Beispiel #1
0
def apimethod_run_nmap_scan(sensor_id, target, idm, scan_type, rdns, scan_timing, autodetect, scan_ports,
                            output_file_prefix="", save_to_file=False, job_id=""):
    """Launches an MAP scan
    Args:
        sensor_id: The system IP where you want to get the [sensor]/interfaces from ossim_setup.conf
        target: IP address of the component where the NMAP will be executed
        idm: Convert results into idm events
        scan_type: Sets the NMAP scan type
        rdns: Tells Nmap to do reverse DNS resolution on the active IP addresses it finds
        scan_timing: Set the timing template
        autodetect: Aggressive scan options (enable OS detection)
        scan_ports: Only scan specified ports
        output_file_prefix: Prefix string to be added to the output filename
        save_to_file: Indicates whether you want to save the NMAP report to a file or not.
        job_id: Celery job ID.

    Returns:
        nmap_report: The NMAP report or the filename where the report has been saved.

    Raises:
        APINMAPScanCannotRun
        APICannotResolveSensorID
        APINMAPScanCannotRetrieveBaseFolder
        APINMAPScanCannotCreateLocalFolder
    """
    (result, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id, local_loopback=False)
    if result is False:
        api_log.error(
            "[apimethod_run_nmap_scan] Cannot retrieve the sensor ip from the given sensor id <%s>" % sensor_id)
        raise APICannotResolveSensorID(sensor_id)
    success, nmap_report = ansible_run_nmap_scan(sensor_ip=sensor_ip, target=target, scan_type=scan_type, rdns=rdns,
                                                 scan_timing=scan_timing, autodetect=autodetect, scan_ports=scan_ports,
                                                 job_id=job_id)
    if not success:
        api_log.error('Failed to launch NMAP scan: %s' % nmap_report)
        raise APINMAPScanCannotRun(nmap_report)

    filename = None
    if save_to_file:
        base_path = get_nmap_directory(sensor_id)
        filename = "%s/nmap_report_%s.json" % (base_path, output_file_prefix)
        with open(filename, "w") as f:
            f.write(json.dumps(nmap_report))

    if idm:
        conn = IDMConnection(sensor_id=sensor_id)
        if conn.connect():
            conn.send_events_from_hosts(nmap_report)
            try:
                if filename is not None:
                    os.remove(filename)
            except Exception:
                pass
        else:
            api_log.error("[apimethod_run_nmap_scan] Cannot connect with the IDM Service")
    try:
        apimethods_nmap_purge_scan_files(job_id)
    except Exception as exp:
        api_log.warning("[apimethod_run_nmap_scan] Cannot purge the scan files %s" % str(exp))
    return nmap_report
Beispiel #2
0
def refresh_hosts():
    """
    Send reload message to the Server
    Args:
    Return:
        - boolean indicates whether the operation was successful or not
    """
    result = True

    conn = IDMConnection(port=40001)
    if conn.connect():
        conn.reload_hosts()
        conn.close()
    else:
        api_log.error('Cannot send host refresh to server')
        result = False

    return result
Beispiel #3
0
def refresh_hosts():
    """
    Send reload message to the Server
    Args:
    Return:
        - boolean indicates whether the operation was successful or not
    """
    result = True

    conn = IDMConnection(port=40001)
    if conn.connect():
        conn.reload_hosts()
        conn.close()
    else:
        api_log.error('Cannot send host refresh to server')
        result = False

    return result