From 518f4dc039ae90ec2c6add291eed8677d3492143 Mon Sep 17 00:00:00 2001 From: Kota Kanbe Date: Thu, 25 Feb 2021 10:13:51 +0900 Subject: [PATCH] refactor: VulnDict (#1183) --- config/config.go | 85 -------------- config/exploitconf.go | 74 ------------- config/gocvedictconf.go | 74 ------------- config/gostconf.go | 74 ------------- config/govaldictconf.go | 76 ------------- config/metasploitconf.go | 73 ------------ config/tomlloader.go | 16 ++- config/vulnDictConf.go | 232 +++++++++++++++++++++++++++++++++++++++ subcmds/report.go | 12 +- subcmds/server.go | 12 +- subcmds/tui.go | 12 +- 11 files changed, 261 insertions(+), 479 deletions(-) delete mode 100644 config/exploitconf.go delete mode 100644 config/gocvedictconf.go delete mode 100644 config/gostconf.go delete mode 100644 config/govaldictconf.go delete mode 100644 config/metasploitconf.go create mode 100644 config/vulnDictConf.go diff --git a/config/config.go b/config/config.go index b6722c39..7be8974d 100644 --- a/config/config.go +++ b/config/config.go @@ -133,37 +133,6 @@ func (c Config) checkSSHKeyExist() (errs []error) { return errs } -// ValidateOnReportDB validates configuration -func (c Config) ValidateOnReportDB() bool { - errs := []error{} - - if err := validateDB("cvedb", c.CveDict.Type, c.CveDict.SQLite3Path, c.CveDict.URL); err != nil { - errs = append(errs, err) - } - - if err := validateDB("ovaldb", c.OvalDict.Type, c.OvalDict.SQLite3Path, c.OvalDict.URL); err != nil { - errs = append(errs, err) - } - - if err := validateDB("gostdb", c.Gost.Type, c.Gost.SQLite3Path, c.Gost.URL); err != nil { - errs = append(errs, err) - } - - if err := validateDB("exploitdb", c.Exploit.Type, c.Exploit.SQLite3Path, c.Exploit.URL); err != nil { - errs = append(errs, err) - } - - if err := validateDB("msfdb", c.Metasploit.Type, c.Metasploit.SQLite3Path, c.Metasploit.URL); err != nil { - errs = append(errs, err) - } - - for _, err := range errs { - log.Error(err) - } - - return len(errs) == 0 -} - // ValidateOnReport validates configuration func (c Config) ValidateOnReport() bool { errs := []error{} @@ -205,22 +174,15 @@ func (c Config) ValidateOnReport() bool { // ValidateOnTui validates configuration func (c Config) ValidateOnTui() bool { errs := []error{} - if len(c.ResultsDir) != 0 { if ok, _ := govalidator.IsFilePath(c.ResultsDir); !ok { errs = append(errs, xerrors.Errorf( "JSON base directory must be a *Absolute* file path. -results-dir: %s", c.ResultsDir)) } } - - if err := validateDB("cvedb", c.CveDict.Type, c.CveDict.SQLite3Path, c.CveDict.URL); err != nil { - errs = append(errs, err) - } - for _, err := range errs { log.Error(err) } - return len(errs) == 0 } @@ -233,48 +195,6 @@ func (c Config) ValidateOnSaaS() bool { return len(saaserrs) == 0 } -// validateDB validates configuration -func validateDB(dictionaryDBName, dbType, dbPath, dbURL string) error { - log.Infof("-%s-type: %s, -%s-url: %s, -%s-path: %s", - dictionaryDBName, dbType, dictionaryDBName, dbURL, dictionaryDBName, dbPath) - - switch dbType { - case "sqlite3": - if dbURL != "" { - return xerrors.Errorf("To use SQLite3, specify -%s-type=sqlite3 and -%s-path. To use as http server mode, specify -%s-type=http and -%s-url", - dictionaryDBName, dictionaryDBName, dictionaryDBName, dictionaryDBName) - } - if ok, _ := govalidator.IsFilePath(dbPath); !ok { - return xerrors.Errorf("SQLite3 path must be a *Absolute* file path. -%s-path: %s", - dictionaryDBName, dbPath) - } - case "mysql": - if dbURL == "" { - return xerrors.Errorf(`MySQL connection string is needed. -%s-url="user:pass@tcp(localhost:3306)/dbname"`, - dictionaryDBName) - } - case "postgres": - if dbURL == "" { - return xerrors.Errorf(`PostgreSQL connection string is needed. -%s-url="host=myhost user=user dbname=dbname sslmode=disable password=password"`, - dictionaryDBName) - } - case "redis": - if dbURL == "" { - return xerrors.Errorf(`Redis connection string is needed. -%s-url="redis://localhost/0"`, - dictionaryDBName) - } - case "http": - if dbURL == "" { - return xerrors.Errorf(`URL is needed. -%s-url="http://localhost:1323"`, - dictionaryDBName) - } - default: - return xerrors.Errorf("%s type must be either 'sqlite3', 'mysql', 'postgres', 'redis' or 'http'. -%s-type: %s", - dictionaryDBName, dictionaryDBName, dbType) - } - return nil -} - // WpScanConf is wpscan.com config type WpScanConf struct { Token string `toml:"token,omitempty" json:"-"` @@ -397,8 +317,3 @@ type Container struct { Name string Image string } - -// VulnSrcConf is an interface of vulnsrc -type VulnSrcConf interface { - CheckHTTPHealth() error -} diff --git a/config/exploitconf.go b/config/exploitconf.go deleted file mode 100644 index 8a257ad2..00000000 --- a/config/exploitconf.go +++ /dev/null @@ -1,74 +0,0 @@ -package config - -import ( - "fmt" - "os" - "path/filepath" - "time" - - "github.com/parnurzeal/gorequest" - "golang.org/x/xerrors" -) - -// ExploitConf is exploit config -type ExploitConf struct { - // DB type for exploit dictionary (sqlite3, mysql, postgres or redis) - Type string - - // http://exploit-dictionary.com:1324 or DB connection string - URL string `json:"-"` - - // /path/to/exploit.sqlite3 - SQLite3Path string `json:"-"` -} - -func (cnf *ExploitConf) setDefault() { - if cnf.Type == "" { - cnf.Type = "sqlite3" - } - if cnf.URL == "" && cnf.SQLite3Path == "" { - wd, _ := os.Getwd() - cnf.SQLite3Path = filepath.Join(wd, "go-exploitdb.sqlite3") - } -} - -const exploitDBType = "EXPLOITDB_TYPE" -const exploitDBURL = "EXPLOITDB_URL" -const exploitDBPATH = "EXPLOITDB_SQLITE3_PATH" - -// Init set options with the following priority. -// 1. Environment variable -// 2. config.toml -func (cnf *ExploitConf) Init() { - if os.Getenv(exploitDBType) != "" { - cnf.Type = os.Getenv(exploitDBType) - } - if os.Getenv(exploitDBURL) != "" { - cnf.URL = os.Getenv(exploitDBURL) - } - if os.Getenv(exploitDBPATH) != "" { - cnf.SQLite3Path = os.Getenv(exploitDBPATH) - } - cnf.setDefault() -} - -// IsFetchViaHTTP returns wether fetch via http -func (cnf *ExploitConf) IsFetchViaHTTP() bool { - return cnf.Type == "http" -} - -// CheckHTTPHealth do health check -func (cnf *ExploitConf) CheckHTTPHealth() error { - if !cnf.