STRLCPY/flan

small refactorings and keeping up
shadow committed 4 years ago

64395ac6

1 parent 917b6c43

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

■ ■ ■ ■ ■ ■

Dockerfile

skipped 13 lines
14 14 RUN chmod +x /run.sh
15 15
16 16 ENTRYPOINT ["/run.sh"]
17 -

All occurrences

■ ■ ■ ■ ■ ■

contrib/internal_types/flan_types.py

		skipped 28 lines
29	29		"""
30	30		if severity < 4:
31	31		return 'Low'
32		-	elif severity < 7:
	32	+	if severity < 7:
33	33		return 'Medium'
34		-	else:
35		-	return 'High'
	34	+	return 'High'
36	35
37	36		@property
38	37		def severity_str(self) -> str:
		skipped 14 lines

■ ■ ■ ■ ■ ■

contrib/parsers/flan_xml_parser.py

		skipped 42 lines
43	43		Parse xmltodict output and fill internal collections
44	44		:param data: xmltodict output
45	45		"""
	46	+	if 'host' not in data['nmaprun']:
	47	+	return
	48	+
46	49		hosts = data['nmaprun']['host']
47	50
48	51		if isinstance(hosts, list):
		skipped 16 lines
65	68
66	69		self.results[app_name].vulns.append(Vuln(vuln_name, vuln_type, severity))
67	70
68		-	def parse_script(self, app_name: str, script: Dict[str, Any]):
	71	+	def parse_script(self, ip_addr: str, port: str, app_name: str, script: Dict[str, Any]):
	72	+	if 'table' not in script:
	73	+	print('ERROR in script: ' + script['@output'] + " at location: " + ip_addr + " port: " + port + " app: " +
	74	+	app_name)
	75	+	return
69	76		self.vulnerable_services.append(app_name)
70	77		script_table = script['table']['table']
71	78		if isinstance(script_table, list):
		skipped 16 lines
88	95		if isinstance(scripts, list):
89	96		for s in scripts:
90	97		if s['@id'] == 'vulners':
91		-	self.parse_script(app_name, s)
	98	+	self.parse_script(ip_addr, port_num, app_name, s)
92	99		else:
93	100		if scripts['@id'] == 'vulners':
94		-	self.parse_script(app_name, scripts)
	101	+	self.parse_script(ip_addr, port_num, app_name, scripts)
95	102
96	103		def parse_host(self, host: Dict[str, Any]):
97		-	ip_addr = host['address']['@addr']
	104	+	addresses = host['address']
	105	+	ip_addr = ''
	106	+	if isinstance(addresses, list):
	107	+	for addr in addresses:
	108	+	if "ip" in addr['@addrtype']:
	109	+	ip_addr = addr['@addr']
	110	+	else:
	111	+	ip_addr = addresses['@addr']
	112	+
	113	+	if not ip_addr:
	114	+	return
	115	+
98	116		if host['status']['@state'] == 'up' and 'port' in host['ports']:
99	117		ports = host['ports']['port']
100	118		if isinstance(ports, list):
		skipped 38 lines

■ ■ ■ ■ ■ ■

run

1	-	#!/bin/sh
2	-
3	-	current_time=$(date "+%Y.%m.%d-%H.%M")
4	-	if [[ -z $upload ]]
5	-	then
6	-	root_dir=/shared/
7	-	else
8	-	root_dir=/
9	-	mkdir /xml_files
10	-	mkdir /reports
11	-	fi
12	-
13	-	xml_dir=xml_files/$current_time
14	-	report_file=reports/report_$current_time.tex
15	-
16	-	function upload {
17	-	if [[ -z $upload ]]
18	-	then
19	-	return
20	-	elif [ $upload = "aws" ]
21	-	then
22	-	python /aws_push.py $1
23	-	elif [ $upload = "gcp" ]
24	-	then
25	-	python /gcp_push.py $1
26	-	fi
27	-	}
28	-
29	-	function get_filename(){
30	-	echo $1 \| tr / -
31	-	}
32	-
33	-	mkdir $root_dir$xml_dir
34	-	while IFS= read -r line
35	-	do
36	-	current_time=$(date "+%Y.%m.%d-%H.%M.%S")
37	-	filename=$(get_filename $line)".xml"
38	-	nmap -sV -oX $root_dir$xml_dir/$filename -oN - -v1 $@ --script=vulners/vulners.nse $line
39	-	upload $xml_dir/$filename
40	-	done < /shared/ips.txt
41	-
42	-	python /output_report.py $root_dir$xml_dir $root_dir$report_file /shared/ips.txt
43	-	sed -i 's/_/\\_/g' $root_dir$report_file
44	-	sed -i 's/\$/\\\$/g' $root_dir$report_file
45	-	sed -i 's/#/\\#/g' $root_dir$report_file
46	-	sed -i 's/%/\\%/g' $root_dir$report_file
47	-	upload $report_file
48	-

■ ■ ■ ■ ■ ■

shared/ips.txt

1 - 1.1.1.1
2 - 8.8.8.8
1 + 8.17.207.0/24
2 + 198.41.138.128/25
3 + 198.41.138.0/25
3 4

All occurrences

		skipped 13 lines
14	14		RUN chmod +x /run.sh
15	15
16	16		ENTRYPOINT ["/run.sh"]
17		-

1		-	1.1.1.1
2		-	8.8.8.8
	1	+	8.17.207.0/24
	2	+	198.41.138.128/25
	3	+	198.41.138.0/25
3	4

small refactorings and keeping up