diff --git a/.gitea/workflows/build-lists.yml b/.gitea/workflows/build-lists.yml index 580013d..3b6721b 100644 --- a/.gitea/workflows/build-lists.yml +++ b/.gitea/workflows/build-lists.yml @@ -11,79 +11,6 @@ on: - cron: "30 0 */5 * *" jobs: - build-scanners-list: - name: Build scanners list - environment: - name: sudo-bot - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - type: ["stretchoid", "binaryedge"] - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Cache cargo binaries - uses: actions/cache@v4 - id: cache-dns-ptr-resolver - with: - path: ~/.cargo/bin/dns-ptr-resolver - key: ${{ runner.os }}-cargo-bin-dns-ptr-resolver-1.1.0 - - name: Set up toolchain - if: steps.cache-dns-ptr-resolver.outputs.cache-hit != 'true' - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: 1.67 - override: true - - name: Install dns-ptr-resolver - if: steps.cache-dns-ptr-resolver.outputs.cache-hit != 'true' - run: cargo install dns-ptr-resolver@1.1.0 - - name: Build the ${{ matrix.type }} list - run: ./make-${{ matrix.type }}.sh - - name: Post the summary - run: | - git add -A - printf '### Diff\n```diff\n%s\n```\n' "$(git diff --staged)" >> $GITHUB_STEP_SUMMARY - - name: Extract secrets - run: | - printf '%s' "${{ secrets.GH_APP_JWT_PRIV_PEM_CONTENTS }}" > ${HOME}/.secret_jwt.pem - printf '%s' "${{ secrets.GPG_PRIVATE_KEY }}" > ${HOME}/.private-key.asc - - uses: actions/setup-node@v4 - with: - node-version: 18 - - name: Get yarn cache directory path - id: yarn-cache-dir-path - run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT - - name: yarn cache - uses: actions/cache@v4 - with: - path: ${{ steps.yarn-cache-dir-path.outputs.dir }} - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ runner.os }}-yarn- - - name: Install sudo-bot - run: yarn global add sudo-bot - - name: Run sudo-bot - run: | - sudo-bot --verbose \ - --jwt-file="${HOME}/.secret_jwt.pem" \ - --gh-app-id='17453' \ - --installation-id="${{ secrets.INSTALLATION_ID }}" \ - --repository-slug='wdes/security' \ - --target-branch='main' \ - --assign='williamdes' \ - --commit-author-email='sudo-bot@wdes.fr' \ - --commit-author-name='Sudo Bot' \ - --gpg-private-key-file="${HOME}/.private-key.asc" \ - --template="$GITHUB_WORKSPACE/.github/sudo-bot-template.js" \ - --gpg-private-key-passphrase="${{ secrets.GPG_PASSPHRASE }}" - - name: Purge secrets - if: always() - run: | - rm -v ${HOME}/.secret_jwt.pem - rm -v ${HOME}/.private-key.asc - build-aws-cloudfront: runs-on: ubuntu-latest steps: diff --git a/README.md b/README.md index 6cbe2e8..f5e1f9e 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ - `https://security.wdes.eu/scanners/stretchoid.txt` (List of all known stretchoid IPs) - `https://security.wdes.eu/scanners/binaryedge.txt` (List of all known binaryedge IPs) +- `https://security.wdes.eu/scanners/shadowserver.txt` (List of all known shadowserver IPs) - `https://security.wdes.eu/scanners/censys.txt` (List of all IPs declared by censys scanner on their [FAQ](https://support.censys.io/hc/en-us/articles/360043177092-Opt-Out-of-Data-Collection) - `https://security.wdes.eu/scanners/internet-measurement.com.txt` (List of all IPs declared by internet-measurement.com on [their website](https://internet-measurement.com/#ips)) diff --git a/snow-scanner/src/main.rs b/snow-scanner/src/main.rs index dd97928..fcaf75c 100644 --- a/snow-scanner/src/main.rs +++ b/snow-scanner/src/main.rs @@ -118,8 +118,10 @@ impl FromParam<'_> for Scanners { match param { "stretchoid" => Ok(Scanners::Stretchoid), "binaryedge" => Ok(Scanners::Binaryedge), + "shadowserver" => Ok(Scanners::Shadowserver), "stretchoid.txt" => Ok(Scanners::Stretchoid), "binaryedge.txt" => Ok(Scanners::Binaryedge), + "shadowserver.txt" => Ok(Scanners::Shadowserver), "censys.txt" => Ok(Scanners::Censys), "internet-measurement.com.txt" => Ok(Scanners::InternetMeasurement), v => Err(format!("Unknown value: {v}")), @@ -137,8 +139,10 @@ impl<'de> Deserialize<'de> for Scanners { match k { "stretchoid" => Ok(Scanners::Stretchoid), "binaryedge" => Ok(Scanners::Binaryedge), + "shadowserver" => Ok(Scanners::Shadowserver), "stretchoid.txt" => Ok(Scanners::Stretchoid), "binaryedge.txt" => Ok(Scanners::Binaryedge), + "shadowserver.txt" => Ok(Scanners::Shadowserver), "censys.txt" => Ok(Scanners::Censys), "internet-measurement.com.txt" => Ok(Scanners::InternetMeasurement), v => Err(serde::de::Error::custom(format!( @@ -159,6 +163,7 @@ impl fmt::Display for Scanners { Self::Binaryedge => "binaryedge", Self::Censys => "censys", Self::InternetMeasurement => "internet-measurement.com", + Self::Shadowserver => "shadowserver.txt", } ) } @@ -171,6 +176,7 @@ impl serialize::ToSql for Scanners { Self::Binaryedge => out.write_all(b"binaryedge")?, Self::Censys => out.write_all(b"censys")?, Self::InternetMeasurement => out.write_all(b"internet-measurement.com")?, + Self::Shadowserver => out.write_all(b"shadowserver.txt")?, }; Ok(IsNull::No) @@ -441,7 +447,7 @@ async fn handle_list_scanners( path.push(static_data_dir); path.push("scanners"); path.push(match scanner_name { - Scanners::Stretchoid | Scanners::Binaryedge => panic!("This should not happen"), + Scanners::Stretchoid | Scanners::Binaryedge | Scanners::Shadowserver => panic!("This should not happen"), Scanners::Censys => "censys.txt".to_string(), Scanners::InternetMeasurement => "internet-measurement.com.txt".to_string(), }); diff --git a/snow-scanner/src/worker/detection.rs b/snow-scanner/src/worker/detection.rs index 1cb8ddb..3092543 100644 --- a/snow-scanner/src/worker/detection.rs +++ b/snow-scanner/src/worker/detection.rs @@ -14,6 +14,7 @@ use crate::worker::ip_addr::is_global_hardcoded; pub enum Scanners { Stretchoid, Binaryedge, + Shadowserver, Censys, InternetMeasurement, } @@ -66,6 +67,13 @@ pub fn detect_scanner_from_name(name: &Name) -> Result, ()> { { Ok(Some(Scanners::Stretchoid)) } + ref name + if name + .trim_to(2) + .eq_case(&Name::from_str("shadowserver.org.").expect("Should parse")) => + { + Ok(Some(Scanners::Shadowserver)) + } &_ => Ok(None), } }