cphipps/NetAlertX
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

much more logging for the pholus issue + settings check

Browse Source
This commit is contained in:
Jokob-sk
2023-01-01 23:27:40 +11:00
parent 7aa61e142e
commit e77e1d5503
7 changed files with 108 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
back/pialert.py
View File

@@ -551,7 +551,8 @@ def importConfig ():
lastTimeImported = time.time() lastTimeImported = time.time()
# Used to display a message in the UI # Used to display a message in the UI
sql.execute ("""UPDATE Parameters set "par_Value" = ? where "par_ID" = "Back_Settings_Imported" """, (timeNow(),)) # sql.execute ("""UPDATE Parameters set "par_Value" = ? where "par_ID" = "Back_Settings_Imported" """, (timeNow(),))
sql.execute ("""UPDATE Parameters set "par_Value" = ? where "par_ID" = "Back_Settings_Imported" """, (round(time.time() * 1000),))
commitDB() commitDB()
@@ -2878,7 +2879,7 @@ def upgradeDB ():
('Front_Devices_Order', '[[3,"desc"],[0,"asc"]]'), ('Front_Devices_Order', '[[3,"desc"],[0,"asc"]]'),
('Front_Devices_Rows', '100'), ('Front_Devices_Rows', '100'),
('Front_Details_Tab', 'tabDetails'), ('Front_Details_Tab', 'tabDetails'),
('Back_Settings_Imported', timeNow()), ('Back_Settings_Imported', round(time.time() * 1000)),
('Back_App_State', 'Initializing') ('Back_App_State', 'Initializing')
] ]

7
front/deviceDetails.php
View File

@@ -1785,11 +1785,4 @@ function reloadTab()
} }
function sanitize(data)
{
return data.replace(/(\r\n|\n|\r)/gm,"").replace(/[^\x00-\x7F]/g, "")
}
</script> </script>

3
front/index.php
View File

@@ -30,6 +30,9 @@ if (( isset ($_SESSION["login"]) && ($_SESSION["login"] == 1)) || (isset ($_COOK
$login_headline = lang('Login_Toggle_Info_headline'); $login_headline = lang('Login_Toggle_Info_headline');
$login_info = ""; $login_info = "";
$login_mode = 'danger';
$login_display_mode = 'display: block;';
$login_icon = 'fa-info';
// no active session, cookie not checked // no active session, cookie not checked
if (isset ($_SESSION["login"]) == FALSE || $_SESSION["login"] != 1) if (isset ($_SESSION["login"]) == FALSE || $_SESSION["login"] != 1)

7
front/js/pialert_common.js
View File

@@ -151,6 +151,13 @@ function modalWarningOK () {
}, 100); }, 100);
} }
// -----------------------------------------------------------------------------
function sanitize(data)
{
return data.replace(/(\r\n|\n|\r)/gm,"").replace(/[^\x00-\x7F]/g, "")
}
// ----------------------------------------------------------------------------- // -----------------------------------------------------------------------------
function showMessage (textMessage="") { function showMessage (textMessage="") {
if (textMessage.toLowerCase().includes("error") ) { if (textMessage.toLowerCase().includes("error") ) {

4
front/php/templates/language/en_us.php
View File

@@ -425,7 +425,9 @@ $lang['en_us'] = array(
////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////
'settings_missing' => 'Not all settings loaded, refresh the page!', 'settings_missing' => 'Not all settings loaded, refresh the page! This is probably caused by a high load on the database.',
'settings_missing_block' => 'You can\'t save your settings without specifying all setting keys. Refresh the page. This is probably caused by a high load on the database.',
'settings_old' => 'The settings in the DB (shown on this page) are outdated. This is probably caused by a running scan. The settings were saved, but the background process didn\'t have time to import it yet. You can wait until the settings get refreshed so you don\'t overwrite your old values. Feel free to save your settings either way if you don\'t mind losing the settings between the last save and now. There are also backup files created if you need to compare your settings later.',
//General //General
'SCAN_SUBNETS_name' => 'Subnets to scan', 'SCAN_SUBNETS_name' => 'Subnets to scan',

