Beispiel #1
0
 def removeItem(self, toDeleteIid):
     """
     Remove defect from given iid in defect treeview
     Args:
         toDeleteIid: database ID of defect to delete
     """
     item = self.treevw.item(toDeleteIid)
     dialog = ChildDialogQuestion(
         self.parent, "DELETE WARNING",
         "Are you sure you want to delete defect " + str(item["text"]) +
         " ?", ["Delete", "Cancel"])
     self.parent.wait_window(dialog.app)
     if dialog.rvalue != "Delete":
         return
     self.treevw.delete(toDeleteIid)
     defectToDelete = Defect.fetchObject({
         "title": item["text"],
         "ip": "",
         "port": "",
         "proto": ""
     })
     if defectToDelete is not None:
         if defectToDelete.index is not None:
             index = int(defectToDelete.index)
             children = self.treevw.get_children()
             for i in range(index + 1, len(children), 1):
                 d_o = Defect({"_id": children[i]})
                 d_o.update({"index": str(i)})
         defectToDelete.delete()
         self.resizeDefectTreeview()
Beispiel #2
0
 def OnDoubleClick(self, event):
     """
     Callback for double click on treeview.
     Opens a window to update the double clicked defect view.
     Args:
         event: automatically created with the event catch. stores data about line in treeview that was double clicked.
     """
     item = self.treevw.identify("item", event.x, event.y)
     defect_m = Defect.fetchObject({"_id": ObjectId(item)})
     dialog = ChildDialogDefectView(self.parent, self.settings, defect_m)
     self.parent.wait_window(dialog.app)
     self.updateDefectInTreevw(defect_m)
Beispiel #3
0
def parseWarnings(file_opened):
    """
    Parse the result of a testssl json output file
        Args:
            file_opened:  the opened file reference

        Returns:
            Returns a tuple with (None values if not matching a testssl output):
                - a list of string for each testssl NOT ok, WARN, or MEDIUM warnings
                - a dict of targeted objects with database id as key and a unique key as a mongo search pipeline ({})
    """
    targets = {}
    missconfiguredHosts = {}
    firstLine = True
    for line in file_opened:
        if firstLine:
            if line.strip() != '"id", "fqdn/ip", "port", "severity", "finding", "cve", "cwe"' and \
                    line.strip() != '"id","fqdn/ip","port","severity","finding","cve","cwe"':
                return None, None
            firstLine = False
            continue
        # Search ip in file
        warn = re.search(
            r"^\"[^\"]*\", ?\"([^\"]*)\", ?\"([^\"]*)\", ?\"(OK|INFO|NOT ok|WARN|LOW|MEDIUM|HIGH|CRITICAL)\", ?\"[^\"]*\", ?\"[^\"]*\", ?\"[^\"]*\"$",
            line)
        if warn is not None:
            ip = warn.group(1)
            domain = None
            port = warn.group(2)
            notes = warn.group(3)
            if "/" in ip:
                domain = ip.split("/")[0]
                ip = "/".join(ip.split("/")[1:])
                Ip().initialize(domain).addInDb()
                Port().initialize(domain, port, "tcp", "ssl").addInDb()
            Ip().initialize(ip).addInDb()
            Port().initialize(ip, port, "tcp", "ssl").addInDb()
            if notes not in ["OK", "INFO"]:
                missconfiguredHosts[ip] = missconfiguredHosts.get(ip, {})
                missconfiguredHosts[ip][port] = missconfiguredHosts[ip].get(
                    port, [])
                missconfiguredHosts[ip][port].append(notes + " : " + line)
                if domain is not None:
                    missconfiguredHosts[domain] = missconfiguredHosts.get(
                        domain, {})
                    missconfiguredHosts[domain][port] = missconfiguredHosts[
                        domain].get(port, [])
                    missconfiguredHosts[domain][port].append(notes + " : " +
                                                             line)
    for ip in missconfiguredHosts.keys():
        for port in missconfiguredHosts[ip].keys():
            p_o = Port.fetchObject({"ip": ip, "port": port, "proto": "tcp"})
            targets[str(p_o.getId())] = {
                "ip": ip,
                "port": port,
                "proto": "tcp"
            }
            missconfiguredHosts[ip][port].sort()
            notes = "\n".join(missconfiguredHosts[ip][port])
            res, _ = Defect().initialize(ip,
                                         port,
                                         "tcp",
                                         "Défauts d'implémentation du SSL/TLS",
                                         "Très difficile",
                                         "Majeur",
                                         "Important",
                                         "N/A", ["Socle"],
                                         notes=notes,
                                         proofs=[]).addInDb()
            if not res:
                p_o.updateInfos({"compliant": "False"})
                defect_o = Defect.fetchObject({
                    "ip": ip,
                    "title": "Défauts d'implémentation du SSL/TLS",
                    "port": port,
                    "proto": "tcp"
                })
                defect_o.notes += notes
                defect_o.update()
    if firstLine:
        return None, None
    return str(len(missconfiguredHosts.keys())
               ) + " misconfigured hosts found. Defects created.", targets