def test_snmp_no_priv_alg_but_pw_credentials(self, mock_kb): dummy = DummyDaemon() creds = { 'snmp': { 'type': 'snmp', 'username': '******', 'password': '******', 'community': 'some comunity', 'auth_algorithm': 'sha1', 'privacy_password': '******', }, } dummy.scan_collection.get_credentials = MagicMock(return_value=creds) p_handler = PreferenceHandler( '1234-1234', mock_kb, dummy.scan_collection, None ) p_handler.scan_id = '456-789' p_handler.kbdb.add_scan_preferences = MagicMock() ret = p_handler.prepare_credentials_for_openvas() errors = p_handler.get_error_messages() self.assertFalse(ret) self.assertIn( "When no privacy algorithm is used, the privacy" + " password also has to be empty.", errors, )
def test_snmp_unknown_auth_alg_credentials(self, mock_kb): dummy = DummyDaemon() creds = { 'snmp': { 'type': 'snmp', 'username': '******', 'password': '******', 'community': 'some comunity', 'auth_algorithm': 'sha2', }, } dummy.scan_collection.get_credentials = MagicMock(return_value=creds) p_handler = PreferenceHandler( '1234-1234', mock_kb, dummy.scan_collection, None ) p_handler.scan_id = '456-789' p_handler.kbdb.add_scan_preferences = MagicMock() ret = p_handler.prepare_credentials_for_openvas() errors = p_handler.get_error_messages() self.assertFalse(ret) self.assertIn( "Unknown authentication algorithm: " + "sha2" + ". Use 'md5' or 'sha1'.", errors, )
def test_set_bad_service_credentials(self, mock_kb): dummy = DummyDaemon() # bad cred type shh instead of ssh creds = { 'shh': { 'type': 'up', 'port': '22', 'username': '******', 'password': '******', }, } dummy.scan_collection.get_credentials = MagicMock(return_value=creds) p_handler = PreferenceHandler( '1234-1234', mock_kb, dummy.scan_collection, None ) p_handler.scan_id = '456-789' p_handler.kbdb.add_scan_preferences = MagicMock() ret = p_handler.prepare_credentials_for_openvas() errors = p_handler.get_error_messages() self.assertFalse(ret) self.assertIn("Unknown service type for credential: shh", errors)
def test_missing_type_for_ssh_credentials(self, mock_kb): dummy = DummyDaemon() creds = { 'ssh': { 'port': '22', 'username': '******', 'password': '******', }, } dummy.scan_collection.get_credentials = MagicMock(return_value=creds) p_handler = PreferenceHandler( '1234-1234', mock_kb, dummy.scan_collection, None ) p_handler.scan_id = '456-789' p_handler.kbdb.add_scan_preferences = MagicMock() ret = p_handler.prepare_credentials_for_openvas() errors = p_handler.get_error_messages() self.assertFalse(ret) self.assertIn( "Missing Credential Type for SSH." + " Use 'up' for Username + Password" + " or 'usk' for Username + SSH Key.", errors, )
def test_set_credentials_empty(self, mock_kb): w = DummyDaemon() creds = {} w.scan_collection.get_credentials = MagicMock(return_value=creds) p = PreferenceHandler('1234-1234', mock_kb, w.scan_collection, None) p._openvas_scan_id = '456-789' p.kbdb.add_scan_preferences = MagicMock() r = p.prepare_credentials_for_openvas() self.assertTrue(r)
def test_set_credentials(self, mock_kb): w = DummyDaemon() # bad cred type shh instead of ssh creds = { 'shh': { 'type': 'ssh', 'port': '22', 'username': '******', 'password': '******', }, } w.scan_collection.get_credentials = MagicMock(return_value=creds) p = PreferenceHandler('1234-1234', mock_kb, w.scan_collection, None) p._openvas_scan_id = '456-789' p.kbdb.add_scan_preferences = MagicMock() r = p.prepare_credentials_for_openvas() self.assertFalse(r)
def test_missing_ssh_port_credentials(self, mock_kb): dummy = DummyDaemon() creds = { 'ssh': { 'type': 'up', 'username': '******', 'password': '******', }, } dummy.scan_collection.get_credentials = MagicMock(return_value=creds) p_handler = PreferenceHandler( '1234-1234', mock_kb, dummy.scan_collection, None ) p_handler.scan_id = '456-789' p_handler.kbdb.add_scan_preferences = MagicMock() ret = p_handler.prepare_credentials_for_openvas() self.assertTrue(ret)
