Exemplo n.º 1
0
def test_add_tags(app):
    tags = ["test", "tag", "three"]
    test_scope = ScopeItem(target="127.0.0.1/8", blacklist=False)
    db.session.add(test_scope)
    ScopeItem.addTags(test_scope, tags)
    for tag in test_scope.tags:
        assert test_scope.is_tagged(tag)
Exemplo n.º 2
0
def test_get_scope(app):
    test_scope1 = ScopeItem(target="127.0.0.1/8", blacklist=False)
    test_scope2 = ScopeItem(target="172.16.0.0/16", blacklist=True)
    db.session.add(test_scope1)
    db.session.add(test_scope2)
    assert len(ScopeItem.getScope()) == 1
    assert len(ScopeItem.getBlacklist()) == 1
Exemplo n.º 3
0
def scope():
	scope = ScopeItem.get_scope()
	scopeSize = current_app.ScopeManager.get_scope_size()

	# if it's zero, let's make sure the ScopeManager is up to date
	if scopeSize == 0:
		current_app.ScopeManager.update()
		scopeSize = current_app.ScopeManager.get_scope_size()
		# if it's zero again that's fine, we just had to check

	newForm = forms.NewScopeForm()
	delForm = forms.ScopeDeleteForm()
	editForm = forms.ScopeToggleForm()
	importForm = forms.ImportScopeForm()
	addTagForm = forms.TagScopeForm()
	addTagForm.tagname.choices = [(row.name, row.name) for row in Tag.query.all()]
	if newForm.validate_on_submit():
		if '/' not in newForm.target.data:
			newForm.target.data = newForm.target.data + '/32'
		target = ipaddress.ip_network(newForm.target.data, False)
		newTarget = ScopeItem(target=target.with_prefixlen, blacklist=False)
		db.session.add(newTarget)
		db.session.commit()
		current_app.ScopeManager.update()
		flash('%s added!' % newTarget.target, 'success')
		return redirect(url_for('admin.scope'))
	return render_template(
		"admin/scope.html", scope=scope, scopeSize=scopeSize, delForm=delForm,
		editForm=editForm, newForm=newForm, importForm=importForm, addTagForm=addTagForm)
Exemplo n.º 4
0
def blacklist():
    scope = ScopeItem.getBlacklist()
    blacklistSize = current_app.ScopeManager.get_blacklist_size()
    newForm = forms.NewScopeForm()
    delForm = forms.ScopeDeleteForm()
    editForm = forms.ScopeToggleForm()
    importForm = forms.ImportBlacklistForm()
    addTagForm = forms.TagScopeForm()
    addTagForm.tagname.choices = [(row.name, row.name) for row in Tag.query.all()]
    if newForm.validate_on_submit():
        target = ipaddress.ip_network(newForm.target.data, False)
        newTarget = ScopeItem(target=target.with_prefixlen, blacklist=True)
        db.session.add(newTarget)
        db.session.commit()
        current_app.ScopeManager.update()
        flash(f"{newTarget.target} blacklisted!", "success")
        return redirect(url_for("admin.blacklist"))
    return render_template(
        "admin/blacklist.html",
        scope=scope,
        blacklistSize=blacklistSize,
        delForm=delForm,
        editForm=editForm,
        newForm=newForm,
        importForm=importForm,
        addTagForm=addTagForm,
    )
Exemplo n.º 5
0
	def updateScanManager(self):
		from app.models import ScopeItem
		self.scanmanager = None
		try:
			scanrange = [IPNetwork(n.target) for n in ScopeItem.getScope()]
			blacklistrange = [IPNetwork(n.target) for n in ScopeItem.getBlacklist()]
			self.scanmanager = IPScanManager(scanrange, blacklistrange)
		except Exception as e:
			log("Scan manager could not be instantiated because there was no scope configured.", printm=True)
Exemplo n.º 6
0
def test_export_items_tagged(runner):
    scope_items = ["10.0.0.0/8,a", "192.168.5.0/28"]
    blacklist_items = ["192.168.1.0/24,b"]
    ScopeItem.import_scope_list(scope_items, False)
    ScopeItem.import_scope_list(blacklist_items, True)
    result = runner.invoke(export_items)
    assert result.exit_code == 0
    result_dict = json.loads(result.output)
    assert len(result_dict["scope"]) == 2
    assert result_dict["scope"][0]["tags"] == ["a"]
    assert result_dict["scope"][1]["tags"] == []
    assert len(result_dict["blacklist"]) == 1
    assert result_dict["blacklist"][0]["blacklist"] is True
    assert result_dict["blacklist"][0]["tags"] == ["b"]
Exemplo n.º 7
0
def test_acceptable_targets(app):
    scope_items = ["192.168.0.0/16"]
    blacklist_items = ["192.168.1.0/24", "192.168.2.1/32"]
    for s in scope_items:
        item = ScopeItem(target=s, blacklist=False)
        db.session.add(item)
