Merge pull request #79 from projectdiscovery/feature-config-file

adding config file support

Author: ehsandeep

Dockerfile

@@ -1,9 +1,8 @@
-# Build Container
-FROM golang:1.14-alpine AS build-env
-RUN apk add --no-cache --upgrade git openssh-client ca-certificates build-base libpcap libpcap-dev
+FROM golang:1.14
+RUN apt update && apt install -y nmap
 WORKDIR /go/src/app
 
 # Install
-RUN go get -u github.com/projectdiscovery/naabu/cmd/naabu
+RUN go get -v -u github.com/projectdiscovery/naabu/cmd/naabu
 
 ENTRYPOINT ["naabu"]

go.mod

@@ -6,9 +6,10 @@ require (
 	github.com/google/gopacket v1.1.18
 	github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2
 	github.com/projectdiscovery/cdncheck v0.0.0-20200910082712-19e1db650e26
-	github.com/projectdiscovery/fdmax v0.0.0-20200906213348-dc06b12b82c0
+	github.com/projectdiscovery/fdmax v0.0.1
 	github.com/projectdiscovery/gologger v1.0.1
 	github.com/projectdiscovery/mapcidr v0.0.4
 	github.com/remeh/sizedwaitgroup v1.0.0
 	golang.org/x/net v0.0.0-20200904194848-62affa334b73
+	gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
 )

go.sum

@@ -8,8 +8,8 @@ github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rK
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/projectdiscovery/cdncheck v0.0.0-20200910082712-19e1db650e26 h1:8LwryON7jJ8xKzghSTY6KxLMBgZM/Vqc9LlWMqf3pLA=
 github.com/projectdiscovery/cdncheck v0.0.0-20200910082712-19e1db650e26/go.mod h1:+CNeKlAVwecauIkA+PBNoA7zXGm4MZhL3KKFkkpIaZw=
-github.com/projectdiscovery/fdmax v0.0.0-20200906213348-dc06b12b82c0 h1:YNoKWlUGo5O3No882Du8zSzVlsH+Rd6m5uIIZKTXmvA=
-github.com/projectdiscovery/fdmax v0.0.0-20200906213348-dc06b12b82c0/go.mod h1:mbR7lJ9EONyxEfcsL2LlGtOSlzCQ5VraLzoJa/VTrAs=
+github.com/projectdiscovery/fdmax v0.0.1 h1:EDpan+CgIAAYJ1K1zpTii2SouIDPHQwpGQsYc2UGUj0=
+github.com/projectdiscovery/fdmax v0.0.1/go.mod h1:mbR7lJ9EONyxEfcsL2LlGtOSlzCQ5VraLzoJa/VTrAs=
 github.com/projectdiscovery/gologger v1.0.1 h1:FzoYQZnxz9DCvSi/eg5A6+ET4CQ0CDUs27l6Exr8zMQ=
 github.com/projectdiscovery/gologger v1.0.1/go.mod h1:Ok+axMqK53bWNwDSU1nTNwITLYMXMdZtRc8/y1c7sWE=
 github.com/projectdiscovery/mapcidr v0.0.4 h1:2vBSjkmbQASAcO/m2L/dhdulMVu2y9HdyWOrWYJ74rU=
@@ -34,3 +34,5 @@ golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ=
+gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

pkg/runner/banners.go

@@ -1,6 +1,7 @@
 package runner
 
 import (
+	"io/ioutil"
 	"net"
 	"strings"
 
@@ -30,14 +31,13 @@ func showBanner() {
 
 // showNetworkCapabilities shows the network capabilities/scan types possible with the running user
 func showNetworkCapabilities() {
-	accessLevel := "not root"
-	scanType := "Connect (Full Handshake)"
+	accessLevel := "non root"
+	scanType := "CONNECT"
 	if isRoot() {
 		accessLevel = "root"
-		scanType = "TCP/ICMP Probes + Syn Scan"
+		scanType = "TCP/ICMP/SYN"
 	}
-	gologger.Infof("Access Level: %s\n", accessLevel)
-	gologger.Infof("Scan Type: %s\n", scanType)
+	gologger.Infof("Running %s scan with %s privileges\n", scanType, accessLevel)
 }
 
 func showNetworkInterfaces() error {
@@ -79,3 +79,74 @@ func handlePrivileges(options *Options) error {
 
 	return nil
 }
+
+func (options *Options) writeDefaultConfig() {
+	dummyconfig := `
+# Number of retries
+# retries: 1
+# Packets rate
+# rate: 100
+# Number of threads
+# threads: 1
+# Timeout is the seconds to wait for ports to respond
+# timeout: 5
+# Hosts are the host to find ports for
+# host:
+# 	- 10.10.10.10
+# Ports is the ports to use for enumeration
+# ports:
+# 	- 80
+# 	- 100
+# ExcludePorts is the list of ports to exclude from enumeration
+# exclude-ports:
+# 	- 20
+# 	- 30
+# Verify is used to check if the ports found were valid using CONNECT method
+# verify: false
+# NoProbe skips probes to discover alive hosts
+# no-probe: false
+# Ping uses ping probes to discover fastest active host and discover dead hosts
+# ping: true
+# Port Probes (SYN-PORT, ACK-PORT)
+# port-probes:
+# 	- A80
+# 	- S110
+# Ips or cidr to be excluded from the scan
+# exclude-ips:
+# 	- 1.1.1.1
+# 	- 2.2.2.2
+# Top ports list
+# top-ports: 100
+# Attempts to run as root
+# privileged: true
+# Drop root privileges
+# unprivileged: true
+# Excludes ip of knows CDN ranges
+# exclude-cdn: true
+# IcmpEchoProbe before scanning
+# icmp-echo-probe: true
+# IcmpTimestampProbe before scanning
+# icmp-timestamp-probe: false
+# SourceIp to use in TCP packets
+# source-ip: 10.10.10.10
+# Interface to use for TCP packets
+# interface: eth0
+# WarmUpTime between scan phases
+# warm-up-time: 2
+# nmap command to invoke after scanning
+# nmap: nmap -SV
+`
+	configFile, err := getDefaultConfigFile()
+	if err != nil {
+		gologger.Fatalf("Could not get default configuration file: %s\n", err)
+	}
+	if fileExists(configFile) {
+		return
+	}
+
+	err = ioutil.WriteFile(configFile, []byte(dummyconfig), 0755)
+	if err != nil {
+		gologger.Fatalf("Could not write configuration file to %s: %s\n", configFile, err)
+	}
+	gologger.Infof("Configuration file saved to %s\n", configFile)
+}

pkg/runner/config.go

@@ -0,0 +1,122 @@
+package runner
+
+import (
+	"os"
+	"path"
+
+	"gopkg.in/yaml.v3"
+)
+
+const ConfigDefaultFilename = "naabu.conf"
+
+// ConfigFile contains the fields stored in the configuration file
+type ConfigFile struct {
+	// Retries is the number of retries for the port
+	Retries int `yaml:"retries,omitempty"`
+	// Rate is the rate of port scan requests
+	Rate int `yaml:"rate,omitempty"`
+	// Thread controls the number of parallel host to enumerate
+	Threads int `yaml:"threads,omitempty"`
+	// Timeout is the seconds to wait for ports to respond
+	Timeout int `yaml:"timeout,omitempty"`
+	// Hosts are the host to find ports for
+	Host []string `yaml:"host,omitempty"`
+	// Ports is the ports to use for enumeration
+	Ports []string `yaml:"ports,omitempty"`
+	// ExcludePorts is the list of ports to exclude from enumeration
+	ExcludePorts []string `yaml:"exclude-ports,omitempty"`
+	// Verify is used to check if the ports found were valid using CONNECT method
+	Verify bool `yaml:"verify,omitempty"`
+	// NoProbe skips probes to discover alive hosts
+	NoProbe bool `yaml:"no-probe,omitempty"`
+	// Ping uses ping probes to discover fastest active host and discover dead hosts
+	Ping bool `yaml:"ping,omitempty"`
+	// Port Probes (SYN-PORT, ACK-PORT)
+	PortProbes []string `yaml:"port-probes,omitempty"`
+	// Ips or cidr to be excluded from the scan
+	ExcludeIps []string `yaml:"exclude-ips,omitempty"`
+	// Top ports list
+	TopPorts string `yaml:"top-ports,omitempty"`
+	// Attempts to run as root
+	Privileged bool `yaml:"privileged,omitempty"`
+	// Drop root privileges
+	Unprivileged bool `yaml:"unprivileged,omitempty"`
+	// Excludes ip of knows CDN ranges
+	ExcludeCDN bool `yaml:"exclude-cdn,omitempty"`
+	// IcmpEchoProbe before scanning
+	IcmpEchoProbe bool `yaml:"icmp-echo-probe,omitempty"`
+	// IcmpTimestampProbe before scanning
+	IcmpTimestampProbe bool `yaml:"icmp-timestamp-probe,omitempty"`
+	// SourceIp to use in TCP packets
+	SourceIp string `yaml:"source-ip,omitempty"`
+	// Interface to use for TCP packets
+	Interface string `yaml:"interface,omitempty"`
+	// WarmUpTime between scan phases
+	WarmUpTime int `yaml:"warm-up-time,omitempty"`
+	// NMapCommand to invoke after scanning
+	NMapCommand string `yaml:"nmap,omitempty"`
+}
+
+// GetConfigDirectory gets the subfinder config directory for a user
+func GetConfigDirectory() (string, error) {
+	var config string
+
+	directory, err := os.UserHomeDir()
+	if err != nil {
+		return config, err
+	}
+	config = directory + "/.config/naabu"
+
+	// Create All directory for naabu even if they exist
+	err = os.MkdirAll(config, os.ModePerm)
+	if err != nil {
+		return config, err
+	}
+
+	return config, nil
+}
+
+// CheckConfigExists checks if the config file exists in the given path
+func CheckConfigExists(configPath string) bool {
+	if _, err := os.Stat(configPath); err == nil {
+		return true
+	} else if os.IsNotExist(err) {
+		return false
+	}
+	return false
+}
+
+// MarshalWrite writes the marshaled yaml config to disk
+func (c *ConfigFile) MarshalWrite(file string) error {
+	f, err := os.OpenFile(file, os.O_WRONLY|os.O_CREATE, 0755)
+	if err != nil {
+		return err
+	}
+
+	// Indent the spaces too
+	enc := yaml.NewEncoder(f)
+	err = enc.Encode(&c)
+	f.Close()
+	return err
+}
+
+// UnmarshalRead reads the unmarshalled config yaml file from disk
+func UnmarshalRead(file string) (ConfigFile, error) {
+	config := ConfigFile{}
+
+	f, err := os.Open(file)
+	if err != nil {
+		return config, err
+	}
+	err = yaml.NewDecoder(f).Decode(&config)
+	f.Close()
+	return config, err
+}
+
+func getDefaultConfigFile() (string, error) {
+	directory, err := GetConfigDirectory()
+	if err != nil {
+		return "", err
+	}
+	return path.Join(directory, ConfigDefaultFilename), nil
+}

pkg/runner/file.go

@@ -0,0 +1,11 @@
+package runner
+
+import "os"
+
+func fileExists(filename string) bool {
+	info, err := os.Stat(filename)
+	if os.IsNotExist(err) {
+		return false
+	}
+	return !info.IsDir()
+}

pkg/runner/ips.go

@@ -23,6 +23,12 @@ func parseExcludedIps(options *Options) (map[string]struct{}, error) {
 		allIps = append(allIps, strings.Split(string(data), "\n")...)
 	}
 
+	if options.config != nil {
+		for _, excludeIp := range options.config.ExcludeIps {
+			allIps = append(allIps, strings.Split(excludeIp, ",")...)
+		}
+	}
+
 	for _, ip := range allIps {
 		if ip == "" {
 			continue

pkg/runner/nmap.go

@@ -0,0 +1,46 @@
+package runner
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"strings"
+
+	"github.com/projectdiscovery/gologger"
+)
+
+func (r *Runner) handleNmap() {
+	if r.options.config != nil && r.options.config.NMapCommand != "" {
+		args := strings.Split(r.options.config.NMapCommand, " ")
+		var (
+			ips   []string
+			ports []string
+		)
+		allports := make(map[int]struct{})
+		for ip, p := range r.scanner.ScanResults.M {
+			ips = append(ips, ip)
+			for pp := range p {
+				allports[pp] = struct{}{}
+			}
+		}
+		for p := range allports {
+			ports = append(ports, fmt.Sprintf("%d", p))
+		}
+
+		portsStr := strings.Join(ports, ",")
+		ipsStr := strings.Join(ips, ",")
+
+		args = append(args, "-p")
+		args = append(args, portsStr)
+		args = append(args, ips...)
+
+		if r.options.Nmap {
+			gologger.Infof("Running nmap command: %s -p %s %s", r.options.config.NMapCommand, portsStr, ipsStr)
+			cmd := exec.Command(args[0], args[1:]...)
+			cmd.Stdout = os.Stdout
+			cmd.Run()
+		} else {
+			gologger.Infof("Suggested nmap command: %s -p %s %s", r.options.config.NMapCommand, portsStr, ipsStr)
+		}
+	}
+}