`
+3. `cd $GOPATH/src/github.com/Ullaakut/cameradar`
 4. `cd cmd/cameradar`
 5. `go install`

@@ -118,8 +120,9 @@ If you have [VLC Media Player](http://www.videolan.org/vlc/), you should be able

 * **"-t, --targets"**: Set target. Required. Target can be a file (see [instructions on how to format the file](#format-input-file)), an IP, an IP range, a subnetwork, or a combination of those. Example: `--targets="192.168.1.72,192.168.1.74"`
 * **"-p, --ports"**: (Default: `554,5554,8554`) Set custom ports.
-* **"-s, --speed"**: (Default: `4`) Set custom nmap discovery presets to improve speed or accuracy. It's recommended to lower it if you are attempting to scan an unstable and slow network, or to increase it if on a very performant and reliable network. You might also want to keep it low to keep your discovery stealthy. See [this for more info on the nmap timing templates](https://nmap.org/book/man-performance.html).
-* **"-T, --timeout"**: (Default: `2000`) Set custom timeout value in miliseconds after which an attack attempt without an answer should give up. It's recommended to increase it when attempting to scan unstable and slow networks or to decrease it on very performant and reliable networks.
+* **"-s, --scan-speed"**: (Default: `4`) Set custom nmap discovery presets to improve speed or accuracy. It's recommended to lower it if you are attempting to scan an unstable and slow network, or to increase it if on a very performant and reliable network. You might also want to keep it low to keep your discovery stealthy. See [this for more info on the nmap timing templates](https://nmap.org/book/man-performance.html).
+* **"-I, --attack-interval"**: (Default: `0ms`) Set custom interval after which an attack attempt without an answer should give up. It's recommended to increase it when attempting to scan unstable and slow networks or to decrease it on fast and reliable networks.
+* **"-T, --timeout"**: (Default: `2000ms`) Set custom timeout value after which an attack attempt without an answer should give up. It's recommended to increase it when attempting to scan unstable and slow networks or to decrease it on fast and reliable networks.
 * **"-r, --custom-routes"**: (Default: `<CAMERADAR_GOPATH>/dictionaries/routes`) Set custom dictionary path for routes
 * **"-c, --custom-credentials"**: (Default: `<CAMERADAR_GOPATH>/dictionaries/credentials.json`) Set custom dictionary path for credentials
 * **"-o, --nmap-output"**: (Default: `/tmp/cameradar_scan.xml`) Set custom nmap output path
@@ -175,17 +178,23 @@ These variables are optional, allowing to replace the default dictionaries with

 Default values: `<CAMERADAR_GOPATH>/dictionaries/routes` and `<CAMERADAR_GOPATH>/dictionaries/credentials.json`

-### `CAMERADAR_SPEED`
+### `CAMERADAR_SCAN_SPEED`

-This optional variable allows you to set custom nmap discovery presets to improve speed or accuracy. It's recommended to lower it if you are attempting to scan an unstable and slow network, or to increase it if on a very performant and reliable network. See [this for more info on the nmap timing templates](https://nmap.org/book/man-performance.html).
+This optional variable allows you to set custom nmap discovery presets to improve speed or accuracy. It's recommended to lower it if you are attempting to scan an unstable and slow network, or to increase it if on a fast and reliable network. See [this for more info on the nmap timing templates](https://nmap.org/book/man-performance.html).

 Default value: `4`

+### `CAMERADAR_ATTACK_INTERVAL`
+
+This optional variable allows you to set custom interval to wait between each attack in order to stay stealthy. It's recommended to increase it when attempting to scan a network that might be protected against bruteforce attacks. By default, there is no interval, in order to make attacks as fast as possible
+
+Default value: `0ms`
+
 ### `CAMERADAR_TIMEOUT`

-This optional variable allows you to set custom timeout value in miliseconds after which an attack attempt without an answer should give up. It's recommended to increase it when attempting to scan unstable and slow networks or to decrease it on very performant and reliable networks.
+This optional variable allows you to set custom timeout value after which an attack attempt without an answer should give up. It's recommended to increase it when attempting to scan unstable and slow networks or to decrease it on fast and reliable networks.

