def handleupdate(self): dsz.ui.Echo( ('Updating the queue for session: %s' % self.scansweep_env)) (newrulelist, newqueuelist, removerule, removequeue) = self.checkupdate(self.scansweep_updatefile) if (len(newrulelist) > 0): for rule in newrulelist: rulelist = scanbase.get_escalate_rules(self.session) if (rule not in rulelist): scanbase.write_escalate_rule(self.session, rule) dsz.ui.Echo(('Escalation rule enabled: %s->%s' % (rule[0], rule[1]))) scanbase.set_jobtype(self.session, rule[1].split('|')[0]) if (len(newqueuelist) > 0): for item in newqueuelist: if self.addtoqueue(item[0], item[1], self.scansweep_env): dsz.ui.Echo(('Job added: %s %s' % (item[0], item[1]))) if (len(removerule) > 0): for rule in removerule: rulelist = scanbase.get_escalate_rules(self.session) if (rule in rulelist): scanbase.delete_escalate_rule(self.session, rule) dsz.ui.Echo(('Escalation rule removed: %s->%s' % (rule[0], rule[1]))) if (len(removequeue) > 0): for item in removequeue: if self.addtoqueue(item[0], item[1], self.scansweep_env, remove=True): dsz.ui.Echo(('Job removed: %s %s' % (item[0], item[1]))) pass
def handleupdate(self): dsz.ui.Echo(('Updating the queue for session: %s' % self.scansweep_env)) (newrulelist, newqueuelist, removerule, removequeue) = self.checkupdate(self.scansweep_updatefile) if (len(newrulelist) > 0): for rule in newrulelist: rulelist = scanbase.get_escalate_rules(self.session) if (rule not in rulelist): scanbase.write_escalate_rule(self.session, rule) dsz.ui.Echo(('Escalation rule enabled: %s->%s' % (rule[0], rule[1]))) scanbase.set_jobtype(self.session, rule[1].split('|')[0]) if (len(newqueuelist) > 0): for item in newqueuelist: if self.addtoqueue(item[0], item[1], self.scansweep_env): dsz.ui.Echo(('Job added: %s %s' % (item[0], item[1]))) if (len(removerule) > 0): for rule in removerule: rulelist = scanbase.get_escalate_rules(self.session) if (rule in rulelist): scanbase.delete_escalate_rule(self.session, rule) dsz.ui.Echo(('Escalation rule removed: %s->%s' % (rule[0], rule[1]))) if (len(removequeue) > 0): for item in removequeue: if self.addtoqueue(item[0], item[1], self.scansweep_env, remove=True): dsz.ui.Echo(('Job removed: %s %s' % (item[0], item[1]))) pass
def printconfig(self): escalate = scanbase.check_escalation(self.session) rulelist = scanbase.get_escalate_rules(self.session) type_list = scanbase.get_jobtypes(self.session) dsz.ui.Echo(('=' * 100)) dsz.ui.Echo(('Environment: %s' % self.scansweep_env)) dsz.ui.Echo(('Session: %s' % self.session)) if self.override: dsz.ui.Echo('Override: Enabled', dsz.WARNING) else: dsz.ui.Echo('Override: Disabled') if self.cidroverride: dsz.ui.Echo('Cidroverride: Enabled', dsz.WARNING) else: dsz.ui.Echo('Cidroverride: Disabled') if self.internaloverride: dsz.ui.Echo('Internaloverride: Enabled', dsz.WARNING) else: dsz.ui.Echo('Internaloverride: Disabled') if self.verbose: dsz.ui.Echo('Verbosity: Enabled', dsz.WARNING) else: dsz.ui.Echo('Verbosity: Disabled') if scanbase.check_escalation(self.session): dsz.ui.Echo('Escalation: Enabled', dsz.WARNING) else: dsz.ui.Echo('Escalation: Disabled') for rule in rulelist: dsz.ui.Echo(('\tEscalation rule enabled: %s->%s' % (rule[0], rule[1]))) self.printflav() dsz.ui.Echo(('Log file: %s' % self.scansweep_logfile)) dsz.ui.Echo(('Output file: %s' % self.scansweep_results)) dsz.ui.Echo(('=' * 100))
