pdf/bronzeburner
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

* docs(README.md): update formatting and section titles

Browse source 
* refactor(scan.py): enhance logging details and rename returncode to return_code
This commit is contained in:
Darryl Nixon 2023-09-06 19:43:41 -07:00
parent 329fce6ccb
commit 03da628584
2 changed files with 13 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -16,7 +16,7 @@ use it to monitor your enterprise's ports over time<br/>
## About ## About
*bronzeburner* is a utility for any sized corporation to help manage exposed services and ports against threats both internal and exterinal. `bronzeburner` is a utility for any sized corporation to help manage exposed services and ports against threats both internal and exterinal.
As firewalls are modified or replaced, rules can be misconfigured so that addresses or ports are available externally that perhaps shouldn't be. As firewalls are modified or replaced, rules can be misconfigured so that addresses or ports are available externally that perhaps shouldn't be.
Initially, bronzeburner was going to be a passive perimeter monitor using nfqueue (and alternatively, XDP) to inspect communications. After Initially, bronzeburner was going to be a passive perimeter monitor using nfqueue (and alternatively, XDP) to inspect communications. After
@ -40,9 +40,9 @@ Unfortunately, this means several useful libraries are yet incompatible (e.g., u
- [Grafana](https://github.com/grafana/grafana) (optional, recommended) - [Grafana](https://github.com/grafana/grafana) (optional, recommended)
- Docker (recommended) - Docker (recommended)
### Instructions ### Getting Started
These instructions assume you're running a Linux or macOS system. If you aren't, the instructions can easily be adapted. These basic instructions assume you're running a Linux or macOS system. If you aren't, the instructions can easily be adapted.
If you don't already use [pyenv](https://github.com/pyenv/pyenv), look into using it to manage your Python versions. Use it to install If you don't already use [pyenv](https://github.com/pyenv/pyenv), look into using it to manage your Python versions. Use it to install
Pypy3.10 or install it manually. For macOS users, Pypy3.10 can be installed with `brew install pypy3.10`. Pypy3.10 or install it manually. For macOS users, Pypy3.10 can be installed with `brew install pypy3.10`.

16
bronzeburner/scan.py
View file

@ -27,7 +27,11 @@ async def parse_output_line(db: InfluxDB, line: str) -> None:
port_entries = PORT_ENTRY_RE.findall(port_findings) port_entries = PORT_ENTRY_RE.findall(port_findings)
parsed_ports = [PortEntry(*p) for p in port_entries] parsed_ports = [PortEntry(*p) for p in port_entries]
logger.info(f"Found {len(port_entries)} ports for {host_ip}: {','.join(str(p.port) for p in parsed_ports)}") logger.warning(f"Found {len(port_entries)} ports for {host_ip}")
for p in parsed_ports:
logger.info(
f"{host_ip}:{p.port} is {p.state} ({p.protocol}) with service {p.service}, version ({p.version}), and rpc_info ({p.rpc_info})"
)
if await db.insert(host_ip, parsed_ports): if await db.insert(host_ip, parsed_ports):
logger.info(f"Successfully wrote {len(parsed_ports)} ports to InfluxDB") logger.info(f"Successfully wrote {len(parsed_ports)} ports to InfluxDB")
@ -67,10 +71,10 @@ async def run_rustscan(args: argparse.Namespace) -> int:
process = await asyncio.create_subprocess_exec(*rustscan_args, stdout=asyncio.subprocess.PIPE) process = await asyncio.create_subprocess_exec(*rustscan_args, stdout=asyncio.subprocess.PIPE)
async for line in process.stdout: async for line in process.stdout:
await parse_output_line(args.db, line.decode().strip()) await parse_output_line(args.db, line.decode())
returncode = await process.wait() return_code = await process.wait()
if returncode != 0: if return_code != 0:
logger.critical(f"rustscan exited with code {returncode}") logger.critical(f"rustscan exited with code {return_code}")
return returncode return return_code