scanner

package
v0.0.0-...-eef1a0c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 6, 2019 License: GPL-3.0 Imports: 30 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Hash cache enum
	HashCacheSHA256 = 1
	HashCacheSHA1   = 2
	HashCacheNone   = 3
)

Variables

This section is empty.

Functions

func CreateSubmoasOutput 

func CreateSubmoasOutput(input string, results map[string]*ScanResult) ([]byte, error)

CreateSubmoasOutput returns the SubmoasOutput for an input string and IP address-ScanResult pairs

func GenerateTargetsFromSeed 

func GenerateTargetsFromSeed(seed string, increment, offset int64, targetChan chan *Target, newTarget func(string) Target)

GenerateTargetsFromSeed generates target IPs using a seeded LCG and sends them to the channnel

func LineCounter 

func LineCounter(filename string) (int64, error)

LineCounter returns the number of lines in a file Adapted from: http://stackoverflow.com/questions/24562942/golang-how-do-i-determine-the-number-of-lines-in-a-file-efficiently

func Marshal 

func Marshal(output interface{}) ([]byte, error)

Marshal returns the byte array when passing the SubmoasInput structs

func ReadCiphersFromAsset 

func ReadCiphersFromAsset() map[uint16]string

ReadCiphersFromAsset reads TLS cipher suites http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml

func ReadGitVersionFromAsset 

func ReadGitVersionFromAsset() string

ReadGitVersionFromAsset reads current git version hash

func ReadIPsFromTxt 

func ReadIPsFromTxt(filename string, targetChan chan *Target, newTarget func(string) Target)

ReadIPsFromTxt reads IP addresses separated by newlines from an input file and sends them to the channel

func ReadTargetsFromJSON 

func ReadTargetsFromJSON(filename string, targetChan chan *Target, newTarget func(string) Target)

ReadTargetsFromJSON reads targets from a JSON input file and sends them to the channel

Types

type CertHostTLSTarget 

type CertHostTLSTarget struct {
	Target
	// contains filtered or unexported fields
}

CertHostTLSTarget contains multiple TLS hosts to be scanned

func (*CertHostTLSTarget) AddResult 

func (h *CertHostTLSTarget) AddResult(address string, res *ScanResult)

AddResult appends one host result to this TLS target

func (*CertHostTLSTarget) Domains 

func (h *CertHostTLSTarget) Domains() []string

Domains returns a slice with one domain string, SNI is enabled

func (*CertHostTLSTarget) Dump 

func (h *CertHostTLSTarget) Dump(hostFh, certFh, chrFh, httpFh *os.File, timediff time.Duration, certCache map[string]bool, cipherSuites map[uint16]string, skipErrors bool, cacheFunc func([]byte) []byte) error

Dump writes the retrieved certificates to a csv file

func (*CertHostTLSTarget) IPs 

func (h *CertHostTLSTarget) IPs() []string

IPs returns a slice of IPs for this TLS target

func (*CertHostTLSTarget) Results 

func (h *CertHostTLSTarget) Results() map[string]*ScanResult

Results returns the results for all scanned hosts of this TLS host

type DumpTLSTarget 

type DumpTLSTarget struct {
	Target
	DumpableTarget
	// contains filtered or unexported fields
}

DumpTLSTarget contains a single TLS target whose result can be dumped

func (*DumpTLSTarget) AddResult 

func (h *DumpTLSTarget) AddResult(address string, res *ScanResult)

AddResult sets the result for this TLS host

func (*DumpTLSTarget) Domains 

func (h *DumpTLSTarget) Domains() []string

Domains returns a slice with one empty string, SNI is not implemented.

func (*DumpTLSTarget) Dump 

func (h *DumpTLSTarget) Dump(baseDir string) error

Dump writes the retrieved certificates to a directory

func (*DumpTLSTarget) IPs 

func (h *DumpTLSTarget) IPs() []string

IPs returns a slice of IPs for this TLS target

func (*DumpTLSTarget) Results 

func (h *DumpTLSTarget) Results() map[string]*ScanResult

Results returns the result for this TLS host

type DumpableTarget 

type DumpableTarget interface {
	Target
	Dump(dir string)
}

DumpableTarget allows to dump output in a directory

type HTTPResult 

type HTTPResult struct {
	// contains filtered or unexported fields
}

HTTPResult is the result of a HTTPS connection with a specific HTTP request

type IPProvider 

type IPProvider struct {
	// contains filtered or unexported fields
}

IPProvider is an instance of the LCG-based IP address generator

func NewIPProvider 

func NewIPProvider(seed string, increment, offset int64) *IPProvider

NewIPProvider returns a pointer to a new IPProvider struct

func (*IPProvider) GenerateNextRandomIP 

func (ip *IPProvider) GenerateNextRandomIP() (net.IP, error)

