Merge pull request #115 from projectdiscovery/bugfix-privileges-rework

Bugfix privileges rework

Author: Mzack9999

v2/pkg/runas/runas_all.go

@@ -6,7 +6,6 @@ import (
 	"strings"
 
 	"github.com/projectdiscovery/gologger"
-	"github.com/projectdiscovery/naabu/v2/pkg/runas"
 	"github.com/projectdiscovery/naabu/v2/pkg/scan"
 )
 
@@ -33,7 +32,7 @@ func showBanner() {
 func showNetworkCapabilities(options *Options) {
 	accessLevel := "non root"
 	scanType := "CONNECT"
-	if isRoot() && !options.Unprivileged {
+	if isRoot() && options.ScanType == SynScan {
 		accessLevel = "root"
 		scanType = "TCP/ICMP/SYN"
 	}
@@ -68,18 +67,6 @@ func showNetworkInterfaces() error {
 	return nil
 }
 
-func handlePrivileges(options *Options) error {
-	if options.Privileged {
-		return runas.Root()
-	}
-
-	if options.Unprivileged {
-		return runas.Nobody()
-	}
-
-	return nil
-}
-
 func (options *Options) writeDefaultConfig() {
 	dummyconfig := `
 # Number of retries

v2/pkg/runas/runas_linux.go

@@ -15,10 +15,6 @@ type ConfigFile struct {
 	Verify bool `yaml:"verify,omitempty"`
 	// Ping uses ping probes to discover fastest active host and discover dead hosts
 	Ping bool `yaml:"ping,omitempty"`
-	// Attempts to run as root
-	Privileged bool `yaml:"privileged,omitempty"`
-	// Drop root privileges
-	Unprivileged bool `yaml:"unprivileged,omitempty"`
 	// Excludes ip of knows CDN ranges
 	ExcludeCDN bool `yaml:"exclude-cdn,omitempty"`
 	// Retries is the number of retries for the port

v2/pkg/runner/banners.go

@@ -11,4 +11,7 @@ const (
 	DefaultRetriesConnectScan = 3
 
 	ExternalTargetForTune = "8.8.8.8"
+
+	SynScan     = "s"
+	ConnectScan = "c"
 )

v2/pkg/runner/config.go

@@ -20,8 +20,6 @@ type Options struct {
 	Version        bool // Version specifies if we should just show version and exit
 	Ping           bool // Ping uses ping probes to discover fastest active host and discover dead hosts
 	Debug          bool // Prints out debug information
-	Privileged     bool // Attempts to run as root
-	Unprivileged   bool // Drop root privileges
 	ExcludeCDN     bool // Excludes ip of knows CDN ranges for full port scan
 	Nmap           bool // Invoke nmap detailed scan on results
 	InterfacesList bool // InterfacesList show interfaces list
@@ -46,6 +44,7 @@ type Options struct {
 	Threads           int    // Internal worker threads
 	EnableProgressBar bool   // Enable progress bar
 	ScanAllIPS        bool   // Scan all the ips
+	ScanType          string // Scan Type
 	config            *ConfigFile
 }
 
@@ -75,8 +74,6 @@ func ParseOptions() *Options {
 	flag.BoolVar(&options.Debug, "debug", false, "Enable debugging information")
 	flag.StringVar(&options.SourceIP, "source-ip", "", "Source Ip")
 	flag.StringVar(&options.Interface, "interface", "", "Network Interface to use for port scan")
-	flag.BoolVar(&options.Privileged, "privileged", false, "Attempts to run as root - Use sudo if possible")
-	flag.BoolVar(&options.Unprivileged, "unprivileged", false, "Drop root privileges")
 	flag.BoolVar(&options.ExcludeCDN, "exclude-cdn", false, "Sikp full port scans for CDNs (only checks for 80,443)")
 	flag.IntVar(&options.WarmUpTime, "warm-up-time", 2, "Time in seconds between scan phases")
 	flag.BoolVar(&options.InterfacesList, "interface-list", false, "List available interfaces and public ip")
@@ -86,6 +83,7 @@ func ParseOptions() *Options {
 	flag.IntVar(&options.Threads, "c", 25, "General internal worker threads")
 	flag.BoolVar(&options.EnableProgressBar, "stats", false, "Display stats of the running scan")
 	flag.BoolVar(&options.ScanAllIPS, "scan-all-ips", false, "Scan all the ips")
+	flag.StringVar(&options.ScanType, "s", SynScan, "Scan Type (s - Syn default, c - Connect)")
 
 	flag.Parse()
 
@@ -135,12 +133,6 @@ func ParseOptions() *Options {
 
 	showNetworkCapabilities(options)
 
-	// Handle privileges - most probably elevation will fail as the process would need to invoke fork()
-	err = handlePrivileges(options)
-	if err != nil {
-		gologger.Warningf("Could not set privileges:%s\n", err)
-	}
-
 	return options
 }
 
@@ -181,8 +173,7 @@ func (options *Options) MergeFromConfig(configFileName string, ignoreError bool)
 	if configFile.TopPorts != "" {
 		options.TopPorts = configFile.TopPorts
 	}
-	options.Privileged = configFile.Privileged
-	options.Unprivileged = configFile.Unprivileged
+
 	options.ExcludeCDN = configFile.ExcludeCDN
 	if configFile.SourceIP != "" {
 		options.SourceIP = configFile.SourceIP

v2/pkg/runner/default.go

@@ -78,7 +78,7 @@ func NewRunner(options *Options) (*Runner, error) {
 	runner.dnsclient = dnsclient
 
 	// Tune source
-	if isRoot() {
+	if isRoot() && options.ScanType == SynScan {
 		// Set values if those were specified via cli
 		if err := runner.SetSourceIPAndInterface(); err != nil {
 			// Otherwise try to obtain them automatically
@@ -104,10 +104,12 @@ func NewRunner(options *Options) (*Runner, error) {
 func (r *Runner) SetSourceIPAndInterface() error {
 	if r.options.SourceIP != "" && r.options.Interface != "" {
 		r.scanner.SourceIP = net.ParseIP(r.options.SourceIP)
-		var err error
-		r.scanner.NetworkInterface, err = net.InterfaceByName(r.options.Interface)
-		if err != nil {
-			return err
+		if r.options.Interface != "" {
+			var err error
+			r.scanner.NetworkInterface, err = net.InterfaceByName(r.options.Interface)
+			if err != nil {
+				return err
+			}
 		}
 	}
 
@@ -125,7 +127,7 @@ func (r *Runner) RunEnumeration() error {
 	r.wgscan = sizedwaitgroup.New(r.options.Rate)
 	r.limiter = ratelimit.New(r.options.Rate)
 
-	if isRoot() && !r.options.Unprivileged {
+	if isRoot() && r.options.ScanType == SynScan {
 		err = r.scanner.SetupHandlers()
 		if err != nil {
 			return err
@@ -183,11 +185,11 @@ retry:
 
 		r.limiter.Take()
 		// connect scan
-		if !isRoot() || r.options.Unprivileged {
+		if isRoot() && r.options.ScanType == SynScan {
+			r.RawSocketEnumeration(ip, port)
+		} else {
 			r.wgscan.Add()
 			go r.handleHostPort(ip, port)
-		} else {
-			r.RawSocketEnumeration(ip, port)
 		}
 		if r.options.EnableProgressBar {
 			r.stats.IncrementCounter("packets", 1)

v2/pkg/runner/options.go

@@ -560,6 +560,10 @@ func (s *Scanner) TuneSource(ip string) error {
 
 // SetupHandlers to listen on all interfaces
 func (s *Scanner) SetupHandlers() error {
+	if s.NetworkInterface != nil {
+		return s.SetupHandler(s.NetworkInterface.Name)
+	}
+
 	itfs, err := net.Interfaces()
 	if err != nil {
 		return err
@@ -568,10 +572,7 @@ func (s *Scanner) SetupHandlers() error {
 		if itf.Flags&net.FlagUp == 0 {
 			continue // interface down
 		}
-		err := s.SetupHandler(itf.Name)
-		if err != nil {
-			return err
-		}
+		s.SetupHandler(itf.Name)
 	}
 
 	return nil