From 3adb51ece2d2e8209a3a5ab2138e72559b4d47fa Mon Sep 17 00:00:00 2001 From: Phillip Tarrant Date: Fri, 21 Nov 2025 11:11:37 -0600 Subject: [PATCH 1/7] Add configurable nmap host timeout setting Move nmap host timeout from hardcoded 5m to configurable setting in app/web/config.py with a default of 2m for faster scans. --- app/src/scanner.py | 3 ++- app/web/config.py | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/app/src/scanner.py b/app/src/scanner.py index 3964cb3..80c99d8 100644 --- a/app/src/scanner.py +++ b/app/src/scanner.py @@ -22,6 +22,7 @@ from libnmap.parser import NmapParser from src.screenshot_capture import ScreenshotCapture from src.report_generator import HTMLReportGenerator +from web.config import NMAP_HOST_TIMEOUT # Force unbuffered output for Docker sys.stdout.reconfigure(line_buffering=True) @@ -496,7 +497,7 @@ class SneakyScanner: '--version-intensity', '5', # Balanced speed/accuracy '-p', port_list, '-oX', xml_output, # XML output - '--host-timeout', '5m', # Timeout per host + '--host-timeout', NMAP_HOST_TIMEOUT, # Timeout per host ip ] diff --git a/app/web/config.py b/app/web/config.py index 3d74f10..13d8785 100644 --- a/app/web/config.py +++ b/app/web/config.py @@ -11,3 +11,6 @@ APP_VERSION = '1.0.0-beta' # Repository URL REPO_URL = 'https://git.sneakygeek.net/sneakygeek/SneakyScan' + +# Scanner settings +NMAP_HOST_TIMEOUT = '2m' # Timeout per host for nmap service detection -- 2.49.1 From 4c6b4bf35d1033b38f3a743297ae58a9740031fa Mon Sep 17 00:00:00 2001 From: Phillip Tarrant Date: Fri, 21 Nov 2025 11:29:03 -0600 Subject: [PATCH 2/7] Add IP address search feature with global search box - Add API endpoint GET /api/scans/by-ip/{ip_address} to retrieve last 10 scans containing a specific IP - Add ScanService.get_scans_by_ip() method with ScanIP join query - Add search box to global navigation header - Create dedicated search results page at /search/ip - Update API documentation with new endpoint --- app/web/api/scans.py | 39 +++++ app/web/routes/main.py | 15 +- app/web/services/scan_service.py | 23 +++ app/web/templates/base.html | 7 + app/web/templates/ip_search_results.html | 175 +++++++++++++++++++++++ docs/API_REFERENCE.md | 50 +++++++ 6 files changed, 308 insertions(+), 1 deletion(-) create mode 100644 app/web/templates/ip_search_results.html diff --git a/app/web/api/scans.py b/app/web/api/scans.py index f1d0edf..042cb89 100644 --- a/app/web/api/scans.py +++ b/app/web/api/scans.py @@ -281,6 +281,45 @@ def get_scan_status(scan_id): }), 500 +@bp.route('/by-ip/', methods=['GET']) +@api_auth_required +def get_scans_by_ip(ip_address): + """ + Get last 10 scans containing a specific IP address. + + Args: + ip_address: IP address to search for + + Returns: + JSON response with list of scans containing the IP + """ + try: + # Get scans from service + scan_service = ScanService(current_app.db_session) + scans = scan_service.get_scans_by_ip(ip_address) + + logger.info(f"Retrieved {len(scans)} scans for IP: {ip_address}") + + return jsonify({ + 'ip_address': ip_address, + 'scans': scans, + 'count': len(scans) + }) + + except SQLAlchemyError as e: + logger.error(f"Database error retrieving scans for IP {ip_address}: {str(e)}") + return jsonify({ + 'error': 'Database error', + 'message': 'Failed to retrieve scans' + }), 500 + except Exception as e: + logger.error(f"Unexpected error retrieving scans for IP {ip_address}: {str(e)}", exc_info=True) + return jsonify({ + 'error': 'Internal server error', + 'message': 'An unexpected error occurred' + }), 500 + + @bp.route('//compare/', methods=['GET']) @api_auth_required def compare_scans(scan_id1, scan_id2): diff --git a/app/web/routes/main.py b/app/web/routes/main.py index 8c5f366..ee09097 100644 --- a/app/web/routes/main.py +++ b/app/web/routes/main.py @@ -7,7 +7,7 @@ Provides dashboard and scan viewing pages. import logging import os -from flask import Blueprint, current_app, redirect, render_template, send_from_directory, url_for +from flask import Blueprint, current_app, redirect, render_template, request, send_from_directory, url_for from web.auth.decorators import login_required @@ -83,6 +83,19 @@ def compare_scans(scan_id1, scan_id2): return render_template('scan_compare.html', scan_id1=scan_id1, scan_id2=scan_id2) +@bp.route('/search/ip') +@login_required +def search_ip(): + """ + IP search results page - shows scans containing a specific IP address. + + Returns: + Rendered search results template + """ + ip_address = request.args.get('ip', '').strip() + return render_template('ip_search_results.html', ip_address=ip_address) + + @bp.route('/schedules') @login_required def schedules(): diff --git a/app/web/services/scan_service.py b/app/web/services/scan_service.py index 9aea0b8..c8406bf 100644 --- a/app/web/services/scan_service.py +++ b/app/web/services/scan_service.py @@ -260,6 +260,29 @@ class ScanService: return status_info + def get_scans_by_ip(self, ip_address: str, limit: int = 10) -> List[Dict[str, Any]]: + """ + Get the last N scans containing a specific IP address. + + Args: + ip_address: IP address to search for + limit: Maximum number of scans to return (default: 10) + + Returns: + List of scan summary dictionaries, most recent first + """ + scans = ( + self.db.query(Scan) + .join(ScanIP, Scan.id == ScanIP.scan_id) + .filter(ScanIP.ip_address == ip_address) + .filter(Scan.status == 'completed') + .order_by(Scan.timestamp.desc()) + .limit(limit) + .all() + ) + + return [self._scan_to_summary_dict(scan) for scan in scans] + def cleanup_orphaned_scans(self) -> int: """ Clean up orphaned scans that are stuck in 'running' status. diff --git a/app/web/templates/base.html b/app/web/templates/base.html index 8496d07..b5f1c9d 100644 --- a/app/web/templates/base.html +++ b/app/web/templates/base.html @@ -76,6 +76,13 @@ +
+ + +
  • +
    +

    + + Search Results + {% if ip_address %} + for {{ ip_address }} + {% endif %} +

    +     + Back to Scans + +
    + + +{% if not ip_address %} + +
    +
    +
    +
    + +

    No IP Address Provided

    +

    Please enter an IP address in the search box to find related scans.

    +
    +
    +
    +
    +{% else %} + +
    +
    +
    +
    +
    Last 10 Scans Containing {{ ip_address }}
    +
    +
    +
    + +

    Searching for scans...

