def verifytime(self, type_list):
success = True
if (not self.override):
for type in type_list:
temp_engine = scanengine2.get_scanengine([type])
min_time = temp_engine.min_time()
min_range = temp_engine.min_range()
if (self.min_seconds < min_time):
dsz.ui.Echo(('You must specify a minimum time larger then %ss when doing a %s scan' % (min_time, type)), dsz.ERROR)
success = False
if ((self.max_seconds - self.min_seconds) < min_range):
dsz.ui.Echo(('You must specify a range time larger then %ss when doing a %s scan' % (min_range, type)), dsz.ERROR)
success = False
if (self.monitor is not None):
for monitor_type in self.monitor:
tempeng = monitorengine.get_monitorengine([monitor_type])
monitor_min = tempeng.min_time()
monitor_range = tempeng.min_range()
if (self.min_seconds < monitor_min):
dsz.ui.Echo(('You must specify a minimum time larger then %ss when using -monitor %s' % (monitor_min, monitor_type)), dsz.ERROR)
success = False
if ((self.max_seconds - self.min_seconds) < monitor_range):
dsz.ui.Echo(('You must specify a range time larger then %ss when using -monitor %s' % (monitor_range, monitor_type)), dsz.ERROR)
success = False
if (self.min_seconds == self.max_seconds):
dsz.ui.Echo('You must specify two different times for your period', dsz.ERROR)
success = False
if (self.min_seconds == 0):
dsz.ui.Echo('You cannot specify a 0s starting period', dsz.ERROR)
success = False
return success
def re_escalate(self):
type_list = scanbase.get_jobtypes(self.session)
for type in type_list.keys():
results = (
scanbase.get_results(self.session, type, success=False) +
scanbase.get_results(self.session, type, success=True))
for item in results:
temp_engine = scanengine2.get_scanengine([type])
temp_engine.recall_data(item['data'])
target = temp_engine.target
rulelist = scanbase.get_escalate_rules(self.session)
for rule in rulelist:
if temp_engine.check_escalation(rule[0]):
if (rule[1] == 'alert'):
esc_output_string = (
'[%s] Alerting on %s by rule: (%s->%s)' %
(dsz.Timestamp(), target, rule[0], rule[1]))
self.alert(esc_output_string)
dsz.ui.Echo(esc_output_string, dsz.WARNING)
else:
self.addtoqueue(rule[1], target,
self.scansweep_env)
esc_output_string = (
'[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)'
% (dsz.Timestamp(), target, rule[0], rule[1],
scanbase.num_jobs(self.session)))
dsz.ui.Echo(esc_output_string)
with open(self.scansweep_logfile, 'a') as f:
f.write(('%s\n' % esc_output_string))
def verifytime(self, type_list):
success = True
if (not self.override):
for type in type_list:
temp_engine = scanengine2.get_scanengine([type])
min_time = temp_engine.min_time()
min_range = temp_engine.min_range()
if (self.min_seconds < min_time):
dsz.ui.Echo(('You must specify a minimum time larger then %ss when doing a %s scan' % (min_time, type)), dsz.ERROR)
success = False
if ((self.max_seconds - self.min_seconds) < min_range):
dsz.ui.Echo(('You must specify a range time larger then %ss when doing a %s scan' % (min_range, type)), dsz.ERROR)
success = False
if (self.monitor is not None):
for monitor_type in self.monitor:
tempeng = monitorengine.get_monitorengine([monitor_type])
monitor_min = tempeng.min_time()
monitor_range = tempeng.min_range()
if (self.min_seconds < monitor_min):
dsz.ui.Echo(('You must specify a minimum time larger then %ss when using -monitor %s' % (monitor_min, monitor_type)), dsz.ERROR)
success = False
if ((self.max_seconds - self.min_seconds) < monitor_range):
dsz.ui.Echo(('You must specify a range time larger then %ss when using -monitor %s' % (monitor_range, monitor_type)), dsz.ERROR)
success = False
if (self.min_seconds == self.max_seconds):
dsz.ui.Echo('You must specify two different times for your period', dsz.ERROR)
success = False
if (self.min_seconds == 0):
dsz.ui.Echo('You cannot specify a 0s starting period', dsz.ERROR)
success = False
return success
def generateresults(self, quiet=False):
f = open(self.scansweep_results, 'w')
f.write('')
f.close()
type_list = scanbase.get_jobtypes(self.session)
for key in type_list.keys():
returned_results = scanbase.get_results(self.session, key)
results = [x['data'] for x in returned_results]
target_scanner = scanengine2.get_scanengine([key])