    for s in blacklist_items:
        item = ScopeItem(target=s, blacklist=True)
        db.session.add(item)
    current_app.ScopeManager.update()
    assert current_app.ScopeManager.is_acceptable_target("192.168.0.123")
    assert current_app.ScopeManager.is_acceptable_target("192.168.2.2")
    assert not current_app.ScopeManager.is_acceptable_target("192.168.1.234")
    assert not current_app.ScopeManager.is_acceptable_target("192.168.2.1")
    assert not current_app.ScopeManager.is_acceptable_target("192.0.2.34")
    assert not current_app.ScopeManager.is_acceptable_target("example.com")
Exemplo n.º 8
0
def test_rescan_lifecycle(app):
    scope_items = ["192.168.0.0/16"]
    user = User(email="*****@*****.**")
    db.session.add(user)
    for s in scope_items:
        item = ScopeItem(target=s, blacklist=False)
        db.session.add(item)
    current_app.ScopeManager.update()
    assert current_app.ScopeManager.get_pending_rescans() == []
    assert current_app.ScopeManager.get_dispatched_rescans() == []
    assert current_app.ScopeManager.get_incomplete_scans() == []
    r = RescanTask(target="192.168.123.45", user_id=user.id)
    db.session.add(r)
    current_app.ScopeManager.update_pending_rescans()
    assert len(current_app.ScopeManager.get_pending_rescans()) == 1
    assert len(current_app.ScopeManager.get_incomplete_scans()) == 1
    r.dispatchTask()
    db.session.add(r)
    current_app.ScopeManager.update_pending_rescans()
    current_app.ScopeManager.update_dispatched_rescans()
    assert len(current_app.ScopeManager.get_pending_rescans()) == 0
    assert len(current_app.ScopeManager.get_dispatched_rescans()) == 1
    assert len(current_app.ScopeManager.get_incomplete_scans()) == 1
    r.completeTask("testscanid")
    db.session.add(r)
    current_app.ScopeManager.update_pending_rescans()
    current_app.ScopeManager.update_dispatched_rescans()
    assert len(current_app.ScopeManager.get_pending_rescans()) == 0
    assert len(current_app.ScopeManager.get_dispatched_rescans()) == 0
    assert len(current_app.ScopeManager.get_incomplete_scans()) == 0
Exemplo n.º 9
0
def importScope(scopetype=''):
	if scopetype == 'blacklist':
		importBlacklist = True
		importForm = forms.ImportBlacklistForm()
	elif scopetype == 'scope':
		importBlacklist = False
		importForm = forms.ImportScopeForm()
	else:
		abort(404)
	if importForm.validate_on_submit():
		successImports = []
		alreadyExists = []
		failedImports = []
		newScopeItems = importForm.scope.data.split('\n')
		for item in newScopeItems:
			item = item.strip()
			fail, exist, success = ScopeItem.importScope(item, importBlacklist)
			failedImports = failedImports + fail
			alreadyExists = alreadyExists + exist
			successImports = successImports + success
		db.session.commit()
		current_app.ScopeManager.update()
		if len(successImports) > 0:
			flash('%s targets added to %s!' % (len(successImports), scopetype), 'success')
		if len(alreadyExists) > 0:
			flash('%s targets already existed!' % len(alreadyExists), 'info')
		if len(failedImports) > 0:
			flash('%s targets failed to import!' % len(failedImports), 'danger')
			for item in failedImports:
				flash('%s' % item, 'danger')
	else:
		for field, errors in importForm.errors.items():
			for error in errors:
				flash(error, 'danger')
	return redirect(url_for('admin.%s' % scopetype))
Exemplo n.º 10
0
def export_items():
    result = {
        "timestamp":
        datetime.utcnow().isoformat(),
        "scope": [{
            "target": item.target,
            "blacklist": item.blacklist,
            "tags": item.get_tag_names(),
        } for item in ScopeItem.getScope()],
        "blacklist": [{
            "target": item.target,
            "blacklist": item.blacklist,
            "tags": item.get_tag_names(),
        } for item in ScopeItem.getBlacklist()],
    }
    print(json.dumps(result, indent=2))
Exemplo n.º 11
0
 def updateScanManager(self):
     from app.models import ScopeItem
     self.scanmanager = None
     try:
         self.scanmanager = IPScanManager([IPNetwork(n.target) for n in ScopeItem.getScope()], [IPNetwork(n.target) for n in ScopeItem.getBlacklist()])
     except Exception as e:
         print("Scan manager could not be instantiated because there was no scope configured.")
