def graphs():
"""
Products the main statistics and graphs
"""
if request.vars.gtype.lower() == 'all':
indexgraphs = graphs_index(db)
return dict(indexgraphs=indexgraphs)
def graphs():
"""
Products the main statistics and graphs
"""
if request.vars.gtype.lower() == 'all':
indexgraphs = graphs_index(db)
return dict(indexgraphs = indexgraphs)
def index():
"""
Kvasir welcoming index page.
"""
response.files.append(URL(request.application, 'static', 'js/jquery.tagcloud-2.js'))
response.files.append(URL(request.application, 'static', 'js/highcharts.js'))
statistics = db_statistics()
adv_stats = adv_db_statistics()
graphs = graphs_index()
return dict(statistics=statistics, adv_stats=adv_stats, graphs=graphs)
def index():
"""
Kvasir welcoming index page.
"""
response.files.append(URL(request.application, 'static', 'js/jquery.tagcloud-2.js'))
response.files.append(URL(request.application, 'static', 'js/highcharts.js'))
statistics = db_statistics()
adv_stats = adv_db_statistics()
graphs = graphs_index()
return dict(statistics=statistics, adv_stats=adv_stats, graphs=graphs)
def spreadsheet():
"""
Generate a Excel xlsx file of vulnerability and password statistics and charts
"""
rows = db(db.t_hosts).select(db.t_hosts.f_asset_group, distinct=True)
ags = [ag.f_asset_group for ag in rows]
form = SQLFORM.factory(
Field('ag_per_tab',
'boolean',
default=False,
label=T('Tab per Asset Group')),
Field('asset_group',
'select',
default=False,
requires=IS_EMPTY_OR(IS_IN_SET(ags)),
label=T('Specific Asset Group')),
)
response.title = "%s :: Excel Spreadsheet Generator" % (settings.title)
if form.errors:
response.flash = 'Error in form'
elif form.process().accepted:
if form.vars.asset_group:
ags = [form.vars.asset_group]
elif form.vars.ag_per_tab:
rows = db(db.t_hosts).select(db.t_hosts.f_asset_group,
distinct=True)
ags = [ag.f_asset_group for ag in rows]
else:
ags = ['%']
from skaldship.statistics import vulnlist, graphs_index
from skaldship.general import vulntype_mapping
import os
from datetime import datetime
from xlsxwriter.workbook import Workbook
tmpfile = os.path.join(
request.folder, 'data/stats/kvasir-stats-%s.xlsx' %
datetime.now().strftime("%m%d%y-%H%M%S"))
workbook = Workbook(tmpfile)
bold = workbook.add_format({'bold': 1})
# Create main statistics page / charts
graphs = graphs_index()
stat_worksheet = workbook.add_worksheet('Main Statistics')
# Top Host Severity statistics / chart
stat_worksheet.write('A1', 'Vuln Severity', bold)
stat_worksheet.write('B1', 'Host Count', bold)
row_num = 1
col_num = 0
for sev_cnt in graphs['top_host_sev_count_raw']:
stat_worksheet.write_number(row_num, col_num, row_num)
stat_worksheet.write_number(row_num, col_num + 1, int(sev_cnt))
row_num += 1
stat_chart_host = workbook.add_chart({'type': 'column'})
stat_chart_host.add_series({
'categories': ["'Main Statistics'", 1, 0, row_num - 1, 0],
'values': ["'Main Statistics'", 1, 1, row_num - 1, 1],
'name':
'Host Count',
})
stat_chart_host.set_title({'name': 'Top Host Severities'})
stat_chart_host.set_table({'show_keys': True})
stat_chart_host.set_legend({'position': 'none'})
stat_chart_host.set_x_axis({
'min': 1,
'max': 10,
'name_font': {
'bold': True
},
})
stat_chart_host.set_size({'width': 768, 'height': 576})
stat_worksheet.insert_chart('A13', stat_chart_host)
# Vulnerability Severity statistics / chart
stat_worksheet.write('D1', 'Vuln Severity', bold)
stat_worksheet.write('E1', 'Vuln Count', bold)
row_num = 1
col_num = 3
for sev_cnt in graphs['vuln_by_sev_count_raw']:
stat_worksheet.write_number(row_num, col_num, row_num)
stat_worksheet.write_number(row_num, col_num + 1, int(sev_cnt))
row_num += 1
stat_chart_vulns = workbook.add_chart({'type': 'column'})
stat_chart_vulns.add_series({
'categories': ["'Main Statistics'", 1, 3, row_num - 1, 3],
'values': ["'Main Statistics'", 1, 4, row_num - 1, 4],
'name':
'Vulnerability Count',
})
stat_chart_vulns.set_title({'name': 'Top Vulnerability Severities'})
stat_chart_vulns.set_table({'show_keys': True})
stat_chart_vulns.set_legend({'position': 'none'})
stat_chart_vulns.set_x_axis({
'min': 1,
'max': 10,
'name_font': {
'bold': True
},
})
stat_chart_vulns.set_size({'width': 768, 'height': 576})
stat_worksheet.insert_chart('G13', stat_chart_vulns)
# Create tab(s) for vulnerability listings and charts
for ag in ags:
if ag == "%":
ag = "Vulnlist"
hostfilter = None
else:
hostfilter = {
'filtertype': 'assetgroup',
'content': ag,
}
vl_worksheet = workbook.add_worksheet(ag)
vl_worksheet.write('A1', 'Vulnerability ID', bold)
vl_worksheet.set_column(1, 0, 45)
vl_worksheet.write('B1', 'Status', bold)
vl_worksheet.set_column(1, 1, 20)
vl_worksheet.write('C1', 'Count', bold)
vl_worksheet.write('D1', 'Severity', bold)
vl_worksheet.write('E1', 'CVSS Score', bold)
# { 'vulnerability id': [ status, count, severity, cvss ] }
vlist = vulnlist(hostfilter=hostfilter)
vuln_count = 1
vl_stats = {}
for k, v in vlist.iteritems():
col_num = 0
for row in v:
(status, count, severity, cvss) = row
vl_worksheet.write_string(vuln_count, col_num, k)
vl_worksheet.write_string(vuln_count, col_num + 1, status)
vl_worksheet.write_number(vuln_count, col_num + 2,
int(count))
vl_worksheet.write_number(vuln_count, col_num + 3,
int(severity))
if cvss:
vl_worksheet.write_number(vuln_count, col_num + 4,
float(cvss))
vuln_count += 1
# make vl_stats dictionary:
# { 'status': { 1: count, 2:count ... }}
vl_tmpstatus = vl_stats.setdefault(
status, {
1: 0,
2: 0,
3: 0,
4: 0,
5: 0,
6: 0,
7: 0,
8: 0,
9: 0,
10: 0
})
status_tmp = vl_tmpstatus.setdefault(severity, 0)
vl_tmpstatus[severity] = status_tmp + count
vl_stats[status] = vl_tmpstatus
# create vulnerability severity distribution chart
vl_chart_ws_name = "%s VulnChart" % (ag)
vl_chart_worksheet = workbook.add_worksheet(vl_chart_ws_name)
vl_chart_worksheet.write('A1', 'Severity', bold)
vl_chart = workbook.add_chart({'type': 'column'})
for k, v in vl_stats.iteritems():
vl_chart_worksheet.write(0, col_num, k, bold)
row_num = 1
for k2, v2 in v.iteritems():
vl_chart_worksheet.write(row_num, 0, k2)
vl_chart_worksheet.write(row_num, 1, v2)
row_num += 1
vl_chart.add_series({
'categories':
["'%s'" % (vl_chart_ws_name), 1, 0, row_num - 1, 0],
'values': [
"'%s'" % (vl_chart_ws_name), 1, col_num, row_num - 1,
col_num
],
'name':
k,
'color':
vulntype_mapping(k)
})
col_num += 1
# if multiple account groups, change title accordingly
if ag == "Vulnlist":
vl_chart.set_title(
{'name': 'Vulnerability Severity Distribution'})
else:
vl_chart.set_title(
{'name': 'Vulnerability Severity Distribution: %s' % (ag)})
vl_chart.set_table({'show_keys': True})
vl_chart.set_legend({'position': 'none'})
vl_chart.set_x_axis({
'min': 1,
'max': 10,
'name_font': {
'bold': True
},
})
vl_chart.set_size({'width': 960, 'height': 576})
vl_chart_worksheet.insert_chart('A13', vl_chart)
# Top 15 passwords and UNIX / Windows distribution and compromised pie charts
password_worksheet = workbook.add_worksheet('Passwords')
pw_cnt = db.t_accounts.f_password.count()
top15 = db(db.t_accounts.f_password != None).select(
db.t_accounts.f_password,
pw_cnt,
groupby=db.t_accounts.f_password,
orderby=~pw_cnt,
limitby=(0, 15))
password_worksheet.write('A1', 'Password', bold)
password_worksheet.write('B1', 'Count', bold)
row_num = 1
for row in top15:
password_worksheet.write(row_num, 0, row.t_accounts.f_password)
password_worksheet.write(
row_num, 1, row._extra['COUNT(t_accounts.f_password)'])
