Merge pull request #439 from Patrowl/develop

1.5.19

Author: sebastien-powl

AUTHORS

@@ -7,4 +7,4 @@ Crontributors
 -------
 * CERT Banque de France (CERT-BDF)
 
-Copyright (C) 2018-2022 Nicolas MATTIOCCO
+Copyright (C) 2018-2024 Nicolas MATTIOCCO

VERSION

@@ -1 +1 @@
-1.5.18
+1.5.19

engines/nmap/Dockerfile

@@ -1,5 +1,5 @@
 FROM alpine:3.16.3
-LABEL Name="Nmap\ \(Patrowl engine\)" Version="1.4.45"
+LABEL Name="Nmap\ \(Patrowl engine\)" Version="1.4.46"
 
 # Set the working directory
 RUN mkdir -p /opt/patrowl-engines/nmap

engines/nmap/VERSION

@@ -1 +1 @@
-1.4.45
+1.4.46

engines/nmap/engine-nmap.py

@@ -3,6 +3,7 @@
 import os
 import subprocess
 import sys
+import traceback
 import psutil
 import json
 import optparse
@@ -135,7 +136,7 @@ def start():
         )
         return jsonify(res), 503
 
-    if type(data["options"]) == str:
+    if type(data["options"]) is str:
         data["options"] = json.loads(data["options"])
 
     scan = {
@@ -278,7 +279,7 @@ def _scan_thread(scan_id):
     cmd_sec = split(cmd)
 
     this.scans[scan_id]["proc_cmd"] = "not set!!"
-    with open(log_path, "w") as stderr:
+    with open(log_path, "w"):
         this.scans[scan_id]["proc"] = subprocess.Popen(
             cmd_sec,
             shell=False,
@@ -335,11 +336,15 @@ def _scan_thread(scan_id):
             # print(f'scan {scan_id} is finished !')
             break
 
+    time.sleep(1)  # wait for creating report file (could be long)
+
     # Check if the report is available (exists && scan finished)
     report_filename = f"{BASE_DIR}/results/nmap_{scan_id}.xml"
     if not os.path.exists(report_filename):
-        this.scans[scan_id]["status"] = "FINISHED"  # ERROR ?
-        this.scans[scan_id]["issues_available"] = True
+        # this.scans[scan_id]["status"] = "FINISHED"  # ERROR ?
+        # this.scans[scan_id]["issues_available"] = True
+        this.scans[scan_id]["status"] = "ERROR"
+        this.scans[scan_id]["issues_available"] = False
         return False
 
     try:
@@ -359,8 +364,12 @@ def _scan_thread(scan_id):
             issues.extend(extra_issues)
 
         this.scans[scan_id]["issues"] = deepcopy(issues)
-    except Exception:
-        pass
+    except Exception as e:
+        print(e)
+        app.logger.info(e)
+        traceback.print_exception(*sys.exc_info())
+        this.scans[scan_id]["status"] = "ERROR"
+        this.scans[scan_id]["issues_available"] = False
     this.scans[scan_id]["issues_available"] = True
     this.scans[scan_id]["status"] = "FINISHED"
 
@@ -433,7 +442,7 @@ def stop_scan(scan_id):
         )
 
     this.scans[scan_id]["status"] = "STOPPED"
-    this.scans[scan_id]["finished_at"] = int(time.time() * 1000)
+    # this.scans[scan_id]["finished_at"] = int(time.time() * 1000)
     return jsonify(res)
 
 
@@ -466,6 +475,14 @@ def scan_status(scan_id):
         this.scans[scan_id]["status"] = "FINISHED"
         # print(f"scan_status/scan '{scan_id}' is finished")
 
+    elif (
+        not psutil.pid_exists(proc.pid)
+        and this.scans[scan_id]["issues_available"] is False
+        and this.scans[scan_id]["status"] == "ERROR"
+    ):
+        res.update({"status": "ERROR"})
+        # print(f"scan_status/scan '{scan_id}' is finished")
+
     elif psutil.pid_exists(proc.pid) and psutil.Process(proc.pid).status() in [
         "sleeping",
         "running",
@@ -734,7 +751,9 @@ def _parse_report(filename, scan_id):
                 os_data["name"] = osinfo.get("name")
                 os_data["accuracy"] = osinfo.get("accuracy")
                 for osclass in osinfo.findall("osclass"):
-                    os_data["cpe"].append(osclass.find("cpe").text)
+                    os_cpe = osclass.find("cpe")
+                    if os_cpe is not None:
+                        os_data["cpe"].append(os_cpe.text)
                 res.append(
                     deepcopy(
                         _add_issue(
@@ -1101,7 +1120,7 @@ def _parse_report(filename, scan_id):
 
 
 def _get_cpe_link(cpe):
-    return "https://nvd.nist.gov/vuln/search/results?adv_search=true&cpe={}".format(cpe)
+    return f"https://nvd.nist.gov/vuln/search/results?adv_search=true&cpe={cpe}"
 
 
 # custom functions for Vulners issues
@@ -1148,7 +1167,7 @@ def getfindings(scan_id):
         return jsonify(res)
 
     # check if the report is available (exists && scan finished)
-    report_filename = BASE_DIR + "/results/nmap_{}.xml".format(scan_id)
+    report_filename = f"{BASE_DIR}/results/nmap_{scan_id}.xml"
     if not os.path.exists(report_filename):
         res.update({"status": "error", "reason": "Report file not available"})
         return jsonify(res)
@@ -1240,7 +1259,7 @@ def page_not_found(e):
 
 @app.before_first_request
 def main():
-    #if os.getuid() != 0: #run with root because of docker env vars scope
+    # if os.getuid() != 0: #run with root because of docker env vars scope
     #    app.logger.error("Start the NMAP engine using root privileges !")
     #        sys.exit(-1)
     if not os.path.exists(f"{BASE_DIR}/results"):

engines/owl_dns/Dockerfile

@@ -1,10 +1,10 @@
 FROM alpine:3.16.3
-LABEL Name="Patrowl\ DNS\ \(Patrowl engine\)" Version="1.5.6"
+LABEL Name="Patrowl\ DNS\ \(Patrowl engine\)" Version="1.5.7"
 
 # Install dependencies
 RUN apk add --update --no-cache \
-    python3 python3-dev py3-pip \
-    git \
+  python3 python3-dev py3-pip \
+  git \
   && rm -rf /var/cache/apk/*
 
 # Create the target repo

engines/owl_dns/VERSION

@@ -1 +1 @@
-1.5.6
+1.5.7

engines/owl_dns/__init__.py

@@ -1,8 +1,8 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-__title__ = 'patrowl_engine_owl_dns'
-__version__ = '1.5.5'
-__author__ = 'Nicolas MATTIOCCO'
-__license__ = 'AGPLv3'
-__copyright__ = 'Copyright (C) 2018-2023 Nicolas Mattiocco - @MaKyOtOx'
+__title__ = "patrowl_engine_owl_dns"
+__version__ = "1.5.7"
+__author__ = "Nicolas MATTIOCCO"
+__license__ = "AGPLv3"
+__copyright__ = "Copyright (C) 2018-2024 Nicolas Mattiocco - @MaKyOtOx"

engines/owl_dns/etc/seg_list.json

@@ -89,6 +89,16 @@
             "links": [
                 "https://success.trendmicro.com/dcx/s/solution/1055888-redirecting-mail-exchange-mx-records-to-hosted-email-security-hes?language=en_US&sfdcIFrameOrigin=null"
             ]
+        },
+        "mailinblack": {
+            "provider": "mailinblack",
+            "product": "Mailinblack",
+            "mx_records": [
+                ".mailinblack.com."
+            ],
+            "links": [
+                "https://support.mailinblack.com/fr/articles/6853774-online-comment-editer-les-parametres-dns-mx-d-un-domaine"
+            ]
         }
     }
 }

engines/owl_dns/owl_dns.json.sample

@@ -1,6 +1,6 @@
 {
 	"name": "PatrOwl - Dns module",
-	"version": "0.1",
+	"version": "1.5.7",
 	"description": "DNS Scanner",
 	"allowed_asset_types": ["ip", "domain", "fqdn", "keyword"],
 	"sublist3r_bin_path": "/opt/patrowl-engines/owl_dns/external-libs/Sublist3r",