Ejemplo n.º 1
0
def scheduled_scan():
    scan_starttime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    session_id = base64.b64encode(
        scan_starttime.encode("ascii")).decode("ascii")
    utils.config_test()
    exploitdb_success = False
    if cp.get('exploitdb', 'use_exploitdb') == 'True':
        ExploitDB.download_vulndata(langdata)
        extracted = ExploitDB.extract_windows_exploit(langdata)
        exploitdb_vulndata = ExploitDB.parse_vulndata(extracted)
        if exploitdb_vulndata is not None:
            exploitdb_success = True
    if cp.get('general', 'do_not_save_vulndata') == 'True':
        os.remove(cp.get('exploitdb', 'vulndata_filename'))
    jvn_success = False
    if cp.get('jvn', 'use_jvn') == 'True':
        jvn_vulndata = JVN.download_vulndata(langdata)
        if jvn_vulndata is not None:
            jvn_success = True
    nvd_success = False
    if cp.get('nvd', 'use_nvd') == 'True':
        nvd_vulndata = NVD.download_vulndata(langdata)
        if nvd_vulndata is not None:
            nvd_success = True
    installed = {}
    installed.update(local_app.getapp_from_wmi())
    installed.update(local_app.getapp_from_hklm())
    installed.update(local_app.getapp_from_hklmwow64())
    installed.update(local_app.getapp_from_hkcu())
    result = {}
    count = 0
    scanret_exploitdb = ExploitDB.scan(langdata, exploitdb_vulndata, installed)
    scanret_jvn = JVN.scan(langdata, jvn_vulndata, installed)
    scanret_nvd = NVD.scan(langdata, nvd_vulndata, installed)
    scanret_winupdate = WindowsUpdate.scan(langdata)
    result.update(scanret_exploitdb[0])
    result.update(scanret_jvn[0])
    result.update(scanret_nvd[0])
    result.update(scanret_winupdate[0])
    count = scanret_exploitdb[1] + scanret_jvn[1] + scanret_nvd[
        1] + scanret_winupdate[1]
    scan_endtime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    history = '''
    Session ID: {}
    Scan started at: {}
    Scan ended at: {}
    Found vulnerable application and available update: {}
    DetExploit Version: {}
    #####################################################################
    '''.format(session_id, scan_starttime, scan_endtime, count,
               DETEXPLOIT_VERSION)
    with open('../history.detexploit', 'w') as wh:
        wh.write(history)
    report.generate_report(langdata, DETEXPLOIT_VERSION, session_id, count,
                           scan_starttime, scan_endtime, exploitdb_success,
                           jvn_success, nvd_success, result)
Ejemplo n.º 2
0
def scan():
    pythoncom.CoInitialize()
    DETEXPLOIT_VERSION = 'v1.4-ALPHA-GUI'
    scan_starttime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    session_id = base64.b64encode(scan_starttime.encode("ascii")).decode("ascii")
    utils.config_test()

    progress_label.config(text=langdata['EXPLOITDB_DOWNLOAD_INTRO'])
    ExploitDB_RetData = ExploitDB.proc_data(langdata)
    ExploitDB_VulnData = ExploitDB_RetData[0]
    ExploitDB_Success = ExploitDB_RetData[1]

    progress_label.config(text=langdata['JVN_DOWNLOAD_INTRO'])
    JVN_RetData = proc_jvn()
    JVN_VulnData = JVN_RetData[0]
    JVN_Success = JVN_RetData[1]

    progress_label.config(text=langdata['NVD_DOWNLOAD_INTRO'])
    NVD_RetData = NVD.proc_data(langdata)
    NVD_VulnData = NVD_RetData[0]
    NVD_Success = NVD_RetData[1]

    progress_label.config(text=langdata['GET_LOCAL_APP'])
    installed = local_app.get_all()

