#!/usr/bin/env python
# -*- coding: utf-8 -*-
# ***********************IMPORTANT NMAP LICENSE TERMS************************
# * *
# * The Nmap Security Scanner is (C) 1996-2012 Insecure.Com LLC. Nmap is *
# * also a registered trademark of Insecure.Com LLC. This program is free *
# * software; you may redistribute and/or modify it under the terms of the *
# * GNU General Public License as published by the Free Software *
# * Foundation; Version 2 with the clarifications and exceptions described *
# * below. This guarantees your right to use, modify, and redistribute *
# * this software under certain conditions. If you wish to embed Nmap *
# * technology into proprietary software, we sell alternative licenses *
# * (contact sales@insecure.com). Dozens of software vendors already *
# * license Nmap technology such as host discovery, port scanning, OS *
# * detection, version detection, and the Nmap Scripting Engine. *
# * *
# * Note that the GPL places important restrictions on "derived works", yet *
# * it does not provide a detailed definition of that term. To avoid *
# * misunderstandings, we interpret that term as broadly as copyright law *
# * allows. For example, we consider an application to constitute a *
# * "derivative work" for the purpose of this license if it does any of the *
# * following: *
# * o Integrates source code from Nmap *
# * o Reads or includes Nmap copyrighted data files, such as *
# * nmap-os-db or nmap-service-probes. *
# * o Executes Nmap and parses the results (as opposed to typical shell or *
# * execution-menu apps, which simply display raw Nmap output and so are *
# * not derivative works.) *
# * o Integrates/includes/aggregates Nmap into a proprietary executable *
# * installer, such as those produced by InstallShield. *
# * o Links to a library or executes a program that does any of the above *
# * *
# * The term "Nmap" should be taken to also include any portions or derived *
# * works of Nmap, as well as other software we distribute under this *
# * license such as Zenmap, Ncat, and Nping. This list is not exclusive, *
# * but is meant to clarify our interpretation of derived works with some *
# * common examples. Our interpretation applies only to Nmap--we don't *
# * speak for other people's GPL works. *
# * *
# * If you have any questions about the GPL licensing restrictions on using *
# * Nmap in non-GPL works, we would be happy to help. As mentioned above, *
# * we also offer alternative license to integrate Nmap into proprietary *
# * applications and appliances. These contracts have been sold to dozens *
# * of software vendors, and generally include a perpetual license as well *
# * as providing for priority support and updates. They also fund the *
# * continued development of Nmap. Please email sales@insecure.com for *
# * further information. *
# * *
# * As a special exception to the GPL terms, Insecure.Com LLC grants *
# * permission to link the code of this program with any version of the *
# * OpenSSL library which is distributed under a license identical to that *
# * listed in the included docs/licenses/OpenSSL.txt file, and distribute *
# * linked combinations including the two. You must obey the GNU GPL in all *
# * respects for all of the code used other than OpenSSL. If you modify *
# * this file, you may extend this exception to your version of the file, *
# * but you are not obligated to do so. *
# * *
# * If you received these files with a written license agreement or *
# * contract stating terms other than the terms above, then that *
# * alternative license agreement takes precedence over these comments. *
# * *
# * Source is provided to this software because we believe users have a *
# * right to know exactly what a program is going to do before they run it. *
# * This also allows you to audit the software for security holes (none *
# * have been found so far). *
# * *
# * Source code also allows you to port Nmap to new platforms, fix bugs, *
# * and add new features. You are highly encouraged to send your changes *
# * to nmap-dev@insecure.org for possible incorporation into the main *
# * distribution. By sending these changes to Fyodor or one of the *
# * Insecure.Org development mailing lists, or checking them into the Nmap *
# * source code repository, it is understood (unless you specify otherwise) *
# * that you are offering the Nmap Project (Insecure.Com LLC) the *
# * unlimited, non-exclusive right to reuse, modify, and relicense the *
# * code. Nmap will always be available Open Source, but this is important *
# * because the inability to relicense code has caused devastating problems *
# * for other Free Software projects (such as KDE and NASM). We also *
# * occasionally relicense the code to third parties as discussed above. *
# * If you wish to specify special license conditions of your *
# * contributions, just say so when you send them. *
# * *
# * This program is distributed in the hope that it will be useful, but *
# * WITHOUT ANY WARRANTY; without even the implied warranty of *
# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
# * General Public License v2.0 for more details at *
# * http://www.gnu.org/licenses/gpl-2.0.html , or in the COPYING file *
# * included with Nmap. *
# * *
# ***************************************************************************/
import gobject
import gtk
import pango
import os
import os.path
import sys
import xml.sax
from zenmapGUI.higwidgets.higdialogs import HIGAlertDialog, HIGDialog
from zenmapGUI.higwidgets.higboxes import HIGVBox, HIGHBox, hig_box_space_holder
from zenmapGUI.higwidgets.higlabels import HIGSectionLabel
from zenmapGUI.higwidgets.higtables import HIGTable
from zenmapGUI.higwidgets.higbuttons import HIGButton
from zenmapCore.NmapParser import NmapParser
from zenmapCore.UmitLogging import log
import zenmapCore.I18N
import zenmapCore.Diff
from zenmapGUI.FileChoosers import ResultsFileSingleChooserDialog
# In milliseconds.
NDIFF_CHECK_TIMEOUT = 200
class ScanChooser(HIGVBox):
"""This class allows the selection of scan results from the list of open
tabs or from a file. It emits the "changed" signal when the scan selection
has changed."""
__gsignals__ = {
"changed": (gobject.SIGNAL_RUN_FIRST, gobject.TYPE_NONE, ())
}
def __init__(self, scans, title):
self.__gobject_init__()
self.title = title
self.scan_dict = {}
# Setting HIGVBox
self.set_border_width(5)
self.set_spacing(6)
self._create_widgets()
self._pack_hbox()
self._attaching_widgets()
self._set_scrolled()
self._set_text_view()
self._set_open_button()
for scan in scans:
self.add_scan(scan.scan_name or scan.get_nmap_command(), scan)
self.combo_scan.connect('changed', self.show_scan)
self.combo_scan.connect('changed', lambda x: self.emit('changed'))
self._pack_noexpand_nofill(self.lbl_scan)
self._pack_expand_fill(self.hbox)
def _create_widgets(self):
self.lbl_scan = HIGSectionLabel(self.title)
self.hbox = HIGHBox()
self.table = HIGTable()
self.list_scan = gtk.ListStore(str)
self.combo_scan = gtk.ComboBoxEntry(self.list_scan, 0)
self.btn_open_scan = gtk.Button(stock=gtk.STOCK_OPEN)
self.exp_scan = gtk.Expander(_("Scan Output"))
self.scrolled = gtk.ScrolledWindow()
self.txt_scan_result = gtk.TextView()
self.txg_tag = gtk.TextTag("scan_style")
def get_buffer(self):
return self.txt_scan_result.get_buffer()
def show_scan (self, widget):
nmap_output = self.get_nmap_output()
if nmap_output is not None:
self.txt_scan_result.get_buffer().set_text(nmap_output)
def normalize_output(self, output):
return "\n".join(output.split("\\n"))
def _pack_hbox (self):
self.hbox._pack_noexpand_nofill(hig_box_space_holder())
self.hbox._pack_expand_fill(self.table)
def _attaching_widgets (self):
self.table.attach(self.combo_scan, 0,1,0,1, yoptions=0)
self.table.attach(self.btn_open_scan, 1,2,0,1, yoptions=0, xoptions=0)
self.table.attach(self.exp_scan, 0,2,1,2)
def _set_scrolled(self):
self.scrolled.set_border_width(5)
self.scrolled.set_size_request(-1, 130)
# Packing scrolled window into expander
self.exp_scan.add(self.scrolled)
# Packing text view into scrolled window
self.scrolled.add_with_viewport(self.txt_scan_result)
# Setting scrolled window
self.scrolled.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC)
def _set_text_view (self):
self.txg_table = self.txt_scan_result.get_buffer().get_tag_table()
self.txg_table.add(self.txg_tag)
