scan

package
v0.0.0-...-1b4ddf7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 20, 2024 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const CANARY_APPLE_DOMAIN_MASK = "mask.icloud.com."
View Source 
const CANARY_APPLE_DOMAIN_MASK_H2 = "mask-h2.icloud.com."
View Source 
const CANARY_MOZILLA_DOMAIN = "use-application-dns.net."
View Source 
const CANARY_SCAN_TYPE = "canary"
View Source 
const CERTIFICATE_SCAN_TYPE = "certificate"
View Source 
const DDR_DNSSEC_SCAN_TYPE = "DDR_DNSSEC"
View Source 
const DDR_SCAN_TYPE = "DDR"
View Source 
const DOH_SCAN_TYPE = "DoH"
View Source 
const DOQ_SCAN_TYPE = "DoQ"
View Source 
const DOT_SCAN_TYPE = "DoT"
View Source 
const EDSR_SCAN_TYPE = "EDSR"
View Source 
const FINGERPRINT_SCAN_TYPE = "fingerprint"
View Source 
const PTR_SCAN_TYPE = "PTR"
View Source 
const SCAN_CACHE_TIME = 36 * time.Hour

the time a scan usually takes

Variables

View Source 
var CANARY_DOMAINS = []string{
	CANARY_MOZILLA_DOMAIN,
}

nolint: gochecknoglobals

Functions

func CheckForDoEProtocol 

func CheckForDoEProtocol(scanId string, targetName string, protocol string, res *query.ConventionalDNSResponse) (svcbRR *svcb.SVCBRR, errColl []custom_errors.DoEErrors)

Types

type CanaryScan 

type CanaryScan struct {
	Scan

	Meta   *CanaryScanMetaInformation     `json:"meta"`
	Query  *query.ConventionalDNSQuery    `json:"query"`
	Result *query.ConventionalDNSResponse `json:"result"`
}

func NewCanaryScan 

func NewCanaryScan(q *query.ConventionalDNSQuery, runId string, vantagePoint string) *CanaryScan

func (*CanaryScan) GetIdentifier 

func (scan *CanaryScan) GetIdentifier() string

func (*CanaryScan) GetMetaInformation 

func (scan *CanaryScan) GetMetaInformation() *ScanMetaInformation

func (*CanaryScan) GetScanId 

func (scan *CanaryScan) GetScanId() string

func (*CanaryScan) GetType 

func (scan *CanaryScan) GetType() string

func (*CanaryScan) Marshal 

func (scan *CanaryScan) Marshal() (bytes []byte, err error)

type CanaryScanMetaInformation 

type CanaryScanMetaInformation struct {
	IpVersion string `json:"ip_version"`

	ScanMetaInformation
}

type CertificateScan 

type CertificateScan struct {
	Scan

	Meta   *CertificateScanMetaInformation `json:"meta"`
	Query  *query.CertificateQuery         `json:"query"`
	Result *query.CertificateResponse      `json:"result"`
}

func NewCertificateScan 

func NewCertificateScan(q *query.CertificateQuery, rootScanId, parentScanId, runId, vantagePoint string) *CertificateScan

func (*CertificateScan) GetIdentifier 

func (scan *CertificateScan) GetIdentifier() string

func (*CertificateScan) GetMetaInformation 

func (scan *CertificateScan) GetMetaInformation() *ScanMetaInformation

func (*CertificateScan) GetScanId 

func (scan *CertificateScan) GetScanId() string

func (*CertificateScan) GetType 

func (scan *CertificateScan) GetType() string

func (*CertificateScan) Marshal 

func (scan *CertificateScan) Marshal() (bytes []byte, err error)

type CertificateScanMetaInformation 

type CertificateScanMetaInformation struct {
	ScanMetaInformation
}

type DDRDNSSECScan 

type DDRDNSSECScan struct {
	Scan

	Meta   *DDRDNSSECScanMetaInformation  `json:"meta"`
	Query  *query.ConventionalDNSQuery    `json:"query"`
	Result *query.ConventionalDNSResponse `json:"result"`
}

func NewDDRDNSSECScan 

func NewDDRDNSSECScan(targetName, host, parentScanId, rootScanId, runId, vantagePoint string) *DDRDNSSECScan

func (*DDRDNSSECScan) GetIdentifier 

func (scan *DDRDNSSECScan) GetIdentifier() string

func (*DDRDNSSECScan) GetMetaInformation 

func (scan *DDRDNSSECScan) GetMetaInformation() *ScanMetaInformation

func (*DDRDNSSECScan) GetScanId 

func (scan *DDRDNSSECScan) GetScanId() string

func (*DDRDNSSECScan) GetType 

func (scan *DDRDNSSECScan) GetType() string

func (*DDRDNSSECScan) Marshal 

func (scan *DDRDNSSECScan) Marshal() (bytes []byte, err error)