    ## Scan #############################################################
    result = {}
    count = 0

    scanret_exploitdb = ExploitDB.scan(langdata, ExploitDB_VulnData, installed)
    scanret_jvn = JVN.scan(langdata, JVN_VulnData, installed)
    scanret_nvd = NVD.scan(langdata, NVD_VulnData, installed)
    scanret_winupdate = WindowsUpdate.scan(langdata)

    result.update(scanret_exploitdb[0])
    result.update(scanret_jvn[0])
    result.update(scanret_nvd[0])
    result.update(scanret_winupdate[0])
    
    count = scanret_exploitdb[1] + scanret_jvn[1] + scanret_nvd[1] + scanret_winupdate[1]
    #####################################################################
    scan_endtime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    history = '''
    Session ID: {}
    Scan started at: {}
    Scan ended at: {}
    Found vulnerable application and available update: {}
    DetExploit Version: {}

    #####################################################################

    '''.format(session_id, scan_starttime, scan_endtime, count, DETEXPLOIT_VERSION)
    with open('../history.detexploit', 'w') as wh:
        wh.write(history)

    ## Report ###########################################################
    report.generate_report( langdata, 
                            DETEXPLOIT_VERSION, 
                            session_id, 
                            count, 
                            scan_starttime, 
                            scan_endtime, 
                            ExploitDB_Success, 
                            JVN_Success, 
                            NVD_Success, 
                            result)
Ejemplo n.º 3
0
def scan():
    pythoncom.CoInitialize()
    DETEXPLOIT_VERSION = 'v1.4-ALPHA-GUI'
    scan_starttime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    session_id = base64.b64encode(
        scan_starttime.encode("ascii")).decode("ascii")
    utils.config_test(cp)  ### no cp  default

    ExploitDB_VulnData = {}
    ExploitDB_Success = {}
    if os.path.isfile('ExploitDB.pickle') and os.path.isfile(
            'ExploitDB_Success.pickle'):
        with open('ExploitDB.pickle', 'rb') as f:
            ExploitDB_VulnData = pickle.load(f)
        with open('ExploitDB_Success.pickle', 'rb') as f:
            ExploitDB_Success = pickle.load(f)
    else:
        progress_label.config(text=langdata['EXPLOITDB_DOWNLOAD_INTRO'])
        ExploitDB_RetData = ExploitDB.proc_data(cp, langdata)
        ExploitDB_VulnData = ExploitDB_RetData[0]
        ExploitDB_Success = ExploitDB_RetData[1]

        with open('ExploitDB.pickle', 'wb') as f:
            pickle.dump(ExploitDB_VulnData, f, pickle.HIGHEST_PROTOCOL)
        with open('ExploitDB_Success.pickle', 'wb') as f:
            pickle.dump(ExploitDB_Success, f, pickle.HIGHEST_PROTOCOL)

    JVN_VulnData = {}
    JVN_Success = {}
    if os.path.isfile('JVN.pickle') and os.path.isfile('JVN_Success.pickle'):
        with open('JVN.pickle', 'rb') as f:
            JVN_VulnData = pickle.load(f)
        with open('JVN_Success.pickle', 'rb') as f:
            JVN_Success = pickle.load(f)
    else:
        progress_label.config(text=langdata['JVN_DOWNLOAD_INTRO'])
        JVN_RetData = JVN.proc_data(cp, langdata)
        JVN_VulnData = JVN_RetData[0]
        JVN_Success = JVN_RetData[1]

        with open('JVN.pickle', 'wb') as f:
            pickle.dump(JVN_VulnData, f, pickle.HIGHEST_PROTOCOL)
        with open('JVN_Success.pickle', 'wb') as f:
            pickle.dump(JVN_Success, f, pickle.HIGHEST_PROTOCOL)

    NVD_VulnData = {}
    NVD_Success = {}
    if os.path.isfile('NVD.pickle') and os.path.isfile('NVD_Success.pickle'):
        with open('NVD.pickle', 'rb') as f:
            NVD_VulnData = pickle.load(f)
        with open('NVD_Success.pickle', 'rb') as f:
            NVD_Success = pickle.load(f)
    else:
        progress_label.config(text=langdata['NVD_DOWNLOAD_INTRO'])
        NVD_RetData = NVD.proc_data(cp, langdata)
        NVD_VulnData = NVD_RetData[0]
        NVD_Success = NVD_RetData[1]

        with open('NVD.pickle', 'wb') as f:
            pickle.dump(NVD_VulnData, f, pickle.HIGHEST_PROTOCOL)
        with open('NVD_Success.pickle', 'wb') as f:
            pickle.dump(NVD_Success, f, pickle.HIGHEST_PROTOCOL)

    progress_label.config(text=langdata['GET_LOCAL_APP'])
    installed = local_app.get_all()

    ## Scan #############################################################

    count = 0
    i = 0
    print("DICCIONARIOO EXPLLLLLOITDB_VULNDATA")
    #print(len(ExploitDB_VulnData))
    for key in ExploitDB_VulnData:
        i = i + 1
        if i > 10: break
        print("Clave: " + key + " Valor: " + ExploitDB_VulnData[key])

    i = 0
    print("DICCIONARIOO JVN_VulnData")
    #print(len(JVN_VulnData))
    for key in JVN_VulnData:
        i = i + 1
        if i > 10: break
        print("Clave: " + key + " Valor: " + JVN_VulnData[key])

    i = 0
    print("DICCIONARIOO  NVD_VulnData")
    #print(len(NVD_VulnData))
    for key in NVD_VulnData:
        i = i + 1
        if i > 10: break
        print("Clave: " + key + " Valor: " + NVD_VulnData[key])

    scanret_exploitdb = ExploitDB.scan(langdata, ExploitDB_VulnData, installed)
    scanret_jvn = JVN.scan(langdata, JVN_VulnData, installed)
    scanret_nvd = NVD.scan(langdata, NVD_VulnData, installed)
    scanret_winupdate = WindowsUpdate.scan(langdata)

    result = {}

    result.update(scanret_exploitdb[0])
    result.update(scanret_jvn[0])
    result.update(scanret_nvd[0])
    result.update(scanret_winupdate[0])

    count = scanret_exploitdb[1] + scanret_jvn[1] + scanret_nvd[
        1]  # + scanret_winupdate[1]
    #####################################################################
    scan_endtime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    history = '''
    Session ID: {}
    Scan started at: {}
    Scan ended at: {}
    Found vulnerable application and available update: {}
    DetExploit Version: {}

    #####################################################################

    '''.format(session_id, scan_starttime, scan_endtime, count,
               DETEXPLOIT_VERSION)
    with open('../history.detexploit', 'w') as wh:
        wh.write(history)
    resultdict = {}
    ## Report ###########################################################
    report.generate_report(cp, langdata, DETEXPLOIT_VERSION, session_id, count,
                           scan_starttime, scan_endtime, ExploitDB_Success,
                           JVN_Success, NVD_Success, result)
Ejemplo n.º 4
0
def main(session_id, cp, langdata):
    DETEXPLOIT_VERSION = 'v1.4-ALPHA-CLI'
    scan_starttime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    if session_id == None:
        session_id = base64.b64encode(
            scan_starttime.encode("ascii")).decode("ascii")
    utils.config_test(cp)

    ExploitDB_RetData = ExploitDB.proc_data(cp, langdata)
    ExploitDB_VulnData = ExploitDB_RetData[0]
    ExploitDB_Success = ExploitDB_RetData[1]

    JVN_RetData = JVN.proc_data(cp, langdata)
    JVN_VulnData = JVN_RetData[0]
    JVN_Success = JVN_RetData[1]

    NVD_RetData = NVD.proc_data(cp, langdata)
    NVD_VulnData = NVD_RetData[0]
    NVD_Success = NVD_RetData[1]

    installed = local_app.get_all()

