fixed discovery

This commit is contained in:
snoop 2017-08-09 18:02:40 +09:00
parent 4913cff255
commit 919cc9faa7
11 changed files with 139 additions and 92 deletions

View File

@ -38,7 +38,7 @@ func Scan(host *types.DiscoveryHost, tcpCB tcpRecvCallback) {
Send(host, nil)
time.Sleep(time.Second * 3)
time.Sleep(time.Second * 20)
//communicate.Send(events.NewEvent(events.CENTRAL_EVENT, events.NewPortEndEvent(host.Zone.CidrInt64(), host.Ip, host.Histories, types.TYPE_TCP)))

View File

@ -5,9 +5,10 @@ import (
"git.loafle.net/overflow/overflow_probe/matcher"
"git.loafle.net/overflow/overflow_probe/matcher/packet"
log "github.com/cihub/seelog"
"git.loafle.net/overflow/overflow_probe/model/scaninfo"
)
func processPostPacket(mats []matcher.Matcher, info *types.ServiceScanInfo, m ConnFactory) bool {
func processPostPacket(mats []matcher.Matcher, info scaninfo.ServiceScanInfo, m ConnFactory) bool {
var ser *types.DiscoveryService = nil
var curMatcher matcher.Matcher = nil
@ -15,10 +16,11 @@ func processPostPacket(mats []matcher.Matcher, info *types.ServiceScanInfo, m Co
for i := 0; i < len(mats); i++ {
info.History = make([]*types.ServiceScanHistory, 0)
conn, err := m.createSocket(info.Port.Host.Ip_, info.Port.Port_)
//info.History = make([]*types.ServiceScanHistory, 0)
//conn, err := m.createSocket(info.Port.Host.Ip_, info.Port.Port_)
conn, err := m.createSocket(info.GetIP(), info.GetPort())
if err != nil {
log.Error(m.Type() + " process postpacket create socket error :" + info.Port.Host.Ip_ + " port: " + info.Port.Port_ + " error: " + err.Error())
log.Error(m.Type() + " process postpacket create socket error :" + info.GetIP() + " port: " + info.GetPort() + " error: " + err.Error())
break
}
curMatcher = mats[i]
@ -33,20 +35,26 @@ func processPostPacket(mats []matcher.Matcher, info *types.ServiceScanInfo, m Co
if l != p.Len {
break
}
AddServiceScanHistory(
&info.History,
types.NewServiceScanHistory(info.Port, curMatcher.ServiceName(), types.DIRECTION_SEND, p.Buffer))
//AddServiceScanHistory(
// &info.History,
// types.NewServiceScanHistory(info.Port, curMatcher.ServiceName(), types.DIRECTION_SEND, p.Buffer))
//AddServiceScanHistory(info, curMatcher.ServiceName(), types.DIRECTION_SEND, p.Buffer)
info.SetHistory(types.NewServiceScanHistory(info.GetDiscoveryPort(), curMatcher.ServiceName(), types.DIRECTION_SEND, p.Buffer))
buf := make([]byte, 1024)
l, err = conn.Read(buf)
AddServiceScanHistory(
&info.History,
types.NewServiceScanHistory(info.Port, curMatcher.ServiceName(), types.DIRECTION_RECV, p.Buffer))
//AddServiceScanHistory(
// &info.History,
// types.NewServiceScanHistory(info.Port, curMatcher.ServiceName(), types.DIRECTION_RECV, p.Buffer))
//AddServiceScanHistory(info, curMatcher.ServiceName(), types.DIRECTION_SEND, buf)
info.SetHistory(types.NewServiceScanHistory(info.GetDiscoveryPort(), curMatcher.ServiceName(), types.DIRECTION_RECV, buf))
if err != nil {
if curMatcher.IsNoResponse(indexI) == true {
ser = types.NewService(m.Type(), curMatcher.ServiceName(), info.Port)
ser = types.NewService(m.Type(), curMatcher.ServiceName(), info.GetDiscoveryPort())
isFound = true
break
}
@ -56,7 +64,7 @@ func processPostPacket(mats []matcher.Matcher, info *types.ServiceScanInfo, m Co
if curMatcher.Match(indexI, packet.NewPacket(buf, l), info) == true {
if indexI == (curMatcher.PacketCount() - 1) {
ser = types.NewService(m.Type(), curMatcher.ServiceName(), info.Port)
ser = types.NewService(m.Type(), curMatcher.ServiceName(), info.GetDiscoveryPort())
break
}
isFound = true

View File

@ -5,9 +5,10 @@ import (
"git.loafle.net/overflow/overflow_probe/matcher"
"git.loafle.net/overflow/overflow_probe/matcher/packet"
"net"
"git.loafle.net/overflow/overflow_probe/model/scaninfo"
)
func processPrePacket(conn net.Conn, prepacket *packet.Packet, mats []matcher.Matcher, info *types.ServiceScanInfo, m ConnFactory) bool {
func processPrePacket(conn net.Conn, prepacket *packet.Packet, mats []matcher.Matcher, info scaninfo.ServiceScanInfo, m ConnFactory) bool {
defer conn.Close()
@ -15,16 +16,18 @@ func processPrePacket(conn net.Conn, prepacket *packet.Packet, mats []matcher.Ma
var ser *types.DiscoveryService = nil
for i := 0; i < len(mats); i++ {
info.History = make([]*types.ServiceScanHistory, 0)
//info.History = make([]*types.ServiceScanHistory, 0)
AddServiceScanHistory(
&info.History,
types.NewServiceScanHistory(info.Port, mats[i].ServiceName(), types.DIRECTION_RECV, prepacket.Buffer))
//AddServiceScanHistory(
// &info.History,
// types.NewServiceScanHistory(info.Port, mats[i].ServiceName(), types.DIRECTION_RECV, prepacket.Buffer))
info.SetHistory(types.NewServiceScanHistory(info.GetDiscoveryPort(), mats[i].ServiceName(), types.DIRECTION_RECV, prepacket.Buffer))
if mats[i].Match(0, prepacket, info) == true {
packetCount := mats[i].PacketCount()
if packetCount == 0 {
ser = types.NewService(m.Type(), mats[i].ServiceName(), info.Port)
ser = types.NewService(m.Type(), mats[i].ServiceName(), info.GetDiscoveryPort())
break
}
isFound = false
@ -39,9 +42,10 @@ func processPrePacket(conn net.Conn, prepacket *packet.Packet, mats []matcher.Ma
if l != p.Len {
break
}
AddServiceScanHistory(
&info.History,
types.NewServiceScanHistory(info.Port, mats[i].ServiceName(), types.DIRECTION_SEND, p.Buffer))
//AddServiceScanHistory(
// &info.History,
// types.NewServiceScanHistory(info.Port, mats[i].ServiceName(), types.DIRECTION_SEND, p.Buffer))
info.SetHistory(types.NewServiceScanHistory(info.GetDiscoveryPort(), mats[i].ServiceName(), types.DIRECTION_SEND, p.Buffer))
buffer := make([]byte, 1024)
l, err = conn.Read(buffer)
@ -49,9 +53,10 @@ func processPrePacket(conn net.Conn, prepacket *packet.Packet, mats []matcher.Ma
break
}
AddServiceScanHistory(
&info.History,
types.NewServiceScanHistory(info.Port, mats[i].ServiceName(), types.DIRECTION_RECV, buffer))
//AddServiceScanHistory(
// &info.History,
// types.NewServiceScanHistory(info.Port, mats[i].ServiceName(), types.DIRECTION_RECV, buffer))
info.SetHistory(types.NewServiceScanHistory(info.GetDiscoveryPort(), mats[i].ServiceName(), types.DIRECTION_RECV, buffer))
if mats[i].Match(j+1, packet.NewPacket(buffer, l), info) == true {
isFound = true
@ -61,7 +66,7 @@ func processPrePacket(conn net.Conn, prepacket *packet.Packet, mats []matcher.Ma
}
}
if isFound == true {
ser = types.NewService(m.Type(), mats[i].ServiceName(), info.Port)
ser = types.NewService(m.Type(), mats[i].ServiceName(), info.GetDiscoveryPort())
break
}
}

