From da3c14559f9d0c344563f6837e85455b5e3c216f Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Wed, 25 Jun 2025 13:53:12 +0200 Subject: [PATCH 1/4] discover open posrt before full scan --- modules/test/services/conf/module_config.json | 2 +- .../services/python/src/services_module.py | 42 +++++++++++++++---- 2 files changed, 34 insertions(+), 10 deletions(-) diff --git a/modules/test/services/conf/module_config.json b/modules/test/services/conf/module_config.json index b37435eda..6c481821e 100644 --- a/modules/test/services/conf/module_config.json +++ b/modules/test/services/conf/module_config.json @@ -9,7 +9,7 @@ "docker": { "depends_on": "base", "enable_container": true, - "timeout": 900 + "timeout": 1200 }, "tests": [ { diff --git a/modules/test/services/python/src/services_module.py b/modules/test/services/python/src/services_module.py index 06ceed67d..23abcaebf 100644 --- a/modules/test/services/python/src/services_module.py +++ b/modules/test/services/python/src/services_module.py @@ -186,18 +186,42 @@ def _process_port_results(self): if self._scan_udp_results is not None: self._scan_results.update(self._scan_udp_results) + def _nmap_open_ports(self, nmap_results: str) -> list[str]: + # Returns the list of open ports from nmap xml output + open_ports = [] + try: + xml_data = xmltodict.parse(nmap_results) + if 'host' in xml_data['nmaprun']: + for entry in xml_data['nmaprun']['host']['ports']['port']: + open_ports.append(entry['@portid']) + except Exception as e: + LOGGER.error(f'Error parsing Nmap output: {e}') + return open_ports + def _scan_tcp_ports(self): + # Scans TCP ports to detect open ports. + host = self._device_ipv4_addr + # Preliminary command for quick open port detection. + nmap_command_prelim = f'''nmap --open -sT -Pn -v -n -T5 + --version-intensity 0 --min-rate 1000 + -p- -oX - {host}''' + # Command for detecting services using open ports. + nmap_command = f'''nmap --open -sT -sV -Pn -v -p 1-65535 + --version-intensity 7 -T4 -oX - {host}''' LOGGER.info(f'Running nmap TCP port scan for {self._device_ipv4_addr}') - nmap_results = util.run_command( # pylint: disable=E1120 - f'''nmap --open -sT -sV -Pn -v -p 1-65535 - --version-intensity 7 -T4 -oX - {self._device_ipv4_addr}''')[0] - + nmap_results_prelim = util.run_command(nmap_command_prelim)[0] + open_ports = self._nmap_open_ports(nmap_results_prelim) + if open_ports: + LOGGER.info(f'Open TCP ports detected: {open_ports}') + nmap_results = util.run_command(nmap_command)[0] + LOGGER.debug(f'TCP Scan results raw: {nmap_results}') + nmap_results_json = self._nmap_results_to_json(nmap_results) + LOGGER.debug(f'TCP Scan results JSON: {nmap_results_json}') + self._scan_tcp_results = self._process_nmap_json_results( + nmap_results_json=nmap_results_json) + else: + LOGGER.info('No open TCP ports detected.') LOGGER.info('TCP port scan complete') - LOGGER.debug(f'TCP Scan results raw: {nmap_results}') - nmap_results_json = self._nmap_results_to_json(nmap_results) - LOGGER.debug(f'TCP Scan results JSON: {nmap_results_json}') - self._scan_tcp_results = self._process_nmap_json_results( - nmap_results_json=nmap_results_json) def _scan_udp_ports(self): From 8a20143af04ddf6b089d5ea083b2e1943ebc0b12 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Thu, 26 Jun 2025 15:07:07 +0200 Subject: [PATCH 2/4] tsp ports discover refactor --- .../services/python/src/services_module.py | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/modules/test/services/python/src/services_module.py b/modules/test/services/python/src/services_module.py index 23abcaebf..c454f4f93 100644 --- a/modules/test/services/python/src/services_module.py +++ b/modules/test/services/python/src/services_module.py @@ -189,13 +189,10 @@ def _process_port_results(self): def _nmap_open_ports(self, nmap_results: str) -> list[str]: # Returns the list of open ports from nmap xml output open_ports = [] - try: - xml_data = xmltodict.parse(nmap_results) - if 'host' in xml_data['nmaprun']: - for entry in xml_data['nmaprun']['host']['ports']['port']: - open_ports.append(entry['@portid']) - except Exception as e: - LOGGER.error(f'Error parsing Nmap output: {e}') + data = self._process_nmap_json_results( + self._nmap_results_to_json(nmap_results)) + for item in data.values(): + open_ports.append(item['number']) return open_ports def _scan_tcp_ports(self): @@ -205,13 +202,13 @@ def _scan_tcp_ports(self): nmap_command_prelim = f'''nmap --open -sT -Pn -v -n -T5 --version-intensity 0 --min-rate 1000 -p- -oX - {host}''' - # Command for detecting services using open ports. - nmap_command = f'''nmap --open -sT -sV -Pn -v -p 1-65535 - --version-intensity 7 -T4 -oX - {host}''' - LOGGER.info(f'Running nmap TCP port scan