Exemplo n.º 12
0
def import_scope(scopetype=""):
    if scopetype == "blacklist":
        importBlacklist = True
        importForm = forms.ImportBlacklistForm()
    elif scopetype == "scope":
        importBlacklist = False
        importForm = forms.ImportScopeForm()
    else:
        return abort(404)
    if importForm.validate_on_submit():
        newScopeItems = importForm.scope.data.split("\n")
        fail, exist, success = ScopeItem.import_scope_list(
            newScopeItems, importBlacklist
        )
        db.session.commit()
        current_app.ScopeManager.update()
        if success:
            flash(f"{len(success)} targets added to {scopetype}!", "success")
        if exist:
            flash(f"{len(exist)} targets already existed!", "info")
        if fail:
            flash(f"{len(fail)} targets failed to import!", "danger")
            for item in fail:
                flash(f"{item}", "danger")
    else:
        for field, errors in importForm.errors.items():
            for error in errors:
                flash(error, "danger")
    return redirect(url_for(f"admin.{scopetype}"))
Exemplo n.º 13
0
def test_scope_update(app):
    scope_items = ["10.0.0.0/8"]
    for s in scope_items:
        item = ScopeItem(target=s, blacklist=False)
        db.session.add(item)
    current_app.ScopeManager.update()
    assert current_app.ScopeManager.get_scope_size() == network_lengths["/8"]
    assert current_app.ScopeManager.is_acceptable_target("10.1.2.3")
Exemplo n.º 14
0
 def updateBlacklist(self):
     from app.models import ScopeItem
     newBlacklistSize = 0
     for item in ScopeItem.getBlacklist():
         newItem = ipaddress.ip_network(item.target, False)
         self.blacklist.append(newItem)
         newBlacklistSize += newItem.num_addresses
     self.blacklistSize = newBlacklistSize
Exemplo n.º 15
0
 def updateScope(self):
     from app.models import ScopeItem
     newScopeSize = 0
     for item in ScopeItem.getScope():
         newItem = ipaddress.ip_network(item.target, False)
         self.scope.append(newItem)
         newScopeSize += newItem.num_addresses
     self.scopeSize = newScopeSize
Exemplo n.º 16
0
def test_blacklist_update(app):
    scope_items = ["10.0.0.0/8"]
    blacklist_items = ["10.10.10.0/24"]
    for s in scope_items:
        item = ScopeItem(target=s, blacklist=False)
        db.session.add(item)
    for s in blacklist_items:
        item = ScopeItem(target=s, blacklist=True)
        db.session.add(item)
    current_app.ScopeManager.update()
    assert current_app.ScopeManager.get_blacklist_size(
    ) == network_lengths["/24"]
    assert current_app.ScopeManager.get_scope_size() == network_lengths["/8"]
    assert (current_app.ScopeManager.get_effective_scope_size() ==
            network_lengths["/8"] - network_lengths["/24"])
    assert current_app.ScopeManager.is_acceptable_target("10.10.11.1")
    assert not current_app.ScopeManager.is_acceptable_target("10.10.10.10")
Exemplo n.º 17
0
def get_target_tags(target: str) -> list:
    overlap = ScopeItem.get_overlapping_ranges(target)
    tags = []
    for scope in overlap:
        tags.extend(scope.get_tag_names())
    return list(
        set(tags)
    )  # make it a set for only uniques, then make it a list to serialize to JSON
Exemplo n.º 18
0
def import_scope(scope_file: typing.TextIO, blacklist: bool):
    if not scope_file:
        return {"failed": 0, "existed": 0, "successful": 0}
    addresses = scope_file.readlines()
    fail, exist, success = ScopeItem.import_scope_list(addresses, blacklist)
    db.session.commit()

    return {"failed": fail, "existed": exist, "successful": success}
Exemplo n.º 19
0
    def update_blacklist(self):
        from app.models import ScopeItem

        self.blacklist = [
            IPNetwork(item.target, False) for item in ScopeItem.getBlacklist()
        ]
        self.blacklist_set = IPSet(self.blacklist)
        self.blacklistSize = self.blacklist_set.size
Exemplo n.º 20
0
    def update_scope(self):
        from app.models import ScopeItem

