Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(scanner/windows): support installationType Domain Controller (#1627)

Browse Source
This commit is contained in:
MaineK00n
2023-03-28 21:04:17 +09:00
committed by GitHub
parent de1ed8ecaa
commit 8ccaa8c3ef
3 changed files with 145 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
scanner/scanner.go
View File

@@ -170,6 +170,7 @@ func ViaHTTP(header http.Header, body string, toLocalFile bool) (models.ScanResu
release := header.Get("X-Vuls-OS-Release")
if release == "" {
logging.Log.Debugf("osInfo(systeminfo.exe): %+v", osInfo)
release, err = detectOSName(osInfo)
if err != nil {
return models.ScanResult{}, xerrors.Errorf("Failed to detect os name. err: %w", err)

23
scanner/windows.go
View File

@@ -60,6 +60,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
return true, w
}
w.log.Debugf("osInfo(Registry): %+v", osInfo)
release, err := detectOSName(osInfo)
if err != nil {
w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -79,6 +80,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
return true, w
}
w.log.Debugf("osInfo(Get-ComputerInfo): %+v", osInfo)
release, err := detectOSName(osInfo)
if err != nil {
w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -97,6 +99,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
return true, w
}
w.log.Debugf("osInfo(Get-WmiObject): %+v", osInfo)
release, err := detectOSName(osInfo)
if err != nil {
w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -115,6 +118,7 @@ func detectWindows(c config.ServerInfo) (bool, osTypeInterface) {
return true, w
}
w.log.Debugf("osInfo(systeminfo.exe): %+v", osInfo)
release, err := detectOSName(osInfo)
if err != nil {
w.setErrs([]error{xerrors.Errorf("Failed to detect os name. err: %w", err)})
@@ -171,6 +175,8 @@ func parseSystemInfo(stdout string) (osInfo, []string, error) {
o.installationType = "Server"
case strings.Contains(line, "Workstation"):
o.installationType = "Client"
case strings.Contains(line, "Domain Controller"):
o.installationType = "Domain Controller"
default:
return osInfo{}, nil, xerrors.Errorf("Failed to detect installation type. line: %s", line)
}
@@ -453,7 +459,7 @@ func parseWmiObject(stdout string) (osInfo, error) {
case "2", "3":
o.installationType = "Server"
case "4", "5":
o.installationType = "Controller"
o.installationType = "Domain Controller"
default:
return osInfo{}, xerrors.Errorf("Failed to detect Installation Type from DomainRole. err: %s is invalid DomainRole", domainRole)
}
@@ -546,6 +552,7 @@ func parseRegistry(stdout, arch string) (osInfo, error) {
}
func detectOSName(osInfo osInfo) (string, error) {
osName, err := detectOSNameFromOSInfo(osInfo)
if err != nil {
return "", xerrors.Errorf("Failed to detect OS Name from OSInfo: %+v, err: %w", osInfo, err)
@@ -562,7 +569,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
return fmt.Sprintf("Microsoft Windows 2000 %s", osInfo.servicePack), nil
}
return "Microsoft Windows 2000", nil
case "Server":
case "Server", "Domain Controller":
if osInfo.servicePack != "" {
return fmt.Sprintf("Microsoft Windows 2000 Server %s", osInfo.servicePack), nil
}
@@ -613,7 +620,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
return fmt.Sprintf("%s %s", n, osInfo.servicePack), nil
}
return n, nil
case "Server":
case "Server", "Domain Controller":
n := "Microsoft Windows Server 2003"
if strings.Contains(osInfo.productName, "R2") {
n = "Microsoft Windows Server 2003 R2"
@@ -647,7 +654,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
return fmt.Sprintf("%s %s", n, osInfo.servicePack), nil
}
return n, nil
case "Server":
case "Server", "Domain Controller":
arch, err := formatArch(osInfo.arch)
if err != nil {
return "", err
@@ -677,7 +684,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
return fmt.Sprintf("Windows 7 for %s Systems %s", arch, osInfo.servicePack), nil
}
return fmt.Sprintf("Windows 7 for %s Systems", arch), nil
case "Server":
case "Server", "Domain Controller":
arch, err := formatArch(osInfo.arch)
if err != nil {
return "", err
@@ -704,7 +711,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
return "", err
}
return fmt.Sprintf("Windows 8 for %s Systems", arch), nil
case "Server":
case "Server", "Domain Controller":
return "Windows Server 2012", nil
case "Server Core":
return "Windows Server 2012 (Server Core installation)", nil
@@ -717,7 +724,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
return "", err
}
return fmt.Sprintf("Windows 8.1 for %s Systems", arch), nil
case "Server":
case "Server", "Domain Controller":
return "Windows Server 2012 R2", nil
case "Server Core":
return "Windows Server 2012 R2 (Server Core installation)", nil
@@ -746,7 +753,7 @@ func detectOSNameFromOSInfo(osInfo osInfo) (string, error) {
return "", err
}
return fmt.Sprintf("%s for %s Systems", name, arch), nil
case "Server":
case "Server", "Nano Server", "Domain Controller":
return formatNamebyBuild("Server", osInfo.build)
case "Server Core":
name, err := formatNamebyBuild("Server", osInfo.build)