row_num += 1
# all done!
workbook.close()
redirect(URL('default', 'data_dir/stats'))
return dict(form=form)
def spreadsheet():
"""
Generate a Excel xlsx file of vulnerability and password statistics and charts
"""
rows = db(db.t_hosts).select(db.t_hosts.f_asset_group, distinct=True)
ags = [ag.f_asset_group for ag in rows]
form=SQLFORM.factory(
Field('ag_per_tab', 'boolean', default=False, label=T('Tab per Asset Group')),
Field('asset_group', 'select', default=False, requires=IS_EMPTY_OR(IS_IN_SET(ags)), label=T('Specific Asset Group')),
)
response.title = "%s :: Excel Spreadsheet Generator" % (settings.title)
if form.errors:
response.flash = 'Error in form'
elif form.process().accepted:
if form.vars.asset_group:
ags = [form.vars.asset_group]
elif form.vars.ag_per_tab:
rows = db(db.t_hosts).select(db.t_hosts.f_asset_group, distinct=True)
ags = [ag.f_asset_group for ag in rows]
else:
ags = ['%']
from skaldship.statistics import vulnlist, graphs_index
from skaldship.general import vulntype_mapping
import os
from datetime import datetime
from xlsxwriter.workbook import Workbook
tmpfile = os.path.join(request.folder, 'data/stats/kvasir-stats-%s.xlsx' % datetime.now().strftime("%m%d%y-%H%M%S"))
workbook = Workbook(tmpfile)
bold = workbook.add_format({'bold': 1})
# Create main statistics page / charts
graphs = graphs_index()
stat_worksheet = workbook.add_worksheet('Main Statistics')
# Top Host Severity statistics / chart
stat_worksheet.write('A1', 'Vuln Severity', bold)
stat_worksheet.write('B1', 'Host Count', bold)
row_num = 1
col_num = 0
for sev_cnt in graphs['top_host_sev_count_raw']:
stat_worksheet.write_number(row_num, col_num, row_num)
stat_worksheet.write_number(row_num, col_num+1, int(sev_cnt))
row_num += 1
stat_chart_host = workbook.add_chart({'type': 'column'})
stat_chart_host.add_series({
'categories': ["'Main Statistics'", 1, 0, row_num-1, 0],
'values': ["'Main Statistics'", 1, 1, row_num-1, 1],
'name': 'Host Count',
})
stat_chart_host.set_title({'name': 'Top Host Severities'})
stat_chart_host.set_table({'show_keys': True})
stat_chart_host.set_legend({'position': 'none'})
stat_chart_host.set_x_axis({
'min': 1,
'max': 10,
'name_font': {'bold': True},
})
stat_chart_host.set_size({'width': 768, 'height': 576})
stat_worksheet.insert_chart('A13', stat_chart_host)
# Vulnerability Severity statistics / chart
stat_worksheet.write('D1', 'Vuln Severity', bold)
stat_worksheet.write('E1', 'Vuln Count', bold)
row_num = 1
col_num = 3
for sev_cnt in graphs['vuln_by_sev_count_raw']:
stat_worksheet.write_number(row_num, col_num, row_num)
stat_worksheet.write_number(row_num, col_num+1, int(sev_cnt))
row_num += 1
stat_chart_vulns = workbook.add_chart({'type': 'column'})
stat_chart_vulns.add_series({
'categories': ["'Main Statistics'", 1, 3, row_num-1, 3],
'values': ["'Main Statistics'", 1, 4, row_num-1, 4],
'name': 'Vulnerability Count',
})
stat_chart_vulns.set_title({'name': 'Top Vulnerability Severities'})
stat_chart_vulns.set_table({'show_keys': True})
stat_chart_vulns.set_legend({'position': 'none'})
stat_chart_vulns.set_x_axis({
'min': 1,
'max': 10,
'name_font': {'bold': True},
})
stat_chart_vulns.set_size({'width': 768, 'height': 576})
stat_worksheet.insert_chart('G13', stat_chart_vulns)
# Create tab(s) for vulnerability listings and charts
for ag in ags:
if ag == "%":
ag = "Vulnlist"
hostfilter = [(None, None), False]
else:
hostfilter = [('assetgroup', ag), False]
vl_worksheet = workbook.add_worksheet(ag)
vl_worksheet.write('A1', 'Vulnerability ID', bold)
vl_worksheet.set_column(1, 0, 45)
vl_worksheet.write('B1', 'Status', bold)
vl_worksheet.set_column(1, 1, 20)
vl_worksheet.write('C1', 'Count', bold)
vl_worksheet.write('D1', 'Severity', bold)
vl_worksheet.write('E1', 'CVSS Score', bold)
# { 'vulnerability id': [ status, count, severity, cvss ] }
vlist = vulnlist(hostfilter)
vuln_count = 1
vl_stats = {}
for k, v in vlist.iteritems():
col_num = 0
for row in v:
(status, count, severity, cvss) = row
vl_worksheet.write_string(vuln_count, col_num, k)
vl_worksheet.write_string(vuln_count, col_num + 1, status)
vl_worksheet.write_number(vuln_count, col_num + 2, int(count))
vl_worksheet.write_number(vuln_count, col_num + 3, int(severity))
if cvss:
vl_worksheet.write_number(vuln_count, col_num + 4, float(cvss))
vuln_count += 1
# make vl_stats dictionary:
# { 'status': { 1: count, 2:count ... }}
vl_tmpstatus = vl_stats.setdefault(status, {
1: 0, 2: 0, 3: 0, 4: 0, 5: 0, 6: 0, 7: 0, 8: 0, 9: 0, 10: 0
})
status_tmp = vl_tmpstatus.setdefault(severity, 0)
vl_tmpstatus[severity] = status_tmp + count
vl_stats[status] = vl_tmpstatus
# create vulnerability severity distribution chart
vl_chart_ws_name = "%s VulnChart" % (ag)
vl_chart_worksheet = workbook.add_worksheet(vl_chart_ws_name)
vl_chart_worksheet.write('A1', 'Severity', bold)
vl_chart = workbook.add_chart({'type': 'column'})
for k,v in vl_stats.iteritems():
vl_chart_worksheet.write(0, col_num, k, bold)
row_num = 1
for k2,v2 in v.iteritems():
vl_chart_worksheet.write(row_num, 0, k2)
vl_chart_worksheet.write(row_num, 1, v2)
row_num += 1
vl_chart.add_series({
'categories': ["'%s'" % (vl_chart_ws_name), 1, 0, row_num-1, 0],
'values': ["'%s'" % (vl_chart_ws_name), 1, col_num, row_num-1, col_num],
'name': k,
'color': vulntype_mapping(k)
})
col_num += 1
# if multiple account groups, change title accordingly
if ag == "Vulnlist":
vl_chart.set_title({'name': 'Vulnerability Severity Distribution'})
else:
vl_chart.set_title({'name': 'Vulnerability Severity Distribution: %s' % (ag)})
vl_chart.set_table({'show_keys': True})
vl_chart.set_legend({'position': 'none'})
vl_chart.set_x_axis({
'min': 1,
'max': 10,
'name_font': {'bold': True},
})
vl_chart.set_size({'width': 960, 'height': 576})
vl_chart_worksheet.insert_chart('A13', vl_chart)
# Top 15 passwords and UNIX / Windows distribution and compromised pie charts
password_worksheet = workbook.add_worksheet('Passwords')
pw_cnt = db.t_accounts.f_password.count()
top15 = db(db.t_accounts.f_password != None).select(db.t_accounts.f_password, pw_cnt, groupby=db.t_accounts.f_password, orderby=~pw_cnt, limitby=(0,15))
password_worksheet.write('A1', 'Password', bold)
password_worksheet.write('B1', 'Count', bold)
row_num = 1
for row in top15:
password_worksheet.write(row_num, 0, row.t_accounts.f_password)
password_worksheet.write(row_num, 1, row._extra['COUNT(t_accounts.f_password)'])
row_num += 1
# all done!
workbook.close()
redirect(URL('default', 'data_dir/stats'))
return dict(form=form)
def report():
"""
Genereate a HTML-report with fields from statistics, hosts, vulns, and summaries from the wiki
"""
statistics = db_statistics()
adv_stats = adv_db_statistics()
graphs = graphs_index()
customer = settings.customer
assessment = settings.assessment_typed
start_date = settings.start_date or 'START DATE'
end_date = settings.end_date or 'END DATE'
# grab the filter type and value if provided or from the session
if session.hostfilter is None:
f_type = request.vars.f_type or None
f_value = request.vars.f_value or None
else:
f_type = session.hostfilter[0]
f_value = session.hostfilter[1]
# this is a little hack to ensure a record is either blank or None
# use it as "if variable not in notin:"
notin = [None, '']
unknown_cpeid_counter = 0
hosts = []
vulnerabilities = {}
# go through each host, adding the os, services and vulns accordingly
query = create_hostfilter_query([(f_type, f_value), False])
for host_rec in db(query).select():
host = {}
host['ipv4'] = host_rec.f_ipv4
host['asset_group'] = host_rec.f_asset_group
if host_rec.f_ipv6:
host['ipv6'] = host_rec.f_ipv6
if host_rec.f_macaddr:
host['macaddr'] = host_rec.f_macaddr
if host_rec.f_hostname:
host['hostname'] = host_rec.f_hostname.decode('utf-8')
if host_rec.f_netbios_name:
host['netbios_name'] = host_rec.f_netbios_name.decode('utf-8')
# build the os information using the highest certainty record
highest = (0, None)
for os_rec in db(db.t_host_os_refs.f_hosts_id == host_rec.id).select():
if os_rec.f_certainty > highest[0]:
highest = (os_rec.f_certainty, os_rec)
if highest[0] > 0:
# add os element to the host
record = highest[1]
host['os'] = record
host['os']['certainty'] = str(highest[0])
if record.f_class not in notin:
host['os']['class'] = record.f_class
if record.f_family not in notin:
host['os']['family'] = record.f_family
# since some os records may not have a cpe id we'll mask them with
# using their title, replacing spaces with underscores
t_os_rec = db.t_os[record.f_os_id]
if t_os_rec.f_cpename in notin:
cpeid = t_os_rec.f_title.replace(' ', '_')
else:
cpeid = t_os_rec.f_cpename
host['os']['id'] = cpeid
# if the id isn't in os_records, add it
# if 1:
# os_rec = db.t_os[highest[1].f_os_id]
# host['os']['id'] = cpeid
# host['os']['title'] = os_rec.f_title
#
# if os_rec.f_vendor not in notin:
# host['os']['vendor'] = os_rec.f_vendor
#
# if os_rec.f_product not in notin:
# host['os']['product'] = os_rec.f_product
#
# if os_rec.f_version not in notin:
# host['os']['version'] = os_rec.f_version
#
# if os_rec.f_update not in notin:
# host['os']['update'] = os_rec.f_update
#
# if os_rec.f_edition not in notin:
# host['os']['edition'] = os_rec.f_edition
#
# if os_rec.f_language not in notin:
# host['os']['language'] = os_rec.f_language
# snmp strings
snmp_recs = db(db.t_snmp.f_hosts_id == host_rec.id).select()
if len(snmp_recs) > 0:
host['snmps'] = []
for record in snmp_recs:
snmp = {}
if record.f_community not in notin:
snmp['community'] = record.f_community.decode('utf-8')
snmp['version'] = record.f_version
snmp['access'] = record.f_access
host['snmps'].append(snmp)
# netbios information
netb_record = db(
db.t_netbios.f_hosts_id == host_rec.id).select().first() or None
if netb_record:
host['netbios'] = {}
if netb_record.f_type not in notin:
host['netbios']['type'] = netb_record.f_type
if netb_record.f_domain not in notin:
host['netbios']['domain'] = netb_record.f_domain.decode(
'utf-8')
if netb_record.f_lockout_limit not in notin:
host['netbios']['lockout_limit'] = str(
netb_record.f_lockout_limit)
if netb_record.f_lockout_duration not in notin:
host['netbios']['lockout_duration'] = str(
netb_record.f_lockout_duration)
if netb_record.f_advertised_names is not None:
for name in netb_record.f_advertised_names:
host['netbios']['advertised_name'] = name.decode('utf-8')
# build the services and vulnerabilities
host['services'] = []
for svc_rec in db(db.t_services.f_hosts_id == host_rec.id).select():
service = {}
service['proto'] = svc_rec.f_proto
service['number'] = int(svc_rec.f_number)
if svc_rec.f_name not in notin:
service['name'] = svc_rec.f_name.decode('utf-8')
else:
service['name'] = T('unknown')
if svc_rec.f_banner not in notin:
service['banner'] = svc_rec.f_banner.decode('utf-8')
# service configuration records
svc_info_recs = db(
db.t_service_info.f_services_id == svc_rec.id).select()
if len(svc_info_recs) > 0:
service['configs'] = []
for info_rec in svc_info_recs:
config = {}
if info_rec.f_name not in notin:
config['name'] = info_rec.f_name
if info_rec.f_text not in notin:
config['text'] = info_rec.f_text.decode('utf-8')
service['configs'].append(config)
# vulnerabilities
svc_vuln_recs = db(
db.t_service_vulns.f_services_id == svc_rec.id).select()
if len(svc_vuln_recs) > 0:
service['vulns'] = []
for vuln_rec in svc_vuln_recs:
vuln = {}
vuln['status'] = vuln_rec.f_status
vuln['proof'] = vuln_rec.f_proof
vulndata = db.t_vulndata[vuln_rec.f_vulndata_id]
vuln['vulninfo'] = vulndata
vuln['id'] = vulndata.f_vulnid
vuln['title'] = vulndata.f_title
vuln['severity'] = str(vulndata.f_severity)
vuln['pci_sev'] = str(vulndata.f_pci_sev)
vuln['cvss_score'] = str(vulndata.f_cvss_score)
vuln['cvssmetrics'] = cvss_metrics(vulndata)
vuln['description'] = vulndata.f_description
vuln['solution'] = vulndata.f_solution
# find vulnerability references and add them
vuln_refs = db(db.t_vuln_references.f_vulndata_id ==
vulndata.id).select()
if len(vuln_refs) > 0:
vuln['refs'] = []
for ref_rec in vuln_refs:
ref = {}
record = db.t_vuln_refs[ref_rec.f_vuln_ref_id]
ref['source'] = record.f_source
ref['text'] = record.f_text.decode('utf-8')
vuln['refs'].append(ref)
# find vulnerability exploits and add them
vuln_exploits = '' #db(db.t_vuln_references.f_vulndata_id == vulndata.id).select()
if len(vuln_exploits) > 0:
vuln['exploits'] = []
for ref_rec in vuln_refs:
ref = {}
record = db.t_vuln_refs[ref_rec.f_vuln_ref_id]
ref['source'] = record.f_source
ref['text'] = record.f_text.decode('utf-8')
vuln['refs'].append(ref)
if (int(vuln['severity']) > 0):
service['vulns'].append(vuln)
vuln['hosts'] = []
vulnhost = {}
vulnhost['ipv4'] = host['ipv4']
if 'hostname' in host:
vulnhost['hostname'] = host['hostname']
else:
vulnhost['hostname'] = host['ipv4']
vulnhost['svcproto'] = service['proto']
vulnhost['svcnumber'] = service['number']
vulnhost['status'] = vuln_rec.f_status
vulnhost['proof'] = vuln_rec.f_proof
vulnhost['url'] = ''
if svc_rec.f_name not in notin:
vulnhost['svcname'] = svc_rec.f_name.decode(
'utf-8')
else:
vulnhost['svcname'] = T('unknown')
if svc_rec.f_banner not in notin:
vulnhost['svcbanner'] = svc_rec.f_banner.decode(
'utf-8')
id = str(vuln_rec.f_vulndata_id)
if id not in vulnerabilities:
vulnerabilities[id] = vuln
vulnerabilities[id]['hosts'].append(vulnhost)
if len(service['vulns']) is 0:
del service['vulns']
host['services'].append(service)
# accounts
#accounts = db(db.t_accounts.f_services_id == svc_rec.id).select()
# if len(accounts) > 0:
# host['accounts'] = []
#
# for acct_rec in accounts:
# account = {}
#
# if acct_rec.f_username not in notin:
# account['username'] = acct_rec.f_username.decode('utf-8')
#
# if acct_rec.f_fullname not in notin:
# account['fullname'] = acct_rec.f_fullname.decode('utf-8')
#
# if acct_rec.f_password not in notin:
# account['password'] = acct_rec.f_password.decode('utf-8')
#
# if acct_rec.f_hash1 not in notin:
# account['hash1'] = acct_rec.f_hash1
#
# if acct_rec.f_hash1_type not in notin:
# account['hash1_type'] = acct_rec.f_hash1_type
#
# if acct_rec.f_hash2 not in notin:
# account['hash2'] = acct_rec.f_hash2
#
# if acct_rec.f_hash2_type not in notin:
# account['hash2_type'] = acct_rec.f_hash2_type
#
# if acct_rec.f_uid not in notin:
# account['uid'] = acct_rec.f_uid
#
# if acct_rec.f_gid not in notin:
# account['gid'] = acct_rec.f_gid
#
# if acct_rec.f_level not in notin:
# account['level'] = acct_rec.f_level
#
# if acct_rec.f_domain not in notin:
# account['domain'] = acct_rec.f_domain.decode('utf-8')
#
# if acct_rec.f_description not in notin:
# account['description'] = acct_rec.f_description.decode('utf-8')
# host['accounts'].append(account)
hosts.append(host)
#response.files.append(URL(request.application,'static','js/jquery.sparkline.js'))
#get JSON from host.list and use mockjax
ext = request.extension
request.extension = 'json'
hostlist = list() #Not an empty list
request.extension = ext
#remove the engineer field from the customers report
hostlist['aaData'][-1]['10'] = None
import re
hostlist = re.sub("href=\"[^>]*>([^<]*)", "href=\"#\\1\">\\1",
str(hostlist))
listjson = hostlist.replace('\"', '\\\"').replace('\'', '\"').replace(
'L, ', ', ').replace('None', 'null')
vulnlst = sorted(vulnerabilities,
key=lambda x: int(vulnerabilities[x]['severity']),
reverse=True)
return dict(vulnlst=vulnlst,
vulnerabilities=vulnerabilities,
statistics=statistics,
adv_stats=adv_stats,
graphs=graphs,
hosts=hosts,
hostfilter=session.hostfilter,
listjson=listjson)
def report():
"""
Genereate a HTML-report with fields from statistics, hosts, vulns, and summaries from the wiki
"""
statistics = db_statistics()
adv_stats = adv_db_statistics()
graphs = graphs_index()
customer = settings.customer
assessment = settings.assessment_typed
start_date = settings.start_date or 'START DATE'
end_date = settings.end_date or 'END DATE'
# grab the filter type and value if provided or from the session
if session.hostfilter is None:
f_type = request.vars.f_type or None
f_value = request.vars.f_value or None
else:
f_type = session.hostfilter[0]
f_value = session.hostfilter[1]
# this is a little hack to ensure a record is either blank or None
# use it as "if variable not in notin:"
notin = [ None, '' ]
unknown_cpeid_counter = 0
hosts = []
vulnerabilities = {}
# go through each host, adding the os, services and vulns accordingly
query = create_hostfilter_query([(f_type, f_value), False])
for host_rec in db(query).select():
host = {}
host['ipv4'] = host_rec.f_ipv4
host['asset_group'] = host_rec.f_asset_group
if host_rec.f_ipv6:
host['ipv6'] = host_rec.f_ipv6
if host_rec.f_macaddr:
host['macaddr'] = host_rec.f_macaddr
if host_rec.f_hostname:
host['hostname'] = host_rec.f_hostname.decode('utf-8')
if host_rec.f_netbios_name:
host['netbios_name'] = host_rec.f_netbios_name.decode('utf-8')
# build the os information using the highest certainty record
highest = (0, None)
for os_rec in db(db.t_host_os_refs.f_hosts_id == host_rec.id).select():
if os_rec.f_certainty > highest[0]:
highest = (os_rec.f_certainty, os_rec)
if highest[0] > 0:
# add os element to the host
record = highest[1]
host['os']=record
host['os']['certainty'] = str(highest[0])
if record.f_class not in notin:
host['os']['class'] = record.f_class
if record.f_family not in notin:
host['os']['family'] = record.f_family
# since some os records may not have a cpe id we'll mask them with
# using their title, replacing spaces with underscores
t_os_rec = db.t_os[record.f_os_id]
if t_os_rec.f_cpename in notin:
cpeid = t_os_rec.f_title.replace(' ', '_')
else:
cpeid = t_os_rec.f_cpename
host['os']['id'] = cpeid
# if the id isn't in os_records, add it
# if 1:
# os_rec = db.t_os[highest[1].f_os_id]
# host['os']['id'] = cpeid
# host['os']['title'] = os_rec.f_title
#
# if os_rec.f_vendor not in notin:
# host['os']['vendor'] = os_rec.f_vendor
#
# if os_rec.f_product not in notin:
# host['os']['product'] = os_rec.f_product
#
# if os_rec.f_version not in notin:
# host['os']['version'] = os_rec.f_version
#
# if os_rec.f_update not in notin:
# host['os']['update'] = os_rec.f_update
#
# if os_rec.f_edition not in notin:
# host['os']['edition'] = os_rec.f_edition
#
# if os_rec.f_language not in notin:
# host['os']['language'] = os_rec.f_language
# snmp strings
snmp_recs = db(db.t_snmp.f_hosts_id == host_rec.id).select()
if len(snmp_recs) > 0:
host['snmps'] = []
for record in snmp_recs:
snmp = {}
if record.f_community not in notin:
snmp['community'] = record.f_community.decode('utf-8')
snmp['version'] = record.f_version
snmp['access'] = record.f_access
host['snmps'].append(snmp)
# netbios information
netb_record = db(db.t_netbios.f_hosts_id == host_rec.id).select().first() or None
if netb_record:
host['netbios'] = {}
if netb_record.f_type not in notin:
host['netbios']['type'] = netb_record.f_type
if netb_record.f_domain not in notin:
host['netbios']['domain'] = netb_record.f_domain.decode('utf-8')
if netb_record.f_lockout_limit not in notin:
host['netbios']['lockout_limit'] = str(netb_record.f_lockout_limit)
if netb_record.f_lockout_duration not in notin:
host['netbios']['lockout_duration'] = str(netb_record.f_lockout_duration)
if netb_record.f_advertised_names is not None:
for name in netb_record.f_advertised_names:
host['netbios']['advertised_name'] = name.decode('utf-8')
# build the services and vulnerabilities
host['services'] = []
for svc_rec in db(db.t_services.f_hosts_id == host_rec.id).select():
service = {}
service['proto'] = svc_rec.f_proto
service['number'] = int(svc_rec.f_number)
if svc_rec.f_name not in notin:
service['name'] = svc_rec.f_name.decode('utf-8')
else:
service['name'] = T('unknown')
if svc_rec.f_banner not in notin:
service['banner'] = svc_rec.f_banner.decode('utf-8')
# service configuration records
svc_info_recs = db(db.t_service_info.f_services_id == svc_rec.id).select()
if len(svc_info_recs) > 0:
service['configs'] = []
for info_rec in svc_info_recs:
config = {}
if info_rec.f_name not in notin:
config['name'] = info_rec.f_name
if info_rec.f_text not in notin:
config['text'] = info_rec.f_text.decode('utf-8')
service['configs'].append(config)
# vulnerabilities
svc_vuln_recs = db(db.t_service_vulns.f_services_id == svc_rec.id).select()
if len(svc_vuln_recs) > 0:
service['vulns'] = []
for vuln_rec in svc_vuln_recs:
vuln = {}
vuln['status'] = vuln_rec.f_status
vuln['proof'] = vuln_rec.f_proof