    +
    + + + +
    +
    +
    +
    +{% endif %} +{% endblock %} + +{% block scripts %} + +{% endblock %} diff --git a/docs/API_REFERENCE.md b/docs/API_REFERENCE.md index 46f1336..1bcc7ad 100644 --- a/docs/API_REFERENCE.md +++ b/docs/API_REFERENCE.md @@ -989,6 +989,56 @@ curl -X DELETE http://localhost:5000/api/scans/42 \ -b cookies.txt ``` +### Get Scans by IP + +Get the last 10 scans containing a specific IP address. + +**Endpoint:** `GET /api/scans/by-ip/{ip_address}` + +**Authentication:** Required + +**Path Parameters:** + +| Parameter | Type | Required | Description | +|-----------|------|----------|-------------| +| `ip_address` | string | Yes | IP address to search for | + +**Success Response (200 OK):** +```json +{ + "ip_address": "192.168.1.10", + "scans": [ + { + "id": 42, + "timestamp": "2025-11-14T10:30:00Z", + "duration": 125.5, + "status": "completed", + "title": "Production Network Scan", + "config_id": 1, + "triggered_by": "manual", + "created_at": "2025-11-14T10:30:00Z" + }, + { + "id": 38, + "timestamp": "2025-11-13T10:30:00Z", + "duration": 98.2, + "status": "completed", + "title": "Production Network Scan", + "config_id": 1, + "triggered_by": "scheduled", + "created_at": "2025-11-13T10:30:00Z" + } + ], + "count": 2 +} +``` + +**Usage Example:** +```bash +curl -X GET http://localhost:5000/api/scans/by-ip/192.168.1.10 \ + -b cookies.txt +``` + ### Compare Scans Compare two scans to identify differences in ports, services, and certificates. -- 2.49.1 From c592000c969b0e1e2b6026a8056e951004866369 Mon Sep 17 00:00:00 2001 From: Phillip Tarrant Date: Fri, 21 Nov 2025 12:49:27 -0600 Subject: [PATCH 3/7] Add real-time scan progress tracking - Add ScanProgress model and progress fields to Scan model - Implement progress callback in scanner to report phase completion - Update scan_job to write per-IP results to database during execution - Add /api/scans//progress endpoint for progress polling - Add progress section to scan detail page with live updates - Progress table shows current phase, completion bar, and per-IP results - Poll every 3 seconds during active scans - Sort IPs numerically for proper ordering - Add database migration for new tables/columns --- .../versions/012_add_scan_progress.py | 58 ++++++ app/src/scanner.py | 62 +++++- app/web/api/scans.py | 98 ++++++++++ app/web/jobs/scan_job.py | 129 ++++++++++++- app/web/models.py | 43 +++++ app/web/templates/scan_detail.html | 177 +++++++++++++++++- 6 files changed, 556 insertions(+), 11 deletions(-) create mode 100644 app/migrations/versions/012_add_scan_progress.py diff --git a/app/migrations/versions/012_add_scan_progress.py b/app/migrations/versions/012_add_scan_progress.py new file mode 100644 index 0000000..2da3309 --- /dev/null +++ b/app/migrations/versions/012_add_scan_progress.py @@ -0,0 +1,58 @@ +"""Add scan progress tracking + +Revision ID: 012 +Revises: 011 +Create Date: 2024-01-01 00:00:00.000000 + +""" +from alembic import op +import sqlalchemy as sa + + +# revision identifiers, used by Alembic. +revision = '012' +down_revision = '011' +branch_labels = None +depends_on = None + + +def upgrade(): + # Add progress tracking columns to scans table + op.add_column('scans', sa.Column('current_phase', sa.String(50), nullable=True, + comment='Current scan phase: ping, tcp_scan, udp_scan, service_detection, http_analysis')) + op.add_column('scans', sa.Column('total_ips', sa.Integer(), nullable=True, + comment='Total number of IPs to scan')) + op.add_column('scans', sa.Column('completed_ips', sa.Integer(), nullable=True, default=0, + comment='Number of IPs completed in current phase')) + + # Create scan_progress table for per-IP progress tracking + op.create_table( + 'scan_progress', + sa.Column('id', sa.Integer(), primary_key=True, autoincrement=True), + sa.Column('scan_id', sa.Integer(), sa.ForeignKey('scans.id'), nullable=False, index=True), + sa.Column('ip_address', sa.String(45), nullable=False, comment='IP address being scanned'), + sa.Column('site_name', sa.String(255), nullable=True, comment='Site name this IP belongs to'), + sa.Column('phase', sa.String(50), nullable=False, + comment='Phase: ping, tcp_scan, udp_scan, service_detection, http_analysis'), + sa.Column('status', sa.String(20), nullable=False, default='pending', + comment='pending, in_progress, completed, failed'), + sa.Column('ping_result', sa.Boolean(), nullable=True, comment='Ping response result'), + sa.Column('tcp_ports', sa.Text(), nullable=True, comment='JSON array of discovered TCP ports'), + sa.Column('udp_ports', sa.Text(), nullable=True, comment='JSON array of discovered UDP ports'), + sa.Column('services', sa.Text(), nullable=True, comment='JSON array of detected services'), + sa.Column('created_at', sa.DateTime(), nullable=False, server_default=sa.func.now(), + comment='Entry creation time'), + sa.Column('updated_at', sa.DateTime(), nullable=False, server_default=sa.func.now(), + onupdate=sa.func.now(), comment='Last update time'), + sa.UniqueConstraint('scan_id', 'ip_address', name='uix_scan_progress_ip') + ) + + +def downgrade(): + # Drop scan_progress table + op.drop_table('scan_progress') + + # Remove progress tracking columns from scans table + op.drop_column('scans', 'completed_ips') + op.drop_column('scans', 'total_ips') + op.drop_column('scans', 'current_phase') diff --git a/app/src/scanner.py b/app/src/scanner.py index 80c99d8..3159fcc 100644 --- a/app/src/scanner.py +++ b/app/src/scanner.py @@ -13,7 +13,7 @@ import time import zipfile from datetime import datetime from pathlib import Path -from typing import Dict, List, Any +from typing import Dict, List, Any, Callable, Optional import xml.etree.ElementTree as ET import yaml @@ -833,10 +833,17 @@ class SneakyScanner: return all_results - def scan(self) -> Dict[str, Any]: + def scan(self, progress_callback: Optional[Callable] = None) -> Dict[str, Any]: """ Perform complete scan based on configuration + Args: + progress_callback: Optional callback function for progress updates. + Called with (phase, ip, data) where: + - phase: 'init', 'ping', 'tcp_scan', 'udp_scan', 'service_detection', 'http_analysis' + - ip: IP address being processed (or None for phase start) + - data: Dict with progress data (results, counts, etc.) + Returns: Dictionary containing scan results """ @@ -873,16 +880,36 @@ class SneakyScanner: all_ips = sorted(list(all_ips)) print(f"Total IPs to scan: {len(all_ips)}", flush=True) + # Report initialization with total IP count + if progress_callback: + progress_callback('init', None, { + 'total_ips': len(all_ips), + 'ip_to_site': ip_to_site + }) + # Perform ping scan print(f"\n[1/5] Performing ping scan on {len(all_ips)} IPs...", flush=True) + if progress_callback: + progress_callback('ping', None, {'status': 'starting'}) ping_results = self._run_ping_scan(all_ips) + # Report ping results + if progress_callback: + progress_callback('ping', None, { + 'status': 'completed', + 'results': ping_results + }) + # Perform TCP scan (all ports) print(f"\n[2/5] Performing TCP scan on {len(all_ips)} IPs (ports 0-65535)...", flush=True) + if progress_callback: + progress_callback('tcp_scan', None, {'status': 'starting'}) tcp_results = self._run_masscan(all_ips, '0-65535', 'tcp') # Perform UDP scan (all ports) print(f"\n[3/5] Performing UDP scan on {len(all_ips)} IPs (ports 0-65535)...", flush=True) + if progress_callback: + progress_callback('udp_scan', None, {'status': 'starting'}) udp_results = self._run_masscan(all_ips, '0-65535', 'udp') # Organize results by IP @@ -918,8 +945,23 @@ class SneakyScanner: results_by_ip[ip]['actual']['tcp_ports'].sort() results_by_ip[ip]['actual']['udp_ports'].sort() + # Report TCP/UDP scan results with discovered ports per IP + if progress_callback: + tcp_udp_results = {} + for ip in all_ips: + tcp_udp_results[ip] = { + 'tcp_ports': results_by_ip[ip]['actual']['tcp_ports'], + 'udp_ports': results_by_ip[ip]['actual']['udp_ports'] + } + progress_callback('tcp_scan', None, { + 'status': 'completed', + 'results': tcp_udp_results + }) + # Perform service detection on TCP ports print(f"\n[4/5] Performing service detection on discovered TCP ports...", flush=True) + if progress_callback: + progress_callback('service_detection', None, {'status': 'starting'}) ip_ports = {ip: results_by_ip[ip]['actual']['tcp_ports'] for ip in all_ips} service_results = self._run_nmap_service_detection(ip_ports) @@ -928,10 +970,26 @@ class SneakyScanner: if ip in results_by_ip: results_by_ip[ip]['actual']['services'] = services + # Report service detection results + if progress_callback: + progress_callback('service_detection', None, { + 'status': 'completed', + 'results': service_results + }) + # Perform HTTP/HTTPS analysis on web services print(f"\n[5/5] Analyzing HTTP/HTTPS services and SSL/TLS configuration...", flush=True) + if progress_callback: + progress_callback('http_analysis', None, {'status': 'starting'}) http_results = self._run_http_analysis(service_results) + # Report HTTP analysis completion + if progress_callback: + progress_callback('http_analysis', None, { + 'status': 'completed', + 'results': http_results + }) + # Merge HTTP analysis into service results for ip, port_results in http_results.items(): if ip in results_by_ip: diff --git a/app/web/api/scans.py b/app/web/api/scans.py index 042cb89..d4f25f4 100644 --- a/app/web/api/scans.py +++ b/app/web/api/scans.py @@ -5,11 +5,13 @@ Handles endpoints for triggering scans, listing scan history, and retrieving scan results. """ +import json import logging from flask import Blueprint, current_app, jsonify, request from sqlalchemy.exc import SQLAlchemyError from web.auth.decorators import api_auth_required +from web.models import Scan, ScanProgress from web.services.scan_service import ScanService from web.utils.pagination import validate_page_params @@ -281,6 +283,102 @@ def get_scan_status(scan_id): }), 500 +@bp.route('//progress', methods=['GET']) +@api_auth_required +def get_scan_progress(scan_id): + """ + Get detailed progress for a running scan including per-IP results. + + Args: + scan_id: Scan ID + + Returns: + JSON response with scan progress including: + - current_phase: Current scan phase + - total_ips: Total IPs being scanned + - completed_ips: Number of IPs completed in current phase + - progress_entries: List of per-IP progress with discovered results + """ + try: + session = current_app.db_session + + # Get scan record + scan = session.query(Scan).filter_by(id=scan_id).first() + if not scan: + logger.warning(f"Scan not found for progress check: {scan_id}") + return jsonify({ + 'error': 'Not found', + 'message': f'Scan with ID {scan_id} not found' + }), 404 + + # Get progress entries + progress_entries = session.query(ScanProgress).filter_by(scan_id=scan_id).all() + + # Build progress data + entries = [] + for entry in progress_entries: + entry_data = { + 'ip_address': entry.ip_address, + 'site_name': entry.site_name, + 'phase': entry.phase, + 'status': entry.status, + 'ping_result': entry.ping_result + } + + # Parse JSON fields + if entry.tcp_ports: + entry_data['tcp_ports'] = json.loads(entry.tcp_ports) + else: + entry_data['tcp_ports'] = [] + + if entry.udp_ports: + entry_data['udp_ports'] = json.loads(entry.udp_ports) + else: + entry_data['udp_ports'] = [] + + if entry.services: + entry_data['services'] = json.loads(entry.services) + else: + entry_data['services'] = [] + + entries.append(entry_data) + + # Sort entries by site name then IP (numerically) + def ip_sort_key(ip_str): + """Convert IP to tuple of integers for proper numeric sorting.""" + try: + return tuple(int(octet) for octet in ip_str.split('.')) + except (ValueError, AttributeError): + return (0, 0, 0, 0) + + entries.sort(key=lambda x: (x['site_name'] or '', ip_sort_key(x['ip_address']))) + + response = { + 'scan_id': scan_id, + 'status': scan.status, + 'current_phase': scan.current_phase or 'pending', + 'total_ips': scan.total_ips or 0, + 'completed_ips': scan.completed_ips or 0, + 'progress_entries': entries + } + + logger.debug(f"Retrieved progress for scan {scan_id}: phase={scan.current_phase}, {scan.completed_ips}/{scan.total_ips} IPs") + return jsonify(response) + + except SQLAlchemyError as e: + logger.error(f"Database error retrieving scan progress {scan_id}: {str(e)}") + return jsonify({ + 'error': 'Database error', + 'message': 'Failed to retrieve scan progress' + }), 500 + except Exception as e: + logger.error(f"Unexpected error retrieving scan progress {scan_id}: {str(e)}", exc_info=True) + return jsonify({ + 'error': 'Internal server error', + 'message': 'An unexpected error occurred' + }), 500 + + @bp.route('/by-ip/', methods=['GET']) @api_auth_required def get_scans_by_ip(ip_address): diff --git a/app/web/jobs/scan_job.py b/app/web/jobs/scan_job.py index d7fcb72..66d36e5 100644 --- a/app/web/jobs/scan_job.py +++ b/app/web/jobs/scan_job.py @@ -5,6 +5,7 @@ This module handles the execution of scans in background threads, updating database status and handling errors. """ +import json import logging import traceback from datetime import datetime @@ -14,13 +15,132 @@ from sqlalchemy import create_engine from sqlalchemy.orm import sessionmaker from src.scanner import SneakyScanner -from web.models import Scan +from web.models import Scan, ScanProgress from web.services.scan_service import ScanService from web.services.alert_service import AlertService logger = logging.getLogger(__name__) +def create_progress_callback(scan_id: int, session): + """ + Create a progress callback function for updating scan progress in database. + + Args: + scan_id: ID of the scan record + session: Database session + + Returns: + Callback function that accepts (phase, ip, data) + """ + ip_to_site = {} + + def progress_callback(phase: str, ip: str, data: dict): + """Update scan progress in database.""" + nonlocal ip_to_site + + try: + # Get scan record + scan = session.query(Scan).filter_by(id=scan_id).first() + if not scan: + return + + # Handle initialization phase + if phase == 'init': + scan.total_ips = data.get('total_ips', 0) + scan.completed_ips = 0 + scan.current_phase = 'ping' + ip_to_site = data.get('ip_to_site', {}) + + # Create progress entries for all IPs + for ip_addr, site_name in ip_to_site.items(): + progress = ScanProgress( + scan_id=scan_id, + ip_address=ip_addr, + site_name=site_name, + phase='pending', + status='pending' + ) + session.add(progress) + + session.commit() + return + + # Update current phase + if data.get('status') == 'starting': + scan.current_phase = phase + scan.completed_ips = 0 + session.commit() + return + + # Handle phase completion with results + if data.get('status') == 'completed': + results = data.get('results', {}) + + if phase == 'ping': + # Update progress entries with ping results + for ip_addr, ping_result in results.items(): + progress = session.query(ScanProgress).filter_by( + scan_id=scan_id, ip_address=ip_addr + ).first() + if progress: + progress.ping_result = ping_result + progress.phase = 'ping' + progress.status = 'completed' + + scan.completed_ips = len(results) + + elif phase == 'tcp_scan': + # Update progress entries with TCP/UDP port results + for ip_addr, port_data in results.items(): + progress = session.query(ScanProgress).filter_by( + scan_id=scan_id, ip_address=ip_addr + ).first() + if progress: + progress.tcp_ports = json.dumps(port_data.get('tcp_ports', [])) + progress.udp_ports = json.dumps(port_data.get('udp_ports', [])) + progress.phase = 'tcp_scan' + progress.status = 'completed' + + scan.completed_ips = len(results) + + elif phase == 'service_detection': + # Update progress entries with service detection results + for ip_addr, services in results.items(): + progress = session.query(ScanProgress).filter_by( + scan_id=scan_id, ip_address=ip_addr + ).first() + if progress: + # Simplify service data for storage + service_list = [] + for svc in services: + service_list.append({ + 'port': svc.get('port'), + 'service': svc.get('service', 'unknown'), + 'product': svc.get('product', ''), + 'version': svc.get('version', '') + }) + progress.services = json.dumps(service_list) + progress.phase = 'service_detection' + progress.status = 'completed' + + scan.completed_ips = len(results) + + elif phase == 'http_analysis': + # Mark HTTP analysis as complete + scan.current_phase = 'completed' + scan.completed_ips = scan.total_ips + + session.commit() + + except Exception as e: + logger.error(f"Progress callback error for scan {scan_id}: {str(e)}") + # Don't re-raise - we don't want to break the scan + session.rollback() + + return progress_callback + + def execute_scan(scan_id: int, config_id: int, db_url: str = None): """ Execute a scan in the background. @@ -66,10 +186,13 @@ def