vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

nmap 0.2

Browse Source
This commit is contained in:
Jokob-sk
2023-01-02 19:42:53 +11:00
parent 86d2e6258d
commit f8b6b5272b
5 changed files with 179 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
back/pialert.py
View File

@@ -291,12 +291,13 @@ PHOLUS_RUN = 'once'
PHOLUS_RUN_TIMEOUT = 300
PHOLUS_RUN_SCHD = '0 4 * * *'
# Pholus settings
# Nmap settings
# ----------------------
NMAP_ACTIVE = False
NMAP_TIMEOUT = 120
NMAP_RUN = 'once'
NMAP_RUN_SCHD = '0 2 * * *'
NMAP_ARGS = '-p -10000'
#===============================================================================
# Initialise user defined values
@@ -373,7 +374,7 @@ def importConfig ():
# Pholus
global PHOLUS_ACTIVE, PHOLUS_TIMEOUT, PHOLUS_FORCE, PHOLUS_DAYS_DATA, PHOLUS_RUN, PHOLUS_RUN_SCHD, PHOLUS_RUN_TIMEOUT
# Nmap
global NMAP_ACTIVE, NMAP_TIMEOUT, NMAP_RUN, NMAP_RUN_SCHD
global NMAP_ACTIVE, NMAP_TIMEOUT, NMAP_RUN, NMAP_RUN_SCHD, NMAP_ARGS
# get config file
@@ -467,6 +468,7 @@ def importConfig ():
NMAP_TIMEOUT = check_config_dict('NMAP_TIMEOUT', NMAP_TIMEOUT , config_dict)
NMAP_RUN = check_config_dict('NMAP_RUN', NMAP_RUN , config_dict)
NMAP_RUN_SCHD = check_config_dict('NMAP_RUN_SCHD', NMAP_RUN_SCHD , config_dict)
NMAP_ARGS = check_config_dict('NMAP_ARGS', NMAP_ARGS , config_dict)
# Code_Name, Display_Name, Description, Type, Options, Value, Group
@@ -550,7 +552,8 @@ def importConfig ():
('NMAP_ACTIVE', 'Enable Nmap scans', '', 'boolean', '', '' , str(NMAP_ACTIVE) , 'Nmap'),
('NMAP_TIMEOUT', 'Nmap timeout', '', 'integer', '', '' , str(NMAP_TIMEOUT) , 'Nmap'),
('NMAP_RUN', 'Nmap enable schedule', '', 'selecttext', "['none', 'once', 'schedule']", '' , str(NMAP_RUN) , 'Nmap'),
('NMAP_RUN_SCHD', 'Nmap schedule', '', 'text', '', '' , str(NMAP_RUN_SCHD) , 'Nmap')
('NMAP_RUN_SCHD', 'Nmap schedule', '', 'text', '', '' , str(NMAP_RUN_SCHD) , 'Nmap'),
('NMAP_ARGS', 'Nmap custom arguments', '', 'text', '', '' , str(NMAP_ARGS) , 'Nmap')
]
@@ -698,17 +701,29 @@ def main ():
if run:
nmapSchedule.last_run = datetime.datetime.now(tz).replace(microsecond=0)
performNmapScan(NMAP_TIMEOUT)
performNmapScan(get_all_devices())
# Perform an arp-scan if not disable with a file
# Perform an arp-scan if not disabled with a file
if last_network_scan + datetime.timedelta(minutes=SCAN_CYCLE_MINUTES) < time_started and os.path.exists(STOPARPSCAN) == False:
last_network_scan = time_started
cycle = 1 # network scan
scan_network()
# Check if new devices need to be scanned with Nmap
if NMAP_ACTIVE:
sql.execute ("""SELECT eve_IP as dev_LastIP, eve_MAC as dev_MACq FROM Events_Devices
WHERE eve_PendingAlertEmail = 1
AND eve_EventType = 'New Device'
ORDER BY eve_DateTime""")
rows = sql.fetchall()
commitDB()
performNmapScan(rows)
# Reporting
if cycle in check_report:
email_reporting()
send_notifications()
# clean up the DB once a day
if last_cleanup + datetime.timedelta(hours = 24) < time_started:
@@ -942,6 +957,17 @@ def cleanup_database ():
AND Pholus_Scan.Value = p2.Value
AND Pholus_Scan.Record_Type = p2.Record_Type
);""")
# De-Dupe (de-duplicate - remove duplicate entries) from the Nmap_Scan table
file_print(' Nmap_Scan: Delete all duplicates')
sql.execute ("""DELETE FROM Nmap_Scan
WHERE rowid > (
SELECT MIN(rowid) FROM Nmap_Scan p2
WHERE Nmap_Scan.MAC = p2.MAC
AND Nmap_Scan.Port = p2.Port
AND Nmap_Scan.State = p2.State
AND Nmap_Scan.Service = p2.Service
);""")
# Shrink DB
file_print(' Shrink Database')
@@ -1737,15 +1763,8 @@ def update_devices_names ():
# file_print(sql.rowcount)
#-------------------------------------------------------------------------------
def performNmapScan(timeoutSec, ip = ""):
devicesToScan = []
# Check if we got a specific IP or if we scan all devices
if ip != "":
devicesToScan.append(ip)
else:
# Get all devices
devicesToScan = get_all_devices()
def performNmapScan(devicesToScan):
timeoutSec = NMAP_TIMEOUT
updateState("Scan: Nmap")
@@ -1759,7 +1778,10 @@ def performNmapScan(timeoutSec, ip = ""):
# nmap -p portFrom-portTo 192.168.1.3
# nmap -p -10000 192.168.1.3
nmapArgs = ['nmap', '-p', "-10000", device["dev_LastIP"]]
nmapArgs = ['nmap'] + NMAP_ARGS.split() + [device["dev_LastIP"]]
# nmapArgs = nmapArgs.append(NMAP_ARGS.split())
# nmapArgs = nmapArgs.append(device["dev_LastIP"])
try:
# try runnning a subprocess with a forced (timeout + 30 seconds) in case the subprocess hangs
@@ -1802,8 +1824,8 @@ def performNmapScan(timeoutSec, ip = ""):
params.append((device["dev_MAC"], timeNow(), line.split()[0], line.split()[1], line.split()[2], ''))
elif 'Nmap done' in line:
duration = line.split('scanned in ')[1]
else:
file_print('>>>>>', line, 'len', len(line.split()))
# else:
# file_print('>>>>>', line, 'len', len(line.split()))
index += 1
if len(params) > 0:
@@ -2176,7 +2198,7 @@ def skip_repeated_notifications ():
# create a json for webhook and mqtt notifications to provide further integration options
json_final = []
def email_reporting ():
def send_notifications ():
global mail_text
global mail_html

91
front/deviceDetails.php
View File

@@ -460,9 +460,9 @@
<div class="tab-pane fade" id="panNmap">
<?php
if ($_REQUEST['mac'] == 'Internet') {
?>
<?php
if ($_REQUEST['mac'] == 'Internet') {
?>
<h4 class="">Online Speedtest</h4>
<div style="width:100%; text-align: center; margin-bottom: 50px;">
<button type="button" id="speedtestcli" class="btn btn-primary pa-btn" style="margin: auto;" onclick="speedtestcli()">Start Speedtest</button>
@@ -482,9 +482,9 @@ if ($_REQUEST['mac'] == 'Internet') {
})
}
</script>
<?php
}
?>
<?php
}
?>
<h4 class="">Nmap Scans</h4>
<div style="width:100%; text-align: center;">
<script>
@@ -531,12 +531,32 @@ if ($_REQUEST['mac'] == 'Internet') {
})
}
</script>
<table id="tableNmap" class="table table-bordered table-hover table-striped ">
<thead>
<tr>
<th>Index</th>
<th>Time</th>
<th>Port</th>
<th>State</th>
<th>Service</th>
<th>Extra</th>
</tr>
</thead>
<!-- Comment out tbody when trying to implement better table with datatables here -->
<!-- IDEA: Show unmatched pholus entries? -->
<tbody id="tableNmapBody">
<tr id="tableNmapPlc" class="text-center"><td colspan='7'><span><?php echo lang("DevDetail_Tab_NmapEmpty"); ?></span></td></tr>
</tbody>
</table>
</div>
<!-- ----------------------------------------------------------------------- -->
@@ -1612,9 +1632,57 @@ function initializeTabsNew () {
{
loadPholus();
}
if(target == "#panNmap")
{
loadNmap();
}
});
}
// -----------------------------------------------------------------------------
function loadNmap()
{
// console.log(mac)
// console.log('php/server/devices.php?action=getPholus&mac='+ mac)
$(".deviceSpecific").remove();
$.get('php/server/devices.php?action=getNmap&mac='+ mac, function(data) {
data = sanitize(data);
if(data != "false" && $.trim(data) != [])
{
var listData = JSON.parse(data);
var order = 1;
// console.log(listData)
// console.log(listData[0].MAC)
tableRows = "";
// for each item
listData.forEach(function (item, index) {
tableRows += '<tr class="deviceSpecific"><td>'+item.Index+'</td><td>'+item.Time+'</td><td>'+item.Port+'</td><td>'+item.State+'</td><td>'+item.Service+'</td><td>'+item.Extra+'</td></tr>';
});
$("#tableNmapBody").html($("#tableNmapBody").html()+tableRows);
// $("#tablePholusPlc").attr("style", "display:none");
$("#tableNmapPlc").hide();
}
else
{
// console.log("else")
$("#tableNmapPlc").show();
$(".deviceSpecific").remove();
}
});
}
// -----------------------------------------------------------------------------
function loadPholus()
{
// console.log(mac)
@@ -1760,10 +1828,6 @@ $("#"+tableId).attr("data-mac", mac)
$('#'+tableId).on( 'length.dt', function ( e, settings, len ) {
setParameter (parSessionsRows, len);
// Sync Rows in both datatables
// if ( $('#tableEvents').DataTable().page.len() != len) {
// $('#tableEvents').DataTable().page.len( len ).draw();
// }
} );
}
@@ -1777,11 +1841,16 @@ window.onload = function async()
function reloadTab()
{
// load tab data only when needed (tab change)
// tab loaded without switching
if(getCache("activeDevicesTab") == "tabPholus")
{
loadPholus();
}
if(getCache("activeDevicesTab") == "tabNmap")
{
loadNmap();
}
}

