From e77e1d5503b013972f8e610ce352bae333bf201f Mon Sep 17 00:00:00 2001 From: Jokob-sk Date: Sun, 1 Jan 2023 23:27:40 +1100 Subject: [PATCH] much more logging for the pholus issue + settings check --- back/pialert.py | 5 +- front/deviceDetails.php | 7 --- front/index.php | 3 ++ front/js/pialert_common.js | 7 +++ front/php/templates/language/en_us.php | 4 +- front/settings.php | 66 ++++++++++++++++++-------- pholus/pholus3.py | 49 ++++++++++++++++++- 7 files changed, 108 insertions(+), 33 deletions(-) diff --git a/back/pialert.py b/back/pialert.py index d390e325..cdf3f3a4 100755 --- a/back/pialert.py +++ b/back/pialert.py @@ -551,7 +551,8 @@ def importConfig (): lastTimeImported = time.time() # Used to display a message in the UI - sql.execute ("""UPDATE Parameters set "par_Value" = ? where "par_ID" = "Back_Settings_Imported" """, (timeNow(),)) + # sql.execute ("""UPDATE Parameters set "par_Value" = ? where "par_ID" = "Back_Settings_Imported" """, (timeNow(),)) + sql.execute ("""UPDATE Parameters set "par_Value" = ? where "par_ID" = "Back_Settings_Imported" """, (round(time.time() * 1000),)) commitDB() @@ -2878,7 +2879,7 @@ def upgradeDB (): ('Front_Devices_Order', '[[3,"desc"],[0,"asc"]]'), ('Front_Devices_Rows', '100'), ('Front_Details_Tab', 'tabDetails'), - ('Back_Settings_Imported', timeNow()), + ('Back_Settings_Imported', round(time.time() * 1000)), ('Back_App_State', 'Initializing') ] diff --git a/front/deviceDetails.php b/front/deviceDetails.php index 817892f5..ca5201f0 100755 --- a/front/deviceDetails.php +++ b/front/deviceDetails.php @@ -1785,11 +1785,4 @@ function reloadTab() } - - -function sanitize(data) -{ - return data.replace(/(\r\n|\n|\r)/gm,"").replace(/[^\x00-\x7F]/g, "") -} - diff --git a/front/index.php b/front/index.php index bdc6ac03..4efac6ee 100755 --- a/front/index.php +++ b/front/index.php @@ -30,6 +30,9 @@ if (( isset ($_SESSION["login"]) && ($_SESSION["login"] == 1)) || (isset ($_COOK $login_headline = lang('Login_Toggle_Info_headline'); $login_info = ""; +$login_mode = 'danger'; +$login_display_mode = 'display: block;'; +$login_icon = 'fa-info'; // no active session, cookie not checked if (isset ($_SESSION["login"]) == FALSE || $_SESSION["login"] != 1) diff --git a/front/js/pialert_common.js b/front/js/pialert_common.js index 874b805f..57267b02 100755 --- a/front/js/pialert_common.js +++ b/front/js/pialert_common.js @@ -151,6 +151,13 @@ function modalWarningOK () { }, 100); } +// ----------------------------------------------------------------------------- + +function sanitize(data) +{ + return data.replace(/(\r\n|\n|\r)/gm,"").replace(/[^\x00-\x7F]/g, "") +} + // ----------------------------------------------------------------------------- function showMessage (textMessage="") { if (textMessage.toLowerCase().includes("error") ) { diff --git a/front/php/templates/language/en_us.php b/front/php/templates/language/en_us.php index dfcba33c..8c0a0e1d 100755 --- a/front/php/templates/language/en_us.php +++ b/front/php/templates/language/en_us.php @@ -425,7 +425,9 @@ $lang['en_us'] = array( ////////////////////////////////////////////////////////////////// -'settings_missing' => 'Not all settings loaded, refresh the page!', +'settings_missing' => 'Not all settings loaded, refresh the page! This is probably caused by a high load on the database.', +'settings_missing_block' => 'You can\'t save your settings without specifying all setting keys. Refresh the page. This is probably caused by a high load on the database.', +'settings_old' => 'The settings in the DB (shown on this page) are outdated. This is probably caused by a running scan. The settings were saved, but the background process didn\'t have time to import it yet. You can wait until the settings get refreshed so you don\'t overwrite your old values. Feel free to save your settings either way if you don\'t mind losing the settings between the last save and now. There are also backup files created if you need to compare your settings later.', //General 'SCAN_SUBNETS_name' => 'Subnets to scan', diff --git a/front/settings.php b/front/settings.php index 4a7e221d..f37a585f 100644 --- a/front/settings.php +++ b/front/settings.php @@ -51,7 +51,7 @@ CommitDB();