execute_scan(scan_id: int, config_id: int, db_url: str = None): # Initialize scanner with database config scanner = SneakyScanner(config_id=config_id) - # Execute scan + # Create progress callback + progress_callback = create_progress_callback(scan_id, session) + + # Execute scan with progress tracking logger.info(f"Scan {scan_id}: Running scanner...") start_time = datetime.utcnow() - report, timestamp = scanner.scan() + report, timestamp = scanner.scan(progress_callback=progress_callback) end_time = datetime.utcnow() scan_duration = (end_time - start_time).total_seconds() diff --git a/app/web/models.py b/app/web/models.py index caa543a..feeb130 100644 --- a/app/web/models.py +++ b/app/web/models.py @@ -59,6 +59,11 @@ class Scan(Base): completed_at = Column(DateTime, nullable=True, comment="Scan execution completion time") error_message = Column(Text, nullable=True, comment="Error message if scan failed") + # Progress tracking fields + current_phase = Column(String(50), nullable=True, comment="Current scan phase: ping, tcp_scan, udp_scan, service_detection, http_analysis") + total_ips = Column(Integer, nullable=True, comment="Total number of IPs to scan") + completed_ips = Column(Integer, nullable=True, default=0, comment="Number of IPs completed in current phase") + # Relationships sites = relationship('ScanSite', back_populates='scan', cascade='all, delete-orphan') ips = relationship('ScanIP', back_populates='scan', cascade='all, delete-orphan') @@ -70,6 +75,7 @@ class Scan(Base): schedule = relationship('Schedule', back_populates='scans') config = relationship('ScanConfig', back_populates='scans') site_associations = relationship('ScanSiteAssociation', back_populates='scan', cascade='all, delete-orphan') + progress_entries = relationship('ScanProgress', back_populates='scan', cascade='all, delete-orphan') def __repr__(self): return f"" @@ -244,6 +250,43 @@ class ScanTLSVersion(Base): return f"" +class ScanProgress(Base): + """ + Real-time progress tracking for individual IPs during scan execution. + + Stores intermediate results as they become available, allowing users to + see progress and results before the full scan completes. + """ + __tablename__ = 'scan_progress' + + id = Column(Integer, primary_key=True, autoincrement=True) + scan_id = Column(Integer, ForeignKey('scans.id'), nullable=False, index=True) + ip_address = Column(String(45), nullable=False, comment="IP address being scanned") + site_name = Column(String(255), nullable=True, comment="Site name this IP belongs to") + phase = Column(String(50), nullable=False, comment="Phase: ping, tcp_scan, udp_scan, service_detection, http_analysis") + status = Column(String(20), nullable=False, default='pending', comment="pending, in_progress, completed, failed") + + # Results data (stored as JSON) + ping_result = Column(Boolean, nullable=True, comment="Ping response result") + tcp_ports = Column(Text, nullable=True, comment="JSON array of discovered TCP ports") + udp_ports = Column(Text, nullable=True, comment="JSON array of discovered UDP ports") + services = Column(Text, nullable=True, comment="JSON array of detected services") + + created_at = Column(DateTime, nullable=False, default=datetime.utcnow, comment="Entry creation time") + updated_at = Column(DateTime, nullable=False, default=datetime.utcnow, onupdate=datetime.utcnow, comment="Last update time") + + # Relationships + scan = relationship('Scan', back_populates='progress_entries') + + # Index for efficient lookups + __table_args__ = ( + UniqueConstraint('scan_id', 'ip_address', name='uix_scan_progress_ip'), + ) + + def __repr__(self): + return f"" + + # ============================================================================ # Reusable Site Definition Tables # ============================================================================ diff --git a/app/web/templates/scan_detail.html b/app/web/templates/scan_detail.html index a0e9096..98f9157 100644 --- a/app/web/templates/scan_detail.html +++ b/app/web/templates/scan_detail.html @@ -84,6 +84,50 @@ + + +
    @@ -222,6 +266,7 @@ const scanId = {{ scan_id }}; let scanData = null; let historyChart = null; // Store chart instance to prevent duplicates + let progressInterval = null; // Store progress polling interval // Show alert notification function showAlert(type, message) { @@ -247,16 +292,136 @@ loadScan().then(() => { findPreviousScan(); loadHistoricalChart(); + + // Start progress polling if scan is running + if (scanData && scanData.status === 'running') { + startProgressPolling(); + } }); - // Auto-refresh every 10 seconds if scan is running - setInterval(function() { - if (scanData && scanData.status === 'running') { - loadScan(); - } - }, 10000); }); + // Start polling for progress updates + function startProgressPolling() { + // Show progress section + document.getElementById('progress-section').style.display = 'block'; + + // Initial load + loadProgress(); + + // Poll every 3 seconds + progressInterval = setInterval(loadProgress, 3000); + } + + // Stop polling for progress updates + function stopProgressPolling() { + if (progressInterval) { + clearInterval(progressInterval); + progressInterval = null; + } + // Hide progress section when scan completes + document.getElementById('progress-section').style.display = 'none'; + } + + // Load progress data + async function loadProgress() { + try { + const response = await fetch(`/api/scans/${scanId}/progress`); + if (!response.ok) return; + + const progress = await response.json(); + + // Check if scan is still running + if (progress.status !== 'running') { + stopProgressPolling(); + loadScan(); // Refresh full scan data + return; + } + + renderProgress(progress); + } catch (error) { + console.error('Error loading progress:', error); + } + } + + // Render progress data + function renderProgress(progress) { + // Update phase display + const phaseNames = { + 'pending': 'Initializing', + 'ping': 'Ping Scan', + 'tcp_scan': 'TCP Port Scan', + 'udp_scan': 'UDP Port Scan', + 'service_detection': 'Service Detection', + 'http_analysis': 'HTTP/HTTPS Analysis', + 'completed': 'Completing' + }; + + const phaseName = phaseNames[progress.current_phase] || progress.current_phase; + document.getElementById('current-phase').textContent = phaseName; + + // Update progress count and bar + const total = progress.total_ips || 0; + const completed = progress.completed_ips || 0; + const percent = total > 0 ? Math.round((completed / total) * 100) : 0; + + document.getElementById('progress-count').textContent = `${completed} / ${total} IPs`; + document.getElementById('progress-bar').style.width = `${percent}%`; + + // Update progress table + const tbody = document.getElementById('progress-table-body'); + const entries = progress.progress_entries || []; + + if (entries.length === 0) { + tbody.innerHTML = 'Waiting for results...'; + return; + } + + let html = ''; + entries.forEach(entry => { + // Ping result + let pingDisplay = '-'; + if (entry.ping_result !== null && entry.ping_result !== undefined) { + pingDisplay = entry.ping_result + ? 'Yes' + : 'No'; + } + + // TCP ports + const tcpPorts = entry.tcp_ports || []; + let tcpDisplay = tcpPorts.length > 0 + ? `${tcpPorts.length} ${tcpPorts.slice(0, 5).join(', ')}${tcpPorts.length > 5 ? '...' : ''}` + : '-'; + + // UDP ports + const udpPorts = entry.udp_ports || []; + let udpDisplay = udpPorts.length > 0 + ? `${udpPorts.length}` + : '-'; + + // Services + const services = entry.services || []; + let svcDisplay = '-'; + if (services.length > 0) { + const svcNames = services.map(s => s.service || 'unknown').slice(0, 3); + svcDisplay = `${services.length} ${svcNames.join(', ')}${services.length > 3 ? '...' : ''}`; + } + + html += ` + + ${entry.site_name || '-'} + ${entry.ip_address} + ${pingDisplay} + ${tcpDisplay} + ${udpDisplay} + ${svcDisplay} + + `; + }); + + tbody.innerHTML = html; + } + // Load scan details async function loadScan() { const loadingEl = document.getElementById('scan-loading'); -- 2.49.1 From 04dc238aeaab95b34dda017b2c5f87341e77e912 Mon Sep 17 00:00:00 2001 From: Phillip Tarrant Date: Fri, 21 Nov 2025 13:33:38 -0600 Subject: [PATCH 4/7] Add configurable UDP scanning and numeric IP sorting - Add UDP_SCAN_ENABLED and UDP_PORTS environment variables to control UDP scanning - UDP scanning disabled by default for faster scans - Support port