fix(scanner/windows): support installationType Domain Controller (#1627)

future-architect · Mar 28, 2023 · 8ccaa8c · 8ccaa8c
1 parent de1ed8e
commit 8ccaa8c
Show file tree

Hide file tree

Showing 3 changed files with 145 additions and 9 deletions.
diff --git a/scanner/scanner.go b/scanner/scanner.go
@@ -170,6 +170,7 @@ func ViaHTTP(header http.Header, body string, toLocalFile bool) (models.ScanResu
 
 		release := header.Get("X-Vuls-OS-Release")
 		if release == "" {
+			logging.Log.Debugf("osInfo(systeminfo.exe): %+v", osInfo)
 			release, err = detectOSName(osInfo)
 			if err != nil {
 				return models.ScanResult{}, xerrors.Errorf("Failed to detect os name. err: %w", err)

diff --git a/scanner/windows.go b/scanner/windows.go
@@ -60,6 +60,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
 				return true, w
 			}
 
+			w.log.Debugf("osInfo(Registry): %+v", osInfo)
 			release, err := detectOSName(osInfo)
 			if err != nil {
 				w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -79,6 +80,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
 			return true, w
 		}
 
+		w.log.Debugf("osInfo(Get-ComputerInfo): %+v", osInfo)
 		release, err := detectOSName(osInfo)
 		if err != nil {
 			w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -97,6 +99,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
 			return true, w
 		}
 
+		w.log.Debugf("osInfo(Get-WmiObject): %+v", osInfo)
 		release, err := detectOSName(osInfo)
 		if err != nil {
 			w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -115,6 +118,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
 			return true, w
 		}
 
+		w.log.Debugf("osInfo(systeminfo.exe): %+v", osInfo)
 		release, err := detectOSName(osInfo)
 		if err != nil {
 			w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -171,6 +175,8 @@ func parseSystemInfo(stdout string) (osInfo, []string, error) {
 				o.installationType = "Server"
 			case strings.Contains(line, "Workstation"):
 				o.installationType = "Client"
+			case strings.Contains(line, "Domain Controller"):
+				o.installationType = "Domain Controller"
 			default:
 				return osInfo{}, nil, xerrors.Errorf("Failed to detect installation type. line: %s", line)
 			}
@@ -453,7 +459,7 @@ func parseWmiObject(stdout string) (osInfo, error) {
 			case "2", "3":
 				o.installationType = "Server"
 			case "4", "5":
-				o.installationType = "Controller"
+				o.installationType = "Domain Controller"
 			default:
 				return osInfo{}, xerrors.Errorf("Failed to detect Installation Type from DomainRole. err: %s is invalid DomainRole", domainRole)
 			}
@@ -546,6 +552,7 @@ func parseRegistry(stdout, arch string) (osInfo, error) {
 }
 