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.URL) - resp, _, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to connect to exploit server. url: %s, errs: %s", url, errs) - } - return nil -} diff --git a/config/gocvedictconf.go b/config/gocvedictconf.go deleted file mode 100644 index 7e6bc923..00000000 --- a/config/gocvedictconf.go +++ /dev/null @@ -1,74 +0,0 @@ -package config - -import ( - "fmt" - "os" - "path/filepath" - "time" - - "github.com/parnurzeal/gorequest" - "golang.org/x/xerrors" -) - -// GoCveDictConf is go-cve-dictionary config -type GoCveDictConf struct { - // DB type of CVE dictionary (sqlite3, mysql, postgres or redis) - Type string - - // http://cve-dictionary.com:1323 or DB connection string - URL string `json:"-"` - - // /path/to/cve.sqlite3 - SQLite3Path string `json:"-"` -} - -func (cnf *GoCveDictConf) setDefault() { - if cnf.Type == "" { - cnf.Type = "sqlite3" - } - if cnf.URL == "" && cnf.SQLite3Path == "" { - wd, _ := os.Getwd() - cnf.SQLite3Path = filepath.Join(wd, "cve.sqlite3") - } -} - -const cveDBType = "CVEDB_TYPE" -const cveDBURL = "CVEDB_URL" -const cveDBPATH = "CVEDB_SQLITE3_PATH" - -// Init set options with the following priority. -// 1. Environment variable -// 2. config.toml -func (cnf *GoCveDictConf) Init() { - if os.Getenv(cveDBType) != "" { - cnf.Type = os.Getenv(cveDBType) - } - if os.Getenv(cveDBURL) != "" { - cnf.URL = os.Getenv(cveDBURL) - } - if os.Getenv(cveDBPATH) != "" { - cnf.SQLite3Path = os.Getenv(cveDBPATH) - } - cnf.setDefault() -} - -// IsFetchViaHTTP returns wether fetch via http -func (cnf *GoCveDictConf) IsFetchViaHTTP() bool { - return cnf.Type == "http" -} - -// CheckHTTPHealth checks http server status -func (cnf *GoCveDictConf) CheckHTTPHealth() error { - if !cnf.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.URL) - resp, _, errs := gorequest.New().Timeout(10 * time.Second).SetDebug(Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to request to CVE server. url: %s, errs: %s", - url, errs) - } - return nil -} diff --git a/config/gostconf.go b/config/gostconf.go deleted file mode 100644 index d2ec1ae3..00000000 --- a/config/gostconf.go +++ /dev/null @@ -1,74 +0,0 @@ -package config - -import ( - "fmt" - "os" - "path/filepath" - "time" - - "github.com/parnurzeal/gorequest" - "golang.org/x/xerrors" -) - -// GostConf is gost config -type GostConf struct { - // DB type for gost dictionary (sqlite3, mysql, postgres or redis) - Type string - - // http://gost-dictionary.com:1324 or DB connection string - URL string `json:"-"` - - // /path/to/gost.sqlite3 - SQLite3Path string `json:"-"` -} - -func (cnf *GostConf) setDefault() { - if cnf.Type == "" { - cnf.Type = "sqlite3" - } - if cnf.URL == "" && cnf.SQLite3Path == "" { - wd, _ := os.Getwd() - cnf.SQLite3Path = filepath.Join(wd, "gost.sqlite3") - } -} - -const gostDBType = "GOSTDB_TYPE" -const gostDBURL = "GOSTDB_URL" -const gostDBPATH = "GOSTDB_SQLITE3_PATH" - -// Init set options with the following priority. -// 1. Environment variable -// 2. config.toml -func (cnf *GostConf) Init() { - if os.Getenv(gostDBType) != "" { - cnf.Type = os.Getenv(gostDBType) - } - if os.Getenv(gostDBURL) != "" { - cnf.URL = os.Getenv(gostDBURL) - } - if os.Getenv(gostDBPATH) != "" { - cnf.SQLite3Path = os.Getenv(gostDBPATH) - } - cnf.setDefault() -} - -// IsFetchViaHTTP returns wether fetch via http -func (cnf *GostConf) IsFetchViaHTTP() bool { - return cnf.Type == "http" -} - -// CheckHTTPHealth do health check -func (cnf *GostConf) CheckHTTPHealth() error { - if !cnf.