Aztarna – A Footprinting Tool For Robots

This repository contains Alias Robotics’ aztarna, a footprinting tool for robots.Alias Robotics supports original robot manufacturers assessing their security and improving their quality of software. By no means we encourage or promote the unauthorized tampering with running robotic systems. This can cause serious human harm and material damages.For ROSA list of the ROS nodes present in the system (Publishers and Subscribers)For each node, the published and subscribed topis including the topic typeFor each node, the ROS services each of the nodes offerA list of all ROS parameters present in the Parameter ServerA list of the active communications running in the system. A single communication includes the involved publiser/subscriber nodes and the topicsFor SROSDetermining if the system is a SROS master.Detecting if demo configuration is in use.A list of the nodes found in the system. (Extended mode)A list of allow/deny policies for each node.Publishable topics.Subscriptable topics.Executable services.Readable parameters.For Industrial routersDetecting eWON, Moxa, Sierra Wireless and Westermo industrial routers.Default credential checking for found routers.InstallingFor productionDirecly from PyPipip3 install aztarnaor from the repository:pip3 install .For developmentpip3 install -e .orpython3 developPython 3.7 and the setuptools package is required for installation.Install with dockerdocker build -t aztarna_docker .Code usage:usage: aztarna [-h] -t TYPE [-a ADDRESS] [-p PORTS] [-i INPUT_FILE] [-o OUT_FILE] [-e] [-r RATE] [–shodan] [–api-key API_KEY]Aztarnaoptional arguments: -h, –help show this help message and exit -t TYPE, –type TYPE Scan ROS, SROS hosts or Industrial routers -a ADDRESS, –address ADDRESS Single address or network range to scan. -p PORTS, –ports PORTS Ports to scan (format: 13311 or 11111-11155 or 1,2,3,4) -i INPUT_FILE, –input_file INPUT_FILE Input file of addresses to use for scanning -o OUT_FILE, –out_file OUT_FILE Output file for the results -e, –extended Extended scan of the hosts -r RATE, –rate RATE Maximum simultaneous network connections –shodan Use shodan for the scan types that support it. –api-key API_KEY Shodan API KeyRun the code (example input file):aztarna -t ROS -p 11311 -i ros_scan_s20.csvRun the code with Docker (example input file):docker run -v <host_path>:/root -it aztarna_docker -t ROS -p 11311 -i <input_file>Run the code (example single ip address):aztarna -t ROS -p 11311 -a the code (example subnet):aztarna -t ROS -p 11311 -a the code (example single ip address, port range):aztarna -t ROS -p 11311-11500 -a the code (example single ip address, port list):aztarna -t ROS -p 11311,11312,11313 -a the code (example piping directly from zmap):zmap -p 11311 -q | aztarna -t SROS -p 11311Run the code (example search for industrial routers in shodan)aztarna -t IROUTERS –shodan –api-key <yourshodanapikey>Run the code (example search for industrial routers in shodan, piping to file)aztarna -t IROUTERS –shodan –api-key <yourshodanapikey> -o routers.csvDownload Aztarna