Group CLI flags and make --help text for modules descriptive (#571)

* grouped CLI flags

* alphabetize

* add ini parser and CLI flag groupings

* extract cli functions into a separate file for organization

* give proper short descriptions for the --help text

* add short description for memcached

Author: phillip-stephens

cli.go

@@ -0,0 +1,103 @@
+package zgrab2
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+	flags "github.com/zmap/zflags"
+)
+
+var (
+	parser *flags.Parser // parser for main zgrab2 command
+	// iniParser is a parser just for ini files. It's frustrating that we need both, but the ini parser needs an option
+	// group 'Application Options' and it seems we can't have this along with option groups in the main parser and have
+	// options set correctly. The hidden one shadows the other and no CLI flags are set.
+	iniParser *flags.Parser
+)
+
+const defaultDNSPort = "53"
+
+func init() {
+	parser = flags.NewParser(nil, flags.Default)
+	desc := []string{
+		// Using a long single line so the terminal can handle wrapping, except for Input/Examples which should be on
+		// separate lines
+		"zgrab2 is fast, modular L7 application-layer scanner. It is commonly used with tools like ZMap which identify " +
+			"\"potential services\", or services we know are active on a given IP + port, and these are fed into ZGrab2 " +
+			"to confirm and provide details of the service. It has support for a number of protocols listed below as " +
+			"'Available commands' including SSH and HTTP. By default, zgrab2 will accept input from stdin and output " +
+			"results to stdout, with updates and logs to stderr. Please see 'zgrab2 <command> --help' for more details " +
+			"on a specific command.",
+		"Input is taken from stdin or --input-file, if specified. Input is CSV-formatted with 'IP, Domain, Tag, Port' " +
+			"or simply 'IP' or 'Domain'. See README.md for more details.",
+		"",
+		"Example usages:",
+		"echo '1.1.1.1' | zgrab2 tls        # Scan 1.1.1.1 with TLS",
+		"echo example.com | zgrab2 http     # Scan example.com with HTTP",
+	}
+	parser.LongDescription = strings.Join(desc, "\n")
+	_, err := parser.AddCommand("multiple", "Run multiple commands in a single run", "", &config.Multiple)
+	if err != nil {
+		log.Fatalf("could not add multiple command: %v", err)
+	}
+	_, err = parser.AddGroup("General Options", "General options for controlling the behavior of ZGrab2", &config.GeneralOptions)
+	if err != nil {
+		log.Fatalf("could not add general options group: %v", err)
+	}
+	_, err = parser.AddGroup("Input/Output Options", "Options for controlling the input/output behavior of ZGrab2", &config.InputOutputOptions)
+	if err != nil {
+		log.Fatalf("could not add I/O options group: %v", err)
+	}
+	_, err = parser.AddGroup("Network Options", "Options for controlling the network behavior of ZGrab2", &config.NetworkingOptions)
+	if err != nil {
+		log.Fatalf("could not add networking options group: %v", err)
+	}
+	iniParser = flags.NewParser(nil, flags.Default)
+}
+
+// NewIniParser creates and returns a ini parser initialized
+// with the default parser
+func NewIniParser() *flags.IniParser {
+	group, err := iniParser.AddGroup("Application Options", "Hidden group including all global options for ini files", &config)
+	if err != nil {
+		log.Fatalf("could not add Application Options group: %v", err)
+	}
+	group.Hidden = true
+
+	return flags.NewIniParser(iniParser)
+}
+
+// AddCommand adds a module to the parser and returns a pointer to
+// a flags.command object or an error
+func AddCommand(command string, shortDescription string, longDescription string, port int, m ScanModule) (*flags.Command, error) {
+	cmd, err := parser.AddCommand(command, shortDescription, longDescription, m)
+	if err != nil {
+		return nil, fmt.Errorf("could not add command to default parser: %w", err)
+	}
+	cmd.FindOptionByLongName("port").Default = []string{strconv.Itoa(port)}
+	cmd.FindOptionByLongName("name").Default = []string{command}
+
+	// Add the same command to the ini parser
+	cmd, err = iniParser.AddCommand(command, shortDescription, longDescription, m)
+	if err != nil {
+		return nil, fmt.Errorf("could not add command to ini parser: %w", err)
+	}
+	cmd.FindOptionByLongName("port").Default = []string{strconv.Itoa(port)}
+	cmd.FindOptionByLongName("name").Default = []string{command}
+	modules[command] = m
+	return cmd, nil
+}
+
+// ParseCommandLine parses the commands given on the command line
+// and validates the framework configuration (global options)
+// immediately after parsing
+func ParseCommandLine(flags []string) ([]string, string, ScanFlags, error) {
+	posArgs, moduleType, f, err := parser.ParseCommandLine(flags)
+	if err == nil {
+		validateFrameworkConfiguration()
+	}
+	sf, _ := f.(ScanFlags)
+	return posArgs, moduleType, sf, err
+}