 func detectOSName(osInfo osInfo) (string, error) {
+
 	osName, err := detectOSNameFromOSInfo(osInfo)
 	if err != nil {
 		return "", xerrors.Errorf("Failed to detect OS Name from OSInfo: %+v, err: %w", osInfo, err)
@@ -562,7 +569,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
 				return fmt.Sprintf("Microsoft Windows 2000 %s", osInfo.servicePack), nil
 			}
 			return "Microsoft Windows 2000", nil
-		case "Server":
+		case "Server", "Domain Controller":
 			if osInfo.servicePack != "" {
 				return fmt.Sprintf("Microsoft Windows 2000 Server %s", osInfo.servicePack), nil
 			}
@@ -613,7 +620,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
 				return fmt.Sprintf("%s %s", n, osInfo.servicePack), nil
 			}
 			return n, nil
-		case "Server":
+		case "Server", "Domain Controller":
 			n := "Microsoft Windows Server 2003"
 			if strings.Contains(osInfo.productName, "R2") {
 				n = "Microsoft Windows Server 2003 R2"
@@ -647,7 +654,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
 				return fmt.Sprintf("%s %s", n, osInfo.servicePack), nil
 			}
 			return n, nil
-		case "Server":
+		case "Server", "Domain Controller":
 			arch, err := formatArch(osInfo.arch)
 			if err != nil {
 				return "", err
@@ -677,7 +684,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
 				return fmt.Sprintf("Windows 7 for %s Systems %s", arch, osInfo.servicePack), nil
 			}
 			return fmt.Sprintf("Windows 7 for %s Systems", arch), nil
-		case "Server":
+		case "Server", "Domain Controller":
 			arch, err := formatArch(osInfo.arch)
 			if err != nil {
 				return "", err
@@ -704,7 +711,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
 				return "", err
 			}
 			return fmt.Sprintf("Windows 8 for %s Systems", arch), nil
-		case "Server":
+		case "Server", "Domain Controller":
 			return "Windows Server 2012", nil
 		case "Server Core":
 			return "Windows Server 2012 (Server Core installation)", nil
@@ -717,7 +724,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
 				return "", err
 			}
 			return fmt.Sprintf("Windows 8.1 for %s Systems", arch), nil
-		case "Server":
+		case "Server", "Domain Controller":
 			return "Windows Server 2012 R2", nil
 		case "Server Core":
 			return "Windows Server 2012 R2 (Server Core installation)", nil
@@ -746,7 +753,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
 				return "", err
 			}
 			return fmt.Sprintf("%s for %s Systems", name, arch), nil
-		case "Server":
+		case "Server", "Nano Server", "Domain Controller":
 			return formatNamebyBuild("Server", osInfo.build)
 		case "Server Core":
 			name, err := formatNamebyBuild("Server", osInfo.build)