View File

@ -14,6 +14,7 @@ import (
"net"
"strconv"
"strings"
"git.loafle.net/overflow/overflow_probe/model/scaninfo"
)
func Scan(dp *types.DiscoveryPort) {
@ -24,7 +25,7 @@ func Scan(dp *types.DiscoveryPort) {
ConnFactoryNormal{t: types.TYPE_TCP},
ConnFactoryTLS{t: types.TYPE_TLS},
}
info := types.NewServiceScanInfo(dp)
info := scaninfo.NewScanInfoImpl(dp)
for i := 0; i < len(factories); i++ {
m := factories[i]
@ -125,7 +126,7 @@ func MatchUDPPacket(zone *types.DiscoveryZone, ipString, portString string, udpL
port := types.NewPort(portString, host, types.TYPE_UDP)
mats := matcher.GetUdpMatchers()
info := types.NewServiceScanInfo(port)
info := scaninfo.NewScanInfoImpl(port)
for i := 0; i < len(mats); i++ {
matcher := mats[i]
@ -135,18 +136,18 @@ func MatchUDPPacket(zone *types.DiscoveryZone, ipString, portString string, udpL
key := portString + ":" + types.TYPE_UDP
host.SetPort(key, port)
ser := types.NewService(types.TYPE_UDP, matcher.ServiceName(), info.Port)
ser := types.NewService(types.TYPE_UDP, matcher.ServiceName(), info.GetDiscoveryPort())
AddService(ser, info)
}
}
}
func AddService(ds *types.DiscoveryService, info *types.ServiceScanInfo) {
port := info.Port
func AddService(ds *types.DiscoveryService, info scaninfo.ServiceScanInfo) {
port := info.GetDiscoveryPort()
var serviceName string
if ds != nil {
port.Services = append(port.Services, ds)
port.SetHistory(info.History)
port.SetHistory(info.GetHistories())
serviceName = ds.ServiceName
log.Debugf("%s, %s:%s, Service was found : %s ", ds.PortType, port.Host.Ip_, port.Port_, ds.ServiceName)
} else {
@ -160,11 +161,18 @@ func AddService(ds *types.DiscoveryService, info *types.ServiceScanInfo) {
sendEvent(info, serviceName)
}
func AddServiceScanHistory(histories *[]*types.ServiceScanHistory, h *types.ServiceScanHistory) {
*histories = append(*histories, h)
}
//func AddServiceScanHistory(histories *[]*types.ServiceScanHistory, h *types.ServiceScanHistory) {
// *histories = append(*histories, h)
//}
func sendEvent(info *types.ServiceScanInfo, serviceName string) {
//func AddServiceScanHistory(info scaninfo.ServiceScanInfo, serviceName string, direction string, packet []byte) {
// //*histories = append(*histories, h)
// history := info.GetIP() + ":" +info.GetPort()+ "-" + serviceName + "[" + direction + "]" + "[" + "Packet" + "]"
//
// //info.SetHistory(history)
//}
func sendEvent( info scaninfo.ServiceScanInfo, serviceName string) {
//communicate.Send(
// events.NewEvent(

View File

@ -22,7 +22,7 @@ type Conf struct {
func sendBridge(dhs []types.DiscoveryHistory) {
fp, err := os.Open("bin/bridge_conf.xml")
fp, err := os.Open("discovery/bin/bridge_conf.xml")
if err != nil {
panic(err)
}

View File

@ -50,6 +50,7 @@ func DiscoveryHost(zone *types.DiscoveryZone, wg *sync.WaitGroup, hasPortScan bo
func DiscoverPort(host *types.DiscoveryHost, wg *sync.WaitGroup, hasServiceScan bool) {
discoverPort(host,
func(port *types.DiscoveryPort) {
seelog.Debug("find Port : " + host.Ip_ + ":" + port.Port_)
if hasServiceScan == true {
wg.Add(1)
go DiscoverService(port, wg)

View File

@ -32,7 +32,7 @@ func discoveryHost(zone *types.DiscoveryZone, callback discoverHostCallback) {
h := types.NewHost(packet.SourceProtAddress, packet.SourceHwAddress)
h.FirstScanRange = 1
h.LastScanRange = 10000
h.LastScanRange = 65000
h.Zone = zone
zone.SetHost(keyIp, h)