def re_escalate(self): type_list = scanbase.get_jobtypes(self.session) for type in type_list.keys(): results = ( scanbase.get_results(self.session, type, success=False) + scanbase.get_results(self.session, type, success=True)) for item in results: temp_engine = scanengine2.get_scanengine([type]) temp_engine.recall_data(item['data']) target = temp_engine.target rulelist = scanbase.get_escalate_rules(self.session) for rule in rulelist: if temp_engine.check_escalation(rule[0]): if (rule[1] == 'alert'): esc_output_string = ( '[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1])) self.alert(esc_output_string) dsz.ui.Echo(esc_output_string, dsz.WARNING) else: self.addtoqueue(rule[1], target, self.scansweep_env) esc_output_string = ( '[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs(self.session))) dsz.ui.Echo(esc_output_string) with open(self.scansweep_logfile, 'a') as f: f.write(('%s\n' % esc_output_string))
def printconfig(self): escalate = scanbase.check_escalation(self.session) rulelist = scanbase.get_escalate_rules(self.session) type_list = scanbase.get_jobtypes(self.session) dsz.ui.Echo(('=' * 100)) dsz.ui.Echo(('Environment: %s' % self.scansweep_env)) dsz.ui.Echo(('Session: %s' % self.session)) if self.override: dsz.ui.Echo('Override: Enabled', dsz.WARNING) else: dsz.ui.Echo('Override: Disabled') if self.cidroverride: dsz.ui.Echo('Cidroverride: Enabled', dsz.WARNING) else: dsz.ui.Echo('Cidroverride: Disabled') if self.internaloverride: dsz.ui.Echo('Internaloverride: Enabled', dsz.WARNING) else: dsz.ui.Echo('Internaloverride: Disabled') if self.verbose: dsz.ui.Echo('Verbosity: Enabled', dsz.WARNING) else: dsz.ui.Echo('Verbosity: Disabled') if scanbase.check_escalation(self.session): dsz.ui.Echo('Escalation: Enabled', dsz.WARNING) else: dsz.ui.Echo('Escalation: Disabled') for rule in rulelist: dsz.ui.Echo( ('\tEscalation rule enabled: %s->%s' % (rule[0], rule[1]))) self.printflav() dsz.ui.Echo(('Log file: %s' % self.scansweep_logfile)) dsz.ui.Echo(('Output file: %s' % self.scansweep_results)) dsz.ui.Echo(('=' * 100))
def re_escalate(self): type_list = scanbase.get_jobtypes(self.session) for type in type_list.keys(): results = (scanbase.get_results(self.session, type, success=False) + scanbase.get_results(self.session, type, success=True)) for item in results: temp_engine = scanengine2.get_scanengine([type]) temp_engine.recall_data(item['data']) target = temp_engine.target rulelist = scanbase.get_escalate_rules(self.session) for rule in rulelist: if temp_engine.check_escalation(rule[0]): if (rule[1] == 'alert'): esc_output_string = ('[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1])) self.alert(esc_output_string) dsz.ui.Echo(esc_output_string, dsz.WARNING) else: self.addtoqueue(rule[1], target, self.scansweep_env) esc_output_string = ('[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs(self.session))) dsz.ui.Echo(esc_output_string) with open(self.scansweep_logfile, 'a') as f: f.write(('%s\n' % esc_output_string))
def scan(scansweepHelper): lastresults = 0 alreadyoutput = [] num_remaining = scanbase.num_jobs(scansweepHelper.session) sanity_string = ('[%s] Sanity output: %s jobs remaining, %s-%s remaining' % (dsz.Timestamp(), num_remaining, ops.timehelper.get_age_from_seconds( (num_remaining * scansweepHelper.min_seconds)), ops.timehelper.get_age_from_seconds( (num_remaining * scansweepHelper.max_seconds)))) dsz.ui.Echo(sanity_string, dsz.GOOD) scansweepHelper.showstats() if (not os.path.exists(os.path.dirname( scansweepHelper.scansweep_logfile))): os.mkdir(os.path.dirname(scansweepHelper.scansweep_logfile)) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % sanity_string)) delta = time.time() scantime = time.time() originaltime = time.time() if (scansweepHelper.monitor is not None): scansweepHelper.activatemonitors() while True: if ((time.time() - originaltime) > scansweepHelper.maxtime): dsz.ui.Echo( ('Maxtime of %s has been exceeded. Exiting.' % ops.timehelper.get_age_from_seconds(scansweepHelper.maxtime)), dsz.ERROR) break scan_job = scanbase.get_job(scansweepHelper.session) if (scan_job == False): if (scansweepHelper.monitor is None): break else: try: target = scan_job[1] job_info = scan_job[0].split('|') job_type = job_info[0] if (not util.ip.validate(target)): target = scansweepHelper.resolvehostname(target) if (target == None): continue target_scanner = scanengine2.get_scanengine( scan_job, scansweepHelper.timeout) target_scanner.execute_scan(False) if target_scanner.multiple_responses: multi_response = target_scanner.return_data() for response in multi_response: scanbase.write_result(scansweepHelper.session, response.scan_type, response.target, response.return_data(), response.success, scan_job[0]) else: scanbase.write_result(scansweepHelper.session, target_scanner.scan_type, target_scanner.target, target_scanner.return_data(), target_scanner.success, scan_job[0]) if target_scanner.success: succ_out_string = ( '[%s] %s (%s jobs remaining)' % (target_scanner.timestamp, target_scanner.return_success_message(), scanbase.num_jobs(scansweepHelper.session))) dsz.ui.Echo(succ_out_string) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % succ_out_string)) rulelist = scanbase.get_escalate_rules(scansweepHelper.session) for rule in rulelist: if target_scanner.check_escalation(rule[0]): if (rule[1] == 'alert'): if (target_scanner.success == True): esc_output_string = ( '[%s]\t\tAlerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1])) else: esc_output_string = ( '[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1])) scansweepHelper.alert(esc_output_string) dsz.ui.Echo(esc_output_string, dsz.WARNING) else: add_succ = scansweepHelper.addtoqueue( rule[1], target, scansweepHelper.scansweep_env) if ((target_scanner.success == True) and add_succ): esc_output_string = ( '[%s]\t\tEscalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs( scansweepHelper.session))) elif add_succ: esc_output_string = ( '[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs( scansweepHelper.session))) dsz.ui.Echo(esc_output_string) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % esc_output_string)) except Exception as e: if dsz.ui.Prompt( ('The current job failed for some reason. Would you like to quit? %s' % e), False): break else: continue if scansweepHelper.monitor: for monitor_handler in scansweepHelper.monitorengines: found_connections = monitor_handler.execute_monitor() for connection in found_connections: rulelist = scanbase.get_escalate_rules( scansweepHelper.session) for rule in rulelist: if monitor_handler.check_escalation( rule[0], connection): found = False add_succ = True if (not scansweepHelper.internaloverride): for network in scansweepHelper.local_networks: if util.ip.validate_ipv6( connection.target): if (util.ip.expand_ipv6( connection.target)[:19] == network[1]): found = True break elif ((not (network[0] == '')) and (scansweepHelper.getnetwork( connection.target, util.ip.get_cidr_from_subnet( network[0])) == network[1])): found = True break if ((not scansweepHelper.internaloverride) and (not found)): esc_output_string = ( '[%s] Escalation failed (outside subnet) %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), connection.target, rule[0], rule[1], scanbase.num_jobs( scansweepHelper.session))) dsz.ui.Echo(esc_output_string, dsz.WARNING) elif (rule[1] == 'alert'): esc_output_string = ( '[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), connection.target, rule[0], rule[1])) scansweepHelper.alert(esc_output_string) dsz.ui.Echo(esc_output_string, dsz.WARNING) else: add_succ = scansweepHelper.addtoqueue( rule[1], connection.target, scansweepHelper.scansweep_env) if add_succ: esc_output_string = ( '[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), connection.target, rule[0], rule[1], scanbase.num_jobs( scansweepHelper.session))) dsz.ui.Echo(esc_output_string) if add_succ: with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % esc_output_string)) newdelta = time.time() num_remaining = scanbase.num_jobs(scansweepHelper.session) if ((((num_remaining % 10) == 0) and (not (num_remaining in alreadyoutput))) or ((newdelta - delta) > (5 * 60))): maxremaining = int( (scansweepHelper.maxtime - (time.time() - originaltime))) sanity_string = ( '[%s] Sanity output: %s jobs remaining, %s-%s remaining (max %s), %0.1fs since last sanity' % (dsz.Timestamp(), num_remaining, ops.timehelper.get_age_from_seconds( (num_remaining * scansweepHelper.min_seconds)), ops.timehelper.get_age_from_seconds( (num_remaining * scansweepHelper.max_seconds)), ops.timehelper.get_age_from_seconds(maxremaining), (newdelta - delta))) dsz.ui.Echo(sanity_string, dsz.GOOD) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % sanity_string)) scansweepHelper.showstats() alreadyoutput.append( scanbase.num_jobs(scansweepHelper.scansweep_env)) delta = newdelta resultstotal = 0 type_list = scanbase.get_jobtypes(scansweepHelper.session) for type in type_list: resultstotal = (resultstotal + scansweepHelper.findlistsize(type)) if (not (lastresults == resultstotal)): scansweepHelper.generateresults(quiet=True) lastresults = resultstotal if scanbase.check_kill(scansweepHelper.session): dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' % scansweepHelper.session), dsz.ERROR) break if ((not (scanbase.num_jobs(scansweepHelper.session) == 0)) or scansweepHelper.monitor): sleep_in_secs = random.randint(scansweepHelper.min_seconds, scansweepHelper.max_seconds) if (not scansweepHelper.nowait): if scansweepHelper.verbose: dsz.ui.Echo(('[%s] Sleeping for %s seconds...' % (dsz.Timestamp(), sleep_in_secs))) try: dsz.Sleep((sleep_in_secs * 1000)) except exceptions.RuntimeError as e: dsz.ui.Echo(('%s' % e), dsz.ERROR) break elif ((time.time() - scantime) < sleep_in_secs): nowaitsleep = int((sleep_in_secs - floor( (time.time() - scantime)))) if scansweepHelper.verbose: dsz.ui.Echo(( '[%s] Sleeping for %s seconds (%s seconds remain)...' % (dsz.Timestamp(), sleep_in_secs, nowaitsleep))) try: dsz.Sleep((sleep_in_secs * 1000)) except exceptions.RuntimeError as e: dsz.ui.Echo(('%s' % e), dsz.ERROR) break elif scansweepHelper.verbose: dsz.ui.Echo( ('[%s] Would sleep for %s seconds but we are overdue...' % (dsz.Timestamp(), sleep_in_secs))) scantime = time.time() if scanbase.check_kill(scansweepHelper.session): dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' % scansweepHelper.session), dsz.ERROR) break
def main(arguments): scanbase.setup_db() failout = False scansweepHelper = helper.scansweepHelper([x.lower() for x in arguments]) scansweepHelper.check_env() create_mode = False if (scansweepHelper.options.database is not None): database_op = scansweepHelper.options.database if (not (database_op == 'create')): if (scansweepHelper.options.session is not None): scansweepHelper.database_display(database_op) else: scansweepHelper.database_display(database_op) return else: create_mode = True if (scansweepHelper.options.update is not None): scansweepHelper.handleupdate() return scanbase.write_metadata(scansweepHelper.scansweep_env, scansweepHelper.session, scansweepHelper.scansweep_logfile, scansweepHelper.scansweep_results, scansweepHelper.verbose) if (scansweepHelper.options.exclude is not None): scansweepHelper.parseexcludes(scansweepHelper.options.exclude) if (scansweepHelper.session == scansweepHelper.scansweep_env): if ((scansweepHelper.options.monitor is None) and (scansweepHelper.options.type is None)): dsz.ui.Echo('You must specify a type.', dsz.ERROR) return 0 if ((scansweepHelper.options.monitor is None) and os.path.exists(scansweepHelper.options.type[0])): if (scansweepHelper.options.target is not None): dsz.ui.Echo( 'You cannot use -target when specifying a queue file.', dsz.ERROR) return 0 queuefile = scansweepHelper.options.type[0] if (not scansweepHelper.verifyqueue(queuefile)): failout = True else: queuelist = scansweepHelper.getqueuefromfile(queuefile) for item in queuelist: scansweepHelper.addtoqueue(item[0], item[1], scansweepHelper.scansweep_env) elif (scansweepHelper.options.type is not None): job_type = scansweepHelper.options.type[0].lower() job = '|'.join(scansweepHelper.options.type) if (not scansweepHelper.verifyjob(job_type, scansweepHelper.options.type)): dsz.ui.Echo( 'Invalid -type options, please verify your parameters.', dsz.ERROR) return 0 candidate_list = [] if (scansweepHelper.options.target is not None): if (type(scansweepHelper.options.target) == type([])): for target_flag in scansweepHelper.options.target: candidate_list.extend( scansweepHelper.parsetarget(target_flag)) else: candidate_list = scansweepHelper.parsetarget( scansweepHelper.options.target) else: dsz.ui.Echo('You must provide some targets with your scan.', dsz.ERROR) return 0 if ((len(candidate_list) > 255) and (not scansweepHelper.options.cidroverride)): dsz.ui.Echo( 'You cannot specify more then 255 targets without the -cidroverride option', dsz.ERROR) failout = True else: scansweepHelper.addlisttoqueue({job: candidate_list}) if (scansweepHelper.monitor is not None): for monitortype in scansweepHelper.monitor: if (scansweepHelper.verifymonitor(monitortype) is False): dsz.ui.Echo( ('%s is an invalid monitor type' % monitortype)) failout = True if ((scanbase.num_jobs(scansweepHelper.session) > 255) and (not scansweepHelper.options.cidroverride)): dsz.ui.Echo( 'You cannot specify more then 255 targets without the -cidroverride option', dsz.ERROR) failout = True if (scansweepHelper.options.escalate is not None): rulelist = scansweepHelper.parseescalate( scansweepHelper.options.escalate) if (len(rulelist) == 0): dsz.ui.Echo( 'You specified -escalate, but had only invalid rules. Exiting.', dsz.ERROR) failout = True for rule in rulelist: scantype = rule[1].split('|')[0] current_rulelist = scanbase.get_escalate_rules( scansweepHelper.session) if (rule not in current_rulelist): scanbase.write_escalate_rule(scansweepHelper.session, rule) if (not (scantype == 'alert')): scanbase.set_jobtype(scansweepHelper.session, scantype) elif ((scansweepHelper.options.type is not None) or (scansweepHelper.options.target is not None)): dsz.ui.Echo('You cannot specify -target or -type when using -session.', dsz.WARNING) failout = True else: dsz.ui.Echo( 'You are joining another session, and so will use the already available job queue and escalate rules.', dsz.WARNING) if (not scansweepHelper.verifytime( scanbase.get_jobtypes(scansweepHelper.session))): failout = True if failout: return 0 scansweepHelper.printconfig() if create_mode: dsz.ui.Echo('Ran in create mode. Exiting.', dsz.WARNING) return dsz.lp.RecordToolUse('scansweep', scansweepHelper.toolversion, usage='EXERCISED', comment=' '.join([x.lower() for x in arguments])) try: scan(scansweepHelper) finally: dsz.ui.Echo(('=' * 100)) scansweepHelper.showstats() print '\n\n' scansweepHelper.generateresults(quiet=False)
def display_escalate_rules(self): rule_list = scanbase.get_escalate_rules(self.session) for rule in rule_list: dsz.ui.Echo(('%s->%s' % (rule[0], rule[1]))) return
