Skip to content

Commit

Permalink
more docker
Browse files Browse the repository at this point in the history
  • Loading branch information
@royrusso
royrusso committed Dec 24, 2024
1 parent 27e1233 commit 43dd360
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 10 deletions.
12 changes: 7 additions & 5 deletions backend/service/nmap.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,17 +102,19 @@ def get_scan_command(self):
match self.scan_type:
case (
ScanTypesEnum.PING
): # No port scan. Yes traceroute sudo nmap -sn --traceroute -T4 -oX - -v 192.168.1.196
): # No port scan. Yes traceroute sudo nmap -sn --unprivileged -T4 -oX - 192.168.1.0-255
# nmap -sn -oX - 192.168.50.0-255
# nmap -sn -T4 -oX - 192.168.20.0-100
# added 'unprivileged' flag to fix where nmap was showing all hosts as up, even though they weren't while running in docker.
flags = [
"-sn",
"--unprivileged",
# "--unprivileged", # this seemed to cause a lot of slowness in the docker scans
"-T4",
"-oX",
"-",
]
case ScanTypesEnum.DETAILED: # TCP SYN scan nmap -sS --min-rate 2000 -oX -
flags = ["-sS", "--min-rate", "2000", "-oX", "-"]
flags = ["-sS", "--top-ports", "1000", "--min-rate", "2000", "-oX", "-"]
case ScanTypesEnum.OS: # Enable OS detection only
flags = ["-sS", "-O", "--min-rate", "2000", "-oX", "-"]
case ScanTypesEnum.LIST: # List scan sudo nmap -sL 192.168.1.200-210
Expand Down Expand Up @@ -183,11 +185,11 @@ async def __scan(self) -> str:
# process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
try:
stdout, stderr = await asyncio.wait_for(
process.communicate(), timeout=300
process.communicate(), timeout=600
) # TODO: timeout should be configurable
# stdout, stderr = await process.communicate()
# stdout, stderr = process.communicate(timeout=300) # TODO: timeout should be configurable
# logger.info("Scan Results: {}".format(stdout.decode("utf-8")))
logger.info("NMap XML Results: {}".format(stdout.decode("utf-8")))
json_stdout_response = json.dumps(xmltodict.parse(stdout.decode("utf-8")), indent=4)

logger.info("Scan Results: {}".format(json_stdout_response))
Expand Down
17 changes: 16 additions & 1 deletion backend/service/profile_scan.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,24 @@ async def scan_profile(self):
up_hosts = []
if ping_results:

nmap_hosts = ping_results["nmaprun"]["host"]
nmap_hosts = ping_results["nmaprun"].get("host", [])

if (nmap_hosts is None) or (len(nmap_hosts) == 0):
logger.error(f"No hosts found in ping scan for profile {self.profile_id}")
return

for host in nmap_hosts:
if host["status"]["@state"] == "up":
# we need to ignore hosts that have no hostname
hostnames = host.get("hostnames", None)
if isinstance(hostnames, dict):
hostnames = [hostnames]
elif isinstance(hostnames, list):
hostnames = hostnames

if hostnames is None or len(hostnames) == 0:
continue

address = host["address"] # address can be a dict or a list
if isinstance(address, dict):
if address["@addrtype"] == "ipv4": # TODO: handle ipv6
Expand Down
2 changes: 1 addition & 1 deletion docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ services:
dockerfile: docker/Dockerfile-backend
ports:
- "8000:8000"
privileged: true
#privileged: true
user: root
network_mode: bridge #TODO: make configurable for linux to use host mode.
frontend:
Expand Down
6 changes: 3 additions & 3 deletions docker/Dockerfile-backend
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ RUN apt-get update && \
apt-get clean

# Install ping
# RUN apt-get update && \
# apt-get install -y iputils-ping && \
# apt-get clean
RUN apt-get update && \
apt-get install -y iputils-ping && \
apt-get clean

COPY backend/requirements.txt requirements.txt

Expand Down

0 comments on commit 43dd360

Please sign in to comment.