Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(contrib/fvuls) Add commands to obtained CPE information of network devices by executing snmp2cpe and upload to Fvuls server #1721

Merged
merged 42 commits into from
Sep 21, 2023
Merged

feat(contrib/fvuls) Add commands to obtained CPE information of network devices by executing snmp2cpe and upload to Fvuls server #1721

merged 42 commits into from
Sep 21, 2023

Conversation

wadda0714
Copy link
Contributor

@wadda0714 wadda0714 commented Aug 8, 2023
edited
Loading

What did you implement:

There are two commands.

  1. future-vuls discover

  - Explore hosts within the CIDR range using the ping command
  - Exec snmp2cpe(#1625) to active hosts to obtain CPE
   Commands running internally
    snmp2cpe v2c {IPAddr} public | snmp2cpe convert
  - Describe the information including CPE on the found hosts in a toml-formatted file.
  Structure of toml-formatted file

[server.{ip}]
ip = {IpAddr}
server_name = ""
uuid = {UUID}
cpe_uri = []
fvuls_sync = false

  - Default output file is discover_list.toml
  - If the file already exists, append the newly found host to the toml-formatted file. Old files are renamed with a timestamp.
  ex.) 20230912161058_discover_list.toml

./future-vuls discover -h
discover hosts with CIDR range. Run snmp2cpe on active host to get CPE. Default outputFile is ./discover_list.toml

Usage:
  future-vuls discover --cidr <CIDR_RANGE> --output <OUTPUT_FILE> [flags]

Examples:
future-vuls discover --cidr 192.168.0.0/24 --output discover_list.toml

Flags:
      --cidr string           cidr range
  -h, --help                  help for discover
      --output string         output file
      --snmp-version string   snmp version v1,v2c and v3. default: v2c
  1. future-vuls add-cpe
    Upload CPE information on the specified(FvulsSync is true and UUID is obtained) hosts to Fvuls

 
  - Create pseudo server to Fvuls to obtain uuid and upload CPE to Fvuls
  - Default output file is discover_list.toml

./future-vuls add-cpe -h
Create a pseudo server in Fvuls and register CPE. Default outputFile is ./discover_list.toml

Usage:
  future-vuls add-cpe --token <VULS_TOKEN> --output <OUTPUT_FILE> [flags]

Examples:
future-vuls add-cpe --token <VULS_TOKEN>

Flags:
  -h, --help                help for add-cpe
      --http-proxy string   proxy url
      --output string       output file
  -t, --token string        future vuls token ENV: VULS_TOKEN

Type of change

Please delete options that are not relevant.

  • New feature (non-breaking change which adds functionality)

How Has This Been Tested?

$ make build-future-vuls

$ ./future-vuls discover --cidr 192.168.0.1/24
Discovering 192.168.0.1/24...
192.168.0.1: Execute snmp2cpe...
failed to execute snmp2cpe. err: failed to execute snmp2cpe. err: exit status 1
192.168.0.2: Execute snmp2cpe...
failed to execute snmp2cpe. err: failed to execute snmp2cpe. err: exit status 1
192.168.0.4: Execute snmp2cpe...
failed to execute snmp2cpe. err: failed to execute snmp2cpe. err: exit status 1
192.168.0.6: Execute snmp2cpe...
New network device found 192.168.0.6
wrote to discover_list.toml

$ ./future-vuls add-cpe --token fvgr-686b92af-5216-11ee-a241-0a58a9feac02
Creating 1 pseudo server...
192.168.0.6: Created FutureVuls pseudo server ce024b45-1c59-5b86-1a67-e78a40dfec01
wrote to discover_list.toml

Uploading 1 server's CPE...
192.168.0.6: Uploaded CPE cpe:2.3:h:fortinet:fortigate-50e:-:*:*:*:*:*:*:*
192.168.0.6: Uploaded CPE cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*

discover_list.toml

["192.168.0.10"]
  ip = "192.168.0.10"
  server_name = "192.168.0.10"
  uuid = "e811e2b1-9463-d682-7c79-a4ab37de28cf"
  cpe_uri = ["cpe:2.3:h:fortinet:fortigate-50e:-:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*"]
  fvuls_sync = true

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

sadayuki-matsuno
sadayuki-matsuno requested changes Sep 19, 2023
View reviewed changes
contrib/future-vuls/pkg/cpe/cpe.go Outdated
)

type createPseudoServerInput struct {
APIKey string `json:"api_key"`
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use camel case

contrib/future-vuls/pkg/cpe/cpe.go Outdated
return cpeDetail.Server.ServerName, nil
}

func sentHTTPRequest(req *http.Request, token string, proxy string) ([]byte, error) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sendHTTPRequest

sadayuki-matsuno
sadayuki-matsuno previously requested changes Sep 19, 2023
View reviewed changes
contrib/future-vuls/cmd/main.go Outdated
Comment on lines 109 to 110
fmt.Printf("%v", err)
os.Exit(1)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the reason for exiting without returning err?

contrib/future-vuls/cmd/main.go Outdated
Comment on lines 135 to 136
fmt.Printf("%v", err)
os.Exit(1)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the reason for exiting without returning err?

contrib/future-vuls/cmd/main.go Outdated
Comment on lines 139 to 140
fmt.Printf("%v", err)
os.Exit(1)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the reason for exiting without returning err?

和田皓翔 and others added 11 commits September 19, 2023 14:46
Merge branch 'master' of https://github.com/wadda0714/vuls
efebcdd
fix: error log
39964f5
fix
37aeed8
@sadayuki-matsuno
refactor(fvuls)
ba10b2e
@sadayuki-matsuno
merge
9bde04f
@sadayuki-matsuno
Refactor (#2)
7f08b42 
refactor
---------

Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6>
@wadda0714 @sadayuki-matsuno
Refactor (#3)
dcae998 
 fix

---------

Co-authored-by: Sadayuki Matsuno <sadayuki.matsuno@gmail.com>
Co-authored-by: 和田皓翔 <wadahiroka@192.168.0.6>
fix: CONFLICT
34cb069
fix
211187a
fix: lint error
f0c2739
fix
4e3f45a
@kotakanbe kotakanbe merged commit 80b48fc into future-architect:master Sep 21, 2023
4 checks passed
@takaishi takaishi mentioned this pull request Sep 24, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sadayuki-matsuno sadayuki-matsuno sadayuki-matsuno left review comments

@kotakanbe kotakanbe Awaiting requested review from kotakanbe

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wadda0714 @sadayuki-matsuno @kotakanbe