- + Last time imported from the pialert.conf file:
!= settingsNumber) { - showModalOk('WARNING', ''); + showModalOk('WARNING', ""); } - // --------------------------------------------------------- - function getParam(targetId, key, skipCache = false) { - - skipCacheQuery = ""; - - if(skipCache) - { - skipCacheQuery = "&skipcache"; - } - - // get parameter value - $.get('php/server/parameters.php?action=get¶meter='+ key + skipCacheQuery, function(data) { - var result = data; - - document.getElementById(targetId).innerHTML = result.replaceAll('"', ''); - - }); - } // --------------------------------------------------------- function addInterface() @@ -344,7 +326,7 @@ CommitDB(); function saveSettings() { if( != settingsNumber) { - showModalOk('WARNING', ''); + showModalOk('WARNING', ""); } else { $.ajax({ @@ -359,6 +341,47 @@ CommitDB(); }); } } + + // --------------------------------------------------------- + function getParam(targetId, key, skipCache = false, callback) { + + skipCacheQuery = ""; + + if(skipCache) + { + skipCacheQuery = "&skipcache"; + } + + // get parameter value + $.get('php/server/parameters.php?action=get¶meter='+ key + skipCacheQuery, function(data, callback) { + + var result = data; + + if(key == "Back_Settings_Imported") + { + fileModificationTime = ; + importedMiliseconds = parseInt(result.match( /\d+/g ).join('')); // sanitize the string and get only the numbers + + result = (new Date(importedMiliseconds)).toLocaleString("en-UK", { timeZone: "" }); //.toDateString(""); + + // check if displayed settings are outdated + if(fileModificationTime > importedMiliseconds) + { + showModalOk('WARNING: Outdated settings displayed', ""); + } + } else{ + result = result.replaceAll('"', ''); + } + + document.getElementById(targetId).innerHTML = result; + + }); + } + + // --------------------------------------------------------- + + + diff --git a/pholus/pholus3.py b/pholus/pholus3.py index ce592593..735e7a42 100644 --- a/pholus/pholus3.py +++ b/pholus/pholus3.py @@ -55,6 +55,17 @@ def file_print(*args): file.close() +def file_print_pr(*args): + + result = '' + + file = open(logPath + "/pialert_pholus_subp_pr.log", "a") + for arg in args: + result += str(arg) + print(result) + file.write(result + '\n') + file.close() + def sanitize_string(input): if isinstance(input, bytes): input = input.decode('utf-8') @@ -182,6 +193,11 @@ class Sniffer_Offline(): ### THE HANDLER THAT THE TWO SNIFFERS CALL - THIS MAKES THE MAIN JOB ### ######################################################################## def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,interface,d4,d6,target_mac,auto_fake_responses,source_IPv6,source_IPv4,target_mac1,target_mac2,source_mac,hlimit,workstation,printer,googlecast,airtv,flood,flooding_timeout,flodding_interval,v4,v6): + + file_print(">>>>>>> Timestamp 0.0210: ", timeNow()) + file_print_pr(">>>>>>> Timestamp 0.0210: ", timeNow()) + file_print_pr(">>>>>>> Test ") + dns_type = {12: "PTR", 28: "AAAA", 13: "HINFO",33: "SRV", 1: "A", 255: "* (ANY)", 16: "TXT", 15: "MX", 6: "SOA", 256: "URI", 5: "CNAME",39: "DNAME"} Ether_src=packets.getlayer(Ether).src IP_src=None @@ -189,8 +205,13 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int IP_src=packets.getlayer(IPv6).src elif packets.haslayer(IP): IP_src=packets.getlayer(IP).src + else: + file_print(">>>>>>> Timestamp 0.021: ", timeNow()) + file_print_pr(">>>>>>> Test 2") + res0= Ether_src + " | " + IP_src.ljust(27) if