self.printresults(key, results, target_scanner.get_display_headers(), target_scanner.get_data_fields(), 'sort_field', sort2=None, quiet=quiet)
def generateresults(self, quiet=False):
f = open(self.scansweep_results, 'w')
f.write('')
f.close()
type_list = scanbase.get_jobtypes(self.session)
for key in type_list.keys():
returned_results = scanbase.get_results(self.session, key)
results = [x['data'] for x in returned_results]
target_scanner = scanengine2.get_scanengine([key])
self.printresults(key, results, target_scanner.get_display_headers(), target_scanner.get_data_fields(), 'sort_field', sort2=None, quiet=quiet)
def re_escalate(self):
type_list = scanbase.get_jobtypes(self.session)
for type in type_list.keys():
results = (scanbase.get_results(self.session, type, success=False) + scanbase.get_results(self.session, type, success=True))
for item in results:
temp_engine = scanengine2.get_scanengine([type])
temp_engine.recall_data(item['data'])
target = temp_engine.target
rulelist = scanbase.get_escalate_rules(self.session)
for rule in rulelist:
if temp_engine.check_escalation(rule[0]):
if (rule[1] == 'alert'):
esc_output_string = ('[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1]))
self.alert(esc_output_string)
dsz.ui.Echo(esc_output_string, dsz.WARNING)
else:
self.addtoqueue(rule[1], target, self.scansweep_env)
esc_output_string = ('[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs(self.session)))
dsz.ui.Echo(esc_output_string)
with open(self.scansweep_logfile, 'a') as f:
f.write(('%s\n' % esc_output_string))
def scan(scansweepHelper):
lastresults = 0
alreadyoutput = []
num_remaining = scanbase.num_jobs(scansweepHelper.session)
sanity_string = ('[%s] Sanity output: %s jobs remaining, %s-%s remaining' %
(dsz.Timestamp(), num_remaining,
ops.timehelper.get_age_from_seconds(
(num_remaining * scansweepHelper.min_seconds)),
ops.timehelper.get_age_from_seconds(
(num_remaining * scansweepHelper.max_seconds))))
dsz.ui.Echo(sanity_string, dsz.GOOD)
scansweepHelper.showstats()
if (not os.path.exists(os.path.dirname(
scansweepHelper.scansweep_logfile))):
os.mkdir(os.path.dirname(scansweepHelper.scansweep_logfile))
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % sanity_string))
delta = time.time()
scantime = time.time()
originaltime = time.time()
if (scansweepHelper.monitor is not None):
scansweepHelper.activatemonitors()
while True:
if ((time.time() - originaltime) > scansweepHelper.maxtime):
dsz.ui.Echo(
('Maxtime of %s has been exceeded. Exiting.' %
ops.timehelper.get_age_from_seconds(scansweepHelper.maxtime)),
dsz.ERROR)
break
scan_job = scanbase.get_job(scansweepHelper.session)
if (scan_job == False):
if (scansweepHelper.monitor is None):
break
else:
try:
target = scan_job[1]
job_info = scan_job[0].split('|')
job_type = job_info[0]
if (not util.ip.validate(target)):
target = scansweepHelper.resolvehostname(target)
if (target == None):
continue
target_scanner = scanengine2.get_scanengine(
scan_job, scansweepHelper.timeout)
target_scanner.execute_scan(False)
if target_scanner.multiple_responses:
multi_response = target_scanner.return_data()
for response in multi_response:
scanbase.write_result(scansweepHelper.session,
response.scan_type,
response.target,
response.return_data(),
response.success, scan_job[0])
else:
scanbase.write_result(scansweepHelper.session,
target_scanner.scan_type,
target_scanner.target,
target_scanner.return_data(),
target_scanner.success, scan_job[0])
if target_scanner.success:
succ_out_string = (
'[%s] %s (%s jobs remaining)' %
(target_scanner.timestamp,
target_scanner.return_success_message(),
scanbase.num_jobs(scansweepHelper.session)))
dsz.ui.Echo(succ_out_string)
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % succ_out_string))
rulelist = scanbase.get_escalate_rules(scansweepHelper.session)
for rule in rulelist:
if target_scanner.check_escalation(rule[0]):
if (rule[1] == 'alert'):
if (target_scanner.success == True):
esc_output_string = (
'[%s]\t\tAlerting on %s by rule: (%s->%s)'
% (dsz.Timestamp(), target, rule[0],
rule[1]))
else:
esc_output_string = (
'[%s] Alerting on %s by rule: (%s->%s)' %
(dsz.Timestamp(), target, rule[0],
rule[1]))
scansweepHelper.alert(esc_output_string)
dsz.ui.Echo(esc_output_string, dsz.WARNING)
else:
add_succ = scansweepHelper.addtoqueue(
rule[1], target, scansweepHelper.scansweep_env)
if ((target_scanner.success == True) and add_succ):
esc_output_string = (
'[%s]\t\tEscalating %s by rule: (%s->%s) (%s jobs remaining)'
%
(dsz.Timestamp(), target, rule[0], rule[1],
scanbase.num_jobs(
scansweepHelper.session)))
elif add_succ:
esc_output_string = (
'[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)'
%
(dsz.Timestamp(), target, rule[0], rule[1],
scanbase.num_jobs(
scansweepHelper.session)))
dsz.ui.Echo(esc_output_string)
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % esc_output_string))
except Exception as e:
if dsz.ui.Prompt(
('The current job failed for some reason. Would you like to quit? %s'
% e), False):
break
else:
continue
if scansweepHelper.monitor:
for monitor_handler in scansweepHelper.monitorengines:
found_connections = monitor_handler.execute_monitor()
for connection in found_connections:
rulelist = scanbase.get_escalate_rules(
scansweepHelper.session)
for rule in rulelist:
if monitor_handler.check_escalation(
rule[0], connection):
found = False
add_succ = True
if (not scansweepHelper.internaloverride):
for network in scansweepHelper.local_networks:
if util.ip.validate_ipv6(
connection.target):
if (util.ip.expand_ipv6(
connection.target)[:19] ==
network[1]):
found = True
break
elif ((not (network[0] == ''))
and (scansweepHelper.getnetwork(
connection.target,
util.ip.get_cidr_from_subnet(
network[0])) == network[1])):
found = True
break
if ((not scansweepHelper.internaloverride)
and (not found)):
esc_output_string = (
'[%s] Escalation failed (outside subnet) %s by rule: (%s->%s) (%s jobs remaining)'
% (dsz.Timestamp(), connection.target,
rule[0], rule[1],
scanbase.num_jobs(
scansweepHelper.session)))
dsz.ui.Echo(esc_output_string, dsz.WARNING)
elif (rule[1] == 'alert'):
esc_output_string = (
'[%s] Alerting on %s by rule: (%s->%s)' %
(dsz.Timestamp(), connection.target,
rule[0], rule[1]))
scansweepHelper.alert(esc_output_string)
dsz.ui.Echo(esc_output_string, dsz.WARNING)
else:
add_succ = scansweepHelper.addtoqueue(
rule[1], connection.target,
scansweepHelper.scansweep_env)
if add_succ:
esc_output_string = (
'[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)'
% (dsz.Timestamp(), connection.target,
rule[0], rule[1],
scanbase.num_jobs(
scansweepHelper.session)))
dsz.ui.Echo(esc_output_string)
if add_succ:
with open(scansweepHelper.scansweep_logfile,
'a') as f:
f.write(('%s\n' % esc_output_string))
newdelta = time.time()
num_remaining = scanbase.num_jobs(scansweepHelper.session)
if ((((num_remaining % 10) == 0) and
(not (num_remaining in alreadyoutput))) or ((newdelta - delta) >
(5 * 60))):
maxremaining = int(
(scansweepHelper.maxtime - (time.time() - originaltime)))
sanity_string = (
'[%s] Sanity output: %s jobs remaining, %s-%s remaining (max %s), %0.1fs since last sanity'
% (dsz.Timestamp(), num_remaining,
ops.timehelper.get_age_from_seconds(
(num_remaining * scansweepHelper.min_seconds)),
ops.timehelper.get_age_from_seconds(
(num_remaining * scansweepHelper.max_seconds)),
ops.timehelper.get_age_from_seconds(maxremaining),
(newdelta - delta)))
dsz.ui.Echo(sanity_string, dsz.GOOD)
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % sanity_string))
scansweepHelper.showstats()
alreadyoutput.append(
scanbase.num_jobs(scansweepHelper.scansweep_env))
delta = newdelta
resultstotal = 0
type_list = scanbase.get_jobtypes(scansweepHelper.session)
for type in type_list:
resultstotal = (resultstotal +
scansweepHelper.findlistsize(type))
if (not (lastresults == resultstotal)):
scansweepHelper.generateresults(quiet=True)
lastresults = resultstotal
if scanbase.check_kill(scansweepHelper.session):
dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' %
scansweepHelper.session), dsz.ERROR)
break
if ((not (scanbase.num_jobs(scansweepHelper.session) == 0))
or scansweepHelper.monitor):
sleep_in_secs = random.randint(scansweepHelper.min_seconds,
scansweepHelper.max_seconds)
if (not scansweepHelper.nowait):
if scansweepHelper.verbose:
dsz.ui.Echo(('[%s] Sleeping for %s seconds...' %
(dsz.Timestamp(), sleep_in_secs)))
try:
dsz.Sleep((sleep_in_secs * 1000))
