Adding functionality for collecting information via the PPTP protocol

modules/checkpoint_topology.go

@@ -0,0 +1,8 @@
+package modules
+
+import checkpointtopology "github.com/zmap/zgrab2/modules/checkpoint_topology"
+
+func init() {
+	checkpointtopology.RegisterModule()
+
+}

modules/checkpoint_topology/scanner.go

@@ -0,0 +1,147 @@
+package checkpointtopology
+
+import (
+	"bytes"
+	"encoding/hex"
+	"fmt"
+	"log"
+	"regexp"
+
+	"github.com/zmap/zgrab2"
+)
+
+type Flags struct {
+	zgrab2.BaseFlags
+	Hex bool `short:"x" long:"hex" description:"Оutputs as a byte sequence or conversion to a string"`
+}
+
+// Module is the implementation of the zgrab2.Module interface.
+type Module struct {
+}
+
+// Scanner is the implementation of the zgrab2.Scanner interface.
+type Scanner struct {
+	config *Flags
+}
+
+// GetName returns the configured name for the Scanner.
+func (s *Scanner) GetName() string {
+	return s.config.Name
+}
+
+// GetTrigger returns the Trigger defined in the Flags.
+func (s *Scanner) GetTrigger() string {
+	return s.config.Trigger
+}
+
+// Init initializes the Scanner instance with the flags from the command
+// line.
+func (s *Scanner) Init(flags zgrab2.ScanFlags) error {
+	f, _ := flags.(*Flags)
+	s.config = f
+	return nil
+}
+
+// InitPerSender does nothing in this module.
+func (s *Scanner) InitPerSender(senderID int) error {
+	return nil
+}
+
+// Protocol returns the protocol identifer for the scanner.
+func (s *Scanner) Protocol() string {
+	return "checkpoint_topology"
+}
+
+// Help returns this module's help string.
+func (f *Flags) Help() string {
+	return ""
+}
+
+// Validate flags
+func (f *Flags) Validate(args []string) (err error) {
+	return nil
+}
+
+// RegisterModule registers this module in zgrab2
+func RegisterModule() {
+	var module Module
+	_, err := zgrab2.AddCommand("checkpoint_topology", "checkpoint_topology", module.Description(), 264, &module)
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+
+func (m *Module) Description() string {
+	return "Сollect information on checkpoint_topology"
+}
+
+// NewFlags returns the default flags object to be filled in with the
+// command-line arguments.
+func (m *Module) NewFlags() interface{} {
+	return new(Flags)
+}
+
+// NewScanner returns a new Scanner instance.
+func (m *Module) NewScanner() zgrab2.Scanner {
+	return new(Scanner)
+}
+
+type StartControlConnectionReply struct {
+	FirewallHost    string
+	SmartCenterHost string
+	Banner          string
+}
+
+// Reading the response and filling in the structure
+func (scanner *Scanner) readReply(data []byte) *StartControlConnectionReply {
+
+	re, _ := regexp.Compile("CN=(.+),O=(.+)\u0000")
+	res := re.FindAllStringSubmatch(string(data), 2)
+
+	reply := &StartControlConnectionReply{}
+	if len(res) > 0 {
+		if len(res[0]) > 1 {
+			reply.FirewallHost = res[0][1]
+		}
+		if len(res[0]) > 2 {
+			reply.SmartCenterHost = res[0][2]
+		}
+	}
+
+	if scanner.config.Hex {
+		reply.Banner = hex.EncodeToString(data)
+	} else {
+		reply.Banner = string(data)
+	}
+
+	return reply
+}
+
+func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) {
+
+	conn, err := target.Open(&scanner.config.BaseFlags)
+	if err != nil {
+		return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err)
+	}
+	defer conn.Close()
+
+	conn.Write([]byte("\x51\x00\x00\x00\x00\x00\x00\x21"))
+
+	data, err := zgrab2.ReadAvailable(conn)
+	if err != nil {
+		return zgrab2.TryGetScanStatus(err), nil, err
+	}
+
+	if !bytes.Equal(data, []byte("Y\x00\x00\x00")) {
+		return zgrab2.SCAN_UNKNOWN_ERROR, nil, fmt.Errorf("banner not equal")
+	}
+
+	conn.Write([]byte("\x00\x00\x00\x0bsecuremote\x00"))
+	data, err = zgrab2.ReadAvailable(conn)
+	if err != nil {
+		return zgrab2.TryGetScanStatus(err), nil, err
+	}
+	reply := scanner.readReply(data)
+
+	return zgrab2.SCAN_SUCCESS, reply, nil
+}

modules/dahua_dvr.go

@@ -0,0 +1,7 @@
+package modules
+
+import "github.com/zmap/zgrab2/modules/dahua_dvr"
+
+func init() {
+	dahua_dvr.RegisterModule()
+}