for {self._device_ipv4_addr}') + LOGGER.info(f'Running nmap TCP port scan for {host}') nmap_results_prelim = util.run_command(nmap_command_prelim)[0] open_ports = self._nmap_open_ports(nmap_results_prelim) if open_ports: + # Command for detecting services using open ports. + nmap_command = f'''nmap --open -sT -sV -Pn -v -p {','.join(open_ports)} + --version-intensity 7 -T4 -oX - {host}''' LOGGER.info(f'Open TCP ports detected: {open_ports}') nmap_results = util.run_command(nmap_command)[0] LOGGER.debug(f'TCP Scan results raw: {nmap_results}') From 9039dc95dd745e216c72536dd1e2f9625a1abe6f Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Thu, 26 Jun 2025 20:19:27 +0200 Subject: [PATCH 3/4] refactor service module tests no-complient --- .../services_non_compliant/entrypoint.sh | 30 +++++++++++-------- 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/testing/docker/ci_test_device1/services_non_compliant/entrypoint.sh b/testing/docker/ci_test_device1/services_non_compliant/entrypoint.sh index 4be73d5c4..b9f155c47 100755 --- a/testing/docker/ci_test_device1/services_non_compliant/entrypoint.sh +++ b/testing/docker/ci_test_device1/services_non_compliant/entrypoint.sh @@ -24,39 +24,45 @@ echo $DHCP_TPID # Start FTP service echo "Starting FTP on ports 20, 21" -nc -nvlt -p 20 & -nc -nvlt -p 21 & +(while true; do nc -l -p 20 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & +(while true; do nc -l -p 21 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & + # Start Telnet service echo "Starting Telnet on port 23" -nc -nvlt -p 23 & +(while true; do nc -l -p 23 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & # Start SMTP service echo "Starting SMTP on ports 25, 465, and 587" -nc -nvlt -p 25 & -nc -nvlt -p 465 & -nc -nvlt -p 587 & +(while true; do nc -l -p 25 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & +(while true; do nc -l -p 465 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & +(while true; do nc -l -p 587 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & # Start HTTP service echo "Starting HTTP on port 80 " -nc -nvlt -p 80 & +(while true; do nc -l -p 80 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & # Start POP service echo "Starting POP on ports 109 and 110 " -nc -nvlt -p 109 & -nc -nvlt -p 110 & +(while true; do nc -l -p 109 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & +(while true; do nc -l -p 110 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & + +# Start IMAP service +echo "Starting IMAP on port 143 " +(while true; do nc -l -p 143 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & # Start IMAP service echo "Starting IMAP on port 143 " -nc -nvlt -p 143 & +(while true; do nc -l -p 123 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & # Start SNMPv2 service echo "Starting SNMPv2 on ports 161/162 " -(while true; do echo -ne " \x02\x01\ " | nc -u -l -w 1 161; done) & +(while true; do nc -l -p 161 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & +(while true; do nc -l -p 162 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & # Start TFTP service echo "Starting TFTP on port 69 " -(while true; do echo -ne "\0\x05\0\0\x07\0" | nc -u -l -w 1 69; done) & +(while true; do nc -l -p 69 < /dev/null | tee /dev/stderr | echo 'Hello TCP!' ; done) & # Start NTP service echo "Starting NTP service" From b21cc1544c9281f4be040600b410f20fc74c6b31 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Fri, 27 Jun 2025 11:38:41 +0200 Subject: [PATCH 4/4] scan only http port in TLS module --- modules/test/tls/python/src/http_scan.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/modules/test/tls/python/src/http_scan.py b/modules/test/tls/python/src/http_scan.py index a25f5215d..86b6c0439 100644 --- a/modules/test/tls/python/src/http_scan.py +++ b/modules/test/tls/python/src/http_scan.py @@ -40,6 +40,18 @@ def scan_all_ports(self, ip): http_ports.append(port) return http_ports + def scan_http_ports(self, ip): + """Scans HTTP/HTTPS ports.""" + nm = nmap.PortScanner() + nm.scan(hosts=ip, ports='80,443', arguments='--open -sV') + + http_ports = [] + if ip in nm.all_hosts(): + for port in [80, 443]: + if port in nm[ip]['tcp'] and nm[ip]['tcp'][port]['state'] == 'open': + http_ports.append(port) + return http_ports + def is_https(self, ip, port): """Attempts a TLS handshake to determine if the port serves HTTPS.""" try: @@ -66,7 +78,7 @@ def verify_http_or_https(self, ip, ports): def scan_for_http_services(self, ip_address): LOGGER.info(f'Scanning for HTTP ports on {ip_address}') - http_ports = self.scan_all_ports(ip_address) + http_ports = self.scan_http_ports(ip_address) results = None if len(http_ports) > 0: LOGGER.info(f'Checking HTTP ports on {ip_address}: {http_ports}')