vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 23:49:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Implemented vulnerability scan key migration

Browse source
This commit is contained in:
Luca Deri 2023-10-30 07:22:14 +01:00
parent eaab912ef8
commit e8232d0ca4
2 changed files with 30 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

46
scripts/lua/modules/vulnerability_scan/vs_utils.lua
View file

@ -68,9 +68,6 @@ local vs_utils = {}
-- **********************************************************
function vs_utils.get_host_hash_key(host, scan_type)
-- retro-compatibility
if (scan_type == "tcp_openports") then scan_type = "tcp_portscan" end
return string.format("%s-%s", host, scan_type)
end
@ -98,9 +95,10 @@ function vs_utils.is_nmap_installed()
"/usr/local/bin/nmap",
"/opt/homebrew/bin/nmap"
}
local module_path = {
"/usr/share/nmap/scripts/",
"opt/homebrew/share/nmap/scripts/vulscan/",
"/opt/homebrew/share/nmap/scripts/vulscan/",
"/usr/local/share/nmap/scripts/vulscan",
}
@ -127,9 +125,6 @@ local function get_report_path(scan_type, ip, all)
base_dir = dirs.workingdir .. "/-1/vulnerability_scan"
ntop.mkdir(base_dir)
-- retro-compatibility
if (scan_type == "tcp_openports") then scan_type = "tcp_portscan" end
if (not all or all == nil) then
ret = base_dir .. "/"..ip.."_"..scan_type..".txt"
else
@ -307,9 +302,6 @@ local function check_differences(host, host_name, scan_type, old_data, new_data)
return nil
end
-- retro-compatibility
if (scan_type == "tcp_openports") then scan_type = "tcp_portscan" end
if tonumber(old_data.ports or 0) ~= tonumber(new_data.ports or 0) then
rsp["num_ports"] = {
old_num_ports = old_data.ports or 0,
@ -356,7 +348,7 @@ local function check_differences(host, host_name, scan_type, old_data, new_data)
local tcp_new_ports = {}
local udp_new_ports = {}
if (scan_type == "tcp_portscan" or scan_type == "tcp_openports") then
if (scan_type == "tcp_portscan") then
tcp_old_ports = split_port_list(old_data, true)
tcp_new_ports = split_port_list(new_data, true)
if (debug_me) then
@ -1191,11 +1183,13 @@ end
-- Function to retrieve a specific host scan info
function vs_utils.retrieve_host(host)
local hosts_scanned = ntop.getHashKeysCache(host_to_scan_key) or {}
for key, _ in pairs(hosts_scanned) do
if key:find(host) then
return json.decode(ntop.getHashCache(host_to_scan_key, key) or "")
end
end
return nil
end
@ -1369,9 +1363,6 @@ end
function vs_utils.load_module(name)
package.path = dirs.installdir .. "/scripts/lua/modules/vulnerability_scan/modules/?.lua;".. package.path
-- Backwards compatibility
if(name == "tcp_openports") then name = "tcp_portscan" end
return(require(name):new())
end
@ -1407,7 +1398,7 @@ function vs_utils.scan_host(scan_type, host, ports, scan_id, use_coroutines)
-- to save on redis the user input
local ports_scan_param = ports
if(string.contains(scan_type, '_openports') or string.contains(scan_type, '_portscan')) then
if(string.contains(scan_type, '_portscan')) then
-- Nothing to do
else
if (isEmptyString(ports)) then
@ -1866,9 +1857,6 @@ function vs_utils.nmap_scan_host(command, host_ip, ports, use_coroutines, module
return nil
end
-- retro-compatibility
if (module_name == "tcp_openports") then module_name = "tcp_portscan" end
-- IPv6 check
if(string.contains(host_ip, ':')) then command = command .. " -6 " end
@ -1894,4 +1882,26 @@ end
-- **********************************************************
-- Migrate old configurations
function vs_utils.migrate_keys()
local hosts = ntop.getHashKeysCache(host_to_scan_key) or {}
local from_key = "tcp_openports"
local to_key = "tcp_portscan"
for key, _ in pairs(hosts) do
if(string.contains(key, from_key)) then
value = ntop.getHashCache(host_to_scan_key, key)
new_key = key:gsub(from_key, to_key)
new_value = value:gsub(from_key, to_key)
ntop.setHashCache(host_to_scan_key, new_key, new_value)
ntop.delHashCache(host_to_scan_key, key)
end
end
end
-- **********************************************************
return vs_utils