NMAP plugin conversion v0.3

back/report_template.html

@@ -41,8 +41,7 @@
                 <INTERNET_TABLE>
                 <NEW_DEVICES_TABLE>            
                 <DOWN_DEVICES_TABLE>            
-                <EVENTS_TABLE>            
-                <PORTS_TABLE>
+                <EVENTS_TABLE>                            
                 <PLUGINS_TABLE>
 
         </td>

back/report_template.txt

@@ -5,5 +5,4 @@ Server:      <SERVER_NAME>
 <SECTION_DEVICES_DOWN>
 <SECTION_EVENTS>
 <SECTION_INTERNET>
-<PORTS_TABLE>
 <PLUGINS_TABLE>

back/report_template_new_version.html

@@ -41,8 +41,7 @@
                 <INTERNET_TABLE>
                 <NEW_DEVICES_TABLE>            
                 <DOWN_DEVICES_TABLE>            
-                <EVENTS_TABLE>            
-                <PORTS_TABLE>
+                <EVENTS_TABLE>                            
                 <PLUGINS_TABLE>
 
         </td>

front/deviceDetails.php

@@ -112,8 +112,7 @@
               <li> <a id="tabTools"    href="#panTools"    data-toggle="tab"> <?= lang('DevDetail_Tab_Tools');?>    </a></li>
               <li> <a id="tabSessions" href="#panSessions" data-toggle="tab"> <?= lang('DevDetail_Tab_Sessions');?> </a></li>
               <li> <a id="tabPresence" href="#panPresence" data-toggle="tab"> <?= lang('DevDetail_Tab_Presence');?> </a></li>
-              <li> <a id="tabEvents"   href="#panEvents"   data-toggle="tab"> <?= lang('DevDetail_Tab_Events');?>   </a></li>
-              <li> <a id="tabPholus"   href="#panPholus"   data-toggle="tab"> <?= lang('DevDetail_Tab_Pholus');?>   </a></li>
+              <li> <a id="tabEvents"   href="#panEvents"   data-toggle="tab"> <?= lang('DevDetail_Tab_Events');?>   </a></li>              
               <li> <a id="tabPlugins"  href="#panPlugins"  data-toggle="tab"> <?= lang('DevDetail_Tab_Plugins');?>  </a></li>
 
               <div class="btn-group pull-right">

front/plugins/arp_scan/script.py

@@ -13,7 +13,7 @@
 sys.path.append('/home/pi/pialert/pialert') 
 
 from plugin_helper import Plugin_Object, Plugin_Objects
-from logger import mylog
+from logger import mylog, append_line_to_file
 from helper import timeNowTZ
 from const import logPath, pialertPath
 
@@ -35,27 +35,27 @@ def main():
     devices = Plugin_Objects(RESULT_FILE)
 
     # Print a message to indicate that the script is starting.
-    mylog('debug', ['[ARP Scan] In script ']) 
+    mylog('verbose', ['[ARP Scan] In script ']) 
 
     # Assuming 'values' is a dictionary or object that contains a key 'userSubnets'
     # which holds a list of user-submitted subnets.
     # Printing the userSubnets list to check its content.
-    mylog('debug', ['[ARP Scan] values.userSubnets: ', values.userSubnets]) 
+    mylog('verbose', ['[ARP Scan] values.userSubnets: ', values.userSubnets]) 
 
 
     # Extract the base64-encoded subnet information from the first element of the userSubnets list.
     # The format of the element is assumed to be like 'userSubnets=b<base64-encoded-data>'.
     userSubnetsParamBase64 = values.userSubnets[0].split('userSubnets=b')[1]
 
     # Printing the extracted base64-encoded subnet information.
-    mylog('debug', ['[ARP Scan] userSubnetsParamBase64: ', userSubnetsParamBase64]) 
+    mylog('verbose', ['[ARP Scan] userSubnetsParamBase64: ', userSubnetsParamBase64]) 
 
 
     # Decode the base64-encoded subnet information to get the actual subnet information in ASCII format.
     userSubnetsParam = base64.b64decode(userSubnetsParamBase64).decode('ascii')
 
     # Print the decoded subnet information.
-    mylog('debug', ['[ARP Scan] userSubnetsParam: ', userSubnetsParam]) 
+    mylog('verbose', ['[ARP Scan] userSubnetsParam: ', userSubnetsParam]) 
 
     # Check if the decoded subnet information contains multiple subnets separated by commas.
     # If it does, split the string into a list of individual subnets.
@@ -97,7 +97,7 @@ def execute_arpscan(userSubnets):
 
         arpscan_output = execute_arpscan_on_interface (interface)        
 