except exceptions.RuntimeError as e:
dsz.ui.Echo(('%s' % e), dsz.ERROR)
break
elif ((time.time() - scantime) < sleep_in_secs):
nowaitsleep = int((sleep_in_secs - floor(
(time.time() - scantime))))
if scansweepHelper.verbose:
dsz.ui.Echo((
'[%s] Sleeping for %s seconds (%s seconds remain)...' %
(dsz.Timestamp(), sleep_in_secs, nowaitsleep)))
try:
dsz.Sleep((sleep_in_secs * 1000))
except exceptions.RuntimeError as e:
dsz.ui.Echo(('%s' % e), dsz.ERROR)
break
elif scansweepHelper.verbose:
dsz.ui.Echo(
('[%s] Would sleep for %s seconds but we are overdue...' %
(dsz.Timestamp(), sleep_in_secs)))
scantime = time.time()
if scanbase.check_kill(scansweepHelper.session):
dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' %
scansweepHelper.session), dsz.ERROR)
break
def verifyjob(self, job_type, job):
tempeng = scanengine2.get_scanengine([job_type])
if (tempeng is False):
return False
return tempeng.verify_job(job)
def scan(scansweepHelper):
lastresults = 0
alreadyoutput = []
num_remaining = scanbase.num_jobs(scansweepHelper.session)
sanity_string = ('[%s] Sanity output: %s jobs remaining, %s-%s remaining' % (dsz.Timestamp(), num_remaining, ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.min_seconds)), ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.max_seconds))))
dsz.ui.Echo(sanity_string, dsz.GOOD)
scansweepHelper.showstats()
if (not os.path.exists(os.path.dirname(scansweepHelper.scansweep_logfile))):
os.mkdir(os.path.dirname(scansweepHelper.scansweep_logfile))
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % sanity_string))
delta = time.time()
scantime = time.time()
originaltime = time.time()
if (scansweepHelper.monitor is not None):
scansweepHelper.activatemonitors()
while True:
if ((time.time() - originaltime) > scansweepHelper.maxtime):
dsz.ui.Echo(('Maxtime of %s has been exceeded. Exiting.' % ops.timehelper.get_age_from_seconds(scansweepHelper.maxtime)), dsz.ERROR)
break
scan_job = scanbase.get_job(scansweepHelper.session)
if (scan_job == False):
if (scansweepHelper.monitor is None):
break
else:
try:
target = scan_job[1]
job_info = scan_job[0].split('|')
job_type = job_info[0]
if (not util.ip.validate(target)):
target = scansweepHelper.resolvehostname(target)
if (target == None):
continue
target_scanner = scanengine2.get_scanengine(scan_job, scansweepHelper.timeout)
target_scanner.execute_scan(False)
if target_scanner.multiple_responses:
multi_response = target_scanner.return_data()
for response in multi_response:
scanbase.write_result(scansweepHelper.session, response.scan_type, response.target, response.return_data(), response.success, scan_job[0])
else:
scanbase.write_result(scansweepHelper.session, target_scanner.scan_type, target_scanner.target, target_scanner.return_data(), target_scanner.success, scan_job[0])
if target_scanner.success:
succ_out_string = ('[%s] %s (%s jobs remaining)' % (target_scanner.timestamp, target_scanner.return_success_message(), scanbase.num_jobs(scansweepHelper.session)))
dsz.ui.Echo(succ_out_string)
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % succ_out_string))
rulelist = scanbase.get_escalate_rules(scansweepHelper.session)
for rule in rulelist:
if target_scanner.check_escalation(rule[0]):
if (rule[1] == 'alert'):
if (target_scanner.success == True):
esc_output_string = ('[%s]\t\tAlerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1]))
else:
esc_output_string = ('[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1]))
scansweepHelper.alert(esc_output_string)
dsz.ui.Echo(esc_output_string, dsz.WARNING)
else:
add_succ = scansweepHelper.addtoqueue(rule[1], target, scansweepHelper.scansweep_env)
if ((target_scanner.success == True) and add_succ):
esc_output_string = ('[%s]\t\tEscalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session)))
elif add_succ:
esc_output_string = ('[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session)))
dsz.ui.Echo(esc_output_string)
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % esc_output_string))
except Exception as e:
if dsz.ui.Prompt(('The current job failed for some reason. Would you like to quit? %s' % e), False):
break
else:
continue
if scansweepHelper.monitor:
for monitor_handler in scansweepHelper.monitorengines:
found_connections = monitor_handler.execute_monitor()
for connection in found_connections:
rulelist = scanbase.get_escalate_rules(scansweepHelper.session)
for rule in rulelist:
if monitor_handler.check_escalation(rule[0], connection):
found = False
add_succ = True
if (not scansweepHelper.internaloverride):
for network in scansweepHelper.local_networks:
if util.ip.validate_ipv6(connection.target):
if (util.ip.expand_ipv6(connection.target)[:19] == network[1]):
found = True
break
elif ((not (network[0] == '')) and (scansweepHelper.getnetwork(connection.target, util.ip.get_cidr_from_subnet(network[0])) == network[1])):
found = True
break
if ((not scansweepHelper.internaloverride) and (not found)):
esc_output_string = ('[%s] Escalation failed (outside subnet) %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), connection.target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session)))
dsz.ui.Echo(esc_output_string, dsz.WARNING)
elif (rule[1] == 'alert'):
esc_output_string = ('[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), connection.target, rule[0], rule[1]))
scansweepHelper.alert(esc_output_string)
dsz.ui.Echo(esc_output_string, dsz.WARNING)
else:
add_succ = scansweepHelper.addtoqueue(rule[1], connection.target, scansweepHelper.scansweep_env)
if add_succ:
esc_output_string = ('[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), connection.target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session)))
dsz.ui.Echo(esc_output_string)
if add_succ:
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % esc_output_string))
newdelta = time.time()
num_remaining = scanbase.num_jobs(scansweepHelper.session)
if ((((num_remaining % 10) == 0) and (not (num_remaining in alreadyoutput))) or ((newdelta - delta) > (5 * 60))):
maxremaining = int((scansweepHelper.maxtime - (time.time() - originaltime)))
sanity_string = ('[%s] Sanity output: %s jobs remaining, %s-%s remaining (max %s), %0.1fs since last sanity' % (dsz.Timestamp(), num_remaining, ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.min_seconds)), ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.max_seconds)), ops.timehelper.get_age_from_seconds(maxremaining), (newdelta - delta)))
dsz.ui.Echo(sanity_string, dsz.GOOD)
with open(scansweepHelper.scansweep_logfile, 'a') as f:
f.write(('%s\n' % sanity_string))
scansweepHelper.showstats()
alreadyoutput.append(scanbase.num_jobs(scansweepHelper.scansweep_env))
delta = newdelta
resultstotal = 0
type_list = scanbase.get_jobtypes(scansweepHelper.session)
for type in type_list:
resultstotal = (resultstotal + scansweepHelper.findlistsize(type))
if (not (lastresults == resultstotal)):
scansweepHelper.generateresults(quiet=True)
lastresults = resultstotal
if scanbase.check_kill(scansweepHelper.session):
dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' % scansweepHelper.session), dsz.ERROR)
break
if ((not (scanbase.num_jobs(scansweepHelper.session) == 0)) or scansweepHelper.monitor):
sleep_in_secs = random.randint(scansweepHelper.min_seconds, scansweepHelper.max_seconds)
if (not scansweepHelper.nowait):
if scansweepHelper.verbose:
dsz.ui.Echo(('[%s] Sleeping for %s seconds...' % (dsz.Timestamp(), sleep_in_secs)))
try:
dsz.Sleep((sleep_in_secs * 1000))
except exceptions.RuntimeError as e:
dsz.ui.Echo(('%s' % e), dsz.ERROR)
break
elif ((time.time() - scantime) < sleep_in_secs):
nowaitsleep = int((sleep_in_secs - floor((time.time() - scantime))))
if scansweepHelper.verbose:
dsz.ui.Echo(('[%s] Sleeping for %s seconds (%s seconds remain)...' % (dsz.Timestamp(), sleep_in_secs, nowaitsleep)))
try:
dsz.Sleep((sleep_in_secs * 1000))
except exceptions.RuntimeError as e:
dsz.ui.Echo(('%s' % e), dsz.ERROR)
break
elif scansweepHelper.verbose:
dsz.ui.Echo(('[%s] Would sleep for %s seconds but we are overdue...' % (dsz.Timestamp(), sleep_in_secs)))
scantime = time.time()
if scanbase.check_kill(scansweepHelper.session):
dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' % scansweepHelper.session), dsz.ERROR)
break
def verifyjob(self, job_type, job):
tempeng = scanengine2.get_scanengine([job_type])
if (tempeng is False):
return False
return tempeng.verify_job(job)