vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

pholus 2.1

Browse Source
This commit is contained in:
Jokob-sk
2022-12-30 12:16:14 +11:00
parent 6ef0ba3098
commit bde96af7da
7 changed files with 179 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
back/pialert.py
View File

@@ -22,6 +22,7 @@ import subprocess
import os import os
import re import re
import time import time
import decimal
import datetime import datetime
from datetime import timedelta from datetime import timedelta
# from datetime import datetime # from datetime import datetime
@@ -622,7 +623,7 @@ def main ():
if runPholus: if runPholus:
last_pholus_scheduled_run = datetime.datetime.now(tz).replace(microsecond=0) last_pholus_scheduled_run = datetime.datetime.now(tz).replace(microsecond=0)
performPholusScan() performPholusScan(PHOLUS_RUN_TIMEOUT)
# Perform an arp-scan if not disable with a file # Perform an arp-scan if not disable with a file
if last_network_scan + datetime.timedelta(minutes=SCAN_CYCLE_MINUTES) < time_started and os.path.exists(STOPARPSCAN) == False: if last_network_scan + datetime.timedelta(minutes=SCAN_CYCLE_MINUTES) < time_started and os.path.exists(STOPARPSCAN) == False:
@@ -1650,13 +1651,14 @@ def update_devices_names ():
# perform Pholus scan if (unknown) devices found # perform Pholus scan if (unknown) devices found
if PHOLUS_ACTIVE and (len(unknownDevices) > 0 or PHOLUS_FORCE): if PHOLUS_ACTIVE and (len(unknownDevices) > 0 or PHOLUS_FORCE):
performPholusScan() performPholusScan(PHOLUS_TIMEOUT)
# get names from Pholus scan # get names from Pholus scan
sql.execute ('SELECT * FROM Pholus_Scan where "MAC" in (select "dev_MAC" from Devices where "dev_Name" IN ("(unknown)","")) and "Record_Type"="Answer"') sql.execute ('SELECT * FROM Pholus_Scan where "MAC" in (select "dev_MAC" from Devices where "dev_Name" IN ("(unknown)","")) and "Record_Type"="Answer"')
pholusResults = sql.fetchall() pholusResults = sql.fetchall()
file_print("pholusResults: ", len(pholusResults)) # Number of entries for unknown MACs from the Pholus scan
file_print(" Pholus entries: ", len(pholusResults))
for device in unknownDevices: for device in unknownDevices:
# Resolve device name OLD # Resolve device name OLD
@@ -1685,7 +1687,7 @@ def update_devices_names ():
# file_print(sql.rowcount) # file_print(sql.rowcount)
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
def performPholusScan (): def performPholusScan (timeout):
subnetList = [] subnetList = []
@@ -1706,9 +1708,9 @@ def performPholusScan ():
file_print(" Pholus scan on interface: ", interface, " mask: " , mask) file_print(" Pholus scan on interface: ", interface, " mask: " , mask)
updateState("Scan: Pholus") updateState("Scan: Pholus")
file_print('[', timeNow(), '] Scan: Pholus') file_print('[', timeNow(), '] Scan: Pholus for ', str(timeout), 's ('+ str(round(int(timeout) / 60), 2) +'min)')
pholus_args = ['python3', '/home/pi/pialert/pholus/pholus3.py', interface, "-rdns_scanning", mask, "-stimeout", str(PHOLUS_TIMEOUT)] pholus_args = ['python3', '/home/pi/pialert/pholus/pholus3.py', interface, "-rdns_scanning", mask, "-stimeout", str(timeout)]
# Execute command # Execute command
try: try:
@@ -1722,7 +1724,7 @@ def performPholusScan ():
if output != "": if output != "":
file_print('[', timeNow(), '] Scan: Pholus SUCCESS') file_print('[', timeNow(), '] Scan: Pholus SUCCESS')
write_file (logPath + '/pialert_pholus_old.log', output) write_file (logPath + '/pialert_pholus_lastrun.log', output)
for line in output.split("\n"): for line in output.split("\n"):
append_line_to_file (logPath + '/pialert_pholus.log', line +'\n') append_line_to_file (logPath + '/pialert_pholus.log', line +'\n')
@@ -2922,9 +2924,6 @@ def hide_email(email):
m = email.split('@') m = email.split('@')
return f'{m[0][0]}{"*"*(len(m[0])-2)}{m[0][-1] if len(m[0]) > 1 else ""}@{m[1]}' return f'{m[0][0]}{"*"*(len(m[0])-2)}{m[0][-1] if len(m[0]) > 1 else ""}@{m[1]}'
# Test
print(hide_email('emailsecreto@gmail.com'))
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
def runSchedule(): def runSchedule():
@@ -2934,45 +2933,34 @@ def runSchedule():
result = False result = False
# datetime.now() - timedelta(days=1) # Initialize the last run time if never run before
if last_pholus_scheduled_run == 0: if last_pholus_scheduled_run == 0:
# last_pholus_scheduled_run = datetime.datetime.fromtimestamp(pd.Timestamp(year = 2000, month = 1, day = 1, hour = 1, second = 1, tz = TIMEZONE))
last_pholus_scheduled_run = (datetime.datetime.now(tz) - timedelta(days=365)).replace(microsecond=0) last_pholus_scheduled_run = (datetime.datetime.now(tz) - timedelta(days=365)).replace(microsecond=0)
# get the current time with the currently specified timezone
nowTime = datetime.datetime.now(tz).replace(microsecond=0) nowTime = datetime.datetime.now(tz).replace(microsecond=0)
# # DEBUG
# file_print("now : ", nowTime.isoformat())
# file_print("last_pholus_scheduled_run: ", last_pholus_scheduled_run.isoformat())
# file_print("last_next_pholus_schedule: ", last_next_pholus_schedule.isoformat())
# file_print("nowTime > last_next_pholus_schedule: ", nowTime > last_next_pholus_schedule)
# file_print("last_pholus_scheduled_run < last_next_pholus_schedule: ", last_pholus_scheduled_run < last_next_pholus_schedule)
file_print("now : ", nowTime.isoformat(), "Type: ", type(nowTime)) # Run the schedule if the current time is past the schedule time we saved last time and
file_print("last_pholus_scheduled_run: ", last_pholus_scheduled_run.isoformat(), "Type: ", type(last_pholus_scheduled_run)) # (maybe the following check is unnecessary:)
file_print("last_next_pholus_schedule: ", last_next_pholus_schedule.isoformat(), "Type: ", type(last_next_pholus_schedule)) # if the last run is past the last time we run a scheduled Pholus scan
file_print("nowTime > last_next_pholus_schedule: ", nowTime > last_next_pholus_schedule)
file_print("last_pholus_scheduled_run < last_next_pholus_schedule: ", last_pholus_scheduled_run < last_next_pholus_schedule)
if nowTime > last_next_pholus_schedule and last_pholus_scheduled_run < last_next_pholus_schedule: if nowTime > last_next_pholus_schedule and last_pholus_scheduled_run < last_next_pholus_schedule:
file_print("run: YES") print_log("Scheduler run: YES")
last_next_pholus_schedule_used = True last_next_pholus_schedule_used = True
result = True result = True
else: else:
file_print("run: NO") print_log("Scheduler run: NO")
# file_print("last_next_pholus_schedule lastRunDateTime: ",
# Debug
if last_next_pholus_schedule_used: if last_next_pholus_schedule_used:
last_next_pholus_schedule_used = False last_next_pholus_schedule_used = False
last_next_pholus_schedule = schedule.next() last_next_pholus_schedule = schedule.next()
file_print("runSchedule n : ", last_next_pholus_schedule.isoformat())
return result return result
#=============================================================================== #===============================================================================

4
front/js/pialert_common.js
View File

@@ -11,6 +11,10 @@
var timerRefreshData = '' var timerRefreshData = ''
var modalCallbackFunction = ''; var modalCallbackFunction = '';
// urlParams = new Proxy(new URLSearchParams(window.location.search), {
// get: (searchParams, prop) => searchParams.get(prop.toString()),
// });
function getCache(key) function getCache(key)
{ {
// check cache // check cache

54
front/maintenance.php
View File

@@ -353,7 +353,9 @@ if (submit && isset($_POST['skinselector_set'])) {
</div> </div>
<div class="row logs-row" > <div class="row logs-row" >
<div> <div>
<div class="log-file">pialert.log <div class="logs-size"><?php echo number_format((filesize("./log/pialert.log") / 1000000),2,",",".") . ' MB';?> </div></div><span class="span-padding"><a href="./log/pialert.log" target="_blank"><i class="fa fa-download"></i> </a></span> <div class="log-file">pialert.log <div class="logs-size"><?php echo number_format((filesize("./log/pialert.log") / 1000000),2,",",".") . ' MB';?>
<span class="span-padding"><a href="./log/pialert.log" target="_blank"><i class="fa fa-download"></i> </a></span>
</div></div>
<div class="log-purge"> <div class="log-purge">
<button class="btn btn-primary" onclick="logManage('pialert.log','cleanLog')"><?php echo lang('Gen_Purge');?></button> <button class="btn btn-primary" onclick="logManage('pialert.log','cleanLog')"><?php echo lang('Gen_Purge');?></button>
</div> </div>
@@ -367,7 +369,9 @@ if (submit && isset($_POST['skinselector_set'])) {
</div> </div>
<div class="row logs-row" > <div class="row logs-row" >
<div> <div>
<div class="log-file">pialert_front.log<div class="logs-size"><?php echo number_format((filesize("./log/pialert_front.log") / 1000000),2,",",".") . ' MB';?> </div></div><span class="span-padding"><a href="./log/pialert_front.log"><i class="fa fa-download"></i> </a></span> <div class="log-file">pialert_front.log<div class="logs-size"><?php echo number_format((filesize("./log/pialert_front.log") / 1000000),2,",",".") . ' MB';?>
<span class="span-padding"><a href="./log/pialert_front.log"><i class="fa fa-download"></i> </a></span>
</div></div>
<div class="log-purge"> <div class="log-purge">
<button class="btn btn-primary" onclick="logManage('pialert_front.log','cleanLog')"><?php echo lang('Gen_Purge');?></button> <button class="btn btn-primary" onclick="logManage('pialert_front.log','cleanLog')"><?php echo lang('Gen_Purge');?></button>
</div> </div>
@@ -382,7 +386,9 @@ if (submit && isset($_POST['skinselector_set'])) {
</div> </div>
<div class="row logs-row" > <div class="row logs-row" >
<div> <div>
<div class="log-file">pialert_pholus.log<div class="logs-size"><?php echo number_format((filesize("./log/pialert_pholus.log") / 1000000),2,",",".") . ' MB';?> </div></div><span class="span-padding"><a href="./log/pialert_pholus.log"><i class="fa fa-download"></i> </a></span> <div class="log-file">pialert_pholus.log<div class="logs-size"><?php echo number_format((filesize("./log/pialert_pholus.log") / 1000000),2,",",".") . ' MB';?>
<span class="span-padding"><a href="./log/pialert_pholus.log"><i class="fa fa-download"></i> </a></span>
</div></div>
<div class="log-purge"> <div class="log-purge">
<button class="btn btn-primary" onclick="logManage('pialert_pholus.log','cleanLog')"><?php echo lang('Gen_Purge');?></button> <button class="btn btn-primary" onclick="logManage('pialert_pholus.log','cleanLog')"><?php echo lang('Gen_Purge');?></button>
</div> </div>
@@ -390,6 +396,24 @@ if (submit && isset($_POST['skinselector_set'])) {
</div> </div>
</div> </div>
<div class="log-area">
<div class="row logs-row">
<textarea id="pialert_pholus_log" class="logs logs-small" cols="70" rows="10" wrap='off' readonly><?php echo file_get_contents( "./log/pialert_pholus_subp.log" ); ?>
</textarea>
</div>
<div class="row logs-row" >
<div>
<div class="log-file">pialert_pholus_subp.log<div class="logs-size"><?php echo number_format((filesize("./log/pialert_pholus_subp.log") / 1000000),2,",",".") . ' MB';?>
<span class="span-padding"><a href="./log/pialert_pholus_subp.log"><i class="fa fa-download"></i> </a></span>
</div></div>
<div class="log-purge">
<button class="btn btn-primary" onclick="logManage('pialert_pholus_subp.log','cleanLog')"><?php echo lang('Gen_Purge');?></button>
</div>
</div>
</div>
</div>
<div class="log-area"> <div class="log-area">
<div class="row logs-row"> <div class="row logs-row">
@@ -398,7 +422,9 @@ if (submit && isset($_POST['skinselector_set'])) {
</div> </div>
<div class="row logs-row" > <div class="row logs-row" >
<div> <div>
<div class="log-file">IP_changes.log<div class="logs-size"><?php echo number_format((filesize("./log/IP_changes.log") / 1000000),2,",",".") . ' MB';?> </div></div><span class="span-padding"><a href="./log/IP_changes.log"><i class="fa fa-download"></i> </a></span> <div class="log-file">IP_changes.log<div class="logs-size"><?php echo number_format((filesize("./log/IP_changes.log") / 1000000),2,",",".") . ' MB';?>
<span class="span-padding"><a href="./log/IP_changes.log"><i class="fa fa-download"></i> </a></span>
</div></div>
<div class="log-purge"> <div class="log-purge">
<button class="btn btn-primary" onclick="logManage('IP_changes.log','cleanLog')"><?php echo lang('Gen_Purge');?></button> <button class="btn btn-primary" onclick="logManage('IP_changes.log','cleanLog')"><?php echo lang('Gen_Purge');?></button>
</div> </div>
@@ -413,7 +439,9 @@ if (submit && isset($_POST['skinselector_set'])) {
</div> </div>
<div class="row logs-row" > <div class="row logs-row" >
<div> <div>
<div class="log-file">stdout.log<div class="logs-size"><?php echo number_format((filesize("./log/stdout.log") / 1000000),2,",",".") . ' MB';?> </div></div><span class="span-padding"><a href="./log/stdout.log"><i class="fa fa-download"></i> </a></span> <div class="log-file">stdout.log<div class="logs-size"><?php echo number_format((filesize("./log/stdout.log") / 1000000),2,",",".") . ' MB';?>
<span class="span-padding"><a href="./log/stdout.log"><i class="fa fa-download"></i> </a></span>
</div></div>
<div class="log-purge"> <div class="log-purge">
<button class="btn btn-primary" onclick="logManage('stdout.log','cleanLog')"><?php echo lang('Gen_Purge');?></button> <button class="btn btn-primary" onclick="logManage('stdout.log','cleanLog')"><?php echo lang('Gen_Purge');?></button>
</div> </div>
@@ -428,7 +456,9 @@ if (submit && isset($_POST['skinselector_set'])) {
</div> </div>
<div class="row logs-row" > <div class="row logs-row" >
<div> <div>
<div class="log-file">stderr.log<div class="logs-size"><?php echo number_format((filesize("./log/stderr.log") / 1000000),2,",",".") . ' MB';?> </div></div><span class="span-padding"><a href="./log/stderr.log"><i class="fa fa-download"></i> </a></span> <div class="log-file">stderr.log<div class="logs-size"><?php echo number_format((filesize("./log/stderr.log") / 1000000),2,",",".") . ' MB';?>
<span class="span-padding"><a href="./log/stderr.log"><i class="fa fa-download"></i> </a></span>
</div></div>
<div class="log-purge"> <div class="log-purge">
<button class="btn btn-primary" onclick="logManage('stderr.log','cleanLog')"><?php echo lang('Gen_Purge');?></button> <button class="btn btn-primary" onclick="logManage('stderr.log','cleanLog')"><?php echo lang('Gen_Purge');?></button>
</div> </div>
@@ -703,17 +733,21 @@ function scrollDown()
} }
function initializeTabs () { function initializeTabs () {
key = "activeMaintenanceTab"
// Activate panel // Activate panel
if(!emptyArr.includes(getCache("activeMaintenanceTab"))) if(!emptyArr.includes(getCache(key)))
{ {
selectedTab = getCache("activeMaintenanceTab"); selectedTab = getCache(key);
} }
$('.nav-tabs a[id='+ selectedTab +']').tab('show'); $('.nav-tabs a[id='+ selectedTab +']').tab('show');
// When changed save new current tab // When changed save new current tab
$('a[data-toggle="tab"]').on('shown.bs.tab', function (e) { $('a[data-toggle="tab"]').on('shown.bs.tab', function (e) {
setCache("activeMaintenanceTab", $(e.target).attr('id')) setCache(key, $(e.target).attr('id'))
}); });
// events on tab change // events on tab change
@@ -741,6 +775,8 @@ window.onload = function asyncFooter()
{ {
scrollDown(); scrollDown();
initializeTabs();
$("#lastCommit").append('<a href="https://github.com/jokob-sk/Pi.Alert/commits" target="_blank"><img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/jokob-sk/pi.alert/main?logo=github"></a>'); $("#lastCommit").append('<a href="https://github.com/jokob-sk/Pi.Alert/commits" target="_blank"><img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/jokob-sk/pi.alert/main?logo=github"></a>');
$("#lastDockerUpdate").append( $("#lastDockerUpdate").append(

2
front/php/server/util.php
View File

@@ -273,7 +273,7 @@ function saveSettings()
displayMessage("<br/>Settings saved to the <code>".$config_file."</code> file. displayMessage("<br/>Settings saved to the <code>".$config_file."</code> file.
<br/><br/>Backup of the previous ".$config_file." created here: <br/><br/><code>".$new_name."</code><br/><br/> <br/><br/>Backup of the previous ".$config_file." created here: <br/><br/><code>".$new_name."</code><br/><br/>
<b>Note:</b> Wait <b>5s</b> for the changes to reflect in the UI.", <b>Note:</b> Wait at least <b>5s</b> for the changes to reflect in the UI. (longer if for example a <a href='#state'>Scan is running</a>)",
FALSE, TRUE, TRUE, TRUE); FALSE, TRUE, TRUE, TRUE);
} }

13
front/php/templates/language/en_us.php
View File

@@ -552,17 +552,18 @@ the arp-scan will take hours to complete instead of seconds.
'PHOLUS_ACTIVE_name' => 'Enable Pholus scan', 'PHOLUS_ACTIVE_name' => 'Enable Pholus scan',
'PHOLUS_ACTIVE_description' => '<a href="https://github.com/jokob-sk/Pi.Alert/tree/main/pholus" target="_blank" >Pholus</a> is a sniffing tool to discover additional information about the devices on the network, including the device name. Please be aware it can spam the network with unnecessary traffic. Depends on the <a href="#SCAN_SUBNETS"><code>SCAN_SUBNETS</code> setting</a>.', 'PHOLUS_ACTIVE_description' => '<a href="https://github.com/jokob-sk/Pi.Alert/tree/main/pholus" target="_blank" >Pholus</a> is a sniffing tool to discover additional information about the devices on the network, including the device name. Please be aware it can spam the network with unnecessary traffic. Depends on the <a href="#SCAN_SUBNETS"><code>SCAN_SUBNETS</code> setting</a>.',
'PHOLUS_TIMEOUT_name' => 'Pholus timeout', 'PHOLUS_TIMEOUT_name' => 'Pholus timeout',
'PHOLUS_TIMEOUT_description' => 'How long (s) should Pholus be sniffing the network. Only used if an <code>(unknown)</code> device is found. The longer you leave it on, the more likely devices would broadcast more info. This timeout adds to the time it takes to perform an arp-scan on your network', 'PHOLUS_TIMEOUT_description' => 'How long in seconds should Pholus be sniffing on each interface. Only used if an <code>(unknown)</code> device is found. The longer you leave it on, the more likely devices would broadcast more info. This timeout adds to the time it takes to perform an arp-scan on your network.',
'PHOLUS_FORCE_name' => 'Force scan', 'PHOLUS_FORCE_name' => 'Force scan',
'PHOLUS_FORCE_description' => 'Force scan every network scan, even if there are no <code>(unknown)</code> devices. Be careful enabling this as the sniffing can easily flood your network.', 'PHOLUS_FORCE_description' => 'Force scan every network scan, even if there are no <code>(unknown)</code> devices. Be careful enabling this as the sniffing can easily flood your network.',
'PHOLUS_DAYS_DATA_name' => 'Data retention', 'PHOLUS_DAYS_DATA_name' => 'Data retention',
'PHOLUS_DAYS_DATA_description' => 'How many days of Pholus scan entries should be kept (gloablly, not device specific!). The <a href="/maintenance.php#tab_Logging">pialert_pholus.log</a> file is not touched.', 'PHOLUS_DAYS_DATA_description' => 'How many days of Pholus scan entries should be kept (globally, not device specific!). The <a href="/maintenance.php#tab_Logging_id">pialert_pholus.log</a> file is not touched.',
'PHOLUS_RUN_name' => 'Run on schedule', 'PHOLUS_RUN_name' => 'Scheduled scan',
'PHOLUS_RUN_description' => 'Enable a regular Pholus scan / sniff on your network.', 'PHOLUS_RUN_description' => 'Enable a regular Pholus scan / sniff on your network. The scheduling settings can be found below.',
'PHOLUS_RUN_TIMEOUT_name' => 'Scheduled run timeout', 'PHOLUS_RUN_TIMEOUT_name' => 'Scheduled run timeout',
'PHOLUS_RUN_TIMEOUT_description' => 'The timeout (s) for the scheduled Pholus scan.', 'PHOLUS_RUN_TIMEOUT_description' => 'The timeout in seconds for the scheduled Pholus scan. Same notes regarding the duration apply as on the <a href="#PHOLUS_TIMEOUT"><code>PHOLUS_TIMEOUT</code> setting</a>. A scheduled scan doesn\'t check if there are <code>(unknown)</code> devices, the scan is executed either way.',
'PHOLUS_RUN_SCHD_name' => 'Schedule', 'PHOLUS_RUN_SCHD_name' => 'Schedule',
'PHOLUS_RUN_SCHD_description' => 'Schedule in cron format. Make sure you enter the schedule in the correct format (e.g. validate your format on <a href="#" onlick="window.open("https://crontab.guru/#" + $(\'#PHOLUS_RUN_SCHD\').val(),replace(\' \', \'_\') , "_blank")" target="_blank">crontab.guru</a>). Will be run NEXT time the time passes.', 'PHOLUS_RUN_SCHD_description' => 'Schedule in cron format. Make sure you enter the schedule in the correct format
(e.g. validate at <a href="https://crontab.guru/" target="_blank">crontab.guru</a>). Will be run NEXT time the time passes. For example <code>0 4 * * *</code> will run the scan after 4 am in the <a href="#TIMEZONE"><code>TIMEZONE</code> you set above</a>.',
); );

38
front/php/templates/language/lang.php
View File

@@ -4,13 +4,15 @@
// ## Languages // ## Languages
// ################################### // ###################################
$defaultLang = "en_us";
if(!isset($_COOKIE["language"])) { if(!isset($_COOKIE["language"])) {
$pia_lang_selected = "en_us"; $pia_lang_selected = $defaultLang;
} else { } else {
$pia_lang_selected = $_COOKIE["language"]; $pia_lang_selected = $_COOKIE["language"];
} }
if (isset($pia_lang_selected) == FALSE or (strlen($pia_lang_selected) == 0)) {$pia_lang_selected = 'en_us';} if (isset($pia_lang_selected) == FALSE or (strlen($pia_lang_selected) == 0)) {$pia_lang_selected = defaultLang;}
require 'en_us.php'; require 'en_us.php';
require 'de_de.php'; require 'de_de.php';
@@ -18,25 +20,27 @@ require 'es_es.php';
function lang($key) function lang($key)
{ {
global $pia_lang_selected, $lang ; global $pia_lang_selected, $lang, $defaultLang;
// try to get the selected language translation // check if key exists in selected language
$temp = $lang[$pia_lang_selected][$key]; if(array_key_exists($key, $lang[$pia_lang_selected]) == FALSE)
if(isset($temp) == FALSE)
{ {
// if not found, use English // check if key exists in the default language if not available in the selected
$temp = $lang[$pia_lang_selected]["en_us"]; if (array_key_exists($key, $lang[$defaultLang]) == TRUE)
// echo $temp;
if(isset($temp) == FALSE)
{ {
// if not found, in English, use placeholder // if found, use default language
$temp = "String not found"; $temp = $lang[$defaultLang][$key];
}
}
// echo $temp; } else
{
// String not found in the default or selected language
$temp = "String not found for key: ".$key;
}
} else
{
// use selected language translation
$temp = $lang[$pia_lang_selected][$key];
}
return $temp; return $temp;
} }