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.URL) - resp, _, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %s", url, errs) - } - return nil -} diff --git a/config/govaldictconf.go b/config/govaldictconf.go deleted file mode 100644 index 622545cd..00000000 --- a/config/govaldictconf.go +++ /dev/null @@ -1,76 +0,0 @@ -package config - -import ( - "fmt" - "os" - "path/filepath" - "time" - - "github.com/parnurzeal/gorequest" - "golang.org/x/xerrors" -) - -// GovalDictConf is goval-dictionary config -type GovalDictConf struct { - - // DB type of OVAL dictionary (sqlite3, mysql, postgres or redis) - Type string - - // http://goval-dictionary.com:1324 or DB connection string - URL string `json:"-"` - - // /path/to/oval.sqlite3 - SQLite3Path string `json:"-"` -} - -func (cnf *GovalDictConf) setDefault() { - if cnf.Type == "" { - cnf.Type = "sqlite3" - } - if cnf.URL == "" && cnf.SQLite3Path == "" { - wd, _ := os.Getwd() - cnf.SQLite3Path = filepath.Join(wd, "oval.sqlite3") - } -} - -const govalType = "OVALDB_TYPE" -const govalURL = "OVALDB_URL" -const govalPATH = "OVALDB_SQLITE3_PATH" - -// Init set options with the following priority. -// 1. Environment variable -// 2. config.toml -func (cnf *GovalDictConf) Init() { - if os.Getenv(govalType) != "" { - cnf.Type = os.Getenv(govalType) - } - if os.Getenv(govalURL) != "" { - cnf.URL = os.Getenv(govalURL) - } - if os.Getenv(govalPATH) != "" { - cnf.SQLite3Path = os.Getenv(govalPATH) - } - cnf.setDefault() -} - -// IsFetchViaHTTP returns wether fetch via http -func (cnf *GovalDictConf) IsFetchViaHTTP() bool { - return cnf.Type == "http" -} - -// CheckHTTPHealth do health check -func (cnf *GovalDictConf) CheckHTTPHealth() error { - if !cnf.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.URL) - resp, _, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to request to OVAL server. url: %s, errs: %s", - url, errs) - } - return nil -} diff --git a/config/metasploitconf.go b/config/metasploitconf.go deleted file mode 100644 index dd19e348..00000000 --- a/config/metasploitconf.go +++ /dev/null @@ -1,73 +0,0 @@ -package config - -import ( - "fmt" - "os" - "path/filepath" - - "github.com/parnurzeal/gorequest" - "golang.org/x/xerrors" -) - -// MetasploitConf is metasploit config -type MetasploitConf struct { - // DB type for metasploit dictionary (sqlite3, mysql, postgres or redis) - Type string - - // http://metasploit-dictionary.com:1324 or DB connection string - URL string `json:"-"` - - // /path/to/metasploit.sqlite3 - SQLite3Path string `json:"-"` -} - -func (cnf *MetasploitConf) setDefault() { - if cnf.Type == "" { - cnf.Type = "sqlite3" - } - if cnf.URL == "" && cnf.SQLite3Path == "" { - wd, _ := os.Getwd() - cnf.SQLite3Path = filepath.Join(wd, "go-msfdb.sqlite3") - } -} - -const metasploitDBType = "METASPLOITDB_TYPE" -const metasploitDBURL = "METASPLOITDB_URL" -const metasploitDBPATH = "METASPLOITDB_SQLITE3_PATH" - -// Init set options with the following priority. -// 1. Environment variable -// 2. config.toml -func (cnf *MetasploitConf) Init() { - if os.Getenv(metasploitDBType) != "" { - cnf.Type = os.Getenv(metasploitDBType) - } - if os.Getenv(metasploitDBURL) != "" { - cnf.URL = os.Getenv(metasploitDBURL) - } - if os.Getenv(metasploitDBPATH) != "" { - cnf.SQLite3Path = os.Getenv(metasploitDBPATH) - } - cnf.setDefault() -} - -// IsFetchViaHTTP returns wether fetch via http -func (cnf *MetasploitConf) IsFetchViaHTTP() bool { - return cnf.Type == "http" -} - -// CheckHTTPHealth do health check -func (cnf *MetasploitConf) CheckHTTPHealth() error { - if !cnf.