Compare commits
5 Commits
aac441630c
...
816a9f1aaa
Author | SHA1 | Date | |
---|---|---|---|
816a9f1aaa
|
|||
a6da51aa0b
|
|||
bee0c757e9
|
|||
9593af7b66
|
|||
9fa4dad52b
|
@ -244,7 +244,7 @@ async fn handle_scan(
|
|||||||
|
|
||||||
let msg = EventBusWriterEvent::BroadcastMessage(
|
let msg = EventBusWriterEvent::BroadcastMessage(
|
||||||
WorkerMessages::DoWorkRequest {
|
WorkerMessages::DoWorkRequest {
|
||||||
neworks: vec![Network(cidr)],
|
networks: vec![Network(cidr)],
|
||||||
}
|
}
|
||||||
.into(),
|
.into(),
|
||||||
);
|
);
|
||||||
|
@ -271,7 +271,7 @@ impl<'a> Worker<'a> {
|
|||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
WorkerMessages::GetWorkRequest {} => {
|
WorkerMessages::GetWorkRequest {} => {
|
||||||
worker_reply = Some(WorkerMessages::DoWorkRequest { neworks: vec![] });
|
worker_reply = Some(WorkerMessages::DoWorkRequest { networks: vec![] });
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
WorkerMessages::DoWorkRequest { .. } | WorkerMessages::Invalid { .. } => {
|
WorkerMessages::DoWorkRequest { .. } | WorkerMessages::Invalid { .. } => {
|
||||||
|
@ -15,7 +15,7 @@ pub enum WorkerMessages {
|
|||||||
#[serde(rename = "get_work")]
|
#[serde(rename = "get_work")]
|
||||||
GetWorkRequest {},
|
GetWorkRequest {},
|
||||||
#[serde(rename = "do_work")]
|
#[serde(rename = "do_work")]
|
||||||
DoWorkRequest { neworks: Vec<Network> },
|
DoWorkRequest { networks: Vec<Network> },
|
||||||
#[serde(rename = "scanner_found")]
|
#[serde(rename = "scanner_found")]
|
||||||
ScannerFoundResponse { name: String, address: IpAddr },
|
ScannerFoundResponse { name: String, address: IpAddr },
|
||||||
#[serde(rename = "")]
|
#[serde(rename = "")]
|
||||||
@ -95,25 +95,25 @@ mod tests {
|
|||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn deserialize_do_work_empty() {
|
fn deserialize_do_work_empty() {
|
||||||
let data = "{\"type\":\"do_work\",\"request\":{\"neworks\":[]}}";
|
let data = "{\"type\":\"do_work\",\"request\":{\"networks\":[]}}";
|
||||||
let result: WorkerMessages = data.to_string().into();
|
let result: WorkerMessages = data.to_string().into();
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
result,
|
result,
|
||||||
WorkerMessages::DoWorkRequest {
|
WorkerMessages::DoWorkRequest {
|
||||||
neworks: [].to_vec()
|
networks: [].to_vec()
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn deserialize_do_work() {
|
fn deserialize_do_work() {
|
||||||
let data = "{\"type\":\"do_work\",\"request\":{\"neworks\":[\"127.0.0.0/31\"]}}";
|
let data = "{\"type\":\"do_work\",\"request\":{\"networks\":[\"127.0.0.0/31\"]}}";
|
||||||
let result: WorkerMessages = data.to_string().into();
|
let result: WorkerMessages = data.to_string().into();
|
||||||
let cidr: IpCidr = IpCidr::from_str("127.0.0.0/31").unwrap();
|
let cidr: IpCidr = IpCidr::from_str("127.0.0.0/31").unwrap();
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
result,
|
result,
|
||||||
WorkerMessages::DoWorkRequest {
|
WorkerMessages::DoWorkRequest {
|
||||||
neworks: [Network(cidr)].to_vec()
|
networks: [Network(cidr)].to_vec()
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -19,6 +19,7 @@ pub enum Scanners {
|
|||||||
Shadowserver,
|
Shadowserver,
|
||||||
Censys,
|
Censys,
|
||||||
InternetMeasurement,
