If I run nmap with the following parameters:
nmap -T4 --top-ports 7500 -Pn -oX output.xml xxx.xxx.xxx.xxx
I get output in the XML file
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///C:/Program Files (x86)/Nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.80 scan initiated Thu May 14 08:39:46 2020 as: nmap -T4 --top-ports 7500 -Pn -oX output.xml xxx.xxx.xxx.xxx -->
<nmaprun scanner="nmap" args="nmap -T4 --top-ports 7500 -Pn -oX output.xml xxx.xxx.xxx.xxx" start="1589470786" startstr="Thu May 14 08:39:46 2020" version="7.80" xmloutputversion="1.04">
<scaninfo type="syn" protocol="tcp" numservices="7500" services="1-35,37-226,228-231,REDACTED-FOR-BREVITIY" />
<verbose level="0" />
<debugging level="0" />
<host starttime="1589470788" endtime="1589470801">
<status state="up" reason="user-set" reason_ttl="0" />
<address addr="xxx.xxx.xxx.xxx" addrtype="ipv4" />
<hostnames />
<ports>
<extraports state="filtered" count="4290">
<extrareasons reason="no-responses" count="4290" />
</extraports>
<extraports state="closed" count="3209">
<extrareasons reason="resets" count="3209" />
</extraports>
<port protocol="tcp" portid="22">
<state state="open" reason="syn-ack" reason_ttl="53" />
<service name="ssh" method="table" conf="3" />
</port>
</ports>
<times srtt="77169" rttvar="3497" to="100000" />
</host>
<runstats>
<finished time="1589470801" timestr="Thu May 14 08:40:01 2020" elapsed="15.07" summary="Nmap done at Thu May 14 08:40:01 2020; 1 IP address (1 host up) scanned in 15.07 seconds" exit="success" />
<hosts up="1" down="0" total="1" />
</runstats>
</nmaprun>
I am trying to determine which 4290 ports are filtered (no-response) and which 3209 are closed (reset).
Is there some combination of nmap flags that can be used to output to XML format, and not to condense the filtered/closed ports?
I wasn't able to find this specified in the documentation:
https://nmap.org/book/nping-man-output-options.html
But running the nmap command with a debug level of 3 (-d3) causes nmap to write each port individually to the file. It also writes a ton of debug information to stdout, which is unfortunate in my use case.
nmap -T4 --top-ports 7500 -Pn -d3 -oX output.xml xxx.xxx.xxx.xxx
<ports><port protocol="tcp" portid="1"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="tcpmux" method="table" conf="3"/></port>
<port protocol="tcp" portid="2"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="compressnet" method="table" conf="3"/></port>
<port protocol="tcp" portid="3"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="compressnet" method="table" conf="3"/></port>
<port protocol="tcp" portid="4"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>
<port protocol="tcp" portid="5"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="rje" method="table" conf="3"/></port>
<port protocol="tcp" portid="6"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>
Related
I'm trying to add a condition before installing PostgreSQL on Wix bundle.
I'm expecting it to check if there is an installed version of PostgreSQL as you can see on my following code:
<?xml version="1.0" encoding="UTF-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
<Bundle Name="Title" Version="1.0.0.0" Manufacturer="Manufacture" UpgradeCode="5aee5af2-10c7-42d1-bde6-c7dadf736786">
<BootstrapperApplicationRef Id="WixStandardBootstrapperApplication.RtfLicense"/>
<?define InstallPgCommand=--unattendedmodeui minimal --mode unattended --superpassword "super_pwd" --servicename "service_name" --servicepassword "service_pwd" --serverport 5433?>
<Chain>
<!-- Install postgres -->
<ExePackage
SourceFile="ThirdPartyApps\postgresql-14.3-1-windows-x64.exe"
Compressed ="yes"
Vital ="yes"
Permanent ="yes"
InstallCommand="$(var.InstallPgCommand)"
InstallCondition="NOT POSTGRESINSTALLED"
/>
</Chain>
</Bundle>
<Fragment>
<Property Id="POSTGRESINSTALLED">
<RegistrySearch Id="POSTGRESINSTALLED_SEARCH" Key="SOFTWARE\PostgreSQL\Installations\postgresql-x64-14" Root="HKLM" Type="raw" Name="Branding" />
</Property>
</Fragment>
</Wix>
But it didn't work as expect.
Can you tell me what I'm doing wrong ? Thanks everyone
RegistrySearch is for MSI packages. For bundles, use util:RegistrySearch instead.
