STRLCPY/routeros-scanner

Priavte/noa/pr/8/updates (#26)

* Slight optimization when getting version, add concise argument - prints only suspicious and recommended items

* Update README

* pr8 branch with some changes

* merge with main

Co-authored-by: Iavor Todorov <[email protected]>

noafru committed with GitHub 2 years ago

df8148b6

1 parent 61559dd3

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

Total 4 files Show one by one

■ ■ ■ ■ ■ ■

README.md

		skipped 14 lines
15	15		## Executing and arguments
16	16
17	17		### The arguments:
18		-
19		-	args \| Description \| Must / Optional
20		-	----------\| ----------------------------------------------------------------\| -------------------
21		-	`-i` \| The tested Mikrotik IP address \| Must
22		-	`-p` \| The tested Mikrotik SSH port \| Must
23		-	`-u` \| User name with admin Permissions \| Must
24		-	`-ps` \| The password of the given user name (empty password by default) \| Optional
25		-	`-J` \| Print the results as json format (prints txt format by default) \| Optional
	18	+	args \| Description \| Must / Optional
	19	+	----------\| ------------------------------------------------------------------------------\| -------------------
	20	+	`-i` \| The tested Mikrotik IP address \| Must
	21	+	`-p` \| The tested Mikrotik SSH port \| Must
	22	+	`-u` \| User name with admin Permissions \| Must
	23	+	`-ps` \| The password of the given user name (empty password by default) \| Optional
	24	+	`-J` \| Print the results as json format (prints txt format by default) \| Optional
	25	+	`-concise`\| Print a shortened text output focusing on recommendations and suspicious data \| Optional
26	26
27	27		### Executing examples:
28	28		./main.py -i 1.2.3.4 -p 22 -u admin
		skipped 32 lines

■ ■ ■ ■ ■ ■

commands/basecommand.py

		skipped 5 lines
6	6
7	7		class BaseCommand(object):
8	8		def _ssh_data(self, sshc, command):
	9	+	res = ''
9	10		try:
10	11		stdin, stdout, stderr = sshc.exec_command(command)
11		-
12		-	return str(stdout.read())
	12	+	res = str(stdout.read())
13	13		except Exception:
14	14		print(traceback.format_exc(), file = sys.stderr)
15		-	return ''
	15	+
	16	+	return res
16	17
17	18		def _ssh_data_with_header(self, sshc, command):
18	19		data = self._ssh_data(sshc, command)
		skipped 20 lines

■ ■ ■ ■ ■ ■

commands/version.py

		skipped 13 lines
14	14
15	15		def run_ssh(self, sshc):
16	16		version = ''
17		-	res = ''
18		-	data = self._ssh_data(sshc, '/system resource print')
	17	+	data = self._ssh_data(sshc, ':put [/system resource get version]')
19	18
20	19		try:
21		-	version_reg = re.search(r'version: ([\d\.]+)', data)
	20	+	version_reg = re.search(r'([\d\.]+)', data)
22	21
23	22		if version_reg:
24	23		version = version_reg.group(1)
25		-	res = f'The Mikrotik version: {version}'
	24	+
26	25		except Exception:
27	26		print(traceback.format_exc())
28	27
29		-	sus_dns, recommendation = self.check_results_ssh(version)
	28	+	sus, recommendation = self.check_results_ssh(version)
30	29
31		-	return {'raw_data': res,
32		-	'suspicious': sus_dns,
	30	+	return {'raw_data': version,
	31	+	'suspicious': sus,
33	32		'recommendation': recommendation}
34	33
35		-	def check_results_ssh(self, res):
	34	+	def check_results_ssh(self, version):
36	35		sus_version = []
37	36		recommendation = []
38	37
39	38		try:
40		-	if res:
	39	+	if version:
41	40		cve = CVEValidator('./assets/mikrotik_cpe_match.json')
42		-	ver_cves = cve.check_version(res)
	41	+	ver_cves = cve.check_version(version)
43	42		if ver_cves:
44	43		sus_version = ver_cves
	44	+	recommendation.append(f'RouterOS version: {version} is vulnerable to CVE(s). Upgrade to the latest version.')
45	45		except Exception:
46	46		print(traceback.format_exc(), file = sys.stderr)
47	47
		skipped 5 lines

■ ■ ■ ■ ■ ■

main.py

		skipped 34 lines
35	35		if args.J:
36	36		print(json.dumps(all_data, indent=4))
37	37		else:
38		-	print_txt_results(all_data)
39		-
	38	+	print_txt_results(all_data, args.concise)
40	39
41		-	def print_txt_results(res):
	40	+	def print_txt_results(res, concise):
42	41		for command in res:
43		-	print(f'{command}:')
44		-	for item in res[command]:
45		-	if res[command][item]:
46		-	print(f'\t{item}:')
47		-	if type(res[command][item]) == list:
48		-	data = '\n\t\t'.join(json.dumps(i) for i in res[command][item])
49		-	else:
50		-	data = res[command][item]
51		-	print(f'\t\t{data}')
	42	+	if (not concise and res[command]["raw_data"]) or res[command]["recommendation"] or res[command]["suspicious"]:
	43	+	print(f'{command}:')
	44	+	for item in res[command]:
	45	+	if concise and item != "recommendation" and item != "suspicious":
	46	+	continue
	47	+	if res[command][item]:
	48	+	print(f'\t{item}:')
	49	+	if type(res[command][item]) == list:
	50	+	data = '\n\t\t'.join(json.dumps(i) for i in res[command][item])
	51	+	else:
	52	+	data = res[command][item]
	53	+	print(f'\t\t{data}')
52	54
53	55
54	56		if __name__ == '__main__':
		skipped 3 lines
58	60		parser.add_argument('-u', '--userName', help='User name with admin Permissions', required=True)
59	61		parser.add_argument('-ps', '--password', help='The password of the given user name', default='')
60	62		parser.add_argument('-J', help='Print the results as json format', action='store_true')
	63	+	parser.add_argument('-concise', help='Print out only suspicious items and recommendations', action='store_true')
61	64		args = parser.parse_args()
62	65
63	66		main(args)
		skipped 1 lines