    ## Scan #############################################################
    result = {}
    count = 0

    scanret_exploitdb = ExploitDB.scan(langdata, ExploitDB_VulnData, installed)
    scanret_jvn = JVN.scan(langdata, JVN_VulnData, installed)
    scanret_nvd = NVD.scan(langdata, NVD_VulnData, installed)
    scanret_winupdate = WindowsUpdate.scan(langdata)

    result.update(scanret_exploitdb[0])
    result.update(scanret_jvn[0])
    result.update(scanret_nvd[0])
    result.update(scanret_winupdate[0])

    count = scanret_exploitdb[1] + scanret_jvn[1] + scanret_nvd[
        1] + scanret_winupdate[1]
    #####################################################################

    scan_endtime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    history = '''
    Session ID: {}
    Scan started at: {}
    Scan ended at: {}
    Found vulnerable application and available update: {}
    DetExploit Version: {}

    #####################################################################

    '''.format(session_id, scan_starttime, scan_endtime, count,
               DETEXPLOIT_VERSION)
    with open('../history.detexploit', 'w') as wh:
        wh.write(history)

    ## Report ###########################################################
    report.generate_report(cp, langdata, DETEXPLOIT_VERSION, session_id, count,
                           scan_starttime, scan_endtime, ExploitDB_Success,
                           JVN_Success, NVD_Success, result)

    cprint('===========================================================',
           'red')
    cprint(langdata['RESONE'] + str(count) + langdata['RESTWO'], 'red')
    cprint('===========================================================',
           'red')
Ejemplo n.º 5
0
def main():
    global session_id

    cprint(figlet_format('   DetExploit'), 'red', attrs=['bold'], end='')
    print('===========================================================')
    print(langdata['WELCOME_MESSAGE'])
    print('===========================================================')

    scan_starttime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    if session_id == None:
        session_id = base64.b64encode(
            scan_starttime.encode("ascii")).decode("ascii")
    utils.config_test()

    ## ExploitDB ########################################################
    exploitdb_success = False

    if cp.get('exploitdb', 'use_exploitdb') == 'True':
        ExploitDB.download_vulndata(langdata)
        extracted = ExploitDB.extract_windows_exploit(langdata)
        exploitdb_vulndata = ExploitDB.parse_vulndata(extracted)
        if exploitdb_vulndata is not None:
            exploitdb_success = True
    if cp.get('general', 'do_not_save_vulndata') == 'True':
        os.remove(cp.get('exploitdb', 'vulndata_filename'))
    #####################################################################

    ## JVN ##############################################################
    jvn_success = False

    if cp.get('jvn', 'use_jvn') == 'True':
        jvn_vulndata = JVN.download_vulndata(langdata)
        if jvn_vulndata is not None:
            jvn_success = True
    #####################################################################

    ## NVD ##############################################################
    nvd_success = False

    if cp.get('nvd', 'use_nvd') == 'True':
        nvd_vulndata = NVD.download_vulndata(langdata)
        if nvd_vulndata is not None:
            nvd_success = True
    #####################################################################

    ## Get locally installed applications ###############################
    installed = {}

    installed.update(local_app.getapp_from_wmi())
    installed.update(local_app.getapp_from_hklm())
    installed.update(local_app.getapp_from_hklmwow64())
    installed.update(local_app.getapp_from_hkcu())
    #####################################################################

    ## Scan #############################################################
    result = {}
    count = 0

    scanret_exploitdb = ExploitDB.scan(langdata, exploitdb_vulndata, installed)
    scanret_jvn = JVN.scan(langdata, jvn_vulndata, installed)
    scanret_nvd = NVD.scan(langdata, nvd_vulndata, installed)
    scanret_winupdate = WindowsUpdate.scan(langdata)

    result.update(scanret_exploitdb[0])
    result.update(scanret_jvn[0])
    result.update(scanret_nvd[0])
    result.update(scanret_winupdate[0])

    count = scanret_exploitdb[1] + scanret_jvn[1] + scanret_nvd[
        1] + scanret_winupdate[1]
    #####################################################################

    scan_endtime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
    history = '''
    Session ID: {}
    Scan started at: {}
    Scan ended at: {}
    Found vulnerable application and available update: {}
    DetExploit Version: {}
    #####################################################################
    '''.format(session_id, scan_starttime, scan_endtime, count,
               DETEXPLOIT_VERSION)
    with open('../history.detexploit', 'w') as wh:
        wh.write(history)