66
front/settings.php
View File

@@ -51,7 +51,7 @@ CommitDB();
<h1 id="pageTitle"> <h1 id="pageTitle">
<?php echo lang('Navigation_Settings');?> <?php echo lang('Navigation_Settings');?>
</h1> </h1>
<span id="lastImportedTime"></span> Last time imported from the pialert.conf file: <span id="lastImportedTime"></span>
</section> </section>
<div class="content"> <div class="content">
<?php <?php
@@ -252,28 +252,10 @@ CommitDB();
// Wrong number of settings processing // Wrong number of settings processing
if(<?php echo count($settings)?> != settingsNumber) if(<?php echo count($settings)?> != settingsNumber)
{ {
showModalOk('WARNING', '<?php echo lang("settings_missing")?>'); showModalOk('WARNING', "<?php echo lang("settings_missing")?>");
} }
// ---------------------------------------------------------
function getParam(targetId, key, skipCache = false) {
skipCacheQuery = "";
if(skipCache)
{
skipCacheQuery = "&skipcache";
}
// get parameter value
$.get('php/server/parameters.php?action=get&parameter='+ key + skipCacheQuery, function(data) {
var result = data;
document.getElementById(targetId).innerHTML = result.replaceAll('"', '');
});
}
// --------------------------------------------------------- // ---------------------------------------------------------
function addInterface() function addInterface()
@@ -344,7 +326,7 @@ CommitDB();
function saveSettings() { function saveSettings() {
if(<?php echo count($settings)?> != settingsNumber) if(<?php echo count($settings)?> != settingsNumber)
{ {
showModalOk('WARNING', '<?php echo lang("settings_missing")?>'); showModalOk('WARNING', "<?php echo lang("settings_missing_block")?>");
} else } else
{ {
$.ajax({ $.ajax({
@@ -359,6 +341,47 @@ CommitDB();
}); });
} }
} }
// ---------------------------------------------------------
function getParam(targetId, key, skipCache = false, callback) {
skipCacheQuery = "";
if(skipCache)
{
skipCacheQuery = "&skipcache";
}
// get parameter value
$.get('php/server/parameters.php?action=get&parameter='+ key + skipCacheQuery, function(data, callback) {
var result = data;
if(key == "Back_Settings_Imported")
{
fileModificationTime = <?php echo filemtime($confPath)*1000;?>;
importedMiliseconds = parseInt(result.match( /\d+/g ).join('')); // sanitize the string and get only the numbers
result = (new Date(importedMiliseconds)).toLocaleString("en-UK", { timeZone: "<?php echo $timeZone?>" }); //.toDateString("");
// check if displayed settings are outdated
if(fileModificationTime > importedMiliseconds)
{
showModalOk('WARNING: Outdated settings displayed', "<?php echo lang("settings_old")?>");
}
} else{
result = result.replaceAll('"', '');
}
document.getElementById(targetId).innerHTML = result;
});
}
// ---------------------------------------------------------
</script> </script>
<script defer> <script defer>
@@ -369,4 +392,5 @@ CommitDB();
</script> </script>

49
pholus/pholus3.py
View File

@@ -55,6 +55,17 @@ def file_print(*args):
file.close() file.close()
def file_print_pr(*args):
result = ''
file = open(logPath + "/pialert_pholus_subp_pr.log", "a")
for arg in args:
result += str(arg)
print(result)
file.write(result + '\n')
file.close()
def sanitize_string(input): def sanitize_string(input):
if isinstance(input, bytes): if isinstance(input, bytes):
input = input.decode('utf-8') input = input.decode('utf-8')
@@ -182,6 +193,11 @@ class Sniffer_Offline():
### THE HANDLER THAT THE TWO SNIFFERS CALL - THIS MAKES THE MAIN JOB ### ### THE HANDLER THAT THE TWO SNIFFERS CALL - THIS MAKES THE MAIN JOB ###
######################################################################## ########################################################################
def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,interface,d4,d6,target_mac,auto_fake_responses,source_IPv6,source_IPv4,target_mac1,target_mac2,source_mac,hlimit,workstation,printer,googlecast,airtv,flood,flooding_timeout,flodding_interval,v4,v6): def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,interface,d4,d6,target_mac,auto_fake_responses,source_IPv6,source_IPv4,target_mac1,target_mac2,source_mac,hlimit,workstation,printer,googlecast,airtv,flood,flooding_timeout,flodding_interval,v4,v6):
file_print(">>>>>>> Timestamp 0.0210: ", timeNow())
file_print_pr(">>>>>>> Timestamp 0.0210: ", timeNow())
file_print_pr(">>>>>>> Test ")
dns_type = {12: "PTR", 28: "AAAA", 13: "HINFO",33: "SRV", 1: "A", 255: "* (ANY)", 16: "TXT", 15: "MX", 6: "SOA", 256: "URI", 5: "CNAME",39: "DNAME"} dns_type = {12: "PTR", 28: "AAAA", 13: "HINFO",33: "SRV", 1: "A", 255: "* (ANY)", 16: "TXT", 15: "MX", 6: "SOA", 256: "URI", 5: "CNAME",39: "DNAME"}
Ether_src=packets.getlayer(Ether).src Ether_src=packets.getlayer(Ether).src
IP_src=None IP_src=None
@@ -189,8 +205,13 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
IP_src=packets.getlayer(IPv6).src IP_src=packets.getlayer(IPv6).src
elif packets.haslayer(IP): elif packets.haslayer(IP):
IP_src=packets.getlayer(IP).src IP_src=packets.getlayer(IP).src
else:
file_print(">>>>>>> Timestamp 0.021: ", timeNow())
file_print_pr(">>>>>>> Test 2")
res0= Ether_src + " | " + IP_src.ljust(27) res0= Ether_src + " | " + IP_src.ljust(27)
if packets.haslayer(DNS): if packets.haslayer(DNS):
file_print_pr(">>>>>>> Test 4")
dns=packets.getlayer(DNS) dns=packets.getlayer(DNS)
if (conflict or dos_ttl) and dns.ancount>0: if (conflict or dos_ttl) and dns.ancount>0:
DNSBlocks = [ ] DNSBlocks = [ ]
@@ -240,15 +261,18 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
new_p.rclass=p.rclass new_p.rclass=p.rclass
new_p.rdlen=p.rdlen new_p.rdlen=p.rdlen
new_p.rdata=p.rdata new_p.rdata=p.rdata
new_DNS_packet=new_DNS_packet/new_p new_DNS_packet=new_DNS_packet/new_p
if unidns: if unidns:
new_packet=new_packet/UDP(dport=53)/new_DNS_packet new_packet=new_packet/UDP(dport=53)/new_DNS_packet
else: else:
new_packet=new_packet/UDP(dport=5353,sport=5353)/new_DNS_packet new_packet=new_packet/UDP(dport=5353,sport=5353)/new_DNS_packet
for x in range(0,2):#Send each packet twice for x in range(0,2):#Send each packet twice
file_print_pr(">>>>>>> Test 6")
sendp(new_packet,iface=interface) sendp(new_packet,iface=interface)
file_print_pr(">>>>>>> Test 6.1")
elif auto_fake_responses or (not (dos_ttl or conflict)): elif auto_fake_responses or (not (dos_ttl or conflict)):
## IF THIS IS A QUERY ## ## IF THIS IS A QUERY ##
file_print_pr(">>>>>>> Test 6.2")
if dns.opcode==0: if dns.opcode==0:
res0 = res0 + "" res0 = res0 + ""
if dns.qdcount>0: if dns.qdcount>0:
@@ -456,7 +480,9 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A") dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A")
else: else:
dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A") dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0,ancount=1)/DNSRR(rrname=qname,ttl=myttl,rdata=source_IPv4,type="A")
file_print_pr(">>>>>>> Test 6.23")
send_packets(v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,d4,source_IPv6,d6,interface,hlimit,dns_packet,False,10.0,0.1)#CHANGE DEFAULT VALUES send_packets(v4,v6,source_mac,target_mac1,target_mac2,source_IPv4,d4,source_IPv6,d6,interface,hlimit,dns_packet,False,10.0,0.1)#CHANGE DEFAULT VALUES
file_print_pr(">>>>>>> Test 6.24")
