Inkampani ye-Cloudflare mayelana nokuvula ikhodi yomthombo yephrojekthi , eskena abasingathi kunethiwekhi ukuze bathole ubungozi obunganamathiselwe. I-Flan Scan iyisengezo kusikena sokuphepha senethiwekhi , ukwenza lokhu okwakamuva kube ithuluzi elinezici ezigcwele zokuhlonza ababungazi abasengozini kumanethiwekhi amakhulu. Ikhodi yephrojekthi ibhalwe kuPython futhi ngaphansi kwelayisensi ye-BSD.
I-Flan Scan yenza kube lula ukuthola izimbobo zenethiwekhi ezivulekile kunethiwekhi ngaphansi kophenyo, inqume izinsiza ezihambisana nazo kanye nezinguqulo zezinhlelo ezisetshenziswayo, futhi iphinde ikhiqize uhlu lobungozi obuthinta izinsizakalo ezikhonjiwe. Ngemva kokuqedwa komsebenzi, kukhiqizwa umbiko ofingqiwe wezinkinga ezikhonjiwe futhi uklelisa izihlonzi ze-CVE ezihlobene nokuba sengozini okutholiwe, okuhlungwe ngobunzima.
Ukuze kutholwe ubungozi obuthinta amasevisi, kusetshenziswa iskripthi esinikezwe i-nmap (inguqulo yakamuva ingalandwa kusuka ), ukufinyelela kusizindalwazi . Umphumela ofanayo ungatholakala ngomyalo:
nmap -sV -oX /shared/xml_files -oN — -v1 —script=scripts/vulners.nse ip-address
I-“-sV” iqala imodi yokuskena isevisi, i-“-oX” icacisa uhla lwemibhalo lombiko we-XML, i-“-oN” isetha imodi evamile yokukhipha imiphumela kukhonsoli, -v1 isetha ileveli yemininingwane yokuphumayo, “--script” ibhekisela kuskripthi se-vulners.nse ukuze kuqhathaniswe amasevisi ahlonziwe ngobungozi obaziwayo.
Imisebenzi eyenziwa i-Flan Scan yehliselwa ekwenzeni lula ukuthunyelwa kwesistimu yokuskena yokuba sengozini esekelwe ku-nmap kumanethiwekhi amakhulu nasezindaweni zamafu. Umbhalo unikeziwe ukuze kusetshenziswe ngokushesha isiqukathi se-Docker esisodwa noma i-Kubernetes ukuze kuqalise inqubo yokuqinisekisa emafini futhi kuphushe umphumela ku-Google Cloud Storage noma i-Amazon S3. Ngokusekelwe embikweni ohleliwe we-XML okhiqizwe i-nmap, i-Flan Scan ikhiqiza umbiko ofundeka kalula ngefomethi ye-LaTeX ongaguqulelwa ku-PDF.
Source: opennet.ru