ohmtrivedi/api.js

## api.js
/* Author: Ohm Trivedi */
/*API Plugin */

const util = require('util');

module.exports = function api(options) {
	let seneca = this;

	seneca.add('role:api,path:msOne', function (msg, respond) {
		// console.log(msg);
		let { operation } = msg.args.params;
		let { target } = msg.args.query;
		// let operation = msg.args.body.operation;
        // let target = msg.args.body.remote_ip;
        if (operation == 'fpOS') {
            seneca.act({ role: 'msOne', cmd: 'fpOS', remoteIP: target }, function (err, result) {
				if (err) throw err;
				// result.then(output => respond(output));
				let curTimestamp = new Date();
				console.log(`[${curTimestamp.toLocaleString()}] msOne -> fpOS request completed.`);
				respond(result);
			});
        } else if (operation == 'getCVEs') {
            seneca.act({ role: 'msOne', cmd: 'getCVEs', osQuery: target }, function (err, result) {
				if (err) throw err;
				// result.then(output => respond(output));
				let curTimestamp = new Date();
				console.log(`[${curTimestamp.toLocaleString()}] msOne -> getCVEs request completed.`);
				respond(result);
			});
        }
	});
}

## app.js
/* Author: Ohm Trivedi */
/* Microservice Client */

"use strict"

const Seneca = require('seneca'),
	SenecaWeb = require('seneca-web'),
	Express = require('express'),
	Routes = require('./routes'),
	http = require('http'),
	Connect = require('connect');

const request_timeout = 300000;

let senecaWebConfig = {
	routes: Routes,
  	context: Connect(),
  	adapter: require('seneca-web-adapter-connect')
};

let seneca = Seneca({
		tag: 'expressAPI',
		timeout: request_timeout,
		transport: {
			web: { timeout: request_timeout }
		}
	})
	.use('./api')
	.use(SenecaWeb, senecaWebConfig)
	.client({ host: 'localhost', port: 9091, pin: 'role:msOne' })
	.client({ host: 'localhost', port: 9092, pin: 'role:msTwo' })
	.client({ host: 'localhost', port: 9093, pin: 'role:msThree' })
	.ready(() => {
		let connect = seneca.export('web/context')();
		let httpServer = http.createServer(connect);

		httpServer.listen('12001', (err) => {
			if (err) throw err;
			console.log('App started on: 12001');
		});

		// httpServer.on('request', (req, res) => {
		// 	console.log(req.url);
		// });
	});

## msOnePlugin.js
/* Author: Ohm Trivedi */
/* Plugin for OS-FP (Async) */

'use strict'

const { exec } = require('child_process');
const rp = require('request-promise');
const cheerio = require('cheerio');
const util = require('util');

module.exports = function msOne (options) {
    let seneca = this;
    // let identifiedOS = '';

    seneca.add({ init: 'msOne' }, function(pluginInfo, respond) {
        console.log(options.message);
        respond();
    });

    seneca.add({ role: 'msOne', cmd: 'fpOS' }, function (msg, respond) {
        // const remoteIP = "62.103.72.66";
        // console.log(msg);
        const { remoteIP } = msg;
        let commandToExec = `sudo nmap -sV -T5 -O -Pn ${remoteIP} | grep -m 1 -e "Aggressive OS guesses" -e "OS details" -e "No OS"`;
        console.log('Executing: ' + commandToExec);
        exec(commandToExec, (error, stdout, stderr) => {
            let outputSplit, osGuess;
            console.log(`Nmap execution complete! Result: ${stdout}`);
            if (error) {
                console.log(error);
            } else if (stderr) {
                console.log(stderr);
            } else if (stdout.startsWith('Aggressive')) {
                outputSplit = stdout.slice(22).split(',');
                osGuess = outputSplit[0].trim();
            } else if (stdout.startsWith('OS')) {
                outputSplit = stdout.slice(11).split(',');
                osGuess = outputSplit[0].trim();
            } else {
                osGuess = stdout.trim();
            }
            if (osGuess.indexOf('(') != -1) {
                osGuess = osGuess.substring(0, osGuess.indexOf('(')-1);
            }
            console.log(`Response: ${osGuess}`);
            respond(null, { osGuess });
        });
    });

