cloudflare / flan Goto Github PK
View Code? Open in Web Editor NEWA pretty sweet vulnerability scanner
License: BSD 3-Clause "New" or "Revised" License
A pretty sweet vulnerability scanner
License: BSD 3-Clause "New" or "Revised" License
Hello,
I'm getting this error on make start
.
docker run --name flan_1575283883 -v /Users/xxx/flan/shared:/shared flan_scan
docker: invalid reference format: repository name must be lowercase.
See 'docker run --help'.
make: *** [start] Error 125
# Nmap done at Fri Nov 22 11:40:27 2019 -- 256 IP addresses (1 host up) scanned in 45.17 seconds
Traceback (most recent call last):
File "/output_report.py", line 225, in <module>
main()
File "/output_report.py", line 216, in main
parse_results(data)
File "/output_report.py", line 102, in parse_results
parse_host(h)
File "/output_report.py", line 92, in parse_host
parse_port(ip_addr, p)
File "/output_report.py", line 83, in parse_port
parse_script(ip_addr, port_num, app_name, scripts)
File "/output_report.py", line 35, in parse_script
script_table = script['table']['table']
KeyError: 'table'
sed: /shared/reports/report_2019.11.22-10.57.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-10.57.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-10.57.tex: No such file or directory
My IPs are three /24 networks.
Hello, this is a feature request.
Is it possible to add some kind of exception list?
I have been using Flan for scanning a bunch of servers, but there are many false-positive results, ie:
Flan results the following:
OpenSSH 7.4 (cpe:/a:openbsd:openssh:7.4)
CVE-2017-15906 Medium (5.0)
Summary:The process open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
But Redhat says this server isnt affected ( https://access.redhat.com/security/cve/cve-2019-16905 ).
So, it would be nice if there was a, exception list. Adding that server IP and CVE code to an exception list would avoid reporting that false-positive again.
What?
When I tried to generate a PDF from the .tex report, it failed to compile.
When?
The issue seems to only occur when no vulnerabilities are found.
The issue seems to be resolved when I add a random \item within the "Services with Vulnerabilities" section, as it seems to require at least one "item".
\section*{Services with Vulnerabilities}
\begin{enumerate}[wide, labelwidth=!, labelindent=0pt, label=\textbf{\large \arabic{enumi} \large}]
\item this has been added
\end{enumerate}
Note: I'm not familiar with the TeX format, and I'm not sure if this is even an issue with Flan.
-Tim
Hello, I have been using Flan in combination with OWASP Amass - Amass would run a recon scan on ano organisation's footprint - then filter and output a set of IPs I would input to flan to scan. Once the results are out I would parse the JSON output to add the DNS, ASN associated with the IP address (The ASN would be 0 if it's an internal IP - and DNS left blank if not found).
I like Flan, and would recommend a few improvements if possible
The above make it way easier for me to find what I am looking for with minimal fuss, happy to share some of the scripts used to get data into Flan from Amass then filtering the output. Thanks Again!
After doing the network scan, the following error was generated:
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Tue Mar 10 19:18:29 2020 -- 256 IP addresses (53 hosts up) scanned in 527.44 seconds
Traceback (most recent call last):
File "/output_report.py", line 72, in <module>
main(*sys.argv[1:4], report_type='latex')
File "/output_report.py", line 68, in main
create_report(parser, builder, nmap_command, start_date, output, ip_source)
File "/output_report.py", line 20, in create_report
builder.add_vulnerable_services(parser.vulnerable_dict)
File "/contrib/report_builders/latex_report_builder.py", line 58, in add_vulnerable_services
+ '\\\\ \\hline \\end{tabular} ')
AttributeError: 'str' object has no attribute 'url'
As a follow up to #11 , after git pull
now I get...
ERROR in script: ERROR: Script execution failed (use -d to debug) at location: 10.76.78.124 port: 8080 app: http (cpe:/a:jeremy_graham:chorus:2)
Attempting to turn latex into pdf with pdflatex
does not work due to the error
This is pdfTeX, Version 3.14159265-2.6-1.40.20 (TeX Live 2019/Debian) (preloaded format=pdflatex)
restricted \write18 enabled.
entering extended mode
(./reports/report_2019.11.21-23.52.tex
LaTeX2e <2018-12-01>
(/usr/share/texlive/texmf-dist/tex/latex/base/article.cls
Document Class: article 2018/09/03 v1.4i Standard LaTeX document class
(/usr/share/texlive/texmf-dist/tex/latex/base/size10.clo))
! LaTeX Error: File `enumitem.sty' not found.
Type X to quit or <RETURN> to proceed,
or enter new name. (Default extension: sty)
PR
#76
Hello there :)
Issue:
I have ran into situation where nmap scanner return results where inside <script>
tag was more than 1 <table>
tag. So while parsing raised Exception loke this:
Traceback (most recent call last):
File "/output_report.py", line 81, in <module>
main(*sys.argv[1:4], report_type=report_format)
File "/output_report.py", line 71, in main
parser.parse(data)
File "/contrib/parsers/flan_xml_parser.py", line 55, in parse
self.parse_host(hosts)
File "/contrib/parsers/flan_xml_parser.py", line 123, in parse_host
self.parse_port(ip_addr, p)
File "/contrib/parsers/flan_xml_parser.py", line 104, in parse_port
self.parse_script(ip_addr, port_num, app_name, scripts)
File "/contrib/parsers/flan_xml_parser.py", line 77, in parse_script
script_table = script['table']['table']
TypeError: list indices must be integers or slices, not str
On some port were 2 cpes:
ISC BIND 9.9.4 (cpe:/a:isc:bind:9.9.4) (cpe:/o:redhat:enterprise_linux:7)
XML fil after nmap
scanning looks like this:
<port>
<script>
<table>
...
</table>
<table>
...
</table>
</script>
</port>
I've decided to bring few fixes and handle this problem.
builder._buffer
changes
Example of actual parsing results:
_buffer = {
"ips": [],
"vulnerable": {
"OpenSSH (cpe:\a:openbsd..)": {
"vulnerabilities": {
"cpe:\a:openbsd..": [],
},
"locations": {addr: [ports]},
}
"ISC BIND 9.9.4 (cpe:/a:isc:bind:9.9.4) (cpe:/o:redhat:enterprise_linux:7)": {
"vulnerabilities": {
"(cpe:/a:isc:bind:9.9.4)": [],
"(cpe:/o:redhat:enterprise_linux:7)": [],
}
"locations": {"addr": [ports]},
}
},
"not_vulnerable": [],
}
flan_types.py
changes:
class ScanResult:
self.vulns = defaultdict(list) # type: Dict[str, List[Vuln]]
parser.results:
{
'OpenSSH 7.4 (cpe:/a:openbsd:openssh:7.4) ': ScanResult,
...
}
Core change is in the dict structure. Now parser.results
dict items consists of ScanResult objects, which attribute vulns
is dict (defaultdict(list)
). So if there are two or more cpes in the same port, it won't break anymore.
Make-build fails on:
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/main: temporary error (try again later)
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/community: temporary error (try again later)
ERROR: unsatisfiable constraints:
The command '/bin/sh -c apk add nmap' returned a non-zero code: 1
make: *** [build] Error 1
However......
bas@bas-laptop:/tmp$ wget http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
--2019-11-22 21:02:16-- http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
Resolving dl-cdn.alpinelinux.org (dl-cdn.alpinelinux.org)... 151.101.36.249, 2a04:4e42:9::249
Connecting to dl-cdn.alpinelinux.org (dl-cdn.alpinelinux.org)|151.101.36.249|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 756094 (738K) [application/octet-stream]
Saving to: ‘APKINDEX.tar.gz’
APKINDEX.tar.gz 100%[====================================================================================================================================================================================================================================================>] 738.37K --.-KB/s in 0.1s
2019-11-22 21:02:16 (4.93 MB/s) - ‘APKINDEX.tar.gz’ saved [756094/756094]
bas@bas-laptop:/tmp$ wget http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
--2019-11-22 21:02:43-- http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
Resolving dl-cdn.alpinelinux.org (dl-cdn.alpinelinux.org)... 151.101.36.249, 2a04:4e42:9::249
Connecting to dl-cdn.alpinelinux.org (dl-cdn.alpinelinux.org)|151.101.36.249|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 663324 (648K) [application/octet-stream]
Saving to: ‘APKINDEX.tar.gz.1’
APKINDEX.tar.gz.1 100%[====================================================================================================================================================================================================================================================>] 647.78K --.-KB/s in 0.1s
2019-11-22 21:02:43 (4.77 MB/s) - ‘APKINDEX.tar.gz.1’ saved [663324/663324]
make start
docker run --name flan_1574462973 -v /root/flan/shared:/shared flan_scan
mkdir: can't create directory '/shared/xml_files/2019.11.22-22.49': Permission denied
/run.sh: line 34: can't open /shared/ips.txt: Permission denied
Traceback (most recent call last):
File "/output_report.py", line 227, in <module>
main()
File "/output_report.py", line 213, in main
for i, filename in enumerate(os.listdir(dirname)):
FileNotFoundError: [Errno 2] No such file or directory: '/shared/xml_files/2019.11.22-22.49'
sed: /shared/reports/report_2019.11.22-22.49.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-22.49.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-22.49.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-22.49.tex: No such file or directory
Make version: GNU Make 3.82
Docker version: 1.13.1
OS: CentOS 7.7
I was really excited to try this out, but then really bummed by only having XML or LaTeX output - I can't read either. I spent like 20 minutes trying to set up a Tex distribution and going through the loop of compiling, failing, installing another Tex style, and repeating until I gave up because of some weird error about the fontawesome style.
My point is, it would be awesome if flan output some easily human readable format directly, without the need for some external dependencies to process it (no Tex, no XML parser, etc.). For now, I'm sorta stuck squinting at these XML files....
Hi,
I ran make build withour any error.
Then i tested make start and got this error :
docker run --name flan_1574936755 -v /tmp/flan/shared:/shared flan_scan
mkdir: can't create directory '/shared/xml_files/2019.11.28-10.25': No such file or directory
/run.sh: line 34: can't open /shared/ips.txt: no such file
Traceback (most recent call last):
File "/output_report.py", line 238, in <module>
main()
File "/output_report.py", line 224, in main
for i, filename in enumerate(os.listdir(dirname)):
FileNotFoundError: [Errno 2] No such file or directory: '/shared/xml_files/2019.11.28-10.25'
sed: /shared/reports/report_2019.11.28-10.25.tex: No such file or directory
sed: /shared/reports/report_2019.11.28-10.25.tex: No such file or directory
sed: /shared/reports/report_2019.11.28-10.25.tex: No such file or directory
sed: /shared/reports/report_2019.11.28-10.25.tex: No such file or directory
Hi,
I reviewed the scripts used by flan.
The linters of the used scripting languages report some issues which might also lead to unexpected behaviours.
As linters I used:
I'll open PR for every script to fix the syntax.
That way linting could be added to a CI/CD job which is testing changes for new releases.
Regards,
Andreas
First, thank you for creating this tool! I used this tool during a cyber competition earlier today.
Second, using pdflatex
(which gave me many Undefined Control Sequence
errors), I generated the pdf
which has some noticeable formatting issues. Mostly displaying the found CVE
s that run off the page sometimes and appear cut off. I have attached screenshots as well as a zip containing the .tex
, .pdf
, and .xml
files. There are two .pdf
s and two .tex
files as we did modify the auto generated tex
file. The pdf we changed has the same issues. It was during a competition, so I was unable to try to fix it. Please let me know if there is any more information that is needed.
New to using docker and running the container on a Windows 10 machine,
When I kick of the scanner I get the following outputs.
"xml" -oN - -v1 --script=vulners/vulners.nse "1.1.1.1s: nmap -sV -oX "/shared/xml_files/2020.06.18-07.09/1.1.1.1
".iled to resolve "1.1.1.1
".iled to resolve "1.1.1.1
Read data files from: /usr/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
WARNING: No targets were specified, so 0 hosts scanned.
"xml" -oN - -v1 --script=vulners/vulners.nse "8.8.8.8s: nmap -sV -oX "/shared/xml_files/2020.06.18-07.09/8.8.8.8
".iled to resolve "8.8.8.8
".iled to resolve "8.8.8.8
Read data files from: /usr/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
WARNING: No targets were specified, so 0 hosts scanned.
"xml" -oN - -v1 --script=vulners/vulners.nse "192.168.1.12ap -sV -oX "/shared/xml_files/2020.06.18-07.09/192.168.1.12
".iled to resolve "192.168.1.12
".iled to resolve "192.168.1.12
Read data files from: /usr/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
WARNING: No targets were specified, so 0 hosts scanned.
Any suggestions, the IP that I'm scanning for is on my local network and I can resolve the IP with a ping
It would be great to be able to generate the different report formats on previously run scans so you don't have to rescan everything to get a different report format.
Only XML file is generated, IP for tex generator is empty:
docker run --name flan_1574405167 -v /srv/git/flan/shared:/shared flan_scan
# Nmap 7.70 scan initiated Fri Nov 22 06:46:08 2019 as: nmap -sV -oX /shared/xml_files/2019.11.22-06.46/x.x.x.18.xml -oN - -v1 --script=vulners/vulners.nse x.x.x.18
Nmap scan report for static.x-x-x-18.clients.your-server.de (x.x.x.18)
Host is up (0.00027s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
| vulners:
| cpe:/a:openbsd:openssh:7.4:
| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
80/tcp open http nginx 1.16.1
|_http-server-header: nginx/1.16.1
443/tcp open ssl/http nginx 1.16.1
|_http-server-header: nginx/1.16.1
|_http-trane-info: Problem with XML parsing of /evox/about
9001/tcp filtered tor-orport
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Fri Nov 22 06:46:23 2019 -- 1 IP address (1 host up) scanned in 15.41 seconds
# Nmap 7.70 scan initiated Fri Nov 22 06:46:23 2019 as: nmap -sV -oX /shared/xml_files/2019.11.22-06.46/.xml -oN - -v1 --script=vulners/vulners.nse
Read data files from: /usr/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
# Nmap done at Fri Nov 22 06:46:23 2019 -- 0 IP addresses (0 hosts up) scanned in 0.35 seconds
WARNING: No targets were specified, so 0 hosts scanned.
Traceback (most recent call last):
File "/output_report.py", line 225, in <module>
main()
File "/output_report.py", line 216, in main
parse_results(data)
File "/output_report.py", line 98, in parse_results
hosts = data['nmaprun']['host']
KeyError: 'host'
sed: /shared/reports/report_2019.11.22-06.46.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-06.46.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-06.46.tex: No such file or directory
Errors and no results directory created.
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port8082-TCP:V=7.70%T=SSL%I=7%D=11/22%Time=5DD82E1C%P=x86_64-alpine-lin
SF:ux-musl%r(GenericLines,37,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nSec-We
SF:bSocket-Version:\x2013\r\n\r\n")%r(GetRequest,37,"HTTP/1\.1\x20400\x20B
SF:ad\x20Request\r\nSec-WebSocket-Version:\x2013\r\n\r\n")%r(HTTPOptions,3
SF:7,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nSec-WebSocket-Version:\x2013\r
SF:\n\r\n");
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Fri Nov 22 18:52:31 2019 -- 256 IP addresses (23 hosts up) scanned in 2470.12 seconds
Traceback (most recent call last):
File "/usr/local/lib/python3.5/urllib/request.py", line 1254, in do_open
h.request(req.get_method(), req.selector, req.data, headers)
File "/usr/local/lib/python3.5/http/client.py", line 1133, in request
self._send_request(method, url, body, headers)
File "/usr/local/lib/python3.5/http/client.py", line 1178, in _send_request
self.endheaders(body)
File "/usr/local/lib/python3.5/http/client.py", line 1129, in endheaders
self._send_output(message_body)
File "/usr/local/lib/python3.5/http/client.py", line 944, in _send_output
self.send(msg)
File "/usr/local/lib/python3.5/http/client.py", line 887, in send
self.connect()
File "/usr/local/lib/python3.5/http/client.py", line 1279, in connect
super().connect()
File "/usr/local/lib/python3.5/http/client.py", line 859, in connect
(self.host,self.port), self.timeout, self.source_address)
File "/usr/local/lib/python3.5/socket.py", line 712, in create_connection
raise err
File "/usr/local/lib/python3.5/socket.py", line 703, in create_connection
sock.connect(sa)
TimeoutError: [Errno 110] Operation timed out
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/output_report.py", line 225, in <module>
main()
File "/output_report.py", line 221, in main
create_latex(nmap_command, start_date)
File "/output_report.py", line 163, in create_latex
+ '\\\\ \hline \end{tabular} '
File "/output_report.py", line 121, in get_description
cve_json = json.loads(urllib.urlopen(url).read().decode("utf-8"))
File "/usr/local/lib/python3.5/urllib/request.py", line 163, in urlopen
return opener.open(url, data, timeout)
File "/usr/local/lib/python3.5/urllib/request.py", line 466, in open
response = self._open(req, data)
File "/usr/local/lib/python3.5/urllib/request.py", line 484, in _open
'_open', req)
File "/usr/local/lib/python3.5/urllib/request.py", line 444, in _call_chain
result = func(*args)
File "/usr/local/lib/python3.5/urllib/request.py", line 1297, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/local/lib/python3.5/urllib/request.py", line 1256, in do_open
raise URLError(err)
urllib.error.URLError: <urlopen error [Errno 110] Operation timed out>
sed: /shared/reports/report_2019.11.22-17.02.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-17.02.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-17.02.tex: No such file or directory
# ls -l shared/
total 12
-rw-r--r-- 1 root root 40 Nov 22 09:01 ips.txt
drwxr-xr-x 2 root root 4096 Nov 22 09:00 reports
drwxr-xr-x 3 root root 4096 Nov 22 09:02 xml_files
#
It seems that the nmap output does not include the port information for hosts that are down:
<host><status state="down" reason="no-response" reason_ttl="0"/>
<address addr="192.168.4.2" addrtype="ipv4"/>
</host>
with a dict equivalent of
OrderedDict(
[
('status', OrderedDict(
[
('@state', 'down'),
('@reason', 'no-response'),
('@reason_ttl', '0')
]
)
),
('address', OrderedDict(
[
('@addr', '192.168.4.2'),
('@addrtype', 'ipv4')
]
)
)
]
)
And for that reason the error:
# Nmap done at Mon Dec 2 17:40:43 2019 -- 512 IP addresses (103 hosts up) scanned in 2031.30 seconds
Traceback (most recent call last):
File "/output_report.py", line 238, in <module>
main()
File "/output_report.py", line 229, in main
parse_results(data)
File "/output_report.py", line 113, in parse_results
parse_host(h)
File "/output_report.py", line 98, in parse_host
if host['status']['@state'] == 'up' and 'port' in host['ports'].keys():
KeyError: 'ports'
sed: /shared/reports/report_2019.12.02-16.51.tex: No such file or directory
One quick fix I have found is to change the if statement on that line (line 98 now) to include a basic key check:
# vim +98 output_report.py
# old
if host['status']['@state'] == 'up' and 'port' in host['ports'].keys():
# new
if 'ports' in host.keys() and host['status']['@state'] == 'up' and 'port' in host['ports'].keys():
and then run again make build
before make start
Hello,
If I'm understanding the entrypoint (run.sh
) correctly, it just runs the once then exists.
I suppose Kubernetes will continually restart it, but with an exponential backoff?
Would it be better to run it as a scheduled batch job using the CronJob object type?
Regards,
iamacarpet
When I add multiple IP addresses in the shared / ips.txt and not a single network range or segment, an XML or HTML output file is then created for each different IP address.
Is it possible to combine these files into just one output file/report?
For the output the LaTeX file are not that usual, and can not be show in the repo in a human readable format.
I believe the best format for the report's output's is a Makrdown because it can be shown in the Github ,or something else, in a easier way.
Also, form what I saw the output is simple and only have colorful boxes for the severity. These can be handler by the Markdown file
This sequence in the report*.tex file:
\begin{tabular}{|p{16cm}|}\rowcolor[HTML]{F8A102} \begin{tabular}{@{}p{15cm}>{\raggedleft\arraybackslash}
p{0.5cm}@{}}\textbf{CVE-2019-9947 Medium (4.3)} & \href{https://nvd.nist.gov/vuln/detail/CVE-2019-9947}{\large \faicon{link}}\end{tabular}\
Summary:An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue.\ \hline \end{tabular} \end{figure}
causes pdflatex to error out with this:
! Undefined control sequence.
\n
l.425 ...ument to urllib.request.urlopen with \r\n
(specifically in the path...
Obviously, it's interpreting the text in the summary as an attempted control sequence. Given that you're effectively pulling those from outside sources, it seems like you're going to need to do some escaping before dropping them into the tex output.
There's been no activity on this repo for over a year. There is several PR's in need to be merged.
Scenario 1: File with endline character
shared/ips.txt
$ hexdump -C shared/ips.txt
00000000 31 2e 31 2e 31 2e 31 0a 38 2e 38 2e 38 2e 38 0a |1.1.1.1.8.8.8.8.|
00000010
Scenario 2: File without endline character
shared/ips.txt
$ hexdump -C shared/ips.txt
00000000 31 2e 31 2e 31 2e 31 0a 38 2e 38 2e 38 2e 38 |1.1.1.1.8.8.8.8|
0000000f
run
$ make start
docker run --name flan_1574459039 -v /Users/vincentclee/git/flan/shared:/shared flan_scan
# Nmap 7.70 scan initiated Fri Nov 22 21:44:00 2019 as: nmap -sV -oX /shared/xml_files/2019.11.22-21.44/1.1.1.1.xml -oN - -v1 --script=vulners/vulners.nse 1.1.1.1
Nmap scan report for one.one.one.one (1.1.1.1)
Host is up (0.00042s latency).
All 1000 scanned ports on one.one.one.one (1.1.1.1) are filtered
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Fri Nov 22 21:44:12 2019 -- 1 IP address (1 host up) scanned in 11.93 seconds
I spent 30 minutes installing various LaTeX packages and extra fonts on Ubuntu 18.04 to be able to view the LaTeX report the scan generates.
Reports in LaTeX format is a usability bug.
Just generate report in plain HTML.
In aws_push.py, the code used to process the exception is only valid on Python 2.
In order to work on Python 3, it should use the "as" keyword instead of the comma syntax. More info here.
Hi,
Thanks for this great tool.
When running it for a kubernetes cluster, it could be nice to output the result as prometheus metrics, so it could be scraped, allow graphing and generate alerts.
Anyone else receive these error messages?
They appear to relate to docker but only occur running "make build" for flan scan.
Other docker builds on the same platform don't have this issue.
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.15/main: temporary error (try again later)
Centos 8 last stable
[root@localhost flan]# make start
docker run --name flan_1574414000 -v /opt/flan/shared:/shared flan_scan
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
mkdir: can't create directory '/shared/xml_files/2019.11.22-09.13': Permission denied
Failed to open XML output file /shared/xml_files/2019.11.22-09.13/192.168.113.0-24.xml for writing
QUITTING!
Failed to open XML output file /shared/xml_files/2019.11.22-09.13/192.168.113.0-24.xml for writing
QUITTING!
Traceback (most recent call last):
File "/output_report.py", line 225, in
main()
File "/output_report.py", line 211, in main
for i, filename in enumerate(os.listdir(dirname)):
FileNotFoundError: [Errno 2] No such file or directory: '/shared/xml_files/2019.11.22-09.13'
sed: /shared/reports/report_2019.11.22-09.13.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-09.13.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-09.13.tex: No such file or directory
Running podman raises another error
[root@localhost flan]# podman list -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
878e54f459c9 localhost/flan_scan:latest /run.sh 4 minutes ago Exited (0) 4 minutes ago flan_1574414000
a7f646e06168 localhost/flan_scan:latest /run.sh About an hour ago Exited (0) About an hour ago angry_leakey
075959f10f72 localhost/flan_scan:latest /run.sh About an hour ago Exited (0) About an hour ago flan_1574409478
0a3f025670f2 localhost/flan_scan:latest /run.sh About an hour ago Exited (0) About an hour ago flan_1574409020
d40060fc5aae localhost/flan_scan:latest /run.sh About an hour ago Exited (0) About an hour ago flan_1574408973
2f0533ec5da3 localhost/flan_scan:latest /run.sh About an hour ago Exited (0) About an hour ago flan_1574408938
[root@localhost flan]# podman run localhost/flan_scan:latest
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .Nmap done at Fri Nov 22 08:23:06 2019 -- 256 IP addresses (15 hosts up) scanned in 1426.62 seconds
Traceback (most recent call last):
File "/output_report.py", line 225, in
main()
File "/output_report.py", line 216, in main
parse_results(data)
File "/output_report.py", line 98, in parse_results
hosts = data['nmaprun']['host']
KeyError: 'host'
sed: /shared/reports/report_2019.11.22-07.59.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-07.59.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-07.59.tex: No such file or directory
start_linux :
docker run --name
I am getting a connection error when trying to scan a few test IPs.. it scans 1 correctly, then runs into errors on the final 2.. will the report not print into .tex unless all IPs are on??
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Traceback (most recent call last):
File "/usr/local/lib/python3.5/urllib/request.py", line 1254, in do_open
h.request(req.get_method(), req.selector, req.data, headers)
File "/usr/local/lib/python3.5/http/client.py", line 1133, in request
self._send_request(method, url, body, headers)
File "/usr/local/lib/python3.5/http/client.py", line 1178, in _send_request
self.endheaders(body)
File "/usr/local/lib/python3.5/http/client.py", line 1129, in endheaders
self._send_output(message_body)
File "/usr/local/lib/python3.5/http/client.py", line 944, in _send_output
self.send(msg)
File "/usr/local/lib/python3.5/http/client.py", line 887, in send
self.connect()
File "/usr/local/lib/python3.5/http/client.py", line 1279, in connect
super().connect()
File "/usr/local/lib/python3.5/http/client.py", line 859, in connect
(self.host,self.port), self.timeout, self.source_address)
File "/usr/local/lib/python3.5/socket.py", line 712, in create_connection
raise err
File "/usr/local/lib/python3.5/socket.py", line 703, in create_connection
sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/output_report.py", line 238, in
main()
File "/output_report.py", line 234, in main
create_latex(nmap_command, start_date)
File "/output_report.py", line 174, in create_latex
+ '\\ \hline \end{tabular} '
File "/output_report.py", line 132, in get_description
cve_json = json.loads(urllib.urlopen(url).read().decode("utf-8"))
File "/usr/local/lib/python3.5/urllib/request.py", line 163, in urlopen
return opener.open(url, data, timeout)
File "/usr/local/lib/python3.5/urllib/request.py", line 466, in open
response = self._open(req, data)
File "/usr/local/lib/python3.5/urllib/request.py", line 484, in _open
'_open', req)
File "/usr/local/lib/python3.5/urllib/request.py", line 444, in _call_chain
result = func(*args)
File "/usr/local/lib/python3.5/urllib/request.py", line 1297, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/local/lib/python3.5/urllib/request.py", line 1256, in do_open
raise URLError(err)
urllib.error.URLError: <urlopen error [Errno 111] Connection refused>
sed: /shared/reports/report_2020.02.18-18.24.tex: No such file or directory
sed: /shared/reports/report_2020.02.18-18.24.tex: No such file or directory
sed: /shared/reports/report_2020.02.18-18.24.tex: No such file or directory
sed: /shared/reports/report_2020.02.18-18.24.tex: No such file or directory
Running the command make build
seems to complete, but this error happens at the start of the build process:
docker build -t flan_scan .
free(): invalid pointer
SIGABRT: abort
PC=0x7fee99541e97 m=0 sigcode=18446744073709551610
signal arrived during cgo execution
goroutine 1 [syscall, locked to thread]:
runtime.cgocall(0x4afd50, 0xc420057cc0, 0xc420057ce8)
/usr/lib/go-1.8/src/runtime/cgocall.go:131 +0xe2 fp=0xc420057c90 sp=0xc420057c50
github.com/docker/docker-credential-helpers/secretservice._Cfunc_free(0x1333270)
github.com/docker/docker-credential-helpers/secretservice/_obj/_cgo_gotypes.go:111 +0x41 fp=0xc420057cc0 sp=0xc420057c90
github.com/docker/docker-credential-helpers/secretservice.Secretservice.List.func5(0x1333270)
/build/golang-github-docker-docker-credential-helpers-cMhSy1/golang-github-docker-docker-credential-helpers-0.5.0/obj-x86_64-linux-gnu/src/github.com/docker/docker-credential-helpers/secretservice/secretservice_linux.go:96 +0x60 fp=0xc420057cf8 sp=0xc420057cc0
github.com/docker/docker-credential-helpers/secretservice.Secretservice.List(0x0, 0x756060, 0xc420012390)
/build/golang-github-docker-docker-credential-helpers-cMhSy1/golang-github-docker-docker-credential-helpers-0.5.0/obj-x86_64-linux-gnu/src/github.com/docker/docker-credential-helpers/secretservice/secretservice_linux.go:97 +0x217 fp=0xc420057da0 sp=0xc420057cf8
github.com/docker/docker-credential-helpers/secretservice.(*Secretservice).List(0x77e548, 0xc420057e88, 0x410022, 0xc4200122f0)
<autogenerated>:4 +0x46 fp=0xc420057de0 sp=0xc420057da0
github.com/docker/docker-credential-helpers/credentials.List(0x756ba0, 0x77e548, 0x7560e0, 0xc42000e018, 0x0, 0x10)
/build/golang-github-docker-docker-credential-helpers-cMhSy1/golang-github-docker-docker-credential-helpers-0.5.0/obj-x86_64-linux-gnu/src/github.com/docker/docker-credential-helpers/credentials/credentials.go:145 +0x3e fp=0xc420057e68 sp=0xc420057de0
github.com/docker/docker-credential-helpers/credentials.HandleCommand(0x756ba0, 0x77e548, 0x7ffdc6c3a65f, 0x4, 0x7560a0, 0xc42000e010, 0x7560e0, 0xc42000e018, 0x40e398, 0x4d35c0)
/build/golang-github-docker-docker-credential-helpers-cMhSy1/golang-github-docker-docker-credential-helpers-0.5.0/obj-x86_64-linux-gnu/src/github.com/docker/docker-credential-helpers/credentials/credentials.go:60 +0x16d fp=0xc420057ed8 sp=0xc420057e68
github.com/docker/docker-credential-helpers/credentials.Serve(0x756ba0, 0x77e548)
/build/golang-github-docker-docker-credential-helpers-cMhSy1/golang-github-docker-docker-credential-helpers-0.5.0/obj-x86_64-linux-gnu/src/github.com/docker/docker-credential-helpers/credentials/credentials.go:41 +0x1cb fp=0xc420057f58 sp=0xc420057ed8
main.main()
/build/golang-github-docker-docker-credential-helpers-cMhSy1/golang-github-docker-docker-credential-helpers-0.5.0/secretservice/cmd/main_linux.go:9 +0x4f fp=0xc420057f88 sp=0xc420057f58
runtime.main()
/usr/lib/go-1.8/src/runtime/proc.go:185 +0x20a fp=0xc420057fe0 sp=0xc420057f88
runtime.goexit()
/usr/lib/go-1.8/src/runtime/asm_amd64.s:2197 +0x1 fp=0xc420057fe8 sp=0xc420057fe0
goroutine 17 [syscall, locked to thread]:
runtime.goexit()
/usr/lib/go-1.8/src/runtime/asm_amd64.s:2197 +0x1
rax 0x0
rbx 0x7ffdc6c39dd0
rcx 0x7fee99541e97
rdx 0x0
rdi 0x2
rsi 0x7ffdc6c39b60
rbp 0x7ffdc6c39ed0
rsp 0x7ffdc6c39b60
r8 0x0
r9 0x7ffdc6c39b60
r10 0x8
r11 0x246
r12 0x7ffdc6c39dd0
r13 0x1000
r14 0x0
r15 0x30
rip 0x7fee99541e97
rflags 0x246
cs 0x33
fs 0x0
gs 0x0
Make Version: GNU Make 4.1
Docker Version: Docker version 19.03.5, build 633a0ea838
Go Version: go version go1.12.7 linux/amd64
Kernel: 4.15.0-66-generic #75-Ubuntu SMP Tue Oct 1 05:24:09 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
OS: Ubuntu 18.04.3 LTS
The random IPs in ips.txt
are less than ideal. 192.168.1.0/24
is a better default.