125
pholus/pholus3.py
View File

@@ -9,18 +9,45 @@ import logging
import itertools import itertools
import codecs import codecs
import ipaddress import ipaddress
import os
import sys
from scapy.utils import PcapWriter from scapy.utils import PcapWriter
sys.setrecursionlimit(30000) sys.setrecursionlimit(30000)
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)#supress Scapy warnings` logging.getLogger("scapy.runtime").setLevel(logging.ERROR)#supress Scapy warnings`
runPath = os.path.dirname(os.path.abspath(__file__))
runPathTmp = runPath + "/.."
logPath = runPathTmp + '/front/log'
#=============================================================================== #===============================================================================
# UTIL # UTIL
#=============================================================================== #===============================================================================
def write_file (pPath, pText):
# Write the text depending using the correct python version
if sys.version_info < (3, 0):
file = io.open (pPath , mode='w', encoding='utf-8')
file.write ( pText.decode('unicode_escape') )
file.close()
else:
file = open (pPath, 'w', encoding='utf-8')
file.write (pText)
file.close()
def file_print(*args):
result = ''
file = open(logPath + "/pialert_pholus_subp.log", "a")
for arg in args:
result += str(arg)
print(result)
file.write(result + '\n')
file.close()
def sanitize_string(input): def sanitize_string(input):
if isinstance(input, bytes): if isinstance(input, bytes):
@@ -70,7 +97,7 @@ def get_my_ipv6_addr(interface):
myip=ifaces[0] myip=ifaces[0]
return myip return myip
except: except:
print("The interface",interface,"does not exist. Please, try again.") file_print("The interface",interface,"does not exist. Please, try again.")
exit(0) exit(0)
###################################### ######################################
@@ -82,7 +109,7 @@ def get_my_ipv4_addr(interface):
myip=scapy.arch.get_if_addr(interface) myip=scapy.arch.get_if_addr(interface)
return myip return myip
except: except:
print("The interface",interface,"does not exist. Please, try again.") file_print("The interface",interface,"does not exist. Please, try again.")
exit(0) exit(0)
########################## ##########################
@@ -271,7 +298,7 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
srv_rrname=data+label_data srv_rrname=data+label_data
txt_record="" txt_record=""
rdata=['txtvers=1','qtotal=1','pdl=application/vnd.hp-PCL','ty=MyOfficejet100000','product=(Trexa gureue)','priority=0','adminur=http://'+source_IPv4] rdata=['txtvers=1','qtotal=1','pdl=application/vnd.hp-PCL','ty=MyOfficejet100000','product=(Trexa gureue)','priority=0','adminur=http://'+source_IPv4]
#print(type(rdata)) #file_print(type(rdata))
for r in rdata: for r in rdata:
length=hex(len(r))[2:] length=hex(len(r))[2:]
#check http://code.activestate.com/recipes/576617-converting-arbitrary-size-python-integers-to-packe/ #check http://code.activestate.com/recipes/576617-converting-arbitrary-size-python-integers-to-packe/
@@ -417,7 +444,7 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
qname=dnsqr.qname qname=dnsqr.qname
if qname.endswith('.'): if qname.endswith('.'):
qname=qname[:-1] qname=qname[:-1]
#print("Query Name = ",qname," Type=",dnsqr.qtype) #file_print("Query Name = ",qname," Type=",dnsqr.qtype)
if unidns: if unidns:
dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A") dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A")
else: else:
@@ -432,13 +459,13 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
elif dnsqr.qclass==255: elif dnsqr.qclass==255:
res = res0 + " | Question | "+dnsqr.qname.decode("utf-8") + " "+ dns_type[dnsqr.qtype] + " QM Class:ANY" res = res0 + " | Question | "+dnsqr.qname.decode("utf-8") + " "+ dns_type[dnsqr.qtype] + " QM Class:ANY"
else: else:
print("DNSQR:") file_print("DNSQR:")
print("-----") file_print("-----")
print(dnsqr.show()) file_print(dnsqr.show())
print("DEBUGGING IS NEEDED") file_print("DEBUGGING IS NEEDED")
exit(0) exit(0)
if print_res==1: if print_res==1:
print(res) file_print(res)
queue.put(res) queue.put(res)
block = block.payload block = block.payload
if dns.arcount>0: if dns.arcount>0:
@@ -466,7 +493,7 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
optcode=str(edns0tlv.optcode) optcode=str(edns0tlv.optcode)
res = res + " EDNS0TLV: " + optcode + " " + codecs.encode(edns0tlv.optdata, 'hex_codec').decode("utf-8") res = res + " EDNS0TLV: " + optcode + " " + codecs.encode(edns0tlv.optdata, 'hex_codec').decode("utf-8")
if print_res==1: if print_res==1:
print(res) file_print(res)
queue.put(res) queue.put(res)
block = block.payload block = block.payload
elif block.haslayer(DNSRR): elif block.haslayer(DNSRR):
@@ -496,10 +523,10 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
res = str_res0 + " | Question | " + str_qname + " " + str_qtype + " QM Class:ANY" res = str_res0 + " | Question | " + str_qname + " " + str_qtype + " QM Class:ANY"
else: else:
print("DNSRR:") file_print("DNSRR:")
print("-----") file_print("-----")
print(dnsrr.show()) file_print(dnsrr.show())
print("DEBUGGING IS NEEDED HERE") file_print("DEBUGGING IS NEEDED HERE")
exit(0) exit(0)
if dnsrr.type==33:#SRV Record if dnsrr.type==33:#SRV Record
@@ -531,7 +558,7 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
if show_ttl: if show_ttl:
res = res + " TTL:"+str(dnsrr.ttl) res = res + " TTL:"+str(dnsrr.ttl)
if print_res==1: if print_res==1:
print(res) file_print(res)
queue.put(res) queue.put(res)
block = block.payload block = block.payload
if dns.ancount>0: if dns.ancount>0:
@@ -562,7 +589,7 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
if show_ttl: if show_ttl:
res = res + " TTL:"+str(dnsrr.ttl) res = res + " TTL:"+str(dnsrr.ttl)
if print_res==1: if print_res==1:
print(res) file_print(res)
queue.put(res) queue.put(res)
block = block.payload block = block.payload
if dns.nscount>0: if dns.nscount>0:
@@ -579,18 +606,18 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
if show_ttl: if show_ttl:
res = res + " TTL:"+str(dnsrr.ttl) res = res + " TTL:"+str(dnsrr.ttl)
if print_res==1: if print_res==1:
print(res) file_print(res)
queue.put(res) queue.put(res)
block = block.payload block = block.payload
else: else:
print("not a DNS Query", dns.summary()) file_print("not a DNS Query", dns.summary())
######################################## ########################################
########### REQUEST FUNCTION ########### ########### REQUEST FUNCTION ###########
######################################## ########################################
