Beispiel #1
0
def dotransform(request, response):
    ns = login()
    vulns = Report(ns, request.fields['nessusreport.uuid'], '').vulnerabilities
    for h in vulns[request.fields['nessusplugin.id']].hosts:
        p = Port(h.port)
        p.destination = h.name
        p.status = 'Open'
        p.protocol = h.protocol
        response += p
    return response
Beispiel #2
0
def dotransform(request, response):
    ns = login()
    vulns = Report(ns, request.fields['nessusreport.uuid'], '').vulnerabilities
    for h in vulns[request.fields['nessusplugin.id']].hosts:
        p = Port(h.port)
        p.destination = h.name
        p.status = 'Open'
        p.protocol = h.protocol
        response += p
    return response
Beispiel #3
0
def dotransform(request, response):
    s = login(host=request.entity.server, port=request.entity.port)
    if s is None:
        return response
    vulns = Report(s, request.entity.uuid, '').vulnerabilities
    for h in vulns[request.entity.pluginid].hosts:
        p = Port(h.port)
        p.destination = h.name
        p.status = 'Open'
        p.protocol = h.protocol
        response += p
    return response
Beispiel #4
0
def dotransform(request, response):
    s = login(host=request.entity.server, port=request.entity.port)
    if s is None:
        return response
    vulns = Report(s, request.entity.uuid, '').vulnerabilities
    for h in vulns[request.entity.pluginid].hosts:
        p = Port(h.port)
        p.destination = h.name
        p.status = 'Open'
        p.protocol = h.protocol
        response += p
    return response
Beispiel #5
0
def dotransform(request, response):

    params = parse_args(request.params)

    ports = portrange(
        params.target_ports
    ) if params.target_ports is not None else config['irsscan/target_ports']
    dst = params.target_host if params.target_host is not None else config[
        'irsscan/target_host']

    global q
    q = Queue()

    debug('Sending probes to %s' % dst)

    # This is the template used to send traffic
    p = Ether() / IP(dst=dst, id=int(RandShort())) / TCP(
        dport=ports, sport=int(RandShort()), seq=int(RandInt()))

    # We need to fix these values so that Scapy doesn't poop all over them
    p.dst = router_mac = p.dst
    p.src = my_mac = p.src

    # Begin the evil... mwuahahahahaha..
    apw = ArpCachePoisoner(my_mac, router_mac)
    apw.start()

    # Loop through our IP address block and send out the probes
    for i in iprange(request.value):

        # Queue and set the current IP we are poisoning for the poisoner.
        q.put(str(i))
        p[IP].src = str(i)
        sleep(0.5)

        # Send the probes!
        ans, unans = srp(p,
                         retry=config['irsscan/sr_retries'],
                         timeout=config['irsscan/sr_timeout'],
                         verbose=config['irsscan/sr_verbose'])

        if ans:
            for a in ans:
                req, res = a
                e = Port(req.dport)
                e.source = req[IP].src
                e.destination = req[IP].dst
                e.protocol = 'tcp'
                e += Label('Summary', res.summary())
                if TCP in res:
                    e.response = res[TCP].sprintf('TCP:%flags%')
                    e.status = PortStatus.Closed if (res[TCP].flags
                                                     & 4) else PortStatus.Open
                elif ICMP in res:
                    e.response = res[ICMP].sprintf('ICMP:%type%')
                    e.status = PortStatus.TimedOut
                response += e

        if unans:
            for u in unans:
                e = Port(u.dport)
                e.source = u[IP].src
                e.destination = u[IP].dst
                e.status = PortStatus.TimedOut
                e.response = 'none'
                response += e

    # Goodbye!
    q.put(None)
    apw.join()

    return response
Beispiel #6
0
def dotransform(request, response):

    params = parse_args(request.params)

    ports = portrange(params.target_ports) if params.target_ports is not None else config['irsscan/target_ports']
    dst = params.target_host if params.target_host is not None else config['irsscan/target_host']

    global q
    q = Queue()

    debug('Sending probes to %s' % dst)

    # This is the template used to send traffic
    p = Ether()/IP(dst=dst, id=int(RandShort()))/TCP(dport=ports, sport=int(RandShort()), seq=int(RandInt()))

    # We need to fix these values so that Scapy doesn't poop all over them
    p.dst = router_mac = p.dst
    p.src = my_mac = p.src

    # Begin the evil... mwuahahahahaha..
    apw = ArpCachePoisoner(my_mac, router_mac)
    apw.start()

    # Loop through our IP address block and send out the probes
    for i in iprange(request.value):

        # Queue and set the current IP we are poisoning for the poisoner.
        q.put(str(i))
        p[IP].src = str(i)
        sleep(0.5)

        # Send the probes!
        ans, unans = srp(
            p,
            retry=config['irsscan/sr_retries'],
            timeout=config['irsscan/sr_timeout'],
            verbose=config['irsscan/sr_verbose']
        )

        if ans:
            for a in ans:
                req, res = a
                e = Port(req.dport)
                e.source = req[IP].src
                e.destination = req[IP].dst
                e.protocol = 'tcp'
                e += Label('Summary', res.summary())
                if TCP in res:
                    e.response = res[TCP].sprintf('TCP:%flags%')
                    e.status = PortStatus.Closed if (res[TCP].flags & 4) else PortStatus.Open
                elif ICMP in res:
                    e.response = res[ICMP].sprintf('ICMP:%type%')
                    e.status = PortStatus.TimedOut
                response += e

        if unans:
            for u in unans:
                e = Port(u.dport)
                e.source = u[IP].src
                e.destination = u[IP].dst
                e.status = PortStatus.TimedOut
                e.response = 'none'
                response += e


    # Goodbye!
    q.put(None)
    apw.join()

    return response