def main(arguments): scanbase.setup_db() failout = False scansweepHelper = helper.scansweepHelper([x.lower() for x in arguments]) scansweepHelper.check_env() create_mode = False if (scansweepHelper.options.database is not None): database_op = scansweepHelper.options.database if (not (database_op == 'create')): if (scansweepHelper.options.session is not None): scansweepHelper.database_display(database_op) else: scansweepHelper.database_display(database_op) return else: create_mode = True if (scansweepHelper.options.update is not None): scansweepHelper.handleupdate() return scanbase.write_metadata(scansweepHelper.scansweep_env, scansweepHelper.session, scansweepHelper.scansweep_logfile, scansweepHelper.scansweep_results, scansweepHelper.verbose) if (scansweepHelper.options.exclude is not None): scansweepHelper.parseexcludes(scansweepHelper.options.exclude) if (scansweepHelper.session == scansweepHelper.scansweep_env): if ((scansweepHelper.options.monitor is None) and (scansweepHelper.options.type is None)): dsz.ui.Echo('You must specify a type.', dsz.ERROR) return 0 if ((scansweepHelper.options.monitor is None) and os.path.exists(scansweepHelper.options.type[0])): if (scansweepHelper.options.target is not None): dsz.ui.Echo('You cannot use -target when specifying a queue file.', dsz.ERROR) return 0 queuefile = scansweepHelper.options.type[0] if (not scansweepHelper.verifyqueue(queuefile)): failout = True else: queuelist = scansweepHelper.getqueuefromfile(queuefile) for item in queuelist: scansweepHelper.addtoqueue(item[0], item[1], scansweepHelper.scansweep_env) elif (scansweepHelper.options.type is not None): job_type = scansweepHelper.options.type[0].lower() job = '|'.join(scansweepHelper.options.type) if (not scansweepHelper.verifyjob(job_type, scansweepHelper.options.type)): dsz.ui.Echo('Invalid -type options, please verify your parameters.', dsz.ERROR) return 0 candidate_list = [] if (scansweepHelper.options.target is not None): if (type(scansweepHelper.options.target) == type([])): for target_flag in scansweepHelper.options.target: candidate_list.extend(scansweepHelper.parsetarget(target_flag)) else: candidate_list = scansweepHelper.parsetarget(scansweepHelper.options.target) else: dsz.ui.Echo('You must provide some targets with your scan.', dsz.ERROR) return 0 if ((len(candidate_list) > 255) and (not scansweepHelper.options.cidroverride)): dsz.ui.Echo('You cannot specify more then 255 targets without the -cidroverride option', dsz.ERROR) failout = True else: scansweepHelper.addlisttoqueue({job: candidate_list}) if (scansweepHelper.monitor is not None): for monitortype in scansweepHelper.monitor: if (scansweepHelper.verifymonitor(monitortype) is False): dsz.ui.Echo(('%s is an invalid monitor type' % monitortype)) failout = True if ((scanbase.num_jobs(scansweepHelper.session) > 255) and (not scansweepHelper.options.cidroverride)): dsz.ui.Echo('You cannot specify more then 255 targets without the -cidroverride option', dsz.ERROR) failout = True if (scansweepHelper.options.escalate is not None): rulelist = scansweepHelper.parseescalate(scansweepHelper.options.escalate) if (len(rulelist) == 0): dsz.ui.Echo('You specified -escalate, but had only invalid rules. Exiting.', dsz.ERROR) failout = True for rule in rulelist: scantype = rule[1].split('|')[0] current_rulelist = scanbase.get_escalate_rules(scansweepHelper.session) if (rule not in current_rulelist): scanbase.write_escalate_rule(scansweepHelper.session, rule) if (not (scantype == 'alert')): scanbase.set_jobtype(scansweepHelper.session, scantype) elif ((scansweepHelper.options.type is not None) or (scansweepHelper.options.target is not None)): dsz.ui.Echo('You cannot specify -target or -type when using -session.', dsz.WARNING) failout = True else: dsz.ui.Echo('You are joining another session, and so will use the already available job queue and escalate rules.', dsz.WARNING) if (not scansweepHelper.verifytime(scanbase.get_jobtypes(scansweepHelper.session))): failout = True if failout: return 0 scansweepHelper.printconfig() if create_mode: dsz.ui.Echo('Ran in create mode. Exiting.', dsz.WARNING) return dsz.lp.RecordToolUse('scansweep', scansweepHelper.toolversion, usage='EXERCISED', comment=' '.join([x.lower() for x in arguments])) try: scan(scansweepHelper) finally: dsz.ui.Echo(('=' * 100)) scansweepHelper.showstats() print '\n\n' scansweepHelper.generateresults(quiet=False)
