Write a Script to Perform a Vulnerability Scan of the Listed Services

30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

This time we need to write an automated vulnerability scan of the server using Python. This Python script will make use of Nmap. The must do the following:

* Perform a broad full vulnerability sweep.
* Generatea report and send it to the admin by email.
* Be scheduled to run every week.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install EPEL repos, Nmap, sendemail, python36, python36-devel, and git
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo yum install nmap python36 python36-devel
sudo yum install git
sudo yum install sendemail
Get vulnersCom and Perform a Vulnerability Scan of httpd, mariadb, and sshd
git clone https://github.com/vulnersCom/nmap-vulners.git
sudo mv /home/cloud_user/nmap-vulners/ /usr/share/nmap/scripts/
nmap -sV --script nmap-vulners <IP> -p22,80,3306
Write a Python Script to Incorporate the Scans and Send Results via Email
vim /home/cloud_user/scan.py
#!/bin/python3.6

import subprocess

p = subprocess.Popen(["nmap", "-sV", "--script", "nmap-vulners", "[IP_ADDRESS]", "-p22,80,3306"], stdout=subprocess.PIPE)
(output, err) = p.communicate()
msg = output.decode('utf-8').strip()

subprocess.check_output(['sendemail', '-f', '[FROM_EMAIL]', '-u', 'AUTH_NOTIFICATION', '-t', '[TO_EMAIL]', '-s', 'smtp.gmail.com:587', '-o', 'tls=yes', '-xu', '[USER_NAME]', '-xp', '[PASSWORD]', '-m', msg], stdin=None, stderr=None, shell=False, universal_newlines=False)
ESC
:wq
ENTER
chmod +x /home/cloud_user/scan.py
Configure the Script to Run Once a Week
sudo crontab -e
@weekly /home/cloud_user/scan.py
ESC 
:wq
ENTER

Additional Resources

Lab Conditions

  • Nmap is not installed
  • Web server is running
  • sshd server is running
  • MariaDB is running
  • sendemail is not installed
  • EPEL repos are not enabled
  • Python3.6 is not installed nor is python3.6-devel

Additional Lab Requirements

  • Personal Gmail account
  • Enabled less secure app access

Lab Overall Objectives

  • Install Nmap
  • Enable EPEL repos
  • Install sendemail
  • Install python3.6
  • Install python3.6-devel
  • Perform a vulnerability scan of:
    • httpd
    • MariaDB
    • sshd
  • Send results via email
  • Write a Python script to incorporate the scans and send the result via email
  • Configure the script to run once a week

EPEL Repo

https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

vulnersCom Git Repo

https://github.com/vulnersCom/nmap-vulners.git

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!