type DDRDNSSECScanMetaInformation 

type DDRDNSSECScanMetaInformation struct {
	ScanMetaInformation

	OriginTargetName string
}

type DDRScan 

type DDRScan struct {
	Scan

	Meta   *DDRScanMetaInformation        `json:"meta"`
	Query  *query.ConventionalDNSQuery    `json:"query"`
	Result *query.ConventionalDNSResponse `json:"result"`
}

func NewDDRScan 

func NewDDRScan(q *query.ConventionalDNSQuery, scheduleDoEScans bool, runId string, vantagePoint string) *DDRScan

func (*DDRScan) CreateScansFromResponse 

func (scan *DDRScan) CreateScansFromResponse() ([]Scan, []custom_errors.DoEErrors)

func (*DDRScan) GetIdentifier 

func (scan *DDRScan) GetIdentifier() string

func (*DDRScan) GetMetaInformation 

func (scan *DDRScan) GetMetaInformation() *ScanMetaInformation

func (*DDRScan) GetScanId 

func (scan *DDRScan) GetScanId() string

func (*DDRScan) GetType 

func (scan *DDRScan) GetType() string

func (*DDRScan) Marshal 

func (scan *DDRScan) Marshal() (bytes []byte, err error)

type DDRScanMetaInformation 

type DDRScanMetaInformation struct {
	ScanMetaInformation

	IpVersion               string `json:"ip_version"`
	ScheduleDoEScans        bool   `json:"schedule_doe_scans"`
	ScheduleFingerprintScan bool   `json:"schedule_fingerprint_scan"`
	PTRScheduled            bool   `json:"ptr_scheduled"`
}

type DoEScan 

type DoEScan interface {
	Scan

	GetDoEQuery() *query.DoEQuery
}

type DoHScan 

type DoHScan struct {
	Scan

	Meta   *DoHScanMetaInformation `json:"meta"`
	Query  *query.DoHQuery         `json:"query"`
	Result *query.DoHResponse      `json:"result"`
}

func NewDoHScan 

func NewDoHScan(q *query.DoHQuery, parentScanId, rootScanId, runId, vantagePoint string) *DoHScan

func (*DoHScan) GetDoEQuery 

func (scan *DoHScan) GetDoEQuery() *query.DoEQuery

func (*DoHScan) GetIdentifier 

func (scan *DoHScan) GetIdentifier() string

func (*DoHScan) GetMetaInformation 

func (scan *DoHScan) GetMetaInformation() *ScanMetaInformation

func (*DoHScan) GetScanId 

func (scan *DoHScan) GetScanId() string

func (*DoHScan) GetType 

func (scan *DoHScan) GetType() string

func (*DoHScan) Marshal 

func (scan *DoHScan) Marshal() (bytes []byte, err error)

type DoHScanMetaInformation 

type DoHScanMetaInformation struct {
	ScanMetaInformation
}

type DoQScan 

type DoQScan struct {
	Scan

	Meta   *DoQScanMetaInformation `json:"meta"`
	Query  *query.DoQQuery         `json:"query"`
	Result *query.DoQResponse      `json:"result"`
}

func NewDoQScan 

func NewDoQScan(q *query.DoQQuery, parentScanId, rootScanId, runId, vantagePoint string) *DoQScan

func (*DoQScan) GetDoEQuery 

func (scan *DoQScan) GetDoEQuery() *query.DoEQuery

func (*DoQScan) GetIdentifier 

func (scan *DoQScan) GetIdentifier() string

func (*DoQScan) GetMetaInformation 

func (scan *DoQScan) GetMetaInformation() *ScanMetaInformation

func (*DoQScan) GetScanId 

func (scan *DoQScan) GetScanId() string

func (*DoQScan) GetType 

func (scan *DoQScan) GetType() string

func (*DoQScan) Marshal 

func (scan *DoQScan) Marshal() (bytes []byte, err error)

type DoQScanMetaInformation 

type DoQScanMetaInformation struct {
	ScanMetaInformation
}

type DoTScan 

type DoTScan struct {
	DoEScan

	Meta   *DoTScanMetaInformation `json:"meta"`
	Query  *query.DoTQuery         `json:"query"`
	Result *query.DoTResponse      `json:"result"`
}

func NewDoTScan 

func NewDoTScan(q *query.DoTQuery, parentScanId, rootScanId, runId, vantagePoint string) *DoTScan

