Skip to content
Snippets Groups Projects
Commit 8ba0a59e authored by sw's avatar sw
Browse files

new report formats and arguments to use them

parent ed03000e
No related branches found
No related tags found
No related merge requests found
...@@ -3,4 +3,13 @@ build : ...@@ -3,4 +3,13 @@ build :
container_name = flan_$(shell date +'%s') container_name = flan_$(shell date +'%s')
start : start :
docker run --name $(container_name) -v "$(pwd)/shared:/shared:Z" flan_scan docker run --name $(container_name) -v "$(shell pwd)/shared:/shared:Z" flan_scan
md :
docker run --name $(container_name) -v "$(shell pwd)/shared:/shared:Z" -e format=md flan_scan
html :
docker run --name $(container_name) -v "$(shell pwd)/shared:/shared:Z" -e format=html flan_scan
json :
docker run --name $(container_name) -v "$(shell pwd)/shared:/shared:Z" -e format=json flan_scan
...@@ -26,6 +26,12 @@ $ make build ...@@ -26,6 +26,12 @@ $ make build
$ make start $ make start
``` ```
6. To use another output format:
```
$ make html
```
Additional supported formats are *md* (markdown), *html* and *json*.
When the scan finishes you will find a Latex report of the summarizing the scan in `shared/reports`. You can also see the raw XML output from Nmap in `shared/xml_files`. When the scan finishes you will find a Latex report of the summarizing the scan in `shared/reports`. You can also see the raw XML output from Nmap in `shared/xml_files`.
<div> <div>
...@@ -42,7 +48,7 @@ $ nmap -sV -oX /shared/xml_files -oN - -v1 $@ --script=vulners/vulners.nse <ip-a ...@@ -42,7 +48,7 @@ $ nmap -sV -oX /shared/xml_files -oN - -v1 $@ --script=vulners/vulners.nse <ip-a
``` ```
The `-oX` flag adds an XML version of the scan results to the `/shared/xml_files` directory and the `-oN -` flag outputs "normal" Nmap results to the console. The `-v1` flag increases the verbosity to 1 and the `-sV` flag runs a service detection scan (aside from Nmap's default port and SYN scans). The `--script=vulners/vulners.nse` is the script that matches the services detected with relevant CVEs. The `-oX` flag adds an XML version of the scan results to the `/shared/xml_files` directory and the `-oN -` flag outputs "normal" Nmap results to the console. The `-v1` flag increases the verbosity to 1 and the `-sV` flag runs a service detection scan (aside from Nmap's default port and SYN scans). The `--script=vulners/vulners.nse` is the script that matches the services detected with relevant CVEs.
Nmap also allows you to run UDP scans and to scan IPv6 addresses. To add these and other flags to Scan Flan's Nmap command after running `make build` run the container and pass in you Nmap flags like so: Nmap also allows you to run UDP scans and to scan IPv6 addresses. To add these and other flags to Scan Flan's Nmap command after running `make build` run the container and pass in your Nmap flags like so:
```bash ```bash
$ docker run -v $(pwd)/shared:/shared flan_scan <Nmap-flags> $ docker run -v $(pwd)/shared:/shared flan_scan <Nmap-flags>
...@@ -57,6 +63,7 @@ $ docker run --name <container-name> \ ...@@ -57,6 +63,7 @@ $ docker run --name <container-name> \
-v $(pwd)/shared:/shared \ -v $(pwd)/shared:/shared \
-e upload=<gcp or aws> \ -e upload=<gcp or aws> \
-e bucket=<bucket-name> \ -e bucket=<bucket-name> \
-e format=<optional, one of: md, html or json> \
flan_scan flan_scan
``` ```
......
...@@ -22,6 +22,14 @@ class Vuln: ...@@ -22,6 +22,14 @@ class Vuln:
self.vuln_type = vuln_type self.vuln_type = vuln_type
self.severity = severity self.severity = severity
def to_dict(self):
return {
'name': self.name,
'type': self.vuln_type,
'severity': self.severity,
'severity_str': self.severity_str
}
@staticmethod @staticmethod
def convert_severity(severity: float) -> str: def convert_severity(severity: float) -> str:
""" """
......
from .report_builder import ReportBuilder from .report_builder import ReportBuilder
from .latex_report_builder import LatexReportBuilder from .latex_report_builder import LatexReportBuilder
from .markdown_report_builder import MarkdownReportBuilder from .markdown_report_builder import MarkdownReportBuilder
from .json_report_builder import JsonReportBuilder
from .html_report_builder import JinjaHtmlReportBuilder
...@@ -8,80 +8,62 @@ __all__ = ['ReportBuilder'] ...@@ -8,80 +8,62 @@ __all__ = ['ReportBuilder']
class ReportBuilder(metaclass=abc.ABCMeta): class ReportBuilder(metaclass=abc.ABCMeta):
@abc.abstractmethod
def init_report(self, start_date: str, nmap_command: str): def init_report(self, start_date: str, nmap_command: str):
""" """
Creates document section with report overview Creates document section with report overview
""" """
pass pass
@abc.abstractmethod
def build(self) -> Any: def build(self) -> Any:
""" """
:return: Ready report in specific format :return: Ready report in specific format
""" """
pass pass
@abc.abstractmethod
def add_vulnerable_section(self): def add_vulnerable_section(self):
""" """
Adds header for section with vulnerable services Adds header for section with vulnerable services
""" """
pass pass
@abc.abstractmethod
def add_non_vulnerable_section(self): def add_non_vulnerable_section(self):
""" """
Adds header for section with services without detected vulnerabilities Adds header for section with services without detected vulnerabilities
""" """
pass pass
@abc.abstractmethod
def add_vulnerable_services(self, scan_results: Dict[str, ScanResult]): def add_vulnerable_services(self, scan_results: Dict[str, ScanResult]):
""" """
Adds descriptions of vulnerable services Adds descriptions of vulnerable services
""" """
pass pass
@abc.abstractmethod
def add_non_vulnerable_services(self, scan_results: Dict[str, ScanResult]): def add_non_vulnerable_services(self, scan_results: Dict[str, ScanResult]):
""" """
Adds descriptions of services without detected vulnerabilities Adds descriptions of services without detected vulnerabilities
""" """
pass pass
@abc.abstractmethod
def initialize_section(self): def initialize_section(self):
""" """
Adds begin of report section Adds begin of report section
""" """
pass pass
@abc.abstractmethod
def add_ips_section(self): def add_ips_section(self):
""" """
Adds section with list of scanned ip addresses Adds section with list of scanned ip addresses
""" """
pass pass
@abc.abstractmethod
def add_ip_address(self, ip: str): def add_ip_address(self, ip: str):
""" """
Adds IP-address to scanned addresses section Adds IP-address to scanned addresses section
""" """
pass pass
@abc.abstractmethod
def finalize(self): def finalize(self):
""" """
Adds report footer Adds report footer
""" """
pass pass
@property
@abc.abstractmethod
def header(self) -> Any:
"""
:return: Common document header for format type (e.g. for latex report)
"""
pass
...@@ -33,3 +33,5 @@ spec: ...@@ -33,3 +33,5 @@ spec:
value: <GCP_OR_AWS> value: <GCP_OR_AWS>
- name: bucket - name: bucket
value: <BUCKET_NAME> value: <BUCKET_NAME>
- name: format
value: <REPORT_FORMAT>
...@@ -35,3 +35,5 @@ spec: ...@@ -35,3 +35,5 @@ spec:
value: <GCP_OR_AWS> value: <GCP_OR_AWS>
- name: bucket - name: bucket
value: <BUCKET_NAME> value: <BUCKET_NAME>
- name: format
value: <REPORT_FORMAT>
...@@ -4,9 +4,10 @@ from typing import IO ...@@ -4,9 +4,10 @@ from typing import IO
from requests import Session from requests import Session
from contrib.descriptions import CveProjectProvider from contrib.descriptions import CveProjectProvider, VulnDescriptionProvider