    ## Report ###########################################################
    report.generate_report(langdata, DETEXPLOIT_VERSION, session_id, count,
                           scan_starttime, scan_endtime, exploitdb_success,
                           jvn_success, nvd_success, result)

    cprint('===========================================================',
           'red')
    cprint(langdata['RESONE'] + str(count) + langdata['RESTWO'], 'red')
    cprint('===========================================================',
           'red')
Ejemplo n.º 6
0
    def scan_main(self):
        pythoncom.CoInitialize()
        scan_starttime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")
        session_id = base64.b64encode(scan_starttime.encode("ascii")).decode("ascii")
        self.update_status(langdata['OP_START'])

        ## ExploitDB ########################################################
        exploitdb_success = False

        self.update_status(langdata['EXPLOITDB_DOWNLOAD_INTRO'])
        if cp.get('exploitdb', 'use_exploitdb') == 'True':
            ExploitDB.download_vulndata(langdata)
            self.update_status(langdata['EXPLOITDB_EXTRACT_GUI'])
            extracted = ExploitDB.extract_windows_exploit(langdata)
            self.update_status(langdata['EXPLOITDB_PARSE'])
            exploitdb_vulndata = ExploitDB.parse_vulndata(extracted)
            if exploitdb_vulndata is not None:
                exploitdb_success = True
        if cp.get('general', 'do_not_save_vulndata') == 'True':
            os.remove(cp.get('exploitdb', 'vulndata_filename'))
        #####################################################################

        ## JVN ##############################################################
        jvn_success = False

        self.update_status(langdata['JVN_DOWNLOAD_INTRO'])
        if cp.get('jvn', 'use_jvn') == 'True':
            self.jvn_download_vulndata(langdata)
            jvn_vulndata = product_dict
            if jvn_vulndata is not None:
                jvn_success = True
        #####################################################################

        ## NVD ##############################################################
        nvd_success = False

        self.update_status(langdata['NVD_DOWNLOAD_INTRO'])
        if cp.get('nvd', 'use_nvd') == 'True':
            nvd_vulndata = NVD.download_vulndata(langdata)
            if nvd_vulndata is not None:
                nvd_success = True
        #####################################################################

        ## Get locally installed applications ###############################
        installed = {}

        self.update_status(langdata['WMI_APP_RET'])
        installed.update(local_app.getapp_from_wmi())
        self.update_status(langdata['REG_APP_RET'])
        installed.update(local_app.getapp_from_hklm())
        installed.update(local_app.getapp_from_hklmwow64())
        installed.update(local_app.getapp_from_hkcu())
        #####################################################################

        ## Scan #############################################################
        result = {}
        count = 0

        self.update_status(langdata['SCAN_MSG_ONE'])
        scanret_exploitdb = ExploitDB.scan(langdata, exploitdb_vulndata, installed)
        scanret_jvn = JVN.scan(langdata, jvn_vulndata, installed)
        scanret_nvd = NVD.scan(langdata, nvd_vulndata, installed)
        self.update_status(langdata['SCAN_MSG_TWO'])
        scanret_winupdate = WindowsUpdate.scan(langdata)

        result.update(scanret_exploitdb[0])
        result.update(scanret_jvn[0])
        result.update(scanret_winupdate[0])
    
        count = scanret_exploitdb[1] + scanret_jvn[1] + scanret_winupdate[1]
        #####################################################################

        scan_endtime = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S")

        ## Report ###########################################################
        self.update_status(langdata['GEN_REPORT'])
        report.generate_report( langdata, 
                                'v1.4-ALPHA-GUI', 
                                session_id, 
                                count, 
                                scan_starttime, 
                                scan_endtime, 
                                exploitdb_success, 
                                jvn_success, 
                                nvd_success, 
                                result)
        #####################################################################

        self.update_status(langdata['SCAN_END'])