    seneca.add({ role: 'msOne', cmd: 'getCVEs' }, async function (msg, respond) {
        // let osQuery = msg.args.body.os_name;
        let { osQuery } = msg;
        let osCVEs = await scrapCVEs(osQuery);
        console.log(`Response: Found ${osCVEs.cve_id.length} CVEs.`);
        respond(null, osCVEs);
    });
}

let scrapCVEs = (osQuery) => {
    let osName = osQuery.split(' ');
    let url = 'http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=' + osName.join('+');
    // console.log('URL ' + url);
    let os_cves = { cve_id: [], cve_desc: [] };

    const options = {
        uri: url,
        transform: function(body) {
            // console.log(body);
            return cheerio.load(body);
        }
    };

    return rp(options)
            .then($ => {
                let desiredTableElem = $('#TableWithRules').children('table');
                desiredTableElem.find('td').each((i, elem) => {
                    // console.log(i + elem.name);
                    if (elem.children[0].type === 'tag') {
                        // console.log(elem.children[0].name);
                        os_cves.cve_id.push(elem.children[0].children[0].data);
                        // console.log(elem.children[0].children[0].data);
                    }
                    else if (elem.children[0].type === 'text') {
                        os_cves.cve_desc.push(elem.children[0].data);
                        // console.log(elem.children[0].data);
                    }
                });
                console.log('Scrapping complete!');
                return os_cves;
            })
            .catch(err => {
                console.log(err);
            });
}

## msOneService.js
/* Author: Ohm Trivedi */
/* Microservice 1 Server */

'use strict'

const request_timeout = 300000;

const Seneca = require('seneca')({
		tag: 'msOneService',
		timeout: request_timeout,
		transport: {
			web: { timeout: request_timeout }
		}
	})
	.use('./msOnePlugin', { message: 'msOne Plugin Added!' })
	.listen({
		host: 'localhost',
		port: 9091,
		pin: 'role:msOne'
	});

## routes.js
/* Author: Ohm Trivedi */
/* Routes for Express API */

'use strict'

module.exports = [{
    prefix: '/api',
    pin: 'role:api,path:*',
    map: {
        msOne: {
            GET: true,
            suffix: '/:operation'
        }
    }
}]
	/* Author: Ohm Trivedi */
	/API Plugin /

	const util = require('util');

	module.exports = function api(options) {
	let seneca = this;

	seneca.add('role:api,path:msOne', function (msg, respond) {
	// console.log(msg);
	let { operation } = msg.args.params;
	let { target } = msg.args.query;
	// let operation = msg.args.body.operation;
	// let target = msg.args.body.remote_ip;
	if (operation == 'fpOS') {
	seneca.act({ role: 'msOne', cmd: 'fpOS', remoteIP: target }, function (err, result) {
	if (err) throw err;
	// result.then(output => respond(output));
	let curTimestamp = new Date();
	console.log(`[${curTimestamp.toLocaleString()}] msOne -> fpOS request completed.`);
	respond(result);
	});
	} else if (operation == 'getCVEs') {
	seneca.act({ role: 'msOne', cmd: 'getCVEs', osQuery: target }, function (err, result) {
	if (err) throw err;
	// result.then(output => respond(output));
	let curTimestamp = new Date();
	console.log(`[${curTimestamp.toLocaleString()}] msOne -> getCVEs request completed.`);
	respond(result);
	});
	}
	});
	}
	/* Author: Ohm Trivedi */
	/* Microservice Client */

	"use strict"

	const Seneca = require('seneca'),
	SenecaWeb = require('seneca-web'),
	Express = require('express'),
	Routes = require('./routes'),
	http = require('http'),
	Connect = require('connect');

	const request_timeout = 300000;

	let senecaWebConfig = {
	routes: Routes,
	context: Connect(),
	adapter: require('seneca-web-adapter-connect')
	};

	let seneca = Seneca({
	tag: 'expressAPI',
	timeout: request_timeout,
	transport: {
	web: { timeout: request_timeout }
	}
	})
	.use('./api')
	.use(SenecaWeb, senecaWebConfig)
	.client({ host: 'localhost', port: 9091, pin: 'role:msOne' })
	.client({ host: 'localhost', port: 9092, pin: 'role:msTwo' })
	.client({ host: 'localhost', port: 9093, pin: 'role:msThree' })
	.ready(() => {
	let connect = seneca.export('web/context')();
	let httpServer = http.createServer(connect);

	httpServer.listen('12001', (err) => {
	if (err) throw err;
	console.log('App started on: 12001');
	});