-Default value: `2000`
+Default value: `2000ms`

 ### `CAMERADAR_LOGGING`

@@ -210,8 +219,8 @@ Your image will be called `cameradar` and NOT `ullaakut/cameradar`.
 Make sure you installed the [dependencies](#dependencies), **and that you have Go modules enabled (`GO111MODULE=on`)**.

 1. `export GO111MODULE=on` (unless it's already on)
-2. `go get github.com/ullaakut/cameradar`
-3. `cd $GOPATH/src/github.com/ullaakut/cameradar`
+2. `go get github.com/Ullaakut/cameradar`
+3. `cd $GOPATH/src/github.com/Ullaakut/cameradar`
 4. `cd cmd/cameradar`
 5. `go install`

@@ -231,11 +240,11 @@ Maybe your cameras have been configured and the credentials / URL have been chan

 > What happened to the C++ version?

-You can still find it under the 1.1.4 tag on this repo, however it was less performant and stable than the current version written in Golang. It is not recommended to use it.
+You can still find it under the 1.1.4 tag on this repo, however it was slower and less stable than the current version written in Golang. It is not recommended to use it.

 > How to use the Cameradar library for my own project?

-See the example in `/cmd/cameradar`. You just need to run `go get github.com/ullaakut/cameradar` and to use the `cameradar` package in your code. You can find the documentation on [godoc](https://godoc.org/github.com/ullaakut/cameradar).
+See the example in `/cmd/cameradar`. You just need to run `go get github.com/Ullaakut/cameradar` and to use the `cameradar` package in your code. You can find the documentation on [godoc](https://godoc.org/github.com/ullaakut/cameradar).

 > I want to scan my own localhost for some reason and it does not work! What's going on?

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"time"

-	curl "github.com/ullaakut/go-curl"
+	curl "github.com/Ullaakut/go-curl"
 )

 // HTTP responses.
@@ -63,6 +63,7 @@ func (s *Scanner) Attack(targets []Stream) ([]Stream, error) {
 func (s *Scanner) ValidateStreams(targets []Stream) []Stream {
 	for i := range targets {
 		targets[i].Available = s.validateStream(targets[i])
+		time.Sleep(s.attackInterval)
 	}

 	return targets
@@ -125,6 +126,7 @@ func (s *Scanner) AttackRoute(targets []Stream) []Stream {
 func (s *Scanner) DetectAuthMethods(targets []Stream) []Stream {
 	for i := range targets {
 		targets[i].AuthenticationType = s.detectAuthMethod(targets[i])
+		time.Sleep(s.attackInterval)

 		var authMethod string
 		switch targets[i].AuthenticationType {
@@ -153,6 +155,7 @@ func (s *Scanner) attackCameraCredentials(target Stream, resChan chan<- Stream)
 				resChan <- target
 				return
 			}
+			time.Sleep(s.attackInterval)
 		}
 	}

@@ -169,6 +172,7 @@ func (s *Scanner) attackCameraRoute(target Stream, resChan chan<- Stream) {
 			resChan <- target
 			return
 		}
+		time.Sleep(s.attackInterval)
 	}

 	target.RouteFound = false
@@ -6,10 +6,10 @@ import (
 	"testing"
 	"time"

+	"github.com/Ullaakut/disgo"
+	curl "github.com/Ullaakut/go-curl"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
-	"github.com/ullaakut/disgo"
-	curl "github.com/ullaakut/go-curl"
 )

 type CurlerMock struct {
@@ -3,7 +3,7 @@
 // IP Cameras, often for surveillance.
 //
 // A simple example usage of the library can be found in
-// https://github.com/ullaakut/cameradar/tree/master/cameradar
+// https://github.com/Ullaakut/cameradar/tree/master/cameradar
 //
 // The example usage is complete enough for most users to
 // ignore the library, but for users with specific needs
@@ -7,11 +7,11 @@ import (
 	"strings"
 	"time"

+	"github.com/Ullaakut/cameradar"
+	"github.com/Ullaakut/disgo"
+	"github.com/Ullaakut/disgo/style"
 	"github.com/spf13/pflag"
 	"github.com/spf13/viper"
-	"github.com/ullaakut/cameradar"
-	"github.com/ullaakut/disgo"
-	"github.com/ullaakut/disgo/style"
 )

 func parseArguments() error {
@@ -20,10 +20,11 @@ func parseArguments() error {

 	pflag.StringSliceP("targets", "t", []string{}, "The targets on which to scan for open RTSP streams - required (ex: 172.16.100.0/24)")
 	pflag.StringSliceP("ports", "p", []string{"554", "5554", "8554"}, "The ports on which to search for RTSP streams")
-	pflag.StringP("custom-routes", "r", "${GOPATH}/src/github.com/ullaakut/cameradar/dictionaries/routes", "The path on which to load a custom routes dictionary")
-	pflag.StringP("custom-credentials", "c", "${GOPATH}/src/github.com/ullaakut/cameradar/dictionaries/credentials.json", "The path on which to load a custom credentials JSON dictionary")
-	pflag.IntP("speed", "s", 4, "The nmap speed preset to use for discovery")
-	pflag.DurationP("timeout", "T", 2*time.Second, "The timeout in miliseconds to use for attack attempts")
+	pflag.StringP("custom-routes", "r", "${GOPATH}/src/github.com/Ullaakut/cameradar/dictionaries/routes", "The path on which to load a custom routes dictionary")
+	pflag.StringP("custom-credentials", "c", "${GOPATH}/src/github.com/Ullaakut/cameradar/dictionaries/credentials.json", "The path on which to load a custom credentials JSON dictionary")
+	pflag.IntP("scan-speed", "s", 4, "The nmap speed preset to use for scanning (lower is stealthier)")
+	pflag.DurationP("attack-interval", "I", 0, "The interval between each attack  (i.e: 2000ms, higher is stealthier)")
+	pflag.DurationP("timeout", "T", 2000*time.Millisecond, "The timeout to use for attack attempts (i.e: 2000ms)")
 	pflag.BoolP("debug", "d", true, "Enable the debug logs")
 	pflag.BoolP("verbose", "v", false, "Enable the verbose logs")
 	pflag.BoolP("help", "h", false, "displays this help message")
@@ -43,10 +44,12 @@ func parseArguments() error {
 		fmt.Println("\tScanning your home network for RTSP streams:\tcameradar -t 192.168.0.0/24")
 		fmt.Println("\tScanning a remote camera on a specific port:\tcameradar -t 172.178.10.14 -p 18554 -s 2")
 		fmt.Println("\tScanning an unstable remote network: \t\tcameradar -t 172.178.10.14/24 -s 1 --timeout 10000 -l")
+		fmt.Println("\tStealthily scanning a remote network: \t\tcameradar -t 172.178.10.14/24 -s 1 -I 5000")
 		os.Exit(0)
 	}

-	if viper.GetStringSlice("targets") == nil {
+	if len(viper.GetStringSlice("targets")) == 0 {
+		pflag.Usage()
 		return errors.New("targets (-t, --targets) argument required\n    examples:\n      - 172.16.100.0/24\n      - localhost\n      - 8.8.8.8")
 	}

@@ -66,7 +69,8 @@ func main() {
 		cameradar.WithVerbose(viper.GetBool("verbose")),
 		cameradar.WithCustomCredentials(viper.GetString("custom-credentials")),
 		cameradar.WithCustomRoutes(viper.GetString("custom-routes")),
-		cameradar.WithSpeed(viper.GetInt("speed")),
+		cameradar.WithScanSpeed(viper.GetInt("scan-speed")),
+		cameradar.WithAttackInterval(viper.GetDuration("attack-interval")),
 		cameradar.WithTimeout(viper.GetDuration("timeout")),
 	)
 	if err != nil {
@@ -1,7 +1,7 @@
 package cameradar

 import (
-	curl "github.com/ullaakut/go-curl"
+	curl "github.com/Ullaakut/go-curl"
 )

 // Curler is an interface that implements the CURL interface of the go-curl library
@@ -4,7 +4,7 @@ import (
 	"reflect"
 	"testing"

-	curl "github.com/ullaakut/go-curl"
+	curl "github.com/Ullaakut/go-curl"
 )

 func TestCurl(t *testing.T) {
@@ -22,24 +22,31 @@
    "1234",
    "12345",
    "123456",
+    "12345678",
    "4321",
    "666666",
    "888888",
    "9999",
    "admin",
+    "administrator",
    "aiphone",
    "camera",
    "fliradmin",
+    "hikvision",
+    "hikadmin",
    "ikwd",
    "jvc",
    "meinsm",
    "pass",
    "password",
+    "reolink",
    "root",
    "service",
    "supervisor",
    "system",
+    "toor",
+    "tp-link",
    "ubnt",
    "wbox123"
  ]
-}
+}
@@ -1,4 +1,5 @@

+/live/ch01_0
 0/1:1/main
 0/usrnm:pwd/main
 0/video1
@@ -9,7 +10,29 @@
 11
 12
 125
+1080p
+1440p
+480p
+4K
 666
+720p
+AVStream1_1
+CAM_ID.password.mp2
+CH001.sdp
+GetData.cgi
+HD
+HighResolutionVideo
+LowResolutionVideo
+MediaInput/h264
+MediaInput/mpeg4
+ONVIF/MediaInput
+ONVIF/MediaInput?profile=4_def_profile6
+StdCh1
+Streaming/Channels/1
+Streaming/Unicast/channels/101
+StreamingSetting?version=1.0&action=getRTSPStream&ChannelID=1&ChannelName=Channel1
+VideoInput/1/h264/1
+VideoInput/1/mpeg4/1
 access_code
 access_name_for_stream_1_to_5
 api/mjpegvideo.cgi
@@ -17,18 +40,19 @@ av0_0
 av2
 avc
 avn=2
-AVStream1_1
 axis-media/media.amp
 axis-media/media.amp?camera=1
 axis-media/media.amp?videocodec=h264
 cam
-CAM_ID.password.mp2
 cam/realmonitor
 cam/realmonitor?channel=0&subtype=0
 cam/realmonitor?channel=1&subtype=0
+cam/realmonitor?channel=1&subtype=1
 cam/realmonitor?channel=1&subtype=1&unicast=true&proto=Onvif
+cam0
 cam0_0
 cam0_1
+cam1
 cam1/h264
 cam1/h264/multicast
 cam1/mjpeg
@@ -37,39 +61,34 @@ cam1/mpeg4?user='username'&pwd='password'
 cam1/onvif-h264
 camera.stm
 ch0
-ch0_0.h264
-ch0_unicast_firststream
-ch0_unicast_secondstream
 ch00/0
 ch001.sdp
-CH001.sdp
 ch01.264
 ch01.264?
 ch01.264?ptype=tcp
+ch0_0.h264
+ch0_unicast_firststream
+ch0_unicast_secondstream
 ch1-s1
 channel1
-GetData.cgi
 gnz_media/main
 h264
-h264_vga.sdp
 h264.sdp
 h264/ch1/sub/av_stream
 h264/media.amp
 h264Preview_01_main
 h264Preview_01_sub
-HighResolutionVideo
+h264_vga.sdp
 image.mpg
 img/media.sav
 img/media.sav?channel=1
 img/video.asf
 img/video.sav
 ioImage/1
+ipcam.sdp
 ipcam_h264.sdp
 ipcam_mjpeg.sdp
-ipcam.sdp
 live
-live_mpeg4.sdp
-live_st1
 live.sdp
 live/av0
 live/ch0
@@ -81,16 +100,15 @@ live/main0
 live/mpeg4
 live1.sdp
 live3.sdp
+live_mpeg4.sdp
+live_st1
 livestream
-LowResolutionVideo
 main
 media
 media.amp
 media.amp?streamprofile=Profile1
 media/media.amp
 media/video1
-MediaInput/h264
-MediaInput/mpeg4
 medias2
 mjpeg/media.smp
 mp4
@@ -109,8 +127,6 @@ nphMpeg4/g726-640x48
 nphMpeg4/g726-640x480
 nphMpeg4/nil-320x240
 onvif-media/media.amp
-ONVIF/MediaInput
-ONVIF/MediaInput?profile=4_def_profile6
 onvif1
 pass@10.0.0.5:6667/blinkhd
 play1.sdp
@@ -124,16 +140,15 @@ rtsp_live2
 rtsp_tunnel
 rtsph264
 rtsph2641080p
-StdCh1
 stream
+stream/0
+stream/1
+stream/live.sdp
 stream.sdp
 stream1
 streaming/channels/0
-Streaming/Channels/1
 streaming/channels/1
 streaming/channels/101
-Streaming/Unicast/channels/101
-StreamingSetting?version=1.0&action=getRTSPStream&ChannelID=1&ChannelName=Channel1
 tcp/av0_0
 test
 trackID=1
@@ -141,12 +156,12 @@ ucast/11
 udp/av0_0
 udp/unicast/aiphone_H264
 udpstream
-user_defined
 user.pin.mp2
-user=admin_password=?????_channel=1_stream=0.sdp?real_stream
-user=admin_password=R5XFY888_channel=1_stream=0.sdp?real_stream
 user=admin&password=&channel=1&stream=0.sdp?
 user=admin&password=&channel=1&stream=0.sdp?real_stream
+user=admin_password=?????_channel=1_stream=0.sdp?real_stream
+user=admin_password=R5XFY888_channel=1_stream=0.sdp?real_stream
+user_defined
 v2
 video
 video.3gp
@@ -156,12 +171,12 @@ video.mp4
 video.pro1
 video.pro2
 video.pro3
+video0
 video0.sdp
 video1
+video1.sdp
 video1+audio1
-videoinput_1/h264_1/media.stm
-VideoInput/1/h264/1
-VideoInput/1/mpeg4/1
 videoMain
+videoinput_1/h264_1/media.stm
 vis
-wfov
+wfov
@@ -1,12 +1,17 @@
-module github.com/ullaakut/cameradar
+module github.com/Ullaakut/cameradar

 go 1.12

 require (
+	github.com/PuerkitoBio/goquery v1.5.0
+	github.com/Ullaakut/disgo v0.3.1
+	github.com/Ullaakut/go-curl v0.0.0-20190525093431-597e157bbffd
+	github.com/Ullaakut/nmap v2.0.0+incompatible
+	github.com/VividCortex/ewma v1.1.1 // indirect
 	github.com/fatih/color v1.7.0 // indirect
 	github.com/mattn/go-colorable v0.1.2 // indirect
-	github.com/spf13/viper v1.4.0 // indirect
-	github.com/ullaakut/disgo v0.3.0
-	github.com/ullaakut/go-curl v0.0.0-20190525093431-597e157bbffd
-	github.com/ullaakut/nmap v0.0.0-20190623040344-bb4f2791e14a
+	github.com/spf13/pflag v1.0.3
+	github.com/spf13/viper v1.4.0
+	github.com/stretchr/testify v1.2.2
+	github.com/vbauerster/mpb v3.4.0+incompatible
 )
@@ -1,8 +1,21 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
+github.com/PuerkitoBio/goquery v1.5.0 h1:uGvmFXOA73IKluu/F84Xd1tt/z07GYm8X49XKHP7EJk=
+github.com/PuerkitoBio/goquery v1.5.0/go.mod h1:qD2PgZ9lccMbQlc7eEOjaeRlFQON7xY8kdmcsrnKqMg=
+github.com/Ullaakut/disgo v0.3.1 h1:BGGVHynji41KGuGI02ztTCnILRvyzlvmiCRl5bBpjKk=
+github.com/Ullaakut/disgo v0.3.1/go.mod h1:/CSvpnYVSKOeh2dvUvx9cXshzz2t7T1/lRO/MrFj3fI=
+github.com/Ullaakut/go-curl v0.0.0-20190525093431-597e157bbffd h1:CMe+dX1CL4pCXNytxIB2U1qp0xZObGMZosJhaQdUlUo=
+github.com/Ullaakut/go-curl v0.0.0-20190525093431-597e157bbffd/go.mod h1:u8mVgpDT88IPIt1B+Tu8vkrcFfBKGcfGwS9I7wmvMh0=
+github.com/Ullaakut/nmap v2.0.0+incompatible h1:tNXub052dsnG8+yrgpph9nhVixIBdpRRgzvmQoc8eBA=
+github.com/Ullaakut/nmap v2.0.0+incompatible/go.mod h1:fkC066hwfcoKwlI7DS2ARTggSVtBTZYCjVH1TzuTMaQ=
+github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdcM=
+github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+github.com/andybalholm/cascadia v1.0.0 h1:hOCXnnZ5A+3eVDX8pvgl4kofXv2ELss0bKcqRySc45o=
+github.com/andybalholm/cascadia v1.0.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
@@ -13,6 +26,7 @@ github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
@@ -46,8 +60,10 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/magiconair/properties v1.8.0 h1:LLgXmsheXeRoUOBOjtwPQCWIYqM/LU1ayDtDePerRcY=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
@@ -62,7 +78,9 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW
 github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
+github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
@@ -87,16 +105,14 @@ github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/viper v1.4.0 h1:yXHLWeravcrgGyFSyCgdYpXQ9dR9c/WED3pg1RhxqEU=
 github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
+github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
-github.com/ullaakut/disgo v0.3.0 h1:2zrEyNBfPRgDVDgzM/qLXZ4Yqt3Lxz7ERvZUSmqSY2M=
-github.com/ullaakut/disgo v0.3.0/go.mod h1:UOgLVyqihzJ7yihrHjYZikivT+AHb9NhT3r1OyPCJqg=
-github.com/ullaakut/go-curl v0.0.0-20190525093431-597e157bbffd h1:IzJ7V8S7/NXc4aLOj0QavbQZ5Z/Q2RpCifshHoJ5ytA=
-github.com/ullaakut/go-curl v0.0.0-20190525093431-597e157bbffd/go.mod h1:FTfXm4jC9Ff1yqc3/HMXCyr+SGO03vJyijJCQlNyF10=
-github.com/ullaakut/nmap v0.0.0-20190623040344-bb4f2791e14a h1:Q49G/c/ubeAPvrGGMPM0vt13gFDT5RwC6D0yOYsSjBs=
-github.com/ullaakut/nmap v0.0.0-20190623040344-bb4f2791e14a/go.mod h1:4CQy4PqZA4Snk3+MS26+1oAkJ8dCY8kGH6+kF42yajw=
+github.com/vbauerster/mpb v3.4.0+incompatible h1:mfiiYw87ARaeRW6x5gWwYRUawxaW1tLAD8IceomUCNw=
+github.com/vbauerster/mpb v3.4.0+incompatible/go.mod h1:zAHG26FUhVKETRu+MWqYXcI70POlC6N8up9p1dID7SU=
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
@@ -104,13 +120,16 @@ go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190522155817-f3200d17e092 h1:4QSRKanuywn15aTZvI/mIDEgPQpswuFndXpOj3rKEco=
 golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -136,6 +155,7 @@ google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZi
 google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
 gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
@@ -8,7 +8,7 @@ import (
 	"os"
 	"testing"

-	"github.com/ullaakut/disgo"
+	"github.com/Ullaakut/disgo"

 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
@@ -3,7 +3,7 @@ package cameradar
 import (
 	"strings"

-	"github.com/ullaakut/nmap"
+	"github.com/Ullaakut/nmap"
 )

