-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(contrib/fvuls) Add commands to obtained CPE information of netwo…
…rk devices by executing snmp2cpe and upload to Fvuls server (#1721) * add: README.md * add: commands(discover,add-server,add-cpe) * add: implements(discover,add-server,add-cpe) * fix: changed os.Exit(1) in main.go to return an error * fix: lint error * delete: trivy-to-vuls stdIn * fix: Incomprehesible error logs * fix: according to review * add: function converts old config to latest one * delete: add-server * fix: lint error * fix * fix: remote scan error in Windows * fix: lint error * fix * fix: lint error * fix: lint error * fix: lint error * add: scanner/scanner.go test normalizeHomeDirForWindows() * fix * fix * fix * fix * fix * fix * fix: lint error * fix: error log * fix * refactor(fvuls) * Refactor (#2) refactor --------- Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> * Refactor (#3) fix --------- Co-authored-by: Sadayuki Matsuno <sadayuki.matsuno@gmail.com> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> * fix * fix: lint error * fix --------- Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.4> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.10> Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6> Co-authored-by: Sadayuki Matsuno <sadayuki.matsuno@gmail.com>
- Loading branch information
1 parent
3f2dbe3
commit 80b48fc
Showing
11 changed files
with
813 additions
and
59 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,118 +1,162 @@ | ||
// Package main ... | ||
package main | ||
|
||
import ( | ||
"bufio" | ||
"bytes" | ||
"encoding/json" | ||
"fmt" | ||
"os" | ||
"strconv" | ||
"strings" | ||
|
||
"github.com/future-architect/vuls/config" | ||
"github.com/future-architect/vuls/models" | ||
"github.com/future-architect/vuls/saas" | ||
cidrPkg "github.com/3th1nk/cidr" | ||
vulsConfig "github.com/future-architect/vuls/config" | ||
"github.com/future-architect/vuls/contrib/future-vuls/pkg/config" | ||
"github.com/future-architect/vuls/contrib/future-vuls/pkg/cpe" | ||
"github.com/future-architect/vuls/contrib/future-vuls/pkg/discover" | ||
"github.com/future-architect/vuls/contrib/future-vuls/pkg/fvuls" | ||
|
||
"github.com/spf13/cobra" | ||
) | ||
|
||
var ( | ||
configFile string | ||
stdIn bool | ||
jsonDir string | ||
serverUUID string | ||
groupID int64 | ||
token string | ||
tags []string | ||
url string | ||
configFile string | ||
stdIn bool | ||
jsonDir string | ||
serverUUID string | ||
groupID int64 | ||
token string | ||
tags []string | ||
outputFile string | ||
cidr string | ||
snmpVersion string | ||
proxy string | ||
) | ||
|
||
func main() { | ||
var err error | ||
var cmdVersion = &cobra.Command{ | ||
Use: "version", | ||
Short: "Show version", | ||
Long: "Show version", | ||
Run: func(cmd *cobra.Command, args []string) { | ||
fmt.Printf("future-vuls-%s-%s\n", vulsConfig.Version, vulsConfig.Revision) | ||
}, | ||
} | ||
|
||
var cmdFvulsUploader = &cobra.Command{ | ||
Use: "upload", | ||
Short: "Upload to FutureVuls", | ||
Long: `Upload to FutureVuls`, | ||
Run: func(cmd *cobra.Command, args []string) { | ||
RunE: func(cmd *cobra.Command, args []string) error { | ||
if len(serverUUID) == 0 { | ||
serverUUID = os.Getenv("VULS_SERVER_UUID") | ||
} | ||
if groupID == 0 { | ||
envGroupID := os.Getenv("VULS_GROUP_ID") | ||
if groupID, err = strconv.ParseInt(envGroupID, 10, 64); err != nil { | ||
fmt.Printf("Invalid GroupID: %s\n", envGroupID) | ||
return | ||
return fmt.Errorf("invalid GroupID: %s", envGroupID) | ||
} | ||
} | ||
if len(url) == 0 { | ||
url = os.Getenv("VULS_URL") | ||
} | ||
if len(token) == 0 { | ||
token = os.Getenv("VULS_TOKEN") | ||
} | ||
if len(tags) == 0 { | ||
tags = strings.Split(os.Getenv("VULS_TAGS"), ",") | ||
} | ||
|
||
var scanResultJSON []byte | ||
if stdIn { | ||
reader := bufio.NewReader(os.Stdin) | ||
buf := new(bytes.Buffer) | ||
if _, err = buf.ReadFrom(reader); err != nil { | ||
return | ||
if _, err := buf.ReadFrom(reader); err != nil { | ||
return fmt.Errorf("failed to read from stdIn. err: %v", err) | ||
} | ||
scanResultJSON = buf.Bytes() | ||
} else { | ||
fmt.Println("use --stdin option") | ||
return fmt.Errorf("use --stdin option") | ||
} | ||
fvulsClient := fvuls.NewClient(token, "") | ||
if err := fvulsClient.UploadToFvuls(serverUUID, groupID, tags, scanResultJSON); err != nil { | ||
fmt.Printf("%v", err) | ||
// avoid to display help message | ||
os.Exit(1) | ||
return | ||
} | ||
return nil | ||
}, | ||
} | ||
|
||
var scanResult models.ScanResult | ||
if err = json.Unmarshal(scanResultJSON, &scanResult); err != nil { | ||
fmt.Println("Failed to parse json", err) | ||
os.Exit(1) | ||
return | ||
var cmdDiscover = &cobra.Command{ | ||
Use: "discover --cidr <CIDR_RANGE> --output <OUTPUT_FILE>", | ||
Short: "discover hosts with CIDR range. Run snmp2cpe on active host to get CPE. Default outputFile is ./discover_list.toml", | ||
Example: "future-vuls discover --cidr 192.168.0.0/24 --output discover_list.toml", | ||
RunE: func(cmd *cobra.Command, args []string) error { | ||
if len(outputFile) == 0 { | ||
outputFile = config.DiscoverTomlFileName | ||
} | ||
scanResult.ServerUUID = serverUUID | ||
if 0 < len(tags) { | ||
if scanResult.Optional == nil { | ||
scanResult.Optional = map[string]interface{}{} | ||
} | ||
scanResult.Optional["VULS_TAGS"] = tags | ||
if len(cidr) == 0 { | ||
return fmt.Errorf("please specify cidr range") | ||
} | ||
|
||
config.Conf.Saas.GroupID = groupID | ||
config.Conf.Saas.Token = token | ||
config.Conf.Saas.URL = url | ||
if err = (saas.Writer{}).Write(scanResult); err != nil { | ||
fmt.Println(err) | ||
if _, err := cidrPkg.Parse(cidr); err != nil { | ||
return fmt.Errorf("Invalid cidr range") | ||
} | ||
if len(snmpVersion) == 0 { | ||
snmpVersion = config.SnmpVersion | ||
} | ||
if snmpVersion != "v1" && snmpVersion != "v2c" && snmpVersion != "v3" { | ||
return fmt.Errorf("Invalid snmpVersion") | ||
} | ||
if err := discover.ActiveHosts(cidr, outputFile, snmpVersion); err != nil { | ||
fmt.Printf("%v", err) | ||
// avoid to display help message | ||
os.Exit(1) | ||
return | ||
} | ||
return | ||
return nil | ||
}, | ||
} | ||
var cmdVersion = &cobra.Command{ | ||
Use: "version", | ||
Short: "Show version", | ||
Long: "Show version", | ||
Run: func(cmd *cobra.Command, args []string) { | ||
fmt.Printf("future-vuls-%s-%s\n", config.Version, config.Revision) | ||
|
||
var cmdAddCpe = &cobra.Command{ | ||
Use: "add-cpe --token <VULS_TOKEN> --output <OUTPUT_FILE>", | ||
Short: "Create a pseudo server in Fvuls and register CPE. Default outputFile is ./discover_list.toml", | ||
Example: "future-vuls add-cpe --token <VULS_TOKEN>", | ||
RunE: func(cmd *cobra.Command, args []string) error { | ||
if len(token) == 0 { | ||
token = os.Getenv("VULS_TOKEN") | ||
if len(token) == 0 { | ||
return fmt.Errorf("token not specified") | ||
} | ||
} | ||
if len(outputFile) == 0 { | ||
outputFile = config.DiscoverTomlFileName | ||
} | ||
if err := cpe.AddCpe(token, outputFile, proxy); err != nil { | ||
fmt.Printf("%v", err) | ||
// avoid to display help message | ||
os.Exit(1) | ||
} | ||
return nil | ||
}, | ||
} | ||
|
||
cmdFvulsUploader.PersistentFlags().StringVar(&serverUUID, "uuid", "", "server uuid. ENV: VULS_SERVER_UUID") | ||
cmdFvulsUploader.PersistentFlags().StringVar(&configFile, "config", "", "config file (default is $HOME/.cobra.yaml)") | ||
cmdFvulsUploader.PersistentFlags().BoolVarP(&stdIn, "stdin", "s", false, "input from stdin. ENV: VULS_STDIN") | ||
// TODO Read JSON file from directory | ||
// cmdFvulsUploader.Flags().StringVarP(&jsonDir, "results-dir", "d", "./", "vuls scan results json dir") | ||
cmdFvulsUploader.PersistentFlags().Int64VarP(&groupID, "group-id", "g", 0, "future vuls group id, ENV: VULS_GROUP_ID") | ||
cmdFvulsUploader.PersistentFlags().StringVarP(&token, "token", "t", "", "future vuls token") | ||
cmdFvulsUploader.PersistentFlags().StringVar(&url, "url", "", "future vuls upload url") | ||
|
||
cmdDiscover.PersistentFlags().StringVar(&cidr, "cidr", "", "cidr range") | ||
cmdDiscover.PersistentFlags().StringVar(&outputFile, "output", "", "output file") | ||
cmdDiscover.PersistentFlags().StringVar(&snmpVersion, "snmp-version", "", "snmp version v1,v2c and v3. default: v2c ") | ||
|
||
cmdAddCpe.PersistentFlags().StringVarP(&token, "token", "t", "", "future vuls token ENV: VULS_TOKEN") | ||
cmdAddCpe.PersistentFlags().StringVar(&outputFile, "output", "", "output file") | ||
cmdAddCpe.PersistentFlags().StringVar(&proxy, "http-proxy", "", "proxy url") | ||
|
||
var rootCmd = &cobra.Command{Use: "future-vuls"} | ||
rootCmd.AddCommand(cmdDiscover) | ||
rootCmd.AddCommand(cmdAddCpe) | ||
rootCmd.AddCommand(cmdFvulsUploader) | ||
rootCmd.AddCommand(cmdVersion) | ||
if err = rootCmd.Execute(); err != nil { | ||
fmt.Println("Failed to execute command", err) | ||
fmt.Println("Failed to execute command") | ||
} | ||
} |
Oops, something went wrong.