From 76e173c1e22281035fcc6e47395faa29e93f01ba Mon Sep 17 00:00:00 2001 From: Axis12 <3225945+axistwelve@users.noreply.github.com> Date: Wed, 16 Nov 2022 11:06:40 +0000 Subject: [PATCH 01/12] Adding extra flag options for NMAP scaning udp_scan, icmp_timestamp and dns_resolve --- plugins/inventory/nmap.py | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index 01a5fa04ba9..a8db28d36af 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -46,6 +46,18 @@ description: use IPv6 type addresses type: boolean default: true + udp_scan: + description: scan via UDP, note you need to had sudo as true on my systems for this to work + type: boolean + default: false + icmp_timestamp: + description: scan via ICMP Timestamp (-PP), note you need to had sudo as true on my systems for this to work + type: boolean + default: false + dns_resolve: + description: Never do DNS resolution/Always resolve + type: boolean + default: false notes: - At least one of ipv4 or ipv6 is required to be True, both can be True, but they cannot both be False. - 'TODO: add OS fingerprinting' @@ -166,6 +178,19 @@ def parse(self, inventory, loader, path, cache=True): cmd.append('--exclude') cmd.append(','.join(self._options['exclude'])) + if self._options['dns_resolve']: + cmd.append('-n') + + if self._options['udp_scan']: + if not self._options['sudo']: + raise AnsibleParserError('Sudo is required for this option') + cmd.append('-sU') + + if self._options['icmp_timestamp']: + if not self._options['sudo']: + raise AnsibleParserError('Sudo is required for this option') + cmd.append('-PP') + cmd.append(self._options['address']) try: # execute From f8eac812e29fa06d57396635c6de56a9fb1effb4 Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 12:41:26 +0000 Subject: [PATCH 02/12] Update nmap.py --- plugins/inventory/nmap.py | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index 01a5fa04ba9..a8db28d36af 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -46,6 +46,18 @@ description: use IPv6 type addresses type: boolean default: true + udp_scan: + description: scan via UDP, note you need to had sudo as true on my systems for this to work + type: boolean + default: false + icmp_timestamp: + description: scan via ICMP Timestamp (-PP), note you need to had sudo as true on my systems for this to work + type: boolean + default: false + dns_resolve: + description: Never do DNS resolution/Always resolve + type: boolean + default: false notes: - At least one of ipv4 or ipv6 is required to be True, both can be True, but they cannot both be False. - 'TODO: add OS fingerprinting' @@ -166,6 +178,19 @@ def parse(self, inventory, loader, path, cache=True): cmd.append('--exclude') cmd.append(','.join(self._options['exclude'])) + if self._options['dns_resolve']: + cmd.append('-n') + + if self._options['udp_scan']: + if not self._options['sudo']: + raise AnsibleParserError('Sudo is required for this option') + cmd.append('-sU') + + if self._options['icmp_timestamp']: + if not self._options['sudo']: + raise AnsibleParserError('Sudo is required for this option') + cmd.append('-PP') + cmd.append(self._options['address']) try: # execute From cb77d89684973974ce22e2218998070664b47ca4 Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 21:00:36 +0000 Subject: [PATCH 03/12] Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein --- plugins/inventory/nmap.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index a8db28d36af..e5dc85d4a56 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -47,7 +47,9 @@ type: boolean default: true udp_scan: - description: scan via UDP, note you need to had sudo as true on my systems for this to work + description: + - Scan via UDP. + - Depending on your system you might need I(sudo=true) for this to work. type: boolean default: false icmp_timestamp: From a115cc4c9521dd8a3bd4f145ada4c9f4843e2c11 Mon Sep 17 00:00:00 2001 From: David Date: Wed, 16 Nov 2022 21:20:50 +0000 Subject: [PATCH 04/12] Updates as per felixfontein suggestions --- .../fragments/5566-additional-flags-nmap.yml | 2 ++ plugins/inventory/nmap.py | 17 ++++++++++------- 2 files changed, 12 insertions(+), 7 deletions(-) create mode 100644 changelogs/fragments/5566-additional-flags-nmap.yml