From 03da6285846840878619b48daa007af89d67c2ec Mon Sep 17 00:00:00 2001 From: Darryl Nixon Date: Wed, 6 Sep 2023 19:43:41 -0700 Subject: [PATCH] * docs(README.md): update formatting and section titles * refactor(scan.py): enhance logging details and rename returncode to return_code --- README.md | 6 +++--- bronzeburner/scan.py | 16 ++++++++++------ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 5da5f8f..1476234 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ use it to monitor your enterprise's ports over time
## About -*bronzeburner* is a utility for any sized corporation to help manage exposed services and ports against threats both internal and exterinal. +`bronzeburner` is a utility for any sized corporation to help manage exposed services and ports against threats both internal and exterinal. As firewalls are modified or replaced, rules can be misconfigured so that addresses or ports are available externally that perhaps shouldn't be. Initially, bronzeburner was going to be a passive perimeter monitor using nfqueue (and alternatively, XDP) to inspect communications. After @@ -40,9 +40,9 @@ Unfortunately, this means several useful libraries are yet incompatible (e.g., u - [Grafana](https://github.com/grafana/grafana) (optional, recommended) - Docker (recommended) -### Instructions +### Getting Started -These instructions assume you're running a Linux or macOS system. If you aren't, the instructions can easily be adapted. +These basic instructions assume you're running a Linux or macOS system. If you aren't, the instructions can easily be adapted. If you don't already use [pyenv](https://github.com/pyenv/pyenv), look into using it to manage your Python versions. Use it to install Pypy3.10 or install it manually. For macOS users, Pypy3.10 can be installed with `brew install pypy3.10`. diff --git a/bronzeburner/scan.py b/bronzeburner/scan.py index e35c3cc..6afea30 100644 --- a/bronzeburner/scan.py +++ b/bronzeburner/scan.py @@ -27,7 +27,11 @@ async def parse_output_line(db: InfluxDB, line: str) -> None: port_entries = PORT_ENTRY_RE.findall(port_findings) parsed_ports = [PortEntry(*p) for p in port_entries] - logger.info(f"Found {len(port_entries)} ports for {host_ip}: {','.join(str(p.port) for p in parsed_ports)}") + logger.warning(f"Found {len(port_entries)} ports for {host_ip}") + for p in parsed_ports: + logger.info( + f"{host_ip}:{p.port} is {p.state} ({p.protocol}) with service {p.service}, version ({p.version}), and rpc_info ({p.rpc_info})" + ) if await db.insert(host_ip, parsed_ports): logger.info(f"Successfully wrote {len(parsed_ports)} ports to InfluxDB") @@ -67,10 +71,10 @@ async def run_rustscan(args: argparse.Namespace) -> int: process = await asyncio.create_subprocess_exec(*rustscan_args, stdout=asyncio.subprocess.PIPE) async for line in process.stdout: - await parse_output_line(args.db, line.decode().strip()) + await parse_output_line(args.db, line.decode()) - returncode = await process.wait() - if returncode != 0: - logger.critical(f"rustscan exited with code {returncode}") + return_code = await process.wait() + if return_code != 0: + logger.critical(f"rustscan exited with code {return_code}") - return returncode + return return_code