def scan_domain_name(self, org_uuid=None, domain_uuid=None, order_uuid=None):
"""
Initiate a domain name scan for the given organization and domain.
:param org_uuid: The UUID of the organization to initiate the domain name scan for.
:param domain_uuid: The UUID of the domain to scan.
:param order_uuid: The UUID of the order that this domain name scan is associated
with.
:return: None
"""
logger.info("Now scanning domain name %s." % (domain_uuid, ))
should_scan = check_domain_name_scanning_status(
db_session=self.db_session,
domain_uuid=domain_uuid,
update_status=True,
)
if not should_scan:
logger.info("Should not scan domain name %s. Returning." %
(domain_uuid, ))
domain_scan = create_domain_scan_for_domain(self.domain_uuid)
self.db_session.add(domain_scan)
self.db_session.commit()
task_sigs = []
task_kwargs = {
"org_uuid": org_uuid,
"domain_uuid": domain_uuid,
"domain_scan_uuid": str(domain_scan.uuid),
"domain_name": self.domain.name,
"order_uuid": order_uuid,
}
initial_group = []
scan_config = self.scan_config
if scan_config.dns_enumerate_subdomains:
initial_group.append(enumerate_subdomains_for_domain.si(**task_kwargs))
initial_group.append(gather_data_for_domain_name.si(**task_kwargs))
task_sigs.append(group(initial_group))
task_kwargs.pop("domain_name")
task_sigs.append(create_report_for_domain_name_scan.si(**task_kwargs))
task_sigs.append(update_domain_name_scan_elasticsearch.si(**task_kwargs))
task_sigs.append(update_domain_name_scan_completed.si(**task_kwargs))
if scan_config.dns_scan_resolutions:
task_sigs.append(
scan_ip_addresses_for_domain_name_scan.si(**task_kwargs))
scanning_status_signature = update_domain_name_scanning_status.si(
domain_uuid=domain_uuid,
scanning_status=False,
)
task_sigs.append(scanning_status_signature)
if config.pubsub_enabled:
task_sigs.append(publish_report_for_domain_name_scan.si(**task_kwargs))
logger.info("Now kicking off all necessary tasks to scan domain name %s." %
(domain_uuid, ))
canvas_sig = chain(task_sigs, link_error=scanning_status_signature)
self.finish_after(signature=canvas_sig)
def create_and_inspect_domains_from_subdomain_enumeration(
self,
org_uuid=None,
domain_uuid=None,
domain_scan_uuid=None,
parent_domain=None,
scan_endpoints=True,
):
"""
Process the contents of all subdomain enumerations for the given domain name scan, create new domains
for those subdomains that are new, and invoke scans for the domains as necessary.
:param org_uuid: The UUID of the organization that subdomains were enumerated for.
:param domain_uuid: The UUID of the domain name related to this inspection.
:param domain_scan_uuid: The UUID of the domain name scan that this enumeration is a part of.
:param parent_domain: The parent domain that was queried.
:param scan_endpoints: Whether or not to scan IP addresses associated with resolved IP addresses of
the domains.
:return: None
"""
logger.info(
"Now creating an inspecting domains from subdomain enumeration of parent domain %s."
% (parent_domain, ))
self.wait_for_es()
subdomains = get_all_subdomains_from_domain_scan_enumeration(
org_uuid=org_uuid,
parent_domain=parent_domain,
domain_scan_uuid=domain_scan_uuid,
)
task_sigs = []
for subdomain in subdomains:
domain_name = get_or_create_domain_name_for_organization(
db_session=self.db_session,
name=subdomain,
added_by="subdomain_enum",
org_uuid=org_uuid,
)
self.db_session.add(domain_name)
do_scan = check_domain_name_scanning_status(
db_session=self.db_session,
domain_uuid=domain_name.uuid,
update_status=False,
)
if do_scan:
task_sigs.append(
scan_domain_name.si(
org_uuid=org_uuid,
domain_uuid=domain_name.uuid,
enumerate_subdomains=False,
scan_ip_addresses=scan_endpoints,
))
self.db_session.commit()
canvas_sig = group(task_sigs)
self.finish_after(signature=canvas_sig)
def scan_domain_name(
self,
org_uuid=None,
domain_uuid=None,
enumerate_subdomains=False,
scan_ip_addresses=True,
scan_network_services=True,
inspect_network_services=True,
):
"""
Initiate a domain name scan for the given organization and domain.
:param org_uuid: The UUID of the organization to initiate the domain name scan for.
:param enumerate_subdomains: Whether or not to enumerate subdomains of the give domain.
:param domain_uuid: The UUID of the domain to scan.
:param scan_ip_addresses: Whether or not to perform scanning of the IP addresses associated with the
domain name.
:param scan_network_services: Whether or not to scan network services on associated IP addresses.
:param inspect_network_services: Whether or not to perform inspection of live network services on
associated IP addresses.
:return: None
"""
logger.info("Now scanning domain name %s." % (domain_uuid, ))
should_scan = check_domain_name_scanning_status(
db_session=self.db_session,
domain_uuid=domain_uuid,
update_status=True,
)
if not should_scan:
logger.info("Should not scan domain name %s. Returning." %
(domain_uuid, ))
domain_name = DomainName.by_uuid(uuid=domain_uuid,
db_session=self.db_session)
domain_scan = create_domain_scan_for_domain(domain_uuid)
self.db_session.add(domain_scan)
self.db_session.commit()
task_sigs = []
task_kwargs = {
"org_uuid": org_uuid,
"domain_uuid": domain_uuid,
"domain_scan_uuid": str(domain_scan.uuid),
"domain_name": domain_name.name,
}
initial_group = []
if enumerate_subdomains:
initial_group.append(enumerate_subdomains_for_domain.si(**task_kwargs))
initial_group.append(gather_data_for_domain_name.si(**task_kwargs))
task_sigs.append(group(initial_group))
task_kwargs.pop("domain_name")
task_sigs.append(create_report_for_domain_name_scan.si(**task_kwargs))
task_sigs.append(update_domain_name_scan_elasticsearch.si(**task_kwargs))
task_sigs.append(update_domain_name_scan_completed.si(**task_kwargs))
task_kwargs["scan_network_services"] = scan_network_services
task_kwargs["inspect_network_services"] = inspect_network_services
if scan_ip_addresses:
task_sigs.append(
scan_ip_addresses_for_domain_name_scan.si(**task_kwargs))
scanning_status_signature = update_domain_name_scanning_status.si(
domain_uuid=domain_uuid,
scanning_status=False,
)
task_sigs.append(scanning_status_signature)
logger.info("Now kicking off all necessary tasks to scan domain name %s." %
(domain_uuid, ))
canvas_sig = chain(task_sigs, link_error=scanning_status_signature)
self.finish_after(signature=canvas_sig)