ranges (100-200), lists (53,67,68), or mixed formats - Sort IPs numerically by octets in site management modal --- .env.example | 11 +++++++++++ app/src/scanner.py | 20 +++++++++++++++----- app/web/templates/sites.html | 12 ++++++++++++ docker-compose.yml | 3 +++ 4 files changed, 41 insertions(+), 5 deletions(-) diff --git a/.env.example b/.env.example index e2fdf42..c057551 100644 --- a/.env.example +++ b/.env.example @@ -57,6 +57,17 @@ SCHEDULER_EXECUTORS=2 # Recommended: 3 for typical usage SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES=3 +# ================================ +# UDP Scanning Configuration +# ================================ +# Enable UDP port scanning (disabled by default as it's slower) +UDP_SCAN_ENABLED=false + +# UDP ports to scan when enabled +# Supports ranges (e.g., 100-200), lists (e.g., 53,67,68), or mixed (e.g., 53,67-69,123) +# Default: common UDP services +UDP_PORTS=53,67,68,69,123,161,500,514,1900 + # ================================ # Initial Password (First Run) # ================================ diff --git a/app/src/scanner.py b/app/src/scanner.py index 3159fcc..3e7f5eb 100644 --- a/app/src/scanner.py +++ b/app/src/scanner.py @@ -6,6 +6,7 @@ SneakyScanner - Masscan-based network scanner with YAML configuration import argparse import json import logging +import os import subprocess import sys import tempfile @@ -906,11 +907,20 @@ class SneakyScanner: progress_callback('tcp_scan', None, {'status': 'starting'}) tcp_results = self._run_masscan(all_ips, '0-65535', 'tcp') - # Perform UDP scan (all ports) - print(f"\n[3/5] Performing UDP scan on {len(all_ips)} IPs (ports 0-65535)...", flush=True) - if progress_callback: - progress_callback('udp_scan', None, {'status': 'starting'}) - udp_results = self._run_masscan(all_ips, '0-65535', 'udp') + # Perform UDP scan (if enabled) + udp_enabled = os.environ.get('UDP_SCAN_ENABLED', 'false').lower() == 'true' + udp_ports = os.environ.get('UDP_PORTS', '53,67,68,69,123,161,500,514,1900') + + if udp_enabled: + print(f"\n[3/5] Performing UDP scan on {len(all_ips)} IPs (ports {udp_ports})...", flush=True) + if progress_callback: + progress_callback('udp_scan', None, {'status': 'starting'}) + udp_results = self._run_masscan(all_ips, udp_ports, 'udp') + else: + print(f"\n[3/5] Skipping UDP scan (disabled)...", flush=True) + if progress_callback: + progress_callback('udp_scan', None, {'status': 'skipped'}) + udp_results = [] # Organize results by IP results_by_ip = {} diff --git a/app/web/templates/sites.html b/app/web/templates/sites.html index 9fffda7..074ba3b 100644 --- a/app/web/templates/sites.html +++ b/app/web/templates/sites.html @@ -688,6 +688,18 @@ async function loadSiteIps(siteId) { const data = await response.json(); const ips = data.ips || []; + // Sort IPs by numeric octets + ips.sort((a, b) => { + const partsA = a.ip_address.split('.').map(Number); + const partsB = b.ip_address.split('.').map(Number); + for (let i = 0; i < 4; i++) { + if (partsA[i] !== partsB[i]) { + return partsA[i] - partsB[i]; + } + } + return 0; + }); + document.getElementById('ip-count').textContent = data.total || ips.length; // Render flat IP table diff --git a/docker-compose.yml b/docker-compose.yml index 036b2c9..8af5222 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -41,6 +41,9 @@ services: # Scheduler configuration (APScheduler) - SCHEDULER_EXECUTORS=${SCHEDULER_EXECUTORS:-2} - SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES=${SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES:-3} + # UDP scanning configuration + - UDP_SCAN_ENABLED=${UDP_SCAN_ENABLED:-false} + - UDP_PORTS=${UDP_PORTS:-53,67,68,69,123,161,500,514,1900} # Scanner functionality requires privileged mode and host network for masscan/nmap privileged: true network_mode: host -- 2.49.1 From 3058c69c39acc7959d1fa9adb5eae72925a0f663 Mon Sep 17 00:00:00 2001 From: Phillip Tarrant Date: Fri, 21 Nov 2025 14:17:26 -0600 Subject: [PATCH 5/7] Add scan cancellation feature - Replace subprocess.run() with Popen for cancellable processes - Add cancel() method to SneakyScanner with process termination - Track running scanners in registry for stop signal delivery - Handle ScanCancelledError to set scan status to 'cancelled' - Add POST /api/scans//stop endpoint - Add 'cancelled' as valid scan status - Add Stop button to scans list and detail views - Show cancelled status with warning badge in UI --- app/src/scanner.py | 136 +++++++++++++++++++++++++++-- app/web/api/scans.py | 66 ++++++++++++++ app/web/jobs/scan_job.py | 63 ++++++++++++- app/web/services/scan_service.py | 3 + app/web/templates/scan_detail.html | 60 +++++++++++++ app/web/templates/scans.html | 43 ++++++++- app/web/utils/validators.py | 2 +- 7 files changed, 358 insertions(+), 15 deletions(-) diff --git a/app/src/scanner.py b/app/src/scanner.py index 3e7f5eb..1cbffbc 100644 --- a/app/src/scanner.py +++ b/app/src/scanner.py @@ -7,9 +7,11 @@ import argparse import json import logging import os +import signal import subprocess import sys import tempfile +import threading import time import zipfile from datetime import datetime @@ -30,6 +32,11 @@ sys.stdout.reconfigure(line_buffering=True) sys.stderr.reconfigure(line_buffering=True) +class ScanCancelledError(Exception): + """Raised when a scan is cancelled by the user.""" + pass + + class SneakyScanner: """Wrapper for masscan to perform network scans based on YAML config or database config""" @@ -63,6 +70,34 @@ class SneakyScanner: self.screenshot_capture = None + # Cancellation support + self._cancelled = False + self._cancel_lock = threading.Lock() + self._active_process = None + self._process_lock = threading.Lock() + + def cancel(self): + """ + Cancel the running scan. + + Terminates any active subprocess and sets cancellation flag. + """ + with self._cancel_lock: + self._cancelled = True + + with self._process_lock: + if self._active_process and self._active_process.poll() is None: + try: + # Terminate the process group + os.killpg(os.getpgid(self._active_process.pid), signal.SIGTERM) + except (ProcessLookupError, OSError): + pass + + def is_cancelled(self) -> bool: + """Check if scan has been cancelled.""" + with self._cancel_lock: + return self._cancelled + def _load_config(self) -> Dict[str, Any]: """ Load and validate configuration from file or database. @@ -383,11 +418,31 @@ class SneakyScanner: raise ValueError(f"Invalid protocol: {protocol}") print(f"Running: {' '.join(cmd)}", flush=True) - result = subprocess.run(cmd, capture_output=True, text=True) + + # Use Popen for cancellation support + with self._process_lock: + self._active_process = subprocess.Popen( + cmd, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + text=True, + start_new_session=True + ) + + stdout, stderr = self._active_process.communicate() + returncode = self._active_process.returncode + + with self._process_lock: + self._active_process = None + + # Check if cancelled + if self.is_cancelled(): + return [] + print(f"Masscan {protocol.upper()} scan completed", flush=True) - if result.returncode != 0: - print(f"Masscan stderr: {result.stderr}", file=sys.stderr) + if returncode != 0: + print(f"Masscan stderr: {stderr}", file=sys.stderr) # Parse masscan JSON output results = [] @@ -435,11 +490,31 @@ class SneakyScanner: ] print(f"Running: {' '.join(cmd)}", flush=True) - result = subprocess.run(cmd, capture_output=True, text=True) + + # Use Popen for cancellation support + with self._process_lock: + self._active_process = subprocess.Popen( + cmd, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + text=True, + start_new_session=True + ) + + stdout, stderr = self._active_process.communicate() + returncode = self._active_process.returncode + + with self._process_lock: + self._active_process = None + + # Check if cancelled + if self.is_cancelled(): + return {} + print(f"Masscan PING scan completed", flush=True) - if result.returncode != 0: - print(f"Masscan stderr: {result.stderr}", file=sys.stderr, flush=True) + if returncode != 0: + print(f"Masscan stderr: {stderr}", file=sys.stderr, flush=True) # Parse results responding_ips = set() @@ -477,6 +552,10 @@ class SneakyScanner: all_services = {} for ip, ports in ip_ports.items(): + # Check if cancelled before each host + if self.is_cancelled(): + break + if not ports: all_services[ip] = [] continue @@ -502,10 +581,29 @@ class