vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-01 16:30:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix for handling early versions of vulnerability modules

Browse source
This commit is contained in:
Luca Deri 2023-10-17 09:48:52 +02:00
parent baa4f17046
commit 41b138f5f7
2 changed files with 158 additions and 158 deletions
Download patch file Download diff file Expand all files Collapse all files

314
scripts/lua/rest/v2/get/host/to_scan_list.lua
View file

@ -20,91 +20,91 @@ local sort = _GET["sort"]
-- Function to convert ipv6 or ipv4 to hexadecimal int
local function ipv_to_hex(ip)
-- Check if it's an IPv6 address
if string.find(ip, ":") then
local parts = {}
for part in string.gmatch(ip, "([^:]+)") do
table.insert(parts, part)
end
local hex_parts = {}
for _, part in ipairs(parts) do
-- Ensure each part has at least 4 characters by padding with zeros
part = string.format("%04s", part)
table.insert(hex_parts, part)
end
return table.concat(hex_parts, ":")
else
-- IPv4 address
local parts = {}
for part in string.gmatch(ip, "([^.]+)") do
table.insert(parts, part)
end
local hex_parts = {}
for _, part in ipairs(parts) do
local hex_part = string.format("%02X", tonumber(part))
table.insert(hex_parts, hex_part)
end
return table.concat(hex_parts, ".")
end
-- Check if it's an IPv6 address
if string.find(ip, ":") then
local parts = {}
for part in string.gmatch(ip, "([^:]+)") do
table.insert(parts, part)
end
local hex_parts = {}
for _, part in ipairs(parts) do
-- Ensure each part has at least 4 characters by padding with zeros
part = string.format("%04s", part)
table.insert(hex_parts, part)
end
return table.concat(hex_parts, ":")
else
-- IPv4 address
local parts = {}
for part in string.gmatch(ip, "([^.]+)") do
table.insert(parts, part)
end
local hex_parts = {}
for _, part in ipairs(parts) do
local hex_part = string.format("%02X", tonumber(part))
table.insert(hex_parts, hex_part)
end
return table.concat(hex_parts, ".")
end
end
-- ##################################################################
-- Function to check if a spceific port is in the ports_list string
local function portCheck(tcp_ports_list, port)
if (isEmptyString(port)) then
return true
else
local ports = split(tcp_ports_list,",")
for _, item in ipairs(ports) do
if (item == port) then
return true
end
end
local function portCheck(tcp_ports_list, port)
if (isEmptyString(port)) then
return true
else
local ports = split(tcp_ports_list,",")
for _, item in ipairs(ports) do
if (item == port) then
return true
end
end
return false
end
return false
end
end
-- ##################################################################
-- Function to format epoch
local function format_epoch(value)
if (value.last_scan~= nil and value.last_scan.epoch~= nil) then
return format_utils.formatPastEpochShort(value.last_scan.epoch)
else
return value.last_scan.time
end
if (value.last_scan~= nil and value.last_scan.epoch~= nil) then
return format_utils.formatPastEpochShort(value.last_scan.epoch)
else
return value.last_scan.time
end
end
-- ##################################################################
-- Function to format port_list string with service names
local function format_port_list(ports_string_list, protocol)
local function format_port_list(ports_string_list, protocol)
local formatted_ports_list = ""
for index,port in ipairs(split(ports_string_list,',')) do
local service_name = mapServiceName(port, protocol)
local port_label = vs_utils.format_port_label(port, service_name,protocol)
if (index == 1) then
formatted_ports_list = port_label
else
formatted_ports_list = string.format("%s,%s",formatted_ports_list,port_label)
end
end
local formatted_ports_list = ""
for index,port in ipairs(split(ports_string_list,',')) do
local service_name = mapServiceName(port, protocol)
local port_label = vs_utils.format_port_label(port, service_name,protocol)
if (index == 1) then
formatted_ports_list = port_label
else
formatted_ports_list = string.format("%s,%s",formatted_ports_list,port_label)
end
end
return formatted_ports_list
return formatted_ports_list
end
-- ##################################################################
-- Function compare for sort
local function compare_host(a,b)
local a_tmp = ipv_to_hex(a.host)
local b_tmp = ipv_to_hex(b.host)
return a_tmp < b_tmp
local a_tmp = ipv_to_hex(a.host)
local b_tmp = ipv_to_hex(b.host)
return a_tmp < b_tmp
end
@ -113,131 +113,131 @@ end
