def DiscoveryMain(Framework):
rangeString = Framework.getParameter('range')
probeName = Framework.getDestinationAttribute('probeName')
nmapLocation = Framework.getParameter('nmap_location') or None
protocol = Framework.getDestinationAttribute('Protocol')
try:
excludePatterns = icmp_utils.preparePatterns(Framework.getParameter('excludePatternsList'))
client = Framework.createClient(ClientsConsts.LOCAL_SHELL_PROTOCOL_NAME)
shell = ShellFactory().createShell(client)
fs = file_system.createFileSystem(shell)
try:
if nmapLocation and fs.isDirectory(nmapLocation):
path_tool = NtPath()
nmapLocation = path_tool.join(nmapLocation, nmap.NMAP_EXECUTABLES[1])
except PathNotFoundException:
logger.warn("Specified directory \"%s\" is not exists." % nmapLocation)
if nmapLocation and not nmap.NmapPathValidator.get(fs).validate(nmapLocation):
logger.warn("Specified Nmap path \"%s\" is not exists. Trying the system path..." % nmapLocation)
nmapLocation = None
nmapTool = nmap.getByShell(shell, nmapLocation)
if not nmapTool.getVersion():
logger.reportWarning("NMAP command is not installed on the probe machine")
return ObjectStateHolderVector()
probeRanges = _buildProbeRanges(Framework, rangeString, probeName)
logger.info('Start working on total probe ranges: ', len(probeRanges))
for probeRange in probeRanges:
logger.debug("Start working on range ", probeRange.toRangeString())
rangeIps = probeRange.getAllIPs(probeRange.getTotalIPs())
byExcludePatterns = lambda ip, patterns = excludePatterns: icmp_utils.shouldPingIp(ip, patterns, None)
filteredIps = filter(byExcludePatterns, rangeIps)
excludedIpCount = len(rangeIps) - len(filteredIps)
if excludedIpCount:
logger.debug("Excluded IP's count: %s " % excludedIpCount)
try:
liveIps = nmapTool.doPingScan(filteredIps, issubclass(probeRange.__class__, IPv6Range) or issubclass(probeRange.__class__, IPv6RangeWIthDescription))
except Exception, ex:
logger.warn(str(ex))
else:
if liveIps:
Framework.sendObjects(_reportIpOSHs(liveIps))
logger.info('Finished working on all Probes Ranges')
class WinCmd(command.Cmd):
_pathTool = NtPath()
def _normPath(self, path):
r''' @types: str -> str
@raise ValueError: Path to wrap with quotes is empty
'''
return self._pathTool.normalizePath(
self._pathTool.wrapWithQuotes(path))
def DiscoveryMain(Framework):
ipAddress = Framework.getDestinationAttribute('ip_address')
discoveredPorts = Framework.getParameter('ports') or None
useNMap = Framework.getParameter('useNMap') == 'true'
nmapPath = Framework.getParameter('nmapPath') or None
scanUDP = Framework.getParameter('scanUDP') == 'true'
UDPports = Framework.getParameter('UDPports') or None
UDPports = UDPports and UDPports.strip()
connectTimeOut = int(Framework.getParameter('connectTimeOut'))
#if we need to check host's reachability:
if Framework.getParameter('checkIfIpIsReachable').lower() == 'true':
if not netutils.pingIp(Framework, ipAddress,
Framework.getParameter('pingTimeOut')):
logger.debug('Could not connect to ', ipAddress, ' by ping')
