This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository mum. See http://git.chorem.org/mum.git commit 0c2dda0d2cf45e20d818e2856ff6bb5c8801830f Author: Alexis Guilbaud <guilbaud@codelutin.com> Date: Thu Mar 5 14:17:08 2015 +0100 scan : les options de nmap peuvent être spécifiées avant le lancement --- app/app.py | 17 ++--- app/module_loader.py | 4 +- app/modules/detection_modules/nmap_detection.py | 7 +- app/process_monitoring.py | 2 +- static/js/controllers/scanCtrl.js | 9 ++- views/hostpage.html | 87 +++++++++++++++---------- views/scan.html | 4 +- 7 files changed, 79 insertions(+), 51 deletions(-) diff --git a/app/app.py b/app/app.py index b8dfe5c..0a1a197 100755 --- a/app/app.py +++ b/app/app.py @@ -32,14 +32,15 @@ wsc = WebSocketContainer # Pour lancer la detection nmap avec un nouveau thread class ThreadDetect(threading.Thread): - def __init__(self, param, ws): + def __init__(self, param, opt, ws): threading.Thread.__init__(self) self.param = param + self.opt = opt self.ws = ws def run(self): db = module_loader.load_db() - scanned_ip = module_loader.run_nmap_detection(self.param, db, self.ws, + scanned_ip = module_loader.run_nmap_detection(self.param, self.opt, db, self.ws, module_loader.get_conection_modules_list(), module_loader.get_info_mod_monitoring()) if scanned_ip is not None: @@ -60,6 +61,12 @@ class ThreadDetect(threading.Thread): # adding entries on process monitoring """ + +# Lancement de la detection apres reception d'une plage d'ip +def start_first_detection(args, ws): + t = ThreadDetect(args['ip_range'], args['nmap_options'], ws) + t.start() + @route('/') def index(section='home'): return template('index') @@ -105,12 +112,6 @@ def angular(): def angular(): return template('users') - -# Lancement de la detection apres reception d'une plage d'ip -def start_first_detection(param, ws): - t = ThreadDetect(param, ws) - t.start() - @error(404) def error404(error): return '<h1>Cette page n\'existe pas</h1>' diff --git a/app/module_loader.py b/app/module_loader.py index f0e9bfd..086da36 100644 --- a/app/module_loader.py +++ b/app/module_loader.py @@ -28,7 +28,7 @@ def load_db(): return db_instance -def run_nmap_detection(param, db, ws, list_mod_conn, dict_mod_monitoring): +def run_nmap_detection(param, opt, db, ws, list_mod_conn, dict_mod_monitoring): """ Instanciates the nmap_detection module from detection_modules, and runs the detection. :param param: parameter to put in nmap command. can be a hostname, a ip address or a ip range @@ -37,7 +37,7 @@ def run_nmap_detection(param, db, ws, list_mod_conn, dict_mod_monitoring): :return: a list containing the IP adresses checked """ nmap_mod = __import__("modules.detection_modules.nmap_detection", fromlist=modules.detection_modules) - nmap_mod_instance = getattr(nmap_mod, "nmap_detection")(db, ws, list_mod_conn, dict_mod_monitoring, + nmap_mod_instance = getattr(nmap_mod, "nmap_detection")(opt, db, ws, list_mod_conn, dict_mod_monitoring, modules.HostNotFoundException) try: if re.search('^\d{1,3}(-\d{1,3})?[.]\d{1,3}(-\d{1,3})?[.]\d{1,3}(-\d{1,3})?[.]\d{1,3}(-\d{1,3})?$', param): diff --git a/app/modules/detection_modules/nmap_detection.py b/app/modules/detection_modules/nmap_detection.py index fdb04fd..78af18b 100644 --- a/app/modules/detection_modules/nmap_detection.py +++ b/app/modules/detection_modules/nmap_detection.py @@ -6,7 +6,8 @@ import json class nmap_detection: - def __init__(self, db, ws, list_mod_conn, dict_mod_monitoring, hnfe): + def __init__(self, opt, db, ws, list_mod_conn, dict_mod_monitoring, hnfe): + self.opt = opt self.db = db self.ws = ws self.scanned_ip = [] @@ -84,7 +85,7 @@ class nmap_detection: ip = str(byte_1) + '.' + str(byte_2) + '.' + str(byte_3) + '.' + str(byte_4) self.ws.send(json.dumps({"30": "Scanning ip : " + ip})) try: - child = pexpect.spawn('nmap', ['-A', '-Pn', ip, '-oX', 'res.xml']) + child = pexpect.spawn('nmap ' + self.opt + ' ' + ip + ' -oX res.xml') while child.isalive(): child.expect('Completed', timeout=None) except pexpect.EOF: @@ -100,7 +101,7 @@ class nmap_detection: def launch_detection_with_hostname(self, hostname): self.ws.send(json.dumps({"30": "Scanning host : " + hostname})) try: - child = pexpect.spawn('nmap', ['-A', '-Pn', hostname, '-oX', 'res.xml']) + child = pexpect.spawn('nmap ' + self.opt + ' ' + hostname + ' -oX res.xml') while child.isalive(): child.expect('Completed', timeout=None) except pexpect.EOF: diff --git a/app/process_monitoring.py b/app/process_monitoring.py index 90c1d0c..e301897 100644 --- a/app/process_monitoring.py +++ b/app/process_monitoring.py @@ -54,7 +54,7 @@ class ProcessMonitoring(threading.Thread): while waiting_list[len(waiting_list) - 1]['time'] <= datetime.now(): dict_mod = waiting_list.pop(len(waiting_list) - 1) modules_to_run.append(dict_mod) - dict_mod['time'] = dict_mod['time'] + timedelta(seconds=dict_mod['freq']) + dict_mod['time'] = datetime.now() + timedelta(seconds=dict_mod['freq']) add_to_waiting_list(dict_mod) ready_to_launch = True if ready_to_launch: diff --git a/static/js/controllers/scanCtrl.js b/static/js/controllers/scanCtrl.js index 63ecab5..43d810b 100644 --- a/static/js/controllers/scanCtrl.js +++ b/static/js/controllers/scanCtrl.js @@ -4,6 +4,10 @@ mumApp.controller('scanCtrl', function($scope, $rootScope) { $scope.state = ""; // l'etat general du scan en cours $scope.ip_scanned = {}; + $scope.show_opt = false; + + $scope.nmap_options = "-A -Pn --unprivileged"; + $scope.$on("success", function (event, args) { $scope.state = "Success!"; $scope.ip_scanned = args; @@ -17,6 +21,9 @@ mumApp.controller('scanCtrl', function($scope, $rootScope) { $scope.scan_is_over = false; // pour afficher ou non certaines parties de la page $scope.post_val = function(){ //lace la detection apres remplissage du champ et validation du formulaire - $rootScope.$broadcast("sendViaWs", JSON.stringify({"10": $scope.ip_range})); + var args = {}; + args.ip_range = $scope.ip_range; + args.nmap_options = $scope.nmap_options; + $rootScope.$broadcast("sendViaWs", JSON.stringify({"10": args})); }; }); \ No newline at end of file diff --git a/views/hostpage.html b/views/hostpage.html index 6488a79..6010696 100644 --- a/views/hostpage.html +++ b/views/hostpage.html @@ -141,44 +141,61 @@ </div> </script> - <!-- - <div class="modal fade" id="modal_interv" tabindex="-1" role="dialog" aria-labelledby="modal_interv_label" aria-hidden="true"> - <div class="modal-dialog"> - <div class="modal-content"> - <div class="modal-header"> - <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button> - <h4 class="modal-title" id="modal_interv_label">Add an intervention</h4> - </div> - <div class="modal-body"> - <form> - <div class="form-group"> - <div class="row"> - <div class="col-xs-4"> - <label for="username">Person</label> - <input type="text" class="form-control" id="username" placeholder="G.G."> - </div> - <div class="col-xs-4"> - <label for="date">Date</label> - <input type="date" class="form-control" id="date" placeholder="2015-02-11"> - </div> - <div class="col-xs-4"> - <label for="date">Time</label> - <input type="time" class="form-control" id="time" placeholder="16:28:00"> - </div> - </div> - <label for="interv_detail">Details of this intervention</label> - <textarea class="form-control" rows="3" id="interv_detail"></textarea> - </div> - </form> - </div> - <div class="modal-footer"> - <button type="button" class="btn btn-default" data-dismiss="modal">Close</button> - <button type="button" class="btn btn-primary">Save changes</button> - </div> + <script type="text/ng-template" id="modal_conn_label.html"> + <div class="modal-header"> + <h3 class="modal-title">Connection configuration</h3> + </div> + <div class="modal-body"> + <form> + <div class="form-group"> + <h3>Choose the priority of each avaliable connection</h3> + <table class="table table-bordered table-hover"> + <thead> + <tr> + <th>Protocol </th> + <th>Priority </th> + <th>Options </th> + </tr> + </thead> + <tbody> + <tr> + <td>SSH</td> + <td><input type="number" min="0" placeholder=1></td> + <td> + <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#modal_conf_conn">Advanced configuration</button> + <button type="button" class="btn btn-success">Test</button> + </td> + + </tr> + <tr> + <td>SNMP</td> + <td><input type="number" min="0" placeholder=0 disabled></td> + <td> + <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#modal_conf_conn">Advanced configuration</button> + <button type="button" class="btn btn-success">Test</button> + </td> + + </tr> + <tr> + <td>Nagios</td> + <td><input type="number" min="0" placeholder=0 disabled></td> + <td> + <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#modal_conf_conn">Advanced configuration</button> + <button type="button" class="btn btn-success">Test</button> + </td> + </tr> + </tbody> + </table> </div> - </div> + </form> </div> + <div class="modal-footer"> + <button type="button" class="btn btn-default" data-dismiss="modal" ng-click="cancel()">Close</button> + <button type="button" class="btn btn-primary" ng-click="ok()">Save changes</button> + </div> + </script> + <!-- <div class="modal fade" id="modal_conn" tabindex="-1" role="dialog" aria-labelledby="modal_conn_label" aria-hidden="true"> <div class="modal-dialog"> <div class="modal-content"> diff --git a/views/scan.html b/views/scan.html index d99fc8e..8ce7833 100644 --- a/views/scan.html +++ b/views/scan.html @@ -4,7 +4,9 @@ <div ng-show="validated == false" class="ng-hide"> <form class="form-inline" ng_submit="post_val()"> <label for="input_ip_range">Enter a hostname, a single IP or an IP range to scan (example : 198.116.0.1-10)</label> - <input type="ip_range" class="form-control" id="input_ip_range" ng-model="ip_range"/> + <input type="text" class="form-control" id="input_ip_range" ng-model="ip_range"/>{{ip_range}}<br/> + <button type="button" class="btn btn-danger" ng-click="show_opt = !show_opt">Show nmap options (careful)</button> + <input type="text" class="form-control" ng-show="show_opt == true" ng-model="nmap_options"/> <button type="submit" class="btn btn-primary" ng-click="validated = true">Scan now</button> </form> </div> -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.