def scan(scansweepHelper): lastresults = 0 alreadyoutput = [] num_remaining = scanbase.num_jobs(scansweepHelper.session) sanity_string = ('[%s] Sanity output: %s jobs remaining, %s-%s remaining' % (dsz.Timestamp(), num_remaining, ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.min_seconds)), ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.max_seconds)))) dsz.ui.Echo(sanity_string, dsz.GOOD) scansweepHelper.showstats() if (not os.path.exists(os.path.dirname(scansweepHelper.scansweep_logfile))): os.mkdir(os.path.dirname(scansweepHelper.scansweep_logfile)) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % sanity_string)) delta = time.time() scantime = time.time() originaltime = time.time() if (scansweepHelper.monitor is not None): scansweepHelper.activatemonitors() while True: if ((time.time() - originaltime) > scansweepHelper.maxtime): dsz.ui.Echo(('Maxtime of %s has been exceeded. Exiting.' % ops.timehelper.get_age_from_seconds(scansweepHelper.maxtime)), dsz.ERROR) break scan_job = scanbase.get_job(scansweepHelper.session) if (scan_job == False): if (scansweepHelper.monitor is None): break else: try: target = scan_job[1] job_info = scan_job[0].split('|') job_type = job_info[0] if (not util.ip.validate(target)): target = scansweepHelper.resolvehostname(target) if (target == None): continue target_scanner = scanengine2.get_scanengine(scan_job, scansweepHelper.timeout) target_scanner.execute_scan(False) if target_scanner.multiple_responses: multi_response = target_scanner.return_data() for response in multi_response: scanbase.write_result(scansweepHelper.session, response.scan_type, response.target, response.return_data(), response.success, scan_job[0]) else: scanbase.write_result(scansweepHelper.session, target_scanner.scan_type, target_scanner.target, target_scanner.return_data(), target_scanner.success, scan_job[0]) if target_scanner.success: succ_out_string = ('[%s] %s (%s jobs remaining)' % (target_scanner.timestamp, target_scanner.return_success_message(), scanbase.num_jobs(scansweepHelper.session))) dsz.ui.Echo(succ_out_string) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % succ_out_string)) rulelist = scanbase.get_escalate_rules(scansweepHelper.session) for rule in rulelist: if target_scanner.check_escalation(rule[0]): if (rule[1] == 'alert'): if (target_scanner.success == True): esc_output_string = ('[%s]\t\tAlerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1])) else: esc_output_string = ('[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), target, rule[0], rule[1])) scansweepHelper.alert(esc_output_string) dsz.ui.Echo(esc_output_string, dsz.WARNING) else: add_succ = scansweepHelper.addtoqueue(rule[1], target, scansweepHelper.scansweep_env) if ((target_scanner.success == True) and add_succ): esc_output_string = ('[%s]\t\tEscalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session))) elif add_succ: esc_output_string = ('[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session))) dsz.ui.Echo(esc_output_string) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % esc_output_string)) except Exception as e: if dsz.ui.Prompt(('The current job failed for some reason. Would you like to quit? %s' % e), False): break else: continue if scansweepHelper.monitor: for monitor_handler in scansweepHelper.monitorengines: found_connections = monitor_handler.execute_monitor() for connection in found_connections: rulelist = scanbase.get_escalate_rules(scansweepHelper.session) for rule in rulelist: if monitor_handler.check_escalation(rule[0], connection): found = False add_succ = True if (not