{
    "info": {
        "author": "Armis Inc.",
        "author_email": "",
        "bugtrack_url": null,
        "classifiers": [
            "Development Status :: 4 - Beta",
            "Intended Audience :: System Administrators",
            "License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
            "Programming Language :: Python :: 3",
            "Programming Language :: Python :: 3.5",
            "Programming Language :: Python :: 3.6",
            "Programming Language :: Python :: 3.7",
            "Topic :: Security"
        ],
        "description": "![urgent11-detector](https://github.com/ArmisSecurity/urgent11-detector/raw/master/docs/logo.png)\n\n## urgent11-detector\nurgent11-detector is a tool to detect whether a device is running the Interpeak IPnet TCP/IP stack, and is thus at risk from the URGENT/11 vulnerabilities.\n\n## Motivation\nIn light of recent discoveries (see https://armis.com/urgent11), we decided to develop a tool designed to detect whether a device is using Interpeak's IPnet TCP/IP stack, regardless of the RTOS that powers it.\nThe IPnet TCP/IP stack is the native, built-in stack for VxWorks since version 6.5, but it has been also been supported by a wide array of RTOSs in the past.\nDetecting the underlying TCP/IP stack used by a device is a non-trivial task, and so by using this tool one can identify devices that are vulnerable to URGENT/11 vulnerabilities.\n\n## How does it work?\nThis tool implements 4 unique methods of detection in the form of a TCP and ICMP fingerprints to a target host.\nBy calculating the sum of all the methods scores, we can determine with high precision whether a device runs an OS that relies on the IPnet TCP/IP stack and whether this OS is VxWorks.\nMoreover, we also test whether the host is vulnerable to CVE-2019-12258, which is one of the URGENT/11 vulnerabilities that affects all VxWorks versions that use IPnet.\nIf a device is detected as running IPnet on VxWorks, and is NOT vulnerable to this CVE, one can deduce this device has been patched against the URGENT/11 vulnerabilities.\n\n## Getting Started\nInstall the tool directly with pip3:\n```\npip3 install urgent11-detector\n```\nAnd than run it like this:\n```\nurgent11-detector IP PORT\n```\nAlternatively, you can install the [dependencies](#dependencies) and run it manually\n```\n./urgent11-detector.py IP PORT\n```\n\n#### My head hurts.. can you simplify?\n![demo](https://github.com/ArmisSecurity/urgent11-detector/raw/master/docs/demo.gif)\n\n#### Dependencies\nAssuming you have python3 installed - the only dependencies are scapy and python-iptables.\nInstall them using:\n```\npip3 install scapy python-iptables\n```\nor advice the formal [scapy installation guide](https://scapy.readthedocs.io/en/latest/installation.html)\nand the formal [python-iptables documentation](https://github.com/ldx/python-iptables#installing).\n\nIn addition, urgent11-detector currently supports running on a Linux setup exclusively.\n\n## License\nCopyright 2019 Armis.\n\nLicensed under the GNU Affero General Public License, Version 3.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n[https://www.gnu.org/licenses/agpl-3.0.txt](https://www.gnu.org/licenses/agpl-3.0.txt)\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.",
        "description_content_type": "text/markdown",
        "docs_url": null,
        "download_url": "",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "https://github.com/ArmisSecurity/urgent11-detector",
        "keywords": "windriver vxworks rtos interpeak ipnet urgent/11 urgent11 armis",
        "license": "",
        "maintainer": "",
        "maintainer_email": "",
        "name": "urgent11-detector",
        "package_url": "https://pypi.org/project/urgent11-detector/",
        "platform": "",
        "project_url": "https://pypi.org/project/urgent11-detector/",
        "project_urls": {
            "Armis": "http://armis.com",
            "Bug Reports": "https://github.com/ArmisSecurity/urgent11-detector/issues",
            "Homepage": "https://github.com/ArmisSecurity/urgent11-detector"
        },
        "release_url": "https://pypi.org/project/urgent11-detector/0.1.2/",
        "requires_dist": null,
        "requires_python": ">=3.4",
        "summary": "URGENT/11 detection tool by Armis",
        "version": "0.1.2"
    },
    "last_serial": 5945312,
    "releases": {
        "0.1.1": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "124a5949ed7cf2b992a6d94c18f48f2e",
                    "sha256": "387751901940436b135755c1746abe29c04d9903d0a31c0f2cdbb62fe6ec9f14"
                },
                "downloads": -1,
                "filename": "urgent11-detector-0.1.1.tar.gz",
                "has_sig": false,
                "md5_digest": "124a5949ed7cf2b992a6d94c18f48f2e",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*",
                "size": 5788,
                "upload_time": "2019-10-01T16:46:26",
                "url": "https://files.pythonhosted.org/packages/1a/32/200917b0916def654970d99894a72cc1d1afcbdff443e21f65942c637445/urgent11-detector-0.1.1.tar.gz"
            }
        ],
        "0.1.2": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "83e332db3efbb7f196ffb3ba6e83605d",
                    "sha256": "305b09b5f1709eb2d6baf41d566c7ac29bb5406916732e83ff6dd3542e155931"
                },
                "downloads": -1,
                "filename": "urgent11-detector-0.1.2.tar.gz",
                "has_sig": false,
                "md5_digest": "83e332db3efbb7f196ffb3ba6e83605d",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": ">=3.4",
                "size": 5889,
                "upload_time": "2019-10-08T15:12:04",
                "url": "https://files.pythonhosted.org/packages/b1/4e/55bb9454240794caa9daca8c65858785060007d99dffc99ee9fe24faca56/urgent11-detector-0.1.2.tar.gz"
            }
        ]
    },
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "83e332db3efbb7f196ffb3ba6e83605d",
                "sha256": "305b09b5f1709eb2d6baf41d566c7ac29bb5406916732e83ff6dd3542e155931"
            },
            "downloads": -1,
            "filename": "urgent11-detector-0.1.2.tar.gz",
            "has_sig": false,
            "md5_digest": "83e332db3efbb7f196ffb3ba6e83605d",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.4",
            "size": 5889,
            "upload_time": "2019-10-08T15:12:04",
            "url": "https://files.pythonhosted.org/packages/b1/4e/55bb9454240794caa9daca8c65858785060007d99dffc99ee9fe24faca56/urgent11-detector-0.1.2.tar.gz"
        }
    ]
}