diff --git a/changelogs/fragments/5566-additional-flags-nmap.yml b/changelogs/fragments/5566-additional-flags-nmap.yml new file mode 100644 index 00000000000..afe7c3aa885 --- /dev/null +++ b/changelogs/fragments/5566-additional-flags-nmap.yml @@ -0,0 +1,2 @@ +minor_changes + - nmap - adds flags to the nmap plugin ``udp_scan``, ``icmp_timestamp`` and ``dns_resolve`` parameter for different types of scans (https://github.com/ansible-collections/community.general/pull/5566). \ No newline at end of file diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index a8db28d36af..ca134cb099a 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -47,17 +47,24 @@ type: boolean default: true udp_scan: - description: scan via UDP, note you need to had sudo as true on my systems for this to work + description: + - Scan via UDP. + - Depending on your system you might need I(sudo=true) for this to work. type: boolean default: false + version_added: 6.1.0 icmp_timestamp: - description: scan via ICMP Timestamp (-PP), note you need to had sudo as true on my systems for this to work + description: + - Scan via ICMP Timestamp (C(-PP)). + - Depending on your system you might need I(sudo=true) for this to work. type: boolean default: false + version_added: 6.1.0 dns_resolve: - description: Never do DNS resolution/Always resolve + description: Whether to always (C(true)) or never (C(false)) do DNS resolution. type: boolean default: false + version_added: 6.1.0 notes: - At least one of ipv4 or ipv6 is required to be True, both can be True, but they cannot both be False. - 'TODO: add OS fingerprinting' @@ -182,13 +189,9 @@ def parse(self, inventory, loader, path, cache=True): cmd.append('-n') if self._options['udp_scan']: - if not self._options['sudo']: - raise AnsibleParserError('Sudo is required for this option') cmd.append('-sU') if self._options['icmp_timestamp']: - if not self._options['sudo']: - raise AnsibleParserError('Sudo is required for this option') cmd.append('-PP') cmd.append(self._options['address']) From db2084ec3084cd63e0e1b11d1dca40c1b9633a8c Mon Sep 17 00:00:00 2001 From: David Date: Wed, 16 Nov 2022 21:25:45 +0000 Subject: [PATCH 05/12] Updates as per felixfontein suggestions --- plugins/inventory/nmap.py | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index 3ab8c63ce0e..ca134cb099a 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -47,7 +47,6 @@ type: boolean default: true udp_scan: -<<<<<<< HEAD description: - Scan via UDP. - Depending on your system you might need I(sudo=true) for this to work. @@ -66,21 +65,6 @@ type: boolean default: false version_added: 6.1.0 -======= - description: - - Scan via UDP. - - Depending on your system you might need I(sudo=true) for this to work. - type: boolean - default: false - icmp_timestamp: - description: scan via ICMP Timestamp (-PP), note you need to had sudo as true on my systems for this to work - type: boolean - default: false - dns_resolve: - description: Never do DNS resolution/Always resolve - type: boolean - default: false ->>>>>>> cb77d89684973974ce22e2218998070664b47ca4 notes: - At least one of ipv4 or ipv6 is required to be True, both can be True, but they cannot both be False. - 'TODO: add OS fingerprinting' From 8b04a2996956f9bba654de5590488aa1b59ef31e Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 21:27:50 +0000 Subject: [PATCH 06/12] Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein --- plugins/inventory/nmap.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index ca134cb099a..fd632880caa 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -53,6 +53,7 @@ type: boolean default: false version_added: 6.1.0 + version_added: 6.1.0 icmp_timestamp: description: - Scan via ICMP Timestamp (C(-PP)). From 2dc4fced24fbe889a400f6a26a85efc764412be1 Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 21:28:03 +0000 Subject: [PATCH 07/12] Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein --- plugins/inventory/nmap.