func (*DoTScan) GetDoEQuery 

func (scan *DoTScan) GetDoEQuery() *query.DoEQuery

func (*DoTScan) GetIdentifier 

func (scan *DoTScan) GetIdentifier() string

func (*DoTScan) GetMetaInformation 

func (scan *DoTScan) GetMetaInformation() *ScanMetaInformation

func (*DoTScan) GetScanId 

func (scan *DoTScan) GetScanId() string

func (*DoTScan) GetType 

func (scan *DoTScan) GetType() string

func (*DoTScan) Marshal 

func (scan *DoTScan) Marshal() (bytes []byte, err error)

type DoTScanMetaInformation 

type DoTScanMetaInformation struct {
	ScanMetaInformation
}

type EDSRHop 

type EDSRHop struct {
	Id             string                         `json:"id"`
	ChildNodes     []string                       `json:"child_nodes"`
	Hop            int                            `json:"hop"`
	Errors         []custom_errors.DoEErrors      `json:"errors"`
	Query          *query.ConventionalDNSQuery    `json:"query"`
	Result         *query.ConventionalDNSResponse `json:"result"`
	ConsideredSVCB *svcb.SVCBRR                   `json:"considered_svcb"`
	GlueRecords    []*GlueRecord                  `json:"glue_records"`
}

func NewEDSRHop 

func NewEDSRHop(parentHop int, query *query.ConventionalDNSQuery) *EDSRHop

type EDSRResult 

type EDSRResult struct {
	// true if there is at least one valid EDSR redirection (including to the host itself)
	EDSRDetected bool `json:"edsr_detected"`

	Redirections []*EDSRHop `json:"hops"`
}

type EDSRScan 

type EDSRScan struct {
	Scan

	Meta *EDSRScanMetaInformation `json:"meta"`

	// the protocol to scan for, e.g., h2, h3, dot, doq, etc.
	Protocol string `json:"protocol"`

	// the targetName to scan for in SVCB records (see strict origin redirection in the draft)
	TargetName string `json:"target_name"`

	// the host to start the EDSR scan from
	Host string `json:"host"`

	Result *EDSRResult `json:"result"`
}

see https://www.ietf.org/id/draft-jt-add-dns-server-redirection-04.html

func NewEDSRScan 

func NewEDSRScan(targetName, host, protocol, parentScanId, rootScanId, runId, vantagePoint string) *EDSRScan

func (*EDSRScan) GetIdentifier 

func (scan *EDSRScan) GetIdentifier() string

func (*EDSRScan) GetMetaInformation 

func (scan *EDSRScan) GetMetaInformation() *ScanMetaInformation

func (*EDSRScan) GetScanId 

func (scan *EDSRScan) GetScanId() string

func (*EDSRScan) GetType 

func (scan *EDSRScan) GetType() string

func (*EDSRScan) Marshal 

func (scan *EDSRScan) Marshal() (bytes []byte, err error)

type EDSRScanMetaInformation 

type EDSRScanMetaInformation struct {
	ScanMetaInformation
}

type FingerprintScan 

type FingerprintScan struct {
	Scan

	Meta *FingerprintScanMetaInformation `json:"meta"`

	VersionBindQuery   *query.ConventionalDNSQuery `json:"version_bind_query"`
	VersionServerQuery *query.ConventionalDNSQuery `json:"version_server_query"`
	SSHQuery           *query.SSHQuery             `json:"ssh_query"`

	VersionBindResult   *query.ConventionalDNSResponse `json:"version_bind_result"`
	VersionServerResult *query.ConventionalDNSResponse `json:"version_server_result"`
	SSHResult           *query.SSHResponse             `json:"ssh_result"`
}

func NewFingerprintScan 

func NewFingerprintScan(host string, rootScanId, parentScanId, runId, vantagePoint string) *FingerprintScan

func (*FingerprintScan) GetIdentifier 

func (scan *FingerprintScan) GetIdentifier() string

func (*FingerprintScan) GetMetaInformation 

func (scan *FingerprintScan) GetMetaInformation() *ScanMetaInformation

func (*FingerprintScan) GetScanId 

func (scan *FingerprintScan) GetScanId() string

func (*FingerprintScan) GetType 

func (scan *FingerprintScan) GetType() string

func (*FingerprintScan) Marshal 

func (scan *FingerprintScan) Marshal() (bytes []byte, err error)

type FingerprintScanMetaInformation 

type FingerprintScanMetaInformation struct {
	ScanMetaInformation
}

type GlueRecord 

type GlueRecord struct {
	IP   net.IP `json:"ip"`
	Host string `json:"host"`
}

type PTRScan 

type PTRScan struct {
	Scan

	Meta   *PTRScanMetaInformation        `json:"meta"`
	Query  *query.ConventionalDNSQuery    `json:"query"`
	Result *query.ConventionalDNSResponse `json:"result"`
}

func NewPTRScan 

func NewPTRScan(q *query.ConventionalDNSQuery, parentScanId, rootScanId, runId, vantagePoint string) *PTRScan