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.URL) - resp, _, errs := gorequest.New().Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to connect to metasploit server. url: %s, errs: %s", url, errs) - } - return nil -} diff --git a/config/tomlloader.go b/config/tomlloader.go index f2b73ef7..b3688d62 100644 --- a/config/tomlloader.go +++ b/config/tomlloader.go @@ -16,14 +16,20 @@ type TOMLLoader struct { // Load load the configuration TOML file specified by path arg. func (c TOMLLoader) Load(pathToToml, keyPass string) error { + // util.Log.Infof("Loading config: %s", pathToToml) if _, err := toml.DecodeFile(pathToToml, &Conf); err != nil { return err } - Conf.CveDict.Init() - Conf.OvalDict.Init() - Conf.Gost.Init() - Conf.Exploit.Init() - Conf.Metasploit.Init() + + for _, cnf := range []VulnDictInterface{ + &Conf.CveDict, + &Conf.OvalDict, + &Conf.Gost, + &Conf.Exploit, + &Conf.Metasploit, + } { + cnf.Init() + } index := 0 for name, server := range Conf.Servers { diff --git a/config/vulnDictConf.go b/config/vulnDictConf.go new file mode 100644 index 00000000..3d26a61a --- /dev/null +++ b/config/vulnDictConf.go @@ -0,0 +1,232 @@ +package config + +import ( + "fmt" + "os" + "path/filepath" + "time" + + "github.com/asaskevich/govalidator" + "github.com/parnurzeal/gorequest" + log "github.com/sirupsen/logrus" + "golang.org/x/xerrors" +) + +// VulnDictInterface is an interface of vulnsrc +type VulnDictInterface interface { + CheckHTTPHealth() error + Init() + Validate() error +} + +// VulnDict is a base struct of vuln dicts +type VulnDict struct { + Name string + + // DB type of CVE dictionary (sqlite3, mysql, postgres or redis) + Type string + + // http://cve-dictionary.com:1323 or DB connection string + URL string `json:"-"` + + // /path/to/cve.sqlite3 + SQLite3Path string `json:"-"` +} + +// Validate settings +func (cnf *VulnDict) Validate() error { + log.Infof("%s.type=%s, %s.url=%s, %s.SQLite3Path=%s", + cnf.Name, cnf.Type, cnf.Name, cnf.URL, cnf.Name, cnf.SQLite3Path) + + switch cnf.Type { + case "sqlite3": + if cnf.URL != "" { + return xerrors.Errorf("To use SQLite3, specify %s.type=sqlite3 and %s.SQLite3Path. To use as HTTP server mode, specify %s.type=http and %s.url", + cnf.Name, cnf.Name, cnf.Name, cnf.Name) + } + if ok, _ := govalidator.IsFilePath(cnf.SQLite3Path); !ok { + return xerrors.Errorf("SQLite3 path must be a *Absolute* file path. %s.SQLite3Path: %s", + cnf.Name, cnf.SQLite3Path) + } + case "mysql": + if cnf.URL == "" { + return xerrors.Errorf(`MySQL connection string is needed. %s.url="user:pass@tcp(localhost:3306)/dbname"`, cnf.Name) + } + case "postgres": + if cnf.URL == "" { + return xerrors.Errorf(`PostgreSQL connection string is needed. %s.url="host=myhost user=user dbname=dbname sslmode=disable password=password"`, cnf.Name) + } + case "redis": + if cnf.URL == "" { + return xerrors.Errorf(`Redis connection string is needed. %s.url="redis://localhost/0"`, cnf.Name) + } + case "http": + if cnf.URL == "" { + return xerrors.Errorf(`URL is needed. -%s-url="http://localhost:1323"`, cnf.Name) + } + default: + return xerrors.Errorf("%s.type must be either 'sqlite3', 'mysql', 'postgres', 'redis' or 'http'. %s.type: %s", cnf.Name, cnf.Name, cnf.Type) + } + return nil +} + +func (cnf *VulnDict) setDefault(sqlite3Name string) { + if cnf.Type == "" { + cnf.Type = "sqlite3" + } + if cnf.URL == "" && cnf.SQLite3Path == "" { + wd, _ := os.Getwd() + cnf.SQLite3Path = filepath.Join(wd, sqlite3Name) + } +} + +// IsFetchViaHTTP returns if fetch via HTTP +func (cnf *VulnDict) IsFetchViaHTTP() bool { + return cnf.Type == "http" +} + +// CheckHTTPHealth checks http server status +func (cnf *VulnDict) CheckHTTPHealth() error { + if !cnf.IsFetchViaHTTP() { + return nil + } + + url := fmt.Sprintf("%s/health", cnf.URL) + resp, _, errs := gorequest.New().Timeout(10 * time.Second).SetDebug(Conf.Debug).Get(url).End() + // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() + if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { + return xerrors.Errorf("Failed to request to CVE server. url: %s, errs: %s", + url, errs) + } + return nil +} + +// GovalDictConf is goval-dictionary config +type GovalDictConf struct { + VulnDict +} + +const govalType = "OVALDB_TYPE" +const govalURL = "OVALDB_URL" +const govalPATH = "OVALDB_SQLITE3_PATH" + +// Init set options with the following priority. +// 1. Environment variable +// 2. config.toml +func (cnf *GovalDictConf) Init() { + cnf.Name = "ovalDict" + if os.Getenv(govalType) != "" { + cnf.Type = os.Getenv(govalType) + } + if os.Getenv(govalURL) != "" { + cnf.URL = os.Getenv(govalURL) + } + if os.Getenv(govalPATH) != "" { + cnf.SQLite3Path = os.Getenv(govalPATH) + } + cnf.setDefault("oval.sqlite3") +} + +// ExploitConf is exploit config +type ExploitConf struct { + VulnDict +} + +const exploitDBType = "EXPLOITDB_TYPE" +const exploitDBURL = "EXPLOITDB_URL" +const exploitDBPATH = "EXPLOITDB_SQLITE3_PATH" + +// Init set options with the following priority. +// 1. Environment variable +// 2. config.toml +func (cnf *ExploitConf) Init() { + cnf.Name = "exploit" + if os.Getenv(exploitDBType) != "" { + cnf.Type = os.Getenv(exploitDBType) + } + if os.Getenv(exploitDBURL) != "" { + cnf.URL = os.Getenv(exploitDBURL) + } + if os.Getenv(exploitDBPATH) != "" { + cnf.SQLite3Path = os.Getenv(exploitDBPATH) + } + cnf.setDefault("go-exploitdb.sqlite3") +} + +// GoCveDictConf is GoCveDict config +type GoCveDictConf struct { + VulnDict +} + +const cveDBType = "CVEDB_TYPE" +const cveDBURL = "CVEDB_URL" +const cveDBPATH = "CVEDB_SQLITE3_PATH" + +// Init set options with the following priority. +// 1. Environment variable +// 2. config.toml +func (cnf *GoCveDictConf) Init() { + cnf.Name = "cveDict" + if os.Getenv(cveDBType) != "" { + cnf.Type = os.Getenv(cveDBType) + } + if os.Getenv(cveDBURL) != "" { + cnf.URL = os.Getenv(cveDBURL) + } + if os.Getenv(cveDBPATH) != "" { + cnf.SQLite3Path = os.Getenv(cveDBPATH) + } + cnf.setDefault("cve.sqlite3") +} + +// GostConf is gost config +type GostConf struct { + VulnDict +} + +const gostDBType = "GOSTDB_TYPE" +const gostDBURL = "GOSTDB_URL" +const gostDBPATH = "GOSTDB_SQLITE3_PATH" + +// Init set options with the following priority. +// 1. Environment variable +// 2. config.toml +func (cnf *GostConf) Init() { + cnf.Name = "gost" + if os.Getenv(gostDBType) != "" { + cnf.Type = os.Getenv(gostDBType) + } + if os.Getenv(gostDBURL) != "" { + cnf.URL = os.Getenv(gostDBURL) + } + if