packets.haslayer(DNS): + file_print_pr(">>>>>>> Test 4") dns=packets.getlayer(DNS) if (conflict or dos_ttl) and dns.ancount>0: DNSBlocks = [ ] @@ -240,15 +261,18 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int new_p.rclass=p.rclass new_p.rdlen=p.rdlen new_p.rdata=p.rdata - new_DNS_packet=new_DNS_packet/new_p + new_DNS_packet=new_DNS_packet/new_p if unidns: new_packet=new_packet/UDP(dport=53)/new_DNS_packet else: new_packet=new_packet/UDP(dport=5353,sport=5353)/new_DNS_packet for x in range(0,2):#Send each packet twice + file_print_pr(">>>>>>> Test 6") sendp(new_packet,iface=interface) + file_print_pr(">>>>>>> Test 6.1") elif auto_fake_responses or (not (dos_ttl or conflict)): ## IF THIS IS A QUERY ## + file_print_pr(">>>>>>> Test 6.2") if dns.opcode==0: res0 = res0 + "" if dns.qdcount>0: @@ -456,7 +480,9 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A") else: dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A") + file_print_pr(">>>>>>> Test 6.23") send_packets(v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,d4,source_IPv6,d6,interface,hlimit,dns_packet,False,10.0,0.1)#CHANGE DEFAULT VALUES + file_print_pr(">>>>>>> Test 6.24") ### END "IF WE NEED TO AUTO RESPOND WITH A FAKE RESPONSE ### NEXT LINES ARE ONLY USED TO PRINT RESULTS ### if dnsqr.qclass==32769: @@ -492,6 +518,7 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int else: ARtype=str(dnsrropt.type) res = res0 + " | Additional_Record | " + rrname.decode("utf-8") + " " + ARtype + file_print_pr(">>>>>>> Test 6.24") if dnsrropt.haslayer(EDNS0TLV): edns0tlv=dnsrropt.getlayer(EDNS0TLV) if edns0tlv.optcode==4: @@ -566,12 +593,16 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int res = res + " TTL:"+str(dnsrr.ttl) if print_res==1: file_print(res) + file_print_pr(">>>>>>> Test 6.27") queue.put(res) block = block.payload + file_print_pr(">>>>>>> Test 6.270") + if dns.ancount>0: DNSBlocks = [ ] DNSBlocks.append(dns.an) for block in DNSBlocks: + file_print_pr(">>>>>>> Test 6.271") while isinstance(block,DNSRR): dnsrr=block.getlayer(DNSRR) if dnsrr.rclass==1: @@ -593,16 +624,20 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int if isinstance(rdata,list): rdata = b" ".join(rdata).decode("utf-8") res = res0 + " | Answer | "+dnsrr.rrname.decode("utf-8") + " " + dns_type[dnsrr.type]+" " + rclass + ' "' +rdata+'"' + file_print_pr(">>>>>>> Test 6.272004") if show_ttl: res = res + " TTL:"+str(dnsrr.ttl) if print_res==1: file_print(res) queue.put(res) block = block.payload + file_print_pr(">>>>>>> Test 6.272") if dns.nscount>0: + file_print_pr(">>>>>>> Test 6.273") DNSBlocks = [ ] DNSBlocks.append(dns.ns) for block in DNSBlocks: + file_print_pr(">>>>>>> Test 6.28") while isinstance(block,DNSRR): dnsrr=block.getlayer(DNSRR) if dnsrr.rclass==1: @@ -621,10 +656,19 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int res = res + " TTL:"+str(dnsrr.ttl) if print_res==1: file_print(res) + file_print_pr(">>>>>>> Test 6.274") queue.put(res) - block = block.payload + block = block.payload + else: + file_print_pr(">>>>>>> Test 6.27200") else: file_print("not a DNS Query", dns.summary()) + file_print_pr(">>>>>>> Test 6.272001") + else: + file_print_pr(">>>>>>> Test 6.2720055") + else: + file_print_pr(">>>>>>> Test 3") + ######################################## ########### REQUEST FUNCTION ########### @@ -889,6 +933,7 @@ def main(): file_print(">>>>>>> Timestamp 0.02: ", timeNow()) file_print("------------------------------------------------------------------------") time.sleep(1)#to make sure than sniffer has started before we proceed, otherwise you may miss some traffic + file_print(">>>>>>> Timestamp 0.03: ", timeNow()) ########################################################################################################## if values.request: file_print(">>>>>>> Timestamp 1: ", timeNow())