Ejemplo n.º 1
0
def execute_action(ws, objects, rule, _server):
    logger.info("Running actions of rule '%s' :" % rule['id'])
    actions = rule['actions']
    _objs_value = None
    if 'object' in rule:
        _objs_value = rule['object']

    for obj in objects:
        for action in actions:
            action = action.strip('--')
            command, expression = action.split(':')

            if command == 'UPDATE':
                key, value = expression.split('=')
                if obj.class_signature == 'VulnerabilityWeb' or obj.class_signature == 'Vulnerability':
                    if update_vulnerability(ws, obj, key, value, _server):
                        insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=key, value=value)

                if obj.class_signature == 'Service':
                    update_service(ws, obj, key, value)

                if obj.class_signature == 'Host':
                    update_host(ws, obj, key, value)

            elif command == 'DELETE':
                if obj.class_signature == 'VulnerabilityWeb':
                    models.delete_vuln_web(ws, obj.id)
                    logger.info(" Deleting vulnerability web '%s' with id '%s':" % (obj.name, obj.id))
                    insert_rule(rule['id'], command, obj, _objs_value)

                elif obj.class_signature == 'Vulnerability':
                    models.delete_vuln(ws, obj.id)
                    logger.info("Deleting vulnerability '%s' with id '%s':" % (obj.name, obj.id))

                elif obj.class_signature == 'Service':
                    models.delete_service(ws, obj.id)
                    logger.info("Deleting service '%s' with id '%s':" % (obj.name, obj.id))

                elif obj.class_signature == 'Host':
                    models.delete_host(ws, obj.id)
                    logger.info("Deleting host '%s' with id '%s':" % (obj.name, obj.id))

            elif command == 'EXECUTE':
                if subprocess.call(expression, shell=True, stdin=None) is 0:
                    logger.info("Running command: '%s'" % expression)
                    insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression)
                else:
                    logger.error("Operation fail running command: '%s'" % expression)
                    return False
            else:
                subject = 'Faraday searcher alert'
                body = '%s %s have been modified by rule %s at %s' % (
                    obj.class_signature, obj.name, rule['id'], str(datetime.now()))
                send_mail(expression, subject, body)
                insert_rule(rule['id'], command, obj, _objs_value, fields=None, key=None, value=expression)
                logger.info("Sending mail to: '%s'" % expression)
    return True
Ejemplo n.º 2
0
def main(workspace='', args=None, parser=None):
    parser.add_argument('-y', '--yes', action="store_true")
    parsed_args = parser.parse_args(args)
    if not parsed_args.yes:
        msg = ("Are you sure you want to delete all hosts in the "
               "workspace {}? This action can't be undone [y/n] ".format(
                   workspace))
        if raw_input(msg) not in ('y', 'yes'):
            return 1, None
    for host in models.get_hosts(workspace):
        print('Delete Host:' + host.name)
        models.delete_host(workspace, host.id)
    return 0, None
Ejemplo n.º 3
0
def main(workspace='', args=None, parser=None):
    parser.add_argument('-y', '--yes', action="store_true")
    parsed_args = parser.parse_args(args)
    if not parsed_args.yes:
        msg = ("Are you sure you want to delete all hosts in the "
               "workspace {}? This action can't be undone [y/n] ".format(
                   workspace))
        if raw_input(msg) not in ('y', 'yes'):
            return 1, None
    for host in models.get_hosts(workspace):
        print('Delete Host:' + host.name)
        models.delete_host(workspace, host.id)
    return 0, None
Ejemplo n.º 4
0
def execute_action(ws, objects, rule, _server):
    logger.info("Running actions of rule '%s' :" % rule['id'])
    actions = rule['actions']
    _objs_value = None
    if 'object' in rule:
        _objs_value = rule['object']

    for obj in objects:
        for action in actions:
            action = action.strip('--')
            command, expression = action.split(':')

            if command == 'UPDATE':
                key, value = expression.split('=')
                if obj.class_signature == 'VulnerabilityWeb' or obj.class_signature == 'Vulnerability':
                    if update_vulnerability(ws, obj, key, value, _server):
                        insert_rule(rule['id'],
                                    command,
                                    obj,
                                    _objs_value,
                                    fields=None,
                                    key=key,
                                    value=value)

                if obj.class_signature == 'Service':
                    update_service(ws, obj, key, value)

                if obj.class_signature == 'Host':
                    update_host(ws, obj, key, value)

            elif command == 'DELETE':
                if obj.class_signature == 'VulnerabilityWeb':
                    models.delete_vuln_web(ws, obj.id)
                    logger.info(
                        " Deleting vulnerability web '%s' with id '%s':" %
                        (obj.name, obj.id))
                    insert_rule(rule['id'], command, obj, _objs_value)

                elif obj.class_signature == 'Vulnerability':
                    models.delete_vuln(ws, obj.id)
                    logger.info("Deleting vulnerability '%s' with id '%s':" %
                                (obj.name, obj.id))

                elif obj.class_signature == 'Service':
                    models.delete_service(ws, obj.id)
                    logger.info("Deleting service '%s' with id '%s':" %
                                (obj.name, obj.id))

                elif obj.class_signature == 'Host':
                    models.delete_host(ws, obj.id)
                    logger.info("Deleting host '%s' with id '%s':" %
                                (obj.name, obj.id))

            elif command == 'EXECUTE':
                if subprocess.call(expression, shell=True, stdin=None) is 0:
                    logger.info("Running command: '%s'" % expression)
                    insert_rule(rule['id'],
                                command,
                                obj,
                                _objs_value,
                                fields=None,
                                key=None,
                                value=expression)
                else:
                    logger.error("Operation fail running command: '%s'" %
                                 expression)
                    return False
            else:
                subject = 'Faraday searcher alert'
                body = '%s %s have been modified by rule %s at %s' % (
                    obj.class_signature, obj.name, rule['id'],
                    str(datetime.now()))
                send_mail(expression, subject, body)
                insert_rule(rule['id'],
                            command,
                            obj,
                            _objs_value,
                            fields=None,
                            key=None,
                            value=expression)
                logger.info("Sending mail to: '%s'" % expression)
    return True
Ejemplo n.º 5
0
def main(workspace=''):
    
    for host in models.get_hosts(workspace):
        print('Delete Host:' + host.name)
        models.delete_host(workspace, host.id)