From 80f1754f950dd26f64f890a2285e59037dca6d79 Mon Sep 17 00:00:00 2001 From: MaKyOtOx Date: Fri, 19 Jul 2024 09:54:31 +0200 Subject: [PATCH] ARS-487 - nmap - avoid PTR hostname during parsing --- engines/nmap/Dockerfile | 20 ++++++++++---------- engines/nmap/VERSION | 2 +- engines/nmap/__init__.py | 10 +++++----- engines/nmap/engine-nmap.py | 17 +++++++++++++++-- engines/nmap/nmap.json.sample | 2 +- 5 files changed, 32 insertions(+), 19 deletions(-) diff --git a/engines/nmap/Dockerfile b/engines/nmap/Dockerfile index 2b1836e4..d00e9a5a 100644 --- a/engines/nmap/Dockerfile +++ b/engines/nmap/Dockerfile @@ -1,5 +1,5 @@ FROM alpine:3.16.3 -LABEL Name="Nmap\ \(Patrowl engine\)" Version="1.5.0" +LABEL Name="Nmap\ \(Patrowl engine\)" Version="1.5.1" # Set the working directory RUN mkdir -p /opt/patrowl-engines/nmap @@ -19,15 +19,15 @@ COPY libs/ libs/ # Install any needed packages specified in requirements.txt RUN apk add --update \ - linux-headers \ - libffi-dev \ - #sudo \ - python3 \ - python3-dev \ - py3-pip \ - build-base \ - nmap \ - nmap-scripts \ + linux-headers \ + libffi-dev \ + #sudo \ + python3 \ + python3-dev \ + py3-pip \ + build-base \ + nmap \ + nmap-scripts \ #&& adduser -u 1000 -G wheel -D alpine \ && rm -rf /var/cache/apk/* diff --git a/engines/nmap/VERSION b/engines/nmap/VERSION index bc80560f..26ca5946 100644 --- a/engines/nmap/VERSION +++ b/engines/nmap/VERSION @@ -1 +1 @@ -1.5.0 +1.5.1 diff --git a/engines/nmap/__init__.py b/engines/nmap/__init__.py index 2a8a55bd..e5ee5941 100644 --- a/engines/nmap/__init__.py +++ b/engines/nmap/__init__.py @@ -1,8 +1,8 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- -__title__ = 'patrowl_engine_nmap' -__version__ = '1.5.0' -__author__ = 'Nicolas MATTIOCCO' -__license__ = 'AGPLv3' -__copyright__ = 'Copyright (C) 2018-2022 Nicolas Mattiocco - @MaKyOtOx' +__title__ = "patrowl_engine_nmap" +__version__ = "1.5.1" +__author__ = "Nicolas MATTIOCCO" +__license__ = "AGPLv3" +__copyright__ = "Copyright (C) 2018-2024 Nicolas Mattiocco - @MaKyOtOx" diff --git a/engines/nmap/engine-nmap.py b/engines/nmap/engine-nmap.py index b06fce92..467ef236 100644 --- a/engines/nmap/engine-nmap.py +++ b/engines/nmap/engine-nmap.py @@ -86,6 +86,16 @@ def clean(): @app.route("/engines/nmap/clean/") def clean_scan(scan_id): """Clean scan identified by id.""" + if scan_id not in engine.scans.keys(): + return ( + jsonify( + { + "status": "error", + "reason": f"Error 1002: scan_id '{scan_id}' not found", + } + ), + 503, + ) return engine.clean_scan(scan_id) @@ -568,7 +578,8 @@ def _parse_report(filename, scan_id): # Find hostnames for hostnames in host.findall("hostnames"): for hostname in list(hostnames): - if hostname.get("type") in ["user", "PTR"]: + # if hostname.get("type") in ["user", "PTR"]: + if hostname.get("type") == "user": has_hostnames = True addr = hostname.get("name") addr_list.append(hostname.get("name")) @@ -592,6 +603,8 @@ def _parse_report(filename, scan_id): if has_hostnames: for hostnames in host.findall("hostnames"): for hostname in list(hostnames): + if hostname.get("type") != "user": + continue ip_address = str(host.find("address").get("addr")) issues.append( deepcopy( @@ -1049,7 +1062,7 @@ def getfindings(scan_id): os.remove(hosts_filename) # remove the scan from the active scan list - engine.clean_scan(scan_id) + # engine.clean_scan(scan_id) res.update({"summary": summary, "issues": issues, "status": "success"}) return jsonify(res) diff --git a/engines/nmap/nmap.json.sample b/engines/nmap/nmap.json.sample index 690f8edd..23514080 100644 --- a/engines/nmap/nmap.json.sample +++ b/engines/nmap/nmap.json.sample @@ -1,6 +1,6 @@ { "name": "Nmap", - "version": "1.5.0", + "version": "1.5.1", "description": "Network Scanner", "path": "/usr/bin/nmap", "allowed_asset_types": ["ip", "domain", "fqdn", "url", "ip-range", "ip-subnet"],