![justinbastress](/assets/img/avatar_default.png)
* remove unnecessary indirection on net.Conn * Ignore *.pyc * fix NPE on nil handshake * refactoring -- move status to status.go; add Open() methods for ScanTarget * cherry-pick .gitignore fix * pull in TLS fix * status.go comments * trim over-generalizations * use /usr/bin/env bash instead of absolute path * remove debug tcpwrap * add integration tests for postgres * hack for cleanup.sh to work on mingw -- use //var/lib instead of /var/lib * cleanup should actually stop the process though * comments / rearrange * Bump up timeout in postgres tests; only pass user if explicitly requested to do so * add schema stubs to new.sh * Integration test fixes -- use /usr/bin/env bash; log all validation failures * add postgres schemas * fill out zcrypto.client_hello schema * handle early get of TLSLog * postgres: return SCAN_SUCCESS on success * cleanup * fix new.sh * fix typo * postgres container cleanup * build.sh docs * standardize container/image names * add not to check for success * shift mysql's connection management to ScanTarget.Open(); wrap Read/Write methods returned by ScanTarget.Open() to enforce timeouts * catch schematically-valid but non-successful scans * postgres: clean up output format; more scanning * cleanup; better error handling; get detailed protocol version error * refactor modules * clean up dangling connections * split gigantic postgres.go * remove unused * ServerParams gets its own type * refactor integration tests: run zgrab2 in its own container, which is linked to the service containers, so that we don't need to keep track of unique ports on the host any more * rename entrypoint; remove duplicate postgres tests * comments for postgres schema * Use param expansion to check for env variable [minor] This is a *very* minor change to `docker-runner/docker-run.sh` checks to see if the environment variable required to run the script has been set to a non-empty string. If not, the script exits with a non-zero status code and displays a default message: ``` ❯ docker-runner/docker-run.sh docker-runner/docker-run.sh: line 7: CONTAINER_NAME: parameter null or not set ``` This was the behavior before, but just uses a one-liner declarative bash idiom. For further reading on parameter expansion, see https://stackoverflow.com/a/307735. @justinbastress can tell me if I did something wrong and broke the intent of the script :-) * Add integration_test targets to makefile; use makefile instead of directly calling go build everywhere; run postgres schema through PEP8 linter * use make in docker-runner entrypoint * add .integration_test_setup to .gitignore * more .gitignore items * Makefile updates: Windows support; add docker-runner target; better cleanup. * docker-runner Dockerfile: start from zgrab2_runner_base image * cleanup postgres setup * make travis use make * add .gitattributes, try to prevent it from overriding lfs with crlfs in shell scripts at least * fix folder name in Makefile * update go (one of our dependencies now works only with >= 1.9) * From travis: `I don't have any idea what to do with '1.9.0'.` * explicit clean make * fix dep order * fix build.sh location * popd * use make to ensure zgrab2_runner exists * Make docker-runner an order-dependency for integration-test-cleanup; don't do a cleanup after each integration test * use explicit tag name for zgrab2_runner * Add container-clean target to Makefile, to remove cyclic dependency on docker; use .id files to track docker images; add servce-base image; use Make to build / track images * use LF in Makefiles; update .gitignore; use zgrab_service_base image in ssh container; fix line endings (?) * remove overzealous cleanup * let setup continue even if some containers are already running * zgrab depends on *.go * docker-runner depends on zgrab2 binary * clean output before running integration tests
74 lines
2.5 KiB
Go
74 lines
2.5 KiB
Go
package zgrab2
|
|
|
|
// Scanner is an interface that represents all functions necessary to run a scan
|
|
type Scanner interface {
|
|
// Init runs once for this module at library init time
|
|
Init(flags ScanFlags) error
|
|
|
|
// InitPerSender runs once per Goroutine. A single Goroutine will scan some non-deterministic
|
|
// subset of the input scan targets
|
|
InitPerSender(senderID int) error
|
|
|
|
// Returns the name passed at init
|
|
GetName() string
|
|
|
|
// Scan connects to a host. The result should be JSON-serializable
|
|
Scan(t ScanTarget) (ScanStatus, interface{}, error)
|
|
}
|
|
|
|
// ScanResponse is the result of a scan on a single host
|
|
type ScanResponse struct {
|
|
// Status is required for all responses. Other fields are optional.
|
|
Status ScanStatus `json:"status"`
|
|
Result interface{} `json:"result,omitempty"`
|
|
Timestamp string `json:"timestamp,omitempty"`
|
|
Error *string `json:"error,omitempty"`
|
|
}
|
|
|
|
// ScanModule is an interface which represents a module that the framework can
|
|
// manipulate
|
|
type ScanModule interface {
|
|
// NewFlags is called by the framework to pass to the argument parser. The parsed flags will be passed
|
|
// to the scanner created by NewScanner().
|
|
NewFlags() interface{}
|
|
|
|
// NewScanner is called by the framework for each time an individual scan is specified in the config or on
|
|
// the command-line. The framework will then call scanner.Init(name, flags).
|
|
NewScanner() Scanner
|
|
}
|
|
|
|
// ScanFlags is an interface which must be implemented by all types sent to
|
|
// the flag parser
|
|
type ScanFlags interface {
|
|
// Help optionally returns any additional help text, e.g. specifying what empty defaults
|
|
// are interpreted as.
|
|
Help() string
|
|
|
|
// Validate enforces all command-line flags and positional arguments have valid values.
|
|
Validate(args []string) error
|
|
}
|
|
|
|
// BaseFlags contains the options that every flags type must embed
|
|
type BaseFlags struct {
|
|
Port uint `short:"p" long:"port" description:"Specify port to grab on"`
|
|
Name string `short:"n" long:"name" description:"Specify name for output json, only necessary if scanning multiple modules"`
|
|
Timeout uint `short:"t" long:"timeout" description:"Set connection timeout in seconds"`
|
|
}
|
|
|
|
// GetName returns the name of the respective scanner
|
|
func (b *BaseFlags) GetName() string {
|
|
return b.Name
|
|
}
|
|
|
|
// GetModule returns the registered module that corresponds to the given name
|
|
// or nil otherwise
|
|
func GetModule(name string) *ScanModule {
|
|
return modules[name]
|
|
}
|
|
|
|
var modules map[string]*ScanModule
|
|
|
|
func init() {
|
|
modules = make(map[string]*ScanModule)
|
|
}
|