2

HardCIDR – Network CIDR and Range Discovery Tool

 1 year ago
source link: https://www.darknet.org.uk/2022/12/hardcidr-network-cidr-and-range-discovery-tool/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

HardCIDR – Network CIDR and Range Discovery Tool

December 29, 2022

Views: 716

HardCIDR is a Linux Bash script to discover the netblocks, or ranges, (in CIDR notation) owned by the target organization during the intelligence gathering phase of a penetration test.

This information is maintained by the five Regional Internet Registries (RIRs):

  • ARIN (North America)
  • RIPE (Europe/Asia/Middle East)
  • APNIC (Asia/Pacific)
  • LACNIC (Latin America)
  • AfriNIC (Africa)

In addition to netblocks and IP addresses, Autonomous System Numbers (ASNs) are also of interest. ASNs are used as part of the Border Gateway Protocol (BGP) for uniquely identifying each network on the Internet. Target organizations may have their own ASNs due to the size of their network or as a result of redundant service paths from peered service providers. These ASNs will reveal additional netblocks owned by the organization.

Usage of HardCIDR – Network CIDR and Range Discovery Tool

The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime. The -h option lists the help:

  █▄                                         ▄█  ▄████████  ▄█  ████████▄     ▄████████
  ███                                       ███  ███    ███ ███  ███   ▀███   ███    ███
  ███          ▄███████▄    ▄████████       ███  ███    █▀  ███▌ ███    ███   ███    ███
  █████████▄  ███    ███   ████▀▀▀▀▀ ▄█████████  ███        ███▌ ███    ███  ▄███▄▄▄▄██▀
  ███▀▀▀▀███ ███     ███   ███       ███    ███  ███        ███▌ ███    ███ ▀▀███▀▀▀▀▀
  ███    ███  ███    ███   ███       ███    ███  ███    █▄  ███  ███    ███ ▀█████████▄
  ███    ███   ██▄▄▄▄█████ ███       ███   ▄███  ███    ███ ███  ███   ▄███   ███    ███
  ███    █▀     ▀▀▀▀▀▀███   ▀█       ████████▀   ▀███████▀  █▀   ████████▀    ▀██    ███
  A tool for locating target Organization netblocks
  Written by: Jason Ashton, TrustedSec
  Website: https://www.trustedsec.com
  Twitter: @ninewires
usage: ./${sname} -r -l -f -p -h -u
-r = Query [R]IPE NCC (Europe/Middle East/Central Asia)
-l = Query [L]ACNIC   (Latin America & Caribbean)
-f = Query A[f]riNIC  (Africa)
-p = Query A[P]NIC    (Asia/Pacific)
-u = Update LACNIC data file <- dont run with other options
-h = help

The options may be used in any combination, all, or none. Unfortunately, none of the “other” RIRs note the actual CIDR notation of the range, so ipcalc is used to perform this function. If it is not installed on your system, the script will install it for you.

At the prompts, enter the organization name, the email domain, and whether country codes are used as part of the email. If answered Y to country codes, you will be prompted as to whether they precede the domain name or are appended to the TLD. A directory will be created for the output files in /tmp/. If the directory is found to exist, you will be prompted to overwrite it. If answered N, a timestamp will be appended to the directory name.

You can download HardCIDR here:

hardcidr-master.zip

Or read more here.https://github.com/trustedsec/hardcidr


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK