Add scan cancellation feature
- Replace subprocess.run() with Popen for cancellable processes - Add cancel() method to SneakyScanner with process termination - Track running scanners in registry for stop signal delivery - Handle ScanCancelledError to set scan status to 'cancelled' - Add POST /api/scans/<id>/stop endpoint - Add 'cancelled' as valid scan status - Add Stop button to scans list and detail views - Show cancelled status with warning badge in UI
This commit is contained in:
@@ -7,9 +7,11 @@ import argparse
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
import signal
|
||||
import subprocess
|
||||
import sys
|
||||
import tempfile
|
||||
import threading
|
||||
import time
|
||||
import zipfile
|
||||
from datetime import datetime
|
||||
@@ -30,6 +32,11 @@ sys.stdout.reconfigure(line_buffering=True)
|
||||
sys.stderr.reconfigure(line_buffering=True)
|
||||
|
||||
|
||||
class ScanCancelledError(Exception):
|
||||
"""Raised when a scan is cancelled by the user."""
|
||||
pass
|
||||
|
||||
|
||||
class SneakyScanner:
|
||||
"""Wrapper for masscan to perform network scans based on YAML config or database config"""
|
||||
|
||||
@@ -63,6 +70,34 @@ class SneakyScanner:
|
||||
|
||||
self.screenshot_capture = None
|
||||
|
||||
# Cancellation support
|
||||
self._cancelled = False
|
||||
self._cancel_lock = threading.Lock()
|
||||
self._active_process = None
|
||||
self._process_lock = threading.Lock()
|
||||
|
||||
def cancel(self):
|
||||
"""
|
||||
Cancel the running scan.
|
||||
|
||||
Terminates any active subprocess and sets cancellation flag.
|
||||
"""
|
||||
with self._cancel_lock:
|
||||
self._cancelled = True
|
||||
|
||||
with self._process_lock:
|
||||
if self._active_process and self._active_process.poll() is None:
|
||||
try:
|
||||
# Terminate the process group
|
||||
os.killpg(os.getpgid(self._active_process.pid), signal.SIGTERM)
|
||||
except (ProcessLookupError, OSError):
|
||||
pass
|
||||
|
||||
def is_cancelled(self) -> bool:
|
||||
"""Check if scan has been cancelled."""
|
||||
with self._cancel_lock:
|
||||
return self._cancelled
|
||||
|
||||
def _load_config(self) -> Dict[str, Any]:
|
||||
"""
|
||||
Load and validate configuration from file or database.
|
||||
@@ -383,11 +418,31 @@ class SneakyScanner:
|
||||
raise ValueError(f"Invalid protocol: {protocol}")
|
||||
|
||||
print(f"Running: {' '.join(cmd)}", flush=True)
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
|
||||
# Use Popen for cancellation support
|
||||
with self._process_lock:
|
||||
self._active_process = subprocess.Popen(
|
||||
cmd,
|
||||
stdout=subprocess.PIPE,
|
||||
stderr=subprocess.PIPE,
|
||||
text=True,
|
||||
start_new_session=True
|
||||
)
|
||||
|
||||
stdout, stderr = self._active_process.communicate()
|
||||
returncode = self._active_process.returncode
|
||||
|
||||
with self._process_lock:
|
||||
self._active_process = None
|
||||
|
||||
# Check if cancelled
|
||||
if self.is_cancelled():
|
||||
return []
|
||||
|
||||
print(f"Masscan {protocol.upper()} scan completed", flush=True)
|
||||
|
||||
if result.returncode != 0:
|
||||
print(f"Masscan stderr: {result.stderr}", file=sys.stderr)
|
||||
if returncode != 0:
|
||||
print(f"Masscan stderr: {stderr}", file=sys.stderr)
|
||||
|
||||
# Parse masscan JSON output
|
||||
results = []
|
||||
@@ -435,11 +490,31 @@ class SneakyScanner:
|
||||
]
|
||||
|
||||
print(f"Running: {' '.join(cmd)}", flush=True)
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
|
||||
# Use Popen for cancellation support
|
||||
with self._process_lock:
|
||||
self._active_process = subprocess.Popen(
|
||||
cmd,
|
||||
stdout=subprocess.PIPE,
|
||||
stderr=subprocess.PIPE,
|
||||
text=True,
|
||||
start_new_session=True
|
||||
)
|
||||
|
||||
stdout, stderr = self._active_process.communicate()
|
||||
returncode = self._active_process.returncode
|
||||
|
||||
with self._process_lock:
|
||||
self._active_process = None
|
||||
|
||||
# Check if cancelled
|
||||
if self.is_cancelled():
|
||||
return {}
|
||||
|
||||
print(f"Masscan PING scan completed", flush=True)
|
||||
|
||||
if result.returncode != 0:
|
||||
print(f"Masscan stderr: {result.stderr}", file=sys.stderr, flush=True)
|
||||
if returncode != 0:
|
||||
print(f"Masscan stderr: {stderr}", file=sys.stderr, flush=True)
|
||||
|
||||
# Parse results
|
||||
responding_ips = set()
|
||||
@@ -477,6 +552,10 @@ class SneakyScanner:
|
||||
all_services = {}
|
||||
|
||||
for ip, ports in ip_ports.items():
|
||||
# Check if cancelled before each host
|
||||
if self.is_cancelled():
|
||||
break
|
||||
|
||||
if not ports:
|
||||
all_services[ip] = []
|
||||
continue
|
||||
@@ -502,10 +581,29 @@ class SneakyScanner:
|
||||
ip
|
||||
]
|
||||
|
||||
result = subprocess.run(cmd, capture_output=True, text=True, timeout=600)
|
||||
# Use Popen for cancellation support
|
||||
with self._process_lock:
|
||||
self._active_process = subprocess.Popen(
|
||||
cmd,
|
||||
stdout=subprocess.PIPE,
|
||||
stderr=subprocess.PIPE,
|
||||
text=True,
|
||||
start_new_session=True
|
||||
)
|
||||
|
||||
if result.returncode != 0:
|
||||
print(f" Nmap warning for {ip}: {result.stderr}", file=sys.stderr, flush=True)
|
||||
stdout, stderr = self._active_process.communicate(timeout=600)
|
||||
returncode = self._active_process.returncode
|
||||
|
||||
with self._process_lock:
|
||||
self._active_process = None
|
||||
|
||||
# Check if cancelled
|
||||
if self.is_cancelled():
|
||||
Path(xml_output).unlink(missing_ok=True)
|
||||
break
|
||||
|
||||
if returncode != 0:
|
||||
print(f" Nmap warning for {ip}: {stderr}", file=sys.stderr, flush=True)
|
||||
|
||||
# Parse XML output
|
||||
services = self._parse_nmap_xml(xml_output)
|
||||
@@ -894,6 +992,11 @@ class SneakyScanner:
|
||||
progress_callback('ping', None, {'status': 'starting'})
|
||||
ping_results = self._run_ping_scan(all_ips)
|
||||
|
||||
# Check for cancellation
|
||||
if self.is_cancelled():
|
||||
print("\nScan cancelled by user", flush=True)
|
||||
raise ScanCancelledError("Scan cancelled by user")
|
||||
|
||||
# Report ping results
|
||||
if progress_callback:
|
||||
progress_callback('ping', None, {
|
||||
@@ -907,6 +1010,11 @@ class SneakyScanner:
|
||||
progress_callback('tcp_scan', None, {'status': 'starting'})
|
||||
tcp_results = self._run_masscan(all_ips, '0-65535', 'tcp')
|
||||
|
||||
# Check for cancellation
|
||||
if self.is_cancelled():
|
||||
print("\nScan cancelled by user", flush=True)
|
||||
raise ScanCancelledError("Scan cancelled by user")
|
||||
|
||||
# Perform UDP scan (if enabled)
|
||||
udp_enabled = os.environ.get('UDP_SCAN_ENABLED', 'false').lower() == 'true'
|
||||
udp_ports = os.environ.get('UDP_PORTS', '53,67,68,69,123,161,500,514,1900')
|
||||
@@ -916,6 +1024,11 @@ class SneakyScanner:
|
||||
if progress_callback:
|
||||
progress_callback('udp_scan', None, {'status': 'starting'})
|
||||
udp_results = self._run_masscan(all_ips, udp_ports, 'udp')
|
||||
|
||||
# Check for cancellation
|
||||
if self.is_cancelled():
|
||||
print("\nScan cancelled by user", flush=True)
|
||||
raise ScanCancelledError("Scan cancelled by user")
|
||||
else:
|
||||
print(f"\n[3/5] Skipping UDP scan (disabled)...", flush=True)
|
||||
if progress_callback:
|
||||
@@ -975,6 +1088,11 @@ class SneakyScanner:
|
||||
ip_ports = {ip: results_by_ip[ip]['actual']['tcp_ports'] for ip in all_ips}
|
||||
service_results = self._run_nmap_service_detection(ip_ports)
|
||||
|
||||
# Check for cancellation
|
||||
if self.is_cancelled():
|
||||
print("\nScan cancelled by user", flush=True)
|
||||
raise ScanCancelledError("Scan cancelled by user")
|
||||
|
||||
# Add service information to results
|
||||
for ip, services in service_results.items():
|
||||
if ip in results_by_ip:
|
||||
|
||||
Reference in New Issue
Block a user