-
Notifications
You must be signed in to change notification settings - Fork 0
/
scanner.go
148 lines (129 loc) · 4.16 KB
/
scanner.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
// Package bacnet provides a zgrab2 module that scans for bacnet.
// Default Port: 47808 / 0xBAC0 (UDP)
//
// Behavior and output copied identically from original zgrab.
package bacnet
import (
log "github.com/sirupsen/logrus"
"github.com/dmin12/zgrab_tls1.3"
)
// Scan results are in log.go
// Flags holds the command-line configuration for the bacnet scan module.
// Populated by the framework.
type Flags struct {
zgrab2.BaseFlags
zgrab2.UDPFlags
Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"`
}
// Module implements the zgrab2.Module interface.
type Module struct {
}
// Scanner implements the zgrab2.Scanner interface.
type Scanner struct {
config *Flags
}
// RegisterModule registers the zgrab2 module.
func RegisterModule() {
var module Module
_, err := zgrab2.AddCommand("bacnet", "bacnet", module.Description(), 0xBAC0, &module)
if err != nil {
log.Fatal(err)
}
}
// NewFlags returns a default Flags object.
func (module *Module) NewFlags() interface{} {
return new(Flags)
}
// NewScanner returns a new Scanner instance.
func (module *Module) NewScanner() zgrab2.Scanner {
return new(Scanner)
}
// Description returns text uses in the help for this module.
func (module *Module) Description() string {
return "Probe for devices that speak Bacnet, commonly used for HVAC control."
}
// Validate checks that the flags are valid.
// On success, returns nil.
// On failure, returns an error instance describing the error.
func (flags *Flags) Validate(args []string) error {
return nil
}
// Help returns the module's help string.
func (flags *Flags) Help() string {
return ""
}
// Init initializes the Scanner.
func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error {
f, _ := flags.(*Flags)
scanner.config = f
return nil
}
// InitPerSender initializes the scanner for a given sender.
func (scanner *Scanner) InitPerSender(senderID int) error {
return nil
}
// GetName returns the Scanner name defined in the Flags.
func (scanner *Scanner) GetName() string {
return scanner.config.Name
}
// GetTrigger returns the Trigger defined in the Flags.
func (scanner *Scanner) GetTrigger() string {
return scanner.config.Trigger
}
// Protocol returns the protocol identifier of the scan.
func (scanner *Scanner) Protocol() string {
return "bacnet"
}
// Scan probes for a BACNet service.
// Behavior taken from original zgrab.
// Connects to the configured port over UDP (default 47808/0xBAC0).
// Attempts to query the following in sequence; if any fails, returning anything that has been detected so far.
// (Unless QueryDeviceID fails, the service is considered to be detected)
// 1. Device ID
// 2. Vendor Number
// 3. Vendor Name
// 4. Firmware Revision
// 5. App software revision
// 6. Object name
// 7. Model name
// 8. Description
// 9. Location
// The result is a bacnet.Log, and contains any of the above.
func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error) {
conn, err := target.OpenUDP(&scanner.config.BaseFlags, &scanner.config.UDPFlags)
if err != nil {
return zgrab2.TryGetScanStatus(err), nil, err
}
defer conn.Close()
ret := new(Log)
// TODO: if one fails, try others?
// TODO: distinguish protocol vs app errors
if err := ret.QueryDeviceID(conn); err != nil {
return zgrab2.TryGetScanStatus(err), nil, err
}
if err := ret.QueryVendorNumber(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
if err := ret.QueryVendorName(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
if err := ret.QueryFirmwareRevision(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
if err := ret.QueryApplicationSoftwareRevision(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
if err := ret.QueryObjectName(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
if err := ret.QueryModelName(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
if err := ret.QueryDescription(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
if err := ret.QueryLocation(conn); err != nil {
return zgrab2.TryGetScanStatus(err), ret, nil
}
return zgrab2.SCAN_SUCCESS, ret, nil
}