nmap_vuln_scanner.py

Nmap Vulnerability Scanner nmap_vuln_scanner.py

This document provides a detailed step-by-step explanation of how the nmap_vuln_scanner.py script operates. This script performs vulnerability scanning using Nmap on specified IP addresses, scans for vulnerabilities on various ports, and saves the results and progress.

Overview

Description

• Filename: nmap_vuln_scanner.py
• Purpose: To perform vulnerability scanning using Nmap on specified IP addresses and save the results.

Initialization and Setup

Importing Modules

The script imports the following modules:

• Standard Libraries:

  • os
  • pandas
  • subprocess
  • logging
  • datetime
  • concurrent.futures.ThreadPoolExecutor, as_completed

• External Libraries:

  • rich.console
  • rich.progress

• Custom Modules:

  • SharedData
  • Logger

Configuring the Logger

The logger is configured to log messages for nmap_vuln_scanner.py at the INFO level, ensuring detailed logging of events and errors.

Defining Global Variables

Global variables are defined to provide metadata about the class and module, including:

• b_class = "NmapVulnScanner"
• b_module = "nmap_vuln_scanner"
• b_status = "vuln_scan"
• b_port = None
• b_parent = None

NmapVulnScanner Class

Purpose

The NmapVulnScanner class manages the process of scanning IP addresses for vulnerabilities using Nmap and saving the results.

Initialization

• Attributes: Initializes shared data, prepares for scanning, and sets up the summary file.
• Logger: Logs the initialization process.

Methods

create_summary_file()

• Purpose: Creates a summary file for vulnerabilities if it does not exist.
• Details: Initializes the summary file with appropriate columns and saves it as a CSV file.

update_summary_file(ip, hostname, mac, port, vulnerabilities)

• Purpose: Updates the summary file with the scan results.
• Details: Reads the existing summary file, appends new scan results, removes duplicates, and saves the updated data.

scan_vulnerabilities(ip, hostname, mac, ports)

• Purpose: Scans the specified IP address for vulnerabilities on given ports using Nmap.
• Details: Executes Nmap commands, captures the output, and updates the summary file with the parsed vulnerabilities.
• Returns: The combined scan result as a string or None if an error occurs.

execute(ip, row, status_key)

• Purpose: Executes the vulnerability scan for a given IP and row data.
• Details: Initiates the scan, saves results, and updates the status.
• Returns: A status string indicating success or failure.

parse_vulnerabilities(scan_result)

• Purpose: Parses the Nmap scan result to extract vulnerabilities.
• Details: Identifies lines containing vulnerability information and compiles them into a single string.
• Returns: A string of parsed vulnerabilities.

save_results(mac_address, ip, scan_result)

• Purpose: Saves the detailed scan results to a file.
• Details: Writes the scan result to a file named after the MAC address and IP.

save_summary()

• Purpose: Saves a summary of all scanned vulnerabilities to a final summary file.
• Details: Aggregates data from the summary file and writes it to a final summary CSV.

Detailed Execution Flow

Step 1: Initialization

• The NmapVulnScanner class is initialized with shared data, setting up necessary attributes and logging the initialization.

Step 2: Create Summary File

• The create_summary_file method ensures the summary file exists and initializes it if not.

Step 3: Scan Vulnerabilities

• The scan_vulnerabilities method scans the specified IP for vulnerabilities using Nmap, logs the process, and updates the summary file.

Step 4: Execute Scan

• The execute method orchestrates the scan for each IP, saves the results, and updates the status based on the scan outcome.

Step 5: Parse Vulnerabilities

• The parse_vulnerabilities method extracts and compiles vulnerability information from the Nmap scan result.

Step 6: Save Results

• The save_results method saves detailed scan results to a file for each scanned IP.

Step 7: Save Summary

• The save_summary method compiles and saves a summary of all vulnerabilities to a final summary file.

Variables and Configuration

Target Files and Directories

self.shared_data.vuln_summary_file

• Purpose: Specifies the path to the summary file that records scan results.
• Type: String (file path).
• Example: '/path/to/vuln_summary.csv'

self.shared_data.vulnerabilities_dir

• Purpose: Specifies the directory where detailed scan results are saved.
• Type: String (directory path).
• Example: '/path/to/vulnerabilities/'

self.shared_data.nmap_scan_aggressivity

• Purpose: Specifies the aggressiveness level for Nmap scans.
• Type: String (Nmap option).
• Example: '-T4'

Example Configuration

self.shared_data.vuln_summary_file = '/path/to/vuln_summary.csv'
self.shared_data.vulnerabilities_dir = '/path/to/vulnerabilities/'
self.shared_data.nmap_scan_aggressivity = '-T4'

Integration with Orchestrator

Method Call

The NmapVulnScanner class is called by the orchestrator via its execute method. The process involves:

1. Receiving Target Details: The orchestrator provides IP, port, and other relevant details to the NmapVulnScanner class.
2. Performing Vulnerability Scan: The execute method initiates the Nmap scan, parses results, and updates the summary file.
3. Updating Orchestrator: The status (success or failure) is returned to the orchestrator for further action.

Example Workflow

1. Initialization: The orchestrator initializes the NmapVulnScanner class.
2. Execution: For each target IP, the orchestrator calls the execute method of NmapVulnScanner.
3. Logging and Status Update: The NmapVulnScanner class logs each step and updates the status based on the outcome of the scan.

By following these detailed steps, the nmap_vuln_scanner.py script performs vulnerability scans on specified IP addresses, saves detailed results, and updates a summary of vulnerabilities.