Is there anyway i can access the same node via 2 different users (appuser,webuser) to execute scripts?
Will it be ambiguous if there is another entry made for the same node with different username?
test1:
hostname: "10.35.20.76"
nodename: "test1"
osArch: "x86"
osFamily: "unix"
osName: "Solaris"
osVersion: "11.4"
tags: "TEST"
username: "appuser"
A good option to do that is to use a job option pointing to your resources file, in this way:
Job Definition example:
<joblist>
<job>
<context>
<options preserveOrder='true'>
<option name='opt1' value='vagrant' />
</options>
</context>
<defaultTab>nodes</defaultTab>
<description></description>
<dispatch>
<excludePrecedence>true</excludePrecedence>
<keepgoing>false</keepgoing>
<rankOrder>ascending</rankOrder>
<successOnEmptyNodeFilter>false</successOnEmptyNodeFilter>
<threadcount>1</threadcount>
</dispatch>
<executionEnabled>true</executionEnabled>
<id>eaf3f18e-97c0-4c85-b2fd-9a0b8dd8696e</id>
<loglevel>INFO</loglevel>
<name>HelloWorld</name>
<nodeFilterEditable>false</nodeFilterEditable>
<nodefilters>
<filter>name: node00</filter>
</nodefilters>
<nodesSelectedByDefault>true</nodesSelectedByDefault>
<scheduleEnabled>true</scheduleEnabled>
<sequence keepgoing='false' strategy='node-first'>
<command>
<exec>echo "done"</exec>
</command>
</sequence>
<uuid>eaf3f18e-97c0-4c85-b2fd-9a0b8dd8696e</uuid>
</job>
</joblist>
Resources.xml example (check the "username" attribute):
<?xml version="1.0" encoding="UTF-8"?>
<project>
<node name="mylocalhost" description="Rundeck server node" tags="" hostname="mylocalhost" osArch="amd64" osFamily="unix" osName="Linux" osVersion="5.15.0-66-generic" username="jdoe"/>
<node name="node00" description="Node 00" tags="" hostname="192.168.33.20" osArch="amd64" osFamily="unix" osName="Linux" osVersion="4.10.0-1062.4.1.el7.x86_64" username="${option.opt1}" ssh-key-storage-path="keys/rundeck"/>
</project>
Also, you can do the same using passwords. Take a look at this.
I have created a job with 2 options for the user writes his login/password. This credentials will be used later in a playbook as extra-variables.
But all this credentials are readable in logs !!!
How to workaround that ?
You can use the "Mask Password" Log filter in your inline-playbook or your playbook steps (also, for any Rundeck step), you can check the documentation here. I did a Job Definition example that works:
<joblist>
<job>
<context>
<options preserveOrder='true'>
<option name='opt1' secure='true' value='12345' valueExposed='true' />
</options>
</context>
<defaultTab>nodes</defaultTab>
<description></description>
<dispatch>
<excludePrecedence>true</excludePrecedence>
<keepgoing>false</keepgoing>
<rankOrder>ascending</rankOrder>
<successOnEmptyNodeFilter>false</successOnEmptyNodeFilter>
<threadcount>1</threadcount>
</dispatch>
<executionEnabled>true</executionEnabled>
<id>2c9b3903-a545-4dbd-aeac-578889dbb611</id>
<loglevel>INFO</loglevel>
<name>HelloWorld</name>
<nodeFilterEditable>false</nodeFilterEditable>
<nodefilters>
<filter>name: 192.168.33.20</filter>
</nodefilters>
<nodesSelectedByDefault>true</nodesSelectedByDefault>
<scheduleEnabled>true</scheduleEnabled>
<sequence keepgoing='false' strategy='node-first'>
<command>
<node-step-plugin type='com.batix.rundeck.plugins.AnsiblePlaybookInlineWorkflowNodeStep'>
<configuration>
<entry key='ansible-base-dir-path' value='/home/user/' />
<entry key='ansible-become' value='false' />
<entry key='ansible-playbook-inline' value='---
# This playbook prints a simple debug message
- name: Echo
hosts: all
connection: local
tasks:
- name: Print debug message
debug:
msg: ${option.opt1}' />
<entry key='ansible-ssh-passphrase-option' value='option.password' />
<entry key='ansible-ssh-use-agent' value='false' />
</configuration>
</node-step-plugin>
<plugins>
<LogFilter type='LogFilter:mask-passwords'>
<config>
<color>red</color>
<replacement>[SECURE]</replacement>
</config>
</LogFilter>
</plugins>
</command>
</sequence>
<uuid>2c9b3903-a545-4dbd-aeac-578889dbb611</uuid>
</job>
</joblist>
<joblist>
<job>
<context>
<options preserveOrder='true'>
<option name='PDATE' value='${DATE:yyyyMMdd}' />
<option name='TSTAMP' value='${DATE:yyyy-MM-dd'T'HH.mm.ssXX}' />
</options>
</context>
<description>Load Adjustment Transactions</description>
<dispatch>
<excludePrecedence>true</excludePrecedence>
<keepgoing>false</keepgoing>
<rankOrder>ascending</rankOrder>
<successOnEmptyNodeFilter>false</successOnEmptyNodeFilter>
<threadcount>1</threadcount>
</dispatch>
<executionEnabled>true</executionEnabled>
<group>PointsUpdate</group>
<id>6475eb91-926f-476b-bf05-85f5e8b22eae</id>
<loglevel>INFO</loglevel>
<name>sglp-jbadjust</name>
<nodeFilterEditable>true</nodeFilterEditable>
<nodefilters>
<filter>.*</filter>
</nodefilters>
<nodesSelectedByDefault>true</nodesSelectedByDefault>
<schedule>
<dayofmonth />
<month day='*' month='*' />
<time hour='00' minute='00' seconds='00' />
<year year='*' />
</schedule>
<scheduleEnabled>false</scheduleEnabled>
<sequence keepgoing='false' strategy='sequential'>
<command>
<exec>echo one ${option.PDATE} two ${option.TSTAMP} three</exec>
</command>
</sequence>
</job>
</joblist>
git-import importing this gives me errors, but I do not know why:
Failed importing: rundeck/jobs/PointsUpdate_0014.xml: rundeck.controllers.JobXMLException: Unable to parse xml: org.xml.sax.SAXParseException; lineNumber: 30; columnNumber: 110; Attribute "name" was already specified for element "option".
Importing into the Rundeck GUI works fine, no errors reported, and options are correct.
I just imported your job and also tested using Tomcat 9 + Rundeck 2.4.3 + Linux. I'm not able to reproduce this error. May you provide additional data about Rundeck version,installation method,OS?
Importing using GIT
Importing using GUI
I want to run a PowerShell-Script before and after the installation with the msi-file. Below you can see the basic content of my configuration in Visual Studio 2013 for wix-project. The msi is compiled without errors and I can run the msi-file and go through the steps till the end of installation without errors.
In the log I can see, that the CustomAction had been started, but this cannot be true because the directory that should have been created by the underlying script has not been created.
If I run the script-file manually by powershell everything runs well. So the script itself should work and does not throw an error.
Any suggestions what is wrong here?
Wix-Project:
<Product Id="*" Name="MyAPP" Language="1031" Version="1.0.0.0" Manufacturer="Me" UpgradeCode="2A0A9FDB-9DD2-4058-8742-885EF63BFF37">
<!-- 6e8e53ce-66e4-4d97-900c-9678b83e44cc"> -->
<Package InstallerVersion="400" Compressed="yes" InstallScope="perMachine" Languages="1031" Manufacturer="Me" Description="Installiert den MyApp auf ihr System" Comments="NOTHING TO COMMENT"/>
<MediaTemplate EmbedCab="yes" />
<!-- Major Upgrade Rule to disallow downgrades -->
<MajorUpgrade DowngradeErrorMessage="Eine neuere Version vom [ProductName] ist bereits installiert." />
<!-- ################################### -->
<!-- Aktionen vor installation ##########-->
<!-- ################################### -->
<InstallExecuteSequence>
<Custom Action="StartBatchFile" After="InstallInitialize"/>
<Custom Action="EndBatchFile" After="InstallFinalize"/>
</InstallExecuteSequence>
<CustomAction Id="StartBatchFile"
Property="RegisterHttpModulePowerShellProperty"
Value=""C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -Version 2.0 -NoProfile -NonInteractive -InputFormat None -ExecutionPolicy Bypass -File "./BeforeInstallationScript.ps1" "[DIR_ComponentRef]""
Execute="immediate" />
<CustomAction Id="EndBatchFile"
Property="RegisterHttpModulePowerShellProperty"
Value=""C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" o-Versin 2.0 -NoProfile -NonInteractive -InputFormat None -ExecutionPolicy Bypass -File "./AfterInstallationScript.ps1" "[DIR_ComponentRef]""
Execute="immediate" />
<WixVariable Id="WixUIBannerBmp" Value="WixUIBannerBmp.bmp" />
<!-- Background bitmap used on the welcome and completion dialogs 493 × 312 -->
<WixVariable Id="WixUIDialogBmp" Value="WixUIDialogBmp.bmp" />
<!-- ################################### -->
<!-- User-Interface ####################-->
<!-- ################################### -->
<Property Id="WIXUI_INSTALLDIR">DIR_ComponentRef</Property>
<UIRef Id="WixUI_InstallDir" />
<UIRef Id="WixUI_ErrorProgressText" />
<!-- ################################### -->
<!-- Notwendige Abhaengigkeiten ########-->
<!-- ################################### -->
<PropertyRef Id="NETFRAMEWORK40FULL"/>
<Condition Message="Diese Anwendung benoetigt .NET Framework 4.0. Bitte installieren sie zuerst das .NET Framework und starten Sie die Installation erneut.">
<![CDATA[Installed OR NETFRAMEWORK40FULL]]>
</Condition>
<!-- ################################### -->
<!-- FEATURE-Installation ##############-->
<!-- ################################### -->
<Feature Id="FEATURE_MyApp" Title="MyApp" Description="Installiert die Datein des MyApps auf das System" Level="1" AllowAdvertise="no" ConfigurableDirectory="DIR_ComponentRef">
<ComponentRef Id="[...]"/>
[...]
</Feature>
</Product>
<Fragment>
<!-- ################################### -->
<!-- Ordner-Struktur ################### -->
<!-- ################################### -->
<Directory Id="TARGETDIR" Name="SourceDir">
<Directory Id="ProgramFilesFolder">
<Directory Id="DIR_ComponentRef" Name="MyApp">
<Directory Id="DIR_CONFIGURATION" Name="configuration">
[...]
</Directory>
</Directory>
</Directory>
</Directory>
</Fragment>
<Fragment>
[...]
<!-- ################################### -->
<!-- Componenten-Definition ######## -->
<!-- ################################### -->
<DirectoryRef Id="DIR_ComponentRef">
<Component Id="CMP_MyApp.exe">
<File Id="MyApp.exe" Source="$(var.SourcePath)MyApp.exe" KeyPath="yes" Checksum="yes" />
</Component>
[...]
</DirectoryRef>
</Fragment>
</Wix>
Log-Result:
=== Protokollierung gestartet: 16.11.2016 10:41:12 ===
Aktion 10:41:12: INSTALL.
[...]
Aktion 10:41:35: StartBatchFile.
Aktion gestartet um 10:41:35: StartBatchFile.
Aktion beendet um 10:41:35: StartBatchFile. Rückgabewert 1.
[...]
Aktion beendet um 10:41:38: InstallFinalize. Rückgabewert 1.
Aktion 10:41:38: EndBatchFile.
Aktion gestartet um 10:41:38: EndBatchFile.
Aktion beendet um 10:41:38: EndBatchFile. Rückgabewert 1.
Aktion beendet um 10:41:38: INSTALL. Rückgabewert 1.
[...]
Let me know if you need further informations.
I'm not sure if the CustomActioncan find the PS1 file under the local directory. Try to adapt the WIX file with following blocks
<!-- Ensure PowerShell is installed and obtain the PowerShell executable location -->
<Property Id="POWERSHELLEXE" Secure="yes">
<RegistrySearch Id="POWERSHELLEXE"
Type="raw"
Root="HKLM"
Key="SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell"
Name="Path" />
</Property>
<Condition Message="This application requires Windows PowerShell.">
<![CDATA[Installed OR POWERSHELLEXE]]>
</Condition>
....
<CustomAction Id="RegisterPowershellCommandStop"
Property="CallPowerShellCommandStop"
Value=""[POWERSHELLEXE]" -NoLogo -NonInteractive -InputFormat None -ExecutionPolicy Bypass -NoProfile -File "[INSTALLFOLDER]ServiceStartStop.ps1" "[SERVICENAME]" "stop""
Execute="immediate" />
....
<DirectoryRef Id="INSTALLFOLDER">
<Component Id="CMP_StartStopServicesScript" Guid="*">
<File Id="FILE_StartStopServicesScript" Source="!(wix.binDirectory)\ServiceStartStop.ps1" KeyPath ="yes" />
</Component>
...
In this case we're calling PS ("stored" in [POWERSHELLEXE]to start ServiceStartStop.ps1 (located under [INSTALLDIR]).
Hope that helps.