Commit fce281e1 authored by Jason Frisvold's avatar Jason Frisvold
Browse files

- Add logger comments about spawned process ending and encryption

- Add config items for gpg binary and key
- Updated notes with sample code for file encryption/decryption
parent 615e0aa1
......@@ -36,3 +36,45 @@ Spawn log requires data from cloud and spawn tables. Disable only? Or duplicat
https://pythonhosted.org/netaddr/index.html
https://stackoverflow.com/questions/250283/how-to-scp-in-python
example code for gpg binary execution :
def encrypt_file(fname, recipient=None, gpg_exe='/usr/bin/gpg', **kwds):
"""
"""
fd, tmpfname = tempfile.mkstemp()
os.close(fd)
cmd = (gpg_exe, '--batch', '--yes', '--output', tmpfname, '-e', '-r', recipient, '-a', fname)
logging.debug("Command is: %s" % str(cmd))
rc, stdout, stderr = exec_cmd(cmd)
if rc != 0:
parts = ["Error encrypting file '%s'." % fname]
if stdout:
parts.append(stdout)
if stderr:
parts.append(stderr)
msg = '\n'.join(parts)
logging.warn(msg)
return None
return tmpfname
def decrypt_file(fname, outname, gpg_exe='/usr/bin/gpg', gpg_pwd=None, **kwds):
"""
"""
parts = os.path.splitext(outname)
if parts[1].lower() in ('.gpg', '.asc'):
outname = parts[0]
cmd = ("/usr/bin/gpg", "--batch", "--no-tty", "--passphrase-fd", "0", "--ignore-crc-error", "-o", outname, fname)
logging.debug("Command is: %s" % str(cmd))
rc, stdout, stderr = exec_cmd(cmd, stdin=gpg_pwd)
if rc != 0:
parts = ["Error decrypting file '%s'." % fname]
if stdout:
parts.append(stdout)
if stderr:
parts.append(stderr)
msg = '\n'.join(parts)
logging.warn(msg)
return None
return outname
......@@ -37,4 +37,10 @@ nmap_binary = '/usr/local/bin/nmap'
# The directory where output from scans should be placed. Include the trailing
# slash.
output_dir = '/opt/skynet/output/'
\ No newline at end of file
output_dir = '/opt/skynet/output/'
# Location of the gpg binary. This should be the full path and binary name.
gpg_binary = '/usr/bin/gpg'
# Location and name of the gpg key to use for encrypting scan results.
gpg_key = datadir + 'spawner.gpg.key'
......@@ -128,6 +128,8 @@ def loadconfig():
cfg['timingdb'] = config.get('spawner', 'timingdb')
cfg['nmap_binary'] = config.get('spawner', 'nmap_binary')
cfg['output_dir'] = config.get('spawner', 'output_dir')
cfg['gpg_binary'] = config.get('spawner', 'gpg_binary')
cfg['gpg_key'] = config.get('spawner', 'gpg_key')
logger.debug('configdir = {0}'.format(cfg['configdir']))
logger.debug('datadir = {0}'.format(cfg['datadir']))
......@@ -137,7 +139,7 @@ def loadconfig():
def check_configdir():
logger.info('Check Config')
if (os.path.exists(cfg['configdir'])):
# Look for new files
......@@ -201,7 +203,7 @@ def check_timing(loopstarttime, timingdb):
def check_complete(spawnlist, timingdb):
logger.info('Check for completed processes')
try:
timingcursor = timingdb.cursor()
......@@ -245,7 +247,7 @@ def check_complete(spawnlist, timingdb):
(row[0], row[1], end_time))
timingdb.commit()
return spawnlist
def spawn_process(spawnlist):
......@@ -334,6 +336,11 @@ def spawn_process(spawnlist):
timingdb.commit()
spawned.wait()
logger.debug('Timer ' + str(timer) + ' completed.')
logger.debug('Encrypting ' + nmap_filename + ' via GPG (' +
cfg['gpg_binary'] + ')')
sys.exit(0)
def open_timing_database():
......@@ -419,4 +426,4 @@ try:
if __name__ == "__main__":
main(sys.argv[1:])
except KeyboardInterrupt:
sys.exit()
\ No newline at end of file
sys.exit()
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment