Merge pull request #1 from zmap/master

Update

.gitignore

@@ -23,3 +23,5 @@ venv/*
 zgrab2_schemas.egg-info/*
 build/*
 dist/*
+
+.vscode/*

bin/bin.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"os"
 	"runtime/pprof"
+	"sync"
 	"time"
 
 	"fmt"
@@ -132,7 +133,8 @@ func ZGrab2Main() {
 		s.Init(flag)
 		zgrab2.RegisterScan(moduleType, s)
 	}
-	monitor := zgrab2.MakeMonitor()
+	wg := sync.WaitGroup{}
+	monitor := zgrab2.MakeMonitor(1, &wg)
 	monitor.Callback = func(_ string) {
 		dumpHeapProfile()
 	}
@@ -141,6 +143,8 @@ func ZGrab2Main() {
 	zgrab2.Process(monitor)
 	end := time.Now()
 	log.Infof("finished grab at %s", end.Format(time.RFC3339))
+	monitor.Stop()
+	wg.Wait()
 	s := Summary{
 		StatusesPerModule: monitor.GetStatuses(),
 		StartTime:         start.Format(time.RFC3339),

bin/default_modules.go

@@ -0,0 +1,65 @@
+package bin
+
+import (
+	"github.com/zmap/zgrab2"
+	"github.com/zmap/zgrab2/modules"
+	"github.com/zmap/zgrab2/modules/bacnet"
+	"github.com/zmap/zgrab2/modules/banner"
+	"github.com/zmap/zgrab2/modules/dnp3"
+	"github.com/zmap/zgrab2/modules/fox"
+	"github.com/zmap/zgrab2/modules/ftp"
+	"github.com/zmap/zgrab2/modules/http"
+	"github.com/zmap/zgrab2/modules/imap"
+	"github.com/zmap/zgrab2/modules/ipp"
+	"github.com/zmap/zgrab2/modules/modbus"
+	"github.com/zmap/zgrab2/modules/mongodb"
+	"github.com/zmap/zgrab2/modules/mssql"
+	"github.com/zmap/zgrab2/modules/mysql"
+	"github.com/zmap/zgrab2/modules/ntp"
+	"github.com/zmap/zgrab2/modules/oracle"
+	"github.com/zmap/zgrab2/modules/pop3"
+	"github.com/zmap/zgrab2/modules/postgres"
+	"github.com/zmap/zgrab2/modules/redis"
+	"github.com/zmap/zgrab2/modules/siemens"
+	"github.com/zmap/zgrab2/modules/smb"
+	"github.com/zmap/zgrab2/modules/smtp"
+	"github.com/zmap/zgrab2/modules/telnet"
+)
+
+var defaultModules zgrab2.ModuleSet
+
+func init() {
+	defaultModules = map[string]zgrab2.ScanModule{
+		"bacnet":   &bacnet.Module{},
+		"banner":   &banner.Module{},
+		"dnp3":     &dnp3.Module{},
+		"fox":      &fox.Module{},
+		"ftp":      &ftp.Module{},
+		"http":     &http.Module{},
+		"imap":     &imap.Module{},
+		"ipp":      &ipp.Module{},
+		"modbus":   &modbus.Module{},
+		"mongodb":  &mongodb.Module{},
+		"mssql":    &mssql.Module{},
+		"mysql":    &mysql.Module{},
+		"ntp":      &ntp.Module{},
+		"oracle":   &oracle.Module{},
+		"pop3":     &pop3.Module{},
+		"postgres": &postgres.Module{},
+		"redis":    &redis.Module{},
+		"siemens":  &siemens.Module{},
+		"smb":      &smb.Module{},
+		"smtp":     &smtp.Module{},
+		"ssh":      &modules.SSHModule{},
+		"telnet":   &telnet.Module{},
+		"tls":      &modules.TLSModule{},
+	}
+}
+
+// NewModuleSetWithDefaults returns a newly allocated ModuleSet containing all
+// ScanModules implemented by the ZGrab2 framework.
+func NewModuleSetWithDefaults() zgrab2.ModuleSet {
+	out := zgrab2.ModuleSet{}
+	defaultModules.CopyInto(out)
+	return out
+}

bin/doc.go

@@ -0,0 +1,6 @@
+// Package bin contains functions useful for creating a binary version of
+// ZGrab2.
+//
+// This package can import "github.com/zmap/zgrab2", and should be imported by
+// targets within "github.com/zmap/zgrab2/cmd"
+package bin

config.go

@@ -47,6 +47,7 @@ func SetOutputFunc(f OutputResultsFunc) {
 
 func init() {
 	config.Multiple.ContinueOnError = true // set default for multiple value
+	config.Multiple.BreakOnSuccess = false // set default for multiple value
 }
 
 var config Config
@@ -89,7 +90,8 @@ func validateFrameworkConfiguration() {
 			log.Fatal(err)
 		}
 	}
-	SetOutputFunc(OutputResultsFile)
+	outputFunc := OutputResultsWriterFunc(config.outputFile)
+	SetOutputFunc(outputFunc)
 
 	if config.MetaFileName == "-" {
 		config.metaFile = os.Stderr

fake_resolver.go

@@ -0,0 +1,165 @@
+package zgrab2
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"golang.org/x/net/dns/dnsmessage"
+	"net"
+	"time"
+)
+
+// Fake DNS Resolver, to force a DNS lookup to return a pinned address
+// Inspired by the golang net/dnsclient_unix_test.go code
+//
+// For a given IP, create a new Resolver that wraps a fake
+// DNS server. This resolver will always return an IP that
+// is represented by "ipstr", for DNS queries of the same
+// IP type.  Otherwise, it will return a DNS lookup error.
+func NewFakeResolver(ipstr string) (*net.Resolver, error) {
+	ip := net.ParseIP(ipstr)
+	if len(ip) < 4 {
+		return nil, fmt.Errorf("Fake resolver can't use non-IP '%s'", ipstr)
+	}
+	fDNS := FakeDNSServer{
+		IP: ip,
+	}
+	return &net.Resolver{
+		PreferGo: true, // Needed to force the use of the Go internal resolver
+		Dial:     fDNS.DialContext,
+	}, nil
+}
+
+type FakeDNSServer struct {
+	// Any domain name will resolve to this IP.  It can be either ipv4 or ipv6
+	IP net.IP
+}
+
+// For a given DNS query, return the hard-coded IP that is part of
+// FakeDNSServer.
+//
+// It will work with either ipv4 or ipv6 addresses; if a TypeA question
+// is received, we will only return the IP if what we have to return is
+// ipv4.  The same for TypeAAAA and ipv6.
+func (f *FakeDNSServer) fakeDNS(s string, dmsg dnsmessage.Message) (r dnsmessage.Message, err error) {
+
+	r = dnsmessage.Message{
+		Header: dnsmessage.Header{
+			ID:       dmsg.ID,
+			Response: true,
+		},
+		Questions: dmsg.Questions,
+	}
+	ipv6 := f.IP.To16()
+	ipv4 := f.IP.To4()
+	switch t := dmsg.Questions[0].Type; {
+	case t == dnsmessage.TypeA && ipv4 != nil:
+		var ip [4]byte
+		copy(ip[:], []byte(ipv4))
+		r.Answers = []dnsmessage.Resource{
+			{
+				Header: dnsmessage.ResourceHeader{
+					Name:   dmsg.Questions[0].Name,
+					Type:   dnsmessage.TypeA,
+					Class:  dnsmessage.ClassINET,
+					Length: 4,
+				},
+				Body: &dnsmessage.AResource{
+					A: ip,
+				},
+			},
+		}
+	case t == dnsmessage.TypeAAAA && ipv4 == nil:
+		var ip [16]byte
+		copy(ip[:], []byte(ipv6))
+		r.Answers = []dnsmessage.Resource{
+			{
+				Header: dnsmessage.ResourceHeader{
+					Name:   dmsg.Questions[0].Name,
+					Type:   dnsmessage.TypeAAAA,
+					Class:  dnsmessage.ClassINET,
+					Length: 16,
+				},
+				Body: &dnsmessage.AAAAResource{
+					AAAA: ip,
+				},
+			},
+		}
+	default:
+		r.Header.RCode = dnsmessage.RCodeNameError
+	}
+
+	return r, nil
+}
+
+// This merely wraps a custom net.Conn, that is only good for DNS
+// messages
+func (f *FakeDNSServer) DialContext(ctx context.Context, network,
+	address string) (net.Conn, error) {
+
+	conn := &fakeDNSPacketConn{
+		fakeDNSConn: fakeDNSConn{
+			server:  f,
+			network: network,
+			address: address,
+		},
+	}
+	return conn, nil
+}
+
+type fakeDNSConn struct {
+	net.Conn
+	server  *FakeDNSServer
+	network string
+	address string
+	dmsg    dnsmessage.Message
+}
+
+func (fc *fakeDNSConn) Read(b []byte) (int, error) {
+	resp, err := fc.server.fakeDNS(fc.address, fc.dmsg)
+	if err != nil {
+		return 0, err
+	}
+
+	bb := make([]byte, 2, 514)
+	bb, err = resp.AppendPack(bb)
+	if err != nil {
+		return 0, fmt.Errorf("cannot marshal DNS message: %v", err)
+	}
+
+	bb = bb[2:]
+	if len(b) < len(bb) {
+		return 0, errors.New("read would fragment DNS message")
+	}
+
+	copy(b, bb)
+	return len(bb), nil
+}
+
+func (fc *fakeDNSConn) Write(b []byte) (int, error) {
+	if fc.dmsg.Unpack(b) != nil {
+		return 0, fmt.Errorf("cannot unmarshal DNS message fake %s (%d)", fc.network, len(b))
+	}
+	return len(b), nil
+}
+
+func (fc *fakeDNSConn) SetDeadline(deadline time.Time) error {
+	return nil
+}
+
+func (fc *fakeDNSConn) Close() error {
+	return nil
+}
+
+type fakeDNSPacketConn struct {
+	net.PacketConn
+	fakeDNSConn
+}
+
+func (f *fakeDNSPacketConn) SetDeadline(deadline time.Time) error {
+	return nil
+}
+
+func (f *fakeDNSPacketConn) Close() error {
+	return f.fakeDNSConn.Close()
+}

lib/ssh/cipher.go

@@ -372,7 +372,7 @@ type cbcCipher struct {
 	oracleCamouflage uint32
 }
 
-func newCBCCipher(c cipher.Block, iv, key, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
+func newCBCCipher(c cipher.Block, iv, key, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
 	cbc := &cbcCipher{
 		mac:        macModes[algs.MAC].new(macKey),
 		decrypter:  cipher.NewCBCDecrypter(c, iv),
@@ -386,7 +386,7 @@ func newCBCCipher(c cipher.Block, iv, key, macKey []byte, algs directionAlgorith
 	return cbc, nil
 }
 
-func newAESCBCCipher(iv, key, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
+func newAESCBCCipher(iv, key, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
 	c, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
@@ -400,7 +400,7 @@ func newAESCBCCipher(iv, key, macKey []byte, algs directionAlgorithms) (packetCi
 	return cbc, nil
 }
 
-func newTripleDESCBCCipher(iv, key, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
+func newTripleDESCBCCipher(iv, key, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
 	c, err := des.NewTripleDESCipher(key)
 	if err != nil {
 		return nil, err

lib/ssh/cipher_test.go

@@ -27,7 +27,7 @@ func TestPacketCiphers(t *testing.T) {
 
 	for cipher := range cipherModes {
 		kr := &kexResult{Hash: crypto.SHA1}
-		algs := directionAlgorithms{
+		algs := DirectionAlgorithms{
 			Cipher:      cipher,
 			MAC:         "hmac-sha1",
 			Compression: "none",
@@ -68,7 +68,7 @@ func TestCBCOracleCounterMeasure(t *testing.T) {
 	defer delete(cipherModes, aes128cbcID)
 
 	kr := &kexResult{Hash: crypto.SHA1}
-	algs := directionAlgorithms{
+	algs := DirectionAlgorithms{
 		Cipher:      aes128cbcID,
 		MAC:         "hmac-sha1",
 		Compression: "none",