modules/dahua_dvr/scanner.go

@@ -0,0 +1,159 @@
+package dahua_dvr
+
+import (
+	"bytes"
+	"encoding/hex"
+	"fmt"
+	"log"
+	"os"
+	"regexp"
+
+	"github.com/zmap/zgrab2"
+)
+
+type Flags struct {
+	zgrab2.BaseFlags
+	Hex bool `short:"x" long:"hex" description:"Оutputs as a byte sequence or conversion to a string"`
+}
+
+// Module is the implementation of the zgrab2.Module interface.
+type Module struct {
+}
+
+// Scanner is the implementation of the zgrab2.Scanner interface.
+type Scanner struct {
+	config *Flags
+}
+
+// GetName returns the configured name for the Scanner.
+func (s *Scanner) GetName() string {
+	return s.config.Name
+}
+
+// GetTrigger returns the Trigger defined in the Flags.
+func (s *Scanner) GetTrigger() string {
+	return s.config.Trigger
+}
+
+// Init initializes the Scanner instance with the flags from the command
+// line.
+func (s *Scanner) Init(flags zgrab2.ScanFlags) error {
+	f, _ := flags.(*Flags)
+	s.config = f
+	return nil
+}
+
+// InitPerSender does nothing in this module.
+func (s *Scanner) InitPerSender(senderID int) error {
+	return nil
+}
+
+// Protocol returns the protocol identifer for the scanner.
+func (s *Scanner) Protocol() string {
+	return "dahua_dvr"
+}
+
+// Help returns this module's help string.
+func (f *Flags) Help() string {
+	return ""
+}
+
+// Validate flags
+func (f *Flags) Validate(args []string) (err error) {
+	return nil
+}
+
+// RegisterModule registers the ftp zgrab2 module.
+func RegisterModule() {
+	var module Module
+	_, err := zgrab2.AddCommand("dahua_dvr", "Dahua DVR", module.Description(), 37777, &module)
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+
+func (m *Module) Description() string {
+	return "Сollect information on Dahua DVR"
+}
+
+// NewFlags returns the default flags object to be filled in with the
+// command-line arguments.
+func (m *Module) NewFlags() interface{} {
+	return new(Flags)
+}
+
+// NewScanner returns a new Scanner instance.
+func (m *Module) NewScanner() zgrab2.Scanner {
+	return new(Scanner)
+}
+
+type ConnectionReply struct {
+	/* 	Start           [32]byte
+	   	Model           string //16
+	   	Middle          [32]byte
+	   	FirmwareVersion string // 16
+	   	End             [32]byte
+	   	SerialNumber    string // 16 */
+	Model           string
+	FirmwareVersion string
+	SerialNumber    string
+	Length          int
+	Banner          string
+}
+
+func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) {
+
+	conn, err := target.Open(&scanner.config.BaseFlags)
+	if err != nil {
+		return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err)
+	}
+	defer conn.Close()
+
+	request, err := hex.DecodeString("a4000000000000000b0000000000000000000000000000000000000000000000")
+	if err != nil {
+		fmt.Printf("Failed to encode request: %v\n", err)
+		os.Exit(1)
+	}
+	conn.Write(request)
+	data, err := zgrab2.ReadAvailable(conn)
+	if err != nil {
+		return zgrab2.TryGetScanStatus(err), nil, err
+	}
+	if !(bytes.Equal(data[:3], []byte{0xb4, 0x00, 0x00}) && data[8] == byte(0x0b)) {
+		return zgrab2.SCAN_UNKNOWN_ERROR, nil, fmt.Errorf("its not a dahua dvr")
+	}
+
+	re, _ := regexp.Compile(`[A-Za-z\d-\./\(\)]{2,20}`)
+	reply := &ConnectionReply{
+		Model:  re.FindString(string(data)),
+		Banner: string(data),
+	}
+
+	request, err = hex.DecodeString("a400000000000000080000000000000000000000000000000000000000000000")
+	if err != nil {
+		fmt.Printf("Failed to encode request: %v\n", err)
+		os.Exit(1)
+	}
+	conn.Write(request)
+	data, err = zgrab2.ReadAvailable(conn)
+	if err != nil {
+		return zgrab2.TryGetScanStatus(err), nil, err
+	}
+	reply.FirmwareVersion = re.FindString(string(data))
+	reply.Banner = reply.Banner + string(data)
+
+	request, err = hex.DecodeString("a400000000000000070000000000000000000000000000000000000000000000")
+	if err != nil {
+		fmt.Printf("Failed to encode request: %v\n", err)
+		os.Exit(1)
+	}
+	conn.Write(request)
+	data, err = zgrab2.ReadAvailable(conn)
+	if err != nil {
+		return zgrab2.TryGetScanStatus(err), nil, err
+	}
+	reply.SerialNumber = re.FindString(string(data))
+	reply.Banner = reply.Banner + string(data)
+
+	return zgrab2.SCAN_SUCCESS, reply, nil
+}

modules/mikrotik_bw.go

@@ -0,0 +1,7 @@
+package modules
+
+import "github.com/zmap/zgrab2/modules/mikrotik_bw"
+
+func init() {
+	mikrotik_bw.RegisterModule()
+}