msg = 'Target host is not reachable'
warningObject = errorobject.createError(
errorcodes.CONNECTION_FAILED_NO_PROTOCOL_WITH_DETAILS,
['', msg], msg)
logger.reportWarningObject(warningObject)
return
OSHVResult = ObjectStateHolderVector()
hostOsh = modeling.createHostOSH(ipAddress)
OSHVResult.add(hostOsh)
cfgFile = Framework.getConfigFile(
CollectorsParameters.KEY_COLLECTORS_SERVERDATA_PORTNUMBERTOPORTNAME)
onlyKnownPorts = Framework.getParameter('checkOnlyKnownPorts')
onlyKnownPorts = (onlyKnownPorts and onlyKnownPorts.lower() == 'true')
portsList = getPorts(discoveredPorts and discoveredPorts.strip(),
PortType.TCP, cfgFile, onlyKnownPorts)
if scanUDP:
if onlyKnownPorts and not UDPports:
UDPports = '*'
portsList.extend(
getPorts(UDPports, PortType.UDP, cfgFile, onlyKnownPorts))
portsToDiscover = filter(lambda port: port.isDiscover, portsList)
isConnectedPortFound = False
useFallback = False
if useNMap:
# Nmap flow supports udp and tcp ports
client = Framework.createClient(
ClientsConsts.LOCAL_SHELL_PROTOCOL_NAME)
try:
shell = shellutils.ShellFactory().createShell(client)
fs = file_system.createFileSystem(shell)
try:
if nmapPath and fs.isDirectory(nmapPath):
path_tool = NtPath()
nmapPath = path_tool.join(nmapPath,
nmap.NMAP_EXECUTABLES[1])
except PathNotFoundException:
logger.warn("Specified directory \"%s\" is not exists." %
nmapPath)
if nmapPath and not nmap.NmapPathValidator.get(fs).validate(
nmapPath):
logger.warn(
"Specified Nmap path \"%s\" is not exists. Trying the system path..."
% nmapPath)
nmapPath = None
nmapDiscover = nmap.getByShell(shell, nmapPath)
nmapVersion = nmapDiscover.getVersion()
if not nmapVersion:
raise Exception('Cannot get nmap version')
logger.debug("Found nmap %s" % nmapVersion)
nmapVersion = float(nmapVersion)
if nmapVersion < 5.21:
raise Exception("Not supported version of nmap found.")
tcpPorts = [
port.getPortNumber() for port in portsToDiscover
if port and port.getProtocolName() == 'tcp'
and port.isIpInRange(ipAddress)
]
udpPorts = [
port.getPortNumber() for port in portsToDiscover
if port and port.getProtocolName() == 'udp'
and port.isIpInRange(ipAddress)
]
discoveredPorts = nmapDiscover.doPortScan(ipAddress, tcpPorts,
udpPorts)
portsNameByPortInfo = {}
for port in portsToDiscover:
port_names = portsNameByPortInfo.setdefault(
(port.getProtocol(), port.getPortNumber()), [])
port_names.append(port.portName)
if discoveredPorts:
isConnectedPortFound = True
for port_info in discoveredPorts:
port_names = portsNameByPortInfo.get(port_info, [])
OSHVResult.addAll(
reportPort(hostOsh, ipAddress, port_names, *port_info))
except:
logger.debugException(
"Nmap executing failed. Try to use default behavior...")
logger.reportWarning("Nmap executing failed")
useFallback = True
if useFallback or not useNMap:
# Old flow supports only TCP ports
for port in portsToDiscover:
if port.isIpInRange(ipAddress):
if port.getProtocol() == PortType.UDP.getProtocol():
logger.warn(
"UDP port scan is not supporting by default behavior. Skipping..."
