From 7e9311ff1c846d4eeba065579f2475041cd84cf7 Mon Sep 17 00:00:00 2001 From: Jacob Boddey Date: Thu, 7 Nov 2024 09:41:22 +0000 Subject: [PATCH 1/3] Add BACnet test and extend port scan --- modules/test/services/conf/module_config.json | 16 ++++++++++++++++ .../test/services/python/src/services_module.py | 3 +-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/modules/test/services/conf/module_config.json b/modules/test/services/conf/module_config.json index 375759d50..b37435eda 100644 --- a/modules/test/services/conf/module_config.json +++ b/modules/test/services/conf/module_config.json @@ -372,6 +372,22 @@ "Disable the NTP server", "Drop traffic entering port 123/udp" ] + }, + { + "name": "protocol.services.bacnet", + "test_description": "Report whether the device is running a BACnet server", + "expected_behavior": "The device may or may not be running a BACnet server", + "config": { + "services": [ + "bacnet" + ], + "ports": [ + { + "number": 47808, + "type": "udp" + } + ] + } } ] } diff --git a/modules/test/services/python/src/services_module.py b/modules/test/services/python/src/services_module.py index 56458ff64..c111c3cd0 100644 --- a/modules/test/services/python/src/services_module.py +++ b/modules/test/services/python/src/services_module.py @@ -196,10 +196,9 @@ def _process_port_results(self): self._scan_results.update(self._scan_udp_results) def _scan_tcp_ports(self): - max_port = 10000 LOGGER.info('Running nmap TCP port scan') nmap_results = util.run_command( # pylint: disable=E1120 - f'''nmap --open -sT -sV -Pn -v -p 1-{max_port} + f'''nmap --open -sT -sV -Pn -v -p 1-65535 --version-intensity 7 -T4 -oX - {self._ipv4_addr}''')[0] LOGGER.info('TCP port scan complete') From dafe3599693de1881e4b67e486dee71d086e41af Mon Sep 17 00:00:00 2001 From: Jacob Boddey Date: Thu, 7 Nov 2024 09:45:54 +0000 Subject: [PATCH 2/3] Add bacnet test to module --- modules/test/services/python/src/services_module.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/modules/test/services/python/src/services_module.py b/modules/test/services/python/src/services_module.py index c111c3cd0..1a1a00f7e 100644 --- a/modules/test/services/python/src/services_module.py +++ b/modules/test/services/python/src/services_module.py @@ -420,3 +420,15 @@ def _security_ssh_version(self, config): else: return (False, f"SSH server found running {open_port_info['version']}") + + def _protocol_services_bacnet(self, config): + LOGGER.info('Running protocol.services.bacnet') + + open_ports = self._check_results(config['ports'], config['services']) + if len(open_ports) == 0: + return False, 'No BACnet server found' + else: + return ( + True, + f'''Found BACnet server running on port {', '.join(open_ports)}''' + ) From 8be0cb4ecf5d1c23882ecdc41f03695f52d03b59 Mon Sep 17 00:00:00 2001 From: Jacob Boddey Date: Fri, 8 Nov 2024 09:17:59 +0000 Subject: [PATCH 3/3] Change log to info --- modules/test/services/python/src/services_module.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/test/services/python/src/services_module.py b/modules/test/services/python/src/services_module.py index 1a1a00f7e..1a783e7dc 100644 --- a/modules/test/services/python/src/services_module.py +++ b/modules/test/services/python/src/services_module.py @@ -224,7 +224,7 @@ def _scan_udp_ports(self): if len(ports) > 0: port_list = ','.join(ports) LOGGER.info('Running nmap UDP port scan') - LOGGER.debug('UDP ports: ' + str(port_list)) + LOGGER.info('UDP ports: ' + str(port_list)) nmap_results = util.run_command( # pylint: disable=E1120 f'nmap -sU -sV -p {port_list} -oX - {self._ipv4_addr}')[0] LOGGER.info('UDP port scan complete')