50
front/php/server/devices.php
View File

@@ -56,6 +56,7 @@
case 'getGroups': getGroups(); break;
case 'getLocations': getLocations(); break;
case 'getPholus': getPholus(); break;
case 'getNmap': getNmap(); break;
default: logServerConsole ('Action: '. $action); break;
}
@@ -900,7 +901,7 @@ function getLocations() {
}
//------------------------------------------------------------------------------
// Query the List of locations
// Query the List of Pholus entries
//------------------------------------------------------------------------------
function getPholus() {
global $db;
@@ -947,6 +948,53 @@ function getPholus() {
}
}
//------------------------------------------------------------------------------
// Query the List of Nmap entries
//------------------------------------------------------------------------------
function getNmap() {
global $db;
// SQL
$mac = $_REQUEST['mac'];
if ($mac == "Internet") // Not performing data lookup for router (improvement idea for later maybe)
{
echo "false";
return;
}
if (false === filter_var($mac , FILTER_VALIDATE_MAC)) {
throw new Exception('Invalid mac address');
}
else{
$sql = 'SELECT * from Nmap_Scan where MAC ="'.$mac.'" ';
// array
$tableData = array();
// execute query
$result = $db->query($sql);
while ($row = $result -> fetchArray (SQLITE3_ASSOC)){
// Push row data
$tableData[] = array( 'Index' => $row['Index'],
'MAC' => $row['MAC'],
'Port' => $row['Port'],
'Time' => $row['Time'],
'State' => $row['State'],
'Service' => $row['Service'],
'Extra' => $row['Extra']);
}
if(count($tableData) == 0)
{
echo "false";
} else{
// Return json
echo (json_encode ($tableData));
}
}
}
//------------------------------------------------------------------------------
// Status Where conditions
//------------------------------------------------------------------------------

