This document provides a detailed step-by-step explanation of how the nmap_vuln_scanner.py script operates. This script performs vulnerability scanning using Nmap on specified IP addresses, scans for vulnerabilities on various ports, and saves the results and progress.

Overview

Description

Filename: nmap_vuln_scanner.py
Purpose: To perform vulnerability scanning using Nmap on specified IP addresses and save the results.

Initialization and Setup

Importing Modules

The script imports the following modules:

Standard Libraries:
- os
- pandas
- subprocess
- logging
- datetime
- concurrent.futures.ThreadPoolExecutor, as_completed
External Libraries:
- rich.console
- rich.progress
Custom Modules:
- SharedData
- Logger

Configuring the Logger

The logger is configured to log messages for nmap_vuln_scanner.py at the INFO level, ensuring detailed logging of events and errors.

Defining Global Variables

Global variables are defined to provide metadata about the class and module, including:

b_class = "NmapVulnScanner"
b_module = "nmap_vuln_scanner"
b_status = "vuln_scan"
b_port = None
b_parent = None

`NmapVulnScanner` Class

Purpose

The NmapVulnScanner class manages the process of scanning IP addresses for vulnerabilities using Nmap and saving the results.

Initialization

Attributes: Initializes shared data, prepares for scanning, and sets up the summary file.
Logger: Logs the initialization process.

Methods

`create_summary_file()`

Purpose: Creates a summary file for vulnerabilities if it does not exist.
Details: Initializes the summary file with appropriate columns and saves it as a CSV file.

`update_summary_file(ip, hostname, mac, port, vulnerabilities)`

Purpose: Updates the summary file with the scan results.
Details: Reads the existing summary file, appends new scan results, removes duplicates, and saves the updated data.

`scan_vulnerabilities(ip, hostname, mac, ports)`

Purpose: Scans the specified IP address for vulnerabilities on given ports using Nmap.
Details: Executes Nmap commands, captures the output, and updates the summary file with the parsed vulnerabilities.
Returns: The combined scan result as a string or None if an error occurs.

`execute(ip, row, status_key)`

Purpose: Executes the vulnerability scan for a given IP and row data.
Details: Initiates the scan, saves results, and updates the status.
Returns: A status string indicating success or failure.

`parse_vulnerabilities(scan_result)`

Purpose: Parses the Nmap scan result to extract vulnerabilities.
Details: Identifies lines containing vulnerability information and compiles them into a single string.
Returns: A string of parsed vulnerabilities.

`save_results(mac_address, ip, scan_result)`

Purpose: Saves the detailed scan results to a file.
Details: Writes the scan result to a file named after the MAC address and IP.

`save_summary()`

Purpose: Saves a summary of all scanned vulnerabilities to a final summary file.
Details: Aggregates data from the summary file and writes it to a final summary CSV.

Detailed Execution Flow

Step 1: Initialization

The NmapVulnScanner class is initialized with shared data, setting up necessary attributes and logging the initialization.

Step 2: Create Summary File

The create_summary_file method ensures the summary file exists and initializes it if not.

Step 3: Scan Vulnerabilities

The scan_vulnerabilities method scans the specified IP for vulnerabilities using Nmap, logs the process, and updates the summary file.

Step 4: Execute Scan

The execute method orchestrates the scan for each IP, saves the results, and updates the status based on the scan outcome.

Step 5: Parse Vulnerabilities

The parse_vulnerabilities method extracts and compiles vulnerability information from the Nmap scan result.

Step 6: Save Results

The save_results method saves detailed scan results to a file for each scanned IP.

Step 7: Save Summary

The save_summary method compiles and saves a summary of all vulnerabilities to a final summary file.

Variables and Configuration

Target Files and Directories

`self.shared_data.vuln_summary_file`

Purpose: Specifies the path to the summary file that records scan results.
Type: String (file path).
Example: '/path/to/vuln_summary.csv'

`self.shared_data.vulnerabilities_dir`

Purpose: Specifies the directory where detailed scan results are saved.
Type: String (directory path).
Example: '/path/to/vulnerabilities/'

`self.shared_data.nmap_scan_aggressivity`

Purpose: Specifies the aggressiveness level for Nmap scans.
Type: String (Nmap option).
Example: '-T4'

Example Configuration

self.shared_data.vuln_summary_file = '/path/to/vuln_summary.csv'
self.shared_data.vulnerabilities_dir = '/path/to/vulnerabilities/'
self.shared_data.nmap_scan_aggressivity = '-T4'

Integration with Orchestrator

Method Call

The NmapVulnScanner class is called by the orchestrator via its execute method. The process involves:

Receiving Target Details: The orchestrator provides IP, port, and other relevant details to the NmapVulnScanner class.
Performing Vulnerability Scan: The execute method initiates the Nmap scan, parses results, and updates the summary file.
Updating Orchestrator: The status (success or failure) is returned to the orchestrator for further action.

Example Workflow

Initialization: The orchestrator initializes the NmapVulnScanner class.
Execution: For each target IP, the orchestrator calls the execute method of NmapVulnScanner.
Logging and Status Update: The NmapVulnScanner class logs each step and updates the status based on the outcome of the scan.

By following these detailed steps, the nmap_vuln_scanner.py script performs vulnerability scans on specified IP addresses, saves detailed results, and updates a summary of vulnerabilities.

Nmap Vulnerability Scanner nmap_vuln_scanner.py