From aba13a578e05aea73ef16993f1d3b60b0561070e Mon Sep 17 00:00:00 2001
From: 1d8 <56985822+1d8@users.noreply.github.com>
Date: Thu, 22 Aug 2024 21:19:56 -0700
Subject: [PATCH] Update IOXIDResolver.py

- Added ability to specify subnet mask
- Added error handling for no route to host error message when connecting
---
 IOXIDResolver.py | 69 ++++++++++++++++++++++++++++++++++++------------
 1 file changed, 52 insertions(+), 17 deletions(-)

diff --git a/IOXIDResolver.py b/IOXIDResolver.py
index 7b01ff9..d0020f2 100644
--- a/IOXIDResolver.py
+++ b/IOXIDResolver.py
@@ -1,10 +1,45 @@
 #!/usr/bin/python
 
 import sys, getopt
+import ipaddress
 
 from impacket.dcerpc.v5 import transport
 from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_NONE
 from impacket.dcerpc.v5.dcomrt import IObjectExporter
+from impacket.dcerpc.v5.rpcrt import DCERPCException
+
+
+def getIPs(subnetMask):
+    ipList = []
+    net = ipaddress.ip_network(subnetMask, strict=False)
+    
+    for ip in net.hosts():
+        ipList.append(str(ip))
+    
+    return ipList
+
+def getAdapterInfo(ipAddress):
+    try:
+        authLevel = RPC_C_AUTHN_LEVEL_NONE
+
+        stringBinding = r'ncacn_ip_tcp:%s' % ipAddress
+        rpctransport = transport.DCERPCTransportFactory(stringBinding)
+
+        portmap = rpctransport.get_dce_rpc()
+        portmap.set_auth_level(authLevel)
+        portmap.connect()
+
+        objExporter = IObjectExporter(portmap)
+        bindings = objExporter.ServerAlive2()
+
+        print ("[*] Retrieving network interface of " + ipAddress)
+
+        #NetworkAddr = bindings[0]['aNetworkAddr']
+        for binding in bindings:
+            NetworkAddr = binding['aNetworkAddr']
+            print("Address: " + NetworkAddr)
+    except DCERPCException as e:
+        print("[!] Error when attempting to connect to {0}: {1}".format(ipAddress, str(e)))
 
 def main(argv):
 
@@ -25,26 +60,26 @@ def main(argv):
             print ('IOXIDResolver.py -t <target>')
             sys.exit()
         elif opt in ("-t", "--target"):
-            target_ip = arg
-
-    authLevel = RPC_C_AUTHN_LEVEL_NONE
-
-    stringBinding = r'ncacn_ip_tcp:%s' % target_ip
-    rpctransport = transport.DCERPCTransportFactory(stringBinding)
-
-    portmap = rpctransport.get_dce_rpc()
-    portmap.set_auth_level(authLevel)
-    portmap.connect()
+            # target_ip = arg
+            # Checking if argument contains subnet mask
+            if "/" in arg:
+                # Subnet mask specified
+                print("Subnet mask specified: {0}".format(arg))
+                ipList = getIPs(arg)
+                target_ip = ipList
+            else:
+                print("Single host specified: {0}".format(arg))
+                target_ip = arg
+    
 
-    objExporter = IObjectExporter(portmap)
-    bindings = objExporter.ServerAlive2()
+    if isinstance(target_ip, list):
+        for i in target_ip:
+            getAdapterInfo(i)
+    else:
+        getAdapterInfo(target_ip)
 
-    print ("[*] Retrieving network interface of " + target_ip)
 
-    #NetworkAddr = bindings[0]['aNetworkAddr']
-    for binding in bindings:
-        NetworkAddr = binding['aNetworkAddr']
-        print ("Address: " + NetworkAddr)
+    
 
 if __name__ == "__main__":
    main(sys.argv[1:])