def notify_summary(self, audit_name): """ This method is called when an audit ends and when a plugin ends. :param audit_name: Name of the audit. :type audit_name: str """ # Get the number of vulnerabilities in the database. vulns_number = Database.count(Data.TYPE_VULNERABILITY) # Count the vulnerabilities by severity. vulns_counter = collections.defaultdict(int) for l_vuln in Database.iterate(Data.TYPE_VULNERABILITY): vulns_counter[l_vuln.level] += 1 # Get the number of IP addresses and hostnames. total_hosts = Database.count(Data.TYPE_RESOURCE, Resource.RESOURCE_DOMAIN) total_hosts += Database.count(Data.TYPE_RESOURCE, Resource.RESOURCE_IP) # Substract the ones that were passed as targets. discovered_hosts = total_hosts - len(Config.audit_scope.targets) discovered_hosts = discovered_hosts if discovered_hosts > 0 else 0 # Send the summary. packet = ("summary", audit_name, vulns_number, discovered_hosts, total_hosts, vulns_counter['info'], vulns_counter['low'], vulns_counter['medium'], vulns_counter['high'], vulns_counter['critical'],) self.bridge.send(packet)
def generate_report(self, output_file): # Dump all objects in the database. print "-" * 79 print "Report:" for data in Database.iterate(): print print data.identity print repr(data) print sorted(data.links) for linked in data.linked_data: print "--> " + linked.identity print "--> " + repr(linked) print
def generate_report(self, output_file): # Dump all objects in the database. print "-" * 79 print "Report:" for data in Database.iterate(): print print data.identity print repr(data) print sorted(data.links) for linked in data.linked_data: print "--> " + linked.identity print "--> " + repr(linked) print
def common_get_resources(self, data_type=None, data_subtype=None): """ Get a list of datas. :return: List of resources. :rtype: list(Resource) """ # Get each resource m_resource = None m_len_urls = Database.count(data_type, data_type) if m_len_urls < 200: # increase as you see fit... # fast but memory consuming method m_resource = Database.get_many( Database.keys(data_type=data_type, data_subtype=data_subtype)) else: # slow but lean method m_resource = Database.iterate(data_type=data_type, data_subtype=data_subtype) return m_resource
def common_get_resources(self, data_type=None, data_subtype=None): """ Get a list of datas. :return: List of resources. :rtype: list(Resource) """ # Get each resource m_resource = None m_len_urls = Database.count(data_type, data_type) if m_len_urls < 200: # increase as you see fit... # fast but memory consuming method m_resource = Database.get_many( Database.keys(data_type=data_type, data_subtype=data_subtype)) else: # slow but lean method m_resource = Database.iterate(data_type=data_type, data_subtype=data_subtype) return m_resource
def __iterate(self, data_type = None, data_subtype = None): if Database.count(data_type, data_type) < 100: return Database.get_many( Database.keys(data_type=data_type, data_subtype=data_subtype) ) return Database.iterate(data_type=data_type, data_subtype=data_subtype)
def do_audit_summary(self, audit_name): """ Implementation of: /audit/summary :param audit_name: Name of the audit to query. :type audit_name: str :returns: Summary in the following format:: { 'vulns_number' : int, 'discovered_hosts' : int, 'total_hosts' : int, 'vulns_by_level' : { 'info' : int, 'low' : int, 'medium' : int, 'high' : int, 'critical' : int, }, } Returns None on error. :rtype: dict(str -> \\*) | None """ # Checks for errors if audit_name in self.audit_error: return "error" try: if self.is_audit_running(audit_name): with SwitchToAudit(audit_name): # Get the number of vulnerabilities in the database. vulns_number = Database.count(Data.TYPE_VULNERABILITY) # Count the vulnerabilities by severity. vulns_counter = collections.Counter() for l_vuln in Database.iterate(Data.TYPE_VULNERABILITY): vulns_counter[l_vuln.level] += 1 # Get the number of IP addresses and hostnames. total_hosts = Database.count(Data.TYPE_RESOURCE, Resource.RESOURCE_DOMAIN) total_hosts += Database.count(Data.TYPE_RESOURCE, Resource.RESOURCE_IP) # Substract the ones that were passed as targets. discovered_hosts = total_hosts - len(Config.audit_scope.targets) # Return the data in the expected format. return { 'vulns_number' : vulns_number, 'discovered_hosts' : discovered_hosts, 'total_hosts' : total_hosts, 'vulns_by_level' : { 'info' : vulns_counter['info'], 'low' : vulns_counter['low'], 'medium' : vulns_counter['medium'], 'high' : vulns_counter['high'], 'critical' : vulns_counter['critical'], } } else: # XXX TODO open the database manually here raise NotImplementedError( "Querying finished audits is not implemented yet!") except Exception: Logger.log_error(traceback.format_exc())
def __iterate(self, data_type = None, data_subtype = None): if Database.count(data_type=data_type, data_subtype=data_subtype) <100: return Database.get_many( Database.keys(data_type=data_type, data_subtype=data_subtype) ) return Database.iterate(data_type=data_type, data_subtype=data_subtype)