From 14c22ef251556f5365c56c89c218c1e1d3d86f6a Mon Sep 17 00:00:00 2001 From: Nicolo Maio Date: Fri, 11 Aug 2023 20:15:18 +0200 Subject: [PATCH] Fix edit host. (#7755) --- http_src/vue/modal-add-host-to-scan.vue | 24 +++++- http_src/vue/page-hosts-to-scan.vue | 10 ++- httpdocs/dist | 2 +- scripts/lua/modules/http_lint.lua | 1 + .../modules/vulnerability_scan/vs_utils.lua | 81 ++++++++++++++++--- scripts/lua/rest/v2/add/host/to_scan.lua | 6 +- .../v2/delete/host/delete_host_to_scan.lua | 2 +- .../exec/host/schedule_vulnerability_scan.lua | 3 +- 8 files changed, 104 insertions(+), 25 deletions(-) diff --git a/http_src/vue/modal-add-host-to-scan.vue b/http_src/vue/modal-add-host-to-scan.vue index 498446c87e88..4c64ccf556b4 100644 --- a/http_src/vue/modal-add-host-to-scan.vue +++ b/http_src/vue/modal-add-host-to-scan.vue @@ -127,6 +127,8 @@ const host_placeholder = i18n('hosts_stats.page_scan_hosts.host_placeholder'); let ports_placeholder = i18n('hosts_stats.page_scan_hosts.ports_placeholder'); const message_feedback = ref(''); +const row_to_edit_id = ref(''); + const resolve_host_name_url = `${http_prefix}/lua/rest/v2/get/host/resolve_host_name.lua`; const server_ports = `${http_prefix}/lua/iface_ports_list.lua`; // ?clisrv=server&ifid=2&host=192.168.2.39 const nmap_server_ports = `${http_prefix}/lua/rest/v2/get/host/ports_by_nmap.lua`; @@ -189,10 +191,13 @@ const reset_modal_form = function() { activate_spinner.value = false; activate_add_spinner.value = false; message_feedback.value = ""; + row_to_edit_id.value = null; + ports_placeholder = i18n('hosts_stats.page_scan_hosts.ports_placeholder'); selected_scan_type.value = scan_type_list.value[0]; + selected_cidr.value = cidr_options_list.value[1]; } /** @@ -211,6 +216,8 @@ const set_row_to_edit = (row) => { host.value = row.host; ports.value = row.ports; + row_to_edit_id.value = row.id; + automatic_scan_frequencies_list.value.forEach((item) => { if(item.id == row.scan_frequency) { selected_automatic_scan_frequency.value = item; @@ -247,6 +254,7 @@ const show = (row, _host) => { if(row != null) set_row_to_edit(row); + if(_host!=null && _host!="") { host.value = _host; disable_add.value = false; @@ -282,7 +290,6 @@ const check_empty_host = async () => { const check_ports = () => { let comma_separted_port_regex = /^(\d{1,5})(,\s*\d{1,5})*$/; - //console.log(comma_separted_port_regex.test(ports.value)); if ( !comma_separted_port_regex.test(ports.value)) { disable_add.value = true; @@ -315,8 +322,15 @@ const add_ = async (is_edit) => { let emit_name = 'add'; - if(is_edit == true) + let tmp_row_id = ""; + if(is_edit == true) { emit_name = 'edit'; + tmp_row_id = row_to_edit_id.value; + + } else { + tmp_row_id = null; + } + // FIX validation let regex = new RegExp(regexValidation.get_data_pattern('ip')); @@ -337,7 +351,6 @@ const add_ = async (is_edit) => { if (verify_host_name) { let result = await resolve_host_name(host.value); - //console.log(result) disable_add.value = result == "no_success"; } @@ -350,7 +363,9 @@ const add_ = async (is_edit) => { scan_type: tmp_scan_type, scan_ports: tmp_ports, cidr: selected_cidr.value.id, - auto_scan_frequency: a_scan_frequency + auto_scan_frequency: a_scan_frequency, + scan_id: tmp_row_id + }); } else { emit(emit_name, { @@ -358,6 +373,7 @@ const add_ = async (is_edit) => { scan_type: tmp_scan_type, scan_ports: tmp_ports, cidr: selected_cidr.value.id, + scan_id: tmp_row_id }); } diff --git a/http_src/vue/page-hosts-to-scan.vue b/http_src/vue/page-hosts-to-scan.vue index d47854193ead..a98fb4f701d2 100644 --- a/http_src/vue/page-hosts-to-scan.vue +++ b/http_src/vue/page-hosts-to-scan.vue @@ -269,7 +269,7 @@ async function click_button_scan(event) { /* Function to handle edit button */ function click_button_edit_host(event) { const row = event.row; - row_to_delete.value = row; + //row_to_delete.value = row; modal_add.value.show(row); } @@ -282,7 +282,7 @@ function delete_all_entries() { /* Function to edit host to scan */ async function edit(params) { - await delete_row(); + //await delete_row(); await add_host_rest(params); } @@ -338,7 +338,7 @@ const map_table_def_columns = (columns) => { }, "scan_frequency" : (scan_frequency) => { let label = ""; - if (scan_frequency == null) { + if (scan_frequency == null || scan_frequency == "disabled") { return ""; } else if (scan_frequency == "1day") { label = i18n("hosts_stats.page_scan_hosts.daily"); @@ -461,6 +461,7 @@ const scan_row = async function () { scan_type: row.scan_type, scan_single_host: true, scan_ports: row.ports, + scan_id: row.id }) await ntopng_utility.http_post_request(url, rest_params); autorefresh.value = true; @@ -484,7 +485,8 @@ const delete_row = async function () { host: row.host, scan_type: row.scan_type, - delete_all_scan_hosts: false + delete_all_scan_hosts: false, + scan_id: row.id }) diff --git a/httpdocs/dist b/httpdocs/dist index 006ef2677725..fdf19195b456 160000 --- a/httpdocs/dist +++ b/httpdocs/dist @@ -1 +1 @@ -Subproject commit 006ef2677725bfcce5b05a0ec84fa013ddcd2fa6 +Subproject commit fdf19195b456463dc42898ec0daf364edc76c443 diff --git a/scripts/lua/modules/http_lint.lua b/scripts/lua/modules/http_lint.lua index 4d2ad8bb39db..d2d208648f7f 100644 --- a/scripts/lua/modules/http_lint.lua +++ b/scripts/lua/modules/http_lint.lua @@ -1985,6 +1985,7 @@ local known_parameters = { ["scan_ports_rsp"] = validateBool, ["scan_date"] = validateSingleWord, ["auto_scan_frequency"] = validateSingleWord, + ["scan_id"] = validateSingleWord, ["snmp_device"] = validateDevice, ["snmp_device_port"] = validateSNMPIfidNumber, diff --git a/scripts/lua/modules/vulnerability_scan/vs_utils.lua b/scripts/lua/modules/vulnerability_scan/vs_utils.lua index 8b9f99fc426b..e6dbd9ce33f8 100644 --- a/scripts/lua/modules/vulnerability_scan/vs_utils.lua +++ b/scripts/lua/modules/vulnerability_scan/vs_utils.lua @@ -226,13 +226,27 @@ end -- ********************************************************** +-- Function to save host configuration +local function isAlreadyPresent(item) + + local hosts_details = vs_utils.retrieve_hosts_to_scan() + for _,value in ipairs(hosts_details) do + if (item.host == value.host ) then + return true + end + end + return false +end + +-- ********************************************************** + -- Function to save host configuration function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time, last_duration, is_ok_last_scan, ports, scan_frequency, num_open_ports, - num_vulnerabilities_found, cve) + num_vulnerabilities_found, cve, id) --local saved_hosts_string = ntop.getCache(host_to_scan_key) - local saved_hosts = {} - local host_hash_key = vs_utils.get_host_hash_key(host, scan_type) + --local saved_hosts = {} + --local host_hash_key = vs_utils.get_host_hash_key( id) --if not isEmptyString(saved_hosts_string) then local checks = require "checks" @@ -272,6 +286,14 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time