	// httpServer.on('request', (req, res) => {
	// console.log(req.url);
	// });
	});
	/* Author: Ohm Trivedi */
	/* Plugin for OS-FP (Async) */

	'use strict'

	const { exec } = require('child_process');
	const rp = require('request-promise');
	const cheerio = require('cheerio');
	const util = require('util');

	module.exports = function msOne (options) {
	let seneca = this;
	// let identifiedOS = '';

	seneca.add({ init: 'msOne' }, function(pluginInfo, respond) {
	console.log(options.message);
	respond();
	});

	seneca.add({ role: 'msOne', cmd: 'fpOS' }, function (msg, respond) {
	// const remoteIP = "62.103.72.66";
	// console.log(msg);
	const { remoteIP } = msg;
	let commandToExec = `sudo nmap -sV -T5 -O -Pn ${remoteIP} \| grep -m 1 -e "Aggressive OS guesses" -e "OS details" -e "No OS"`;
	console.log('Executing: ' + commandToExec);
	exec(commandToExec, (error, stdout, stderr) => {
	let outputSplit, osGuess;
	console.log(`Nmap execution complete! Result: ${stdout}`);
	if (error) {
	console.log(error);
	} else if (stderr) {
	console.log(stderr);
	} else if (stdout.startsWith('Aggressive')) {
	outputSplit = stdout.slice(22).split(',');
	osGuess = outputSplit[0].trim();
	} else if (stdout.startsWith('OS')) {
	outputSplit = stdout.slice(11).split(',');
	osGuess = outputSplit[0].trim();
	} else {
	osGuess = stdout.trim();
	}
	if (osGuess.indexOf('(') != -1) {
	osGuess = osGuess.substring(0, osGuess.indexOf('(')-1);
	}
	console.log(`Response: ${osGuess}`);
	respond(null, { osGuess });
	});
	});

	seneca.add({ role: 'msOne', cmd: 'getCVEs' }, async function (msg, respond) {
	// let osQuery = msg.args.body.os_name;
	let { osQuery } = msg;
	let osCVEs = await scrapCVEs(osQuery);
	console.log(`Response: Found ${osCVEs.cve_id.length} CVEs.`);
	respond(null, osCVEs);
	});
	}

	let scrapCVEs = (osQuery) => {
	let osName = osQuery.split(' ');
	let url = 'http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=' + osName.join('+');
	// console.log('URL ' + url);
	let os_cves = { cve_id: [], cve_desc: [] };

	const options = {
	uri: url,
	transform: function(body) {
	// console.log(body);
	return cheerio.load(body);
	}
	};

	return rp(options)
	.then($ => {
	let desiredTableElem = $('#TableWithRules').children('table');
	desiredTableElem.find('td').each((i, elem) => {
	// console.log(i + elem.name);
	if (elem.children[0].type === 'tag') {
	// console.log(elem.children[0].name);
	os_cves.cve_id.push(elem.children[0].children[0].data);
	// console.log(elem.children[0].children[0].data);
	}
	else if (elem.children[0].type === 'text') {
	os_cves.cve_desc.push(elem.children[0].data);
	// console.log(elem.children[0].data);
	}
	});
	console.log('Scrapping complete!');
	return os_cves;
	})
	.catch(err => {
	console.log(err);
	});
	}
	/* Author: Ohm Trivedi */
	/* Microservice 1 Server */

	'use strict'

	const request_timeout = 300000;

	const Seneca = require('seneca')({
	tag: 'msOneService',
	timeout: request_timeout,
	transport: {
	web: { timeout: request_timeout }
	}
	})
	.use('./msOnePlugin', { message: 'msOne Plugin Added!' })
	.listen({
	host: 'localhost',
	port: 9091,
	pin: 'role:msOne'
	});
	/* Author: Ohm Trivedi */
	/* Routes for Express API */

	'use strict'

	module.exports = [{
	prefix: '/api',
	pin: 'role:api,path:*',
	map: {
	msOne: {
	GET: true,
	suffix: '/:operation'
	}
	}
	}]