GenerateNextRandomIP returns the next IP address skipping private and other reserved ranges

type JSONableTarget 

type JSONableTarget interface {
	Target
	JSON() interface{}
}

JSONableTarget allows to create a JSON represenation of the target

type MultiTLSTarget 

type MultiTLSTarget struct {
	Target
	DumpableTarget
	JSONableTarget
	// contains filtered or unexported fields
}

MultiTLSTarget contains multiple TLS hosts to be scanned

func (*MultiTLSTarget) AddResult 

func (h *MultiTLSTarget) AddResult(address string, res *ScanResult)

AddResult appends one host result to this TLS target

func (*MultiTLSTarget) Domains 

func (h *MultiTLSTarget) Domains() []string

Domains returns a slice with empty strings, SNI is not implemented.

func (*MultiTLSTarget) Dump 

func (h *MultiTLSTarget) Dump(baseDir string) error

Dump writes the retrieved certificates to a directory

func (*MultiTLSTarget) IPs 

func (h *MultiTLSTarget) IPs() []string

IPs returns a list of TLS IPs to be scanned

func (*MultiTLSTarget) JSON 

func (h *MultiTLSTarget) JSON() ([]byte, error)

JSON returns a JSON encoding for this target

func (*MultiTLSTarget) Results 

func (h *MultiTLSTarget) Results() map[string]*ScanResult

Results returns the results for all scanned hosts of this TLS host

type Processor 

type Processor struct {
	ResultProcessor
	OutputChan <-chan *Target
}

Processor is the base result processing struct, embedding a ResultProcessor

func (Processor) Process 

func (p Processor) Process()

Process is the result processing loop which calls the functions of the embedded ResultProcessor

type ProtocolScanner 

type ProtocolScanner interface {
	ScanProtocol(conn net.Conn, target *Target, timeout time.Duration, synStart time.Time, synEnd time.Time)
	InputChannel() chan *Target
	OutputChannel() chan *Target
}

ProtocolScanner is used to implement protocol scanning

type ResultProcessor 

type ResultProcessor interface {
	Prepare()
	ProcessResult(*Target)
	Finish()
}

ResultProcessor has one function for processing results, additionally Prepare and Finish functions

func NewSSHHostKeyHostProcessor 

func NewSSHHostKeyHostProcessor(hostkeyfile, hostfile, relfile string, skipErrors bool) ResultProcessor

NewSSHHostKeyHostProcessor returns a new processor for results of scanned SSH hosts

func NewTLSCertHostProcessor 

func NewTLSCertHostProcessor(certfile, hostfile, chrfile, httpfile string, skipErrors bool, hashCache int) ResultProcessor

NewTLSCertHostProcessor returns a new processor for results of scanned TLS hosts

func NewTLSDumpProcessor 

func NewTLSDumpProcessor(certDir string) (ResultProcessor, error)

NewTLSDumpProcessor returns a new processor for results of live scanned TLS hosts

func NewTLSLiveProcessor 

func NewTLSLiveProcessor(jsonFilename, certDir, tableName string) (ResultProcessor, error)

NewTLSLiveProcessor returns a new processor for results of live scanned TLS hosts

type SSHHostKeyHostProcessor 

type SSHHostKeyHostProcessor struct {
	// contains filtered or unexported fields
}

SSHHostKeyHostProcessor implements the processing of SSH scanning results

func (SSHHostKeyHostProcessor) Finish 

func (t SSHHostKeyHostProcessor) Finish()

Finish is called after the results have been processed

func (SSHHostKeyHostProcessor) Prepare 

func (t SSHHostKeyHostProcessor) Prepare()

Prepare is called before the results are being processed

func (SSHHostKeyHostProcessor) ProcessResult 

func (t SSHHostKeyHostProcessor) ProcessResult(hIn *Target)

ProcessResult dumps the hostKey

type SSHResult 

type SSHResult struct {
	// contains filtered or unexported fields
}

SSHResult is an instance of result from ScanResult with SSH host keys, version and cipher

type SSHScanner 

type SSHScanner struct {
	// contains filtered or unexported fields
}

SSHScanner implements the scanning of the SSH protocol

func NewSSHScanner 

func NewSSHScanner() SSHScanner

NewSSHScanner returns an initialized SSHScanner struct

func (SSHScanner) InputChannel 

func (s SSHScanner) InputChannel() chan *Target

InputChannel returns the input channel for reading and writing targets

func (SSHScanner) OutputChannel 

func (s SSHScanner) OutputChannel() chan *Target

OutputChannel returns the output channel for reading and writing results

func (SSHScanner) ScanProtocol 

func (s SSHScanner) ScanProtocol(conn net.Conn, host *Target, timeout time.Duration, synStart time.Time, synEnd time.Time)

ScanProtocol performs the actual SSH scan and adds results to the target

type SSHTarget 

type SSHTarget struct {
	Target
	// contains filtered or unexported fields
}

func (*SSHTarget) AddResult 

func (h *SSHTarget) AddResult(address string, res *ScanResult)

AddResult sets the result for this SSH host

func (*SSHTarget) Domains 

func (h *SSHTarget) Domains() []string

Domains returns a slice with an empty string, SNI is not implemented this function only exists to match the Target interface

func (*SSHTarget) Dump 

func (h *SSHTarget) Dump(hostFh, hostKeyFh, relFh *os.File, timediff time.Duration, hostKeyCache map[string]bool, skipErrors bool) error

Dump writes the retrieved certificates to a csv file

func (*SSHTarget) IPs 

func (h *SSHTarget) IPs() []string

IPs returns a slice of IPs for this SSH target

func (*SSHTarget) Results 

func (h *SSHTarget) Results() map[string]*ScanResult

Results returns the result for this SSH host

type ScanDb 

type ScanDb struct {
	// contains filtered or unexported fields
}

ScanDb represents an SQL database along with the table name used for queries

func PostgresDb 

func PostgresDb(config, tableName string) (*ScanDb, error)

PostgresDb returns a ScanDb with an underlying PostgreSQL database

func SqliteDb 

func SqliteDb(dbFile, tableName string) (*ScanDb, error)

SqliteDb returns a ScanDb with an underlying SQLite database

func (*ScanDb) Close 

func (sdb *ScanDb) Close()

Close closes the underlying database connection

func (*ScanDb) QueryChecksum 

func (sdb *ScanDb) QueryChecksum(ipPort string, checksum string) bool

QueryChecksum returns true if the checksum for the IP, port matches

type ScanResult 

type ScanResult struct {
	// contains filtered or unexported fields
}

ScanResult contains the time when the measurement occurred and the result

type Scanner 

type Scanner struct {
	ProtocolScanner
	NumRoutines int
	QPS         int
	ConnTimeout time.Duration
	SynTimeout  time.Duration
	SourceIP    *net.TCPAddr
	InputFile   string
}

Scanner is the base struct that handles the scanning loop

func (Scanner) Scan 

func (s Scanner) Scan()

Scan executes the scanning loop. It is non-blocking.

type SubmoasInput 

type SubmoasInput struct {
	Least   string   `json:"least"`
	LeastO  []int    `json:"least_o"`
	Most    string   `json:"most"`
	MostO   []int    `json:"most_o"`
	Targets []string `json:"targets"`
}

SubmoasInput is one JSON object read from the input file

func Unmarshal 

func Unmarshal(input []byte) ([]SubmoasInput, error)

Unmarshal returns the SubmoasInput when passing the bytes read from a file

type SubmoasOutput 

type SubmoasOutput struct {
	Least   string                   `json:"least"`
	LeastO  []int                    `json:"least_o"`
	Most    string                   `json:"most"`
	MostO   []int                    `json:"most_o"`
	Targets map[string]SubmoasTarget `json:"targets"`
}

SubmoasOutput is one JSON object which will be written to the output file

type SubmoasTarget 

type SubmoasTarget struct {
	Timestamp string `json:"scanEnd"`
	Result    string `json:"result"`
}

SubmoasTarget is the result of the scanning procedure

type TLSCertHostProcessor 

type TLSCertHostProcessor struct {
	// contains filtered or unexported fields
}

TLSCertHostProcessor implements the processing of TLS scanning results

func (TLSCertHostProcessor) Finish 

func (t TLSCertHostProcessor) Finish()

Finish is called after the results have been processed

func (TLSCertHostProcessor) Prepare 

func (t TLSCertHostProcessor) Prepare()

Prepare is called before the results are being processed

func (TLSCertHostProcessor) ProcessResult 

func (t TLSCertHostProcessor) ProcessResult(hIn *Target)

ProcessResult dumps the certificate chain

type TLSDumpProcessor 

type TLSDumpProcessor struct {
	// contains filtered or unexported fields
}

TLSDumpProcessor implements the processing of TLS scanning results

func (TLSDumpProcessor) Finish 

func (t TLSDumpProcessor) Finish()

Finish is called after the results have been processed

func (TLSDumpProcessor) Prepare 

func (t TLSDumpProcessor) Prepare()

Prepare is called before the results are being processed

func (TLSDumpProcessor) ProcessResult 

func (t TLSDumpProcessor) ProcessResult(hIn *Target)

ProcessResult dumps the certificate chain

type TLSLiveProcessor 

type TLSLiveProcessor struct {
	// contains filtered or unexported fields
}

TLSLiveProcessor implements the processing of TLS scanning results

func (TLSLiveProcessor) Finish 

func (t TLSLiveProcessor) Finish()

Finish is called after the results have been processed

func (TLSLiveProcessor) Prepare 

func (t TLSLiveProcessor) Prepare()

Prepare is called before the results are being processed

func (TLSLiveProcessor) ProcessResult 

func (t TLSLiveProcessor) ProcessResult(hIn *Target)

ProcessResult checks the database, writes the JSON output and dumps the certificate chain

type TLSResult 

type TLSResult struct {
	// contains filtered or unexported fields
}

TLSResult is an instance of result from ScanResult with TLS certificates, version and cipher

type TLSScanner 

type TLSScanner struct {
	HTTPHeaders  []string
	HTTPRequests []string
	// contains filtered or unexported fields
}

TLSScanner implements the scanning of the TLS protocol

func NewTLSScanner 

func NewTLSScanner(httpHeaders string, httpRequests []string) TLSScanner

NewTLSScanner returns an initialized TLSScanner struct

func (TLSScanner) InputChannel 

func (s TLSScanner) InputChannel() chan *Target

InputChannel returns the input channel for reading and writing targets

func (TLSScanner) OutputChannel 

func (s TLSScanner) OutputChannel() chan *Target

OutputChannel returns the output channel for reading and writing resutls

func (TLSScanner) ScanProtocol 

func (s TLSScanner) ScanProtocol(conn net.Conn, host *Target, timeout time.Duration, synStart time.Time, synEnd time.Time)

ScanProtocol performs the actual TLS scan and adds results to the target

type TLSTarget 

type TLSTarget struct {
	Target
	// contains filtered or unexported fields
}

TLSTarget contains a single TLS host to be scanned

func (*TLSTarget) AddResult 

func (h *TLSTarget) AddResult(address string, res *ScanResult)

AddResult sets the result for this TLS host

func (*TLSTarget) Domains 

func (h *TLSTarget) Domains() []string

Domains returns a slice with an empty string, SNI is not implemented

func (*TLSTarget) IPs 

func (h *TLSTarget) IPs() []string

IPs returns a slice of IPs for this TLS target

func (*TLSTarget) Results 

func (h *TLSTarget) Results() map[string]*ScanResult

Results returns the result for this TLS host

type Target 

type Target interface {
	IPs() []string
	Results() map[string]*ScanResult
	AddResult(string, *ScanResult)
	Domains() []string
}

Target symbolizes a host or a group of hosts

func NewCertHostTLSTarget 

func NewCertHostTLSTarget(input string) Target

NewCertHostTLSTarget returns a pointer to a TLS target with multiple hosts

func NewDumpTLSTarget 

func NewDumpTLSTarget(input string) Target

NewDumpTLSTarget returns a pointer to a new DumpTLSTarget struct

func NewMultiTLSTarget 

func NewMultiTLSTarget(input string) Target

NewMultiTLSTarget returns a pointer to a TLS target with multiple hosts

func NewSSHTarget 

func NewSSHTarget(input string) Target

NewSSHTarget returns a pointer to a new SSHTarget struct

func NewTLSTarget 

func NewTLSTarget(input string) Target

NewTLSTarget returns a pointer to a new TLSTarget struct

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.