config.go

@@ -23,32 +23,43 @@ const (
 	IPVersionCapabilityIPv6Address = "2606:4700:4700::1111:80" // Same as above for IPv6
 )
 
-// Config is the high level framework options that will be parsed
-// from the command line
-type Config struct {
-	OutputFileName        string `short:"o" long:"output-file" default:"-" description:"Output filename, use - for stdout"`
+type GeneralOptions struct {
+	Senders          int    `short:"s" long:"senders" default:"1000" description:"Number of send goroutines to use"`
+	GOMAXPROCS       int    `long:"gomaxprocs" default:"0" description:"Set GOMAXPROCS"`
+	Prometheus       string `long:"prometheus" description:"Address to use for Prometheus server (e.g. localhost:8080). If empty, Prometheus is disabled."`
+	ReadLimitPerHost int    `long:"read-limit-per-host" default:"96" description:"Maximum total kilobytes to read for a single host (default 96kb)"`
+}
+
+type InputOutputOptions struct {
+	BlocklistFileName     string `short:"b" long:"blocklist-file" default:"-" description:"Blocklist filename, use - for $(HOME)/.config/zgrab2/blocklist.conf"`
 	InputFileName         string `short:"f" long:"input-file" default:"-" description:"Input filename, use - for stdin"`
+	LogFileName           string `short:"l" long:"log-file" default:"-" description:"Log filename, use - for stderr"`
 	MetaFileName          string `short:"m" long:"metadata-file" default:"-" description:"Metadata filename, use - for stderr."`
-	BlocklistFileName     string `short:"b" long:"blocklist-file" default:"-" description:"Blocklist filename, use - for $(HOME)/.config/zgrab2/blocklist.conf"`
+	OutputFileName        string `short:"o" long:"output-file" default:"-" description:"Output filename, use - for stdout"`
 	StatusUpdatesFileName string `short:"u" long:"status-updates-file" default:"-" description:"Status updates filename, use - for stderr."`
-	LogFileName           string `short:"l" long:"log-file" default:"-" description:"Log filename, use - for stderr"`
+	Debug                 bool   `long:"debug" description:"Include debug fields in the output."`
+	Flush                 bool   `long:"flush" description:"Flush after each line of output."`
+}
+
+type NetworkingOptions struct {
+	ConnectionsPerHost   int           `long:"connections-per-host" default:"1" description:"Number of times to connect to each host (results in more output)"`
+	DNSServerRateLimit   int           `long:"dns-rate-limit" default:"10000" description:"Rate limit for DNS lookups per second."`
+	DNSResolutionTimeout time.Duration `long:"dns-resolution-timeout" default:"10s" description:"Timeout for DNS resolution of target hostnames. Default is 10 seconds."`
+	CustomDNS            string        `long:"dns-resolvers" description:"Address of a custom DNS server(s) for lookups, comma-delimited. Default port is 53. Ex: 1.1.1.1:53,8.8.8.8. Uses the OS-default resolvers if not set."`
+	LocalAddrString      string        `long:"local-addr" description:"Local address(es) to bind to for outgoing connections. Comma-separated list of IP addresses, ranges (inclusive), or CIDR blocks, ex: 1.1.1.1-1.1.1.3, 2.2.2.2, 3.3.3.0/24"`
+	LocalPortString      string        `long:"local-port" description:"Local port(s) to bind to for outgoing connections. Comma-separated list of ports or port ranges (inclusive) ex: 1200-1300,2000"`
+	UserIPv4Choice       *bool         `long:"resolve-ipv4" description:"Use IPv4 for resolving domains (accept A records). True by default, use only --resolve-ipv6 for IPv6 only resolution. If used with --resolve-ipv6, will use both IPv4 and IPv6."`
+	UserIPv6Choice       *bool         `long:"resolve-ipv6" description:"Use IPv6 for resolving domains (accept AAAA records). IPv6 is disabled by default. If --resolve-ipv4 is not set and --resolve-ipv6 is, will only use IPv6. If used with --resolve-ipv4, will use both IPv4 and IPv6."`
+	ServerRateLimit      int           `long:"server-rate-limit" default:"20" description:"Per-IP rate limit for connections to targets per second."`
+}
 