os.Getenv(gostDBPATH) != "" { + cnf.SQLite3Path = os.Getenv(gostDBPATH) + } + cnf.setDefault("gost.sqlite3") +} + +// MetasploitConf is gost go-metasploitdb +type MetasploitConf struct { + VulnDict +} + +const metasploitDBType = "METASPLOITDB_TYPE" +const metasploitDBURL = "METASPLOITDB_URL" +const metasploitDBPATH = "METASPLOITDB_SQLITE3_PATH" + +// Init set options with the following priority. +// 1. Environment variable +// 2. config.toml +func (cnf *MetasploitConf) Init() { + cnf.Name = "metasploit" + if os.Getenv(metasploitDBType) != "" { + cnf.Type = os.Getenv(metasploitDBType) + } + if os.Getenv(metasploitDBURL) != "" { + cnf.URL = os.Getenv(metasploitDBURL) + } + if os.Getenv(metasploitDBPATH) != "" { + cnf.SQLite3Path = os.Getenv(metasploitDBPATH) + } + cnf.setDefault("go-msfdb.sqlite3") +} diff --git a/subcmds/report.go b/subcmds/report.go index 4b505fcc..0fec1571 100644 --- a/subcmds/report.go +++ b/subcmds/report.go @@ -243,18 +243,18 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{} r.ServerInfo(), pp.Sprintf("%s", c.Conf.Servers[r.ServerName])) } - util.Log.Info("Validating db config...") - if !c.Conf.ValidateOnReportDB() { - return subcommands.ExitUsageError - } - - for _, cnf := range []config.VulnSrcConf{ + for _, cnf := range []config.VulnDictInterface{ &c.Conf.CveDict, &c.Conf.OvalDict, &c.Conf.Gost, &c.Conf.Exploit, &c.Conf.Metasploit, } { + if err := cnf.Validate(); err != nil { + util.Log.Errorf("Failed to validate VulnDict: %+v", err) + return subcommands.ExitFailure + } + if err := cnf.CheckHTTPHealth(); err != nil { util.Log.Errorf("Run as server mode before reporting: %+v", err) return subcommands.ExitFailure diff --git a/subcmds/server.go b/subcmds/server.go index e64975f6..3cae21ce 100644 --- a/subcmds/server.go +++ b/subcmds/server.go @@ -99,18 +99,18 @@ func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{} return subcommands.ExitUsageError } - util.Log.Info("Validating db config...") - if !c.Conf.ValidateOnReportDB() { - return subcommands.ExitUsageError - } - - for _, cnf := range []config.VulnSrcConf{ + for _, cnf := range []config.VulnDictInterface{ &c.Conf.CveDict, &c.Conf.OvalDict, &c.Conf.Gost, &c.Conf.Exploit, &c.Conf.Metasploit, } { + if err := cnf.Validate(); err != nil { + util.Log.Errorf("Failed to validate VulnDict: %+v", err) + return subcommands.ExitFailure + } + if err := cnf.CheckHTTPHealth(); err != nil { util.Log.Errorf("Run as server mode before reporting: %+v", err) return subcommands.ExitFailure diff --git a/subcmds/tui.go b/subcmds/tui.go index 2ae3fdaa..40df1376 100644 --- a/subcmds/tui.go +++ b/subcmds/tui.go @@ -138,18 +138,18 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s } util.Log.Infof("Loaded: %s", dir) - util.Log.Info("Validating db config...") - if !c.Conf.ValidateOnReportDB() { - return subcommands.ExitUsageError - } - - for _, cnf := range []config.VulnSrcConf{ + for _, cnf := range []config.VulnDictInterface{ &c.Conf.CveDict, &c.Conf.OvalDict, &c.Conf.Gost, &c.Conf.Exploit, &c.Conf.Metasploit, } { + if err := cnf.Validate(); err != nil { + util.Log.Errorf("Failed to validate VulnDict: %+v", err) + return subcommands.ExitFailure + } + if err := cnf.CheckHTTPHealth(); err != nil { util.Log.Errorf("Run as server mode before reporting: %+v", err) return subcommands.ExitFailure