From 93dd2bce861bb3e0410c13f1dc3f440cf4c0917b Mon Sep 17 00:00:00 2001
From: infinition <37984399+infinition@users.noreply.github.com>
Date: Sat, 6 Jul 2024 01:29:38 +0200
Subject: [PATCH] Created nmap_vuln_scanner.py (markdown)

---
 nmap_vuln_scanner.py.md | 148 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 148 insertions(+)
 create mode 100644 nmap_vuln_scanner.py.md

diff --git a/nmap_vuln_scanner.py.md b/nmap_vuln_scanner.py.md
new file mode 100644
index 0000000..e87cf66
--- /dev/null
+++ b/nmap_vuln_scanner.py.md
@@ -0,0 +1,148 @@
+# Nmap Vulnerability Scanner nmap_vuln_scanner.py
+
+This document provides a detailed step-by-step explanation of how the `nmap_vuln_scanner.py` script operates. This script performs vulnerability scanning using Nmap on specified IP addresses, scans for vulnerabilities on various ports, and saves the results and progress.
+
+## Overview
+
+### Description
+- **Filename**: `nmap_vuln_scanner.py`
+- **Purpose**: To perform vulnerability scanning using Nmap on specified IP addresses and save the results.
+
+## Initialization and Setup
+
+### Importing Modules
+The script imports the following modules:
+
+- **Standard Libraries**:
+  - `os`
+  - `pandas`
+  - `subprocess`
+  - `logging`
+  - `datetime`
+  - `concurrent.futures.ThreadPoolExecutor`, `as_completed`
+  
+- **External Libraries**:
+  - `rich.console`
+  - `rich.progress`
+  
+- **Custom Modules**:
+  - `SharedData`
+  - `Logger`
+
+### Configuring the Logger
+The logger is configured to log messages for `nmap_vuln_scanner.py` at the INFO level, ensuring detailed logging of events and errors.
+
+### Defining Global Variables
+Global variables are defined to provide metadata about the class and module, including:
+- `b_class = "NmapVulnScanner"`
+- `b_module = "nmap_vuln_scanner"`
+- `b_status = "vuln_scan"`
+- `b_port = None`
+- `b_parent = None`
+
+## `NmapVulnScanner` Class
+
+### Purpose
+The `NmapVulnScanner` class manages the process of scanning IP addresses for vulnerabilities using Nmap and saving the results.
+
+### Initialization
+- **Attributes**: Initializes shared data, prepares for scanning, and sets up the summary file.
+- **Logger**: Logs the initialization process.
+
+### Methods
+
+#### `create_summary_file()`
+- **Purpose**: Creates a summary file for vulnerabilities if it does not exist.
+- **Details**: Initializes the summary file with appropriate columns and saves it as a CSV file.
+
+#### `update_summary_file(ip, hostname, mac, port, vulnerabilities)`
+- **Purpose**: Updates the summary file with the scan results.
+- **Details**: Reads the existing summary file, appends new scan results, removes duplicates, and saves the updated data.
+
+#### `scan_vulnerabilities(ip, hostname, mac, ports)`
+- **Purpose**: Scans the specified IP address for vulnerabilities on given ports using Nmap.
+- **Details**: Executes Nmap commands, captures the output, and updates the summary file with the parsed vulnerabilities.
+- **Returns**: The combined scan result as a string or `None` if an error occurs.
+
+#### `execute(ip, row, status_key)`
+- **Purpose**: Executes the vulnerability scan for a given IP and row data.
+- **Details**: Initiates the scan, saves results, and updates the status.
+- **Returns**: A status string indicating success or failure.
+
+#### `parse_vulnerabilities(scan_result)`
+- **Purpose**: Parses the Nmap scan result to extract vulnerabilities.
+- **Details**: Identifies lines containing vulnerability information and compiles them into a single string.
+- **Returns**: A string of parsed vulnerabilities.
+
+#### `save_results(mac_address, ip, scan_result)`
+- **Purpose**: Saves the detailed scan results to a file.
+- **Details**: Writes the scan result to a file named after the MAC address and IP.
+
+#### `save_summary()`
+- **Purpose**: Saves a summary of all scanned vulnerabilities to a final summary file.
+- **Details**: Aggregates data from the summary file and writes it to a final summary CSV.
+
+## Detailed Execution Flow
+
+### Step 1: Initialization
+- The `NmapVulnScanner` class is initialized with shared data, setting up necessary attributes and logging the initialization.
+
+### Step 2: Create Summary File
+- The `create_summary_file` method ensures the summary file exists and initializes it if not.
+
+### Step 3: Scan Vulnerabilities
+- The `scan_vulnerabilities` method scans the specified IP for vulnerabilities using Nmap, logs the process, and updates the summary file.
+
+### Step 4: Execute Scan
+- The `execute` method orchestrates the scan for each IP, saves the results, and updates the status based on the scan outcome.
+
+### Step 5: Parse Vulnerabilities
+- The `parse_vulnerabilities` method extracts and compiles vulnerability information from the Nmap scan result.
+
+### Step 6: Save Results
+- The `save_results` method saves detailed scan results to a file for each scanned IP.
+
+### Step 7: Save Summary
+- The `save_summary` method compiles and saves a summary of all vulnerabilities to a final summary file.
+
+## Variables and Configuration
+
+### Target Files and Directories
+
+#### `self.shared_data.vuln_summary_file`
+- **Purpose**: Specifies the path to the summary file that records scan results.
+- **Type**: String (file path).
+- **Example**: `'/path/to/vuln_summary.csv'`
+
+#### `self.shared_data.vulnerabilities_dir`
+- **Purpose**: Specifies the directory where detailed scan results are saved.
+- **Type**: String (directory path).
+- **Example**: `'/path/to/vulnerabilities/'`
+
+#### `self.shared_data.nmap_scan_aggressivity`
+- **Purpose**: Specifies the aggressiveness level for Nmap scans.
+- **Type**: String (Nmap option).
+- **Example**: `'-T4'`
+
+### Example Configuration
+
+```python
+self.shared_data.vuln_summary_file = '/path/to/vuln_summary.csv'
+self.shared_data.vulnerabilities_dir = '/path/to/vulnerabilities/'
+self.shared_data.nmap_scan_aggressivity = '-T4'
+```
+
+## Integration with Orchestrator
+
+### Method Call
+The `NmapVulnScanner` class is called by the orchestrator via its `execute` method. The process involves:
+1. **Receiving Target Details**: The orchestrator provides IP, port, and other relevant details to the `NmapVulnScanner` class.
+2. **Performing Vulnerability Scan**: The `execute` method initiates the Nmap scan, parses results, and updates the summary file.
+3. **Updating Orchestrator**: The status (success or failure) is returned to the orchestrator for further action.
+
+### Example Workflow
+1. **Initialization**: The orchestrator initializes the `NmapVulnScanner` class.
+2. **Execution**: For each target IP, the orchestrator calls the `execute` method of `NmapVulnScanner`.
+3. **Logging and Status Update**: The `NmapVulnScanner` class logs each step and updates the status based on the outcome of the scan.
+
+By following these detailed steps, the `nmap_vuln_scanner.py` script performs vulnerability scans on specified IP addresses, saves detailed results, and updates a summary of vulnerabilities.
\ No newline at end of file