-	Senders              int             `short:"s" long:"senders" default:"1000" description:"Number of send goroutines to use"`
-	Debug                bool            `long:"debug" description:"Include debug fields in the output."`
-	Flush                bool            `long:"flush" description:"Flush after each line of output."`
-	GOMAXPROCS           int             `long:"gomaxprocs" default:"0" description:"Set GOMAXPROCS"`
-	ConnectionsPerHost   int             `long:"connections-per-host" default:"1" description:"Number of times to connect to each host (results in more output)"`
-	ReadLimitPerHost     int             `long:"read-limit-per-host" default:"96" description:"Maximum total kilobytes to read for a single host (default 96kb)"`
-	Prometheus           string          `long:"prometheus" description:"Address to use for Prometheus server (e.g. localhost:8080). If empty, Prometheus is disabled."`
-	CustomDNS            string          `long:"dns-resolvers" description:"Address of a custom DNS server(s) for lookups, comma-delimited. Default port is 53. Ex: 1.1.1.1:53,8.8.8.8. Uses the OS-default resolvers if not set."`
+// Config is the high level framework options that will be parsed
+// from the command line
+type Config struct {
+	GeneralOptions                       // CLI Options related to general framework configuration. Don't fit into any other category
+	InputOutputOptions                   // CLI Options related to I/O. Just affects organization of --help
+	NetworkingOptions                    // CLI Options related to networking. Just affects organization of --help
 	Multiple             MultipleCommand `command:"multiple" description:"Multiple module actions"`
-	LocalAddrString      string          `long:"local-addr" description:"Local address(es) to bind to for outgoing connections. Comma-separated list of IP addresses, ranges (inclusive), or CIDR blocks, ex: 1.1.1.1-1.1.1.3, 2.2.2.2, 3.3.3.0/24"`
-	LocalPortString      string          `long:"local-port" description:"Local port(s) to bind to for outgoing connections. Comma-separated list of ports or port ranges (inclusive) ex: 1200-1300,2000"`
-	DNSResolutionTimeout time.Duration   `long:"dns-resolution-timeout" default:"10s" description:"Timeout for DNS resolution of target hostnames. Default is 10 seconds."`
-	DNSServerRateLimit   int             `long:"dns-rate-limit" default:"10000" description:"Rate limit for DNS lookups per second."`
-	ServerRateLimit      int             `long:"server-rate-limit" default:"20" description:"Per-IP rate limit for connections to targets per second."`
-	UserIPv4Choice       *bool           `long:"resolve-ipv4" description:"Use IPv4 for resolving domains (accept A records). True by default, use only --resolve-ipv6 for IPv6 only resolution. If used with --resolve-ipv6, will use both IPv4 and IPv6."`
-	UserIPv6Choice       *bool           `long:"resolve-ipv6" description:"Use IPv6 for resolving domains (accept AAAA records). IPv6 is disabled by default. If --resolve-ipv4 is not set and --resolve-ipv6 is, will only use IPv6. If used with --resolve-ipv4, will use both IPv4 and IPv6."`
 	inputFile            *os.File
 	outputFile           *os.File
 	metaFile             *os.File

integration_tests/multiple/multiple.ini

@@ -1,3 +1,6 @@
+[Application Options]
+senders=2
+
 [ntp]
 trigger="ntp"
 

modules/amqp091/scanner.go

@@ -97,7 +97,7 @@ type Result struct {
 // RegisterModule registers the zgrab2 module.
 func RegisterModule() {
 	var module Module
-	_, err := zgrab2.AddCommand("amqp091", "amqp091", module.Description(), 5672, &module)
+	_, err := zgrab2.AddCommand("amqp091", "Advanced Message Queue Protocol v0.9.1 (AMQP)", module.Description(), 5672, &module)
 	if err != nil {
 		log.Fatal(err)
 	}

modules/bacnet/scanner.go

@@ -37,7 +37,7 @@ type Scanner struct {
 // RegisterModule registers the zgrab2 module.
 func RegisterModule() {
 	var module Module
-	_, err := zgrab2.AddCommand("bacnet", "bacnet", module.Description(), 0xBAC0, &module)
+	_, err := zgrab2.AddCommand("bacnet", "Building Automation and Control Network (BACNET)", module.Description(), 0xBAC0, &module)
 	if err != nil {
 		log.Fatal(err)
 	}

modules/banner/scanner.go

@@ -71,7 +71,7 @@ var ErrNoMatch = errors.New("pattern did not match")
 // RegisterModule is called by modules/banner.go to register the scanner.
 func RegisterModule() {
 	var m Module
-	_, err := zgrab2.AddCommand("banner", "Banner", m.Description(), 80, &m)
+	_, err := zgrab2.AddCommand("banner", "Grabs the server's response to an arbitrary probe with optional regex matching", m.Description(), 80, &m)
 	if err != nil {
 		log.Fatal(err)
 	}
@@ -122,7 +122,7 @@ func (f *Flags) Validate(_ []string) error {
 
 // Description returns an overview of this module.
 func (m *Module) Description() string {
-	return "Fetch a raw banner by sending a static probe and checking the result against a regular expression"
+	return "Fetch a raw banner by sending a static probe and checking the result against an optional regular expression"
 }
 
 // Help returns the module's help string.

modules/dnp3/scanner.go

@@ -35,7 +35,7 @@ type Scanner struct {
 // RegisterModule registers the zgrab2 module.
 func RegisterModule() {
 	var module Module
-	_, err := zgrab2.AddCommand("dnp3", "dnp3", module.Description(), 20000, &module)
+	_, err := zgrab2.AddCommand("dnp3", "Distributed Network Protocol 3 (DNP3)", module.Description(), 20000, &module)
 	if err != nil {
 		log.Fatal(err)
 	}

modules/fox/scanner.go

@@ -38,7 +38,7 @@ type Scanner struct {
 // RegisterModule registers the zgrab2 module.
 func RegisterModule() {
 	var module Module
-	_, err := zgrab2.AddCommand("fox", "fox", module.Description(), 1911, &module)
+	_, err := zgrab2.AddCommand("fox", "Niagara Fox IoT and Building Automation Communication Protocol (Fox)", module.Description(), 1911, &module)
 	if err != nil {
 		log.Fatal(err)
 	}

modules/ftp/scanner.go

@@ -82,7 +82,7 @@ type Connection struct {
 // RegisterModule registers the ftp zgrab2 module.
 func RegisterModule() {
 	var module Module
-	_, err := zgrab2.AddCommand("ftp", "FTP", module.Description(), 21, &module)
+	_, err := zgrab2.AddCommand("ftp", "File Transfer Protocol (FTP)", module.Description(), 21, &module)
 	if err != nil {
 		log.Fatal(err)
 	}

modules/http/scanner.go

@@ -615,7 +615,7 @@ func (scanner *Scanner) Scan(ctx context.Context, dialGroup *zgrab2.DialerGroup,
 // zgrab2 framework.
 func RegisterModule() {
 	var module Module
-	cmd, err := zgrab2.AddCommand("http", "HTTP Banner Grab", module.Description(), 0, &module)
+	cmd, err := zgrab2.AddCommand("http", "Hypertext Transfer Protocol (HTTP)", module.Description(), 0, &module)
 	if err != nil {
 		log.Fatal(err)
 	}