|
InternetMeasurement,
|
||||||
|
Anssi,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub trait ScannerMethods {
|
pub trait ScannerMethods {
|
||||||
@ -29,17 +30,14 @@ pub trait ScannerMethods {
|
|||||||
|
|
||||||
impl ScannerMethods for Scanners {
|
impl ScannerMethods for Scanners {
|
||||||
fn is_static(self: &Self) -> bool {
|
fn is_static(self: &Self) -> bool {
|
||||||
match self {
|
self.static_file_name().is_some()
|
||||||
Self::Censys => true,
|
|
||||||
Self::InternetMeasurement => true,
|
|
||||||
_ => false,
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
fn static_file_name(self: &Self) -> Option<&str> {
|
fn static_file_name(self: &Self) -> Option<&str> {
|
||||||
match self {
|
match self {
|
||||||
Self::Censys => Some("censys.txt"),
|
Self::Censys => Some("censys.txt"),
|
||||||
Self::InternetMeasurement => Some("internet-measurement.com.txt"),
|
Self::InternetMeasurement => Some("internet-measurement.com.txt"),
|
||||||
|
Self::Anssi => Some("anssi.txt"),
|
||||||
_ => None,
|
_ => None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -51,6 +49,7 @@ impl ScannerMethods for Scanners {
|
|||||||
Self::Censys => "Censys node",
|
Self::Censys => "Censys node",
|
||||||
Self::InternetMeasurement => "internet measurement probe",
|
Self::InternetMeasurement => "internet measurement probe",
|
||||||
Self::Shadowserver => "cloudy shadowserver",
|
Self::Shadowserver => "cloudy shadowserver",
|
||||||
|
_ => (*self).into(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -79,20 +78,28 @@ impl<'de> Deserialize<'de> for Scanners {
|
|||||||
|
|
||||||
impl ToString for Scanners {
|
impl ToString for Scanners {
|
||||||
fn to_string(&self) -> String {
|
fn to_string(&self) -> String {
|
||||||
|
let res: &str = (*self).into();
|
||||||
|
res.to_string()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Into<&str> for Scanners {
|
||||||
|
fn into(self) -> &'static str {
|
||||||
match self {
|
match self {
|
||||||
Self::Stretchoid => "stretchoid",
|
Self::Stretchoid => "stretchoid",
|
||||||
Self::Binaryedge => "binaryedge",
|
Self::Binaryedge => "binaryedge",
|
||||||
Self::Censys => "censys",
|
Self::Censys => "censys",
|
||||||
Self::InternetMeasurement => "internet-measurement.com",
|
Self::InternetMeasurement => "internet-measurement.com",
|
||||||
Self::Shadowserver => "shadowserver",
|
Self::Shadowserver => "shadowserver",
|
||||||
|
Self::Anssi => "anssi",
|
||||||
}
|
}
|
||||||
.to_string()
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl serialize::ToSql<Text, Mysql> for Scanners {
|
impl serialize::ToSql<Text, Mysql> for Scanners {
|
||||||
fn to_sql(&self, out: &mut serialize::Output<Mysql>) -> serialize::Result {
|
fn to_sql(&self, out: &mut serialize::Output<Mysql>) -> serialize::Result {
|
||||||
out.write_all(self.to_string().as_bytes())?;
|
let res: &str = (*self).into();
|
||||||
|
out.write_all(res.as_bytes())?;
|
||||||
|
|
||||||
Ok(IsNull::No)
|
Ok(IsNull::No)
|
||||||
}
|
}
|
||||||
@ -121,6 +128,7 @@ impl TryInto<Scanners> for &str {
|
|||||||
"internet-measurement.com" => Ok(Scanners::InternetMeasurement),
|
"internet-measurement.com" => Ok(Scanners::InternetMeasurement),
|
||||||
"shadowserver" => Ok(Scanners::Shadowserver),
|
"shadowserver" => Ok(Scanners::Shadowserver),