-- Function to to compare ports detected by ntopng and ports discovered using nmap
local function get_ports_comparison_result(rsp, ports_string_list, ports_detected )
local result = {}
-- cases :
-- 1: No host traffic but same vs ports and ntopng ports
-- 2: Host traffic with same vs ports and ntopng ports
-- 3: Host traffic and different ports (vs ports < ntopng ports)
-- 4: Host traffic and different ports (vs ports > ntopng ports)
if (isEmptyString(ports_string_list) and not next(ports_detected)) then
-- vs_scan ports = 0; detected_ports = 0;
-- no badge
local result = {}
-- cases :
-- 1: No host traffic but same vs ports and ntopng ports
-- 2: Host traffic with same vs ports and ntopng ports
-- 3: Host traffic and different ports (vs ports < ntopng ports)
-- 4: Host traffic and different ports (vs ports > ntopng ports)
if (isEmptyString(ports_string_list) and not next(ports_detected)) then
-- vs_scan ports = 0; detected_ports = 0;
-- no badge
result.ports_case = vs_utils.ports_diff_case.no_diff
elseif ((not isEmptyString(ports_string_list)) and (not next(ports_detected))) then
-- vs_scan ports != 0; detected_ports = 0;
-- case 4
result.ports_case = vs_utils.ports_diff_case.vs_more_t_ntopng
result.ports_unused = split(ports_string_list,",")
elseif (isEmptyString(ports_string_list) and (next(ports_detected))) then
-- vs_scan ports = 0; detected_ports != 0;
-- case 3
result.ports_case = vs_utils.ports_diff_case.ntopng_more_t_vs
result.ports_filtered = ports_detected
elseif ((not isEmptyString(ports_string_list)) and (next(ports_detected))) then
-- vs_scan ports != 0; detected_ports != 0;
result.ports_case = vs_utils.ports_diff_case.no_diff
elseif ((not isEmptyString(ports_string_list)) and (not next(ports_detected))) then
-- vs_scan ports != 0; detected_ports = 0;
-- case 4
result.ports_case = vs_utils.ports_diff_case.vs_more_t_ntopng
result.ports_unused = split(ports_string_list,",")
elseif (isEmptyString(ports_string_list) and (next(ports_detected))) then
-- vs_scan ports = 0; detected_ports != 0;
-- case 3
result.ports_case = vs_utils.ports_diff_case.ntopng_more_t_vs
result.ports_filtered = ports_detected
elseif ((not isEmptyString(ports_string_list)) and (next(ports_detected))) then
-- vs_scan ports != 0; detected_ports != 0;
-- could be:
-- same ports with no traffic (case 1)
-- same ports without traffic (case 2)
-- different ports (case 3 or case 4)
result.ports_unused,result.ports_filtered,result.ports_case = vs_utils.compare_ports(ports_string_list,ports_detected)
end
return result
-- could be:
-- same ports with no traffic (case 1)
-- same ports without traffic (case 2)
-- different ports (case 3 or case 4)
result.ports_unused,result.ports_filtered,result.ports_case = vs_utils.compare_ports(ports_string_list,ports_detected)
end
return result
end
-- ##################################################################
-- Function to format result
local function format_result(result)
local rsp = {}
if result then
for _,value in ipairs(result) do
local function format_result(result)
local rsp = {}
if result then
local tcp_ports_string_list = value.tcp_ports_list
local udp_ports_string_list = value.udp_ports_list
-- FIX ME with udp port check
if portCheck(tcp_ports_string_list, port) then
if (isEmptyString(search_map)) then
rsp[#rsp+1] = value
rsp[#rsp].num_vulnerabilities_found = format_high_num_value_for_tables(value, "num_vulnerabilities_found")
rsp[#rsp].num_open_ports = format_high_num_value_for_tables(value, "num_open_ports")
rsp[#rsp].tcp_ports = format_high_num_value_for_tables(value, "tcp_ports")
rsp[#rsp].udp_ports = format_high_num_value_for_tables(value, "udp_ports")
if (rsp[#rsp].tcp_ports == 0 and rsp[#rsp].udp_ports == 0) then
rsp[#rsp].tcp_ports = rsp[#rsp].num_open_ports
end
if(rsp[#rsp].last_scan) then
rsp[#rsp].last_scan.time = format_epoch(value)
end
else
if (value.host == search_map or string.find(value.host,search_map) or string.find(value.host_name,search_map)) then
rsp[#rsp+1] = value
rsp[#rsp].num_vulnerabilities_found = format_high_num_value_for_tables(value, "num_vulnerabilities_found")
rsp[#rsp].num_open_ports = format_high_num_value_for_tables(value, "num_open_ports")
if(rsp[#rsp].last_scan) then
rsp[#rsp].last_scan.time = format_epoch(value)
end
end
end
for _,value in ipairs(result) do
local tcp_ports_string_list = value.tcp_ports_list
local udp_ports_string_list = value.udp_ports_list
