sudo command is not executed

nmmapper / python3-nmap

A python 3 library which helps in using nmap port scanner. This is done by converting each nmap command into a callable python3 method or function. System administrators can now automatic nmap scans using python

https://www.nmmapper.com/sys/networkmapper/nmap/online-port-scanning/

GNU General Public License v3.0

280 stars 75 forks source link

sudo command is not executed #100

Open Luciogi opened 3 months ago

Luciogi commented 3 months ago

    @user_is_root
    def nmap_os_detection(self, target, arg="-O", args=None):  # requires root
        """
        nmap -oX - nmmapper.com -O
        NOTE: Requires root
        """
        xml_root = self.scan_command(target=target, arg=arg, args=args)
        results = self.parser.os_identifier_parser(xml_root)
        return results

@user_is_root exits control before scan_command(...) is executed (which run sudo nmap ...)

And https://github.com/nmmapper/python3-nmap/blob/3de136bc48ea8a00ae3b5074728185c67414f685/nmap3/nmap3.py#L93 should be as

return self.default_args.format(nmap="sudo "+self.nmaptool, outarg="-oX")

nmmapper commented 3 months ago

Good suggestion, though i don't think it's a good idea to hard code sudocommand like that. Any other solution is welcome

Luciogi commented 3 months ago

We can make Variable PRIVILEGE_CMD="sudo". There are other alternatives for sudo like doas to handle that we can make condition as in pseudo code

if ( PRIVILEGE_CMD is empty):
    PRIVILEGE_CMD="sudo"
else:
    PRIVILEGE_CMD=readFromEnvironment()

I have not searched how can be this useful for gui apps with polkit to get root privileges

nmmapper commented 3 months ago

The library was designed to be a little easier to use, if possible the decorate user_is_root returns Json, is there a way you can use the returned json to determine how to use sudo?