 // Scan scans the target networks and tries to find RTSP streams within them.
@@ -25,7 +25,7 @@ func (s *Scanner) Scan() ([]Stream, error) {
 	nmapScanner, err := nmap.NewScanner(
 		nmap.WithTargets(s.targets...),
 		nmap.WithPorts(s.ports...),
-		nmap.WithTimingTemplate(nmap.Timing(s.speed)),
+		nmap.WithTimingTemplate(nmap.Timing(s.scanSpeed)),
 	)
 	if err != nil {
 		return nil, s.term.FailStepf("unable to create network scanner: %v", err)
@@ -35,11 +35,15 @@ func (s *Scanner) Scan() ([]Stream, error) {
 }

 func (s *Scanner) scan(nmapScanner nmap.ScanRunner) ([]Stream, error) {
-	results, err := nmapScanner.Run()
+	results, warnings, err := nmapScanner.Run()
 	if err != nil {
 		return nil, s.term.FailStepf("error while scanning network: %v", err)
 	}

+	for _, warning := range warnings {
+		s.term.Infoln("[Nmap Warning]", warning)
+	}
+
 	// Get streams from nmap results.
 	var streams []Stream
 	for _, host := range results.Hosts {
@@ -6,11 +6,11 @@ import (
 	"os"
 	"testing"

-	"github.com/ullaakut/disgo"
+	"github.com/Ullaakut/disgo"

+	"github.com/Ullaakut/nmap"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
-	"github.com/ullaakut/nmap"
 )

 type nmapMock struct {
@@ -88,10 +88,10 @@ func TestScan(t *testing.T) {
 			}

 			scanner := &Scanner{
-				term:    disgo.NewTerminal(disgo.WithDefaultOutput(ioutil.Discard)),
-				targets: test.targets,
-				ports:   test.ports,
-				speed:   test.speed,
+				term:      disgo.NewTerminal(disgo.WithDefaultOutput(ioutil.Discard)),
+				targets:   test.targets,
+				ports:     test.ports,
+				scanSpeed: test.speed,
 			}

 			result, err := scanner.Scan()
@@ -5,14 +5,14 @@ import (
 	"os"
 	"time"

-	"github.com/ullaakut/disgo"
-	"github.com/ullaakut/disgo/style"
-	curl "github.com/ullaakut/go-curl"
+	"github.com/Ullaakut/disgo"
+	"github.com/Ullaakut/disgo/style"
+	curl "github.com/Ullaakut/go-curl"
 )

 const (
-	defaultCredentialDictionaryPath = "${GOPATH}/src/github.com/ullaakut/cameradar/dictionaries/credentials.json"
-	defaultRouteDictionaryPath      = "${GOPATH}/src/github.com/ullaakut/cameradar/dictionaries/routes"
+	defaultCredentialDictionaryPath = "${GOPATH}/src/github.com/Ullaakut/cameradar/dictionaries/credentials.json"
+	defaultRouteDictionaryPath      = "${GOPATH}/src/github.com/Ullaakut/cameradar/dictionaries/routes"
 )

 // Scanner represents a cameradar scanner. It scans a network and
@@ -25,7 +25,8 @@ type Scanner struct {
 	ports                    []string
 	debug                    bool
 	verbose                  bool
-	speed                    int
+	scanSpeed                int
+	attackInterval           time.Duration
 	timeout                  time.Duration
 	credentialDictionaryPath string
 	routeDictionaryPath      string
@@ -134,11 +135,20 @@ func WithCustomRoutes(dictionaryPath string) func(s *Scanner) {
 	}
 }

-// WithSpeed specifies the speed at which the scan should be executed. Faster
+// WithScanSpeed specifies the speed at which the scan should be executed. Faster
 // means easier to detect, slower has bigger timeout values and is more silent.
-func WithSpeed(speed int) func(s *Scanner) {
+func WithScanSpeed(speed int) func(s *Scanner) {
 	return func(s *Scanner) {
-		s.speed = speed
+		s.scanSpeed = speed
+	}
+}
+
+// WithAttackInterval specifies the interval of time during which Cameradar
+// should wait between each attack attempt during bruteforcing.
+// Setting a high value for this obviously makes attacks much slower.
+func WithAttackInterval(interval time.Duration) func(s *Scanner) {
+	return func(s *Scanner) {
+		s.attackInterval = interval
 	}
 }