scansweepHelper.internaloverride): for network in scansweepHelper.local_networks: if util.ip.validate_ipv6(connection.target): if (util.ip.expand_ipv6(connection.target)[:19] == network[1]): found = True break elif ((not (network[0] == '')) and (scansweepHelper.getnetwork(connection.target, util.ip.get_cidr_from_subnet(network[0])) == network[1])): found = True break if ((not scansweepHelper.internaloverride) and (not found)): esc_output_string = ('[%s] Escalation failed (outside subnet) %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), connection.target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session))) dsz.ui.Echo(esc_output_string, dsz.WARNING) elif (rule[1] == 'alert'): esc_output_string = ('[%s] Alerting on %s by rule: (%s->%s)' % (dsz.Timestamp(), connection.target, rule[0], rule[1])) scansweepHelper.alert(esc_output_string) dsz.ui.Echo(esc_output_string, dsz.WARNING) else: add_succ = scansweepHelper.addtoqueue(rule[1], connection.target, scansweepHelper.scansweep_env) if add_succ: esc_output_string = ('[%s] Escalating %s by rule: (%s->%s) (%s jobs remaining)' % (dsz.Timestamp(), connection.target, rule[0], rule[1], scanbase.num_jobs(scansweepHelper.session))) dsz.ui.Echo(esc_output_string) if add_succ: with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % esc_output_string)) newdelta = time.time() num_remaining = scanbase.num_jobs(scansweepHelper.session) if ((((num_remaining % 10) == 0) and (not (num_remaining in alreadyoutput))) or ((newdelta - delta) > (5 * 60))): maxremaining = int((scansweepHelper.maxtime - (time.time() - originaltime))) sanity_string = ('[%s] Sanity output: %s jobs remaining, %s-%s remaining (max %s), %0.1fs since last sanity' % (dsz.Timestamp(), num_remaining, ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.min_seconds)), ops.timehelper.get_age_from_seconds((num_remaining * scansweepHelper.max_seconds)), ops.timehelper.get_age_from_seconds(maxremaining), (newdelta - delta))) dsz.ui.Echo(sanity_string, dsz.GOOD) with open(scansweepHelper.scansweep_logfile, 'a') as f: f.write(('%s\n' % sanity_string)) scansweepHelper.showstats() alreadyoutput.append(scanbase.num_jobs(scansweepHelper.scansweep_env)) delta = newdelta resultstotal = 0 type_list = scanbase.get_jobtypes(scansweepHelper.session) for type in type_list: resultstotal = (resultstotal + scansweepHelper.findlistsize(type)) if (not (lastresults == resultstotal)): scansweepHelper.generateresults(quiet=True) lastresults = resultstotal if scanbase.check_kill(scansweepHelper.session): dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' % scansweepHelper.session), dsz.ERROR) break if ((not (scanbase.num_jobs(scansweepHelper.session) == 0)) or scansweepHelper.monitor): sleep_in_secs = random.randint(scansweepHelper.min_seconds, scansweepHelper.max_seconds) if (not scansweepHelper.nowait): if scansweepHelper.verbose: dsz.ui.Echo(('[%s] Sleeping for %s seconds...' % (dsz.Timestamp(), sleep_in_secs))) try: dsz.Sleep((sleep_in_secs * 1000)) except exceptions.RuntimeError as e: dsz.ui.Echo(('%s' % e), dsz.ERROR) break elif ((time.time() - scantime) < sleep_in_secs): nowaitsleep = int((sleep_in_secs - floor((time.time() - scantime)))) if scansweepHelper.verbose: dsz.ui.Echo(('[%s] Sleeping for %s seconds (%s seconds remain)...' % (dsz.Timestamp(), sleep_in_secs, nowaitsleep))) try: dsz.Sleep((sleep_in_secs * 1000)) except exceptions.RuntimeError as e: dsz.ui.Echo(('%s' % e), dsz.ERROR) break elif scansweepHelper.verbose: dsz.ui.Echo(('[%s] Would sleep for %s seconds but we are overdue...' % (dsz.Timestamp(), sleep_in_secs))) scantime = time.time() if scanbase.check_kill(scansweepHelper.session): dsz.ui.Echo(('This session (%s) is marked for death. Exiting.' % scansweepHelper.session), dsz.ERROR) break