Added new Vulners vulnerability scanner

2026-05-01 00:19:33 +00:00 · 2023-08-30 12:02:50 +02:00 · 2023-08-30 12:02:50 +02:00 · 1ecb9c4a05
commit 1ecb9c4a05
parent 26df8c1c38
3 changed files with 128 additions and 6 deletions
--- a/scripts/lua/modules/vulnerability_scan/vs_utils.lua
+++ b/scripts/lua/modules/vulnerability_scan/vs_utils.lua
@ -97,11 +97,13 @@ local function get_report_path(scan_type, ip, all)
   local base_dir = dirs.workingdir .. "/-1/vulnerability_scan"
   ntop.mkdir(base_dir)
   local ret = ""
+   
   if (not all or all == nil) then
      ret = base_dir .. "/"..ip.."_"..scan_type..".txt"
   else
      ret = base_dir .. "/*.txt"
   end
+   
   return(ret)
 end

@ -234,6 +236,49 @@ function vs_utils.cleanup_nmap_result(scan_result, scan_type)
   return scan_result, num_open_ports, num_vulnerabilities, cve
 end

+-- **********************************************************
+-- remove the first/last few lines that contain nmap information that change at each scan
+function vs_utils.cleanup_nmap_vulners_result(scan_result, scan_type)
+   scan_result = scan_result:gsub("|_", "")
+   scan_result = scan_result:gsub("|", "")
+
+   scan_result = lines(scan_result)   
+   
+   for i=1,4 do
+      table.remove(scan_result, 1)
+   end
+  
+   table.remove(scan_result, #scan_result)
+   
+   local num_open_ports = 0
+   local num_vulnerabilities = 0
+   local cve = {}
+   local scan_out = {}
+
+   for _,l in pairs(scan_result) do
+      if(string.find(l, "open") ~= nil) then
+	 local t = string.find(l, "/tcp ") or 0
+	 local u = string.find(l, "/udp ") or 0
+	 
+	 if((t > 0) or (u > 0)) then
+	    num_open_ports = num_open_ports + 1
+	 end
+      end
+
+      if(string.find(l, "https://vulners.com/") ~= nil) then
+	 local c = string.split(l, "\t")
+	 table.insert(cve, c[2])
+	 num_vulnerabilities = num_vulnerabilities + 1
+      end
+
+      table.insert(scan_out, l)
+   end
+
+   scan_result = table.concat(scan_out, "\n")
+
+   return scan_result, num_open_ports, num_vulnerabilities, cve
+end
+
 -- **********************************************************

 -- Function to save host configuration
@ -434,7 +479,7 @@ function vs_utils.delete_host_to_scan(host, scan_type, all)
      ntop.delCache(host_to_scan_key)
      ntop.delCache(host_scan_queue_key)
      local path_to_s_result = get_report_path(scan_type, host, true)
-      os.execute("rm "..path_to_s_result)
+      os.execute("rm -f "..path_to_s_result)
   else
      local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
      local path_to_s_result = get_report_path(scan_type, host, false)