@@ -7,8 +7,8 @@ import (
 	"testing"
 	"time"

+	curl "github.com/Ullaakut/go-curl"
 	"github.com/stretchr/testify/assert"
-	curl "github.com/ullaakut/go-curl"
 )

 func TestNew(t *testing.T) {
@@ -22,6 +22,7 @@ func TestNew(t *testing.T) {
 		customCredentials string
 		customRoutes      string
 		speed             int
+		attackInterval    time.Duration
 		timeout           time.Duration

 		loadTargetsFail bool
@@ -118,7 +119,8 @@ func TestNew(t *testing.T) {
 				WithPorts(test.ports),
 				WithDebug(test.debug),
 				WithVerbose(test.verbose),
-				WithSpeed(test.speed),
+				WithScanSpeed(test.speed),
+				WithAttackInterval(test.attackInterval),
 				WithTimeout(test.timeout),
 				WithCustomCredentials(test.customCredentials),
 				WithCustomRoutes(test.customRoutes),
@@ -135,7 +137,8 @@ func TestNew(t *testing.T) {
 				assert.Equal(t, test.ports, scanner.ports)
 				assert.Equal(t, test.debug, scanner.debug)
 				assert.Equal(t, test.verbose, scanner.verbose)
-				assert.Equal(t, test.speed, scanner.speed)
+				assert.Equal(t, test.speed, scanner.scanSpeed)
+				assert.Equal(t, test.attackInterval, scanner.attackInterval)
 				assert.Equal(t, test.timeout, scanner.timeout)
 			}
 		})
@@ -1,8 +1,8 @@
 package cameradar

 import (
-	"github.com/ullaakut/disgo/style"
-	curl "github.com/ullaakut/go-curl"
+	"github.com/Ullaakut/disgo/style"
+	curl "github.com/Ullaakut/go-curl"
 )

 // PrintStreams prints information on each stream.
@@ -4,8 +4,8 @@ import (
 	"bytes"
 	"testing"

+	"github.com/Ullaakut/disgo"
 	"github.com/stretchr/testify/assert"
-	"github.com/ullaakut/disgo"
 )

 var (
@@ -10,10 +10,10 @@ import (
 	"strings"
 	"sync"

-	"github.com/ullaakut/disgo/style"
+	"github.com/Ullaakut/disgo/style"

 	"github.com/PuerkitoBio/goquery"
-	"github.com/ullaakut/disgo"
+	"github.com/Ullaakut/disgo"
 	"github.com/vbauerster/mpb"
 	"github.com/vbauerster/mpb/decor"
 )
Author	SHA1	Message	Date
Brendan Le Glaunec	d233fd850e	Update nmap dependency to v2.0.0 (#250 )	2019-11-30 16:57:27 +01:00
Brendan Le Glaunec	948aca316b	Add libcurl requirement to build from binary (#249 )	2019-11-30 16:23:14 +01:00
Brendan Le Glaunec	3f05737bf2	Fix scan interval option (#246 )	2019-11-16 09:46:09 +01:00
Brendan Le Glaunec	4aabf47a5d	Add scan interval option (#245 ) * Add scan interval option * Update tests for scan interval * Handle missing target properly * Update documentation to reflect that durations are not in milliseconds	2019-11-11 21:42:38 +01:00
Brendan Le Glaunec	cb47aef7e4	Fix capitalization issues in import path (#244 )	2019-11-11 20:17:39 +01:00
Ullaakut	bb05fcff6f	Update funding	2019-10-18 07:55:17 +02:00
Brendan Le Glaunec	8634ba84ca	Update dictionaries & dependencies for dictionary fetch tool (#240 )	2019-10-03 22:04:17 +02:00
Brendan Le Glaunec	3bd6b9171e	Encourage people to donate to charities	2019-07-02 09:37:26 +02:00
Brendan Le Glaunec	18a933ba45	Remove goreleaser (#232 ) * Debug goreleaser * Remove goreleaser	2019-06-29 04:27:57 +02:00
Ullaakut	0187d9a553	Update dependencies	2019-06-29 04:23:01 +02:00