### END "IF WE NEED TO AUTO RESPOND WITH A FAKE RESPONSE ### END "IF WE NEED TO AUTO RESPOND WITH A FAKE RESPONSE
### NEXT LINES ARE ONLY USED TO PRINT RESULTS ### ### NEXT LINES ARE ONLY USED TO PRINT RESULTS ###
if dnsqr.qclass==32769: if dnsqr.qclass==32769:
@@ -492,6 +518,7 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
else: else:
ARtype=str(dnsrropt.type) ARtype=str(dnsrropt.type)
res = res0 + " | Additional_Record | " + rrname.decode("utf-8") + " " + ARtype res = res0 + " | Additional_Record | " + rrname.decode("utf-8") + " " + ARtype
file_print_pr(">>>>>>> Test 6.24")
if dnsrropt.haslayer(EDNS0TLV): if dnsrropt.haslayer(EDNS0TLV):
edns0tlv=dnsrropt.getlayer(EDNS0TLV) edns0tlv=dnsrropt.getlayer(EDNS0TLV)
if edns0tlv.optcode==4: if edns0tlv.optcode==4:
@@ -566,12 +593,16 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
res = res + " TTL:"+str(dnsrr.ttl) res = res + " TTL:"+str(dnsrr.ttl)
if print_res==1: if print_res==1:
file_print(res) file_print(res)
file_print_pr(">>>>>>> Test 6.27")
queue.put(res) queue.put(res)
block = block.payload block = block.payload
file_print_pr(">>>>>>> Test 6.270")
if dns.ancount>0: if dns.ancount>0:
DNSBlocks = [ ] DNSBlocks = [ ]
DNSBlocks.append(dns.an) DNSBlocks.append(dns.an)
for block in DNSBlocks: for block in DNSBlocks:
file_print_pr(">>>>>>> Test 6.271")
while isinstance(block,DNSRR): while isinstance(block,DNSRR):
dnsrr=block.getlayer(DNSRR) dnsrr=block.getlayer(DNSRR)
if dnsrr.rclass==1: if dnsrr.rclass==1:
@@ -593,16 +624,20 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
if isinstance(rdata,list): if isinstance(rdata,list):
rdata = b" ".join(rdata).decode("utf-8") rdata = b" ".join(rdata).decode("utf-8")
res = res0 + " | Answer | "+dnsrr.rrname.decode("utf-8") + " " + dns_type[dnsrr.type]+" " + rclass + ' "' +rdata+'"' res = res0 + " | Answer | "+dnsrr.rrname.decode("utf-8") + " " + dns_type[dnsrr.type]+" " + rclass + ' "' +rdata+'"'
file_print_pr(">>>>>>> Test 6.272004")
if show_ttl: if show_ttl:
res = res + " TTL:"+str(dnsrr.ttl) res = res + " TTL:"+str(dnsrr.ttl)
if print_res==1: if print_res==1:
file_print(res) file_print(res)
queue.put(res) queue.put(res)
block = block.payload block = block.payload
file_print_pr(">>>>>>> Test 6.272")
if dns.nscount>0: if dns.nscount>0:
file_print_pr(">>>>>>> Test 6.273")
DNSBlocks = [ ] DNSBlocks = [ ]
DNSBlocks.append(dns.ns) DNSBlocks.append(dns.ns)
for block in DNSBlocks: for block in DNSBlocks:
file_print_pr(">>>>>>> Test 6.28")
while isinstance(block,DNSRR): while isinstance(block,DNSRR):
dnsrr=block.getlayer(DNSRR) dnsrr=block.getlayer(DNSRR)
if dnsrr.rclass==1: if dnsrr.rclass==1:
@@ -621,10 +656,19 @@ def ext_handler(packets,queue,unidns,show_ttl,print_res,dos_ttl,conflict,ttl,int
res = res + " TTL:"+str(dnsrr.ttl) res = res + " TTL:"+str(dnsrr.ttl)
if print_res==1: if print_res==1:
file_print(res) file_print(res)
file_print_pr(">>>>>>> Test 6.274")
queue.put(res) queue.put(res)
block = block.payload block = block.payload
else:
file_print_pr(">>>>>>> Test 6.27200")
else: else:
file_print("not a DNS Query", dns.summary()) file_print("not a DNS Query", dns.summary())
file_print_pr(">>>>>>> Test 6.272001")
else:
file_print_pr(">>>>>>> Test 6.2720055")
else:
file_print_pr(">>>>>>> Test 3")
######################################## ########################################
########### REQUEST FUNCTION ########### ########### REQUEST FUNCTION ###########
@@ -889,6 +933,7 @@ def main():
file_print(">>>>>>> Timestamp 0.02: ", timeNow()) file_print(">>>>>>> Timestamp 0.02: ", timeNow())
file_print("------------------------------------------------------------------------") file_print("------------------------------------------------------------------------")
time.sleep(1)#to make sure than sniffer has started before we proceed, otherwise you may miss some traffic time.sleep(1)#to make sure than sniffer has started before we proceed, otherwise you may miss some traffic
file_print(">>>>>>> Timestamp 0.03: ", timeNow())
########################################################################################################## ##########################################################################################################
if values.request: if values.request:
file_print(">>>>>>> Timestamp 1: ", timeNow()) file_print(">>>>>>> Timestamp 1: ", timeNow())