fox

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2025 License: Apache-2.0, ISC Imports: 10 Imported by: 3

Documentation

Overview

Package fox provides a zgrab2 module that scans for fox. Default port: 1911 (TCP)

Copied unmodified from the original zgrab. Connects, sends a static query, and reads the banner. Parses out as much of the response as possible.

Index

Constants

View Source 
const (
	// ORIGINAL_QUERY is the hex encoding of the query that will be sent to each server.
	ORIGINAL_QUERY = "666f7820612031202d3120666f782068656c6c6f0a7b0a" +
		"666f782e76657273696f6e3d733a312e300a69643d693a310a686f73744e" +
		"616d653d733a7870766d2d306f6d64633031786d790a686f737441646472" +
		"6573733d733a3139322e3136382e312e3132350a6170702e6e616d653d73" +
		"3a576f726b62656e63680a6170702e76657273696f6e3d733a332e372e34" +
		"340a766d2e6e616d653d733a4a61766120486f7453706f7428544d292053" +
		"657276657220564d0a766d2e76657273696f6e3d733a32302e342d623032" +
		"0a6f732e6e616d653d733a57696e646f77732058500a6f732e7665727369" +
		"6f6e3d733a352e310a6c616e673d733a656e0a74696d655a6f6e653d733a" +
		"416d65726963612f4c6f735f416e67656c65733b2d32383830303030303b" +
		"333630303030303b30323a30303a30302e3030302c77616c6c2c6d617263" +
		"682c382c6f6e206f722061667465722c73756e6461792c756e646566696e" +
		"65643b30323a30303a30302e3030302c77616c6c2c6e6f76656d6265722c" +
		"312c6f6e206f722061667465722c73756e6461792c756e646566696e6564" +
		"0a686f737449643d733a57696e2d393943422d443439442d353434322d30" +
		"3742420a766d557569643d733a38623533306263382d373663352d343133" +
		"392d613265612d3066616264333934643330350a6272616e6449643d733a" +
		"76796b6f6e0a7d3b3b0a"
	// RESPONSE_PREFIX is the prefix that will identify a Fox service.
	RESPONSE_PREFIX = "fox a 0 -1 fox hello"
)

Variables

This section is empty.

Functions

func GetFoxBanner 

func GetFoxBanner(logStruct *FoxLog, connection net.Conn) error

GetFoxBanner sends the static query and reads the response, filling out the logStruct with any fields that are present. The IsFox field will identify whether a Fox service was detected, regardless of whether an error was returned.

func RegisterModule 

func RegisterModule()

RegisterModule registers the zgrab2 module.

Types

type Flags 

type Flags struct {
	zgrab2.BaseFlags `group:"Basic Options"`
	zgrab2.TLSFlags  `group:"TLS Options"`
	UseTLS           bool `long:"use-tls" description:"Sends probe with a TLS connection. Loads TLS module command options."`
}

Flags holds the command-line configuration for the fox scan module. Populated by the framework.

func (*Flags) Help 

func (flags *Flags) Help() string

Help returns the module's help string.

func (*Flags) Validate 

func (flags *Flags) Validate(_ []string) error

Validate checks that the flags are valid. On success, returns nil. On failure, returns an error instance describing the error.

type FoxLog 

type FoxLog struct {
	// IsFox should always be true (otherwise, the result should have been nil).
	IsFox bool `json:"is_fox"`

	// Version corresponds to the "fox.version" response field.
	Version string `json:"version"`

	// Id corresponds to the "id" response field, which is decoded as a decimal integer.
	Id uint32 `json:"id"`

	// Hostname corresponds to the "hostName" field.
	Hostname string `json:"hostname,omitempty"`

	// HostAddress corresponds to the "hostAddress" field.
	HostAddress string `json:"host_address,omitempty"`

	// AppName corresponds to the "app.name" field.
	AppName string `json:"app_name,omitempty"`

	// AppVersion corresponds to the "app.version" field.
	AppVersion string `json:"app_version,omitempty"`

	// VMName corresponds to the "vm.name" field.
	VMName string `json:"vm_name,omitempty"`

	// VMVersion corresponds to the "vm.version" field.
	VMVersion string `json:"vm_version,omitempty"`

	// OSName corresponds to the "os.name" field.
	OSName string `json:"os_name,omitempty"`

	// OSVersion corresponds to the "os.version" field.
	OSVersion string `json:"os_version,omitempty"`

	// StationName corresponds to the "station.name" field.
	StationName string `json:"station_name,omitempty"`

	// Language corresponds to the "lang" field.
	Language string `json:"language,omitempty"`

	// TimeZone corresponds to the "timeZone" field (or, that portion of it before the first semicolon).
	TimeZone string `json:"time_zone,omitempty"`

	// HostId corresponds to the "hostId" field.
	HostId string `json:"host_id,omitempty"`

	// VMUuid corresponds to the "vmUuid" field.
	VMUuid string `json:"vm_uuid,omitempty"`

	// BrandId corresponds to the "brandId" field.
	BrandId string `json:"brand_id,omitempty"`

	// SysInfo corresponds to the "sysInfo" field.
	SysInfo string `json:"sys_info,omitempty"`

	// AuthAgentType corresponds to the "authAgentTypeSpecs" field.
	AuthAgentType string `json:"auth_agent_type,omitempty"`

	TLSLog *zgrab2.TLSLog `json:"tls,omitempty"`
}

FoxLog is the struct returned to the caller.

type Module 

type Module struct {
}

Module implements the zgrab2.Module interface.

func (*Module) Description added in v0.1.3 

func (module *Module) Description() string

Description returns an overview of this module.

func (*Module) NewFlags 

func (module *Module) NewFlags() any

NewFlags returns a default Flags object.

func (*Module) NewScanner 

func (module *Module) NewScanner() zgrab2.Scanner

NewScanner returns a new Scanner instance.

type Scanner 

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner implements the zgrab2.Scanner interface.

func (*Scanner) GetDialerGroupConfig added in v0.2.0 

func (scanner *Scanner) GetDialerGroupConfig() *zgrab2.DialerGroupConfig

func (*Scanner) GetName 

func (scanner *Scanner) GetName() string

GetName returns the Scanner name defined in the Flags.

func (*Scanner) GetScanMetadata added in v1.0.0 

func (scanner *Scanner) GetScanMetadata() any

GetScanMetadata returns any metadata on the scan itself from this module.

func (*Scanner) GetTrigger 

func (scanner *Scanner) GetTrigger() string

GetTrigger returns the Trigger defined in the Flags.

func (*Scanner) Init 

func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error

Init initializes the Scanner.

func (*Scanner) InitPerSender 

func (scanner *Scanner) InitPerSender(senderID int) error

InitPerSender initializes the scanner for a given sender.

func (*Scanner) Protocol 

func (scanner *Scanner) Protocol() string

Protocol returns the protocol identifier of the scan.

func (*Scanner) Scan 

func (scanner *Scanner) Scan(ctx context.Context, dialGroup *zgrab2.DialerGroup, target *zgrab2.ScanTarget) (zgrab2.ScanStatus, any, error)

Scan probes for a Tridium Fox service. 1. Opens a TCP connection to the configured port (default 1911) 2. Sends a static query 3. Attempt to read the response (up to 8k + 4 bytes -- larger responses trigger an error) 4. If the response has the Fox response prefix, mark the scan as having detected the service. 5. Attempt to read any / all of the data fields from the Log struct

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.