diff --git a/scanner/windows_test.go b/scanner/windows_test.go
@@ -18,7 +18,7 @@ func Test_parseSystemInfo(t *testing.T) {
 		wantErr bool
 	}{
 		{
-			name: "happy",
+			name: "Workstation",
 			args: `
 Host Name:                 DESKTOP
 OS Name:                   Microsoft Windows 10 Pro
@@ -83,6 +83,120 @@ Hyper-V Requirements:      VM Monitor Mode Extensions: Yes
 			},
 			kbs: []string{"5012117", "4562830", "5003791", "5007401", "5012599", "5011651", "5005699"},
 		},
+		{
+			name: "Server",
+			args: `
+Host Name:                 WIN-RIBN7SM07BK
+OS Name:                   Microsoft Windows Server 2022 Standard
+OS Version:                10.0.20348 N/A Build 20348
+OS Manufacturer:           Microsoft Corporation
+OS Configuration:          Standalone Server
+OS Build Type:             Multiprocessor Free
+Registered Owner:          Windows User
+Registered Organization:   
+Product ID:                00454-10000-00001-AA483
+Original Install Date:     10/1/2021, 4:15:34 PM
+System Boot Time:          10/22/2021, 8:36:55 AM
+System Manufacturer:       Microsoft Corporation
+System Model:              Virtual Machine
+System Type:               x64-based PC
+Processor(s):              1 Processor(s) Installed.
+						   [01]: Intel64 Family 6 Model 158 Stepping 9 GenuineIntel ~2808 Mhz
+BIOS Version:              Microsoft Corporation Hyper-V UEFI Release v4.0, 12/17/2019
+Windows Directory:         C:\Windows
+System Directory:          C:\Windows\system32
+Boot Device:               \Device\HarddiskVolume1
+System Locale:             en-us;English (United States)
+Input Locale:              en-us;English (United States)
+Time Zone:                 (UTC-08:00) Pacific Time (US & Canada)
+Total Physical Memory:     2,047 MB
+Available Physical Memory: 900 MB
+Virtual Memory: Max Size:  3,199 MB
+Virtual Memory: Available: 2,143 MB
+Virtual Memory: In Use:    1,056 MB
+Page File Location(s):     C:\pagefile.sys
+Domain:                    WORKGROUP
+Logon Server:              \\WIN-RIBN7SM07BK
+Hotfix(s):                 3 Hotfix(s) Installed.
+						   [01]: KB5004330
+						   [02]: KB5005039
+						   [03]: KB5005552
+Network Card(s):           1 NIC(s) Installed.
+						   [01]: Microsoft Hyper-V Network Adapter
+								 Connection Name: Ethernet
+								 DHCP Enabled:    Yes
+								 DHCP Server:     192.168.254.254
+								 IP address(es)
+								 [01]: 192.168.254.172
+								 [02]: fe80::b4a1:11cc:2c4:4f57
+Hyper-V Requirements:      A hypervisor has been detected. Features required for Hyper-V will not be displayed.
+`,
+			osInfo: osInfo{
+				productName:      "Microsoft Windows Server 2022 Standard",
+				version:          "10.0",
+				build:            "20348",
+				revision:         "",
+				edition:          "",
+				servicePack:      "",
+				arch:             "x64-based",
+				installationType: "Server",
+			},
+			kbs: []string{"5004330", "5005039", "5005552"},
+		},
+		{
+			name: "Domain Controller",
+			args: `
+Host Name:                 vuls
+OS Name:                   Microsoft Windows Server 2019 Datacenter
+OS Version:                10.0.17763 N/A Build 17763
+OS Manufacturer:           Microsoft Corporation
+OS Configuration:          Primary Domain Controller
+OS Build Type:             Multiprocessor Free
+Registered Owner:          N/A
+Registered Organization:   N/A
+Product ID:                00430-00000-00000-AA602
+Original Install Date:     1/16/2023, 10:04:07 AM
+System Boot Time:          3/28/2023, 8:37:14 AM
+System Manufacturer:       Microsoft Corporation
+System Model:              Virtual Machine
+System Type:               x64-based PC
+Processor(s):              1 Processor(s) Installed.
+						   [01]: Intel64 Family 6 Model 85 Stepping 4 GenuineIntel ~2095 Mhz
+BIOS Version:              Microsoft Corporation Hyper-V UEFI Release v4.1, 5/9/2022
+Windows Directory:         C:\Windows
+System Directory:          C:\Windows\system32
+Boot Device:               \Device\HarddiskVolume3
+System Locale:             en-us;English (United States)
+Input Locale:              en-us;English (United States)
+Time Zone:                 (UTC) Coordinated Universal Time
+Total Physical Memory:     16,383 MB
+Available Physical Memory: 13,170 MB
+Virtual Memory: Max Size:  18,431 MB
+Virtual Memory: Available: 15,208 MB
+Virtual Memory: In Use:    3,223 MB
+Page File Location(s):     C:\pagefile.sys
+Domain:                    vuls
+Logon Server:              \\vuls
+Hotfix(s):                 5 Hotfix(s) Installed.
+						   [01]: KB5022511
+						   [02]: KB5012170
+						   [03]: KB5023702
+						   [04]: KB5020374
+						   [05]: KB5023789
+Hyper-V Requirements:      A hypervisor has been detected. Features required for Hyper-V will not be displayed.
+`,
+			osInfo: osInfo{
+				productName:      "Microsoft Windows Server 2019 Datacenter",
+				version:          "10.0",
+				build:            "17763",
+				revision:         "",
+				edition:          "",
+				servicePack:      "",
+				arch:             "x64-based",
+				installationType: "Domain Controller",
+			},
+			kbs: []string{"5022511", "5012170", "5023702", "5020374", "5023789"},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -291,6 +405,20 @@ func Test_detectOSName(t *testing.T) {
 			},
 			want: "Windows Server 2022",
 		},
+		{
+			name: "Windows Server 2019",
+			args: osInfo{
+				productName:      "Microsoft Windows Server 2019 Datacenter",
+				version:          "10.0",
+				build:            "17763",
+				revision:         "",
+				edition:          "",
+				servicePack:      "",
+				arch:             "x64-based",
+				installationType: "Domain Controller",
+			},
+			want: "Windows Server 2019",
+		},
 		{
 			name: "err",
 			args: osInfo{