130
scanner/windows_test.go
View File

@@ -18,7 +18,7 @@ func Test_parseSystemInfo(t *testing.T) {
wantErr bool
}{
{
name: "happy",
name: "Workstation",
args: `
Host Name: DESKTOP
OS Name: Microsoft Windows 10 Pro
@@ -83,6 +83,120 @@ Hyper-V Requirements: VM Monitor Mode Extensions: Yes
},
kbs: []string{"5012117", "4562830", "5003791", "5007401", "5012599", "5011651", "5005699"},
},
{
name: "Server",
args: `
Host Name: WIN-RIBN7SM07BK
OS Name: Microsoft Windows Server 2022 Standard
OS Version: 10.0.20348 N/A Build 20348
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Server
OS Build Type: Multiprocessor Free
Registered Owner: Windows User
Registered Organization:
Product ID: 00454-10000-00001-AA483
Original Install Date: 10/1/2021, 4:15:34 PM
System Boot Time: 10/22/2021, 8:36:55 AM
System Manufacturer: Microsoft Corporation
System Model: Virtual Machine
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: Intel64 Family 6 Model 158 Stepping 9 GenuineIntel ~2808 Mhz
BIOS Version: Microsoft Corporation Hyper-V UEFI Release v4.0, 12/17/2019
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 2,047 MB
Available Physical Memory: 900 MB
Virtual Memory: Max Size: 3,199 MB
Virtual Memory: Available: 2,143 MB
Virtual Memory: In Use: 1,056 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\WIN-RIBN7SM07BK
Hotfix(s): 3 Hotfix(s) Installed.
[01]: KB5004330
[02]: KB5005039
[03]: KB5005552
Network Card(s): 1 NIC(s) Installed.
[01]: Microsoft Hyper-V Network Adapter
Connection Name: Ethernet
DHCP Enabled: Yes
DHCP Server: 192.168.254.254
IP address(es)
[01]: 192.168.254.172
[02]: fe80::b4a1:11cc:2c4:4f57
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
`,
osInfo: osInfo{
productName: "Microsoft Windows Server 2022 Standard",
version: "10.0",
build: "20348",
revision: "",
edition: "",
servicePack: "",
arch: "x64-based",
installationType: "Server",
},
kbs: []string{"5004330", "5005039", "5005552"},
},
{
name: "Domain Controller",
args: `
Host Name: vuls
OS Name: Microsoft Windows Server 2019 Datacenter
OS Version: 10.0.17763 N/A Build 17763
OS Manufacturer: Microsoft Corporation
OS Configuration: Primary Domain Controller
OS Build Type: Multiprocessor Free
Registered Owner: N/A
Registered Organization: N/A
Product ID: 00430-00000-00000-AA602
Original Install Date: 1/16/2023, 10:04:07 AM
System Boot Time: 3/28/2023, 8:37:14 AM
System Manufacturer: Microsoft Corporation
System Model: Virtual Machine
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: Intel64 Family 6 Model 85 Stepping 4 GenuineIntel ~2095 Mhz
BIOS Version: Microsoft Corporation Hyper-V UEFI Release v4.1, 5/9/2022
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume3
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC) Coordinated Universal Time
Total Physical Memory: 16,383 MB
Available Physical Memory: 13,170 MB
Virtual Memory: Max Size: 18,431 MB
Virtual Memory: Available: 15,208 MB
Virtual Memory: In Use: 3,223 MB
Page File Location(s): C:\pagefile.sys
Domain: vuls
Logon Server: \\vuls
Hotfix(s): 5 Hotfix(s) Installed.
[01]: KB5022511
[02]: KB5012170
[03]: KB5023702
[04]: KB5020374
[05]: KB5023789
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
`,
osInfo: osInfo{
productName: "Microsoft Windows Server 2019 Datacenter",
version: "10.0",
build: "17763",
revision: "",
edition: "",
servicePack: "",
arch: "x64-based",
installationType: "Domain Controller",
},
kbs: []string{"5022511", "5012170", "5023702", "5020374", "5023789"},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
@@ -291,6 +405,20 @@ func Test_detectOSName(t *testing.T) {
},
want: "Windows Server 2022",
},
{
name: "Windows Server 2019",
args: osInfo{
productName: "Microsoft Windows Server 2019 Datacenter",
version: "10.0",
build: "17763",
revision: "",
edition: "",
servicePack: "",
arch: "x64-based",
installationType: "Domain Controller",
},
want: "Windows Server 2019",
},
{
name: "err",
args: osInfo{