def requests(interface,v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,source_IPv6,d4,d6,hlimit,unidns,domain,query,types_of_queries,add_domain,query_class,flood,flooding_interval,flooding_timeout): def requests(interface,v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,source_IPv6,d4,d6,hlimit,unidns,domain,query,types_of_queries,add_domain,query_class,flood,flooding_interval,flooding_timeout):
if add_domain: if add_domain:
print("Sending mdns requests") file_print("Sending mdns requests")
domain_list = domain.split(",") domain_list = domain.split(",")
query_list = query.split(",") query_list = query.split(",")
if add_domain: if add_domain:
@@ -630,7 +657,7 @@ def send_packets(v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,dst_ipv4,s
packets.append(pkt1) packets.append(pkt1)
if flood: if flood:
counter=0.0 counter=0.0
print("Stop flooding after ",flooding_timeout," sec.") file_print("Stop flooding after ",flooding_timeout," sec.")
while(counter<float(flooding_timeout)): while(counter<float(flooding_timeout)):
for packt in packets: for packt in packets:
sendp(pakt,iface=interface) sendp(pakt,iface=interface)
@@ -643,7 +670,7 @@ def send_packets(v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,dst_ipv4,s
pkt1=Ether(src=source_mac,dst=target_mac1)/packet pkt1=Ether(src=source_mac,dst=target_mac1)/packet
if flood: if flood:
counter=0.0 counter=0.0
print("Stop flooding after ",flooding_timeout," sec.") file_print("Stop flooding after ",flooding_timeout," sec.")
while(counter<float(flooding_timeout)): while(counter<float(flooding_timeout)):
sendp(pkt1,iface=interface) sendp(pkt1,iface=interface)
counter+=float(flooding_interval) counter+=float(flooding_interval)
@@ -660,7 +687,7 @@ def send_packets(v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,dst_ipv4,s
packets.append(pkt2) packets.append(pkt2)
if flood: if flood:
counter=0.0 counter=0.0
print("Stop flooding after ",flooding_timeout," sec.") file_print("Stop flooding after ",flooding_timeout," sec.")
while(counter<float(flooding_timeout)): while(counter<float(flooding_timeout)):
for packt in packets: for packt in packets:
sendp(pakt,iface=interface) sendp(pakt,iface=interface)
@@ -673,7 +700,7 @@ def send_packets(v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,dst_ipv4,s
pkt2=Ether(src=source_mac,dst=target_mac2)/packet pkt2=Ether(src=source_mac,dst=target_mac2)/packet
if flood: if flood:
counter=0.0 counter=0.0
print("Stop flooding after ",flooding_timeout," sec.") file_print("Stop flooding after ",flooding_timeout," sec.")
while(counter<float(flooding_timeout)): while(counter<float(flooding_timeout)):
sendp(pkt2,iface=interface) sendp(pkt2,iface=interface)
counter+=float(flooding_interval) counter+=float(flooding_interval)
@@ -748,14 +775,14 @@ def main():
values = parser.parse_args() values = parser.parse_args()
if values.rpcap: if values.rpcap:
print("Read packets from a pcap file") file_print("Read packets from a pcap file")
if not os.path.isfile(values.interface): if not os.path.isfile(values.interface):
print('[-] ' + values.interface + ' does not exist') file_print('[-] ' + values.interface + ' does not exist')
exit(0) exit(0)
elif not os.access(values.interface, os.R_OK): elif not os.access(values.interface, os.R_OK):
print('[-] ' + values.interface + ' access is denied') file_print('[-] ' + values.interface + ' access is denied')
exit(0) exit(0)
print("Press Ctrl-C to exit and print the results") file_print("Press Ctrl-C to exit and print the results")
q = multiprocessing.Queue() q = multiprocessing.Queue()
pr = multiprocessing.Process(target=Sniffer_Offline, args=(values.interface,q,values.show_ttl,values.d4, values.d6, values.target_mac, values.auto_fake_responses,values.source6,values.source4,values.target_mac,values.target_mac,values.source_mac,values.hlimit)) pr = multiprocessing.Process(target=Sniffer_Offline, args=(values.interface,q,values.show_ttl,values.d4, values.d6, values.target_mac, values.auto_fake_responses,values.source6,values.source4,values.target_mac,values.target_mac,values.source_mac,values.hlimit))
pr.start() pr.start()
@@ -766,14 +793,14 @@ def main():
myset=set(results) myset=set(results)
results=list(myset) results=list(myset)
results.sort() results.sort()
print("\n*********************************************RESULTS*********************************************") file_print("\n*********************************************RESULTS*********************************************")
for r in results: for r in results:
print(r) file_print(r)
exit(0) exit(0)
else: else:
#####################################LETS DO SOME CHECKS FIRST TO SEE IF WE CAN WORK#################### #####################################LETS DO SOME CHECKS FIRST TO SEE IF WE CAN WORK####################
if os.geteuid() != 0: if os.geteuid() != 0:
print("You must be root to run this script.") file_print("You must be root to run this script.")
exit(1) exit(1)
conf.verb=0 conf.verb=0
#########################################DEFINE SOURCE ADDRESSES######################################## #########################################DEFINE SOURCE ADDRESSES########################################
@@ -786,7 +813,7 @@ def main():
try: try:
source_mac=get_if_hwaddr(values.interface) source_mac=get_if_hwaddr(values.interface)
except: except:
print("interface ",values.interface," does not exist") file_print("interface ",values.interface," does not exist")
exit(0) exit(0)
if values.qu: if values.qu:
@@ -804,7 +831,7 @@ def main():
source_IPv4=get_my_ipv4_addr(values.interface) source_IPv4=get_my_ipv4_addr(values.interface)
else: else:
source_IPv4=values.source4 source_IPv4=values.source4
print("source MAC address:",source_mac,"source IPv4 Address:",source_IPv4,"source IPv6 address:",source_IPv6) file_print("source MAC address:",source_mac,"source IPv4 Address:",source_IPv4,"source IPv6 address:",source_IPv6)
######################################################################################################### #########################################################################################################
if values.target_mac: if values.target_mac:
target_mac1=values.target_mac target_mac1=values.target_mac
@@ -816,33 +843,33 @@ def main():
q = multiprocessing.Queue() q = multiprocessing.Queue()
if values.dos_ttl or values.auto_fake_responses: if values.dos_ttl or values.auto_fake_responses:
if values.auto_fake_responses: if values.auto_fake_responses:
print("Send fake responses to requests" ) file_print("Send fake responses to requests" )
if values.target_mac: if values.target_mac:
myfilter = "not ether src " + source_mac + " and not ether dst " + values.target_mac +" and udp and port 5353" myfilter = "not ether src " + source_mac + " and not ether dst " + values.target_mac +" and udp and port 5353"
