Commit 390c0978 authored by Jason Frisvold's avatar Jason Frisvold
Browse files

- Updated indentation to use 4 spaces

- New code for spawner
- Spawner using configparser for configs
parent 0df1740e
Python Daemon Package - https://pypi.python.org/pypi/python-daemon/
Server - back end master system
- Push schedule
- Retrieve data
- Parse & store data (thread?)
Server Tools
- Add new task
- Edit task
- Remove task
Reporting
- Create reports
- GUI interface
- Automated reports?
Client - "cloud" component
- Spawn tasks
Server to Server communication - Protocol Buffers??
http://google-opensource.blogspot.com/2008/07/protocol-buffers-googles-data.html
http://code.google.com/p/protobuf/
#* Skynet - Automated "Cloud" Security Scanner *#
#* Copyright (C) 2014 Jason Frisvold <friz@godshell.com> *#
#* *#
#* This program is free software; you can redistribute it and/or modify *#
#* it under the terms of the GNU General Public License as published by *#
#* the Free Software Foundation; either version 2 of the License, or *#
#* (at your option) any later version. *#
#* *#
#* This program is distributed in the hope that it will be useful, *#
#* but WITHOUT ANY WARRANTY; without even the implied warranty of *#
#* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *#
#* GNU General Public License for more details. *#
#* *#
#* You should have received a copy of the GNU General Public License *#
#* along with this program; if not, write to the Free Software *#
#* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA *#
# This file defines the default values used by the spawner
[spawner]
# The configuration directory is where new instructions are placed by the server
# This can be an absolute or relative path.
configdir = config
# The data directory is where the spawner will store internal data.
datadir = spawner_data
# This defines the name of the sqlite database used for timing data. It will be
# located in the datadir.
timingdb = timing.db
\ No newline at end of file
#!/usr/bin/python
#* Skynet - Automated "Cloud" Security Scanner *#
#* Copyright (C) 2014 Jason Frisvold <friz@godshell.com> *#
#* *#
#* This program is free software; you can redistribute it and/or modify *#
#* it under the terms of the GNU General Public License as published by *#
#* the Free Software Foundation; either version 2 of the License, or *#
#* (at your option) any later version. *#
#* *#
#* This program is distributed in the hope that it will be useful, *#
#* but WITHOUT ANY WARRANTY; without even the implied warranty of *#
#* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *#
#* GNU General Public License for more details. *#
#* *#
#* You should have received a copy of the GNU General Public License *#
#* along with this program; if not, write to the Free Software *#
#* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA *#
# Import libraries
import sys
import getopt
import ConfigParser
import os.path
import re
import logging
from datetime import datetime
# Global Variables
verbose = False
programname = 'SkyNet Spawner'
version = '1.0'
configfile = 'spawner.conf'
###
# Main
###
def main(argv):
try:
opts, args = getopt.gnu_getopt(argv, "hvVs:c:", \
["help", "verbose", \
"config", \
"version", \
"license"])
except getopt.GetoptError, err:
print str(err)
usage()
sys.exit(2)
for o, a in opts:
if o in ("-v", "--verbose"):
global verbose
verbose = True
if o in ("-c", "--config"):
global configfile
# TODO : This should be validated
configfile = o
elif o in ("-V", "--version"):
print '{0} {1}'.format(programname, version)
sys.exit()
elif o in ("-h", "--help"):
usage()
sys.exit()
elif o in ("--license"):
license()
sys.exit()
else:
assert False, "unhandled option"
# Load and process the configuration file, if it exists
config = ConfigParser.SafeConfigParser(
defaults={'configdir':'config',
'datadir':'spawner_data',
'timingdb':'timing.db'
})
config.read(configfile)
global configdir
global datadir
global timingdb
configdir = config.get('spawner', 'configdir')
datadir = config.get('spawner', 'datadir')
timingdb = config.get('spawner', 'timingdb')
print 'configdir = {0}'.format(configdir)
print 'datadir = {0}'.format(datadir)
print 'timingdb = {0}'.format(timingdb)
# Endless loop starts?
# Check the config dir for new files
# Process any files found
# Check timing table
# New process spawner
# Handle finished processes
# Go to top of loop
###
# Usage
###
def usage():
print ('Usage: ' + sys.argv[0] + ' [OPTION]... ');
print '{0}'.format(programname)
print
print ('Mandatory arguments to long options are mandatory for short options too.')
print (' -c <file> configuration file')
print (' -f run in the foreground')
print (' -h, --help display this help and exit')
print (' -v, --verbose verbose output')
print (' -V, --version output version information and exit')
print (' --license output license information and exit')
###
# License
###
def license():
print('Copyright (C) 2014 Jason Frisvold <friz@godshell.com>');
print('License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>.');
print('This is free software: you are free to change and redistribute it.');
print('There is NO WARRANTY, to the extent permitted by law.');
print('');
print('Written by Jason Frisvold.');
###
# Run the main program, pass in the CLI arguments (minus the command name)
try:
if __name__ == "__main__":
main(sys.argv[1:])
except KeyboardInterrupt:
sys.exit()
\ No newline at end of file
......@@ -49,7 +49,7 @@ This is a “living” document and is not feature complete. Check back often f
* Number of ports per scan
* Change in hosts/ports per scan
###Reporting subsystem
### Reporting subsystem
* Automated reporting
* Reports triggered by control daemon
* Multiple report types
......@@ -72,7 +72,7 @@ A spawning daemon is responsible for reading the timing table and spawning new p
Finished scans should encrypt the scan results using a public GPG key and the plain text version of the file should be scrubbed. (Can we encrypt on the fly as the scan is running?) All completed files are stored in a holding area until the central processing system retrieves them. After retrieval, reports are scrubbed from the system.
Timing Table Format
Timing Table Format (sqlite3?)
minute hour day month override_flag ip_range nmap_options
......
......@@ -33,170 +33,175 @@ version = '1.0'
# Main
###
def main(argv):
try:
opts, args = getopt.gnu_getopt(argv, "hvVs:", \
["help", "verbose", \
"version", \
"license"])
except getopt.GetoptError, err:
print str(err)
usage()
sys.exit(2)
for o, a in opts:
if o in ("-v", "--verbose"):
global verbose
verbose = True
elif o in ("-V", "--version"):
print '{0} {1}'.format(servername, version)
sys.exit()
elif o in ("-h", "--help"):
usage()
sys.exit()
elif o in ("--license"):
license()
sys.exit()
else:
assert False, "unhandled option"
# Check the service type
try:
service
except NameError:
print "Error: No Service defined"
usage()
sys.exit(2)
# Check the filename option
try:
filehandle = open(statusfilename)
except IOError as err:
print str(err)
sys.exit(2)
if verbose:
print ("Parsing " + statusfilename + " for service " + service)
# Pass the file over to the parse function
parsestatus(filehandle, service)
# Close the file before we exit
filehandle.close()
try:
opts, args = getopt.gnu_getopt(argv, "hvVs:c:", \
["help", "verbose", \
"config", \
"version", \
"license"])
except getopt.GetoptError, err:
print str(err)
usage()
sys.exit(2)
for o, a in opts:
if o in ("-v", "--verbose"):
global verbose
verbose = True
if o in ("-c", "--config"):
global configfile
# TODO : This should be validated
configfile = o
elif o in ("-V", "--version"):
print '{0} {1}'.format(servername, version)
sys.exit()
elif o in ("-h", "--help"):
usage()
sys.exit()
elif o in ("--license"):
license()
sys.exit()
else:
assert False, "unhandled option"
# Check the service type
try:
service
except NameError:
print "Error: No Service defined"
usage()
sys.exit(2)
# Check the filename option
try:
filehandle = open(statusfilename)
except IOError as err:
print str(err)
sys.exit(2)
if verbose:
print ("Parsing " + statusfilename + " for service " + service)
# Pass the file over to the parse function
parsestatus(filehandle, service)
# Close the file before we exit
filehandle.close()
###
# ParseStatus
###
def parsestatus(filehandle, service):
definition = False
service_found = False
service_down = False
host_name = None
while 1:
line = filehandle.readline()
if not line:
break
# Handle each line here
line = line.strip();
# Compile regex first
def_comment = re.compile('^#')
def_start = re.compile('^(\w+) {$')
def_end = re.compile('^}$')
def_variable = re.compile('(\w+)=(.*)')
if (def_comment.match(line)):
continue
elif (def_end.match(line)):
# Handle any downs
if service_found and service_down and host_name:
curtime = datetime.today()
command = str("[{0}] PROCESS_SERVICE_CHECK_RESULT;{1};{2};0;OK".format(curtime.strftime('%s'), host_name, service))
try:
cmdfile = open(cmdfilename, 'a')
except IOError as err:
print str(err)
sys.exit(2)
