def run_scan( blacklist=None, target_list=None, scan_options=None, ): ''' Executes nmap scan ''' from zenmapCore_Kvasir.NmapCommand import NmapCommand from zenmapCore_Kvasir.NmapOptions import NmapOptions from time import sleep if scan_options[0] is not 'nmap': if 'nmap' in settings: scan_options.insert(0, settings.nmap) else: scan_options.insert(0, 'nmap') if target_list: data = [] for ip in target_list: data.append(ip.strip(' \t\n\r')) target_list = data if blacklist: data = [] for ip in blacklist: data.append(ip.strip(' \t\n\r')) blacklist = [','.join(map(str, data))] blacklist.insert(0, "--exclude") ops = NmapOptions() try: ops.parse(scan_options + target_list + blacklist) except Exception as e: log("[!] %s" % e) cmd = NmapCommand(ops.render_string()) log(" [*] Starting Nmap Scan: %s" % (cmd.command)) cmd.run_scan() try: cmd.scan_state() except Exception as e: log("[!] %s" % e) full_output = "" while cmd.scan_state(): sleep(5) result = cmd.get_output() start = len(full_output) - len(result) output = result[start:] full_output = "%s%s" % (full_output, output) log(output) log(" [*] Nmap Scan Complete") filename = cmd.get_xml_output_filename() return filename
def run_scan(blacklist=None, target_list=None, scan_options=None): """ Executes nmap scan """ from zenmapCore_Kvasir.NmapCommand import NmapCommand from zenmapCore_Kvasir.NmapOptions import NmapOptions from time import sleep if scan_options[0] is not "nmap": if "nmap" in settings: scan_options.insert(0, settings.nmap) else: scan_options.insert(0, "nmap") if target_list: data = [] for ip in target_list: data.append(ip.strip(" \t\n\r")) target_list = data if blacklist: data = [] for ip in blacklist: data.append(ip.strip(" \t\n\r")) blacklist = [",".join(map(str, data))] blacklist.insert(0, "--exclude") ops = NmapOptions() try: ops.parse(scan_options + target_list + blacklist) except Exception as e: log("[!] %s" % e) cmd = NmapCommand(ops.render_string()) log(" [*] Starting Nmap Scan: %s" % (cmd.command)) cmd.run_scan() try: cmd.scan_state() except Exception as e: log("[!] %s" % e) full_output = "" while cmd.scan_state(): sleep(5) result = cmd.get_output() start = len(full_output) - len(result) output = result[start:] full_output = "%s%s" % (full_output, output) log(output) log(" [*] Nmap Scan Complete") filename = cmd.get_xml_output_filename() return filename
class NmapCommand(object): """This class represents an Nmap command line. It is responsible for starting, stopping, and returning the results from a command-line scan. A command line is represented as a string but it is split into a list of arguments for execution. The normal output (stdout and stderr) are written to the file object self.stdout_file.""" def __init__(self, command): """Initialize an Nmap command. This creates temporary files for redirecting the various types of output and sets the backing command-line string.""" self.command = command self.command_process = None self.stdout_file = None self.ops = NmapOptions() self.ops.parse_string(command) # Replace the executable name with the value of nmap_command_path. #self.ops.executable = paths_config.nmap_command_path # Normally we generate a random temporary filename to save XML output # to. If we find -oX or -oA, the user has chosen his own output file. # Set self.xml_is_temp to False and don't delete the file when we're # done. self.xml_is_temp = True self.xml_output_filename = None if self.ops["-oX"]: self.xml_is_temp = False self.xml_output_filename = self.ops["-oX"] if self.ops["-oA"]: self.xml_is_temp = False self.xml_output_filename = self.ops["-oA"] + ".xml" # Escape '%' to avoid strftime expansion. for op in ("-oA", "-oX", "-oG", "-oN", "-oS"): if self.ops[op]: self.ops[op] = escape_nmap_filename(self.ops[op]) if self.xml_is_temp: self.xml_output_filename = tempfile.mktemp(prefix=APP_NAME + "-", suffix=".xml") self.ops["-oX"] = escape_nmap_filename(self.xml_output_filename) log.debug(">>> Temporary files:") log.debug(">>> XML OUTPUT: %s" % self.xml_output_filename) def close(self): """Close and remove temporary output files used by the command.""" self.stdout_file.close() if self.xml_is_temp: try: os.remove(self.xml_output_filename) except OSError as e: if e.errno != errno.ENOENT: raise def kill(self): """Kill the nmap subprocess.""" log.debug(">>> Killing scan process %s" % self.command_process.pid) if sys.platform != "win32": try: from signal import SIGKILL os.kill(self.command_process.pid, SIGKILL) self.command_process.wait() except: pass else: try: import ctypes ctypes.windll.kernel32.TerminateProcess( int(self.command_process._handle), -1) except: pass def get_path(self): """Return a value for the PATH environment variable that is appropriate for the current platform. It will be the PATH from the environment plus possibly some platform-specific directories.""" path_env = os.getenv("PATH") if path_env is None: search_paths = [] else: search_paths = path_env.split(os.pathsep) #this is not necessary for Kvasir #for path in zenmapCore_Kvasir.Paths.get_extra_executable_search_paths(): # if path not in search_paths: # search_paths.append(path) return os.pathsep.join(search_paths) def run_scan(self, stderr=None): """Run the command represented by this class.""" # We don't need a file name for stdout output, just a handle. A # TemporaryFile is deleted as soon as it is closed, and in Unix is # unlinked immediately after creation so it's not even visible. f = tempfile.TemporaryFile(mode="rb", prefix=APP_NAME + "-stdout-") self.stdout_file = wrap_file_in_preferred_encoding(f) if stderr is None: stderr = f search_paths = self.get_path() env = dict(os.environ) env["PATH"] = search_paths log.debug("PATH=%s" % env["PATH"]) command_list = self.ops.render() log.debug("Running command: %s" % repr(command_list)) startupinfo = None if sys.platform == "win32": # This keeps a terminal window from opening. startupinfo = subprocess.STARTUPINFO() try: startupinfo.dwFlags |= subprocess._subprocess.STARTF_USESHOWWINDOW except AttributeError: # This name is used before Python 2.6.5. startupinfo.dwFlags |= subprocess.STARTF_USESHOWWINDOW self.command_process = subprocess.Popen(command_list, bufsize=1, stdin=subprocess.PIPE, stdout=f, stderr=stderr, startupinfo=startupinfo, env=env) def scan_state(self): """Return the current state of a running scan. A return value of True means the scan is running and a return value of False means the scan subprocess completed successfully. If the subprocess terminated with an error an exception is raised. The scan must have been started with run_scan before calling this method.""" if self.command_process == None: raise Exception("Scan is not running yet!") state = self.command_process.poll() if state == None: return True # True means that the process is still running elif state == 0: return False # False means that the process had a successful exit else: log.warning("An error occurred during the scan execution!") log.warning("Command that raised the exception: '%s'" % self.ops.render_string()) log.warning("Scan output:\n%s" % self.get_output()) raise Exception( "An error occurred during the scan execution!\n\n'%s'" % self.get_output()) def get_output(self): """Return the complete contents of the self.stdout_file. This modifies the file pointer.""" self.stdout_file.seek(0) return self.stdout_file.read() def get_xml_output_filename(self): """Return the name of the XML (-oX) output file.""" return self.xml_output_filename