def parse(self, report) -> [Dict, Dict]:
for r in report.findall('.//results/result'):
if float(r.find('nvt//cvss_base').text) > 0:
ip_address = r.find('./host').text
self.__scanned_host.append(ip_address)
asset = AssetDocument.get_or_create(ip_address, self._config)
tags = self.parse_tags(r.find('./nvt/tags').text)
for cve in r.find('./nvt//cve').text.split(','):
port = r.find('./port').text.split('/')[0]
protocol = r.find('./port').text.split('/')[1]
oid = r.find('./nvt').attrib.get('oid')
cve = self.get_cve(cve, oid, tags)
if port == 'general':
port = None
protocol = None
uid = self._vuln_id(ip_address, port, oid)
self.__parsed[uid] = VulnerabilityDocument(
id=uid,
port=port,
protocol=protocol,
description=r.find('./description').text,
solution=tags['solution'],
cve=cve,
asset=asset,
source='OpenVas'
)
return self.__parsed, self.__scanned_host
def _create(self, item: dict):
vuln = VulnerabilityDocument()
for field in VulnerabilityDocument.get_fields_name():
if field in item:
try:
setattr(vuln, field, item[field])
except (KeyError, IndexError):
setattr(vuln, field, 'UNKNOWN')
vuln.source = 'Nessus'
self.__parsed[vuln.id] = vuln
def create_vulnerability(asset, cve, save=True, index=None):
vulnerability = VulnerabilityDocument(id=F"{asset.id}-{cve.id}",
asset=asset,
cve=cve,
description='description',
solution='solution',
port=22,
svc_name='ssh',
protocol='tcp',
tags=['test'])
if save:
vulnerability.save(index=index)
return vulnerability
def generate_vulns(asset_count, asset_search, cve_sets):
bulk_executor = concurrent.futures.ThreadPoolExecutor(max_workers=4)
bulk_pool, vulns, assets = [], [], []
asset_vuln = {}
vuln_count = 0
step = 10
for a in asset_search.scan():
asset_vuln[a.ip_address] = []
assets.append(a)
while vuln_count / asset_count < 30:
vuln_count = 0
if len(assets) == 0:
break
for asset in assets:
cve_set = cve_sets[asset.os]
if len(cve_sets[asset.os]) == len(asset_vuln[asset.ip_address]):
asset.last_scan_date = datetime.now()
assets.remove(asset)
asset.save()
break
cve = random.choice(cve_set)
if cve.id not in asset_vuln[asset.ip_address]:
asset_vuln[asset.ip_address].append(cve)
vulns.append(
VulnerabilityDocument(
id=F'{asset.id}-{cve.id}',
asset=asset,
cve=cve,
name=F'Detected {cve.id} for {asset.ip_address}',
description=cve.summary,
solution='Sample solution received from scanner',
protocol='tcp',
created_date=datetime.now(),
modified_date=datetime.now(),
source='Generate Vulns Script',
scan_file_url='http://generated_from_script').to_dict(
))
if len(vulns) > 10000:
bulk_pool.append(bulk_executor.submit(_bulk, vulns))
vulns = []
for ip in asset_vuln:
vuln_count += len(asset_vuln[ip])
if vuln_count / asset_count > step:
print(F'Generated vulns: {vuln_count}, '
F'assets count: {asset_count}, '
F'ratio: {round(vuln_count / asset_count, 2)}')
step += 10
if vulns:
bulk_pool.append(bulk_executor.submit(_bulk, vulns))
concurrent.futures.wait(bulk_pool)
print(F'Generated vulns: {vuln_count}, '
F'assets count: {asset_count}, '
F'ratio: {round(vuln_count / asset_count, 2)}')
def test_environmental_score_v3(self, scope, cr, ir, ar, expected):
self.prepare_asset(cr, ir, ar)
self.change_scope(scope)
vuln = VulnerabilityDocument(cve=self.cve, asset=self.asset)
self.assertEqual(tasks.calculate_environmental_score_v3(vuln),
expected)
def test_calculate_environmental_score_v2(self, cr, ir, ar, expected):
self.prepare_asset(cr, ir, ar)
vuln = VulnerabilityDocument(cve=self.cve, asset=self.asset)
self.assertEqual(
tasks.calculate_environmental_score_v2(vuln, 100, 100), expected)