cmdfile.write(command)
print "Marking {0} - {1} as up.".format(host_name, service)
cmdfile.close()
definition = False
service_found = False
service_down = False
host_name = None
while 1:
line = filehandle.readline()
if not line:
break
# Handle each line here
line = line.strip();
# Compile regex first
def_comment = re.compile('^#')
def_start = re.compile('^(\w+) {$')
def_end = re.compile('^}$')
def_variable = re.compile('(\w+)=(.*)')
if (def_comment.match(line)):
continue
elif (def_end.match(line)):
# Handle any downs
if service_found and service_down and host_name:
curtime = datetime.today()
command = str("[{0}] PROCESS_SERVICE_CHECK_RESULT;{1};{2};0;OK".format(curtime.strftime('%s'), host_name, service))
try:
cmdfile = open(cmdfilename, 'a')
except IOError as err:
print str(err)
sys.exit(2)
cmdfile.write(command)
print "Marking {0} - {1} as up.".format(host_name, service)
cmdfile.close()
if verbose:
print command
# Reset the variables
definition = False
service_found = False
service_down = False
host_name = None
if verbose:
print command
# Reset the variables
definition = False
service_found = False
service_down = False
host_name = None
if verbose:
print 'Definition End'
m = def_start.match(line)
if not m is None:
definition = True
if verbose:
print 'Definition Start'
m = def_variable.match(line)
if not m is None:
# Capture the variable input
var = m.groups()[0]
val = m.groups()[1]
if verbose:
print "Variable ({0}) = Value ({1})".format(var, val)
# Check for the variables we care about
if (var == 'service_description'):
if (val == service):
service_found = True
if verbose:
print 'Service found'
if (var == 'host_name'):
host_name = val
print 'Definition End'
m = def_start.match(line)
if not m is None:
definition = True
if verbose:
print 'Host found - {0}'.format(host_name)
if (var == 'current_state'):
if (val == '1' or val == '2'):
service_down = True
if verbose:
print 'Service Down'
print 'Definition Start'
#print line
m = def_variable.match(line)
if not m is None:
# Capture the variable input
var = m.groups()[0]
val = m.groups()[1]
if verbose:
print "Variable ({0}) = Value ({1})".format(var, val)
# Check for the variables we care about
if (var == 'service_description'):
if (val == service):
service_found = True
if verbose:
print 'Service found'
if (var == 'host_name'):
host_name = val
if verbose:
print 'Host found - {0}'.format(host_name)
if (var == 'current_state'):
if (val == '1' or val == '2'):
service_down = True
if verbose:
print 'Service Down'
#print line
###
# Usage
###
def usage():
print ('Usage: ' + sys.argv[0] + ' [OPTION]... ');
print ('Skynet')
print
print ('Mandatory arguments to long options are mandatory for short options too.')
print (' -c <file> configuration file')
print (' -f run in the foreground')
print (' -h, --help display this help and exit')
print (' -v, --verbose verbose output')
print (' -V, --version output version information and exit')
print (' --license output license information and exit')
print ('Usage: ' + sys.argv[0] + ' [OPTION]... ');
print ('Skynet')
print
print ('Mandatory arguments to long options are mandatory for short options too.')
print (' -c <file> configuration file')
print (' -f run in the foreground')
print (' -h, --help display this help and exit')
print (' -v, --verbose verbose output')
print (' -V, --version output version information and exit')
print (' --license output license information and exit')
###
# License
###
def license():
print('Copyright (C) 2013 Jason Frisvold <friz@godshell.com>');
print('License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>.');
print('This is free software: you are free to change and redistribute it.');
print('There is NO WARRANTY, to the extent permitted by law.');
print('');
print('Written by Jason Frisvold.');
print('Copyright (C) 2013 Jason Frisvold <friz@godshell.com>');
print('License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>.');
print('This is free software: you are free to change and redistribute it.');
print('There is NO WARRANTY, to the extent permitted by law.');
print('');
print('Written by Jason Frisvold.');
###
# Run the main program, pass in the CLI arguments (minus the command name)
try:
if __name__ == "__main__":
main(sys.argv[1:])
if __name__ == "__main__":
main(sys.argv[1:])
except KeyboardInterrupt:
sys.exit()
\ No newline at end of file
sys.exit()
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment