File Coverage

blib/lib/Metabrik/Network/Nmap.pm

Criterion	Covered	Total	%
statement	9	89	10.1
branch	0	20	0.0
condition	0	3	0.0
subroutine	3	8	37.5
pod	1	4	25.0
total	13	124	10.4

line	stmt	bran	cond	sub	pod	time	code
1							#
2							# $Id$
3							#
4							# network::nmap Brik
5							#
6							package Metabrik::Network::Nmap;
7	1			1		704	use strict;
	1					2
	1					28
8	1			1		5	use warnings;
	1					2
	1					26
9
10	1			1		6	use base qw(Metabrik::System::Package);
	1					2
	1					1018
11
12							sub brik_properties {
13							return {
14	0			0	1		revision => '$Revision$',
15							tags => [ qw(unstable security scan vulnerability vuln port portscan synscan syn udpscan scanner nmap) ],
16							author => 'GomoR ',
17							license => 'http://opensource.org/licenses/BSD-3-Clause',
18							attributes => {
19							datadir => [ qw(datadir) ],
20							targets => [ qw(nmap_targets) ],
21							ports => [ qw(nmap_ports) ],
22							args => [ qw(nmap_args) ],
23							rate => [ qw(integer_packet_per_seconds) ],
24							max_retries => [ qw(integer) ],
25							service_scan => [ qw(0\|1) ],
26							save_output => [ qw(0\|1) ],
27							},
28							attributes_default => {
29							targets => '127.0.0.1',
30							ports => '--top-ports 1000',
31							args => '-n -Pn',
32							rate => 10_000,
33							max_retries => 3,
34							service_scan => 0,
35							save_output => 0,
36							},
37							commands => {
38							install => [ ], # Inherited
39							tcp_syn => [ ],
40							tcp_connect => [ ],
41							udp => [ ],
42							},
43							require_binaries => {
44							'sudo' => [ ],
45							'nmap' => [ ],
46							},
47							need_packages => {
48							ubuntu => [ qw(nmap) ],
49							debian => [ qw(nmap) ],
50							kali => [ qw(nmap) ],
51							},
52							};
53							}
54
55							sub _nmap_parse {
56	0			0			my $self = shift;
57	0						my ($cmd, $result) = @_;
58
59	0						my $parsed = {};
60
61	0						push @{$parsed->{raw}}, $cmd;
	0
62
63	0						my $host = 'undef';
64	0						my $ip = 'undef';
65	0						for (split(/\n/, $result)) {
66	0						push @{$parsed->{raw}}, $_;
	0
67	0	0					if (/^Nmap scan report for (\S+)\s$?(\S?)$?$/) {
		0
68	0	0	0				if (defined($2) && length($2)) { # We have both hostname and IP address
69	0						$host = $1;
70	0						$ip = $2;
71							}
72							else { # We have only IP address
73	0						$ip = $1;
74							}
75							}
76							# With service scan enabled
77							# 22/tcp open ssh (protocol 2.0)
78							# 3690/tcp open svn?
79							elsif (/^(\d+)\/tcp\s+(\S+)\s+(\S+)\s(.)$/) {
80	0						my $port = $1;
81	0						my $state = $2;
82	0						my $service = $3;
83	0						my $tail = $4;
84	0						$parsed->{$ip}->{$port} = { state => $state, service => $service, port => $port, host => $host, ip => $ip };
85	0						$parsed->{$ip}->{$state}->{$port} = { state => $state, service => $service, port => $port, host => $host, ip => $ip };
86	0	0					if (defined($tail)) {
87	0						$parsed->{$ip}->{$port}->{tail} = $tail;
88	0						$parsed->{$ip}->{$state}->{$port}->{tail} = $tail;
89							}
90							}
91							}
92
93	0						return $parsed;
94							}
95
96							sub tcp_syn {
97	0			0	0		my $self = shift;
98
99	0						my $args = $self->args;
100	0						my $targets = $self->targets;
101	0						my $ports = $self->ports;
102	0						my $max_retries = $self->max_retries;
103	0						my $rate = $self->rate;
104	0						my $service_scan = $self->service_scan;
105	0						my $save_output = $self->save_output;
106
107	0						my $datadir = $self->datadir;
108
109	0						my $cmd = "sudo nmap -v -sS --max-retries $max_retries --min-rate $rate --max-rate $rate $args";
110	0	0					if ($service_scan) {
111	0						$cmd .= " -sV";
112							}
113	0	0					if ($save_output) {
114	0						$cmd .= " -oA $datadir/nmap_output";
115							}
116	0						$cmd .= " $ports $targets";
117
118	0						my $result = `$cmd`;
119
120	0						my $parsed = $self->_nmap_parse($cmd, $result);
121
122	0						return $parsed;
123							}
124
125							# nmap -sT -sV --top-port 500 -Pn -n -v -oA nmap_output_topXXX
126							# nmap -sT --max-retries 3 --min-rate 10000 --max-rate 10000 -n -Pn -sV -oA nmap_output --top-ports 100 127.0.0.1
127							sub tcp_connect {
128	0			0	0		my $self = shift;
129
130	0						my $args = $self->args;
131	0						my $targets = $self->targets;
132	0						my $ports = $self->ports;
133	0						my $max_retries = $self->max_retries;
134	0						my $rate = $self->rate;
135	0						my $service_scan = $self->service_scan;
136	0						my $save_output = $self->save_output;
137
138	0						my $datadir = $self->datadir;
139
140	0						my $cmd = "sudo nmap -v -sT --max-retries $max_retries --min-rate $rate --max-rate $rate $args";
141	0	0					if ($service_scan) {
142	0						$cmd .= " -sV";
143							}
144	0	0					if ($save_output) {
145	0						$cmd .= " -oA $datadir/nmap_output";
146							}
147	0						$cmd .= " $ports $targets";
148
149	0						my $result = `$cmd`;
150
151	0						my $parsed = $self->_nmap_parse($cmd, $result);
152
153	0						return $parsed;
154							}
155
156							sub udp {
157	0			0	0		my $self = shift;
158
159	0						my $args = $self->args;
160	0						my $targets = $self->targets;
161	0						my $ports = $self->ports;
162	0						my $max_retries = $self->max_retries;
163	0						my $rate = $self->rate;
164	0						my $service_scan = $self->service_scan;
165	0						my $save_output = $self->save_output;
166
167	0						my $datadir = $self->datadir;
168
169	0						my $cmd = "sudo nmap -v -sU --max-retries $max_retries --min-rate $rate --max-rate $rate $args";
170	0	0					if ($service_scan) {
171	0						$cmd .= " -sV";
172							}
173	0	0					if ($save_output) {
174	0						$cmd .= " -oA $datadir/nmap_output";
175							}
176	0						$cmd .= " $ports $targets";
177
178	0						my $result = `$cmd`;
179
180	0						my $parsed = $self->_nmap_parse($cmd, $result);
181
182	0						return $parsed;
183							}
184
185							1;
186
187							__END__