self.txg_tag.set_property("family", "Monospace")
self.txt_scan_result.set_wrap_mode(gtk.WRAP_WORD)
self.txt_scan_result.set_editable(False)
self.txt_scan_result.get_buffer().connect("changed", self._text_changed_cb)
def _set_open_button (self):
self.btn_open_scan.connect('clicked', self.open_file)
def open_file (self, widget):
file_chooser = ResultsFileSingleChooserDialog(_("Select Scan Result"))
response = file_chooser.run()
file_chosen = file_chooser.get_filename()
file_chooser.destroy()
if response == gtk.RESPONSE_OK:
try:
parser = NmapParser()
parser.parse_file(file_chosen)
except xml.sax.SAXParseException, e:
alert = HIGAlertDialog(
message_format='%s' % _('Error parsing file'),
secondary_text=_("The file is not an Nmap XML output file. \
The parsing error that occurred was\n%s") % str(e))
alert.run()
alert.destroy()
return False
except Exception, e:
alert = HIGAlertDialog(
message_format='%s' % _('Cannot open selected file'),
secondary_text=_("This error occurred while trying to open the file:\n%s") % str(e))
alert.run()
alert.destroy()
return False
scan_name = os.path.split(file_chosen)[-1]
self.add_scan(scan_name, parser)
self.combo_scan.set_active(len(self.list_scan) - 1)
def add_scan(self, scan_name, parser):
scan_id = 1
new_scan_name = scan_name
while new_scan_name in self.scan_dict.keys():
new_scan_name = "%s (%s)" % (scan_name, scan_id)
scan_id += 1
self.list_scan.append([new_scan_name])
self.scan_dict[new_scan_name] = parser
def _text_changed_cb (self, widget):
buff = self.txt_scan_result.get_buffer ()
buff.apply_tag(self.txg_tag, buff.get_start_iter(), buff.get_end_iter())
def get_parsed_scan(self):
"""Return the currently selected scan's parsed output as an NmapParser
object, or None if no valid scan is selected."""
selected_scan = self.combo_scan.child.get_text()
if selected_scan in self.scan_dict:
return self.scan_dict[selected_scan]
# What's typed in the entry doesn't match a registered scan.
return None
def get_nmap_output(self):
"""Return the currently selected scan's output as a string, or None if
no valid scan is selected."""
parsed = self.parsed_scan
if parsed is not None:
return parsed.nmap_output
return None
nmap_output = property(get_nmap_output)
parsed_scan = property(get_parsed_scan)
class DiffWindow(gtk.Window):
def __init__(self, scans):
gtk.Window.__init__(self)
self.set_title(_("Compare Results"))
self.ndiff_process = None
# We allow the user to start a new diff before the old one has finished.
# We have to keep references to old processes until they finish to avoid
# problems when tearing down the Python interpreter at program exit.
self.old_processes = []
self.timer_id = None
self.main_vbox = HIGVBox()
self.diff_view = DiffView()
self.diff_view.set_size_request(-1, 100)
self.hbox_buttons = HIGHBox()
self.progress = gtk.ProgressBar()
self.btn_close = HIGButton(stock=gtk.STOCK_CLOSE)
self.hbox_selection = HIGHBox()
self.scan_chooser_a = ScanChooser(scans, _(u"A Scan"))
self.scan_chooser_b = ScanChooser(scans, _(u"B Scan"))
self._pack_widgets()
self._connect_widgets()
self.set_default_size(-1, 500)
# Initial Size Request
self.initial_size = self.get_size()
def _pack_widgets(self):
self.main_vbox.set_border_width(6)
self.hbox_selection.pack_start(self.scan_chooser_a, True, True)
self.hbox_selection.pack_start(self.scan_chooser_b, True, True)
self.main_vbox.pack_start(self.hbox_selection, False)
scroll = gtk.ScrolledWindow()
scroll.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC)
scroll.add(self.diff_view)
self.main_vbox.pack_start(scroll, True, True)
self.progress.hide()
self.progress.set_no_show_all(True)
self.hbox_buttons.pack_start(self.progress, False)
self.hbox_buttons.pack_end(self.btn_close, False)
self.main_vbox._pack_noexpand_nofill(self.hbox_buttons)
self.add(self.main_vbox)
def _connect_widgets(self):
self.connect("delete-event", self.close)
self.btn_close.connect("clicked", self.close)
self.scan_chooser_a.connect('changed', self.refresh_diff)
self.scan_chooser_b.connect('changed', self.refresh_diff)
def refresh_diff (self, widget):
"""This method is called whenever the diff output might have changed,
such as when a different scan was selected in one of the choosers."""