def test_set_credentials(self, mock_kb): w = DummyDaemon() creds = { 'ssh': { 'type': 'ssh', 'port': '22', 'username': '******', 'password': '******', }, 'smb': { 'type': 'smb', 'username': '******', 'password': '******' }, 'esxi': { 'type': 'esxi', 'username': '******', 'password': '******', }, 'snmp': { 'type': 'snmp', 'username': '******', 'password': '******', 'community': 'some comunity', 'auth_algorithm': 'some auth algo', 'privacy_password': '******', 'privacy_algorithm': 'privacy algo', }, } w.scan_collection.get_credentials = MagicMock(return_value=creds) p = PreferenceHandler('1234-1234', mock_kb, w.scan_collection, None) p._openvas_scan_id = '456-789' p.kbdb.add_scan_preferences = MagicMock() r = p.prepare_credentials_for_openvas() self.assertTrue(r) assert_called_once(p.kbdb.add_scan_preferences)
def test_set_credentials(self, mock_kb): dummy = DummyDaemon() creds = { 'ssh': { 'type': 'up', 'port': '22', 'username': '******', 'password': '******', 'priv_username': "******", 'priv_password': "******", }, 'smb': {'type': 'up', 'username': '******', 'password': '******'}, 'esxi': { 'type': 'up', 'username': '******', 'password': '******', }, 'snmp': { 'type': 'snmp', 'username': '******', 'password': '******', 'community': 'some comunity', 'auth_algorithm': 'md5', 'privacy_password': '******', 'privacy_algorithm': 'aes', }, } dummy.scan_collection.get_credentials = MagicMock(return_value=creds) p_handler = PreferenceHandler( '1234-1234', mock_kb, dummy.scan_collection, None ) p_handler.scan_id = '456-789' p_handler.kbdb.add_credentials_to_scan_preferences = MagicMock() ret = p_handler.prepare_credentials_for_openvas() self.assertTrue(ret) assert_called_once(p_handler.kbdb.add_credentials_to_scan_preferences)
def test_ssh_port_out_of_range_credentials(self, mock_kb): dummy = DummyDaemon() creds = { 'ssh': { 'type': 'up', 'port': '65536', 'username': '******', 'password': '******', }, } dummy.scan_collection.get_credentials = MagicMock(return_value=creds) p_handler = PreferenceHandler( '1234-1234', mock_kb, dummy.scan_collection, None ) p_handler.scan_id = '456-789' p_handler.kbdb.add_scan_preferences = MagicMock() ret = p_handler.prepare_credentials_for_openvas() errors = p_handler.get_error_messages() self.assertFalse(ret) self.assertIn("Port for SSH is out of range (1-65535): 65536", errors)
def exec_scan(self, scan_id: str): """ Starts the OpenVAS scanner for scan_id scan. """ do_not_launch = False kbdb = self.main_db.get_new_kb_database() scan_prefs = PreferenceHandler(scan_id, kbdb, self.scan_collection, self.nvti) kbdb.add_scan_id(scan_id) scan_prefs.prepare_target_for_openvas() if not scan_prefs.prepare_ports_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='No port list defined.') do_not_launch = True # Set credentials if not scan_prefs.prepare_credentials_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='Malformed credential.') do_not_launch = True if not scan_prefs.prepare_plugins_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='No VTS to run.') do_not_launch = True scan_prefs.prepare_main_kbindex_for_openvas() scan_prefs.prepare_host_options_for_openvas() scan_prefs.prepare_scan_params_for_openvas(OSPD_PARAMS) scan_prefs.prepare_reverse_lookup_opt_for_openvas() scan_prefs.prepare_alive_test_option_for_openvas() scan_prefs.prepare_boreas_alive_test() # Release memory used for scan preferences. del scan_prefs if do_not_launch: self.main_db.release_database(kbdb) return result = Openvas.start_scan( scan_id, not self.is_running_as_root and self.sudo_available, self._niceness, ) if result is None: self.main_db.release_database(kbdb) return ovas_pid = result.pid kbdb.add_scan_process_id(ovas_pid) logger.debug('pid = %s', ovas_pid) # Wait until the scanner starts and loads all the preferences. while kbdb.get_status(scan_id) == 'new': res = result.poll() if res and res < 0: self.stop_scan_cleanup(scan_id) logger.error( 'It was not possible run the task %s, since openvas ended ' 'unexpectedly with errors during launching.', scan_id, ) return time.sleep(1) got_results = False while True: if not kbdb.target_is_finished( scan_id) and not self.is_openvas_process_alive( kbdb, ovas_pid, scan_id): logger.error( 'Task %s was unexpectedly stopped or killed.', scan_id, ) self.add_scan_error( scan_id, name='', host='', value='Task was unexpectedly stopped or killed.', ) kbdb.stop_scan(scan_id) for scan_db in kbdb.get_scan_databases(): self.main_db.release_database(scan_db) self.main_db.release_database(kbdb) return # Wait a second before trying to get result from redis if there # was no results before. # Otherwise, wait 50 msec to give access other process to redis. if not got_results: time.sleep(1) else: time.sleep(0.05) got_results = False # Check if the client stopped the whole scan if kbdb.scan_is_stopped(scan_id): # clean main_db, but wait for scanner to finish. while not kbdb.target_is_finished(scan_id): time.sleep(1) self.main_db.release_database(kbdb) return got_results = self.report_openvas_results(kbdb, scan_id) self.report_openvas_scan_status(kbdb, scan_id) # Scan end. No kb in use for this scan id if kbdb.target_is_finished(scan_id): break # Delete keys from KB related to this scan task. self.main_db.release_database(kbdb)
def exec_scan(self, scan_id: str): """ Starts the OpenVAS scanner for scan_id scan. """ if self.pending_feed: logger.info( '%s: There is a pending feed update. ' 'The scan can not be started.', scan_id, ) self.add_scan_error( scan_id, name='', host='', value=( 'It was not possible to start the scan,' 'because a pending feed update. Please try later' ), ) return 2 do_not_launch = False # Set plugins to run. # Make a deepcopy of the vts dictionary. Otherwise, consulting the # DictProxy object of multiprocessing directly is to expensinve # (interprocess communication). temp_vts = self.vts.copy() kbdb = self.main_db.get_new_kb_database() scan_prefs = PreferenceHandler( scan_id, kbdb, self.scan_collection, temp_vts ) openvas_scan_id = scan_prefs.prepare_openvas_scan_id_for_openvas() scan_prefs.prepare_target_for_openvas() if not scan_prefs.prepare_ports_for_openvas(): self.add_scan_error( scan_id, name='', host='', value='No port list defined.' ) do_not_launch = True # Set credentials if not scan_prefs.prepare_credentials_for_openvas(): self.add_scan_error( scan_id, name='', host='', value='Malformed credential.' ) do_not_launch = True if not scan_prefs.prepare_plugins_for_openvas(): self.add_scan_error( scan_id, name='', host='', value='No VTS to run.' ) do_not_launch = True temp_vts = None scan_prefs.prepare_main_kbindex_for_openvas() scan_prefs.prepare_host_options_for_openvas() scan_prefs.prepare_scan_params_for_openvas(OSPD_PARAMS) scan_prefs.prepare_reverse_lookup_opt_for_openvas() scan_prefs.prepare_alive_test_option_for_openvas() # Release memory used for scan preferences. del scan_prefs if do_not_launch: self.main_db.release_database(kbdb) return 2 result = Openvas.start_scan( openvas_scan_id, not self.is_running_as_root and self.sudo_available, self._niceness, ) if result is None: self.main_db.release_database(kbdb) return False ovas_pid = result.pid kbdb.add_scan_process_id(ovas_pid) logger.debug('pid = %s', ovas_pid) # Wait until the scanner starts and loads all the preferences. while kbdb.get_status(openvas_scan_id) == 'new': res = result.poll() if res and res < 0: self.stop_scan_cleanup(scan_id) logger.error( 'It was not possible run the task %s, since openvas ended ' 'unexpectedly with errors during launching.', scan_id, ) return 1 time.sleep(1) no_id_found = False while True: time.sleep(3) # Check if the client stopped the whole scan if kbdb.scan_is_stopped(openvas_scan_id): return 1 self.report_openvas_results(kbdb, scan_id, "") for scan_db in kbdb.get_scan_databases(): id_aux = scan_db.get_scan_id() if not id_aux: continue if id_aux == openvas_scan_id: no_id_found = False current_host = scan_db.get_host_ip() self.report_openvas_results(scan_db, scan_id, current_host) self.report_openvas_scan_status( scan_db, scan_id, current_host ) self.report_openvas_timestamp_scan_host( scan_db, scan_id, current_host ) if scan_db.host_is_finished(openvas_scan_id): self.set_scan_host_finished(scan_id, current_host) self.report_openvas_scan_status( scan_db, scan_id, current_host ) self.report_openvas_timestamp_scan_host( scan_db, scan_id, current_host ) kbdb.remove_scan_database(scan_db) self.main_db.release_database(scan_db) # Scan end. No kb in use for this scan id if no_id_found and kbdb.target_is_finished(scan_id): break no_id_found = True # Delete keys from KB related to this scan task. self.main_db.release_database(kbdb)
def exec_scan(self, scan_id: str): """Starts the OpenVAS scanner for scan_id scan.""" params = self.scan_collection.get_options(scan_id) if params.get("dry_run"): dryrun = DryRun(self) dryrun.exec_dry_run_scan(scan_id, self.nvti, OSPD_PARAMS) return do_not_launch = False kbdb = self.main_db.get_new_kb_database() scan_prefs = PreferenceHandler(scan_id, kbdb, self.scan_collection, self.nvti) kbdb.add_scan_id(scan_id) scan_prefs.prepare_target_for_openvas() if not scan_prefs.prepare_ports_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='Invalid port list.') do_not_launch = True # Set credentials if not scan_prefs.prepare_credentials_for_openvas(): error = ('All authentifications contain errors.' + 'Starting unauthenticated scan instead.') self.add_scan_error( scan_id, name='', host='', value=error, ) logger.error(error) errors = scan_prefs.get_error_messages() for e in errors: error = 'Malformed credential. ' + e self.add_scan_error( scan_id, name='', host='', value=error, ) logger.error(error) if not scan_prefs.prepare_plugins_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='No VTS to run.') do_not_launch = True scan_prefs.prepare_main_kbindex_for_openvas() scan_prefs.prepare_host_options_for_openvas() scan_prefs.prepare_scan_params_for_openvas(OSPD_PARAMS) scan_prefs.prepare_reverse_lookup_opt_for_openvas() scan_prefs.prepare_alive_test_option_for_openvas() # VT preferences are stored after all preferences have been processed, # since alive tests preferences have to be able to overwrite default # preferences of ping_host.nasl for the classic method. scan_prefs.prepare_nvt_preferences() scan_prefs.prepare_boreas_alive_test() # Release memory used for scan preferences. del scan_prefs scan_stopped = self.get_scan_status(scan_id) == ScanStatus.STOPPED if do_not_launch or kbdb.scan_is_stopped(scan_id) or scan_stopped: self.main_db.release_database(kbdb) return openvas_process = Openvas.start_scan( scan_id, not self.is_running_as_root and self.sudo_available, self._niceness, ) if openvas_process is None: self.main_db.release_database(kbdb) return kbdb.add_scan_process_id(openvas_process.pid) logger.debug('pid = %s', openvas_process.pid) # Wait until the scanner starts and loads all the preferences. while kbdb.get_status(scan_id) == 'new': res = openvas_process.poll() if res and res < 0: self.stop_scan_cleanup(kbdb, scan_id, openvas_process) logger.error( 'It was not possible run the task %s, since openvas ended ' 'unexpectedly with errors during launching.', scan_id, ) return time.sleep(1) got_results = False while True: openvas_process_is_alive = self.is_openvas_process_alive( openvas_process) target_is_finished = kbdb.target_is_finished(scan_id) scan_stopped = self.get_scan_status(scan_id) == ScanStatus.STOPPED # Report new Results and update status got_results = self.report_openvas_results(kbdb, scan_id) self.report_openvas_scan_status(kbdb, scan_id) # Check if the client stopped the whole scan if scan_stopped: logger.debug('%s: Scan stopped by the client', scan_id) self.stop_scan_cleanup(kbdb, scan_id, openvas_process) # clean main_db, but wait for scanner to finish. while not kbdb.target_is_finished(scan_id): if not self.is_openvas_process_alive(openvas_process): break logger.debug('%s: Waiting for openvas to finish', scan_id) time.sleep(1) self.main_db.release_database(kbdb) return # Scan end. No kb in use for this scan id if target_is_finished: logger.debug('%s: Target is finished', scan_id) break if not openvas_process_is_alive: logger.error( 'Task %s was unexpectedly stopped or killed.', scan_id, ) self.add_scan_error( scan_id, name='', host='', value='Task was unexpectedly stopped or killed.', ) # check for scanner error messages before leaving. self.report_openvas_results(kbdb, scan_id) kbdb.stop_scan(scan_id) for scan_db in kbdb.get_scan_databases(): self.main_db.release_database(scan_db) self.main_db.release_database(kbdb) return # Wait a second before trying to get result from redis if there # was no results before. # Otherwise, wait 50 msec to give access other process to redis. if not got_results: time.sleep(1) else: time.sleep(0.05) got_results = False # Sleep a second to be sure to get all notus results time.sleep(1) # Delete keys from KB related to this scan task. logger.debug('%s: End Target. Release main database', scan_id) self.main_db.release_database(kbdb)
def exec_scan(self, scan_id: str): """ Starts the OpenVAS scanner for scan_id scan. """ do_not_launch = False kbdb = self.main_db.get_new_kb_database() scan_prefs = PreferenceHandler(scan_id, kbdb, self.scan_collection, self.nvti) openvas_scan_id = scan_prefs.prepare_openvas_scan_id_for_openvas() scan_prefs.prepare_target_for_openvas() if not scan_prefs.prepare_ports_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='No port list defined.') do_not_launch = True # Set credentials if not scan_prefs.prepare_credentials_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='Malformed credential.') do_not_launch = True if not scan_prefs.prepare_plugins_for_openvas(): self.add_scan_error(scan_id, name='', host='', value='No VTS to run.') do_not_launch = True scan_prefs.prepare_main_kbindex_for_openvas() scan_prefs.prepare_host_options_for_openvas() scan_prefs.prepare_scan_params_for_openvas(OSPD_PARAMS) scan_prefs.prepare_reverse_lookup_opt_for_openvas() scan_prefs.prepare_alive_test_option_for_openvas() # VT preferences are stored after all preferences have been processed, # since alive tests preferences have to be able to overwrite default # preferences of ping_host.nasl for the classic method. scan_prefs.prepare_nvt_preferences() scan_prefs.prepare_boreas_alive_test() # Release memory used for scan preferences. del scan_prefs if do_not_launch or kbdb.scan_is_stopped(openvas_scan_id): self.main_db.release_database(kbdb) return result = Openvas.start_scan( openvas_scan_id, not self.is_running_as_root and self.sudo_available, self._niceness, ) if result is None: self.main_db.release_database(kbdb) return ovas_pid = result.pid kbdb.add_scan_process_id(ovas_pid) logger.debug('pid = %s', ovas_pid) # Wait until the scanner starts and loads all the preferences. while kbdb.get_status(openvas_scan_id) == 'new': res = result.poll() if res and res < 0: self.stop_scan_cleanup(scan_id) logger.error( 'It was not possible run the task %s, since openvas ended ' 'unexpectedly with errors during launching.', scan_id, ) return time.sleep(1) no_id_found = False got_results = False while True: if not kbdb.target_is_finished( scan_id) and not self.is_openvas_process_alive( kbdb, ovas_pid, openvas_scan_id): logger.error( 'Task %s was unexpectedly stopped or killed.', scan_id, ) self.add_scan_error( scan_id, name='', host='', value='Task was unexpectedly stopped or killed.', ) kbdb.stop_scan(openvas_scan_id) for scan_db in kbdb.get_scan_databases(): self.main_db.release_database(scan_db) self.main_db.release_database(kbdb) return # Wait a second before trying to get result from redis if there # was no results before. # Otherwise, wait 50 msec to give access other process to redis. if not got_results: time.sleep(1) else: time.sleep(0.05) got_results = False # Check if the client stopped the whole scan if kbdb.scan_is_stopped(openvas_scan_id): logger.debug('%s: Scan stopped by the client', scan_id) # clean main_db, but wait for scanner to finish. while not kbdb.target_is_finished(scan_id): logger.debug('%s: Waiting the scan to finish', scan_id) time.sleep(1) self.main_db.release_database(kbdb) return self.report_openvas_results(kbdb, scan_id, "") res_count = 0 for scan_db in kbdb.get_scan_databases(): id_aux = scan_db.get_scan_id() if not id_aux: continue if id_aux == openvas_scan_id: no_id_found = False current_host = scan_db.get_host_ip() res_count += self.report_openvas_results( scan_db, scan_id, current_host) if res_count > 0: got_results = True self.report_openvas_scan_status(scan_db, scan_id, current_host) self.report_openvas_timestamp_scan_host( scan_db, scan_id, current_host) if scan_db.host_is_finished(openvas_scan_id): self.report_openvas_scan_status( scan_db, scan_id, current_host) self.report_openvas_timestamp_scan_host( scan_db, scan_id, current_host) if current_host: self.sort_host_finished( scan_id, finished_hosts=current_host) kbdb.remove_scan_database(scan_db) self.main_db.release_database(scan_db) # Scan end. No kb in use for this scan id if no_id_found and kbdb.target_is_finished(scan_id): logger.debug('%s: Target is finished', scan_id) break no_id_found = True # Delete keys from KB related to this scan task. logger.debug('%s: End Target. Release main database', scan_id) self.main_db.release_database(kbdb)