SneakyScanner: ip ] - result = subprocess.run(cmd, capture_output=True, text=True, timeout=600) + # Use Popen for cancellation support + with self._process_lock: + self._active_process = subprocess.Popen( + cmd, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + text=True, + start_new_session=True + ) - if result.returncode != 0: - print(f" Nmap warning for {ip}: {result.stderr}", file=sys.stderr, flush=True) + stdout, stderr = self._active_process.communicate(timeout=600) + returncode = self._active_process.returncode + + with self._process_lock: + self._active_process = None + + # Check if cancelled + if self.is_cancelled(): + Path(xml_output).unlink(missing_ok=True) + break + + if returncode != 0: + print(f" Nmap warning for {ip}: {stderr}", file=sys.stderr, flush=True) # Parse XML output services = self._parse_nmap_xml(xml_output) @@ -894,6 +992,11 @@ class SneakyScanner: progress_callback('ping', None, {'status': 'starting'}) ping_results = self._run_ping_scan(all_ips) + # Check for cancellation + if self.is_cancelled(): + print("\nScan cancelled by user", flush=True) + raise ScanCancelledError("Scan cancelled by user") + # Report ping results if progress_callback: progress_callback('ping', None, { @@ -907,6 +1010,11 @@ class SneakyScanner: progress_callback('tcp_scan', None, {'status': 'starting'}) tcp_results = self._run_masscan(all_ips, '0-65535', 'tcp') + # Check for cancellation + if self.is_cancelled(): + print("\nScan cancelled by user", flush=True) + raise ScanCancelledError("Scan cancelled by user") + # Perform UDP scan (if enabled) udp_enabled = os.environ.get('UDP_SCAN_ENABLED', 'false').lower() == 'true' udp_ports = os.environ.get('UDP_PORTS', '53,67,68,69,123,161,500,514,1900') @@ -916,6 +1024,11 @@ class SneakyScanner: if progress_callback: progress_callback('udp_scan', None, {'status': 'starting'}) udp_results = self._run_masscan(all_ips, udp_ports, 'udp') + + # Check for cancellation + if self.is_cancelled(): + print("\nScan cancelled by user", flush=True) + raise ScanCancelledError("Scan cancelled by user") else: print(f"\n[3/5] Skipping UDP scan (disabled)...", flush=True) if progress_callback: @@ -975,6 +1088,11 @@ class SneakyScanner: ip_ports = {ip: results_by_ip[ip]['actual']['tcp_ports'] for ip in all_ips} service_results = self._run_nmap_service_detection(ip_ports) + # Check for cancellation + if self.is_cancelled(): + print("\nScan cancelled by user", flush=True) + raise ScanCancelledError("Scan cancelled by user") + # Add service information to results for ip, services in service_results.items(): if ip in results_by_ip: diff --git a/app/web/api/scans.py b/app/web/api/scans.py index d4f25f4..1f6a314 100644 --- a/app/web/api/scans.py +++ b/app/web/api/scans.py @@ -14,6 +14,7 @@ from web.auth.decorators import api_auth_required from web.models import Scan, ScanProgress from web.services.scan_service import ScanService from web.utils.pagination import validate_page_params +from web.jobs.scan_job import stop_scan bp = Blueprint('scans', __name__) logger = logging.getLogger(__name__) @@ -242,6 +243,71 @@ def delete_scan(scan_id): }), 500 +@bp.route('//stop', methods=['POST']) +@api_auth_required +def stop_running_scan(scan_id): + """ + Stop a running scan. + + Args: + scan_id: Scan ID to stop + + Returns: + JSON response with stop status + """ + try: + session = current_app.db_session + + # Check if scan exists and is running + scan = session.query(Scan).filter_by(id=scan_id).first() + if not scan: + logger.warning(f"Scan not found for stop request: {scan_id}") + return jsonify({ + 'error': 'Not found', + 'message': f'Scan with ID {scan_id} not found' + }), 404 + + if scan.status != 'running': + logger.warning(f"Cannot stop scan {scan_id}: status is '{scan.status}'") + return jsonify({ + 'error': 'Invalid state', + 'message': f"Cannot stop scan: status is '{scan.status}'" + }), 400 + + # Get database URL from app config + db_url = current_app.config['SQLALCHEMY_DATABASE_URI'] + + # Attempt to stop the scan + stopped = stop_scan(scan_id, db_url) + + if stopped: + logger.info(f"Stop signal sent to scan {scan_id}") + return jsonify({ + 'scan_id': scan_id, + 'message': 'Stop signal sent to scan', + 'status': 'stopping' + }), 200 + else: + logger.warning(f"Failed to stop scan {scan_id}: not found in running scanners") + return jsonify({ + 'error': 'Stop failed', + 'message': 'Scan not found in running scanners registry' + }), 404 + + except SQLAlchemyError as e: + logger.error(f"Database error stopping scan {scan_id}: {str(e)}") + return jsonify({ + 'error': 'Database error', + 'message': 'Failed to stop scan' + }), 500 + except Exception as e: + logger.error(f"Unexpected error stopping scan {scan_id}: {str(e)}", exc_info=True) + return jsonify({ + 'error': 'Internal server error', + 'message': 'An unexpected error occurred' + }), 500 + + @bp.route('//status', methods=['GET']) @api_auth_required def get_scan_status(scan_id): diff --git a/app/web/jobs/scan_job.py b/app/web/jobs/scan_job.py index 66d36e5..6b48c21 100644 --- a/app/web/jobs/scan_job.py +++ b/app/web/jobs/scan_job.py @@ -7,6 +7,7 @@ updating database status and handling errors. import json import logging +import threading import traceback from datetime import datetime from pathlib import Path @@ -14,13 +15,49 @@ from pathlib import Path from sqlalchemy import create_engine from sqlalchemy.orm import sessionmaker -from src.scanner import SneakyScanner +from src.scanner import SneakyScanner, ScanCancelledError from web.models import Scan, ScanProgress from web.services.scan_service import ScanService from web.services.alert_service import AlertService logger = logging.getLogger(__name__) +# Registry for tracking running scanners (scan_id -> SneakyScanner instance) +_running_scanners = {} +_running_scanners_lock = threading.Lock() + + +def get_running_scanner(scan_id: int): + """Get a running scanner instance by scan ID.""" + with _running_scanners_lock: + return _running_scanners.get(scan_id) + + +def stop_scan(scan_id: int, db_url: str) -> bool: + """ + Stop a running scan. + + Args: + scan_id: ID of the scan to stop + db_url: Database connection URL + + Returns: + True if scan was cancelled, False if not found or already stopped + """ + logger.info(f"Attempting to stop scan {scan_id}") + + # Get the scanner instance + scanner = get_running_scanner(scan_id) + if not scanner: + logger.warning(f"Scanner for scan {scan_id} not found in registry") + return False + + # Cancel the scanner + scanner.cancel() + logger.info(f"Cancellation signal sent to scan {scan_id}") + + return True + def create_progress_callback(scan_id: int, session): """ @@ -186,6 +223,11 @@ def execute_scan(scan_id: int, config_id: int, db_url: str = None): # Initialize scanner with database config scanner = SneakyScanner(config_id=config_id) + # Register scanner in the running registry + with _running_scanners_lock: + _running_scanners[scan_id] = scanner + logger.debug(f"Scan {scan_id}: Registered in running scanners registry") + # Create progress callback progress_callback = create_progress_callback(scan_id, session) @@ -220,6 +262,19 @@ def execute_scan(scan_id: int, config_id: int, db_url: str = None): logger.info(f"Scan {scan_id}: Completed successfully") + except ScanCancelledError: + # Scan was cancelled by user + logger.info(f"Scan {scan_id}: Cancelled by user") + + scan = session.query(Scan).filter_by(id=scan_id).first() + if scan: + scan.status = 'cancelled' + scan.error_message = 'Scan cancelled by user' + scan.completed_at = datetime.utcnow() + if scan.started_at: + scan.duration = (datetime.utcnow() - scan.started_at).total_seconds() + session.commit() + except FileNotFoundError as e: # Config file not found error_msg = f"Configuration file not found: {str(e)}" @@ -249,6 +304,12 @@ def execute_scan(scan_id: int, config_id: int, db_url: str = None): logger.error(f"Scan {scan_id}: Failed to update error status in database: {str(db_error)}") finally: + # Unregister scanner from registry + with _running_scanners_lock: + if scan_id in _running_scanners: + del _running_scanners[scan_id] + logger.debug(f"Scan {scan_id}: Unregistered from running scanners registry") + # Always close the session session.close() logger.info(f"Scan {scan_id}: Background job completed, session closed") diff --git a/app/web/services/scan_service.py b/app/web/services/scan_service.py index c8406bf..c87f273 100644 --- a/app/web/services/scan_service.py +++ b/app/web/services/scan_service.py @@ -257,6 +257,9 @@ class ScanService: elif scan.status == 'failed': status_info['progress'] = 'Failed' status_info['error_message'] = scan.error_message + elif scan.status == 'cancelled': + status_info['progress'] = 'Cancelled' + status_info['error_message'] = scan.error_message return status_info diff --git a/app/web/templates/scan_detail.html b/app/web/templates/scan_detail.html index 98f9157..2e038c4 100644 --- a/app/web/templates/scan_detail.html +++ b/app/web/templates/scan_detail.html @@ -20,6 +20,10 @@ Refresh +
