From 332194bc34d614b4b8edeea188021d98cac684df Mon Sep 17 00:00:00 2001
From: TheTechromancer <thetechromancer@protonmail.com>
Date: Wed, 29 Nov 2023 17:21:47 -0500
Subject: [PATCH] nmap: accept IP_RANGEs

---
 bbot/modules/nmap.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/bbot/modules/nmap.py b/bbot/modules/nmap.py
index 5e485e5ac..64cfde0eb 100644
--- a/bbot/modules/nmap.py
+++ b/bbot/modules/nmap.py
@@ -3,7 +3,7 @@
 
 
 class nmap(BaseModule):
-    watched_events = ["IP_ADDRESS", "DNS_NAME"]
+    watched_events = ["IP_ADDRESS", "DNS_NAME", "IP_RANGE"]
     produced_events = ["OPEN_TCP_PORT"]
     flags = ["active", "portscan", "aggressive", "web-thorough"]
     meta = {"description": "Execute port scans with nmap"}
@@ -32,6 +32,15 @@ async def setup(self):
         self.timing = self.config.get("timing", "T4")
         self.top_ports = self.config.get("top_ports", 100)
         self.skip_host_discovery = self.config.get("skip_host_discovery", True)
+        self.ip_ranges = [e.host for e in self.scan.target.events if e.type == "IP_RANGE"]
+        return True
+
+    async def filter_event(self, event):
+        # skip IP_ADDRESSes if they are included in any of our target IP_RANGEs
+        if event.type == "IP_ADDRESS":
+            for net in self.helpers.ip_network_parents(event.data, include_self=True):
+                if net in self.ip_ranges:
+                    return False, f"Skipping {event.host} because it is already included in {net}"
         return True
 
     async def handle_batch(self, *events):