        self.scope = [
            IPNetwork(item.target, False) for item in ScopeItem.getScope()
        ]
        self.scope_set = IPSet(self.scope)
        self.scopeSize = self.scope_set.size
Exemplo n.º 21
0
def blacklist():
    scope = ScopeItem.getBlacklist()
    blacklistSize = current_app.ScopeManager.getBlacklistSize()
    newForm = NewScopeForm()
    delForm = ScopeDeleteForm()
    editForm = ScopeToggleForm()
    importForm = ImportBlacklistForm()
    if newForm.validate_on_submit():
        if '/' not in newForm.target.data:
            newForm.target.data = newForm.target.data + '/32'
        target = ipaddress.ip_network(newForm.target.data, False)
        newTarget = ScopeItem(target=target.with_prefixlen, blacklist=True)
        db.session.add(newTarget)
        db.session.commit()
        current_app.ScopeManager.updateBlacklist()
        flash('%s blacklisted!' % newTarget.target, 'success')
        return redirect(url_for('admin.blacklist'))
    return render_template("admin/blacklist.html", scope=scope, blacklistSize=blacklistSize, delForm=delForm, editForm=editForm, newForm=newForm, importForm=importForm)
Exemplo n.º 22
0
def test_import_items_no_flags(runner):
    with runner.isolated_filesystem():
        scope_file = mock_scope_file()
        result = runner.invoke(import_items, [scope_file])
        assert result.exit_code == 0
        imported_scope = [item.target for item in ScopeItem.getScope()]
        assert DEFAULT_SCOPE_ITEMS == imported_scope
        result_dict = json.loads(result.output)
        assert len(result_dict["scope"]) == len(DEFAULT_SCOPE_ITEMS)
Exemplo n.º 23
0
def test_import_items_blacklist_flag(runner):
    with runner.isolated_filesystem():
        scope_file = mock_scope_file()
        result = runner.invoke(import_items, ["--blacklist", scope_file])
        assert result.exit_code == 0
        imported_blacklist = [item.target for item in ScopeItem.getBlacklist()]
        assert DEFAULT_SCOPE_ITEMS == imported_blacklist
        result_dict = json.loads(result.output)
        assert len(result_dict["blacklist"]) == len(DEFAULT_SCOPE_ITEMS)
Exemplo n.º 24
0
def test_import_scope(app):
    fails, exists, succeeds = ScopeItem.import_scope_list(
        scopefile.split(), False)
    assert len(fails) == 1
    assert len(exists) == 1
    assert len(succeeds) == 4
    item = ScopeItem.query.filter_by(target="127.0.0.1/32").first()
    tags = [t.name for t in item.tags]
    assert len(tags) == 3
    assert "one" in tags
    assert "four" not in tags
Exemplo n.º 25
0
    def update_scan_manager(self):
        from app.models import ScopeItem

        self.scanmanager = None
        try:
            scanrange = [IPNetwork(n.target) for n in ScopeItem.getScope()]
            blacklistrange = [
                IPNetwork(n.target) for n in ScopeItem.getBlacklist()
            ]
            self.scanmanager = IPScanManager(
                scanrange, blacklistrange,
                current_app.config["CONSISTENT_SCAN_CYCLE"])
        except Exception as e:
            if self.scanmanager is None or self.scanmanager.get_total() == 0:
                log(
                    "Scan manager could not be instantiated because there was no scope configured.",
                    printm=True,
                )
            else:
                raise e
Exemplo n.º 26
0
def test_import_scope(app):
    result = ScopeItem.import_scope_list(scopefile.split(), False)
    assert len(result["fail"]) == 1
    assert result["exist"] == 1
    assert result["success"] == 5
    item = ScopeItem.query.filter_by(target="127.0.0.1/32").first()
    tags = [t.name for t in item.tags]
    assert len(tags) == 3
    assert "one" in tags
    assert "four" not in tags
    item = ScopeItem.query.filter_by(target="10.12.13.14/32").first()
    assert len(item.tags) == 0
Exemplo n.º 27
0
def scope():
    scope = ScopeItem.getScope()
    scopeSize = current_app.ScopeManager.getScopeSize()
    if scopeSize == 0: # if it's zero, let's update the app's scopemanager
