def __init__(self, module_manager=None): global modules self._module_manager = module_manager if self._module_manager is None: self._module_manager = modules self._modules = [] self.config = ScanConfig(options=self.config_options) self.handler = None self._kb = KnowledgeBase()
class Scanner(object): """ The main scanner object. """ config_options = [("ssl2", { "default": False, "negation": "no-ssl2", "help": "", "type": "bool" }), ("ssl3", { "default": False, "negation": "no-ssl3", "help": "", "type": "bool" }), ("tls10", { "default": False, "negation": "no-tls10", "help": "", "type": "bool" }), ("tls11", { "default": False, "negation": "no-tls11", "help": "", "type": "bool" }), ("tls12", { "default": False, "negation": "no-tls12", "help": "", "type": "bool" }), ("dtls10", { "default": False, "negation": "no-dtls10", "help": "", "type": "bool" }), ("dtls12", { "default": False, "negation": "no-dtls12", "help": "", "type": "bool" })] def __init__(self, module_manager=None): global modules self._module_manager = module_manager if self._module_manager is None: self._module_manager = modules self._modules = [] self.config = ScanConfig(options=self.config_options) self.handler = None self._kb = KnowledgeBase() def append(self, module): """ Append a scan or report module. :param module: Instance of a scan or report module """ module.set_scanner(self) self._modules.append(module) def append_load(self, name, config, base_class=None): """ Append a module but load it first by using the module manager. :param String name: Name of the module to load :param Mixed config: Config of the module :param class base_class: Module lookup filter :return: False if module not found """ module = self._module_manager.get(name, base_class=base_class) if module is None: raise ModuleNotFound(name=name, base_class=base_class) module = module(scanner=self) module.config.set_values(config) self.append(module) def get_enabled_versions(self): """ Uses the scanner config to create and return a list of all enabled SSL/TLS protocol versions. :return: List of methods :rtype: List """ versions = [] if self.config.get_value('ssl2'): versions.append(flextls.registry.version.SSLv2) if self.config.get_value('ssl3'): versions.append(flextls.registry.version.SSLv3) if self.config.get_value('tls10'): versions.append(flextls.registry.version.TLSv10) if self.config.get_value('tls11'): versions.append(flextls.registry.version.TLSv11) if self.config.get_value('tls12'): versions.append(flextls.registry.version.TLSv12) if self.config.get_value('dtls10'): versions.append(flextls.registry.version.DTLSv10) if self.config.get_value('dtls12'): versions.append(flextls.registry.version.DTLSv12) return versions def get_handler(self): """ Get the active protocol handler. :return: Instance of the handler :rtype: sslscan.module.handler.BaseHandler """ return self.handler def get_knowledge_base(self): """Return the knowledge base used by this scanner.""" return self._kb def get_module_manager(self): """Return the active module manager for this scanner.""" return self._module_manager def load_handler_from_uri(self, host_uri): """ Load a handler from a given uri. :param String host_uri: The URI :return: The handler """ logger.debug("Loading handler from URI: %s", host_uri) if not re.search('^([a-zA-Z0-9]+:)?\/\/', host_uri): host_uri = '//' + host_uri uri = urlparse(host_uri) name = uri.scheme name = name.lower() if name == '': name = 'tcp' module = self._module_manager.get(name, base_class=BaseHandler) if module is None: return False module = module(host=uri.hostname, port=uri.port, scanner=self) tmp = parse_qs(uri.query, keep_blank_values=True) config = {} for k, v in tmp.items(): config[k] = v[0] logger.debug("Extracted config values: %s", pformat(config)) module.config.set_values(config) return module def load_rating(self, name): """ Use the active module manager to load a rating module :param String name: Name of the rating module """ module = self._module_manager.get(name, base_class=BaseRating) if module is None: if name == "none": raise Exception("Internal error unable to load 'none' rating") return self.load_rating("none") return module(scanner=self) def reset_knowledge_base(self): """Create and activate a new knowledge base for this scanner.""" self._kb = KnowledgeBase() def run(self): """Execute all scan and report modules attached to the scanner.""" self.run_scans() self.run_reports() def run_reports(self): """Execute all report modules attached to the scanner.""" for module in self._modules: if not isinstance(module, BaseReport): continue logger.info("Running report module '%s' ...", str(module)) module.run() def run_scans(self): """Execute all scan modules attached to the scanner.""" for module in self._modules: if not isinstance(module, BaseScan): continue logger.info("Running scan module '%s' ...", str(module)) module.run() def set_handler(self, handler): """ Set the active protocol handler. :param handler: Instance of the handler """ self.handler = handler
