[VA] Fix load ports, add openports module and update scan ports.

2026-04-29 07:29:32 +00:00 · 2023-09-07 12:45:34 +02:00 · 2023-09-07 12:45:34 +02:00 · 8ea60514f6
commit 8ea60514f6
parent 3b32754e08
7 changed files with 210 additions and 13 deletions
--- a/scripts/lua/modules/vulnerability_scan/vs_utils.lua
+++ b/scripts/lua/modules/vulnerability_scan/vs_utils.lua
@ -191,6 +191,22 @@ end

 -- ##############################################

+function vs_utils.cleanup_port(is_tcp, line) 
+   local splitted_line = {}
+
+   local regex =  "([^/udp]+)"
+
+   if (is_tcp) then
+      regex =  "([^/tcp]+)"
+   end
+   for str in string.gmatch(line, regex) do
+      table.insert(splitted_line, str)
+   end
+
+   return splitted_line[1]
+
+end
+
 -- remove the first/last few lines that contain nmap information that change at each scan
 function vs_utils.cleanup_nmap_result(scan_result, scan_type)
   scan_result = scan_result:gsub("|", "")
@ -208,15 +224,24 @@ function vs_utils.cleanup_nmap_result(scan_result, scan_type)
   local num_vulnerabilities = 0
   local cve = {}
   local scan_out = {}
+   local tcp_ports = {}
+   local udp_ports = {}

   for _,l in pairs(scan_result) do
      if(string.find(l, "open") ~= nil) then
 	 local t = string.find(l, "/tcp ") or 0
 	 local u = string.find(l, "/udp ") or 0
-	 
-	 if((t > 0) or (u > 0)) then
-	    num_open_ports = num_open_ports + 1
-	 end
+      
+
+   if (t > 0) then
+      num_open_ports = num_open_ports + 1
+      tcp_ports[#tcp_ports+1] = vs_utils.cleanup_port(true, l) 
+   end
+
+   if(u > 0) then
+	   num_open_ports = num_open_ports + 1
+      udp_ports[#udp_ports+1] = vs_utils.cleanup_port(false, l) 
+   end
      end
      
      if(string.sub(l, 1, 2) == " [") then
@ -237,7 +262,7 @@ function vs_utils.cleanup_nmap_result(scan_result, scan_type)

   scan_result = table.concat(scan_out, "\n")

-   return scan_result, num_open_ports, num_vulnerabilities, cve
+   return scan_result, num_open_ports, num_vulnerabilities, cve, udp_ports, tcp_ports
 end

 -- **********************************************************
@ -302,7 +327,7 @@ end
 -- Function to save host configuration
 function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time, last_duration,
 				    is_ok_last_scan, ports, scan_frequency, num_open_ports,
-				     num_vulnerabilities_found, cve, id, is_edit)
+				     num_vulnerabilities_found, cve, id, is_edit, udp_ports, tcp_ports)
   local checks = require "checks"
   local host_name = ""
   local trigger_alert = checks.isCheckEnabled("system", "vulnerability_scan") or false
@ -359,6 +384,14 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time
      is_ok_last_scan = is_ok_last_scan
   }

+   if tcp_ports ~= nil then
+      new_item.tcp_ports = #tcp_ports
+   end
+
+   if udp_ports ~= nil then
+      new_item.udp_ports = #udp_ports
+   end
+
   if last_scan_time or last_duration then
      local time_formatted = format_utils.formatPastEpochShort(last_scan_time)

@ -668,6 +701,25 @@ function vs_utils.load_module(name)
   return(require(name):new())
 end

+function vs_utils.discover_open_ports(host) 
+
+   local result,duration,scan_result,num_open_ports,num_vulnerabilities_found, cve, udp_ports, tcp_ports, scan_ports
+
+   local scan_module = vs_utils.load_module("openports")
+   result,duration,scan_result,num_open_ports,num_vulnerabilities_found, cve, udp_ports, tcp_ports = scan_module:scan_host(host, ports)
+   
+   -- FIX ME -> only tcp for now
+   for _,port in ipairs(tcp_ports) do
+      if (_ == 1) then
+         scan_ports = ""..port
+      else
+         scan_ports = scan_ports .. ","..port
+      end
+   end
+  
+   return scan_ports
+end
+
 -- **********************************************************

 -- Function to exec single host scan
@ -676,8 +728,12 @@ function vs_utils.scan_host(scan_type, host, ports, scan_id)
      traceError(TRACE_NORMAL,TRACE_CONSOLE,"Scanning Host ".. host .. " on Ports: " .. ports .. "\n")
   end

+   if (isEmptyString(ports)) then
+      ports = vs_utils.discover_open_ports(host)
+   end
+
   local scan_module = vs_utils.load_module(scan_type)
-   local result,duration,scan_result,num_open_ports,num_vulnerabilities_found, cve = scan_module:scan_host(host, ports)
+   local result,duration,scan_result,num_open_ports,num_vulnerabilities_found, cve, udp_ports, tcp_ports = scan_module:scan_host(host, ports)
   
   if scan_result then
      scan_result = vs_utils.scan_status.ok
@ -689,7 +745,7 @@ function vs_utils.scan_host(scan_type, host, ports, scan_id)
   end
   if (isAlreadyPresent({host= host, scan_type= scan_type})) then
      vs_utils.save_host_to_scan(scan_type, host, result, now, duration, scan_result,
-			      ports, nil, num_open_ports, num_vulnerabilities_found, cve, scan_id, false)
+			      ports, nil, num_open_ports, num_vulnerabilities_found, cve, scan_id, false, udp_ports, tcp_ports)
   end
   return true
 end