|
||||||
"censys" => Ok(Scanners::Censys),
|
"censys" => Ok(Scanners::Censys),
|
||||||
|
"anssi" => Ok(Scanners::Anssi),
|
||||||
value => Err(format!("Invalid value: {value}")),
|
value => Err(format!("Invalid value: {value}")),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -171,20 +179,4 @@ mod test {
|
|||||||
|
|
||||||
assert_eq!(res.unwrap(), Scanners::Shadowserver);
|
assert_eq!(res.unwrap(), Scanners::Shadowserver);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
|
||||||
fn test_detect_scanner() {
|
|
||||||
let cname_ptr = Name::from_str("111.0-24.197.62.64.in-addr.arpa.").unwrap();
|
|
||||||
let ptr = Name::from_str("scan-47e.shadowserver.org.").unwrap();
|
|
||||||
|
|
||||||
assert_eq!(
|
|
||||||
detect_scanner(&ResolvedResult {
|
|
||||||
query: cname_ptr,
|
|
||||||
result: Some(ptr),
|
|
||||||
error: None
|
|
||||||
})
|
|
||||||
.unwrap(),
|
|
||||||
Some(Scanners::Shadowserver)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -2,7 +2,6 @@ use std::{env, net::IpAddr};
|
|||||||
|
|
||||||
use chrono::{Duration, NaiveDateTime, Utc};
|
use chrono::{Duration, NaiveDateTime, Utc};
|
||||||
use cidr::IpCidr;
|
use cidr::IpCidr;
|
||||||
use detection::detect_scanner;
|
|
||||||
use dns_ptr_resolver::{get_ptr, ResolvedResult};
|
use dns_ptr_resolver::{get_ptr, ResolvedResult};
|
||||||
use log2::*;
|
use log2::*;
|
||||||
use scanners::Scanners;
|
use scanners::Scanners;
|
||||||
@ -160,14 +159,16 @@ impl Worker {
|
|||||||
for addr in addresses {
|
for addr in addresses {
|
||||||
let client = get_dns_client(&get_dns_server_config(&rr_dns_servers.next().unwrap()));
|
let client = get_dns_client(&get_dns_server_config(&rr_dns_servers.next().unwrap()));
|
||||||
match get_ptr(addr, client) {
|
match get_ptr(addr, client) {
|
||||||
Ok(result) => match detect_scanner(&result) {
|
Ok(result) => {
|
||||||
Ok(Some(scanner_name)) => {
|
let scanner: Result<Scanners, String> = result.query.clone().try_into();
|
||||||
|
|
||||||
|
match scanner {
|
||||||
|
Ok(scanner_name) => {
|
||||||
self.report_detection(scanner_name, addr, result);
|
self.report_detection(scanner_name, addr, result);
|
||||||
}
|
}
|
||||||
Ok(None) => {}
|
|
||||||
|
|
||||||
Err(err) => error!("Error detecting for {addr}: {:?}", err),
|
Err(err) => error!("Error detecting for {addr}: {:?}", err),
|
||||||
},
|
}
|
||||||
|
}
|
||||||
Err(_) => {
|
Err(_) => {
|
||||||
//debug!("Error processing {addr}: {err}")
|
//debug!("Error processing {addr}: {err}")
|
||||||
}
|
}
|
||||||
@ -195,9 +196,9 @@ impl Worker {
|
|||||||
|
|
||||||
pub fn receive_request(&mut self, server_request: WorkerMessages) -> &Worker {
|
pub fn receive_request(&mut self, server_request: WorkerMessages) -> &Worker {
|
||||||
match server_request {
|
match server_request {
|
||||||
WorkerMessages::DoWorkRequest { neworks } => {
|
WorkerMessages::DoWorkRequest { networks } => {
|
||||||
info!("Work request received for neworks: {:?}", neworks);
|
info!("Work request received for networks: {:?}", networks);
|
||||||
for cidr in neworks {
|
for cidr in networks {
|
||||||
let cidr = cidr.0;
|
let cidr = cidr.0;
|
||||||
self.work_on_cidr(cidr);
|
self.work_on_cidr(cidr);
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user