else: else:
myfilter = "not ether src " + source_mac + " and udp and port 5353" myfilter = "not ether src " + source_mac + " and udp and port 5353"
elif values.target_mac: elif values.target_mac:
print("Performing implicit DoS by sending automated spoofed DNS Answers with TTL=0" ) file_print("Performing implicit DoS by sending automated spoofed DNS Answers with TTL=0" )
myfilter = "not ether dst " + values.target_mac + " and udp and port 5353" myfilter = "not ether dst " + values.target_mac + " and udp and port 5353"
else: else:
print("Performing implicit DoS by sending automated spoofed DNS Answers with TTL=0" ) file_print("Performing implicit DoS by sending automated spoofed DNS Answers with TTL=0" )
myfilter = "udp and port 5353" myfilter = "udp and port 5353"
print("Sniffer filter is:",myfilter) file_print("Sniffer filter is:",myfilter)
print("I will sniff for",values.sniffer_timeout,"seconds, unless interrupted by Ctrl-C") file_print("I will sniff for",values.sniffer_timeout,"seconds, unless interrupted by Ctrl-C")
print("Press Ctrl-C to exit") file_print("Press Ctrl-C to exit")
try: try:
Sniffer(myfilter, values.interface, float(values.sniffer_timeout),q,values.dns,values.show_ttl, values.dos_ttl, values.conflict, values.ttl,values.d4, values.d6, values.target_mac, values.auto_fake_responses,source_IPv6, source_IPv4, target_mac1, target_mac2,source_mac,values.hlimit,values.workstation,values.printer,values.googlecast,values.airtv,values.flood,values.flooding_timeout,values.flooding_interval,values.v4,values.v6) Sniffer(myfilter, values.interface, float(values.sniffer_timeout),q,values.dns,values.show_ttl, values.dos_ttl, values.conflict, values.ttl,values.d4, values.d6, values.target_mac, values.auto_fake_responses,source_IPv6, source_IPv4, target_mac1, target_mac2,source_mac,values.hlimit,values.workstation,values.printer,values.googlecast,values.airtv,values.flood,values.flooding_timeout,values.flooding_interval,values.v4,values.v6)
except KeyboardInterrupt: except KeyboardInterrupt:
print("Exiting on user's request") file_print("Exiting on user's request")
exit(0) exit(0)
exit(0) exit(0)
myfilter = "not ether src " + source_mac + " and udp and port 5353" myfilter = "not ether src " + source_mac + " and udp and port 5353"
print("Sniffer filter is:",myfilter) file_print("Sniffer filter is:",myfilter)
print("I will sniff for",values.sniffer_timeout,"seconds, unless interrupted by Ctrl-C") file_print("I will sniff for",values.sniffer_timeout,"seconds, unless interrupted by Ctrl-C")
pr = multiprocessing.Process(target=Sniffer, args=(myfilter, values.interface, float(values.sniffer_timeout),q,values.dns,values.show_ttl, values.dos_ttl, values.conflict, values.ttl,values.d4,values.d6, values.target_mac, values.auto_fake_responses,source_IPv6, source_IPv4, target_mac1, target_mac2, source_mac,values.hlimit,values.workstation,values.printer,values.googlecast,values.airtv,values.flood,values.flooding_timeout,values.flooding_interval,values.v4,values.v6)) pr = multiprocessing.Process(target=Sniffer, args=(myfilter, values.interface, float(values.sniffer_timeout),q,values.dns,values.show_ttl, values.dos_ttl, values.conflict, values.ttl,values.d4,values.d6, values.target_mac, values.auto_fake_responses,source_IPv6, source_IPv4, target_mac1, target_mac2, source_mac,values.hlimit,values.workstation,values.printer,values.googlecast,values.airtv,values.flood,values.flooding_timeout,values.flooding_interval,values.v4,values.v6))
pr.daemon = True pr.daemon = True
pr.start() pr.start()
print("------------------------------------------------------------------------") file_print("------------------------------------------------------------------------")
time.sleep(1)#to make sure than sniffer has started before we proceed, otherwise you may miss some traffic time.sleep(1)#to make sure than sniffer has started before we proceed, otherwise you may miss some traffic
########################################################################################################## ##########################################################################################################
if values.request: if values.request:
@@ -961,7 +988,7 @@ def main():
try: try:
pr.join() pr.join()
except KeyboardInterrupt: except KeyboardInterrupt:
print("Exiting on user's request") file_print("Exiting on user's request")
exit(0) exit(0)
#### AFTER EXITING, PRINT THE RESULTS #### #### AFTER EXITING, PRINT THE RESULTS ####
@@ -989,7 +1016,7 @@ def main():
try: try:
pr2.join() pr2.join()
except KeyboardInterrupt: except KeyboardInterrupt:
print("Exiting on user's request") file_print("Exiting on user's request")
while not q2.empty(): while not q2.empty():
results.append(q2.get()) results.append(q2.get())
elif values.service_scan: elif values.service_scan:
@@ -1003,14 +1030,14 @@ def main():
r2=r.split(" ") r2=r.split(" ")
service=r2[7].strip('"')[:-1] service=r2[7].strip('"')[:-1]
if (r2[1],service) not in targets: if (r2[1],service) not in targets:
print((r2[1],service)) file_print((r2[1],service))
targets.append((r2[1],service)) targets.append((r2[1],service))
requests(values.interface,values.v4,values.v6,source_mac,target_mac1,target_mac2,source_IPv4,source_IPv6,values.d4,values.d6,values.hlimit,values.dns,values.domain,service,values.qtype,True,q_class,values.flood,values.flooding_interval,values.flooding_timeout) requests(values.interface,values.v4,values.v6,source_mac,target_mac1,target_mac2,source_IPv4,source_IPv6,values.d4,values.d6,values.hlimit,values.dns,values.domain,service,values.qtype,True,q_class,values.flood,values.flooding_interval,values.flooding_timeout)
if pr2: if pr2:
try: try:
pr2.join() pr2.join()
except KeyboardInterrupt: except KeyboardInterrupt:
print("Exiting on user's request") file_print("Exiting on user's request")
while not q2.empty(): while not q2.empty():
results.append(q2.get()) results.append(q2.get())
targets2=[] targets2=[]
@@ -1033,12 +1060,12 @@ def main():
try: try:
pr3.join() pr3.join()
except KeyboardInterrupt: except KeyboardInterrupt:
print("Exiting on user's request") file_print("Exiting on user's request")
while not q3.empty(): while not q3.empty():
results.append(q3.get()) results.append(q3.get())
print("\n*********************************************RESULTS*********************************************") file_print("\n*********************************************RESULTS*********************************************")
for r in results: for r in results:
print(r) file_print(r)
if __name__ == '__main__': if __name__ == '__main__':
main() main()