        current_app.ScopeManager.update()
        scopeSize = current_app.ScopeManager.getScopeSize() # if it's zero again that's fine, we just had to check
    newForm = NewScopeForm()
    delForm = ScopeDeleteForm()
    editForm = ScopeToggleForm()
    importForm = ImportScopeForm()
    if newForm.validate_on_submit():
        if '/' not in newForm.target.data:
            newForm.target.data = newForm.target.data + '/32'
        target = ipaddress.ip_network(newForm.target.data, False)
        newTarget = ScopeItem(target=target.with_prefixlen, blacklist=False)
        db.session.add(newTarget)
        db.session.commit()
        current_app.ScopeManager.updateScope()
        flash('%s added!' % newTarget.target, 'success')
        return redirect(url_for('admin.scope'))
    return render_template("admin/scope.html", scope=scope, scopeSize=scopeSize, delForm=delForm, editForm=editForm, newForm=newForm, importForm=importForm)
Exemplo n.º 28
0
 def update_blacklist(self):
     from app.models import ScopeItem
     newBlacklist = []
     newBlacklistSet = IPSet()
     for item in ScopeItem.getBlacklist():
         newItem = ipaddress.ip_network(item.target, False)
         newSetItem = IPNetwork(item.target, False)
         newBlacklist.append(newItem)
         newBlacklistSet.add(newSetItem)
     self.blacklist = newBlacklist
     self.blacklist_set = newBlacklistSet
     self.blacklistSize = len(self.blacklist_set)
Exemplo n.º 29
0
 def update_scope(self):
     from app.models import ScopeItem
     newScope = []
     newScopeSet = IPSet()
     for item in ScopeItem.getScope():
         newItem = ipaddress.ip_network(item.target, False)
         newSetItem = IPNetwork(item.target, False)
         newScope.append(newItem)
         newScopeSet.add(newSetItem)
     self.scope = newScope
     self.scope_set = newScopeSet
     self.scopeSize = len(self.scope_set)
Exemplo n.º 30
0
def importScope(scopetype=''):
    if scopetype == 'blacklist':
        importBlacklist = True
        importForm = ImportBlacklistForm()
    elif scopetype == 'scope':
        importBlacklist = False
        importForm = ImportScopeForm()
    else:
        abort(404)
    if importForm.validate_on_submit():
        successImport = []
        alreadyExists = []
        failedImport = []
        newScopeItems = importForm.scope.data.split('\n')
        for item in newScopeItems:
            item = item.strip()
            if '/' not in item:
                item = item + '/32'
            try:
                target = ipaddress.ip_network(item, False)
            except ValueError as e:
                failedImport.append(
                    item)  # this item couldn't be validated as an ip network
                continue
            exists = ScopeItem.query.filter_by(
                target=target.with_prefixlen).first()
            if exists:
                alreadyExists.append(target.with_prefixlen
                                     )  # this range is already a scope item
                continue
            newTarget = ScopeItem(target=target.with_prefixlen,
                                  blacklist=importBlacklist)
            db.session.add(newTarget)
            successImport.append(newTarget.target)
        db.session.commit()
        current_app.ScopeManager.update()
        if len(successImport) > 0:
            flash('%s targets added to %s!' % (len(successImport), scopetype),
                  'success')
        if len(alreadyExists) > 0:
            flash('%s targets already existed!' % len(alreadyExists), 'info')
        if len(failedImport) > 0:
            flash('%s targets failed to import!' % len(failedImport), 'danger')
            for item in failedImport:
                flash('%s' % item, 'danger')
        return redirect(url_for('admin.%s' % scopetype))
    else:
        for field, errors in importForm.errors.items():
            for error in errors:
                flash(error, 'danger')
        return redirect(url_for('admin.%s' % scopetype))