Write a Script to Perform a Vulnerability Scan of the Listed Services

30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

This time we need to write an automated vulnerability scan of the server using Python. This Python script will make use of Nmap. The must do the following:

* Perform a broad full vulnerability sweep.
* Generatea report and send it to the admin by email.
* Be scheduled to run every week.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install EPEL repos, Nmap, sendemail, python36, python36-devel, and git
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo yum install nmap python36 python36-devel
sudo yum install git
sudo yum install sendemail
Get vulnersCom and Perform a Vulnerability Scan of httpd, mariadb, and sshd
git clone https://github.com/vulnersCom/nmap-vulners.git
sudo mv /home/cloud_user/nmap-vulners/ /usr/share/nmap/scripts/
nmap -sV --script nmap-vulners <IP> -p22,80,3306
Write a Python Script to Incorporate the Scans and Send Results via Email
vim /home/cloud_user/scan.py

import subprocess

p = subprocess.Popen(["nmap", "-sV", "--script", "nmap-vulners", "[IP_ADDRESS]", "-p22,80,3306"], stdout=subprocess.PIPE)
(output, err) = p.communicate()
msg = output.decode('utf-8').strip()

subprocess.check_output(['sendemail', '-f', '[FROM_EMAIL]', '-u', 'AUTH_NOTIFICATION', '-t', '[TO_EMAIL]', '-s', 'smtp.gmail.com:587', '-o', 'tls=yes', '-xu', '[USER_NAME]', '-xp', '[PASSWORD]', '-m', msg], stdin=None, stderr=None, shell=False, universal_newlines=False)
chmod +x /home/cloud_user/scan.py
Configure the Script to Run Once a Week
sudo crontab -e
@weekly /home/cloud_user/scan.py

Additional Resources

Lab Conditions

  • Nmap is not installed
  • Web server is running
  • sshd server is running
  • MariaDB is running
  • sendemail is not installed
  • EPEL repos are not enabled
  • Python3.6 is not installed nor is python3.6-devel

Additional Lab Requirements

  • Personal Gmail account
  • Enabled less secure app access

Lab Overall Objectives

  • Install Nmap
  • Enable EPEL repos
  • Install sendemail
  • Install python3.6
  • Install python3.6-devel
  • Perform a vulnerability scan of:
    • httpd
    • MariaDB
    • sshd
  • Send results via email
  • Write a Python script to incorporate the scans and send the result via email
  • Configure the script to run once a week



vulnersCom Git Repo


What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?