end end + local epoch_id = "" + if isEmptyString(id) then + local key = "ntopng.prefs.last_host_id" + local res = ntop.incrCache(key) + epoch_id = res + else + epoch_id = id + end local new_item = { host = host, scan_type = scan_type, @@ -279,6 +301,7 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time num_open_ports = num_open_ports, num_vulnerabilities_found = num_vulnerabilities_found, cve = cve, + id = epoch_id } if last_scan_time or last_duration then @@ -311,9 +334,19 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time local result = handle:write(scan_result) handle:close() end + + if not isEmptyString(id) then + vs_utils.delete_host_to_scan_by_id(id) + end + if(not isAlreadyPresent(new_item)) then --saved_hosts[#saved_hosts+1] = new_item - ntop.setHashCache(host_to_scan_key, host_hash_key, json.encode(new_item)) + ntop.setHashCache(host_to_scan_key, host_hash_key, json.encode(new_item)) + elseif not isEmptyString(id) then + + -- edit case + ntop.setHashCache(host_to_scan_key, host_hash_key, json.encode(new_item)) + end --ntop.setCache(host_to_scan_key, json.encode(saved_hosts)) return 1 @@ -400,6 +433,30 @@ function vs_utils.delete_host_to_scan(host, scan_type, all) return true end +-- Function to delete host to scan by id +function vs_utils.delete_host_to_scan_by_id(id) + + local hosts_details = vs_utils.retrieve_hosts_to_scan() + local host_to_delete = {} + local id_number = tonumber(id) + + for _,value in ipairs(hosts_details) do + if(tonumber(value.id) == id_number ) then + host_to_delete.host = value.host + host_to_delete.scan_type = value.scan_type + break + end + end + + local host_hash_key = vs_utils.get_host_hash_key(host_to_delete.host, host_to_delete.scan_type) + local path_to_s_result = get_report_path(host_to_delete.scan_type, host_to_delete.host, false) + os.remove(path_to_s_result) + ntop.delHashCache(host_to_scan_key, host_hash_key) + + + return true +end + -- ********************************************************** -- Function to retrieve scan types list @@ -445,12 +502,12 @@ end -- ********************************************************** -- Function to exec single host scan -function vs_utils.scan_host(scan_type, host, ports) +function vs_utils.scan_host(scan_type, host, ports, scan_id) local scan_module = vs_utils.load_module(scan_type) local result,duration,scan_result,num_open_ports,num_vulnerabilities_found, cve = scan_module:scan_host(host, ports) vs_utils.save_host_to_scan(scan_type, host, result, now, duration, scan_result, - ports, nil, num_open_ports, num_vulnerabilities_found, cve) + ports, nil, num_open_ports, num_vulnerabilities_found, cve, scan_id) return true end @@ -458,7 +515,7 @@ end -- ********************************************************** -- Function to update single host status -function vs_utils.set_status_scan(scan_type, host, ports) +function vs_utils.set_status_scan(scan_type, host, ports, id) local host_hash_key = vs_utils.get_host_hash_key(host, scan_type) local host_hash_value_string = ntop.getHashCache(host_to_scan_key, host_hash_key) @@ -476,9 +533,9 @@ end -- ********************************************************** -function vs_utils.schedule_host_scan(scan_type, host, ports) +function vs_utils.schedule_host_scan(scan_type, host, ports, scan_id) local scan = { scan_type = scan_type, host = host, ports = ports } - vs_utils.set_status_scan(scan_type, host, ports) + vs_utils.set_status_scan(scan_type, host, ports, scan_id) ntop.rpushCache(host_scan_queue_key, json.encode(scan)) @@ -492,7 +549,7 @@ function vs_utils.schedule_all_hosts_scan(scan_type, host, ports) if #host_to_scan_list > 0 then for _,scan_info in ipairs(host_to_scan_list) do - vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports) + vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports, scan_info.id) end end @@ -510,7 +567,7 @@ function vs_utils.schedule_periodic_scan(periodicity) local frequency = scan_info.scan_frequency if(frequency == periodicity) then - vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports) + vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports, scan_info.id) end end end @@ -528,7 +585,7 @@ function vs_utils.process_oldest_scheduled_scan() if((elem ~= nil) and (elem ~= "")) then local elem = json.decode(elem) - vs_utils.scan_host(elem.scan_type, elem.host, elem.ports) + vs_utils.scan_host(elem.scan_type, elem.host, elem.ports, elem.id) return true else diff --git a/scripts/lua/rest/v2/add/host/to_scan.lua b/scripts/lua/rest/v2/add/host/to_scan.lua index d2baf50a4559..1707cb8fdba5 100644 --- a/scripts/lua/rest/v2/add/host/to_scan.lua +++ b/scripts/lua/rest/v2/add/host/to_scan.lua @@ -14,6 +14,8 @@ local host = _GET["host"] local scan_type = _GET["scan_type"] local scan_ports = _GET["scan_ports"] local scan_frequency = _GET["auto_scan_frequency"] +local scan_id = _GET["scan_id"] or nil + local cidr = _GET["cidr"] @@ -24,12 +26,12 @@ end local result = nil if isEmptyString(cidr) then - result = vs_utils.save_host_to_scan(scan_type, host, nil, nil, nil, 5, scan_ports, scan_frequency) + result = vs_utils.save_host_to_scan(scan_type, host, nil, nil, nil, 5, scan_ports, scan_frequency, scan_id) else local hosts_to_save = vs_utils.get_active_hosts(host, cidr) for _,item in ipairs(hosts_to_save) do - result = vs_utils.save_host_to_scan(scan_type, item, nil, nil, nil, 5, scan_ports, scan_frequency) + result = vs_utils.save_host_to_scan(scan_type, item, nil, nil, nil, 5, scan_ports, scan_frequency, nil, nil, nil, scan_id ) end end diff --git a/scripts/lua/rest/v2/delete/host/delete_host_to_scan.lua b/scripts/lua/rest/v2/delete/host/delete_host_to_scan.lua index e41dd3fb19ca..3b9087133872 100644 --- a/scripts/lua/rest/v2/delete/host/delete_host_to_scan.lua +++ b/scripts/lua/rest/v2/delete/host/delete_host_to_scan.lua @@ -24,7 +24,7 @@ end local function delete_host_to_scan(ip, scan_type) - return vs_utils.delete_host_to_scan(ip, scan_type) + return vs_utils.delete_host_to_scan(ip, scan_type, false) end local function delete_all_hosts_to_scan() diff --git a/scripts/lua/rest/v2/exec/host/schedule_vulnerability_scan.lua b/scripts/lua/rest/v2/exec/host/schedule_vulnerability_scan.lua index fc385b907f89..63d486fed592 100644 --- a/scripts/lua/rest/v2/exec/host/schedule_vulnerability_scan.lua +++ b/scripts/lua/rest/v2/exec/host/schedule_vulnerability_scan.lua @@ -15,6 +15,7 @@ local host = _GET["host"] local scan_type = _GET["scan_type"] local ports = _GET["scan_ports"] local single_host = toboolean(_GET["scan_single_host"]) or false +local scan_id = _GET["scan_id"] if single_host then @@ -22,7 +23,7 @@ if single_host then rest_utils.answer(rest_utils.consts.err.invalid_args) end - local res = vs_utils.schedule_host_scan(scan_type, host, ports) + local res = vs_utils.schedule_host_scan(scan_type, host, ports, scan_id) if res then rest_utils.answer(rest_utils.consts.success.ok)