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index fd632880caa..59b50e2cc01 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -61,6 +61,7 @@ type: boolean default: false version_added: 6.1.0 + version_added: 6.1.0 dns_resolve: description: Whether to always (C(true)) or never (C(false)) do DNS resolution. type: boolean From 70daa294deaee334ae3a4ece9a000f709e61723c Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 21:33:55 +0000 Subject: [PATCH 08/12] Update nmap.py --- plugins/inventory/nmap.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index 59b50e2cc01..ca134cb099a 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -53,7 +53,6 @@ type: boolean default: false version_added: 6.1.0 - version_added: 6.1.0 icmp_timestamp: description: - Scan via ICMP Timestamp (C(-PP)). @@ -61,7 +60,6 @@ type: boolean default: false version_added: 6.1.0 - version_added: 6.1.0 dns_resolve: description: Whether to always (C(true)) or never (C(false)) do DNS resolution. type: boolean From 42aeeec36fd16af0ebc42690887577765f5e1022 Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 21:35:00 +0000 Subject: [PATCH 09/12] Update changelogs/fragments/5566-additional-flags-nmap.yml Co-authored-by: Felix Fontein --- changelogs/fragments/5566-additional-flags-nmap.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/5566-additional-flags-nmap.yml b/changelogs/fragments/5566-additional-flags-nmap.yml index afe7c3aa885..b8ccc14ecab 100644 --- a/changelogs/fragments/5566-additional-flags-nmap.yml +++ b/changelogs/fragments/5566-additional-flags-nmap.yml @@ -1,2 +1,2 @@ minor_changes - - nmap - adds flags to the nmap plugin ``udp_scan``, ``icmp_timestamp`` and ``dns_resolve`` parameter for different types of scans (https://github.com/ansible-collections/community.general/pull/5566). \ No newline at end of file + - nmap inventory plugin - add new options ``udp_scan``, ``icmp_timestamp``, and ``dns_resolve`` for different types of scans (https://github.com/ansible-collections/community.general/pull/5566). \ No newline at end of file From 35fbd098f7302a3ccbf4eb0ac8f119e5155c919d Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 21:53:26 +0000 Subject: [PATCH 10/12] Update changelogs/fragments/5566-additional-flags-nmap.yml Co-authored-by: Felix Fontein --- changelogs/fragments/5566-additional-flags-nmap.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/5566-additional-flags-nmap.yml b/changelogs/fragments/5566-additional-flags-nmap.yml index b8ccc14ecab..a6f67ec7eea 100644 --- a/changelogs/fragments/5566-additional-flags-nmap.yml +++ b/changelogs/fragments/5566-additional-flags-nmap.yml @@ -1,2 +1,2 @@ -minor_changes +minor_changes: - nmap inventory plugin - add new options ``udp_scan``, ``icmp_timestamp``, and ``dns_resolve`` for different types of scans (https://github.com/ansible-collections/community.general/pull/5566). \ No newline at end of file From 9d56c69590d415cc129507978d629df1121a49eb Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 22:19:40 +0000 Subject: [PATCH 11/12] Update 5566-additional-flags-nmap.yml --- changelogs/fragments/5566-additional-flags-nmap.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/changelogs/fragments/5566-additional-flags-nmap.yml b/changelogs/fragments/5566-additional-flags-nmap.yml index a6f67ec7eea..d42f3a4695a 100644 --- a/changelogs/fragments/5566-additional-flags-nmap.yml +++ b/changelogs/fragments/5566-additional-flags-nmap.yml @@ -1,2 +1,3 @@ minor_changes: - - nmap inventory plugin - add new options ``udp_scan``, ``icmp_timestamp``, and ``dns_resolve`` for different types of scans (https://github.com/ansible-collections/community.general/pull/5566). \ No newline at end of file + - nmap inventory plugin - add new options ``udp_scan``, ``icmp_timestamp``, and ``dns_resolve`` for different types of scans (https://github.com/ansible-collections/community.general/pull/5566). + From e890c5bec23e59621f614e2c91e429e32e00a6f1 Mon Sep 17 00:00:00 2001 From: David Stuart Date: Wed, 16 Nov 2022 22:22:52 +0000 Subject: [PATCH 12/12] Update nmap.py --- plugins/inventory/nmap.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index ca134cb099a..f0fa50e3b30 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -47,7 +47,7 @@ type: boolean default: true udp_scan: - description: + description: - Scan via UDP. - Depending on your system you might need I(sudo=true) for this to work. type: boolean