Adds to documentation, fixes a bug in importer

Author: dimeko

README.md

@@ -57,6 +57,9 @@ deltascan --help
 sudo -E env PATH=${PATH} deltascan <command & arguments>
 ```
 
+<b>NOTE</b>: `data_for_html.json` is the schema of the Python dict exposed to use inside your custom html template (see core/templates)
+
+
 ### Tests
 Run tests
 ```bash
@@ -67,45 +70,76 @@ pipenv run pytest
 
 Scan:
 ```bash
-sudo -E env PATH=${PATH} pipenv run deltascan -a scan -c config.yaml -p MY_PROFILE -t 192.168.0.100
-sudo -E env PATH=${PATH} pipenv run deltascan -a scan -c config.yaml -p MY_PROFILE -t 192.168.0.100/24
-sudo -E env PATH=${PATH} pipenv run deltascan -a scan -c config.yaml -p MY_PROFILE -t 192.168.0.100 -o export.<csv|pdf|html>
+sudo -E env PATH=${PATH} pipenv run deltascan scan -c config.yaml -p MY_PROFILE -t 192.168.0.100
+sudo -E env PATH=${PATH} pipenv run deltascan scan -c config.yaml -p MY_PROFILE -t 192.168.0.100/24
+sudo -E env PATH=${PATH} pipenv run deltascan scan -c config.yaml -p MY_PROFILE -t 192.168.0.100 -o export.<csv|pdf|html>
 
 # The -s bool flag exports each scan in a separate file
-sudo -E env PATH=${PATH} pipenv run deltascan -a scan -c config.yaml -p MY_PROFILE -t 192.168.0.100 -s
+sudo -E env PATH=${PATH} pipenv run deltascan scan -c config.yaml -p MY_PROFILE -t 192.168.0.100 -s
 
 # The below command uses a custom template file (it has to be an .html file)
-sudo -E env PATH=${PATH} pipenv run deltascan -a scan -c config.yaml -p MY_PROFILE -t 192.168.0.100 --template your_template.html
+sudo -E env PATH=${PATH} pipenv run deltascan scan -c config.yaml -p MY_PROFILE -t 192.168.0.100 --template your_template.html
 ```
 
 Compare:
 ```bash
-pipenv run deltascan -a compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100
-pipenv run deltascan -a compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24
-pipenv run deltascan -a compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24 -o export.<csv|pdf|html>
+pipenv run deltascan compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100
+pipenv run deltascan compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24
+pipenv run deltascan compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24 -o export.<csv|pdf|html>
 
 # The "--n-scans 20 --n-diffs -2" means "from below command mean from the last 20 scans show the latest differences"
-pipenv run deltascan -a compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" --n-scans 20 --n-diffs -2 -t 192.168.0.100
+pipenv run deltascan compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" --n-scans 20 --n-diffs -2 -t 192.168.0.100
 
 # The below command uses a custom template file (it has to be an .html file)
-pipenv run deltascan -a compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" --n-scans 20 --n-diffs -2 -t 192.168.0.100 --template your_template.html
+pipenv run deltascan compare -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" --n-scans 20 --n-diffs -2 -t 192.168.0.100 --template your_template.html
 ```
 
 View:
 ```bash
-pipenv run deltascan -a view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100
-pipenv run deltascan -a view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24
-pipenv run deltascan -a view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24 -o export.<csv|pdf|html>
+pipenv run deltascan view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100
+pipenv run deltascan view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24
+pipenv run deltascan view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" -t 192.168.0.100/24 -o export.<csv|pdf|html>
 
 # The below command brings only the open ports from the defined scans
-pipenv run deltascan -a view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" --port-type open -t 192.168.0.100
+pipenv run deltascan view -c config.yaml -p MY_PROFILE --from-date "2024-01-01 10:00:00" --to-date "2024-01-02 10:00:00" --port-type open -t 192.168.0.100
 
 ```
 
 Import:
 ```bash
-pipenv run deltascan -a import -i previous_exports.csv
-pipenv run deltascan -a import -i raw_nmap_results.xml
+pipenv run deltascan import -i previous_exports.csv
+pipenv run deltascan import -i raw_nmap_results.xml
+```
+Interactive shell options:
+
+```bash
+deltascan>: ?                                # Display help
+        Documented commands (type help <topic>):
+    ========================================
+    clear  diff        exit  imp       q     report  view
+    conf   diff_files  help  profiles  quit  scan
+    Interactive shell:
+deltascan>: conf                             # Display current configuration
+    output_file:         out_file.html
+    template_file:       None
+    import_file:         None
+    diff_files:          None
+    n_scans:             1
+    n_diffs:             1
+    From date [fdate]:   None
+    To date [tdate]:     None
+    suppress:            False
+    host:                0.0.0.0
+    profile:             None
+deltascan>: conf suppress=true              # Modify configuration value
+deltascan>: view                            # View result based on current configuration parameters
+    # ... Results ...
+deltascan>: diff 1,2                        # Difference between previous view results (always user suppress=True to find diff indexes)
+deltascan>: imp nmap_dump_file.0.0.0.0.xml  # Import nmap dump file
+deltascan>: report                          # Report last results
+deltascan>: diff_files d1.xml,d2.xml        # Differences between two nmap dump files
+deltascan>: profiles                        # List profiles in database
+deltascan>: scan 0.0.0.0 PROFILE            # Scan with IP and profile
 ```
 
 ### Documentation

data_for_html.json

@@ -0,0 +1,66 @@
+{
+    "field_names": [
+        "Port",
+        "State",
+        "Service",
+        "Service FP",
+        "Service Product"
+    ],
+    "scans": [
+        {
+            "uuid": "61cd5fb4-sddf-49cf-bda8-740b50d355f4",
+            "results": {
+                "hops": {
+                    "1": "10.0.0.0",
+                    "2": "17.0.0.0",
+                    "3": "17.0.0.1",
+                    "4": "17.0.0.2",
+                    "5": "18.0.0.3"
+                },
+                "status": "up",
+                "last_boot": "none",
+                "host": "0.0.0.1",
+                "osfingerprint": "TEST_FINGERPRINT",
+                "os": {
+                    "1": "OS2",
+                    "2": "OS2",
+                    "3": "OS3"
+                },
+                "ports": [
+                    {
+                        "servicefp": "none",
+                        "service": "service_name",
+                        "service_product": "Apache",
+                        "portid": "12",
+                        "proto": "tcp",
+                        "state": {
+                            "state": "open",
+                            "reason": "syn-ack",
+                            "reason_ttl": "43"
+                        }
+                    },
+                    {
+                        "servicefp": "none",
+                        "service": "service_name",
+                        "service_product": "Nginx",
+                        "portid": "13",
+                        "proto": "tcp",
+                        "state": {
+                            "state": "open",
+                            "reason": "syn-ack",
+                            "reason_ttl": "32"
+                        }
+                    }
+                ]
+            },
+            "arguments": "-sS -vv -n -A --osscan-guess --version-all -Pn -T4 -p12,13",
+            "result_hash": "11f16af5472e3d1d1396234242a0jd3usio9d17de28ee4e1020c6a32359fd10f",
+            "host": "0.0.0.1",
+            "host_subnet": "0.0.0.0",
+            "created_at": "2023-05-24 10:00:00",
+            "profile_name": "IMPORTED_1711267305"
+        }
+    ],
+    "section_title": "Report for company",
+    "section_info": "Information"
+}

deltascan/cli/cmd.py

@@ -14,6 +14,7 @@
     TextColumn)
 from rich.text import Text
 from rich.columns import Columns
+import pkg_resources
 import threading
 import signal
 import select
@@ -288,8 +289,7 @@ def run():
     parser = argparse.ArgumentParser(
         prog='deltascan', description='A package for scanning deltas')
     parser.add_argument(
-        "-a", "--action", help='the command to run',
-        required=False, choices=['scan', 'diff', 'view', 'import'])
+        "action", help='the command to run', choices=['scan', 'diff', 'view', 'import', 'version'])
     parser.add_argument("-o", "--output", help='output file', required=False)
     parser.add_argument("-d", "--diff-files",
                         help='comma separated files to find their differences (xml)',
@@ -408,8 +408,13 @@ def run():
     _dscan = DeltaScan(config, ui_context, result)
 
     try:
+        _version = pkg_resources.require("deltascan")[0].version
+        if clargs.action == "version":
+            print(_version)
+            os._exit(0)
+
         print(BANNER.format(
-            "version",
+            _version,
             _dscan.stored_scans_count(),
             _dscan.stored_profiles_count(),
             clargs.profile,

deltascan/core/deltascan.py

@@ -680,6 +680,8 @@ def view(self):
                     to_date=self._config.tdate,
                     from_date=self._config.fdate,
                     pstate=self._config.port_type)
+            if self._config.output_file is not None:
+                self._report_scans(scans, output_file=f"scans_{self._config.output_file}")
 
             return scans
         except DScanRDBMSEntryNotFound as e:

deltascan/core/importer.py

@@ -32,7 +32,7 @@ def __init__(self, filename, logger=None):
 
         self.logger = logger if logger is not None else logging.basicConfig(**LOG_CONF)
         self._filename = filename
-        self.store = store.Store()
+        self.store = store.Store(self.logger)
         if filename.split(".")[-1] in [CSV, XML]:
             self._file_extension = filename.split(".")[-1]
             self._filename = filename[:-1*len(self._file_extension)-1]

deltascan/core/parser.py

@@ -115,7 +115,7 @@ def extract_port_scan_dict_results(cls, results):
                         scan["os"][str(_idx+1)] = _match["osmatch"]["name"]
                 except (KeyError, IndexError):
                     if len(scan["os"]) == 0:
-                        scan["os"] = ["none"]
+                        scan["os"] = {"1": "unknown"}
                     else:
                         pass
 
@@ -125,7 +125,7 @@ def extract_port_scan_dict_results(cls, results):
                         scan["hops"][str(_idx+1)] = _hop["ipaddr"]
                 except (KeyError, IndexError):
                     if len(scan["hops"]) == 0:
-                        scan["hops"] = ["none"]
+                        scan["hops"] = {"1": "unknown"}
                     else:
                         pass
 

deltascan/core/store.py

@@ -49,12 +49,13 @@ def save_scans(self, profile_name, host_with_subnet, scan_data, created_at=None)
             try:
                 _uuid = uuid.uuid4()
                 json_scan_data = json.dumps(single_host_scan)
-                single_host_scan["os"] = ["none"] if len(single_host_scan.get("os", [])) == 0 else single_host_scan.get("os", [])
+                single_host_scan["os"] = {"1": "unknown"} if len(
+                    single_host_scan.get("os", {"1": "unknown"})) == 0 else single_host_scan.get("os", {"1": "unknown"})
                 _n = self.store.create_port_scan(
                     _uuid,
-                    single_host_scan.get("host", "none"),
+                    single_host_scan.get("host", "unknown"),
                     host_with_subnet,
-                    single_host_scan.get("os", [])[0],
+                    single_host_scan.get("os", {})["1"],
                     profile_name,
                     json_scan_data,
                     hash_string(json_scan_data),

deltascan/core/templates/scans_report.html

@@ -64,7 +64,11 @@ <h4>Scan report for {{ scan.host }}</h2>
             <p>Nmap arguments: {{ scan.arguments }}</p>
             <p>Profile: {{ scan.profile_name }}</p>
             <p>Date: {{ scan.created_at }}</p>
-            
+            <p>Last boot: {{ scan.results.last_boot }}</p>
+            <h4>Hops</h4>
+            {% for khop, vhop in scan.results.hops.items() %}
+                <p>{{ khop }}: {{ vhop }}</p>
+            {% endfor %}
             <table>
                 <thead>
                     <tr>
@@ -83,6 +87,7 @@ <h4>Scan report for {{ scan.host }}</h2>
                             <td>{{ row.service_product }}</td>
                         </tr>
                     {% endfor %}
+                    
                 </tbody>
             </table>
         </section>

setup.py

@@ -1,8 +1,9 @@
 from setuptools import setup, find_packages
 
+
 setup(
     name='deltascan',
-    version='0.0.1',
+    version='1.0.0-alpha',
     description='A package for scanning deltas',
     author='logisek',
     url='https://github.com/Logisek/DeltaScan',