)
elif port.getProtocol() == PortType.TCP.getProtocol() and (
netutils.checkTcpConnectivity(
ipAddress, port.getPortNumber(), connectTimeOut)):
OSHVResult.addAll(
reportPort(hostOsh, ipAddress, [port.portName],
port.getProtocol(), port.getPortNumber()))
#we found one connected port -> we need to add hostOsh to OSHVResult
isConnectedPortFound = True
#in case we didn't find any port, return nothing
if not isConnectedPortFound:
OSHVResult.clear()
msg = 'None of specified ports were discovered on destination host'
warningObject = errorobject.createError(
errorcodes.CONNECTION_FAILED_NO_PROTOCOL_WITH_DETAILS, ['', msg],
msg)
logger.reportWarningObject(warningObject)
return OSHVResult
def DiscoveryMain(Framework):
rangeString = Framework.getParameter('range')
probeName = Framework.getDestinationAttribute('probeName')
nmapLocation = Framework.getParameter('nmap_location') or None
protocol = Framework.getDestinationAttribute('Protocol')
try:
excludePatterns = icmp_utils.preparePatterns(
Framework.getParameter('excludePatternsList'))
client = Framework.createClient(
ClientsConsts.LOCAL_SHELL_PROTOCOL_NAME)
shell = ShellFactory().createShell(client)
fs = file_system.createFileSystem(shell)
try:
if nmapLocation and fs.isDirectory(nmapLocation):
path_tool = NtPath()
nmapLocation = path_tool.join(nmapLocation,
nmap.NMAP_EXECUTABLES[1])
except PathNotFoundException:
logger.warn("Specified directory \"%s\" is not exists." %
nmapLocation)
if nmapLocation and not nmap.NmapPathValidator.get(fs).validate(
nmapLocation):
logger.warn(
"Specified Nmap path \"%s\" is not exists. Trying the system path..."
% nmapLocation)
nmapLocation = None
nmapTool = nmap.getByShell(shell, nmapLocation)
if not nmapTool.getVersion():
logger.reportWarning(
"NMAP command is not installed on the probe machine")
return ObjectStateHolderVector()
probeRanges = _buildProbeRanges(Framework, rangeString, probeName)
logger.info('Start working on total probe ranges: ', len(probeRanges))
for probeRange in probeRanges:
logger.debug("Start working on range ", probeRange.toRangeString())
rangeIps = probeRange.getAllIPs(probeRange.getTotalIPs())
byExcludePatterns = lambda ip, patterns=excludePatterns: icmp_utils.shouldPingIp(
ip, patterns, None)
filteredIps = filter(byExcludePatterns, rangeIps)
excludedIpCount = len(rangeIps) - len(filteredIps)
if excludedIpCount:
logger.debug("Excluded IP's count: %s " % excludedIpCount)
try:
liveIps = nmapTool.doPingScan(
filteredIps,
issubclass(probeRange.__class__, IPv6Range) or issubclass(
probeRange.__class__, IPv6RangeWIthDescription))
except Exception, ex:
logger.warn(str(ex))
else:
if liveIps:
Framework.sendObjects(_reportIpOSHs(liveIps))
logger.info('Finished working on all Probes Ranges')
def DiscoveryMain(Framework):
ipAddress = Framework.getDestinationAttribute('ip_address')
discoveredPorts = Framework.getParameter('ports') or None
useNMap = Framework.getParameter('useNMap') == 'true'
nmapPath = Framework.getParameter('nmapPath') or None
scanUDP = Framework.getParameter('scanUDP') == 'true'
UDPports = Framework.getParameter('UDPports') or None
UDPports = UDPports and UDPports.strip()
connectTimeOut = int(Framework.getParameter('connectTimeOut'))
#if we need to check host's reachability:
if Framework.getParameter('checkIfIpIsReachable').lower() == 'true':
if not netutils.pingIp(Framework, ipAddress, Framework.getParameter('pingTimeOut')):
logger.debug('Could not connect to ', ipAddress, ' by ping')
msg = 'Target host is not reachable'
warningObject = errorobject.createError(errorcodes.CONNECTION_FAILED_NO_PROTOCOL_WITH_DETAILS, ['', msg],
msg)
logger.reportWarningObject(warningObject)
return
OSHVResult = ObjectStateHolderVector()
hostOsh = modeling.createHostOSH(ipAddress)
OSHVResult.add(hostOsh)
cfgFile = Framework.getConfigFile(CollectorsParameters.KEY_COLLECTORS_SERVERDATA_PORTNUMBERTOPORTNAME)
onlyKnownPorts = Framework.getParameter('checkOnlyKnownPorts')
onlyKnownPorts = (onlyKnownPorts and onlyKnownPorts.lower() == 'true')
portsList = getPorts(discoveredPorts and discoveredPorts.strip(), PortType.TCP, cfgFile, onlyKnownPorts)
if scanUDP:
if onlyKnownPorts and not UDPports:
UDPports = '*'
portsList.extend(getPorts(UDPports, PortType.UDP, cfgFile, onlyKnownPorts))
portsToDiscover = filter(lambda port: port.isDiscover, portsList)
isConnectedPortFound = False
useFallback = False
if useNMap:
# Nmap flow supports udp and tcp ports
client = Framework.createClient(ClientsConsts.LOCAL_SHELL_PROTOCOL_NAME)
try:
shell = shellutils.ShellFactory().createShell(client)
fs = file_system.createFileSystem(shell)
try:
if nmapPath and fs.isDirectory(nmapPath):
path_tool = NtPath()
nmapPath = path_tool.join(nmapPath, nmap.NMAP_EXECUTABLES[1])
except PathNotFoundException:
logger.warn("Specified directory \"%s\" is not exists." % nmapPath)
if nmapPath and not nmap.NmapPathValidator.get(fs).validate(nmapPath):
logger.warn("Specified Nmap path \"%s\" is not exists. Trying the system path..." % nmapPath)
nmapPath = None
nmapDiscover = nmap.getByShell(shell, nmapPath)
nmapVersion = nmapDiscover.getVersion()
if not nmapVersion:
raise Exception('Cannot get nmap version')
logger.debug("Found nmap %s" % nmapVersion)
nmapVersion = float(nmapVersion)
if nmapVersion < 5.21:
raise Exception("Not supported version of nmap found.")
tcpPorts = [port.getPortNumber() for port in portsToDiscover if
port and port.getProtocolName() == 'tcp' and port.isIpInRange(ipAddress)]
udpPorts = [port.getPortNumber() for port in portsToDiscover if
port and port.getProtocolName() == 'udp' and port.isIpInRange(ipAddress)]
discoveredPorts = nmapDiscover.doPortScan(ipAddress, tcpPorts, udpPorts)
portsNameByPortInfo = {}
for port in portsToDiscover:
port_names = portsNameByPortInfo.setdefault((port.getProtocol(), port.getPortNumber()), [])
port_names.append(port.portName)
if discoveredPorts:
isConnectedPortFound = True
for port_info in discoveredPorts:
port_names = portsNameByPortInfo.get(port_info, [])
OSHVResult.addAll(reportPort(hostOsh, ipAddress, port_names, *port_info))
except:
logger.debugException("Nmap executing failed. Try to use default behavior...")
logger.reportWarning("Nmap executing failed")
useFallback = True
if useFallback or not useNMap:
# Old flow supports only TCP ports
for port in portsToDiscover:
if port.isIpInRange(ipAddress):
if port.getProtocol() == PortType.UDP.getProtocol():
logger.warn("UDP port scan is not supporting by default behavior. Skipping...")
elif port.getProtocol() == PortType.TCP.getProtocol() and (
netutils.checkTcpConnectivity(ipAddress, port.getPortNumber(), connectTimeOut)):
OSHVResult.addAll(
reportPort(hostOsh, ipAddress, [port.portName], port.getProtocol(), port.getPortNumber()))
#we found one connected port -> we need to add hostOsh to OSHVResult
isConnectedPortFound = True
#in case we didn't find any port, return nothing
if not isConnectedPortFound:
OSHVResult.clear()
msg = 'None of specified ports were discovered on destination host'
warningObject = errorobject.createError(errorcodes.CONNECTION_FAILED_NO_PROTOCOL_WITH_DETAILS, ['', msg], msg)
logger.reportWarningObject(warningObject)
return OSHVResult
class win_type(WinCmd):
_pathTool = NtPath()
def __init__(self, path, handler=command.ReturnOutputResultHandler()):
command.Cmd.__init__(self, 'type %s' % self._normPath(path), handler)