def scan_domain_name(self, org_uuid=None, domain_uuid=None, order_uuid=None): """ Initiate a domain name scan for the given organization and domain. :param org_uuid: The UUID of the organization to initiate the domain name scan for. :param domain_uuid: The UUID of the domain to scan. :param order_uuid: The UUID of the order that this domain name scan is associated with. :return: None """ logger.info("Now scanning domain name %s." % (domain_uuid, )) should_scan = check_domain_name_scanning_status( db_session=self.db_session, domain_uuid=domain_uuid, update_status=True, ) if not should_scan: logger.info("Should not scan domain name %s. Returning." % (domain_uuid, )) domain_scan = create_domain_scan_for_domain(self.domain_uuid) self.db_session.add(domain_scan) self.db_session.commit() task_sigs = [] task_kwargs = { "org_uuid": org_uuid, "domain_uuid": domain_uuid, "domain_scan_uuid": str(domain_scan.uuid), "domain_name": self.domain.name, "order_uuid": order_uuid, } initial_group = [] scan_config = self.scan_config if scan_config.dns_enumerate_subdomains: initial_group.append(enumerate_subdomains_for_domain.si(**task_kwargs)) initial_group.append(gather_data_for_domain_name.si(**task_kwargs)) task_sigs.append(group(initial_group)) task_kwargs.pop("domain_name") task_sigs.append(create_report_for_domain_name_scan.si(**task_kwargs)) task_sigs.append(update_domain_name_scan_elasticsearch.si(**task_kwargs)) task_sigs.append(update_domain_name_scan_completed.si(**task_kwargs)) if scan_config.dns_scan_resolutions: task_sigs.append( scan_ip_addresses_for_domain_name_scan.si(**task_kwargs)) scanning_status_signature = update_domain_name_scanning_status.si( domain_uuid=domain_uuid, scanning_status=False, ) task_sigs.append(scanning_status_signature) if config.pubsub_enabled: task_sigs.append(publish_report_for_domain_name_scan.si(**task_kwargs)) logger.info("Now kicking off all necessary tasks to scan domain name %s." % (domain_uuid, )) canvas_sig = chain(task_sigs, link_error=scanning_status_signature) self.finish_after(signature=canvas_sig)
def create_and_inspect_domains_from_subdomain_enumeration( self, org_uuid=None, domain_uuid=None, domain_scan_uuid=None, parent_domain=None, scan_endpoints=True, ): """ Process the contents of all subdomain enumerations for the given domain name scan, create new domains for those subdomains that are new, and invoke scans for the domains as necessary. :param org_uuid: The UUID of the organization that subdomains were enumerated for. :param domain_uuid: The UUID of the domain name related to this inspection. :param domain_scan_uuid: The UUID of the domain name scan that this enumeration is a part of. :param parent_domain: The parent domain that was queried. :param scan_endpoints: Whether or not to scan IP addresses associated with resolved IP addresses of the domains. :return: None """ logger.info( "Now creating an inspecting domains from subdomain enumeration of parent domain %s." % (parent_domain, )) self.wait_for_es() subdomains = get_all_subdomains_from_domain_scan_enumeration( org_uuid=org_uuid, parent_domain=parent_domain, domain_scan_uuid=domain_scan_uuid, ) task_sigs = [] for subdomain in subdomains: domain_name = get_or_create_domain_name_for_organization( db_session=self.db_session, name=subdomain, added_by="subdomain_enum", org_uuid=org_uuid, ) self.db_session.add(domain_name) do_scan = check_domain_name_scanning_status( db_session=self.db_session, domain_uuid=domain_name.uuid, update_status=False, ) if do_scan: task_sigs.append( scan_domain_name.si( org_uuid=org_uuid, domain_uuid=domain_name.uuid, enumerate_subdomains=False, scan_ip_addresses=scan_endpoints, )) self.db_session.commit() canvas_sig = group(task_sigs) self.finish_after(signature=canvas_sig)
def scan_domain_name( self, org_uuid=None, domain_uuid=None, enumerate_subdomains=False, scan_ip_addresses=True, scan_network_services=True, inspect_network_services=True, ): """ Initiate a domain name scan for the given organization and domain. :param org_uuid: The UUID of the organization to initiate the domain name scan for. :param enumerate_subdomains: Whether or not to enumerate subdomains of the give domain. :param domain_uuid: The UUID of the domain to scan. :param scan_ip_addresses: Whether or not to perform scanning of the IP addresses associated with the domain name. :param scan_network_services: Whether or not to scan network services on associated IP addresses. :param inspect_network_services: Whether or not to perform inspection of live network services on associated IP addresses. :return: None """ logger.info("Now scanning domain name %s." % (domain_uuid, )) should_scan = check_domain_name_scanning_status( db_session=self.db_session, domain_uuid=domain_uuid, update_status=True, ) if not should_scan: logger.info("Should not scan domain name %s. Returning." % (domain_uuid, )) domain_name = DomainName.by_uuid(uuid=domain_uuid, db_session=self.db_session) domain_scan = create_domain_scan_for_domain(domain_uuid) self.db_session.add(domain_scan) self.db_session.commit() task_sigs = [] task_kwargs = { "org_uuid": org_uuid, "domain_uuid": domain_uuid, "domain_scan_uuid": str(domain_scan.uuid), "domain_name": domain_name.name, } initial_group = [] if enumerate_subdomains: initial_group.append(enumerate_subdomains_for_domain.si(**task_kwargs)) initial_group.append(gather_data_for_domain_name.si(**task_kwargs)) task_sigs.append(group(initial_group)) task_kwargs.pop("domain_name") task_sigs.append(create_report_for_domain_name_scan.si(**task_kwargs)) task_sigs.append(update_domain_name_scan_elasticsearch.si(**task_kwargs)) task_sigs.append(update_domain_name_scan_completed.si(**task_kwargs)) task_kwargs["scan_network_services"] = scan_network_services task_kwargs["inspect_network_services"] = inspect_network_services if scan_ip_addresses: task_sigs.append( scan_ip_addresses_for_domain_name_scan.si(**task_kwargs)) scanning_status_signature = update_domain_name_scanning_status.si( domain_uuid=domain_uuid, scanning_status=False, ) task_sigs.append(scanning_status_signature) logger.info("Now kicking off all necessary tasks to scan domain name %s." % (domain_uuid, )) canvas_sig = chain(task_sigs, link_error=scanning_status_signature) self.finish_after(signature=canvas_sig)