    @@ -471,8 +475,11 @@ } else if (scan.status === 'running') { statusBadge = 'Running'; document.getElementById('delete-btn').disabled = true; + document.getElementById('stop-btn').style.display = 'inline-block'; } else if (scan.status === 'failed') { statusBadge = 'Failed'; + } else if (scan.status === 'cancelled') { + statusBadge = 'Cancelled'; } else { statusBadge = `${scan.status}`; } @@ -697,6 +704,59 @@ } } + // Stop scan + async function stopScan() { + if (!confirm(`Are you sure you want to stop scan ${scanId}?`)) { + return; + } + + const stopBtn = document.getElementById('stop-btn'); + const stopText = document.getElementById('stop-text'); + const stopSpinner = document.getElementById('stop-spinner'); + + // Show loading state + stopBtn.disabled = true; + stopText.style.display = 'none'; + stopSpinner.style.display = 'inline-block'; + + try { + const response = await fetch(`/api/scans/${scanId}/stop`, { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + } + }); + + if (!response.ok) { + let errorMessage = `HTTP ${response.status}: Failed to stop scan`; + try { + const data = await response.json(); + errorMessage = data.message || errorMessage; + } catch (e) { + // Ignore JSON parse errors + } + throw new Error(errorMessage); + } + + // Show success message + showAlert('success', `Stop signal sent to scan ${scanId}.`); + + // Refresh scan data after a short delay + setTimeout(() => { + loadScan(); + }, 1000); + + } catch (error) { + console.error('Error stopping scan:', error); + showAlert('danger', `Failed to stop scan: ${error.message}`); + + // Re-enable button on error + stopBtn.disabled = false; + stopText.style.display = 'inline'; + stopSpinner.style.display = 'none'; + } + } + // Find previous scan and show compare button let previousScanId = null; let currentConfigId = null; diff --git a/app/web/templates/scans.html b/app/web/templates/scans.html index 3e5ac3b..af07c8f 100644 --- a/app/web/templates/scans.html +++ b/app/web/templates/scans.html @@ -26,6 +26,7 @@ +
    @@ -248,20 +249,27 @@ statusBadge = 'Running'; } else if (scan.status === 'failed') { statusBadge = 'Failed'; + } else if (scan.status === 'cancelled') { + statusBadge = 'Cancelled'; } else { statusBadge = `${scan.status}`; } + // Action buttons + let actionButtons = `View`; + if (scan.status === 'running') { + actionButtons += ``; + } else { + actionButtons += ``; + } + row.innerHTML = ` ${scan.id} ${scan.title || 'Untitled Scan'} ${timestamp} ${duration} ${statusBadge} - - View - ${scan.status !== 'running' ? `` : ''} - + ${actionButtons} `; tbody.appendChild(row); @@ -489,6 +497,33 @@ } } + // Stop scan + async function stopScan(scanId) { + if (!confirm(`Are you sure you want to stop scan ${scanId}?`)) { + return; + } + + try { + const response = await fetch(`/api/scans/${scanId}/stop`, { + method: 'POST' + }); + + if (!response.ok) { + const data = await response.json(); + throw new Error(data.message || 'Failed to stop scan'); + } + + // Show success message + showAlert('success', `Stop signal sent to scan ${scanId}.`); + + // Refresh scans after a short delay + setTimeout(() => loadScans(), 1000); + } catch (error) { + console.error('Error stopping scan:', error); + showAlert('danger', `Failed to stop scan: ${error.message}`); + } + } + // Delete scan async function deleteScan(scanId) { if (!confirm(`Are you sure you want to delete scan ${scanId}?`)) { diff --git a/app/web/utils/validators.py b/app/web/utils/validators.py index 2123c2a..5c355b2 100644 --- a/app/web/utils/validators.py +++ b/app/web/utils/validators.py @@ -23,7 +23,7 @@ def validate_scan_status(status: str) -> tuple[bool, Optional[str]]: >>> validate_scan_status('invalid') (False, 'Invalid status: invalid. Must be one of: running, completed, failed') """ - valid_statuses = ['running', 'completed', 'failed'] + valid_statuses = ['running', 'completed', 'failed', 'cancelled'] if status not in valid_statuses: return False, f'Invalid status: {status}. Must be one of: {", ".join(valid_statuses)}' -- 2.49.1 From 9bd2f6715072f8f9865daed23f605d7e95ae7b2f Mon Sep 17 00:00:00 2001 From: Phillip Tarrant Date: Fri, 21 Nov 2025 15:40:37 -0600 Subject: [PATCH 6/7] Add quick button to mark unexpected ports as expected Allow users to add ports to expected list directly from scan results page instead of navigating through site config pages. The button appears next to unexpected ports and updates the site IP configuration via the API. - Add site_id and site_ip_id to scan result data for linking to config - Add "Mark Expected" button next to unexpected ports in scan detail view - Implement markPortExpected() JS function to update site IP settings --- app/web/services/scan_service.py | 36 +++++++++++-- app/web/templates/scan_detail.html | 83 +++++++++++++++++++++++++++++- 2 files changed, 115 insertions(+), 4 deletions(-) diff --git a/app/web/services/scan_service.py b/app/web/services/scan_service.py index c87f273..ba518c6 100644 --- a/app/web/services/scan_service.py +++ b/app/web/services/scan_service.py @@ -16,7 +16,7 @@ from sqlalchemy.orm import Session, joinedload from web.models import ( Scan, ScanSite, ScanIP, ScanPort, ScanService as ScanServiceModel, - ScanCertificate, ScanTLSVersion, Site, ScanSiteAssociation + ScanCertificate, ScanTLSVersion, Site, ScanSiteAssociation, SiteIP ) from web.utils.pagination import paginate, PaginatedResult from web.utils.validators import validate_scan_status @@ -630,17 +630,47 @@ class ScanService: def _site_to_dict(self, site: ScanSite) -> Dict[str, Any]: """Convert ScanSite to dictionary.""" + # Look up the master Site ID from ScanSiteAssociation + master_site_id = None + assoc = ( + self.db.query(ScanSiteAssociation) + .filter( + ScanSiteAssociation.scan_id == site.scan_id, + ) + .join(Site) + .filter(Site.name == site.site_name) + .first() + ) + if assoc: + master_site_id = assoc.site_id + return { 'id': site.id, 'name': site.site_name, - 'ips': [self._ip_to_dict(ip) for ip in site.ips] + 'site_id': master_site_id, # The actual Site ID for config updates + 'ips': [self._ip_to_dict(ip, master_site_id) for ip in site.ips] } - def _ip_to_dict(self, ip: ScanIP) -> Dict[str, Any]: + def _ip_to_dict(self, ip: ScanIP, site_id: Optional[int] = None) -> Dict[str, Any]: """Convert ScanIP to dictionary.""" + # Look up the SiteIP ID for this IP address in the master Site + site_ip_id = None + if site_id: + site_ip = ( + self.db.query(SiteIP) + .filter( + SiteIP.site_id == site_id, + SiteIP.ip_address == ip.ip_address + ) + .first() + ) + if site_ip: + site_ip_id = site_ip.id + return { 'id': ip.id, 'address': ip.ip_address, + 'site_ip_id': site_ip_id, # The actual SiteIP ID for config updates 'ping_expected': ip.ping_expected, 'ping_actual': ip.ping_actual, 'ports': [self._port_to_dict(port) for port in ip.ports] diff --git a/app/web/templates/scan_detail.html b/app/web/templates/scan_detail.html index 2e038c4..2d83a75 100644 --- a/app/web/templates/scan_detail.html +++ b/app/web/templates/scan_detail.html @@ -586,6 +586,19 @@ const screenshotPath = service && service.screenshot_path ? service.screenshot_path : null; const certificate = service && service.certificates && service.certificates.length > 0 ? service.certificates[0] : null; + // Build status cell with optional "Mark Expected" button + let statusCell; + if (port.expected) { + statusCell = 'Expected'; + } else { + // Show "Unexpected" badge with "Mark Expected" button if site_id and site_ip_id are available + const canMarkExpected = site.site_id && ip.site_ip_id; + statusCell = `Unexpected`; + if (canMarkExpected) { + statusCell += ` `; + } + } + const row = document.createElement('tr'); row.classList.add('scan-row'); // Fix white row bug row.innerHTML = ` @@ -595,7 +608,7 @@ ${service ? service.service_name : '-'} ${service ? service.product || '-' : '-'} ${service ? service.version || '-' : '-'} - ${port.expected ? 