View File

@ -18,7 +18,7 @@ func TestDiscoverTCPPort(t *testing.T) {
zone := zone.NewZone()
hh := &types.DiscoveryHost{
Ip_: "192.168.1.215",
Ip_: "192.168.1.15",
Ports_: make(map[string]*types.DiscoveryPort, 100),
Ip: 111,
Mac: 222,
@ -26,7 +26,7 @@ func TestDiscoverTCPPort(t *testing.T) {
UpdateDate: timestamp.Now(),
Zone: zone,
FirstScanRange: 1,
LastScanRange: 100,
LastScanRange: 50000,
M: new(sync.RWMutex),
}
@ -34,6 +34,7 @@ func TestDiscoverTCPPort(t *testing.T) {
wg.Add(1)
discoverTcp(&wg, hh, func(port *types.DiscoveryPort) {
fmt.Println(port.Number)
discoverService(port);
})
wg.Wait()

View File

@ -1,29 +1,29 @@
package matcher
import (
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/activedirectory"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/cassandra"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/dns"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/ftp"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/http"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/imap"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/ldap"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/mongodb"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/mssql"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/mysql"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/netbios"
"git.loafle.net/overflow/overflow_probe/matcher/activedirectory"
"git.loafle.net/overflow/overflow_probe/matcher/cassandra"
"git.loafle.net/overflow/overflow_probe/matcher/dns"
"git.loafle.net/overflow/overflow_probe/matcher/ftp"
"git.loafle.net/overflow/overflow_probe/matcher/http"
"git.loafle.net/overflow/overflow_probe/matcher/imap"
"git.loafle.net/overflow/overflow_probe/matcher/ldap"
"git.loafle.net/overflow/overflow_probe/matcher/mongodb"
"git.loafle.net/overflow/overflow_probe/matcher/mssql"
"git.loafle.net/overflow/overflow_probe/matcher/mysql"
"git.loafle.net/overflow/overflow_probe/matcher/netbios"
"git.loafle.net/overflow/overflow_probe/matcher/oracle"
"git.loafle.net/overflow/overflow_probe/matcher/packet"
"git.loafle.net/overflow/overflow_probe/model/scaninfo"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/pop"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/redis"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/rmi"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/smb"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/smtp"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/snmp"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/ssh"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/telnet"
//"git.loafle.net/overflow/overflow_probe/collector/core/scan/service/matcher/wmi"
"git.loafle.net/overflow/overflow_probe/matcher/pop"
"git.loafle.net/overflow/overflow_probe/matcher/redis"
"git.loafle.net/overflow/overflow_probe/matcher/rmi"
"git.loafle.net/overflow/overflow_probe/matcher/smb"
"git.loafle.net/overflow/overflow_probe/matcher/smtp"
"git.loafle.net/overflow/overflow_probe/matcher/snmp"
"git.loafle.net/overflow/overflow_probe/matcher/ssh"
"git.loafle.net/overflow/overflow_probe/matcher/telnet"
"git.loafle.net/overflow/overflow_probe/matcher/wmi"
)
var (
@ -33,29 +33,29 @@ var (
func init() {
//TCP
//TcpMatchers = append(TcpMatchers, smtp.NewSmtpMatcher())
//TcpMatchers = append(TcpMatchers, ldap.NewLDAPMatcher())
//TcpMatchers = append(TcpMatchers, activedirectory.NewActiveDirectoryMatcher())
//TcpMatchers = append(TcpMatchers, mongodb.NewMongoDBMatcher())
//TcpMatchers = append(TcpMatchers, mysql.NewMySqlMatcher())
//TcpMatchers = append(TcpMatchers, mssql.NewMSSqlMatcher())
//TcpMatchers = append(TcpMatchers, redis.NewRedisMatcher())
//TcpMatchers = append(TcpMatchers, redis.NewRedisProtectedMatcher())
//TcpMatchers = append(TcpMatchers, netbios.NewNetBiosMatcher())
//TcpMatchers = append(TcpMatchers, smb.NewSMBMatcher())
//TcpMatchers = append(TcpMatchers, cassandra.NewCassandraMatcher())
//TcpMatchers = append(TcpMatchers, imap.NewIMAPMatcher())
TcpMatchers = append(TcpMatchers, smtp.NewSmtpMatcher())
TcpMatchers = append(TcpMatchers, ldap.NewLDAPMatcher())
TcpMatchers = append(TcpMatchers, activedirectory.NewActiveDirectoryMatcher())
TcpMatchers = append(TcpMatchers, mongodb.NewMongoDBMatcher())
TcpMatchers = append(TcpMatchers, mysql.NewMySqlMatcher())
TcpMatchers = append(TcpMatchers, mssql.NewMSSqlMatcher())
TcpMatchers = append(TcpMatchers, redis.NewRedisMatcher())
TcpMatchers = append(TcpMatchers, redis.NewRedisProtectedMatcher())
TcpMatchers = append(TcpMatchers, netbios.NewNetBiosMatcher())
TcpMatchers = append(TcpMatchers, smb.NewSMBMatcher())
TcpMatchers = append(TcpMatchers, cassandra.NewCassandraMatcher())
TcpMatchers = append(TcpMatchers, imap.NewIMAPMatcher())
TcpMatchers = append(TcpMatchers, oracle.NewOracleMatcher())
//TcpMatchers = append(TcpMatchers, pop.NewPOPMatcher())
//TcpMatchers = append(TcpMatchers, wmi.NewWMIMatcher())
//TcpMatchers = append(TcpMatchers, ftp.NewFTPMatcher())
//TcpMatchers = append(TcpMatchers, http.NewHTTPMatcher())
//TcpMatchers = append(TcpMatchers, rmi.NewRMIMatcher())
//TcpMatchers = append(TcpMatchers, ssh.NewSSHMatcher())
//TcpMatchers = append(TcpMatchers, telnet.NewTelnetMatcher())
//UdpMatchers = append(UdpMatchers, dns.NewDnsMatcher())
//UdpMatchers = append(UdpMatchers, snmp.NewSNMPv2Matcher())
//UdpMatchers = append(UdpMatchers, snmp.NewSNMPv3Matcher())
TcpMatchers = append(TcpMatchers, pop.NewPOPMatcher())
TcpMatchers = append(TcpMatchers, wmi.NewWMIMatcher())
TcpMatchers = append(TcpMatchers, ftp.NewFTPMatcher())
TcpMatchers = append(TcpMatchers, http.NewHTTPMatcher())
TcpMatchers = append(TcpMatchers, rmi.NewRMIMatcher())
TcpMatchers = append(TcpMatchers, ssh.NewSSHMatcher())
TcpMatchers = append(TcpMatchers, telnet.NewTelnetMatcher())
UdpMatchers = append(UdpMatchers, dns.NewDnsMatcher())
UdpMatchers = append(UdpMatchers, snmp.NewSNMPv2Matcher())
UdpMatchers = append(UdpMatchers, snmp.NewSNMPv3Matcher())
}
type Matcher interface {

View File

@ -1,20 +1,34 @@
package scaninfo
import "git.loafle.net/overflow/overflow_probe/discovery/discovery/types"
type ServiceScanInfo interface {
SetHistory(history string)
SetHistory(history *types.ServiceScanHistory)
GetHistories() []*types.ServiceScanHistory
GetPort() string
GetIP() string
GetDiscoveryPort() *types.DiscoveryPort
}
type ScanInfoImpl struct {
Ip string
Port string
//Ip string
//Port string
//histories []string
histories []*types.ServiceScanHistory
discoveryPort *types.DiscoveryPort
}
func (s *ScanInfoImpl) SetHistory(history string) {}
func (s *ScanInfoImpl) GetPort() string { return s.Port }
func (s *ScanInfoImpl) GetIP() string { return s.Ip }
func NewScanInfoImpl(ip string, port string) *ScanInfoImpl {
return &ScanInfoImpl{Ip: ip, Port: port}
func (s *ScanInfoImpl) SetHistory(history *types.ServiceScanHistory) {
//s.histories = append(s.histories, history)
s.histories = append(s.histories, history)
}
func (s *ScanInfoImpl) GetPort() string { return s.discoveryPort.Port_ }
func (s *ScanInfoImpl) GetIP() string { return s.discoveryPort.Host.Ip_ }
func (s *ScanInfoImpl) GetDiscoveryPort() *types.DiscoveryPort { return s.discoveryPort }
func (s *ScanInfoImpl) GetHistories() []*types.ServiceScanHistory { return s.histories }
func NewScanInfoImpl(discoveryPort *types.DiscoveryPort) *ScanInfoImpl {
return &ScanInfoImpl{discoveryPort:discoveryPort}
}

View File

@ -1,7 +1,17 @@
package main
import "testing"
import (
"testing"
"git.loafle.net/overflow/overflow_probe/discovery/bootstrap"
)
func TestFFF(t *testing.T) {
t.Log("aaaa")
}
func TestDiscovery(t *testing.T) {
bootstrap.Start()
}