if (next(rsp) and not isEmptyString(tcp_ports_string_list)) then
rsp[#rsp].tcp_ports_list = format_port_list(tcp_ports_string_list, "tcp")
end
-- FIX for early development versions
if(value.scan_type == "tcp_openports") then value.scan_type = "tcp_portscan" end
if(value.scan_type == "udp_openports") then value.scan_type = "udp_portscan" end
-- FIX ME with udp port check
if portCheck(tcp_ports_string_list, port) then
if (isEmptyString(search_map)) then
rsp[#rsp+1] = value
rsp[#rsp].num_vulnerabilities_found = format_high_num_value_for_tables(value, "num_vulnerabilities_found")
rsp[#rsp].num_open_ports = format_high_num_value_for_tables(value, "num_open_ports")
rsp[#rsp].tcp_ports = format_high_num_value_for_tables(value, "tcp_ports")
rsp[#rsp].udp_ports = format_high_num_value_for_tables(value, "udp_ports")
if (rsp[#rsp].tcp_ports == 0 and rsp[#rsp].udp_ports == 0) then
rsp[#rsp].tcp_ports = rsp[#rsp].num_open_ports
end
if(rsp[#rsp].last_scan) then
rsp[#rsp].last_scan.time = format_epoch(value)
end
else
if (value.host == search_map or string.find(value.host,search_map) or string.find(value.host_name,search_map)) then
rsp[#rsp+1] = value
rsp[#rsp].num_vulnerabilities_found = format_high_num_value_for_tables(value, "num_vulnerabilities_found")
rsp[#rsp].num_open_ports = format_high_num_value_for_tables(value, "num_open_ports")
if(rsp[#rsp].last_scan) then
rsp[#rsp].last_scan.time = format_epoch(value)
end
end
end
if (next(rsp) and not isEmptyString(udp_ports_string_list)) then
rsp[#rsp].udp_ports_list = format_port_list(udp_ports_string_list, "udp")
end
if (next(rsp) and not isEmptyString(tcp_ports_string_list)) then
rsp[#rsp].tcp_ports_list = format_port_list(tcp_ports_string_list, "tcp")
end
end
if (next(rsp) and not isEmptyString(udp_ports_string_list)) then
rsp[#rsp].udp_ports_list = format_port_list(udp_ports_string_list, "udp")
end
end
if(next(rsp)) then
local tcp_ports_detected,host_in_mem,udp_ports_detected = vs_utils.retrieve_detected_ports(rsp[#rsp].host)
if(next(rsp)) then
local tcp_ports_detected,host_in_mem,udp_ports_detected = vs_utils.retrieve_detected_ports(rsp[#rsp].host)
local tcp_ports_compare_result = {}
local udp_ports_compare_result = {}
if (rsp[#rsp].scan_type == "tcp_portscan" or rsp[#rsp].scan_type == "tcp_openports") then
tcp_ports_compare_result = get_ports_comparison_result(rsp, tcp_ports_string_list, tcp_ports_detected)
local tcp_ports_compare_result = {}
local udp_ports_compare_result = {}
rsp[#rsp].tcp_ports_unused = tcp_ports_compare_result.ports_unused
rsp[#rsp].tcp_ports_filtered = tcp_ports_compare_result.ports_filtered
rsp[#rsp].tcp_ports_case = tcp_ports_compare_result.ports_case
else
udp_ports_compare_result = get_ports_comparison_result(rsp, udp_ports_string_list, udp_ports_detected)
rsp[#rsp].udp_ports_unused = udp_ports_compare_result.ports_unused
rsp[#rsp].udp_ports_filtered = udp_ports_compare_result.ports_filtered
rsp[#rsp].udp_ports_case = udp_ports_compare_result.ports_case
end
rsp[#rsp].host_in_mem = host_in_mem
end
if (rsp[#rsp].scan_type == "tcp_portscan") then
tcp_ports_compare_result = get_ports_comparison_result(rsp, tcp_ports_string_list, tcp_ports_detected)
end
rsp[#rsp].tcp_ports_unused = tcp_ports_compare_result.ports_unused
rsp[#rsp].tcp_ports_filtered = tcp_ports_compare_result.ports_filtered
rsp[#rsp].tcp_ports_case = tcp_ports_compare_result.ports_case
else
udp_ports_compare_result = get_ports_comparison_result(rsp, udp_ports_string_list, udp_ports_detected)
rsp[#rsp].udp_ports_unused = udp_ports_compare_result.ports_unused
rsp[#rsp].udp_ports_filtered = udp_ports_compare_result.ports_filtered
rsp[#rsp].udp_ports_case = udp_ports_compare_result.ports_case
end
rsp[#rsp].host_in_mem = host_in_mem
end
if not isEmptyString(sort) and sort == 'ip' then
table.sort(rsp, compare_host)
end
end
return rsp
end
if not isEmptyString(sort) and sort == 'ip' then
table.sort(rsp, compare_host)
end
end
return rsp
end
-- ##################################################################
-- Function to retrieve data
local function retrieve_host(host)
local result = vs_utils.retrieve_hosts_to_scan()
local function retrieve_host(host)
local result = vs_utils.retrieve_hosts_to_scan()
return format_result(result)
return format_result(result)
end
-- ##################################################################
-- REST response
rest_utils.answer(rest_utils.consts.success.ok, retrieve_host())