log.debug("Refresh diff.")
if self.ndiff_process is not None and self.ndiff_process.poll() is None:
# Put this in the list of old processes we keep track of.
self.old_processes.append(self.ndiff_process)
self.ndiff_process = None
scan_a = self.scan_chooser_a.parsed_scan
scan_b = self.scan_chooser_b.parsed_scan
if scan_a is None or scan_b is None:
self.diff_view.clear()
else:
try:
self.ndiff_process = zenmapCore.Diff.ndiff(scan_a, scan_b)
except OSError, e:
alert = HIGAlertDialog(
message_format = _("Error running ndiff"),
secondary_text = _("There was an error running the ndiff program.\n\n") + str(e).decode(sys.getdefaultencoding(), "replace"))
alert.run()
alert.destroy()
else:
self.progress.show()
if self.timer_id is None:
self.timer_id = gobject.timeout_add(NDIFF_CHECK_TIMEOUT, self.check_ndiff_process)
def check_ndiff_process(self):
"""Check if the ndiff subprocess is done and show the diff if it is.
Also remove any finished processes from the old process list."""
# Check if any old background processes have finished.
for p in self.old_processes[:]:
if p.poll() is not None:
p.close()
self.old_processes.remove(p)
if self.ndiff_process is not None:
# We're running the most recent scan. Check if it's done.
status = self.ndiff_process.poll()
if status is None:
# Keep calling this function on a timer until the process
# finishes.
self.progress.pulse()
return True
if status == 0 or status == 1:
# Successful completion.
try:
diff = self.ndiff_process.get_scan_diff()
except zenmapCore.Diff.NdiffParseException, e:
alert = HIGAlertDialog(
message_format = _("Error parsing ndiff output"),
secondary_text = str(e))
alert.run()
alert.destroy()
else:
self.diff_view.show_diff(diff)
else:
# Unsuccessful completion.
error_text = _("The ndiff process terminated with status code %d.") % status
stderr = self.ndiff_process.stderr.read()
if len(stderr) > 0:
error_text += "\n\n" + stderr
alert = HIGAlertDialog(
message_format = _("Error running ndiff"),
secondary_text = error_text)
alert.run()
alert.destroy()
self.progress.hide()
self.ndiff_process.close()
self.ndiff_process = None
if len(self.old_processes) > 0:
# Keep calling this callback.
return True
else:
# All done.
self.timer_id = None
return False
def close(self, widget=None, extra=None):
self.destroy()
class DiffView(gtk.TextView):
REMOVE_COLOR = "#ffaaaa"
ADD_COLOR = "#ccffcc"
"""A widget displaying a zenmapCore.Diff.ScanDiff."""
def __init__(self):
gtk.TextView.__init__(self)
self.set_editable(False)
buff = self.get_buffer()
# Create text markup tags.
buff.create_tag("=", font = "Monospace")
buff.create_tag("-", font = "Monospace", background = self.REMOVE_COLOR)
buff.create_tag("+", font = "Monospace", background = self.ADD_COLOR)
def clear(self):
self.get_buffer().set_text(u"")
def show_diff(self, diff):
self.clear()
buff = self.get_buffer()
for line in diff.splitlines(True):
if line.startswith("-"):
tags = ["-"]
elif line.startswith("+"):
tags = ["+"]
else:
tags = ["="]
buff.insert_with_tags_by_name(buff.get_end_iter(), line, *tags)
if __name__ == "__main__":
from zenmapCore.NmapParser import NmapParser
parsed1 = NmapParser()
parsed2 = NmapParser()
parsed3 = NmapParser()
parsed4 = NmapParser()
parsed1.parse_file("test/xml_test1.xml")
parsed2.parse_file("test/xml_test2.xml")
parsed3.parse_file("test/xml_test3.xml")
parsed4.parse_file("test/xml_test4.xml")
dw = DiffWindow({"Parsed 1": parsed1,
"Parsed 2": parsed2,
"Parsed 3": parsed3,
"Parsed 4": parsed4})
dw.show_all()
dw.connect("delete-event", lambda x,y: gtk.main_quit())
gtk.main()