TODO: Just pass meta information as a struct

func (*PTRScan) GetIdentifier 

func (scan *PTRScan) GetIdentifier() string

func (*PTRScan) GetMetaInformation 

func (scan *PTRScan) GetMetaInformation() *ScanMetaInformation

func (*PTRScan) GetType 

func (scan *PTRScan) GetType() string

func (*PTRScan) Marshal 

func (scan *PTRScan) Marshal() (bytes []byte, err error)

type PTRScanMetaInformation 

type PTRScanMetaInformation struct {
	ScanMetaInformation
}

type Scan 

type Scan interface {
	GetType() string
	GetMetaInformation() *ScanMetaInformation
	Marshal() ([]byte, error)
	GetIdentifier() string
}

type ScanCache 

type ScanCache struct {
	// contains filtered or unexported fields
}

ScanCache is a cache for scans

func NewScanCache 

func NewScanCache() *ScanCache

NewScanCache creates a new ScanCache

func (*ScanCache) AddScan 

func (cs *ScanCache) AddScan(s Scan)

AddScan adds a scan to the run cache and resets the timer

func (*ScanCache) Clear 

func (cs *ScanCache) Clear()

func (*ScanCache) ContainsScan 

func (cs *ScanCache) ContainsScan(s Scan) (string, bool)

ContainsScan checks if a scan is in the run cache, returns the scanId if found

type ScanMetaInformation 

type ScanMetaInformation struct {
	// RunId is a unique identifier for a set of scans
	RunId string `json:"run_id"`

	// ScanId is a unique identifier for a single scan
	ScanId string `json:"scan_id"`

	// IsOnBlocklist is true if the scan is on the blocklist
	IsOnBlocklist bool `json:"is_on_blocklist"`

	// ParentScanId is the scan id of the scan that triggered this scan
	ParentScanId string `json:"parent_scan_id"`

	// RootScanId is the scan id of the scan that started the scan chain
	RootScanId string `json:"root_scan_id"`

	// VantagePoint is the vantage point from which the scan was started
	VantagePoint string `json:"vantage_point"`

	// Scheduled is the time when the scan was scheduled, i.e., when the scan was created and scheduled to kafka
	Scheduled time.Time `json:"scheduled"`

	// Started is the time when the scan was started
	Started time.Time `json:"started"`

	// Finished is the time when the scan was finished
	Finished time.Time `json:"finished"`

	// the children scans of this scan (DoE, PTR, EDSR, ...)
	Children []string `json:"children"`

	// Errors is a list of errors that occurred during the scan
	Errors []custom_errors.DoEErrors `json:"errors"`
}

func NewScanMetaInformation 

func NewScanMetaInformation(parentScanId, rootScanId, runId, vantagePoint string) *ScanMetaInformation

func (*ScanMetaInformation) AddError 

func (smi *ScanMetaInformation) AddError(err ...custom_errors.DoEErrors)

func (*ScanMetaInformation) GenerateRunId 

func (smi *ScanMetaInformation) GenerateRunId()

func (*ScanMetaInformation) GenerateScanId 

func (smi *ScanMetaInformation) GenerateScanId()

func (*ScanMetaInformation) Schedule 

func (smi *ScanMetaInformation) Schedule()

func (*ScanMetaInformation) SetFinished 

func (smi *ScanMetaInformation) SetFinished()

func (*ScanMetaInformation) SetScheduled 

func (smi *ScanMetaInformation) SetScheduled()

func (*ScanMetaInformation) SetStarted 

func (smi *ScanMetaInformation) SetStarted()

type ScanRunCache 

type ScanRunCache struct {
	RunId string

	CacheTime time.Duration
	// contains filtered or unexported fields
}

ScanRunCache is a cache for scans of a single run, cleared after SCAN_CACHE_TIME if no new scans are added

func NewScanRunContainer 

func NewScanRunContainer(runId string) *ScanRunCache

NewScanRunContainer creates a new ScanRunCache, the timer is started

func (*ScanRunCache) AddScan 

func (src *ScanRunCache) AddScan(s Scan)

AddScan adds a scan to the cache and resets the timer

func (*ScanRunCache) ContainsScan 

func (src *ScanRunCache) ContainsScan(s Scan) (string, bool)

ContainsScan checks if a scan is in the cache, returns the scanId if found

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.