13
front/php/templates/language/en_us.php
View File

@@ -155,6 +155,7 @@ $lang['en_us'] = array(
'DevDetail_Tab_Events' => 'Events',
'DevDetail_Tab_Pholus' => 'Pholus',
'DevDetail_Tab_PholusEmpty' => 'Nothing sniffed out with Pholus for this device.',
'DevDetail_Tab_NmapEmpty' => 'No ports detected with Nmap on this device.',
'DevDetail_MainInfo_Title' => 'Main Info',
'DevDetail_MainInfo_mac' => 'MAC',
'DevDetail_MainInfo_Name' => 'Name',
@@ -453,7 +454,7 @@ the arp-scan will take hours to complete instead of seconds.
'PIALERT_WEB_PASSWORD_name' => 'Login password',
'PIALERT_WEB_PASSWORD_description' => 'The default password is <code>123456</code>. To change the password run <code>/home/pi/pialert/back/pialert-cli</code> in the container',
'INCLUDED_SECTIONS_name' => 'Notify on',
'INCLUDED_SECTIONS_description' => 'Specifies which events trigger notifications. Remove the event type(s) you don\'t want to get notified on. This setting overrides device-specific settings in the UI. (CTRL + Click to select / deselect).',
'INCLUDED_SECTIONS_description' => 'Specifies which events trigger notifications. Remove the event type(s) you don\'t want to get notified on. This setting overrides device-specific settings in the UI. (<code>CTRL + Click</code> to select / deselect).',
'SCAN_CYCLE_MINUTES_name' => 'Scan cycle delay',
'SCAN_CYCLE_MINUTES_description' => 'The delay between scans. If using arp-scan, the scan time itself depends on the number of IP addresses to check. This is influenced by the network mask set in the <a href="#SCAN_SUBNETS"><code>SCAN_SUBNETS</code> setting</a> at the top. Every IP takes a couple seconds to scan.',
'DAYS_TO_KEEP_EVENTS_name' => 'Delete events older than',
@@ -564,20 +565,22 @@ the arp-scan will take hours to complete instead of seconds.
'PHOLUS_RUN_TIMEOUT_name' => 'Scheduled run timeout',
'PHOLUS_RUN_TIMEOUT_description' => 'The timeout in seconds for the scheduled Pholus scan. Same notes regarding the duration apply as on the <a href="#PHOLUS_TIMEOUT"><code>PHOLUS_TIMEOUT</code> setting</a>. A scheduled scan doesn\'t check if there are <code>(unknown)</code> or <code>(name not found)</code> devices, the scan is executed either way.',
'PHOLUS_RUN_SCHD_name' => 'Schedule',
'PHOLUS_RUN_SCHD_description' => 'Only run if you select <code>schedule</code> in the <a href="#PHOLUS_RUN"><code>PHOLUS_RUN</code> setting</a>. Make sure you enter the schedule in the correct cron-like format
'PHOLUS_RUN_SCHD_description' => 'Only enabled if you select <code>schedule</code> in the <a href="#PHOLUS_RUN"><code>PHOLUS_RUN</code> setting</a>. Make sure you enter the schedule in the correct cron-like format
(e.g. validate at <a href="https://crontab.guru/" target="_blank">crontab.guru</a>). For example entering <code>0 4 * * *</code> will run the scan after 4 am in the <a href="#TIMEZONE"><code>TIMEZONE</code> you set above</a>. Will be run NEXT time the time passes.',
'PHOLUS_DAYS_DATA_name' => 'Data retention',
'PHOLUS_DAYS_DATA_description' => 'How many days of Pholus scan entries should be kept (globally, not device specific!). The <a href="/maintenance.php#tab_Logging">pialert_pholus.log</a> file is not touched. Enter <code>0</code> to disable.',
// Nmap
'NMAP_ACTIVE_name' => 'Cycle run',
'NMAP_ACTIVE_description' => 'If enabled this will execute the scan before every network scan cycle. For a scheduled or one-off scan, check the <a href="#NMAP_RUN"><code>NMAP_RUN</code> setting</a>.',
'NMAP_ACTIVE_description' => 'If enabled this will execute the scan every time a new device is found on the network. For a scheduled or one-off scan, check the <a href="#NMAP_RUN"><code>NMAP_RUN</code> setting</a>.',
'NMAP_TIMEOUT_name' => 'Run timeout',
'NMAP_TIMEOUT_description' => 'Maximum time to wait for an Nmap scan to finish.',
'NMAP_TIMEOUT_description' => 'Maximum time to wait for an Nmap scan to finish on any device.',
'NMAP_RUN_name' => 'Scheduled run',
'NMAP_RUN_description' => 'Enable a regular Nmap scan on your network on all devices. The scheduling settings can be found below. If you select <code>once</code> Nmap is run only once on start for the time specified in <a href="#NMAP_TIMEOUT"><code>NMAP_TIMEOUT</code> setting</a>.',
'NMAP_RUN_SCHD_name' => 'Schedule',
'NMAP_RUN_SCHD_description' => 'Only run if you select <code>schedule</code> in the <a href="#NMAP_RUN"><code>NMAP_RUN</code> setting</a>. Make sure you enter the schedule in the correct cron-like format.',
'NMAP_RUN_SCHD_description' => 'Only enabled if you select <code>schedule</code> in the <a href="#NMAP_RUN"><code>NMAP_RUN</code> setting</a>. Make sure you enter the schedule in the correct cron-like format.',
'NMAP_ARGS_name' => 'Arguments',
'NMAP_ARGS_description' => 'Arguments used to run the Nmap scan. Be careful to specify <a href="https://linux.die.net/man/1/nmap" target="_blank">the arguments</a> correctly. For example <code>-p -10000</code> scans ports from 1 to 10000.',
);

2
front/settings.php
View File

@@ -247,7 +247,7 @@ CommitDB();
<script>
// number of settings has to be equal to
var settingsNumber = 57;
var settingsNumber = 58;
// Wrong number of settings processing
if(<?php echo count($settings)?> != settingsNumber)