-        mylog('debug', ['[ARP Scan] arpscan_output: ', arpscan_output])         
+        mylog('verbose', ['[ARP Scan] arpscan_output: ', arpscan_output])         
 
         # Search IP + MAC + Vendor as regular expresion
         re_ip = r'(?P<ip>((2[0-5]|1[0-9]|[0-9])?[0-9]\.){3}((2[0-5]|1[0-9]|[0-9])?[0-9]))'
@@ -124,10 +124,10 @@ def execute_arpscan(userSubnets):
             unique_devices.append(device)    
 
     # return list
-    mylog('debug', ['[ARP Scan] Found: Devices without duplicates ', len(unique_devices)  ]) 
+    mylog('verbose', ['[ARP Scan] Found: Devices without duplicates ', len(unique_devices)  ]) 
 
-    mylog('debug', ["Devices List len:", len(devices_list)])    # Add this line to print devices_list
-    mylog('debug',["Devices List:", devices_list])              # Add this line to print devices_list
+    mylog('verbose', ["Devices List len:", len(devices_list)])    # Add this line to print devices_list
+    mylog('verbose',["Devices List:", devices_list])              # Add this line to print devices_list
 
     return devices_list
 

front/plugins/nmap_scan/script.py

@@ -1,4 +1,3 @@
-
 #!/usr/bin/env python
 
 import os
@@ -52,6 +51,8 @@ def main():
 
     entries = performNmapScan(values.ips[0].split('=')[1].split(','), values.macs[0].split('=')[1].split(',') , values.timeout[0].split('=')[1], argsDecoded)
 
+    mylog('verbose', ['[NMAP Scan] Total number of ports found by NMAP: ', len(entries)])
+
     for entry in entries:        
 
         results.add_object(
@@ -61,11 +62,12 @@ def main():
             watched2    = entry.service,
             watched3    = entry.ip + ":" + entry.port,
             watched4    = "",
-            extra       = "",            
-            foreignKey  = entry.extra            
+            extra       = entry.extra,            
+            foreignKey  = entry.mac           
         )
 
-    entries.write_result_file()
+    # generate last_result.log file
+    results.write_result_file()
 
 #-------------------------------------------------------------------------------
 
@@ -88,6 +90,11 @@ def performNmapScan(deviceIPs, deviceMACs, timeoutSec, args):
     run nmap scan on a list of devices
     discovers open ports and keeps track existing and new open ports
     """
+
+    # collect ports / new Nmap Entries
+    newEntriesTmp = []
+
+
     if len(deviceIPs) > 0:        
 
         devTotal = len(deviceIPs)
@@ -96,8 +103,6 @@ def performNmapScan(deviceIPs, deviceMACs, timeoutSec, args):
         mylog('verbose', ['[NMAP Scan] Scan: Nmap for max ', str(timeoutSec), 's ('+ str(round(int(timeoutSec) / 60, 1)) +'min) per device'])  
         mylog('verbose', ["[NMAP Scan] Estimated max delay: ", (devTotal * int(timeoutSec)), 's ', '(', round((devTotal * int(timeoutSec))/60,1) , 'min)' ])
 
-        # collect ports / new Nmap Entries
-        newEntriesTmp = []
 
         devIndex = 0
         for ip in deviceIPs:
@@ -130,13 +135,13 @@ def performNmapScan(deviceIPs, deviceMACs, timeoutSec, args):
 
             # regular logging
             for line in newLines:
-                append_line_to_file (logPath + '/pialert_nmap.log', line +'\n')                
-
+                append_line_to_file (logPath + '/pialert_nmap.log', line +'\n')     
 
 
             index = 0
             startCollecting = False
             duration = "" 
+            newPortsPerDevice = 0
             for line in newLines:            
                 if 'Starting Nmap' in line:
                     if len(newLines) > index+1 and 'Note: Host seems down' in newLines[index+1]:
@@ -147,15 +152,18 @@ def performNmapScan(deviceIPs, deviceMACs, timeoutSec, args):
                     startCollecting = False # end reached
                 elif startCollecting and len(line.split()) == 3:                                    
                     newEntriesTmp.append(nmap_entry(ip, deviceMACs[devIndex], timeNowTZ(), line.split()[0], line.split()[1], line.split()[2]))
+                    newPortsPerDevice += 1
                 elif 'Nmap done' in line:
                     duration = line.split('scanned in ')[1]            
 
+            mylog('verbose', [f'[NMAP Scan] {newPortsPerDevice} ports found on {deviceMACs[devIndex]}'])
+
             index += 1
             devIndex += 1
 
-            mylog('verbose', ['[NMAP Scan] Ports found by NMAP: ', len(newEntriesTmp)])
 
-        #end for loop
+
+        #end for loop       
 
         return newEntriesTmp
 

front/plugins/pholus_scan/config.json

@@ -22,7 +22,7 @@
       "string": "Pholus-Scan (Name discovery)"
     },
     {
-      "language_code": "en_us",
+      "language_code": "es_es",
       "string": "Pholus-Scan (Descubrimiento de nombre)"
     }
   ],

front/plugins/pholus_scan/script.py

@@ -40,12 +40,12 @@ def main():
     plug_objects = Plugin_Objects(RESULT_FILE)
 
     # Print a message to indicate that the script is starting.
-    print('In script:')
+    mylog('verbose',['[Pholus] In script'])
 
     # Assuming 'values' is a dictionary or object that contains a key 'userSubnets'
     # which holds a list of user-submitted subnets.
     # Printing the userSubnets list to check its content.
-    print(values.userSubnets)
+    mylog('verbose',['[Pholus] Subnets: ', values.userSubnets])
 
     # Extract the base64-encoded subnet information from the first element of the userSubnets list.
     # The format of the element is assumed to be like 'userSubnets=b<base64-encoded-data>'.
@@ -123,8 +123,8 @@ def execute_pholus_scan(userSubnets, timeoutSec):
         result_list += pholus_output_list
 
 
-    print("List len:", len(result_list))  
-    print("List:", result_list)  
+    mylog('verbose', ["List len:", len(result_list)])  
+    mylog('verbose',["List:", result_list])  
 
     return result_list
 
@@ -133,7 +133,7 @@ def execute_pholus_on_interface(interface, timeoutSec, mask):
 
     # logging & updating app state        
 
-    mylog('none', ['[PholusScan] Scan: Pholus for ', str(timeoutSec), 's ('+ str(round(int(timeoutSec) / 60, 1)) +'min)'])  
+    mylog('verbose', ['[PholusScan] Scan: Pholus for ', str(timeoutSec), 's ('+ str(round(int(timeoutSec) / 60, 1)) +'min)'])  
     mylog('verbose', ["[PholusScan] Pholus scan on [interface] ", interface, " [mask] " , mask])
 
     # the scan always lasts 2x as long, so the desired user time from settings needs to be halved

pialert/logger.py

@@ -5,6 +5,7 @@
 
 import conf
 from const import *
+# from helper import get_setting_value
 
 #-------------------------------------------------------------------------------
 # duplication from helper to avoid circle
@@ -16,6 +17,8 @@ def timeNowTZ():
         return datetime.datetime.now().replace(microsecond=0)
 
 
+# conf.LOG_LEVEL = get_setting_value("LOG_LEVEL")
+
 #-------------------------------------------------------------------------------
 debugLevels =   [
                     ('none', 0), ('minimal', 1), ('verbose', 2), ('debug', 3)

pialert/plugin.py

@@ -37,17 +37,18 @@ def __init__(self, param, plugin, db):
                 mylog('debug', f'[Plugins] setTyp: {setTyp}')
 
                 if '.select' in setTyp or setTyp in arrayConversion:
+                    # store number of returned values
                     paramValuesCount = len(setVal)
 
                 if setTyp in noConversion:
                     resolved =  setVal
-
+                
                 elif setTyp in arrayConversion:
+                    #  make them safely passable to a python or linux script
                     resolved =  flatten_array(setVal)
 
-                elif setTyp in arrayConversionBase64:
-
-
+                elif setTyp in arrayConversionBase64:                    
+                    #  make them safely passable to a python or linux script by converting them to a base64 string if necessary (if the arg contains spaces)
                     resolved =  flatten_array(setVal)
                 else:
                     for item in jsonConversion:
@@ -60,7 +61,11 @@ def __init__(self, param, plugin, db):
         #  Get SQL result
         if param["type"] == "sql":
             inputValue = db.get_sql_array(param["value"])
-
+
+            # store number of returned values
+            paramValuesCount = len(inputValue)
+
+            #  make them safely passable to a python or linux script
             resolved = flatten_array(inputValue)
 
 

pialert/reporting.py

@@ -467,12 +467,10 @@ def skip_repeated_notifications (db):
 
 #-------------------------------------------------------------------------------
 def check_and_run_event(db, pluginsState):
-    mylog('debug', [f'[MAIN] processScan1: {pluginsState.processScan}'])
+
     sql = db.sql # TO-DO
     sql.execute(""" select * from Parameters where par_ID = "Front_Event" """)
-    rows = sql.fetchall()
-
-    mylog('debug', [f'[MAIN] processScan2: {pluginsState.processScan}'])
+    rows = sql.fetchall()    
 
     event, param = ['','']
     if len(rows) > 0 and rows[0]['par_Value'] != 'finished':