Skip to content

Os 38 #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 31 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
5028e07
test - commit from ide
IdanR-lighspin Oct 25, 2021
ba98b80
In progress of fixing the key pair issue (os-47).
IdanR-lighspin Oct 25, 2021
14ccd6f
fixed (os-47).
IdanR-lighspin Oct 27, 2021
9d3d432
fixed (os-47)+.
IdanR-lighspin Oct 27, 2021
106ca9d
fixed (os-47).
IdanR-lighspin Oct 31, 2021
fbf62d2
fixed (os-47).
IdanR-lighspin Oct 31, 2021
f5d96b7
In progress of fixing issue os-46
IdanR-lighspin Nov 1, 2021
b769428
script_a is now running. (it used to crash)
IdanR-lighspin Nov 1, 2021
9be1a4b
script_a is now running. (used to crash)
IdanR-lighspin Nov 1, 2021
74a1100
fixed some issues
IdanR-lighspin Nov 8, 2021
1846f2c
in progress of fixing os-46
IdanR-lighspin Nov 15, 2021
999f7ec
in progress of fixing os-46 (2)
IdanR-lighspin Nov 15, 2021
dac7a96
in progress of fixing os-46 (2)
IdanR-lighspin Nov 15, 2021
4fc6507
os-47 minor update
IdanR-lighspin Nov 15, 2021
01cc3d9
os-47 minor update
IdanR-lighspin Nov 15, 2021
a960ac3
saving working state of os-46.
IdanR-lighspin Nov 15, 2021
e3d287c
saving little changes
IdanR-lighspin Nov 22, 2021
fb26b16
fixed chkrootkit installation issue
IdanR-lighspin Nov 29, 2021
22228d8
The thing is working. but the website isn't showing any data.
IdanR-lighspin Nov 29, 2021
b67b34c
0S-46 ready for CR
IdanR-lighspin Dec 1, 2021
6ae8b75
0S-48 working for chkrootkit, almost for lynis
IdanR-lighspin Dec 6, 2021
8b2cacf
0S-48 finished
IdanR-lighspin Dec 8, 2021
714c829
0S-48 (cosmetic changes)
IdanR-lighspin Dec 8, 2021
2f989a9
OS-28
IdanR-lighspin Dec 8, 2021
9ceb2b7
OS-28
IdanR-lighspin Dec 13, 2021
62ff76f
change main file
IdanR-lighspin Dec 13, 2021
6e7d86b
account scan
IdanR-lighspin Dec 13, 2021
0b53178
in progress of getting all outputs jsons
IdanR-lighspin Dec 15, 2021
7b68b46
in progress of getting all outputs jsons (working for vuls now)
IdanR-lighspin Dec 16, 2021
dd0f1ee
saving all outputs as jsons
IdanR-lighspin Dec 22, 2021
6ee7af8
Update main.py
IdanR-lighspin Dec 27, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
88 changes: 88 additions & 0 deletions exec.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
import argparse
from art import text2art
import random
import boto3
import os
import glob
from src.logger import setup_logger
from src.snapper import Snapper
from src.scanner import Scanner


def getting_all_pem_file_names():
"""
:return: .pem file names from the red-detector directory.
"""
file_path = os.path.realpath(__file__) # getting the script's path
file_path = file_path.split("red-detector")
files_path = file_path[0] + "red-detector" # (the pem files arent in the same directory as the script.)

lst = (glob.glob(files_path+"/*.pem"))
index = 0
for i in lst:
lst[index] = lst[index].replace(files_path+"/", "").replace(".pem","")
index += 1
return lst


def used_key_pairs():
keypairs = [] # list of used keyPair names
ec2 = boto3.client('ec2')
response = ec2.describe_key_pairs()

for i in response["KeyPairs"]:
keypairs.append(i["KeyName"])
return keypairs


if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser.add_argument('--region', action='store', dest='region', type=str,
help='region name', required=False)
parser.add_argument('--instance-id', action='store', dest='instance_id', type=str,
help='EC2 instance id', required=False)
parser.add_argument('--keypair', action='store', dest='keypair', type=str,
help='existing key pair name', required=False)
parser.add_argument('--log-level', action='store', dest='log_level', type=str,
help='log level', required=False, default="INFO")

cmd_args = parser.parse_args()
logger = setup_logger(id=cmd_args.instance_id, log_level=cmd_args.log_level)
snapper = Snapper(logger=logger)
if cmd_args.region:
snapper.region = cmd_args.region
else:
snapper.region = snapper.select_region()

snapper.create_client()

if cmd_args.instance_id:
try:
source_volume_id = snapper.get_instance_root_vol(instance_id=cmd_args.instance_id)
except Exception as e:
print(e, " : (probably problem with the given instance id or internet connection)")
exit(99)
else:
source_volume_id = snapper.select_ec2_instance()

volume_id, selected_az, snapshot_id = snapper.snapshot2volume(volume_id=source_volume_id)

if cmd_args.keypair:
scanner = Scanner(logger=logger, region=snapper.region, key_pair_name=cmd_args.keypair)
else:
used_key_pairs_list_from_aws = used_key_pairs()
used_key_pairs_list_locally = getting_all_pem_file_names()
num = 0
key_name = "red_detector_key{number}".format(number=str(num))
while key_name in used_key_pairs_list_from_aws or key_name in used_key_pairs_list_locally:
num += 1
key_name = "red_detector_key{number}".format(number=str(num))

scanner = Scanner(logger=logger, region=snapper.region, key_pair_name=key_name)
scanner.keypair_name = scanner.create_keypair(key_name=key_name)

ec2_instance_id, ec2_instance_public_ip, report_service_port = scanner.create_ec2(selected_az=selected_az)
scanner.attach_volume_to_ec2(ec2_instance_id=ec2_instance_id, volume_id=volume_id)
scanner.scan_and_report(ec2_instance_public_ip=ec2_instance_public_ip,
report_service_port=report_service_port, ec2_instance_id=ec2_instance_id,
snapshot_id=snapshot_id)
132 changes: 105 additions & 27 deletions main.py
Original file line number Diff line number Diff line change
@@ -1,11 +1,43 @@
import subprocess
import argparse
import sys
import threading
from art import text2art
import datetime
import boto3
begin_time = datetime.datetime.now()


class Scan(threading.Thread):
def __init__(self, instance_region, instance_id, instance_keypair, instance_log_level):
threading.Thread.__init__(self)
self.region = instance_region
self.id = instance_id
self.keypair = instance_keypair
self.log_level = instance_log_level

def run(self):
"""
running the exec file (old main) with "one instance at a time" (in threads of course)
"""
command = "python3 exec.py --region {region} --instance-id {id} --keypair {keypair} --log-level {loglevel}". \
format(region=self.region, id=self.id, keypair=self.keypair, loglevel=self.log_level)
command = command.split(" ") # the command should be in this format in order to get live output
with open('test.log', 'wb') as f:
process = subprocess.Popen(
command,
stdout=subprocess.PIPE)
for c in iter(lambda: process.stdout.readline(1), b''):
# sys.stdout.write(" [ From: " + self.instance_id + " ]" + str(c))
pass

from src.logger import setup_logger
from src.snapper import Snapper
from src.scanner import Scanner

if __name__ == "__main__":

text_art = text2art("RED DETECTOR")
print(text_art)
print(" +++ WELCOME RED-DETECTOR - CVE SCANNER USING VULS +++\n\n")

parser = argparse.ArgumentParser()
parser.add_argument('--region', action='store', dest='region', type=str,
help='region name', required=False)
Expand All @@ -15,35 +47,81 @@
help='existing key pair name', required=False)
parser.add_argument('--log-level', action='store', dest='log_level', type=str,
help='log level', required=False, default="INFO")
region = "us-east-2"
source_volume_id = "id"
keypair = ""
log_level = "INFO"

text_art = text2art("RED DETECTOR")
print(text_art)
print(" +++ WELCOME RED-DETECTOR - CVE SCANNER USING VULS +++\n\n")
"""
sample inputs for instance-id:
* ami-0fb653ca2d3203ac1
* i-008966f80522a3c34_i-0ff28ad4240aef353
* account_scan
* regions:us-esat-1...
"""

cmd_args = parser.parse_args()
logger = setup_logger(log_level=cmd_args.log_level)
snapper = Snapper(logger=logger)
if cmd_args.region:
snapper.region = cmd_args.region
else:
snapper.region = snapper.select_region()

snapper.create_client()

region = cmd_args.region
if cmd_args.instance_id:
source_volume_id = snapper.get_instance_root_vol(instance_id=cmd_args.instance_id)
else:
source_volume_id = snapper.select_ec2_instance()
source_volume_id = cmd_args.instance_id
if cmd_args.keypair:
keypair = cmd_args.keypair
if cmd_args.log_level:
log_level = cmd_args.log_level

volume_id, selected_az, snapshot_id = snapper.snapshot2volume(volume_id=source_volume_id)
lst_of_ids = []
ec2 = boto3.resource('ec2')

scanner = Scanner(logger=logger, region=snapper.region)
if cmd_args.keypair:
scanner.keypair_name = cmd_args.keypair
if source_volume_id == "account_scan":
ec2 = boto3.resource('ec2')
for instance in ec2.instances.all():
if str(instance.state["Code"]) == "16": # getting just the running instances
lst_of_ids.append(instance.id)

elif "region" in source_volume_id: # input in this form: region:us-east-2
# source_volume_id = "regions:us-east-2,us-east-1"
source_volume_id = source_volume_id.replace("regions:", "")
try:
regions = source_volume_id.split(",")
except:
regions = source_volume_id[0] # means got one region
source_volume_id = source_volume_id.split(":")
client = boto3.client('ec2')
for region in regions:
conn = boto3.resource('ec2', region_name=region)
instances = conn.instances.filter()
for instance in instances:
if instance.state["Name"] == "running":
# without the if below: scan all regions.
if region in regions:
# print(instance.id, instance.instance_type, region)
lst_of_ids.append(instance.id)
elif "ami" in source_volume_id:
# ami = "ami-0fb653ca2d3203ac1"
ami = source_volume_id
client = boto3.client('ec2')
cl = client.describe_instances()
for data in cl['Reservations']:
for i in data["Instances"]:
if i['ImageId'] == ami:
lst_of_ids.append(i['InstanceId'])
else:
scanner.keypair_name = scanner.create_keypair(key_name='red_detector_key')
ec2_instance_id, ec2_instance_public_ip, report_service_port = scanner.create_ec2(selected_az=selected_az)
scanner.attach_volume_to_ec2(ec2_instance_id=ec2_instance_id, volume_id=volume_id)
scanner.scan_and_report(ec2_instance_public_ip=ec2_instance_public_ip,
report_service_port=report_service_port, ec2_instance_id=ec2_instance_id,
snapshot_id=snapshot_id)
lst_of_ids = source_volume_id.split("_") # need to provide the ids with a _ between them.

print("Going to scan: ", lst_of_ids)
threads = []
for instance_id in lst_of_ids:
# print(instance_id)
instance_scan = Scan(region, instance_id, keypair, log_level)
instance_scan.start()
threads.append(instance_scan)

for x in threads:
x.join() # wait for all the threads to end.
with open("results.txt", "r") as f:
for line in f:
print(line)
with open("results.txt", "w") as f:
pass
print("Time took to execute: ", datetime.datetime.now() - begin_time)
7 changes: 5 additions & 2 deletions src/logger.py
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
import logging


def setup_logger(log_level="INFO"):
def setup_logger(id, log_level="INFO"):
logger = logging.getLogger(__name__)
log_handler = logging.StreamHandler()
logger.setLevel(log_level)
log_format = logging.Formatter('%(asctime)s - %(levelname)s - %(message)s')
extra = {'id': id}
log_format = logging.Formatter('%(asctime)s: [%(id)s] - %(levelname)s - %(message)s', )
log_handler.setFormatter(log_format)
logger.addHandler(log_handler)
logger = logging.LoggerAdapter(logger, extra)
logger = logging.LoggerAdapter(logger, extra)
return logger
Loading