def create_folder(self, name): folder = self.__nescan.create_folder(name) if self.getError(folder): warnMsg = 'create folder {%s} faild : %s'%(name, self.getError(folder)) logger.warn(warnMsg) return return folder
def export_status(self): try: export = self.__nescan.export_status(scan_id = self.scan_id, file_id = self.download['file_id']) self.download['status'] = export['status'] == 'ready' except Exception, e: warnMsg = 'get export status faild : %s'%self.getError(export) logger.warn(warnMsg)
def get_vulnerabilities(self): try: detail = self.__nescan.details(scan_id = self.scan_id) self.vuln = detail['vulnerabilities'] except Exception, e: warnMsg = 'get vulnerabilities faild : %s'%self.getError(detail) logger.warn(warnMsg)
def start(self): scan = self.__nescan.start(self.scan_id) if self.getError(scan): warnMsg = 'create scan_id {%d} faild : %s'%(scan_id, self.getError(scan)) logger.warn(warnMsg) return return scan
def get_scan_history(self): try: detail = self.__nescan.details(scan_id = self.scan_id) self.history = detail['history'] except Exception, e: warnMsg = 'get scan history faild : %s'%self.getError(detail) logger.warn(warnMsg)
def get_vulnerabilitie_info(self, plugin_id): vulnerabilitie = self.__nescan.vulnerabilitie_info(scan_id = self.scan_id, plugin_id = plugin_id) if self.getError(vulnerabilitie): warnMsg = 'get vulnerabilitie info faild : %s'%self.getError(vulnerabilitie) logger.warn(warnMsg) return return vulnerabilitie
def get_folders(self): folders = self.__nescan.folders() if self.getError(folders): warnMsg = 'get folders faild : %s'%self.getError(folders) logger.warn(warnMsg) return self.folders = folders return folders
def set_folder(self, name = None, id = None): if name: folder = self.getFolderByName(name) try: self.settings['folder']['id'] = folder['id'] except Exception,e: warnMsg = 'folder name {%s} is not defined'%name logger.warn(warnMsg) return folder
def set_template(self, name = None, uuid = None): if name: template = self.getScanPolicyTemplateByName(name) try: self.settings['template_uuid'] = template['uuid'] except KeyError: warnMsg = 'template name {%s} is not defined'%name logger.warn(warnMsg) return template self.settings['template_uuid'] = uuid
def set_policy(self, name = None, id = None): if name: policie = self.getPoliciesTemplateByName(name) try: self.settings['policy_id'] = policie['id'] except KeyError: warnMsg = 'policy name {%s} is not defined'%name logger.warn(warnMsg) return policie self.settings['policy_id'] = id
def start(self): self.log('start targets', self.__wvs['targets']) scan = None for target in self.__wvs['targets']: try: scan = self.__wvsrest.start_scan(target['target_id'], profile_id = self.settings['profile_id']) except KeyError: warnMsg = 'start scan target {%s} faild : %s'%(target['address'], self.getError(scan)) logger.warn(warnMsg) #获取scans_id self.current_scans() return self.__wvs['targets']
def list_scans(self, folder_name = None): list = None folder = self.getFolderByName(folder_name) if folder: list = self.__nescan.list_scan(folder['id']) if self.getError(list): warnMsg = 'list scan faild : %s'%self.getError(list) logger.warn(warnMsg) return else: warnMsg = 'folder name {%s} is not defined'%folder_name logger.warn(warnMsg) return list
def add_targets_to_group(self, group_name = None): if group_name: self.set_group(name = group_name) self.log('add targets to group', self.__wvs['targets']) targets_id_arry = [] for scans in self.__wvs['targets']: if scans['target_id']: targets_id_arry.append(scans['target_id']) result = self.__wvsrest.add_targets_to_group(targets_id_arry, self.__wvs['group']['id']) if self.getError(result): warnMsg = 'add targets id {%s} to group {%s} faild : %s'%(targets_id_arry, self.__wvs['group']['id'], self.getError(result)) logger.warn(warnMsg) return result
def scan(self, description = ''): self.log('add target', self.__wvs['targets']) index = 0 for address in self.__wvs['targets']: #添加到target target = self.__wvsrest.add_target(address['address'], description = description) if self.getError(target): self.__wvs['targets'][index]['target_id'] = None warnMsg = 'add target {%s} %s ! '%(address['address'], self.getError(target)) logger.warn(warnMsg) else: self.__wvs['targets'][index]['target_id'] = target['target_id'] index += 1 if self.settings['launch_now']: scan = self.start()
def certificates(self, domain, page = 1, fields = ['parsed.__expanded_names']): domain_dict = {'domain':[], 'metadata': {'count': 0, 'query': 'parsed.names: csdn.net', 'backend_time': 0, u'page': 0,u'pages': 0}} try: c = censys.certificates.CensysCertificates(self.UID, self.SECRET) #paged search result = c.paged_search('parsed.names: %s'%domain, page = page, fields = fields) infoMsg = 'Censysio paged_search parsed.names: %s'%domain logger.info(infoMsg) infoMsg = "{%s} syscen search result ==> %s"%(domain, result) logger.info(infoMsg) if 'ok' in result['status']: domain_dict['metadata'] = result['metadata'] for res in result['results']: domain_dict['domain'].extend(res['parsed.__expanded_names']) if domain_dict['domain']: domain_dict['domain'] = list(set(domain_dict['domain'])) else: #TODO 处理失败 pass except Exception,e: warnMsg = '{parsed.names: %s} %s'%(domain,str(e)) logger.warn(warnMsg)
def scan(self, name, description = ''): infoMsg = '*'*19 + 'create scan' + '*'*19 infoMsg += '\r\n%s'%self.settings['targets']['text'] logger.info(infoMsg) infoMsg = '*'*50 logger.info(infoMsg) scan = self.__nescan.scan(template_uuid = self.settings['template_uuid'], scan_name = name, targets = self.settings['targets']['text'], policy_id = self.settings['policy_id'], folder_id = self.settings['folder']['id'], description = description) try: if scan and self.settings['launch_now']: self.scan_id = scan['scan']['id'] self.start() except KeyError: warnMsg = 'create scan {%s} faild : %s'%(name, self.getError(scan)) logger.warn(warnMsg) return return scan
def location(self, ip): ret = {} params = urllib.urlencode({'ip':ip,'datatype':'jsonp'}) headers = {'token':settings.token} url = settings.ip_api + params request = http.Request(headers, url) request.timeout = 5 request.open() result = eval(request.getHtml()) logger.debug(result) if cmp(result['ret'],'ok') != -1: #检测已知云平台 ret['cloud'] = '' if yun_dict.has_key(result['data'][0]) and result['data'][3] in yun_dict[result['data'][0]]: ret['cloud'] = result['data'][3] #记录未知厂商 elif result['data'][3] not in base_operator: logger.info(result) ret['ip'] = result['ip'] ret['localtion'] = result['data'] return ret else: logger.warn(result['msg'])
class Request(): def __init__(self, headers={}, context=None): self.headers = headers self.context = context self.timeout = 5 def __accept(self, url): if url is None: errMsg = "url is None !" logger.error(errMsg) raise BloblastNoneDataException(errMsg) elif cmp(url[0:4], "http"): errMsg = "{" + url + "}" + " You must start with (http[s]://)" logger.error(errMsg) raise BloblastDataException(errMsg) """def get(self, url = None, lamb = 'GET'): self.__accept(url) try: request = urllib2.Request(url.encode('utf-8'), headers = self.headers) request.get_method = lambda: lamb response = urllib2.urlopen(request, timeout = self.timeout, context = self.context) if not cmp(lamb, 'GET') and response.code == 200: logger.info(url + " 200 ok") except urllib2.HTTPError,e: response = e if hasattr(e, 'code'): warnMsg =url + " " + str(e.code) + " failed" logger.warn(warnMsg) else: errMsg = str(e) + " " +url logger.error(errMsg) #logger.exception("Exception Logged"); return response""" @staticmethod def urlencode(data): return urllib.urlencode(data).replace('+', '%20') def get(self, url, data=None): values = Request.urlencode(data) if values: url += '?' + values response = self.connect(url, lamb='GET') if response: if response.code == 200: logger.info(url + " 200 ok") else: logger.info(url + " %d " % response.code) return response def delete(self, url, data=None): values = Request.urlencode(data) if values: url += '?' + values response = self.connect(url, lamb='DELETE') if response: if response.code == 200: logger.info(url + " 200 ok") else: logger.info(url + " %d " % response.code) return response """def post(self, url = None, values = None, lamb = 'POST'): self.__accept(url) response = None data = None if not cmp(self.headers['Content-Type'], 'application/json'): data = json.dumps(values) elif values: data = Request.urlencode(values) try: request = urllib2.Request(url.encode('utf-8'), data, self.headers) request.get_method = lambda: lamb response = urllib2.urlopen(request, timeout = self.timeout, context = self.context) if not cmp(lamb, 'POST') and response.code == 200: logger.info(url + " 200 ok") except urllib2.HTTPError,e: response = e if hasattr(e, 'code'): warnMsg =url + " " + str(e.code) + " failed" logger.warn(warnMsg) else: errMsg = str(e) + " " +url logger.error(errMsg) #logger.exception("Exception Logged"); return response""" def connect(self, url, lamb, values=None): self.__accept(url) response = None data = None #JSON 请求 if values and self.headers.has_key('Content-Type') and not cmp( self.headers['Content-Type'], 'application/json'): data = json.dumps(values) elif values: data = Request.urlencode(values) print data data = Request.urlencode(values) print data try: request = urllib2.Request(url.encode('utf-8'), data, self.headers) request.get_method = lambda: lamb response = urllib2.urlopen(request, timeout=self.timeout, context=self.context) except urllib2.HTTPError, e: response = e """ print e.code print e.reason print e.geturl() print e.read() """ except Exception, e: if hasattr(e, 'code'): warnMsg = url + " " + str(e.code) + " failed" logger.warn(warnMsg) else: errMsg = str(e) + " " + url logger.error(errMsg)