from contrib.parsers import FlanXmlParser from contrib.parsers import FlanXmlParser
from contrib.report_builders import ReportBuilder, LatexReportBuilder, MarkdownReportBuilder from contrib.report_builders import ReportBuilder, LatexReportBuilder, MarkdownReportBuilder, JinjaHtmlReportBuilder, \
JsonReportBuilder
def create_report(parser: FlanXmlParser, builder: ReportBuilder, nmap_command: str, start_date: str, output_writer: IO, def create_report(parser: FlanXmlParser, builder: ReportBuilder, nmap_command: str, start_date: str, output_writer: IO,
...@@ -26,7 +27,7 @@ def create_report(parser: FlanXmlParser, builder: ReportBuilder, nmap_command: s ...@@ -26,7 +27,7 @@ def create_report(parser: FlanXmlParser, builder: ReportBuilder, nmap_command: s
builder.add_ips_section() builder.add_ips_section()
for ip in ip_reader: for ip in ip_reader:
builder.add_ip_address(ip) builder.add_ip_address(ip.strip())
builder.finalize() builder.finalize()
output_writer.write(builder.build()) output_writer.write(builder.build())
...@@ -38,19 +39,26 @@ def parse_nmap_command(raw_command: str) -> str: ...@@ -38,19 +39,26 @@ def parse_nmap_command(raw_command: str) -> str:
return ' '.join(nmap_split) return ' '.join(nmap_split)
def create_default_provider(): def create_default_provider() -> VulnDescriptionProvider:
return CveProjectProvider(Session()) return CveProjectProvider(Session())
def create_report_builder(report_type: str) -> ReportBuilder: def create_report_builder(report_type: str) -> ReportBuilder:
if report_type == 'latex': builder_map = {
return LatexReportBuilder(create_default_provider()) 'tex': lambda p: LatexReportBuilder(p),
if report_type == 'md': 'md': lambda p: MarkdownReportBuilder(p),
return MarkdownReportBuilder(create_default_provider()) 'html': lambda p: JinjaHtmlReportBuilder(p),
raise NotImplementedError(report_type) 'json': lambda p: JsonReportBuilder(p)
}
if report_type not in builder_map:
raise NotImplementedError(report_type)
def main(dirname: str, output_file: str, ip_file: str, report_type: str = 'latex'): provider = create_default_provider()
return builder_map[report_type](provider)
def main(dirname: str, output_file: str, ip_file: str, report_type: str = 'tex'):
nmap_command = '' nmap_command = ''
start_date = '' start_date = ''
builder = create_report_builder(report_type) builder = create_report_builder(report_type)
...@@ -69,4 +77,5 @@ def main(dirname: str, output_file: str, ip_file: str, report_type: str = 'latex ...@@ -69,4 +77,5 @@ def main(dirname: str, output_file: str, ip_file: str, report_type: str = 'latex
if __name__ == '__main__': if __name__ == '__main__':
main(*sys.argv[1:4], report_type='latex') report_format = os.getenv('format', 'tex')
main(*sys.argv[1:4], report_type=report_format)
xmltodict==0.12.0 xmltodict==0.12.0
google-cloud-storage==1.23.0 google-cloud-storage==1.23.0
boto3==1.12.15 boto3==1.12.15
Jinja2==2.10.3
\ No newline at end of file
...@@ -10,8 +10,15 @@ else ...@@ -10,8 +10,15 @@ else
mkdir /reports mkdir /reports
fi fi
report_extension="tex"
if [[ ! -z $format ]]
then
report_extension=$format
fi
xml_dir=xml_files/$current_time xml_dir=xml_files/$current_time
report_file=reports/report_$current_time.tex report_file=reports/report_$current_time.$report_extension
function upload { function upload {
if [[ -z $upload ]] if [[ -z $upload ]]
...@@ -40,8 +47,11 @@ do ...@@ -40,8 +47,11 @@ do
done < /shared/ips.txt done < /shared/ips.txt
python /output_report.py $root_dir$xml_dir $root_dir$report_file /shared/ips.txt python /output_report.py $root_dir$xml_dir $root_dir$report_file /shared/ips.txt
sed -i 's/_/\\_/g' $root_dir$report_file if [[ $report_extension = "tex" ]]
sed -i 's/\$/\\\$/g' $root_dir$report_file then
sed -i 's/#/\\#/g' $root_dir$report_file sed -i 's/_/\\_/g' $root_dir$report_file
sed -i 's/%/\\%/g' $root_dir$report_file sed -i 's/\$/\\\$/g' $root_dir$report_file
sed -i 's/#/\\#/g' $root_dir$report_file
sed -i 's/%/\\%/g' $root_dir$report_file
fi
upload $report_file upload $report_file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment