33import os
44import subprocess
55import sys
6+ import traceback
67import psutil
78import json
89import optparse
@@ -135,7 +136,7 @@ def start():
135136 )
136137 return jsonify (res ), 503
137138
138- if type (data ["options" ]) == str :
139+ if type (data ["options" ]) is str :
139140 data ["options" ] = json .loads (data ["options" ])
140141
141142 scan = {
@@ -278,7 +279,7 @@ def _scan_thread(scan_id):
278279 cmd_sec = split (cmd )
279280
280281 this .scans [scan_id ]["proc_cmd" ] = "not set!!"
281- with open (log_path , "w" ) as stderr :
282+ with open (log_path , "w" ):
282283 this .scans [scan_id ]["proc" ] = subprocess .Popen (
283284 cmd_sec ,
284285 shell = False ,
@@ -335,11 +336,15 @@ def _scan_thread(scan_id):
335336 # print(f'scan {scan_id} is finished !')
336337 break
337338
339+ time .sleep (1 ) # wait for creating report file (could be long)
340+
338341 # Check if the report is available (exists && scan finished)
339342 report_filename = f"{ BASE_DIR } /results/nmap_{ scan_id } .xml"
340343 if not os .path .exists (report_filename ):
341- this .scans [scan_id ]["status" ] = "FINISHED" # ERROR ?
342- this .scans [scan_id ]["issues_available" ] = True
344+ # this.scans[scan_id]["status"] = "FINISHED" # ERROR ?
345+ # this.scans[scan_id]["issues_available"] = True
346+ this .scans [scan_id ]["status" ] = "ERROR"
347+ this .scans [scan_id ]["issues_available" ] = False
343348 return False
344349
345350 try :
@@ -359,8 +364,12 @@ def _scan_thread(scan_id):
359364 issues .extend (extra_issues )
360365
361366 this .scans [scan_id ]["issues" ] = deepcopy (issues )
362- except Exception :
363- pass
367+ except Exception as e :
368+ print (e )
369+ app .logger .info (e )
370+ traceback .print_exception (* sys .exc_info ())
371+ this .scans [scan_id ]["status" ] = "ERROR"
372+ this .scans [scan_id ]["issues_available" ] = False
364373 this .scans [scan_id ]["issues_available" ] = True
365374 this .scans [scan_id ]["status" ] = "FINISHED"
366375
@@ -433,7 +442,7 @@ def stop_scan(scan_id):
433442 )
434443
435444 this .scans [scan_id ]["status" ] = "STOPPED"
436- this .scans [scan_id ]["finished_at" ] = int (time .time () * 1000 )
445+ # this.scans[scan_id]["finished_at"] = int(time.time() * 1000)
437446 return jsonify (res )
438447
439448
@@ -466,6 +475,14 @@ def scan_status(scan_id):
466475 this .scans [scan_id ]["status" ] = "FINISHED"
467476 # print(f"scan_status/scan '{scan_id}' is finished")
468477
478+ elif (
479+ not psutil .pid_exists (proc .pid )
480+ and this .scans [scan_id ]["issues_available" ] is False
481+ and this .scans [scan_id ]["status" ] == "ERROR"
482+ ):
483+ res .update ({"status" : "ERROR" })
484+ # print(f"scan_status/scan '{scan_id}' is finished")
485+
469486 elif psutil .pid_exists (proc .pid ) and psutil .Process (proc .pid ).status () in [
470487 "sleeping" ,
471488 "running" ,
@@ -734,7 +751,9 @@ def _parse_report(filename, scan_id):
734751 os_data ["name" ] = osinfo .get ("name" )
735752 os_data ["accuracy" ] = osinfo .get ("accuracy" )
736753 for osclass in osinfo .findall ("osclass" ):
737- os_data ["cpe" ].append (osclass .find ("cpe" ).text )
754+ os_cpe = osclass .find ("cpe" )
755+ if os_cpe is not None :
756+ os_data ["cpe" ].append (os_cpe .text )
738757 res .append (
739758 deepcopy (
740759 _add_issue (
@@ -1101,7 +1120,7 @@ def _parse_report(filename, scan_id):
11011120
11021121
11031122def _get_cpe_link (cpe ):
1104- return "https://nvd.nist.gov/vuln/search/results?adv_search=true&cpe={}" . format ( cpe )
1123+ return f "https://nvd.nist.gov/vuln/search/results?adv_search=true&cpe={ cpe } "
11051124
11061125
11071126# custom functions for Vulners issues
@@ -1148,7 +1167,7 @@ def getfindings(scan_id):
11481167 return jsonify (res )
11491168
11501169 # check if the report is available (exists && scan finished)
1151- report_filename = BASE_DIR + " /results/nmap_{}.xml". format ( scan_id )
1170+ report_filename = f" { BASE_DIR } /results/nmap_{ scan_id } .xml"
11521171 if not os .path .exists (report_filename ):
11531172 res .update ({"status" : "error" , "reason" : "Report file not available" })
11541173 return jsonify (res )
@@ -1240,7 +1259,7 @@ def page_not_found(e):
12401259
12411260@app .before_first_request
12421261def main ():
1243- #if os.getuid() != 0: #run with root because of docker env vars scope
1262+ # if os.getuid() != 0: #run with root because of docker env vars scope
12441263 # app.logger.error("Start the NMAP engine using root privileges !")
12451264 # sys.exit(-1)
12461265 if not os .path .exists (f"{ BASE_DIR } /results" ):
0 commit comments