When the TEX file is generated, it doesn't properly escape underscore characters.
This results in the character following the underscore to become a subscript. Additionally, texitopdf (for instance) complains madly about the resulting TEX file trying to figure out what is meant by missing math symbols.
A simple input filter when reading the nmap reports and vulnerability reports to transform '_' into '\_' will suffice.
I followed the instructions in the descripiton in order to clone and run it but I run into these errors :
docker run --rm --cap-drop=all --cap-add=NET_RAW --name flan_1645696455 -v "/home/lazarakis/Desktop/Code/flan/shared:/shared:Z" flan_scan
mkdir: can't create directory '/shared/xml_files/2022.02.24-09.54': Permission denied
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/1.1.1.1.xml for writing: No such file or directory (2)
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/1.1.1.1.xml for writing: No such file or directory (2)
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/8.8.8.8.xml for writing: No such file or directory (2)
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/8.8.8.8.xml for writing: No such file or directory (2)
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/127.0.0.0-8.xml for writing: No such file or directory (2)
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/127.0.0.0-8.xml for writing: No such file or directory (2)
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/192.168.1.235.xml for writing: No such file or directory (2)
Failed to open XML output file /shared/xml_files/2022.02.24-09.54/192.168.1.235.xml for writing: No such file or directory (2)
Traceback (most recent call last):
File "/output_report.py", line 9, in <module>
from contrib.report_builders import ReportBuilder, LatexReportBuilder, MarkdownReportBuilder, JinjaHtmlReportBuilder, \
File "/contrib/report_builders/__init__.py", line 5, in <module>
from .html_report_builder import JinjaHtmlReportBuilder
File "/contrib/report_builders/html_report_builder.py", line 4, in <module>
from jinja2 import Template, FileSystemLoader, Environment
File "/usr/local/lib/python3.9/site-packages/jinja2/__init__.py", line 12, in <module>
from .environment import Environment
File "/usr/local/lib/python3.9/site-packages/jinja2/environment.py", line 25, in <module>
from .defaults import BLOCK_END_STRING
File "/usr/local/lib/python3.9/site-packages/jinja2/defaults.py", line 3, in <module>
from .filters import FILTERS as DEFAULT_FILTERS # noqa: F401
File "/usr/local/lib/python3.9/site-packages/jinja2/filters.py", line 13, in <module>
from markupsafe import soft_unicode
ImportError: cannot import name 'soft_unicode' from 'markupsafe' (/usr/local/lib/python3.9/site-packages/markupsafe/__init__.py)
sed: /shared/reports/report_2022.02.24-09.54.tex: No such file or directory
sed: /shared/reports/report_2022.02.24-09.54.tex: No such file or directory
sed: /shared/reports/report_2022.02.24-09.54.tex: No such file or directory
sed: /shared/reports/report_2022.02.24-09.54.tex: No such file or directory
As I can see, the root of all problems is the first error :
mkdir: can't create directory '/shared/xml_files/2022.02.24-09.54': Permission denied
I have not changed anything in the project nor the permissions of each folder.
Can anyone help ??
~/p/flan (master|✚1) $ make start
docker run --name flan_1574442140 -v /home/projects/flan/shared:/shared flan_scan
Traceback (most recent call last):
File "/output_report.py", line 225, in <module>
main()
File "/output_report.py", line 221, in main
create_latex(nmap_command, start_date)
UnboundLocalError: local variable 'nmap_command' referenced before assignment
sed: /shared/reports/report_2019.11.22-17.02.tex: No such file or directory
sed: /shared/reports/report_2019.11.22-17.02.tex: No such file or directory
Example output from across many runs. Any guidance on troubleshooting?
root@kali:~/tools/flan# make start
docker run --name flan_1574871383 -v /root/tools/flan/shared:/shared flan_scan
# Nmap 7.70 scan initiated Wed Nov 27 16:16:24 2019 as: nmap -sV -oX /shared/xml_files/2019.11.27-16.16/192.168.86.237.xml -oN - -v1 --script=vulners/vulners.nse 192.168.86.237
Nmap scan report for *****
Host is up (1.8s latency).
Not shown: 993 closed ports
PORT STATE SERVICE VERSION
80/tcp open http nginx 1.13.5
|_http-server-header: nginx/1.13.5
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds Microsoft Windows 7 - 10 microsoft-ds (workgroup: WORKGROUP)
514/tcp filtered shell
1556/tcp open msrpc Microsoft Windows RPC
5357/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
Service Info: Host: ****; OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Nov 27 16:29:05 2019 -- 1 IP address (1 host up) scanned in 760.65 seconds
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.