#!/usr/bin/perl # # scanmonitor .0.0.4 alpha # author - isac balder # date - 200100503 # # scanmonitor was written to provide a means of looping individual scan runs into a constant chain of events. # the goal is to scan as many hosts in as short a period of time with minimal empty cycles between scan jobs. # scan monitor was originally written to complement seccubus as a replacement of cron for scan job scheduling. # # Version History # 20100406 - 0.0.0 alpha - initial script # 20100408 - 0.0.1 alpha - working prototype # 20100412 - 0.0.2 alpha - Script was sporadically skipping scan groups. Beleive this was related to the use # of the eval function. Changed execution of the do-scan command to use the system function. # This change gives a permission denied error but other wise seems to be operating. Executed as seccubus # 20100503 - 0.0.3 alpha - minor mods to debug messages and lines 66, 81. Need to add the scangrp input file as a cli argument. # 20100603 - 0.0.4 alpha - added a 5 minute sleep on line 91 between scans to throttle the process. use strict; use warnings; package scanm; use Getopt::Std; our $VERSION = '0.0.4 alpha'; our $opt_h; # set usage menu # - - - - - - - - - - - - - - - - - - - - - - - # In the future expand this out to actual options. # run more than one process per engine # accept user defined scan groups # add debug option getopts("h"); if ($opt_h) { print "$0 (perl $] running as PID $$\n"; print "scanmonitor v$VERSION by isac (piis8\@yahoo.com)\n"; print " -h will show this help menu\n\n"; exit; } # check for a pre-existing scanmonitor process # - - - - - - - - - - - - - - - - - - - - - - - #sub single_monitor { my $DOSM = `ps -ef | grep scanmonitor | grep -v $$ | grep -v grep | grep -v vi`; if ( $DOSM ) { # print $DOSM; #debugging line print "A scanmonitor process is already running. Recommend a single scanmonitor per scan engine.\n"; exit 0; } else { print "Initiating new scanmonitor process.\n\n..\n\n"; } #} # pull scan group information # - - - - - - - - - - - - - - - - - - - - - - - # to populate a file of all groups us the following on your local cli # ls /home/seccubus/var/ >> /home/seccubus/var/scangrps-scan2.txt #sub scan_group { my $SCANGRPS = "/home/seccubus/var/scangrps.txt"; my $LINCNT = `wc -l < $SCANGRPS`; # print "$LINCNT, debug print line for the number of lines in scangrps.txt\n"; #debugging line #} # begin scan loop # - - - - - - - - - - - - - - - - - - - - - - - # Scan loop recieves errors on the terminal, looks like nessus data is getting passed back to the process. # Errors do not seem to be causing issues, however need to figure them out and clean them up. # Errors may be related to the summary report generated by process-scan.pl #sub scan_loop { my $SCANNUM = "1"; while ($SCANNUM <= $LINCNT) { my $SCANTARGET = `head -n $SCANNUM /home/seccubus/var/scangrps.txt | tail -n 1`; my $SCANCMD = "/home/seccubus/bin/do-scan $SCANTARGET"; print "about to scan target subnet $SCANTARGET, calling $SCANCMD"; #debugging line print "scanning subnet number $SCANNUM\n\n"; #debugging line # eval `$SCANCMD`; # do `$SCANCMD`; system `$SCANCMD`; $SCANNUM++; #print "about to scan the next subnet number $SCANNUM\n"; #debugging line sleep 300; if ( $SCANNUM > $LINCNT ) { $SCANNUM = "1"; print "entire scan loop completed. scan number reset.\n\n..\n\n"; #debugging line } } #} __END__