vulndata = db.t_vulndata[vuln_rec.f_vulndata_id]
vuln['vulninfo'] = vulndata
vuln['id'] = vulndata.f_vulnid
vuln['title'] = vulndata.f_title
vuln['severity'] = str(vulndata.f_severity)
vuln['pci_sev'] = str(vulndata.f_pci_sev)
vuln['cvss_score'] = str(vulndata.f_cvss_score)
vuln['cvssmetrics'] = cvss_metrics(vulndata)
vuln['description'] = vulndata.f_description
vuln['solution'] = vulndata.f_solution
# find vulnerability references and add them
vuln_refs = db(db.t_vuln_references.f_vulndata_id == vulndata.id).select()
if len(vuln_refs) > 0:
vuln['refs'] = []
for ref_rec in vuln_refs:
ref = {}
record = db.t_vuln_refs[ref_rec.f_vuln_ref_id]
ref['source'] = record.f_source
ref['text'] = record.f_text.decode('utf-8')
vuln['refs'].append(ref)
# find vulnerability exploits and add them
vuln_exploits = '' #db(db.t_vuln_references.f_vulndata_id == vulndata.id).select()
if len(vuln_exploits) > 0:
vuln['exploits'] = []
for ref_rec in vuln_refs:
ref = {}
record = db.t_vuln_refs[ref_rec.f_vuln_ref_id]
ref['source'] = record.f_source
ref['text'] = record.f_text.decode('utf-8')
vuln['refs'].append(ref)
if (int(vuln['severity'])>0):
service['vulns'].append(vuln)
vuln['hosts'] = []
vulnhost = {}
vulnhost['ipv4'] = host['ipv4']
if 'hostname' in host:
vulnhost['hostname'] = host['hostname']
else:
vulnhost['hostname'] = host['ipv4']
vulnhost['svcproto'] = service['proto']
vulnhost['svcnumber'] = service['number']
vulnhost['status'] = vuln_rec.f_status
vulnhost['proof'] = vuln_rec.f_proof
vulnhost['url'] = ''
if svc_rec.f_name not in notin:
vulnhost['svcname'] = svc_rec.f_name.decode('utf-8')
else:
vulnhost['svcname'] = T('unknown')
if svc_rec.f_banner not in notin:
vulnhost['svcbanner'] = svc_rec.f_banner.decode('utf-8')
id = str(vuln_rec.f_vulndata_id)
if id not in vulnerabilities:
vulnerabilities[id] = vuln
vulnerabilities[id]['hosts'].append(vulnhost)
if len(service['vulns']) is 0:
del service['vulns']
host['services'].append(service)
# accounts
#accounts = db(db.t_accounts.f_services_id == svc_rec.id).select()
# if len(accounts) > 0:
# host['accounts'] = []
#
# for acct_rec in accounts:
# account = {}
#
# if acct_rec.f_username not in notin:
# account['username'] = acct_rec.f_username.decode('utf-8')
#
# if acct_rec.f_fullname not in notin:
# account['fullname'] = acct_rec.f_fullname.decode('utf-8')
#
# if acct_rec.f_password not in notin:
# account['password'] = acct_rec.f_password.decode('utf-8')
#
# if acct_rec.f_hash1 not in notin:
# account['hash1'] = acct_rec.f_hash1
#
# if acct_rec.f_hash1_type not in notin:
# account['hash1_type'] = acct_rec.f_hash1_type
#
# if acct_rec.f_hash2 not in notin:
# account['hash2'] = acct_rec.f_hash2
#
# if acct_rec.f_hash2_type not in notin:
# account['hash2_type'] = acct_rec.f_hash2_type
#
# if acct_rec.f_uid not in notin:
# account['uid'] = acct_rec.f_uid
#
# if acct_rec.f_gid not in notin:
# account['gid'] = acct_rec.f_gid
#
# if acct_rec.f_level not in notin:
# account['level'] = acct_rec.f_level
#
# if acct_rec.f_domain not in notin:
# account['domain'] = acct_rec.f_domain.decode('utf-8')
#
# if acct_rec.f_description not in notin:
# account['description'] = acct_rec.f_description.decode('utf-8')
# host['accounts'].append(account)
hosts.append(host)
#response.files.append(URL(request.application,'static','js/jquery.sparkline.js'))
#get JSON from host.list and use mockjax
ext = request.extension
request.extension = 'json'
hostlist = list() #Not an empty list
request.extension = ext
#remove the engineer field from the customers report
hostlist['aaData'][-1]['10']=None
import re
hostlist = re.sub("href=\"[^>]*>([^<]*)","href=\"#\\1\">\\1", str(hostlist))
listjson=hostlist.replace('\"','\\\"').replace('\'','\"').replace('L, ',', ').replace('None','null')
vulnlst=sorted(vulnerabilities, key=lambda x: int(vulnerabilities[x]['severity']), reverse=True)
return dict(
vulnlst=vulnlst,
vulnerabilities=vulnerabilities,
statistics=statistics,
adv_stats=adv_stats,
graphs=graphs,
hosts=hosts,
hostfilter=session.hostfilter,
listjson=listjson)