'Expected' : 'Unexpected'} + ${statusCell} ${screenshotPath ? `` : '-'} ${certificate ? `` : '-'} `; @@ -757,6 +770,74 @@ } } + // Mark a port as expected in the site config + async function markPortExpected(siteId, ipId, portNumber, protocol) { + try { + // First, get the current IP settings - fetch all IPs with high per_page to find the one we need + const getResponse = await fetch(`/api/sites/${siteId}/ips?per_page=200`); + if (!getResponse.ok) { + throw new Error('Failed to get site IPs'); + } + const ipsData = await getResponse.json(); + + // Find the IP in the site + const ipData = ipsData.ips.find(ip => ip.id === ipId); + if (!ipData) { + throw new Error('IP not found in site'); + } + + // Get current expected ports + let expectedTcpPorts = ipData.expected_tcp_ports || []; + let expectedUdpPorts = ipData.expected_udp_ports || []; + + // Add the new port to the appropriate list + if (protocol.toLowerCase() === 'tcp') { + if (!expectedTcpPorts.includes(portNumber)) { + expectedTcpPorts.push(portNumber); + expectedTcpPorts.sort((a, b) => a - b); + } + } else if (protocol.toLowerCase() === 'udp') { + if (!expectedUdpPorts.includes(portNumber)) { + expectedUdpPorts.push(portNumber); + expectedUdpPorts.sort((a, b) => a - b); + } + } + + // Update the IP settings + const updateResponse = await fetch(`/api/sites/${siteId}/ips/${ipId}`, { + method: 'PUT', + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ + expected_tcp_ports: expectedTcpPorts, + expected_udp_ports: expectedUdpPorts + }) + }); + + if (!updateResponse.ok) { + let errorMessage = 'Failed to update IP settings'; + try { + const errorData = await updateResponse.json(); + errorMessage = errorData.message || errorMessage; + } catch (e) { + // Ignore JSON parse errors + } + throw new Error(errorMessage); + } + + // Show success message + showAlert('success', `Port ${portNumber}/${protocol.toUpperCase()} added to expected ports for this IP. Refresh the page to see updated status.`); + + // Optionally refresh the scan data to show the change + // Note: The scan data itself won't change, but the user knows it's been updated + + } catch (error) { + console.error('Error marking port as expected:', error); + showAlert('danger', `Failed to mark port as expected: ${error.message}`); + } + } + // Find previous scan and show compare button let previousScanId = null; let currentConfigId = null; -- 2.49.1 From f24bd11dfd80cc2f003dd6c98c9dbe9e17d8a245 Mon Sep 17 00:00:00 2001 From: Phillip Tarrant Date: Fri, 21 Nov 2025 16:03:53 -0600 Subject: [PATCH 7/7] Add unique IP count and duplicate detection to sites page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The sites page previously showed total IP count which included duplicates across multiple sites, leading to inflated numbers. Now displays unique IP count as the primary metric with duplicate count shown when present. - Add get_global_ip_stats() method to SiteService for unique/duplicate counts - Update /api/sites?all=true endpoint to include IP statistics - Update sites.html to display unique IPs with optional duplicate indicator - Update API documentation with new response fields 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- app/web/api/sites.py | 8 +++++++- app/web/services/site_service.py | 28 ++++++++++++++++++++++++++++ app/web/templates/sites.html | 23 +++++++++++++++++------ docs/API_REFERENCE.md | 31 +++++++++++++++++++++++++++++-- 4 files changed, 81 insertions(+), 9 deletions(-) diff --git a/app/web/api/sites.py b/app/web/api/sites.py index 6440c3e..c1ccc5a 100644 --- a/app/web/api/sites.py +++ b/app/web/api/sites.py @@ -36,9 +36,15 @@ def list_sites(): if request.args.get('all', '').lower() == 'true': site_service = SiteService(current_app.db_session) sites = site_service.list_all_sites() + ip_stats = site_service.get_global_ip_stats() logger.info(f"Listed all sites (count={len(sites)})") - return jsonify({'sites': sites}) + return jsonify({ + 'sites': sites, + 'total_ips': ip_stats['total_ips'], + 'unique_ips': ip_stats['unique_ips'], + 'duplicate_ips': ip_stats['duplicate_ips'] + }) # Get and validate query parameters page = request.args.get('page', 1, type=int) diff --git a/app/web/services/site_service.py b/app/web/services/site_service.py index f4a4fb7..739e60d 100644 --- a/app/web/services/site_service.py +++ b/app/web/services/site_service.py @@ -228,6 +228,34 @@ class SiteService: return [self._site_to_dict(site) for site in sites] + def get_global_ip_stats(self) -> Dict[str, int]: + """ + Get global IP statistics across all sites. + + Returns: + Dictionary with: + - total_ips: Total count of IP entries (including duplicates) + - unique_ips: Count of distinct IP addresses + - duplicate_ips: Number of duplicate entries (total - unique) + """ + # Total IP entries + total_ips = ( + self.db.query(func.count(SiteIP.id)) + .scalar() or 0 + ) + + # Unique IP addresses + unique_ips = ( + self.db.query(func.count(func.distinct(SiteIP.ip_address))) + .scalar() or 0 + ) + + return { + 'total_ips': total_ips, + 'unique_ips': unique_ips, + 'duplicate_ips': total_ips - unique_ips + } + def bulk_add_ips_from_cidr(self, site_id: int, cidr: str, expected_ping: Optional[bool] = None, expected_tcp_ports: Optional[List[int]] = None, diff --git a/app/web/templates/sites.html b/app/web/templates/sites.html index 074ba3b..0684fa1 100644 --- a/app/web/templates/sites.html +++ b/app/web/templates/sites.html @@ -26,8 +26,11 @@
    -
    -
    -
    Total IPs
    +
    -
    +
    Unique IPs
    +
    @@ -499,7 +502,7 @@ async function loadSites() { const data = await response.json(); sitesData = data.sites || []; - updateStats(); + updateStats(data.unique_ips, data.duplicate_ips); renderSites(sitesData); document.getElementById('sites-loading').style.display = 'none'; @@ -514,12 +517,20 @@ async function loadSites() { } // Update summary stats -function updateStats() { +function updateStats(uniqueIps, duplicateIps) { const totalSites = sitesData.length; - const totalIps = sitesData.reduce((sum, site) => sum + (site.ip_count || 0), 0); document.getElementById('total-sites').textContent = totalSites; - document.getElementById('total-ips').textContent = totalIps; + document.getElementById('unique-ips').textContent = uniqueIps || 0; + + // Show duplicate count if there are any + if (duplicateIps && duplicateIps > 0) { + document.getElementById('duplicate-ips').textContent = duplicateIps; + document.getElementById('duplicate-ips-label').style.display = 'block'; + } else { + document.getElementById('duplicate-ips-label').style.display = 'none'; + } + document.getElementById('sites-in-use').textContent = '-'; // Will be updated async // Count sites in use (async) diff --git a/docs/API_REFERENCE.md b/docs/API_REFERENCE.md index 1bcc7ad..10f4aff 100644 --- a/docs/API_REFERENCE.md +++ b/docs/API_REFERENCE.md @@ -117,7 +117,7 @@ Retrieve a paginated list of all sites. | `per_page` | integer | No | 20 | Items per page (1-100) | | `all` | string | No | - | Set to "true" to return all sites without pagination | -**Success Response (200 OK):** +**Success Response (200 OK) - Paginated:** ```json { "sites": [ @@ -139,13 +139,40 @@ Retrieve a paginated list of all sites. } ``` +**Success Response (200 OK) - All Sites (all=true):** +```json +{ + "sites": [ + { + "id": 1, + "name": "Production DC", + "description": "Production datacenter servers", + "ip_count": 25, + "created_at": "2025-11-19T10:30:00Z", + "updated_at": "2025-11-19T10:30:00Z" + } + ], + "total_ips": 100, + "unique_ips": 85, + "duplicate_ips": 15 +} +``` + +**Response Fields (all=true):** + +| Field | Type | Description | +|-------|------|-------------| +| `total_ips` | integer | Total count of IP entries across all sites (including duplicates) | +| `unique_ips` | integer | Count of distinct IP addresses | +| `duplicate_ips` | integer | Number of duplicate IP entries (total_ips - unique_ips) | + **Usage Example:** ```bash # List first page curl -X GET http://localhost:5000/api/sites \ -b cookies.txt -# Get all sites (for dropdowns) +# Get all sites with global IP stats curl -X GET "http://localhost:5000/api/sites?all=true" \ -b cookies.txt ``` -- 2.49.1