class Scanner(object): """ The main scanner object. """ config_options = [ ( "ssl2", { "default": False, "negation": "no-ssl2", "help": "", "type": "bool" } ), ( "ssl3", { "default": False, "negation": "no-ssl3", "help": "", "type": "bool" } ), ( "tls10", { "default": False, "negation": "no-tls10", "help": "", "type": "bool" } ), ( "tls11", { "default": False, "negation": "no-tls11", "help": "", "type": "bool" } ), ( "tls12", { "default": False, "negation": "no-tls12", "help": "", "type": "bool" } ), ( "dtls10", { "default": False, "negation": "no-dtls10", "help": "", "type": "bool" } ), ( "dtls12", { "default": False, "negation": "no-dtls12", "help": "", "type": "bool" } ) ] def __init__(self, module_manager=None): global modules self._module_manager = module_manager if self._module_manager is None: self._module_manager = modules self._modules = [] self.config = ScanConfig(options=self.config_options) self.handler = None self._kb = KnowledgeBase() def append(self, module): """ Append a scan or report module. :param module: Instance of a scan or report module """ module.set_scanner(self) self._modules.append(module) def append_load(self, name, config, base_class=None): """ Append a module but load it first by using the module manager. :param String name: Name of the module to load :param Mixed config: Config of the module :param class base_class: Module lookup filter """ module = self._module_manager.get(name, base_class=base_class) if module.status != STATUS_OK: raise ModuleLoadStatus(name, base_class=base_class, module=module) module = module(scanner=self) module.config.set_values(config) self.append(module) def get_enabled_versions(self): """ Uses the scanner config to create and return a list of all enabled SSL/TLS protocol versions. :return: List of methods :rtype: List """ versions = [] if self.config.get_value('ssl2'): versions.append(flextls.registry.version.SSLv2) if self.config.get_value('ssl3'): versions.append(flextls.registry.version.SSLv3) if self.config.get_value('tls10'): versions.append(flextls.registry.version.TLSv10) if self.config.get_value('tls11'): versions.append(flextls.registry.version.TLSv11) if self.config.get_value('tls12'): versions.append(flextls.registry.version.TLSv12) if self.config.get_value('dtls10'): versions.append(flextls.registry.version.DTLSv10) if self.config.get_value('dtls12'): versions.append(flextls.registry.version.DTLSv12) return versions def get_handler(self): """ Get the active protocol handler. :return: Instance of the handler :rtype: sslscan.module.handler.BaseHandler """ return self.handler def get_knowledge_base(self): """Return the knowledge base used by this scanner.""" return self._kb def get_module_manager(self): """Return the active module manager for this scanner.""" return self._module_manager def load_handler_from_uri(self, host_uri): """ Load a handler from a given uri. :param String host_uri: The URI :return: The handler """ logger.debug("Loading handler from URI: %s", host_uri) if not re.search('^([a-zA-Z0-9]+:)?\/\/', host_uri): host_uri = '//' + host_uri uri = urlparse(host_uri) name = uri.scheme name = name.lower() if name == '': name = 'tcp' module = self._module_manager.get(name, base_class=BaseHandler) if module is None: return False module = module(host=uri.hostname, port=uri.port, scanner=self) tmp = parse_qs(uri.query, keep_blank_values=True) config = {} for k, v in tmp.items(): config[k] = v[0] logger.debug("Extracted config values: %s", pformat(config)) module.config.set_values(config) return module def load_rating(self, name): """ Use the active module manager to load a rating module :param String name: Name of the rating module """ module = self._module_manager.get(name, base_class=BaseRating) if module is None: if name == "none": raise Exception("Internal error unable to load 'none' rating") return self.load_rating("none") return module(scanner=self) def reset_knowledge_base(self): """Create and activate a new knowledge base for this scanner.""" self._kb = KnowledgeBase() def run(self): """Execute all scan and report modules attached to the scanner.""" self.run_scans() self.run_reports() def run_reports(self): """Execute all report modules attached to the scanner.""" for module in self._modules: if not isinstance(module, BaseReport): continue logger.info("Running report module '%s' ...", str(module)) module.run() def run_scans(self): """Execute all scan modules attached to the scanner.""" for module in self._modules: if not isinstance(module, BaseScan): continue logger.info("Running scan module '%s' ...", str(module)) module.run() def set_handler(self, handler): """ Set the active protocol handler. :param handler: Instance of the handler """ self.handler = handler